Jump to content

Strange Infection


boston

Recommended Posts

Hi

I have what I suspect to be multiple unrelated malware infections. I have lots of scans to run and logs to post, and I will be posting them as my time allows. My issues are my NIC getting shut off for no reason, settings being changed periodically on whether or not Windows will be sued to configure my wireless settings.

I'm running XP 32.

For this post, I will post my Super Anti-Spyware log and my MBAM log. I'm running OTL and dl'ing RK Unhookers as I type this. Please bear with me as I cannot get all of the required logs and such posted at once.

The SAS log:

SUPERAntiSpyware Scan Log

http://www.superantispyware.com

Generated 12/07/2011 at 01:43 PM

Application Version : 5.0.1136

Core Rules Database Version : 8024

Trace Rules Database Version: 5836

Scan type : Complete Scan

Total Scan Time : 01:43:55

Operating System Information

Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)

Administrator

Memory items scanned : 554

Memory threats detected : 0

Registry items scanned : 36191

Registry threats detected : 0

File items scanned : 49354

File threats detected : 46

Adware.Tracking Cookie

www.linuxquestions.org [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0ODWF1P.DEFAULT\COOKIES.SQLITE ]

www.linuxquestions.org [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0ODWF1P.DEFAULT\COOKIES.SQLITE ]

account.thequestionsnetwork.org [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0ODWF1P.DEFAULT\COOKIES.SQLITE ]

account.thequestionsnetwork.org [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0ODWF1P.DEFAULT\COOKIES.SQLITE ]

.www.linuxquestions.org [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0ODWF1P.DEFAULT\COOKIES.SQLITE ]

.www.linuxquestions.org [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0ODWF1P.DEFAULT\COOKIES.SQLITE ]

.www.linuxquestions.org [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0ODWF1P.DEFAULT\COOKIES.SQLITE ]

.www.linuxquestions.org [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0ODWF1P.DEFAULT\COOKIES.SQLITE ]

.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0ODWF1P.DEFAULT\COOKIES.SQLITE ]

.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0ODWF1P.DEFAULT\COOKIES.SQLITE ]

.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0ODWF1P.DEFAULT\COOKIES.SQLITE ]

.liveperson.net [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0ODWF1P.DEFAULT\COOKIES.SQLITE ]

sales.liveperson.net [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0ODWF1P.DEFAULT\COOKIES.SQLITE ]

.liveperson.net [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0ODWF1P.DEFAULT\COOKIES.SQLITE ]

affiliates.commissionaccount.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0ODWF1P.DEFAULT\COOKIES.SQLITE ]

.affiliates.commissionaccount.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0ODWF1P.DEFAULT\COOKIES.SQLITE ]

accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0ODWF1P.DEFAULT\COOKIES.SQLITE ]

accounts.google.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0ODWF1P.DEFAULT\COOKIES.SQLITE ]

www.advertban.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0ODWF1P.DEFAULT\COOKIES.SQLITE ]

.ru4.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.ru4.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.ru4.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.interclick.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.interclick.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.interclick.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.adxpose.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.akamai.interclickproxy.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.interclick.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.interclick.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.burstbeacon.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.lucidmedia.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.lfstmedia.com [ C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

The MBAM log:

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 8329

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

12/7/2011 2:24:24 PM

mbam-log-2011-12-07 (14-24-24).txt

Scan type: Full scan (C:\|)

Objects scanned: 231817

Time elapsed: 2 hour(s), 14 minute(s), 17 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

My OTL.txt:

OTL logfile created on: 12/7/2011 2:36:17 PM - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Christopher\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.35 Mb Total Physical Memory | 340.50 Mb Available Physical Memory | 33.60% Memory free

2.89 Gb Paging File | 2.40 Gb Available in Paging File | 82.97% Paging File free

Paging file location(s): C:\pagefile.sys 2048 2048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 137.67 Gb Total Space | 108.22 Gb Free Space | 78.61% Space Free | Partition Type: NTFS

Computer Name: BOSTON | User Name: Christopher | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/07 14:35:10 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Christopher\Desktop\OTL.exe

PRC - [2011/11/09 08:51:47 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2011/06/29 08:29:44 | 000,217,256 | ---- | M] (Panda Security) -- C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe

PRC - [2011/04/28 13:01:20 | 000,439,616 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe

PRC - [2011/04/28 12:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe

PRC - [2009/11/13 17:00:46 | 000,873,840 | ---- | M] (COMPAL ELECTRONIC INC.) -- C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe

PRC - [2009/10/07 23:10:36 | 000,471,129 | ---- | M] (Atheros Communications, Inc.) -- C:\Program Files\Atheros\ACU.exe

PRC - [2009/10/07 23:10:02 | 000,499,797 | ---- | M] (Atheros) -- C:\WINDOWS\system32\acs.exe

PRC - [2009/09/30 12:08:04 | 000,268,864 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSMain.exe

PRC - [2009/09/17 14:37:18 | 000,111,960 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

PRC - [2009/09/17 14:36:58 | 001,021,272 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

PRC - [2009/08/24 18:25:56 | 000,575,552 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\ThpSrv.exe

PRC - [2008/07/01 14:03:06 | 000,038,200 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe

PRC - [2008/04/14 04:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007/11/21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TODDSrv.exe

PRC - [2005/06/06 09:58:44 | 000,024,576 | ---- | M] (TOSHIBA) -- C:\WINDOWS\system32\ZoomingHook.exe

========== Modules (No Company Name) ==========

MOD - [2011/11/16 22:38:20 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

MOD - [2011/11/09 08:51:41 | 001,989,592 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll

MOD - [2009/09/17 14:36:34 | 000,079,192 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll

MOD - [2009/06/06 00:42:40 | 000,028,672 | ---- | M] () -- C:\WINDOWS\system32\TPeculiarity.dll

MOD - [2009/04/15 16:46:50 | 000,040,960 | ---- | M] () -- C:\WINDOWS\system32\EBLib.DLL

MOD - [2009/04/02 08:35:18 | 000,024,576 | ---- | M] () -- C:\WINDOWS\system32\EKECioCtl.dll

MOD - [2007/02/14 12:55:11 | 000,165,424 | ---- | M] () -- C:\Program Files\Panda Security\Panda Cloud Antivirus\MiniCrypto.dll

MOD - [2007/02/14 12:55:10 | 000,099,888 | ---- | M] () -- C:\Program Files\Panda Security\Panda Cloud Antivirus\APIcr.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (LUVM)

SRV - File not found [Disabled | Stopped] -- -- (HidServ)

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)

SRV - [2011/08/11 15:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)

SRV - [2011/04/28 12:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain)

SRV - [2009/10/07 23:10:02 | 000,499,797 | ---- | M] (Atheros) [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)

SRV - [2009/10/06 08:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)

SRV - [2009/09/29 09:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)

SRV - [2009/09/17 14:37:18 | 000,111,960 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)

SRV - [2009/08/24 18:25:56 | 000,575,552 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\WINDOWS\system32\ThpSrv.exe -- (Thpsrv)

SRV - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)

SRV - [2007/11/21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\WINDOWS\system32\TODDSrv.exe -- (TODDSrv)

========== Driver Services (SafeList) ==========

DRV - [2011/08/01 03:23:20 | 000,143,752 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PSINAflt.sys -- (PSINAflt)

DRV - [2011/07/22 08:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)

DRV - [2011/07/12 13:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)

DRV - [2011/04/28 12:57:57 | 000,112,456 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PSINProt.sys -- (PSINProt)

DRV - [2011/04/28 12:57:38 | 000,129,992 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\PSINKNC.sys -- (PSINKNC)

DRV - [2011/04/28 12:57:38 | 000,111,688 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\PSINProc.sys -- (PSINProc)

DRV - [2011/04/28 12:57:38 | 000,097,096 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\PSINFile.sys -- (PSINFile)

DRV - [2010/06/04 02:29:04 | 001,606,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)

DRV - [2009/11/16 17:34:26 | 005,955,072 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2009/11/06 17:55:56 | 000,177,024 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)

DRV - [2009/09/22 16:40:48 | 000,174,592 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtsUStor.sys -- (RSUSBSTOR)

DRV - [2009/09/21 10:05:42 | 000,018,816 | ---- | M] (Toshiba) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pgsuspend.SYS -- (PGSUSFLT)

DRV - [2009/06/29 09:25:30 | 000,029,760 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\thpdrv.sys -- (Thpdrv)

DRV - [2009/06/22 16:04:58 | 000,024,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PGEffect.sys -- (PGEffect)

DRV - [2009/05/11 18:11:44 | 000,006,528 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Thpevm.SYS -- (Thpevm)

DRV - [2009/03/16 22:19:44 | 000,058,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)

DRV - [2009/03/12 14:09:54 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)

DRV - [2008/08/05 19:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)

DRV - [2008/07/24 13:40:58 | 000,017,192 | ---- | M] (TOSHIBA ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPwSav.sys -- (TPwSav)

DRV - [2007/02/22 15:10:30 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tdcmdpst.sys -- (tdcmdpst)

DRV - [2006/01/04 14:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TSNB&bmod=TSNB

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3298523943-3000498379-3009045840-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKU\S-1-5-21-3298523943-3000498379-3009045840-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://blackboard.sdccd.edu/

IE - HKU\S-1-5-21-3298523943-3000498379-3009045840-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3298523943-3000498379-3009045840-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"

FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"

FF - prefs.js..browser.search.param.yahoo-type: "${8}"

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {dd3d7613-0246-469d-bc65-2a3cc1668adc}:0.7.1.1

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/09 08:51:49 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/10/14 13:22:43 | 000,000,000 | ---D | M]

[2010/06/10 19:24:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Christopher\Application Data\Mozilla\Extensions

[2011/12/06 21:44:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\u0odwf1p.default\extensions

[2011/12/06 21:44:24 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\u0odwf1p.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}

[2010/10/27 15:51:32 | 000,000,000 | ---D | M] (BlockSite) -- C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\u0odwf1p.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}

[2011/11/16 10:49:43 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\u0odwf1p.default\extensions\https-everywhere@eff.org

[2011/11/09 08:52:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2011/10/24 04:52:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

() (No name found) -- C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0ODWF1P.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI

() (No name found) -- C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0ODWF1P.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI

() (No name found) -- C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0ODWF1P.DEFAULT\EXTENSIONS\ADBAN@AD-BAN.APPSPOT.COM.XPI

() (No name found) -- C:\DOCUMENTS AND SETTINGS\CHRISTOPHER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\U0ODWF1P.DEFAULT\EXTENSIONS\ADBLOCKPOPUPS@JESSEHAKANEN.NET.XPI

[2010/07/04 14:55:14 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

[2011/11/09 08:51:47 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2011/10/03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2011/07/11 13:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll

[2010/01/01 00:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2011/11/09 08:51:48 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2011/07/27 06:30:31 | 000,436,064 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.0scan.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 1000gratisproben.com

O1 - Hosts: 127.0.0.1 www.1000gratisproben.com

O1 - Hosts: 127.0.0.1 1001namen.com

O1 - Hosts: 127.0.0.1 www.1001namen.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.10sek.com

O1 - Hosts: 127.0.0.1 www.1-2005-search.com

O1 - Hosts: 127.0.0.1 1-2005-search.com

O1 - Hosts: 15010 more lines...

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O4 - HKLM..\Run: [ACU] C:\Program Files\Atheros\ACU.exe (Atheros Communications, Inc.)

O4 - HKLM..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe (COMPAL ELECTRONIC INC.)

O4 - HKLM..\Run: [Panda Security URL Filtering] C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security)

O4 - HKLM..\Run: [PSUNMain] C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.)

O4 - HKLM..\Run: [ThpSrv] C:\WINDOWS\System32\thpsrv.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [Zooming] C:\WINDOWS\System32\ZoomingHook.exe (TOSHIBA)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-3298523943-3000498379-3009045840-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-3298523943-3000498379-3009045840-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-21-3298523943-3000498379-3009045840-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-21-3298523943-3000498379-3009045840-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O15 - HKU\S-1-5-21-3298523943-3000498379-3009045840-1006\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B56B07C8-B922-4E3B-BB6F-F61CF6D51AC8}: DhcpNameServer = 192.168.2.1

O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)

O24 - Desktop WallPaper: C:\Documents and Settings\Christopher\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Christopher\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010/01/20 17:13:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/07 14:49:45 | 000,719,574 | ---- | C] (UG North ) -- C:\Documents and Settings\Christopher\Desktop\RkU3.8.388.590.exe

[2011/12/07 14:35:07 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Christopher\Desktop\OTL.exe

[2011/11/13 22:32:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Christopher\Recent

[2011/11/10 20:25:42 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2011/11/09 08:40:17 | 000,000,000 | RHSD | C] -- C:\cmdcons

[2011/11/09 08:38:00 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2011/11/09 08:38:00 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2011/11/09 08:38:00 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2011/11/09 08:38:00 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2011/11/08 08:40:14 | 000,000,000 | ---D | C] -- C:\MGtools

[2011/11/08 08:31:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware

[2011/11/08 08:31:53 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/07 14:35:10 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Christopher\Desktop\OTL.exe

[2011/12/07 06:25:28 | 000,504,702 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2011/12/07 06:25:28 | 000,089,390 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2011/12/06 11:01:55 | 000,004,669 | ---- | M] () -- C:\Documents and Settings\Christopher\Local Settings\Application Data\devcpp.ini

[2011/12/06 11:01:55 | 000,000,018 | ---- | M] () -- C:\Documents and Settings\Christopher\Local Settings\Application Data\devcpp.cfg

[2011/12/05 21:30:02 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011/12/05 17:40:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011/12/05 17:40:44 | 1062,645,760 | -HS- | M] () -- C:\hiberfil.sys

[2011/12/05 09:28:38 | 000,115,721 | ---- | M] () -- C:\Documents and Settings\Christopher\Desktop\Essay4F11.pdf

[2011/12/05 08:17:46 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\Update Spybot-S&D.job

[2011/12/05 08:14:27 | 000,000,378 | ---- | M] () -- C:\WINDOWS\tasks\jucheck.job

[2011/12/02 23:08:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

[2011/12/01 16:52:36 | 004,696,228 | ---- | M] () -- C:\Documents and Settings\Christopher\Desktop\Paradise.zip

[2011/11/15 22:33:51 | 033,148,224 | ---- | M] () -- C:\Documents and Settings\Christopher\Desktop\Mushi.zip

[2011/11/15 09:10:20 | 000,219,248 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2011/11/11 23:11:52 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat

[2011/11/11 23:11:52 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat

[2011/11/09 08:40:26 | 000,000,327 | RHS- | M] () -- C:\boot.ini

[2011/11/08 08:43:21 | 000,118,113 | ---- | M] () -- C:\MGlogs.zip

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/05 09:29:08 | 000,115,721 | ---- | C] () -- C:\Documents and Settings\Christopher\Desktop\Essay4F11.pdf

[2011/12/01 16:52:32 | 004,696,228 | ---- | C] () -- C:\Documents and Settings\Christopher\Desktop\Paradise.zip

[2011/11/15 22:33:44 | 033,148,224 | ---- | C] () -- C:\Documents and Settings\Christopher\Desktop\Mushi.zip

[2011/11/09 08:40:25 | 000,000,210 | ---- | C] () -- C:\Boot.bak

[2011/11/09 08:40:21 | 000,260,272 | RHS- | C] () -- C:\cmldr

[2011/11/09 08:38:00 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2011/11/09 08:38:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2011/11/09 08:38:00 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2011/11/09 08:38:00 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2011/11/09 08:38:00 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2011/11/08 08:40:20 | 000,118,113 | ---- | C] () -- C:\MGlogs.zip

[2011/10/04 15:04:38 | 000,000,018 | ---- | C] () -- C:\Documents and Settings\Christopher\Local Settings\Application Data\devcpp.cfg

[2011/10/04 14:27:57 | 011,895,205 | ---- | C] () -- C:\Documents and Settings\Christopher\Local Settings\Application Data\cache.ccc

[2011/10/04 14:25:21 | 000,004,669 | ---- | C] () -- C:\Documents and Settings\Christopher\Local Settings\Application Data\devcpp.ini

[2011/09/07 19:05:06 | 000,000,264 | ---- | C] () -- C:\WINDOWS\System32\PSUNCpl.dat

[2011/09/03 08:32:28 | 000,243,714 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat

[2011/08/15 22:11:09 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat

[2011/08/15 22:11:09 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat

[2011/03/11 14:14:02 | 000,000,105 | ---- | C] () -- C:\WINDOWS\crackpdf.INI

[2011/03/06 20:05:36 | 000,631,808 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2011/03/06 20:05:35 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2010/11/24 12:54:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\TPTray.INI

[2010/11/10 02:14:26 | 000,288,440 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

[2010/11/01 19:05:36 | 000,046,592 | ---- | C] () -- C:\Documents and Settings\Christopher\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/07/04 13:36:10 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2010/06/10 19:24:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2010/06/10 19:12:33 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll

[2010/06/10 19:11:40 | 000,000,013 | RHS- | C] () -- C:\WINDOWS\System32\drivers\fbd.sys

[2010/04/22 13:26:54 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2010/04/22 13:20:25 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\TDispVol.dll

[2010/04/22 13:15:27 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\EBLib.DLL

[2010/04/22 13:13:54 | 000,262,217 | ---- | C] () -- C:\WINDOWS\System32\IPTests.dll

[2010/04/22 13:07:36 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX0.dat

[2010/01/20 17:45:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI

[2010/01/20 17:15:03 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2010/01/20 17:11:27 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2010/01/20 17:10:42 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini

[2010/01/20 16:39:19 | 000,000,353 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

[2010/01/20 16:32:09 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2010/01/20 16:31:56 | 000,504,702 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2010/01/20 16:31:56 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2010/01/20 16:31:56 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2010/01/20 16:31:55 | 000,089,390 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2010/01/20 16:31:52 | 000,004,631 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2010/01/20 16:31:51 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2010/01/20 16:31:44 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2010/01/20 16:31:23 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2010/01/20 16:31:22 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2010/01/20 16:30:42 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2010/01/20 16:30:30 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin

[2010/01/20 09:08:40 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2010/01/20 09:07:57 | 000,219,248 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2009/06/06 00:42:40 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\TPeculiarity.dll

[2009/05/01 08:27:48 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\HWS_Ctrl.dll

[2009/04/28 03:37:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\SPCtl.dll

[2009/04/02 08:35:18 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\EKECioCtl.dll

[2005/03/25 21:00:00 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\FORMATUFD.EXE

========== LOP Check ==========

[2010/01/20 17:42:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\toshiba

[2010/01/20 17:17:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\WinBatch

[2010/08/19 18:50:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM

[2010/11/28 09:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10

[2010/11/28 08:30:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9

[2010/11/28 08:37:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files

[2010/11/28 08:26:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData

[2011/09/07 19:04:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panda Security

[2011/12/05 21:30:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering

[2010/06/11 14:43:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Partner

[2010/06/16 19:47:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpinTop Games

[2010/01/20 18:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Toshiba

[2010/04/22 13:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vista32

[2010/04/22 13:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vista64

[2010/11/28 00:21:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent

[2010/10/26 18:24:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2010/08/19 18:51:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Christopher\Application Data\acccore

[2010/11/28 08:40:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Christopher\Application Data\AVG10

[2011/09/28 17:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Christopher\Application Data\Dev-Cpp

[2010/06/27 00:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Christopher\Application Data\ElevatedDiagnostics

[2011/10/04 08:12:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Christopher\Application Data\Foxit Software

[2011/08/31 09:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Christopher\Application Data\geany

[2011/08/31 09:23:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Christopher\Application Data\gtk-2.0

[2010/08/01 11:31:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Christopher\Application Data\OpenOffice.org

[2011/09/07 19:09:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Christopher\Application Data\Panda Security

[2010/07/07 10:22:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Christopher\Application Data\SecondLife

[2011/06/07 16:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Christopher\Application Data\toshiba

[2010/01/20 17:17:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Christopher\Application Data\WinBatch

[2010/01/20 17:42:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\toshiba

[2010/01/20 17:17:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\WinBatch

[2011/12/02 23:08:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

[2011/12/05 08:14:27 | 000,000,378 | ---- | M] () -- C:\WINDOWS\Tasks\jucheck.job

[2011/12/05 08:17:46 | 000,000,276 | ---- | M] () -- C:\WINDOWS\Tasks\Update Spybot-S&D.job

========== Purity Check ==========

< End of report >

My Extras.txt:

OTL Extras logfile created on: 12/7/2011 2:36:17 PM - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Christopher\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.35 Mb Total Physical Memory | 340.50 Mb Available Physical Memory | 33.60% Memory free

2.89 Gb Paging File | 2.40 Gb Available in Paging File | 82.97% Paging File free

Paging file location(s): C:\pagefile.sys 2048 2048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 137.67 Gb Total Space | 108.22 Gb Free Space | 78.61% Space Free | Partition Type: NTFS

Computer Name: BOSTON | User Name: Christopher | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-3298523943-3000498379-3009045840-1006\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

htmlfile [edit] -- Reg Error: Key error.

InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)

Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)

Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"3724:TCP" = 3724:TCP:*:Disabled:Blizzard Downloader: 3724

"6881:TCP" = 6881:TCP:*:Disabled:Blizzard Downloader: 6881

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)

"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AIM -- (AOL Inc.)

"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)

"C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\USBSetup.exe" = C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\USBSetup.exe:LocalSubNet:Enabled:HP Device Setup -- (Hewlett-Packard Co.)

"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server -- (Intuit Inc.)

"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{02EED746-8C5A-43C8-BB3D-D29C8B363A4D}" = TOSHIBA Zooming Utility

"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended

"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver

"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist

"{16E8BF9A-B419-4A44-A020-30F8CFB84B9D}" = Atheros Client Utility

"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 29

"{2C38F661-26B7-445D-B87D-B53FE2D3BD42}" = TOSHIBA PC Diagnostic Tool

"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3881DB80-EAA2-012B-ADAE-000000000000}" = TurboTax 2009 WinPerFedFormset

"{38975F50-EAA2-012B-ADB4-000000000000}" = TurboTax 2009 WinPerReleaseEngine

"{38A34630-EAA2-012B-ADB6-000000000000}" = TurboTax 2009 WinPerTaxSupport

"{392A74D0-4DFE-49F7-87C3-8A61708F8856}" = Eraser 6.0.8.2273

"{3A57482F-BEBC-47E4-ADA1-6302403C7E50}" = TOSHIBA Accessibility

"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3C5A81D0-EAA2-012B-AE9F-000000000000}" = TurboTax 2009 wrapper

"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3

"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant

"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials

"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}" = Microsoft SQL Server 2008 Native Client

"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password

"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup

"{59FDFDFB-52FE-45B1-8A2A-A00079B07FF0}" = TOSHIBA Power Saver Driver

"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration

"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application

"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail

"{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}" = Power Tab Editor 1.7

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7833B48D-8CCD-4588-A7A0-AE01C96ACAA4}" = SelectiveSuspend

"{7900D3A6-A9E8-4954-ACCB-AB15867978BF}" = TOSHIBA Hotkey Utility

"{80977342-27E8-4FF7-8B6A-D8D89461DA7F}" = TouchPad On/Off Utility

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update

"{8F7AC250-4D7D-431D-AC4E-94FB78EA3F8B}" = TOSHIBA Power Saver

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{94A90C69-71C1-470A-88F5-AA47ECC96B40}" = TOSHIBA HDD Protection

"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader

"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application and Driver Installer

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175

"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station

"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger

"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program

"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update

"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Toshiba Online Backup

"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack

"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert

"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support

"{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}" = HP Deskjet 1000 J110 series Help

"{E487EE7D-EAAA-4E2A-9116-E3B477D8A74F}" = TOSHIBA USB Sleep and Charge Utility

"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call

"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application

"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime

"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01

"{F4B1B985-F308-4DBA-BFD7-CCCB8839234B}" = HP Deskjet 1000 J110 series Basic Device Software

"{FCE19796-1ADF-42DF-81D8-3563867FC2C2}" = TOSHIBA Zooming Hook

"{FEB2D0CA-9912-4AA1-8FBE-CFD852F9F1FC}" = Panda Cloud Antivirus

"7-Zip" = 7-Zip 9.20

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"AIM_7" = AIM 7

"CCleaner" = CCleaner

"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.1)

"Fn-esse" = TOSHIBA Fn-esse

"Foxit PDF Editor" = Foxit PDF Editor

"Foxit Reader_is1" = Foxit Reader 5.1

"HDMI" = Intel® Graphics Media Accelerator Driver

"HijackThis" = HijackThis 1.99.1

"ie8" = Windows Internet Explorer 8

"InstallShield_{02EED746-8C5A-43C8-BB3D-D29C8B363A4D}" = TOSHIBA Zooming Utility

"InstallShield_{2C38F661-26B7-445D-B87D-B53FE2D3BD42}" = TOSHIBA PC Diagnostic Tool

"InstallShield_{3A57482F-BEBC-47E4-ADA1-6302403C7E50}" = TOSHIBA Accessibility

"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password

"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup

"InstallShield_{7833B48D-8CCD-4588-A7A0-AE01C96ACAA4}" = SelectiveSuspend

"InstallShield_{7900D3A6-A9E8-4954-ACCB-AB15867978BF}" = TOSHIBA Hotkey Utility

"InstallShield_{80977342-27E8-4FF7-8B6A-D8D89461DA7F}" = TouchPad On/Off Utility

"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0

"Mozilla Firefox 8.0 (x86 en-US)" = Mozilla Firefox 8.0 (x86 en-US)

"Panda Cloud Antivirus" = Panda Cloud Antivirus

"Panda Security URL Filtering" = Panda Security URL Filtering

"Revo Uninstaller" = Revo Uninstaller 1.93

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"TurboTax 2009" = TurboTax 2009

"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

"Winamp" = Winamp

"Windows Media Format Runtime" = Windows Media Format Runtime

"Windows Media Player" = Windows Media Player 10

"WinLiveSuite_Wave3" = Windows Live Essentials

"Xvid_is1" = Xvid MPEG-4 Video Codec

"Yahoo! Messenger" = Yahoo! Messenger

"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3298523943-3000498379-3009045840-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 11/10/2011 3:26:54 AM | Computer Name = BOSTON | Source = Application Error | ID = 1000

Description = Faulting application snes9x.exe, version 1.5.2.0, faulting module

snes9x.exe, version 1.5.2.0, fault address 0x001ea365.

Error - 11/10/2011 3:27:03 AM | Computer Name = BOSTON | Source = Application Error | ID = 1000

Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module

dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.

Error - 11/12/2011 3:12:04 AM | Computer Name = BOSTON | Source = Lavasoft Ad-Aware Service | ID = 0

Description =

Error - 11/12/2011 12:31:59 PM | Computer Name = BOSTON | Source = crypt32 | ID = 131083

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: The data is invalid.

Error - 11/12/2011 12:31:59 PM | Computer Name = BOSTON | Source = crypt32 | ID = 131083

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: The data is invalid.

Error - 11/15/2011 1:48:21 PM | Computer Name = BOSTON | Source = Application Hang | ID = 1002

Description = Hanging application firefox.exe, version 8.0.0.4325, hang module hungapp,

version 0.0.0.0, hang address 0x00000000.

Error - 11/16/2011 2:05:29 PM | Computer Name = BOSTON | Source = Application Hang | ID = 1002

Description = Hanging application firefox.exe, version 8.0.0.4325, hang module hungapp,

version 0.0.0.0, hang address 0x00000000.

Error - 11/16/2011 2:05:40 PM | Computer Name = BOSTON | Source = Application Hang | ID = 1001

Description = Fault bucket -1612583200.

Error - 12/3/2011 12:59:03 AM | Computer Name = BOSTON | Source = Application Error | ID = 1000

Description = Faulting application snes9x.exe, version 1.5.2.0, faulting module

snes9x.exe, version 1.5.2.0, fault address 0x001e9f39.

Error - 12/3/2011 12:59:13 AM | Computer Name = BOSTON | Source = Application Error | ID = 1000

Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module

dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.

[ System Events ]

Error - 12/7/2011 5:08:46 PM | Computer Name = BOSTON | Source = Service Control Manager | ID = 7023

Description = The Application Management service terminated with the following error:

%%126

Error - 12/7/2011 5:08:46 PM | Computer Name = BOSTON | Source = Service Control Manager | ID = 7023

Description = The Application Management service terminated with the following error:

%%126

Error - 12/7/2011 5:08:46 PM | Computer Name = BOSTON | Source = Service Control Manager | ID = 7023

Description = The Application Management service terminated with the following error:

%%126

Error - 12/7/2011 5:08:46 PM | Computer Name = BOSTON | Source = Service Control Manager | ID = 7023

Description = The Application Management service terminated with the following error:

%%126

Error - 12/7/2011 5:08:46 PM | Computer Name = BOSTON | Source = Service Control Manager | ID = 7023

Description = The Application Management service terminated with the following error:

%%126

Error - 12/7/2011 5:08:46 PM | Computer Name = BOSTON | Source = Service Control Manager | ID = 7023

Description = The Application Management service terminated with the following error:

%%126

Error - 12/7/2011 5:08:46 PM | Computer Name = BOSTON | Source = Service Control Manager | ID = 7023

Description = The Application Management service terminated with the following error:

%%126

Error - 12/7/2011 5:08:47 PM | Computer Name = BOSTON | Source = Service Control Manager | ID = 7023

Description = The Application Management service terminated with the following error:

%%126

Error - 12/7/2011 5:08:47 PM | Computer Name = BOSTON | Source = Service Control Manager | ID = 7023

Description = The Application Management service terminated with the following error:

%%126

Error - 12/7/2011 5:08:47 PM | Computer Name = BOSTON | Source = Service Control Manager | ID = 7023

Description = The Application Management service terminated with the following error:

%%126

< End of report >

Link to post
Share on other sites

My RKU log for drivers and stealth:

RkU Version: 3.8.388.590, Type LE (SR2)

==============================================

OS Name: Windows XP

Version 5.1.2600 (Service Pack 3)

Number of processors #2

==============================================

>Drivers

==============================================

0xAA1A4000 C:\WINDOWS\system32\drivers\RtkHDAud.sys 6144000 bytes (Realtek Semiconductor Corp., Realtek® High Definition Audio Function Driver)

0xBF2E9000 C:\WINDOWS\System32\igxpdx32.DLL 3837952 bytes (Intel Corporation, DirectDraw® Driver for Intel® Graphics Technology)

0xBF059000 C:\WINDOWS\System32\igxpdv32.DLL 2686976 bytes (Intel Corporation, Component GHAL Driver)

0x804D7000 C:\WINDOWS\system32\ntkrnlpa.exe 2154496 bytes (Microsoft Corporation, NT Kernel & System)

0x804D7000 PnpManager 2154496 bytes

0x804D7000 RAW 2154496 bytes

0x804D7000 WMIxWDM 2154496 bytes

0xBF800000 Win32k 1859584 bytes

0xBF800000 C:\WINDOWS\System32\win32k.sys 1859584 bytes (Microsoft Corporation, Multi-User Win32 Driver)

0xF6F8F000 C:\WINDOWS\system32\DRIVERS\igxpmp32.sys 1753088 bytes (Intel Corporation, Intel Graphics Miniport Driver)

0xF6DCA000 C:\WINDOWS\system32\DRIVERS\athw.sys 1609728 bytes (Atheros Communications, Inc., Driver for Atheros Wireless Network Adapter)

0xA9CF8000 C:\WINDOWS\System32\Drivers\dump_iaStor.sys 892928 bytes

0xF7361000 iaStor.sys 892928 bytes (Intel Corporation, Intel Matrix Storage Manager driver - ia32)

0xF728B000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver)

0xF6CD2000 C:\WINDOWS\System32\Drivers\wdf01000.sys 462848 bytes (Microsoft Corporation, Kernel Mode Driver Framework Runtime)

0xA9E18000 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 458752 bytes (Microsoft Corporation, Windows NT SMB Minirdr)

0xF6C29000 C:\WINDOWS\system32\DRIVERS\update.sys 385024 bytes (Microsoft Corporation, Update Driver)

0xAA004000 C:\WINDOWS\system32\DRIVERS\tcpip.sys 364544 bytes (Microsoft Corporation, TCP/IP Protocol Driver)

0xA92BF000 C:\WINDOWS\system32\DRIVERS\srv.sys 360448 bytes (Microsoft Corporation, Server driver)

0xBF692000 C:\WINDOWS\System32\ATMFD.DLL 290816 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)

0xA8B0B000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)

0xF6D43000 C:\WINDOWS\system32\DRIVERS\SynTP.sys 225280 bytes (Synaptics Incorporated, Synaptics Touchpad Driver)

0xBF024000 C:\WINDOWS\System32\igxpgd32.dll 217088 bytes (Intel Corporation, Intel Graphics 2D Driver)

0xF7483000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT)

0xA942F000 C:\WINDOWS\system32\DRIVERS\mrxdav.sys 184320 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)

0xF725E000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)

0xA9F1F000 C:\WINDOWS\system32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)

0xF6F53000 C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 163840 bytes (Windows ® Server 2003 DDK provider, High Definition Audio Bus Driver v1.0a)

0xA9FDC000 C:\WINDOWS\system32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)

0xA9FB6000 C:\WINDOWS\system32\DRIVERS\ipnat.sys 155648 bytes (Microsoft Corporation, IP Network Address Translator)

0xAA158000 C:\WINDOWS\system32\drivers\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))

0xF6D7A000 C:\WINDOWS\system32\DRIVERS\USBPORT.SYS 147456 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)

0xF6C87000 C:\WINDOWS\system32\DRIVERS\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)

0xA9F94000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)

0xA96FF000 C:\WINDOWS\system32\DRIVERS\PSINAflt.sys 139264 bytes (Panda Security, S.L., PSINAflt Filter Driver for XP32)

0xA9F4A000 C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 139264 bytes (SUPERAdBlocker.com and SUPERAntiSpyware.com, SASKUTIL.SYS)

0x806E5000 ACPI_HAL 134400 bytes

0x806E5000 C:\WINDOWS\system32\hal.dll 134400 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)

0xF7341000 fltMgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)

0xF7453000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver)

0xA9F00000 C:\WINDOWS\system32\DRIVERS\psinknc.sys 126976 bytes (Panda Security, S.L., PSINKNC Kernel Controller for XP32)

0xA9DFA000 C:\WINDOWS\System32\Drivers\usbvideo.sys 122880 bytes (Microsoft Corporation, USB Video Class Driver)

0xF7244000 Mup.sys 106496 bytes (Microsoft Corporation, Multiple UNC Provider driver)

0xA9614000 C:\WINDOWS\system32\DRIVERS\PSINProc.sys 106496 bytes (Panda Security, S.L., PSINProc Filter Driver for XP32)

0xA96E5000 C:\WINDOWS\system32\DRIVERS\PSINProt.sys 106496 bytes (Panda Security, S.L., PSINProt for XP32)

0xF7318000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)

0xF6CBB000 C:\WINDOWS\system32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))

0xA962E000 C:\WINDOWS\system32\DRIVERS\PSINFile.sys 94208 bytes (Panda Security, S.L., PSINFile Filter Driver for XP32)

0xA8DAA000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)

0xF6F7B000 C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)

0xAA05D000 C:\WINDOWS\system32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)

0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)

0xBF012000 C:\WINDOWS\System32\igxprd32.dll 73728 bytes (Intel Corporation, Intel Graphics 2D Rotation Driver)

0xF732F000 sr.sys 73728 bytes (Microsoft Corporation, System Restore Filesystem Filter Driver)

0xF7472000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)

0xF6CAA000 C:\WINDOWS\system32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)

0xF77B2000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)

0xA9227000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)

0xF77A2000 C:\WINDOWS\system32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)

0xF7772000 C:\WINDOWS\system32\DRIVERS\wsimd.sys 61440 bytes (Atheros Communications, Inc., Wireless Intermediate Miniport Driver)

0xF7712000 C:\WINDOWS\system32\DRIVERS\WDFLDR.SYS 57344 bytes (Microsoft Corporation, Kernel Mode Driver Framework Loader)

0xF75F2000 C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)

0xF7702000 C:\WINDOWS\system32\DRIVERS\i8042prt.sys 53248 bytes (Microsoft Corporation, i8042 Port Driver)

0xF7722000 C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)

0xF75D2000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver)

0xF7742000 C:\WINDOWS\system32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)

0xF7822000 C:\WINDOWS\System32\Drivers\Fips.SYS 45056 bytes (Microsoft Corporation, FIPS Crypto Driver)

0xF75C2000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)

0xF7732000 C:\WINDOWS\system32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)

0xF75B2000 isapnp.sys 40960 bytes (Microsoft Corporation, PNP ISA Bus Driver)

0xF7782000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)

0xF7602000 PxHelp20.sys 40960 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)

0xF7762000 C:\WINDOWS\system32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)

0xF75E2000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)

0xF7652000 C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS 36864 bytes (Microsoft Corporation, Hid Class Library)

0xF76F2000 C:\WINDOWS\system32\DRIVERS\intelppm.sys 36864 bytes (Microsoft Corporation, Processor Device Driver)

0xF7752000 C:\WINDOWS\system32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)

0xF7802000 C:\WINDOWS\system32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)

0xA8DF7000 C:\WINDOWS\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)

0xF77F2000 C:\WINDOWS\system32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)

0xF7942000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)

0xF78BA000 C:\WINDOWS\system32\DRIVERS\usbehci.sys 32768 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)

0xF799A000 C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)

0xF7832000 C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)

0xF78DA000 C:\WINDOWS\system32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver)

0xF78E2000 C:\WINDOWS\system32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver)

0xF785A000 C:\WINDOWS\system32\DRIVERS\pgeffect.sys 24576 bytes (TOSHIBA Corporation, TOSHIBA Universal Camera Filter Driver)

0xF793A000 C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 24576 bytes (SUPERAdBlocker.com and SUPERAntiSpyware.com, SASDIFSV.SYS)

0xF784A000 thpdrv.sys 24576 bytes (TOSHIBA Corporation, TOSHIBA HDD Protection Driver)

0xF788A000 C:\WINDOWS\system32\DRIVERS\usbuhci.sys 24576 bytes (Microsoft Corporation, UHCI USB Miniport Driver)

0xF791A000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)

0xF7932000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)

0xF783A000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)

0xF7912000 C:\WINDOWS\System32\Drivers\pgsuspend.SYS 20480 bytes (Toshiba, Toshiba Web Camera Selective Suspend Drive)

0xF7952000 C:\WINDOWS\system32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)

0xF7962000 C:\WINDOWS\system32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel® mini-port/call-manager driver)

0xF792A000 C:\WINDOWS\system32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)

0xF7842000 TVALZ_O.SYS 20480 bytes (TOSHIBA Corporation, TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver)

0xF797A000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)

0xF79CA000 C:\WINDOWS\system32\DRIVERS\BATTC.SYS 16384 bytes (Microsoft Corporation, Battery Class Driver)

0xF7AAE000 C:\WINDOWS\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)

0xF71E3000 C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)

0xA9610000 C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver)

0xF79CE000 ACPIEC.sys 12288 bytes (Microsoft Corporation, ACPI Embedded Controller Driver)

0xF79C2000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)

0xF79C6000 compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)

0xA9F74000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)

0xA9EBC000 C:\WINDOWS\system32\DRIVERS\hidusb.sys 12288 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)

0xA9EAC000 C:\WINDOWS\system32\DRIVERS\mouhid.sys 12288 bytes (Microsoft Corporation, HID Mouse Filter Driver)

0xF720C000 C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)

0xAA19C000 C:\WINDOWS\system32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)

0xAA184000 C:\WINDOWS\system32\drivers\TPwSav.sys 12288 bytes (TOSHIBA , IO Driver)

0xF7AE0000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)

0xF7ADC000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)

0xF7AB2000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)

0xF7AE4000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)

0xF7AE8000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)

0xF7ACE000 C:\WINDOWS\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)

0xF7AB6000 Thpevm.SYS 8192 bytes (TOSHIBA Corporation, TOSHIBA HDD Protection - Shock Sensor Driver)

0xF7ABE000 C:\WINDOWS\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)

0xF7AB4000 C:\WINDOWS\system32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)

0xF7BAD000 C:\WINDOWS\system32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)

0xF7B92000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)

0xF7BFF000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)

0xF7B7B000 C:\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS 4096 bytes (Microsoft Corporation, ACPI Operation Registration Driver)

==============================================

>Stealth

==============================================

Nothing detected :(

Link to post
Share on other sites

My TDSSKiller.exe:

15:20:59.0359 2836 TDSS rootkit removing tool 2.6.22.0 Dec 7 2011 13:21:06

15:20:59.0578 2836 ============================================================

15:20:59.0578 2836 Current date / time: 2011/12/07 15:20:59.0578

15:20:59.0578 2836 SystemInfo:

15:20:59.0578 2836

15:20:59.0593 2836 OS Version: 5.1.2600 ServicePack: 3.0

15:20:59.0593 2836 Product type: Workstation

15:20:59.0593 2836 ComputerName: BOSTON

15:20:59.0593 2836 UserName: Christopher

15:20:59.0593 2836 Windows directory: C:\WINDOWS

15:20:59.0593 2836 System windows directory: C:\WINDOWS

15:20:59.0593 2836 Processor architecture: Intel x86

15:20:59.0593 2836 Number of processors: 2

15:20:59.0593 2836 Page size: 0x1000

15:20:59.0593 2836 Boot type: Normal boot

15:20:59.0593 2836 ============================================================

15:21:00.0156 2836 Initialize success

15:21:13.0984 2500 ============================================================

15:21:13.0984 2500 Scan started

15:21:13.0984 2500 Mode: Manual;

15:21:13.0984 2500 ============================================================

15:21:14.0515 2500 Abiosdsk - ok

15:21:14.0546 2500 abp480n5 - ok

15:21:14.0609 2500 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

15:21:14.0609 2500 ACPI - ok

15:21:14.0750 2500 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

15:21:14.0750 2500 ACPIEC - ok

15:21:14.0796 2500 adpu160m - ok

15:21:14.0859 2500 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

15:21:14.0875 2500 aec - ok

15:21:15.0015 2500 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

15:21:15.0031 2500 AFD - ok

15:21:15.0078 2500 AFGMp50 - ok

15:21:15.0187 2500 AFGSp50 - ok

15:21:15.0234 2500 Aha154x - ok

15:21:15.0296 2500 aic78u2 - ok

15:21:15.0312 2500 aic78xx - ok

15:21:15.0390 2500 AliIde - ok

15:21:15.0531 2500 Ambfilt (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys

15:21:15.0578 2500 Ambfilt - ok

15:21:15.0703 2500 amsint - ok

15:21:15.0828 2500 AR5416 (c413e2e549488a5f1969decb5b03187a) C:\WINDOWS\system32\DRIVERS\athw.sys

15:21:15.0875 2500 AR5416 - ok

15:21:16.0000 2500 asc - ok

15:21:16.0046 2500 asc3350p - ok

15:21:16.0062 2500 asc3550 - ok

15:21:16.0203 2500 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

15:21:16.0203 2500 AsyncMac - ok

15:21:16.0265 2500 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

15:21:16.0281 2500 atapi - ok

15:21:16.0375 2500 Atdisk - ok

15:21:16.0437 2500 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

15:21:16.0437 2500 Atmarpc - ok

15:21:16.0484 2500 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

15:21:16.0484 2500 audstub - ok

15:21:16.0640 2500 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

15:21:16.0656 2500 Beep - ok

15:21:16.0765 2500 catchme - ok

15:21:16.0890 2500 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

15:21:16.0890 2500 cbidf2k - ok

15:21:16.0968 2500 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

15:21:16.0968 2500 CCDECODE - ok

15:21:17.0093 2500 cd20xrnt - ok

15:21:17.0140 2500 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

15:21:17.0140 2500 Cdaudio - ok

15:21:17.0265 2500 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

15:21:17.0265 2500 Cdfs - ok

15:21:17.0359 2500 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\drivers\Cdrom.sys

15:21:17.0359 2500 Cdrom - ok

15:21:17.0468 2500 Changer - ok

15:21:17.0562 2500 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

15:21:17.0562 2500 CmBatt - ok

15:21:17.0687 2500 CmdIde - ok

15:21:17.0750 2500 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

15:21:17.0750 2500 Compbatt - ok

15:21:17.0859 2500 Cpqarray - ok

15:21:17.0906 2500 dac2w2k - ok

15:21:18.0015 2500 dac960nt - ok

15:21:18.0078 2500 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

15:21:18.0093 2500 Disk - ok

15:21:18.0218 2500 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

15:21:18.0234 2500 dmboot - ok

15:21:18.0375 2500 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

15:21:18.0390 2500 dmio - ok

15:21:18.0515 2500 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

15:21:18.0515 2500 dmload - ok

15:21:18.0687 2500 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

15:21:18.0687 2500 DMusic - ok

15:21:18.0812 2500 dpti2o - ok

15:21:18.0890 2500 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

15:21:18.0890 2500 drmkaud - ok

15:21:19.0062 2500 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

15:21:19.0062 2500 Fastfat - ok

15:21:19.0203 2500 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

15:21:19.0218 2500 Fdc - ok

15:21:19.0375 2500 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

15:21:19.0375 2500 Fips - ok

15:21:19.0515 2500 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

15:21:19.0531 2500 Flpydisk - ok

15:21:19.0671 2500 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys

15:21:19.0687 2500 FltMgr - ok

15:21:19.0843 2500 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

15:21:19.0843 2500 Fs_Rec - ok

15:21:19.0953 2500 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

15:21:19.0968 2500 Ftdisk - ok

15:21:20.0046 2500 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

15:21:20.0046 2500 GEARAspiWDM - ok

15:21:20.0203 2500 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

15:21:20.0203 2500 Gpc - ok

15:21:20.0359 2500 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

15:21:20.0375 2500 HDAudBus - ok

15:21:20.0546 2500 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

15:21:20.0546 2500 HidUsb - ok

15:21:20.0671 2500 hpn - ok

15:21:20.0781 2500 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

15:21:20.0796 2500 HTTP - ok

15:21:20.0921 2500 i2omgmt - ok

15:21:21.0046 2500 i2omp - ok

15:21:21.0140 2500 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

15:21:21.0156 2500 i8042prt - ok

15:21:21.0312 2500 ialm (0e501525f2b67aa17fe143d7c5e6a649) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

15:21:21.0375 2500 ialm - ok

15:21:21.0531 2500 iaStor (d483687eace0c065ee772481a96e05f5) C:\WINDOWS\system32\drivers\iaStor.sys

15:21:21.0531 2500 iaStor - ok

15:21:21.0703 2500 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\drivers\Imapi.sys

15:21:21.0703 2500 Imapi - ok

15:21:21.0843 2500 ini910u - ok

15:21:22.0359 2500 IntcAzAudAddService (4d8b60b116e8213e44cc7797b648f277) C:\WINDOWS\system32\drivers\RtkHDAud.sys

15:21:22.0562 2500 IntcAzAudAddService - ok

15:21:22.0671 2500 IntelIde - ok

15:21:22.0734 2500 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

15:21:22.0734 2500 intelppm - ok

15:21:22.0796 2500 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

15:21:22.0796 2500 Ip6Fw - ok

15:21:22.0937 2500 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

15:21:22.0937 2500 IpFilterDriver - ok

15:21:23.0046 2500 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

15:21:23.0046 2500 IpInIp - ok

15:21:23.0125 2500 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

15:21:23.0125 2500 IpNat - ok

15:21:23.0281 2500 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

15:21:23.0296 2500 IPSec - ok

15:21:23.0328 2500 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

15:21:23.0343 2500 IRENUM - ok

15:21:23.0468 2500 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

15:21:23.0468 2500 isapnp - ok

15:21:23.0546 2500 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

15:21:23.0546 2500 Kbdclass - ok

15:21:23.0671 2500 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

15:21:23.0671 2500 kmixer - ok

15:21:23.0859 2500 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

15:21:23.0859 2500 KSecDD - ok

15:21:23.0937 2500 lbrtfdc - ok

15:21:24.0078 2500 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

15:21:24.0078 2500 mnmdd - ok

15:21:24.0140 2500 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

15:21:24.0140 2500 Modem - ok

15:21:24.0328 2500 Monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys

15:21:24.0375 2500 Monfilt - ok

15:21:24.0531 2500 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

15:21:24.0546 2500 Mouclass - ok

15:21:24.0640 2500 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

15:21:24.0640 2500 mouhid - ok

15:21:24.0734 2500 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

15:21:24.0734 2500 MountMgr - ok

15:21:24.0828 2500 MpKsl223e52b9 - ok

15:21:24.0843 2500 MpKsl2a0093e4 - ok

15:21:24.0859 2500 MpKslb9bdf4b3 - ok

15:21:24.0875 2500 MpKslc7bf93a1 - ok

15:21:24.0890 2500 MpKsld742f5f7 - ok

15:21:24.0906 2500 MpKsleeefb4df - ok

15:21:24.0921 2500 MpKslfe391501 - ok

15:21:25.0031 2500 mraid35x - ok

15:21:25.0093 2500 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

15:21:25.0093 2500 MRxDAV - ok

15:21:25.0171 2500 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

15:21:25.0203 2500 MRxSmb - ok

15:21:25.0359 2500 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

15:21:25.0359 2500 Msfs - ok

15:21:25.0421 2500 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

15:21:25.0437 2500 MSKSSRV - ok

15:21:25.0546 2500 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

15:21:25.0546 2500 MSPCLOCK - ok

15:21:25.0625 2500 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

15:21:25.0625 2500 MSPQM - ok

15:21:25.0671 2500 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

15:21:25.0671 2500 mssmbios - ok

15:21:25.0828 2500 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

15:21:25.0843 2500 MSTEE - ok

15:21:25.0921 2500 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

15:21:25.0921 2500 Mup - ok

15:21:26.0078 2500 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

15:21:26.0078 2500 NABTSFEC - ok

15:21:26.0140 2500 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

15:21:26.0156 2500 NDIS - ok

15:21:26.0203 2500 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

15:21:26.0203 2500 NdisIP - ok

15:21:26.0359 2500 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

15:21:26.0359 2500 NdisTapi - ok

15:21:26.0406 2500 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

15:21:26.0406 2500 Ndisuio - ok

15:21:26.0562 2500 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

15:21:26.0562 2500 NdisWan - ok

15:21:26.0640 2500 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

15:21:26.0640 2500 NDProxy - ok

15:21:26.0796 2500 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

15:21:26.0796 2500 NetBIOS - ok

15:21:26.0859 2500 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

15:21:26.0859 2500 NetBT - ok

15:21:26.0984 2500 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

15:21:27.0000 2500 Npfs - ok

15:21:27.0093 2500 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

15:21:27.0125 2500 Ntfs - ok

15:21:27.0234 2500 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

15:21:27.0234 2500 Null - ok

15:21:27.0296 2500 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

15:21:27.0296 2500 NwlnkFlt - ok

15:21:27.0421 2500 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

15:21:27.0421 2500 NwlnkFwd - ok

15:21:27.0515 2500 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys

15:21:27.0515 2500 Parport - ok

15:21:27.0625 2500 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

15:21:27.0640 2500 PartMgr - ok

15:21:27.0687 2500 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

15:21:27.0687 2500 ParVdm - ok

15:21:27.0750 2500 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

15:21:27.0750 2500 PCI - ok

15:21:27.0828 2500 PCIDump - ok

15:21:27.0890 2500 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

15:21:27.0890 2500 PCIIde - ok

15:21:27.0968 2500 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

15:21:27.0984 2500 Pcmcia - ok

15:21:28.0093 2500 PDCOMP - ok

15:21:28.0140 2500 PDFRAME - ok

15:21:28.0171 2500 PDRELI - ok

15:21:28.0265 2500 PDRFRAME - ok

15:21:28.0328 2500 perc2 - ok

15:21:28.0359 2500 perc2hib - ok

15:21:28.0500 2500 PGEffect (1b5011dd8d57f53aed31ff0f7d635802) C:\WINDOWS\system32\DRIVERS\pgeffect.sys

15:21:28.0500 2500 PGEffect - ok

15:21:28.0578 2500 PGSUSFLT (b1708fe0539abb11b6285828ef3f8493) C:\WINDOWS\system32\Drivers\pgsuspend.SYS

15:21:28.0578 2500 PGSUSFLT - ok

15:21:28.0734 2500 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

15:21:28.0734 2500 PptpMiniport - ok

15:21:28.0796 2500 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

15:21:28.0812 2500 PSched - ok

15:21:28.0875 2500 PSINAflt (9abf1d1da5afaaaa41fcbd940aa2e844) C:\WINDOWS\system32\DRIVERS\PSINAflt.sys

15:21:28.0890 2500 PSINAflt - ok

15:21:28.0984 2500 PSINFile (5bab5fb4cb1963f643a1a8b4d816cf8f) C:\WINDOWS\system32\DRIVERS\PSINFile.sys

15:21:29.0000 2500 PSINFile - ok

15:21:29.0156 2500 PSINKNC (0518f472a69249e18612e29278bd58ec) C:\WINDOWS\system32\DRIVERS\psinknc.sys

15:21:29.0156 2500 PSINKNC - ok

15:21:29.0234 2500 PSINProc (87b2fe6d7b427947541360f48c302054) C:\WINDOWS\system32\DRIVERS\PSINProc.sys

15:21:29.0234 2500 PSINProc - ok

15:21:29.0375 2500 PSINProt (f4804beb5ff6741019b56a02ead4d3b7) C:\WINDOWS\system32\DRIVERS\PSINProt.sys

15:21:29.0390 2500 PSINProt - ok

15:21:29.0437 2500 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

15:21:29.0453 2500 Ptilink - ok

15:21:29.0578 2500 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys

15:21:29.0578 2500 PxHelp20 - ok

15:21:29.0625 2500 ql1080 - ok

15:21:29.0734 2500 Ql10wnt - ok

15:21:29.0781 2500 ql12160 - ok

15:21:29.0843 2500 ql1240 - ok

15:21:29.0953 2500 ql1280 - ok

15:21:30.0000 2500 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

15:21:30.0000 2500 RasAcd - ok

15:21:30.0078 2500 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

15:21:30.0078 2500 Rasl2tp - ok

15:21:30.0187 2500 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

15:21:30.0187 2500 RasPppoe - ok

15:21:30.0218 2500 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

15:21:30.0234 2500 Raspti - ok

15:21:30.0296 2500 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

15:21:30.0312 2500 Rdbss - ok

15:21:30.0390 2500 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

15:21:30.0390 2500 RDPCDD - ok

15:21:30.0468 2500 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

15:21:30.0484 2500 RDPWD - ok

15:21:30.0640 2500 RSUSBSTOR (83f7a29b659771e60cd71999ef57aa0c) C:\WINDOWS\system32\Drivers\RtsUStor.sys

15:21:30.0640 2500 RSUSBSTOR - ok

15:21:30.0734 2500 RTLE8023xp (fab826c3263328983165f09549ea9b13) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

15:21:30.0734 2500 RTLE8023xp - ok

15:21:30.0843 2500 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

15:21:30.0843 2500 SASDIFSV - ok

15:21:30.0890 2500 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS

15:21:30.0890 2500 SASKUTIL - ok

15:21:30.0984 2500 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

15:21:31.0000 2500 Secdrv - ok

15:21:31.0078 2500 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys

15:21:31.0078 2500 Serial - ok

15:21:31.0218 2500 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

15:21:31.0218 2500 Sfloppy - ok

15:21:31.0281 2500 Simbad - ok

15:21:31.0500 2500 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

15:21:31.0500 2500 SLIP - ok

15:21:31.0593 2500 Sparrow - ok

15:21:31.0687 2500 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

15:21:31.0687 2500 splitter - ok

15:21:31.0750 2500 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

15:21:31.0750 2500 sr - ok

15:21:31.0921 2500 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

15:21:31.0937 2500 Srv - ok

15:21:32.0093 2500 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

15:21:32.0109 2500 streamip - ok

15:21:32.0171 2500 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

15:21:32.0171 2500 swenum - ok

15:21:32.0296 2500 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

15:21:32.0312 2500 swmidi - ok

15:21:32.0359 2500 symc810 - ok

15:21:32.0453 2500 symc8xx - ok

15:21:32.0515 2500 sym_hi - ok

15:21:32.0562 2500 sym_u3 - ok

15:21:32.0640 2500 SynTP (6da97d6b6de6326eba8ab8291ab41a09) C:\WINDOWS\system32\DRIVERS\SynTP.sys

15:21:32.0656 2500 SynTP - ok

15:21:32.0765 2500 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

15:21:32.0781 2500 sysaudio - ok

15:21:32.0890 2500 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

15:21:32.0906 2500 Tcpip - ok

15:21:32.0968 2500 tdcmdpst (2f8bfbdb5824c71f672779b4b8cf8b01) C:\WINDOWS\system32\DRIVERS\tdcmdpst.sys

15:21:32.0968 2500 tdcmdpst - ok

15:21:33.0078 2500 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

15:21:33.0093 2500 TDPIPE - ok

15:21:33.0140 2500 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

15:21:33.0140 2500 TDTCP - ok

15:21:33.0250 2500 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

15:21:33.0265 2500 TermDD - ok

15:21:33.0359 2500 Thpdrv (e00f0f7e4d4412da2f1b82a873229e47) C:\WINDOWS\system32\DRIVERS\thpdrv.sys

15:21:33.0359 2500 Thpdrv - ok

15:21:33.0468 2500 Thpevm (beeca51c9ef368a1038e455278e4715e) C:\WINDOWS\system32\DRIVERS\Thpevm.SYS

15:21:33.0468 2500 Thpevm - ok

15:21:33.0562 2500 TosIde - ok

15:21:33.0656 2500 TPwSav (4026b9c7b042ea99946ce6bbea73ed1b) C:\WINDOWS\system32\drivers\TPwSav.sys

15:21:33.0656 2500 TPwSav - ok

15:21:33.0828 2500 TVALZ (fc5d508107166a84b2147e5b009206b5) C:\WINDOWS\system32\DRIVERS\TVALZ_O.SYS

15:21:33.0828 2500 TVALZ - ok

15:21:33.0875 2500 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

15:21:33.0875 2500 Udfs - ok

15:21:33.0968 2500 ultra - ok

15:21:34.0031 2500 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

15:21:34.0046 2500 Update - ok

15:21:34.0125 2500 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

15:21:34.0125 2500 usbccgp - ok

15:21:34.0234 2500 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

15:21:34.0234 2500 usbehci - ok

15:21:34.0296 2500 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

15:21:34.0296 2500 usbhub - ok

15:21:34.0421 2500 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

15:21:34.0421 2500 usbprint - ok

15:21:34.0500 2500 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

15:21:34.0500 2500 usbscan - ok

15:21:34.0609 2500 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

15:21:34.0625 2500 usbstor - ok

15:21:34.0671 2500 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

15:21:34.0671 2500 usbuhci - ok

15:21:34.0796 2500 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys

15:21:34.0796 2500 usbvideo - ok

15:21:34.0859 2500 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

15:21:34.0859 2500 VgaSave - ok

15:21:34.0953 2500 ViaIde - ok

15:21:35.0015 2500 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

15:21:35.0015 2500 VolSnap - ok

15:21:35.0078 2500 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

15:21:35.0078 2500 Wanarp - ok

15:21:35.0218 2500 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys

15:21:35.0250 2500 Wdf01000 - ok

15:21:35.0375 2500 WDICA - ok

15:21:35.0453 2500 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

15:21:35.0453 2500 wdmaud - ok

15:21:35.0687 2500 WSIMD (0091d78c5f8fde0cdf2b214823de6e48) C:\WINDOWS\system32\DRIVERS\wsimd.sys

15:21:35.0687 2500 WSIMD - ok

15:21:35.0765 2500 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

15:21:35.0765 2500 WSTCODEC - ok

15:21:35.0812 2500 MBR (0x1B8) (09ce7397af23d4c0b331b89d0297cc7e) \Device\Harddisk0\DR0

15:21:36.0375 2500 \Device\Harddisk0\DR0 - ok

15:21:36.0375 2500 Boot (0x1200) (3f8039ac98474dad8fa8ca6633133f25) \Device\Harddisk0\DR0\Partition0

15:21:36.0375 2500 \Device\Harddisk0\DR0\Partition0 - ok

15:21:36.0375 2500 ============================================================

15:21:36.0375 2500 Scan finished

15:21:36.0375 2500 ============================================================

15:21:36.0390 2408 Detected object count: 0

15:21:36.0390 2408 Actual detected object count: 0

Link to post
Share on other sites

My HijackThis log:

Logfile of HijackThis v1.99.1

Scan saved at 3:25:07 PM, on 12/7/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\acs.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\ThpSrv.exe

C:\WINDOWS\system32\TODDSrv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Atheros\ACU.exe

C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe

C:\WINDOWS\system32\TPSMain.exe

C:\WINDOWS\system32\ZoomingHook.exe

C:\WINDOWS\system32\thpsrv.exe

C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe

C:\WINDOWS\system32\TPSBattM.exe

C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://blackboard.sdccd.edu/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui

O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe

O4 - HKLM\..\Run: [TPSMain] TPSMain.exe

O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe

O4 - HKLM\..\Run: [ThpSrv] C:\WINDOWS\system32\thpsrv /logon

O4 - HKLM\..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe

O4 - HKLM\..\Run: [PSUNMain] "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar

O4 - HKLM\..\Run: [Panda Security URL Filtering] "C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\WINDOWS\system32\acs.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)

O23 - Service: LUVM - Unknown owner - C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\LUVM.exe (file missing)

O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe

O23 - Service: TOSHIBA HDD Protection (Thpsrv) - TOSHIBA Corporation - C:\WINDOWS\system32\ThpSrv.exe

O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe

O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

Link to post
Share on other sites

My DDS.txt and Attach.txt logs:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29

Run by Christopher at 15:26:48 on 2011-12-07

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1013.303 [GMT -8:00]

.

AV: Panda Cloud Antivirus *Enabled/Updated* {5AD27692-540A-464E-B625-78275FA38393}

AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

C:\WINDOWS\system32\svchost.exe -k netsvcs

svchost.exe

C:\WINDOWS\System32\svchost.exe -k eapsvcs

C:\WINDOWS\System32\svchost.exe -k dot3svc

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\acs.exe

svchost.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\ThpSrv.exe

C:\WINDOWS\system32\TODDSrv.exe

C:\WINDOWS\Explorer.EXE

svchost.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Atheros\ACU.exe

C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe

C:\WINDOWS\system32\TPSMain.exe

C:\WINDOWS\system32\ZoomingHook.exe

C:\WINDOWS\system32\thpsrv.exe

C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe

C:\WINDOWS\system32\TPSBattM.exe

C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

C:\Program Files\Mozilla Firefox\firefox.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://blackboard.sdccd.edu/

mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNB&bmod=TSNB

uInternet Settings,ProxyOverride = <local>

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

mRun: [ACU] "c:\program files\atheros\ACU.exe" -nogui

mRun: [CeEKEY] c:\program files\toshiba\e-key\CeEKey.exe

mRun: [TPSMain] TPSMain.exe

mRun: [Zooming] ZoomingHook.exe

mRun: [ThpSrv] c:\windows\system32\thpsrv /logon

mRun: [TosSENotify] c:\program files\toshiba\toshiba hdd ssd alert\TosWaitSrv.exe

mRun: [PSUNMain] "c:\program files\panda security\panda cloud antivirus\PSUNMain.exe" /Traybar

mRun: [Panda Security URL Filtering] "c:\documents and settings\all users\application data\panda security url filtering\Panda_URL_Filtering.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll

Trusted Zone: intuit.com\ttlc

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

TCP: DhcpNameServer = 192.168.2.1

TCP: Interfaces\{B56B07C8-B922-4E3B-BB6F-F61CF6D51AC8} : DhcpNameServer = 192.168.2.1

Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL

Notify: igfxcui - igfxdev.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

Hosts: 127.0.0.1 www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\christopher\application data\mozilla\firefox\profiles\u0odwf1p.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll

FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(yahoo.ytff.general.dontshowhpoffer, true

.

============= SERVICES / DRIVERS ===============

.

R0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\drivers\thpdrv.sys [2009-6-29 29760]

R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\drivers\Thpevm.sys [2009-5-11 6528]

R1 PSINKNC;PSINKNC;c:\windows\system32\drivers\PSINKNC.sys [2011-4-28 129992]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]

R2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files\panda security\panda cloud antivirus\PSANHost.exe [2011-4-28 140608]

R2 PSINAflt;PSINAflt;c:\windows\system32\drivers\PSINAflt.sys [2011-8-1 143752]

R2 PSINFile;PSINFile;c:\windows\system32\drivers\PSINFile.sys [2011-4-28 97096]

R2 PSINProc;PSINProc;c:\windows\system32\drivers\PSINProc.sys [2011-4-28 111688]

R2 PSINProt;PSINProt;c:\windows\system32\drivers\PSINProt.sys [2011-4-28 112456]

R3 PGEffect;Pangu effect driver;c:\windows\system32\drivers\PGEffect.sys [2010-6-10 24064]

R3 PGSUSFLT;PGSUSFLT;c:\windows\system32\drivers\pgsuspend.SYS [2010-4-22 18816]

R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\toshiba\toshiba hdd ssd alert\TosSmartSrv.exe [2009-9-17 111960]

S1 MpKsl223e52b9;MpKsl223e52b9;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5182bfd6-9f32-425b-904e-93672285bb7c}\mpksl223e52b9.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5182bfd6-9f32-425b-904e-93672285bb7c}\MpKsl223e52b9.sys [?]

S1 MpKsl2a0093e4;MpKsl2a0093e4;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{73a1fa71-394a-4bcb-b4e6-d5901349b625}\mpksl2a0093e4.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{73a1fa71-394a-4bcb-b4e6-d5901349b625}\MpKsl2a0093e4.sys [?]

S1 MpKslb9bdf4b3;MpKslb9bdf4b3;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{70dbf4c2-67bc-4139-bb7b-05da2ab12bc0}\mpkslb9bdf4b3.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{70dbf4c2-67bc-4139-bb7b-05da2ab12bc0}\MpKslb9bdf4b3.sys [?]

S1 MpKslc7bf93a1;MpKslc7bf93a1;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5f83ffeb-d013-4f97-ab3f-fb4688ea1b00}\mpkslc7bf93a1.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5f83ffeb-d013-4f97-ab3f-fb4688ea1b00}\MpKslc7bf93a1.sys [?]

S1 MpKsld742f5f7;MpKsld742f5f7;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{795b44d1-78f3-4fd7-8dde-e1d12583e3f0}\mpksld742f5f7.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{795b44d1-78f3-4fd7-8dde-e1d12583e3f0}\MpKsld742f5f7.sys [?]

S1 MpKsleeefb4df;MpKsleeefb4df;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{38b5dcfb-cf90-4202-89c7-2c5610d4312f}\mpksleeefb4df.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{38b5dcfb-cf90-4202-89c7-2c5610d4312f}\MpKsleeefb4df.sys [?]

S1 MpKslfe391501;MpKslfe391501;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9f74d1e9-9e22-4df8-9b65-be2e90817873}\mpkslfe391501.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9f74d1e9-9e22-4df8-9b65-be2e90817873}\MpKslfe391501.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-4-22 1684736]

S3 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-7-10 136176]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-7-10 136176]

S3 LUVM;LUVM;c:\docume~1\christ~1\locals~1\temp\luvm.exe --> c:\docume~1\christ~1\locals~1\temp\LUVM.exe [?]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2010-4-22 174592]

S3 TMachInfo;TMachInfo;c:\program files\toshiba\toshiba service station\TMachInfo.exe [2010-4-22 51512]

S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2010-1-20 14336]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2011-11-09 16:40:17 -------- d-sha-r- C:\cmdcons

2011-11-09 16:38:00 98816 ----a-w- c:\windows\sed.exe

2011-11-09 16:38:00 518144 ----a-w- c:\windows\SWREG.exe

2011-11-09 16:38:00 256000 ----a-w- c:\windows\PEV.exe

2011-11-09 16:38:00 208896 ----a-w- c:\windows\MBR.exe

2011-11-08 16:40:14 -------- d-----w- C:\MGtools

2011-11-08 16:31:53 -------- d-----w- c:\program files\SUPERAntiSpyware

.

==================== Find3M ====================

.

2011-11-17 06:38:21 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll

2011-10-03 12:06:03 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-10-03 09:37:52 73728 ----a-w- c:\windows\system32\javacpl.cpl

2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll

2011-09-26 18:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll

2011-09-26 18:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll

2011-09-26 18:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll

.

============= FINISH: 15:28:26.21 ===============

Attach.txt:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Home Edition

Boot Device: \Device\HarddiskVolume1

Install Date: 6/10/2010 8:11:07 PM

System Uptime: 12/6/2011 7:05:11 PM (20 hours ago)

.

Motherboard: TOSHIBA | | NPVAA

Processor: Intel® Atom CPU N450 @ 1.66GHz | U2E1 | 1662/mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 138 GiB total, 108.215 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP1: 11/9/2011 8:37:59 AM - System Checkpoint

RP2: 11/10/2011 8:25:24 AM - Software Distribution Service 3.0

RP3: 11/12/2011 8:26:22 AM - Software Distribution Service 3.0

RP4: 11/13/2011 2:16:14 PM - System Checkpoint

RP5: 11/13/2011 10:00:47 PM - Removed Ad-Aware

RP6: 11/13/2011 10:05:41 PM - Removed Ad-Aware

RP7: 11/13/2011 10:14:22 PM - Removed Microsoft Works

RP8: 11/15/2011 12:22:53 PM - System Checkpoint

RP9: 11/16/2011 8:59:42 AM - Software Distribution Service 3.0

RP10: 11/17/2011 9:23:56 AM - System Checkpoint

RP11: 11/18/2011 11:31:43 AM - System Checkpoint

RP12: 11/19/2011 12:51:11 PM - System Checkpoint

RP13: 11/20/2011 2:59:15 PM - System Checkpoint

RP14: 11/21/2011 10:42:07 PM - System Checkpoint

RP15: 11/23/2011 12:19:25 PM - System Checkpoint

RP16: 11/24/2011 1:33:52 PM - System Checkpoint

RP17: 11/25/2011 1:34:31 PM - System Checkpoint

RP18: 11/26/2011 3:34:30 PM - System Checkpoint

RP19: 11/27/2011 4:45:05 PM - System Checkpoint

RP20: 11/28/2011 6:24:53 PM - System Checkpoint

RP21: 11/29/2011 8:24:21 PM - System Checkpoint

RP22: 12/1/2011 7:28:18 AM - System Checkpoint

RP23: 12/2/2011 7:50:53 AM - System Checkpoint

RP24: 12/3/2011 8:28:00 AM - System Checkpoint

RP25: 12/4/2011 10:10:40 AM - System Checkpoint

RP26: 12/5/2011 10:20:49 AM - System Checkpoint

RP27: 12/6/2011 12:23:17 PM - System Checkpoint

RP28: 12/7/2011 12:56:12 PM - System Checkpoint

RP29: 12/7/2011 1:08:17 PM - Removed Google Earth Plug-in.

.

==== Installed Programs ======================

.

7-Zip 9.20

Adobe Flash Player 10 ActiveX

Adobe Flash Player 11 Plugin

AIM 7

Apple Application Support

Apple Software Update

Atheros Client Utility

Atheros Driver Installation Program

CCleaner

Compatibility Pack for the 2007 Office system

Dev-C++ 5 beta 9 release (4.9.9.1)

Eraser 6.0.8.2273

Foxit PDF Editor

Foxit Reader 5.1

Google Update Helper

HijackThis 1.99.1

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB942288-v3)

Hotfix for Windows XP (KB958655-v2)

HP Deskjet 1000 J110 series Basic Device Software

HP Deskjet 1000 J110 series Help

Intel® Graphics Media Accelerator Driver

iTunes

Java Auto Updater

Java 6 Update 29

Junk Mail filter update

Malwarebytes' Anti-Malware version 1.51.2.1300

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2572067)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft .NET Framework 4 Multi-Targeting Pack

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Help Viewer 1.0

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Silverlight

Microsoft SQL Server 2008 Native Client

Microsoft SQL Server Compact 3.5 SP2 ENU

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable - KB2467175

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Mozilla Firefox 8.0 (x86 en-US)

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

OpenOffice.org 3.3

Panda Cloud Antivirus

Panda Security URL Filtering

Power Tab Editor 1.7

QuickTime

REALTEK GbE & FE Ethernet PCI-E NIC Driver

Realtek High Definition Audio Driver

Realtek USB 2.0 Card Reader

Revo Uninstaller 1.93

Rootkit Unhooker LE 3.8 SR 2

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 8 (KB2183461)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB974455)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2491683)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2592799)

Segoe UI

SelectiveSuspend

Spybot - Search & Destroy

SUPERAntiSpyware

Synaptics Pointing Device Driver

TOSHIBA Accessibility

TOSHIBA Application and Driver Installer

TOSHIBA Assist

TOSHIBA Fn-esse

TOSHIBA Hardware Setup

TOSHIBA HDD Protection

TOSHIBA HDD/SSD Alert

TOSHIBA Hotkey Utility

Toshiba Online Backup

TOSHIBA PC Diagnostic Tool

TOSHIBA Power Saver

TOSHIBA Power Saver Driver

TOSHIBA Quality Application

TOSHIBA Recovery Media Creator

TOSHIBA Service Station

TOSHIBA Supervisor Password

TOSHIBA USB Sleep and Charge Utility

TOSHIBA Web Camera Application

TOSHIBA Zooming Hook

TOSHIBA Zooming Utility

ToshibaRegistration

TouchPad On/Off Utility

TurboTax 2009

TurboTax 2009 WinPerFedFormset

TurboTax 2009 WinPerReleaseEngine

TurboTax 2009 WinPerTaxSupport

TurboTax 2009 wrapper

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Windows Internet Explorer 8 (KB971180)

Update for Windows Internet Explorer 8 (KB971930)

Update for Windows Internet Explorer 8 (KB975364)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Internet Explorer 8 (KB976749)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB971029)

Utility Common Driver

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

WebFldrs XP

Winamp

Winamp Detector Plug-in

Windows Internet Explorer 8

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mail

Windows Live Messenger

Windows Live Photo Gallery

Windows Live Sign-in Assistant

Windows Live Sync

Windows Live Upload Tool

Windows Live Writer

Windows Media Format Runtime

Windows Media Player 10

Xvid MPEG-4 Video Codec

Yahoo! Messenger

Yahoo! Software Update

.

==== Event Viewer Messages From Past Week ========

.

12/7/2011 1:08:36 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.

12/5/2011 5:41:35 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: atapi PCIIde

12/5/2011 5:41:10 PM, error: Print [23] - Printer Send To OneNote 2007 failed to initialize because a suitable Send To Microsoft OneNote Driver driver could not be found.

12/3/2011 7:22:08 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Dnscache service.

12/2/2011 4:36:48 PM, error: ACPIEC [1] - \Device\ACPIEC: The embedded controller (EC) hardware didn't respond within the timeout period. This may indicate an error in the EC hardware or firmware, or possibly a poorly designed BIOS which accesses the EC in an unsafe manner. The EC driver will retry the failed transaction if possible.

.

==== End Of File ===========================

Link to post
Share on other sites

  • 2 weeks later...
  • 1 month later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.