Redirecting Virus

Snuggles · February 1, 2011

I have been having problems with web searches redirecting me to other sites. First it started on my laptop(wireless) and now it's on my desktop(wired). Malwarebytes is below the DDS. These are all reports on my desktop - I don't use my laptop anymore.

Thank you for your help!

Here is the DDS:

DDS (Ver_10-12-12.02) - NTFSx86

Run by k at 15:58:25.05 on Tue 02/01/2011

Internet Explorer: 8.0.6001.18999

Microsoft

ark.zip

Attach.zip

negster22 · February 2, 2011

Hi and Welcome!

First, disable Spybot's TeaTimer or any fixes we make will be reversed. This is a two step process.

First:

- Right click Spybot in the System Tray (looks like a calendar with a padlock symbol)

- Choose Exit Spybot S&D Resident

Second:

- Open Spybot S&D

- Click Mode, check Advanced Mode

- Go To Left Panel, Click Tools, then also in left panel, click Resident

Uncheck the following:Resident "TeaTimer" (Protection of over-all system settings) Active.

Keep Teatimer OFF until we are completely finished with your clean-up!!!

Download TFC to your desktop

http://oldtimer.geekstogo.com/TFC.exe

Close any open windows.
Double click the TFC icon to run the program
TFC will close all open programs itself in order to run,
Click the Start button to begin the process.
Allow TFC to run uninterrupted.
The program should not take long to finish it's job
Once its finished it should automatically reboot your machine,
if it doesn't, manually reboot to ensure a complete clean

It's normal after running TFC cleaner that the PC will be slower to boot the first time.

Some background information on what we're planning to do can be found HERE

Please read carefully and follow these steps.

Download TDSSKiller and save it to your Desktop.
Extract its contents to your desktop.
Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

===========

Download OTL and save it on your desktop:

http://oldtimer.geekstogo.com/OTL.exe

Close all open windows on the Task Bar. Click the OTL icon (for Vista or Win 7, right click the icon and Run as Administrator) to start the program.
In the lower right corner of the Top Panel, checkmark "LOP Check" and checkmark "Purity Check".
Now click Run Scan at Top left and let the program run uninterrupted. The scan may take 5-10 minutes.
Do NOT touch your keyboard until the scan is done!!
It will produce two (2) logs on your desktop, one will pop up called OTL.txt; the other will be named Extras.txt.
Copy/Paste OTL.txt and attach Extras.txt into your next reply,
Exit OTL by clicking the X at top right.

Please Copy/Paste the following logs into your next reply:

1. TDSSKiller

2. OTL

Snuggles · February 2, 2011

Thank you for your help!

TDSS

2011/02/02 08:00:32.0109 4072 TDSS rootkit removing tool 2.4.16.0 Feb 1 2011 10:34:03

2011/02/02 08:00:32.0306 4072 ================================================================================

2011/02/02 08:00:32.0306 4072 SystemInfo:

2011/02/02 08:00:32.0306 4072

2011/02/02 08:00:32.0307 4072 OS Version: 6.0.6002 ServicePack: 2.0

2011/02/02 08:00:32.0307 4072 Product type: Workstation

2011/02/02 08:00:32.0307 4072 ComputerName: PC-3

2011/02/02 08:00:32.0307 4072 UserName: k

2011/02/02 08:00:32.0308 4072 Windows directory: C:\Windows

2011/02/02 08:00:32.0308 4072 System windows directory: C:\Windows

2011/02/02 08:00:32.0308 4072 Processor architecture: Intel x86

2011/02/02 08:00:32.0308 4072 Number of processors: 1

2011/02/02 08:00:32.0308 4072 Page size: 0x1000

2011/02/02 08:00:32.0308 4072 Boot type: Normal boot

2011/02/02 08:00:32.0308 4072 ================================================================================

2011/02/02 08:00:33.0161 4072 Initialize success

2011/02/02 08:00:34.0685 0156 ================================================================================

2011/02/02 08:00:34.0686 0156 Scan started

2011/02/02 08:00:34.0686 0156 Mode: Manual;

2011/02/02 08:00:34.0686 0156 ================================================================================

2011/02/02 08:00:36.0179 0156 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

2011/02/02 08:00:36.0420 0156 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

2011/02/02 08:00:36.0574 0156 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

2011/02/02 08:00:36.0784 0156 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

2011/02/02 08:00:36.0872 0156 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

2011/02/02 08:00:36.0971 0156 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys

2011/02/02 08:00:37.0028 0156 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\DRIVERS\agp440.sys

2011/02/02 08:00:37.0084 0156 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

2011/02/02 08:00:37.0134 0156 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys

2011/02/02 08:00:37.0190 0156 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

2011/02/02 08:00:37.0236 0156 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys

2011/02/02 08:00:37.0296 0156 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

2011/02/02 08:00:37.0335 0156 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys

2011/02/02 08:00:37.0447 0156 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

2011/02/02 08:00:37.0490 0156 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

2011/02/02 08:00:37.0544 0156 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

2011/02/02 08:00:37.0599 0156 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

2011/02/02 08:00:37.0704 0156 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

2011/02/02 08:00:38.0030 0156 BHDrvx86 (83a2fec59a0a0fc73bf6598e901b2fbd) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20110114.001\BHDrvx86.sys

2011/02/02 08:00:38.0140 0156 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

2011/02/02 08:00:38.0227 0156 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys

2011/02/02 08:00:38.0313 0156 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

2011/02/02 08:00:38.0346 0156 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

2011/02/02 08:00:38.0411 0156 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

2011/02/02 08:00:38.0463 0156 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

2011/02/02 08:00:38.0521 0156 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

2011/02/02 08:00:38.0554 0156 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

2011/02/02 08:00:38.0596 0156 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

2011/02/02 08:00:38.0892 0156 ccHP (e941e709847fa00e0dd6d58d2b8fb5e1) C:\Windows\system32\drivers\N360\0403000.005\ccHPx86.sys

2011/02/02 08:00:39.0046 0156 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

2011/02/02 08:00:39.0159 0156 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

2011/02/02 08:00:39.0216 0156 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys

2011/02/02 08:00:39.0283 0156 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

2011/02/02 08:00:39.0350 0156 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys

2011/02/02 08:00:39.0386 0156 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys

2011/02/02 08:00:39.0451 0156 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys

2011/02/02 08:00:39.0496 0156 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys

2011/02/02 08:00:39.0583 0156 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\Windows\system32\drivers\csc.sys

2011/02/02 08:00:39.0695 0156 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys

2011/02/02 08:00:39.0948 0156 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

2011/02/02 08:00:40.0183 0156 dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys

2011/02/02 08:00:40.0391 0156 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys

2011/02/02 08:00:40.0488 0156 Dot4Scan (a84d8a9006b1ae515cc7b6b3586c295a) C:\Windows\system32\DRIVERS\Dot4Scan.sys

2011/02/02 08:00:40.0610 0156 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys

2011/02/02 08:00:41.0224 0156 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

2011/02/02 08:00:41.0413 0156 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys

2011/02/02 08:00:41.0580 0156 E100B (d00eeae1cacd77a1a8396bbc19140bba) C:\Windows\system32\DRIVERS\e100b325.sys

2011/02/02 08:00:41.0655 0156 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys

2011/02/02 08:00:41.0770 0156 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

2011/02/02 08:00:41.0881 0156 eeCtrl (089296aedb9b72b4916ac959752bdc89) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

2011/02/02 08:00:42.0133 0156 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys

2011/02/02 08:00:42.0259 0156 EraserUtilRebootDrv (850259334652d392e33ee3412562e583) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

2011/02/02 08:00:42.0446 0156 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys

2011/02/02 08:00:42.0693 0156 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

2011/02/02 08:00:42.0941 0156 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

2011/02/02 08:00:43.0190 0156 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys

2011/02/02 08:00:43.0307 0156 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

2011/02/02 08:00:43.0355 0156 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

2011/02/02 08:00:43.0409 0156 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

2011/02/02 08:00:43.0493 0156 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

2011/02/02 08:00:43.0566 0156 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

2011/02/02 08:00:43.0622 0156 fvevol (fecf4c2e42440a8d132bf94eee3c3fc9) C:\Windows\system32\DRIVERS\fvevol.sys

2011/02/02 08:00:43.0667 0156 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys

2011/02/02 08:00:43.0725 0156 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

2011/02/02 08:00:43.0826 0156 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\drivers\hdaudbus.sys

2011/02/02 08:00:43.0883 0156 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

2011/02/02 08:00:43.0971 0156 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

2011/02/02 08:00:44.0060 0156 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

2011/02/02 08:00:44.0133 0156 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys

2011/02/02 08:00:44.0237 0156 HSFHWBS2 (1dc3a578929ede805f33b67b391f7aa4) C:\Windows\system32\DRIVERS\HSFHWBS2.sys

2011/02/02 08:00:44.0449 0156 HSF_DPV (6cad234becf58529879b6c303f02777f) C:\Windows\system32\DRIVERS\HSF_DPV.sys

2011/02/02 08:00:44.0653 0156 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

2011/02/02 08:00:44.0802 0156 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys

2011/02/02 08:00:44.0882 0156 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

2011/02/02 08:00:45.0003 0156 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys

2011/02/02 08:00:45.0380 0156 IDSVix86 (33ca0e61eab15d439a1f592ddc020712) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20110131.001\IDSvix86.sys

2011/02/02 08:00:45.0516 0156 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

2011/02/02 08:00:45.0621 0156 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

2011/02/02 08:00:45.0813 0156 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

2011/02/02 08:00:46.0029 0156 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

2011/02/02 08:00:46.0298 0156 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys

2011/02/02 08:00:46.0390 0156 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

2011/02/02 08:00:46.0697 0156 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

2011/02/02 08:00:46.0834 0156 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys

2011/02/02 08:00:46.0965 0156 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

2011/02/02 08:00:47.0179 0156 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

2011/02/02 08:00:47.0272 0156 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

2011/02/02 08:00:47.0346 0156 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

2011/02/02 08:00:47.0452 0156 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys

2011/02/02 08:00:47.0580 0156 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys

2011/02/02 08:00:47.0862 0156 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

2011/02/02 08:00:48.0307 0156 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys

2011/02/02 08:00:48.0410 0156 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys

2011/02/02 08:00:48.0489 0156 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys

2011/02/02 08:00:48.0549 0156 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

2011/02/02 08:00:48.0627 0156 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys

2011/02/02 08:00:48.0719 0156 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys

2011/02/02 08:00:48.0987 0156 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

2011/02/02 08:00:49.0164 0156 MODEMCSA (cbb59c41f19efea1a000793e08070a62) C:\Windows\system32\drivers\MODEMCSA.sys

2011/02/02 08:00:49.0346 0156 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

2011/02/02 08:00:49.0442 0156 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

2011/02/02 08:00:49.0549 0156 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

2011/02/02 08:00:49.0617 0156 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

2011/02/02 08:00:49.0680 0156 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys

2011/02/02 08:00:49.0752 0156 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

2011/02/02 08:00:49.0859 0156 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

2011/02/02 08:00:49.0965 0156 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

2011/02/02 08:00:50.0173 0156 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys

2011/02/02 08:00:50.0313 0156 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys

2011/02/02 08:00:50.0394 0156 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys

2011/02/02 08:00:50.0539 0156 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys

2011/02/02 08:00:50.0598 0156 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys

2011/02/02 08:00:50.0750 0156 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

2011/02/02 08:00:50.0803 0156 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

2011/02/02 08:00:50.0903 0156 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

2011/02/02 08:00:50.0979 0156 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

2011/02/02 08:00:51.0041 0156 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

2011/02/02 08:00:51.0178 0156 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

2011/02/02 08:00:51.0382 0156 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

2011/02/02 08:00:51.0520 0156 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

2011/02/02 08:00:51.0612 0156 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

2011/02/02 08:00:51.0745 0156 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

2011/02/02 08:00:51.0997 0156 NAVENG (c8ef74e4d8105b1d02d58ea4734cf616) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110201.003\NAVENG.SYS

2011/02/02 08:00:52.0336 0156 NAVEX15 (94b3164055d821a62944d9fe84036470) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110201.003\NAVEX15.SYS

2011/02/02 08:00:52.0613 0156 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

2011/02/02 08:00:52.0695 0156 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

2011/02/02 08:00:52.0798 0156 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

2011/02/02 08:00:52.0875 0156 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

2011/02/02 08:00:52.0954 0156 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

2011/02/02 08:00:53.0020 0156 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

2011/02/02 08:00:53.0113 0156 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

2011/02/02 08:00:53.0346 0156 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

2011/02/02 08:00:53.0456 0156 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

2011/02/02 08:00:53.0633 0156 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

2011/02/02 08:00:53.0979 0156 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

2011/02/02 08:00:54.0138 0156 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

2011/02/02 08:00:54.0318 0156 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

2011/02/02 08:00:55.0027 0156 nvlddmkm (73a70f1d89c942eedd99a3f10459b051) C:\Windows\system32\DRIVERS\nvlddmkm.sys

2011/02/02 08:00:55.0387 0156 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys

2011/02/02 08:00:55.0484 0156 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys

2011/02/02 08:00:55.0596 0156 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys

2011/02/02 08:00:55.0812 0156 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys

2011/02/02 08:00:56.0004 0156 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys

2011/02/02 08:00:56.0089 0156 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys

2011/02/02 08:00:56.0150 0156 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys

2011/02/02 08:00:56.0247 0156 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

2011/02/02 08:00:56.0353 0156 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys

2011/02/02 08:00:56.0450 0156 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

2011/02/02 08:00:56.0567 0156 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

2011/02/02 08:00:56.0809 0156 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

2011/02/02 08:00:56.0883 0156 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys

2011/02/02 08:00:56.0992 0156 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

2011/02/02 08:00:57.0086 0156 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys

2011/02/02 08:00:57.0299 0156 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys

2011/02/02 08:00:57.0484 0156 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

2011/02/02 08:00:57.0608 0156 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

2011/02/02 08:00:57.0696 0156 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

2011/02/02 08:00:57.0784 0156 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

2011/02/02 08:00:57.0895 0156 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

2011/02/02 08:00:57.0977 0156 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

2011/02/02 08:00:58.0107 0156 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

2011/02/02 08:00:58.0268 0156 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

2011/02/02 08:00:58.0473 0156 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\DRIVERS\rdpdr.sys

2011/02/02 08:00:58.0658 0156 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

2011/02/02 08:00:58.0801 0156 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys

2011/02/02 08:00:58.0978 0156 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

2011/02/02 08:00:59.0129 0156 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

2011/02/02 08:00:59.0284 0156 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

2011/02/02 08:00:59.0390 0156 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys

2011/02/02 08:00:59.0471 0156 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys

2011/02/02 08:00:59.0535 0156 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

2011/02/02 08:00:59.0671 0156 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys

2011/02/02 08:00:59.0740 0156 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys

2011/02/02 08:00:59.0818 0156 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys

2011/02/02 08:00:59.0908 0156 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

2011/02/02 08:01:00.0013 0156 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys

2011/02/02 08:01:00.0100 0156 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys

2011/02/02 08:01:00.0170 0156 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys

2011/02/02 08:01:00.0293 0156 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

2011/02/02 08:01:00.0476 0156 smwdm (1319ea66a96250d59665d133c0ff7cd0) C:\Windows\system32\drivers\smwdm.sys

2011/02/02 08:01:00.0549 0156 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

2011/02/02 08:01:00.0669 0156 SRTSP (ec5c3c6260f4019b03dfaa03ec8cbf6a) C:\Windows\System32\Drivers\N360\0403000.005\SRTSP.SYS

2011/02/02 08:01:00.0772 0156 SRTSPX (55d5c37ed41231e3ac2063d16df50840) C:\Windows\system32\drivers\N360\0403000.005\SRTSPX.SYS

2011/02/02 08:01:00.0857 0156 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys

2011/02/02 08:01:00.0914 0156 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys

2011/02/02 08:01:01.0015 0156 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys

2011/02/02 08:01:01.0159 0156 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

2011/02/02 08:01:01.0250 0156 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

2011/02/02 08:01:01.0399 0156 SymDS (56890bf9d9204b93042089d4b45ae671) C:\Windows\system32\drivers\N360\0403000.005\SYMDS.SYS

2011/02/02 08:01:01.0644 0156 SymEFA (1c91df5188150510a6f0cf78f7d94b69) C:\Windows\system32\drivers\N360\0403000.005\SYMEFA.SYS

2011/02/02 08:01:01.0826 0156 SymEvent (961b48b86f94d4cc8ceb483f8aa89374) C:\Windows\system32\Drivers\SYMEVENT.SYS

2011/02/02 08:01:02.0316 0156 SymIRON (dc80fbf0a348e54853ef82eed4e11e35) C:\Windows\system32\drivers\N360\0403000.005\Ironx86.SYS

2011/02/02 08:01:02.0901 0156 SYMTDIv (bf610335eda8d9026e45b4ac73d0de58) C:\Windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS

2011/02/02 08:01:03.0356 0156 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

2011/02/02 08:01:03.0485 0156 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

2011/02/02 08:01:03.0864 0156 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys

2011/02/02 08:01:04.0312 0156 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys

2011/02/02 08:01:04.0797 0156 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys

2011/02/02 08:01:04.0984 0156 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

2011/02/02 08:01:05.0164 0156 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

2011/02/02 08:01:05.0251 0156 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

2011/02/02 08:01:05.0378 0156 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

2011/02/02 08:01:05.0672 0156 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

2011/02/02 08:01:05.0788 0156 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

2011/02/02 08:01:05.0845 0156 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys

2011/02/02 08:01:05.0913 0156 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys

2011/02/02 08:01:06.0008 0156 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

2011/02/02 08:01:06.0212 0156 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys

2011/02/02 08:01:06.0321 0156 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys

2011/02/02 08:01:06.0389 0156 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

2011/02/02 08:01:06.0814 0156 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

2011/02/02 08:01:07.0091 0156 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

2011/02/02 08:01:07.0607 0156 UMPass (88bd96a1baeed33ee8bdf9499c07a841) C:\Windows\system32\DRIVERS\umpass.sys

2011/02/02 08:01:08.0015 0156 usbccgp (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\drivers\usbccgp.sys

2011/02/02 08:01:08.0214 0156 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

2011/02/02 08:01:08.0358 0156 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

2011/02/02 08:01:08.0511 0156 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

2011/02/02 08:01:08.0621 0156 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

2011/02/02 08:01:08.0694 0156 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys

2011/02/02 08:01:08.0832 0156 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

2011/02/02 08:01:08.0884 0156 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

2011/02/02 08:01:08.0976 0156 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

2011/02/02 08:01:09.0036 0156 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

2011/02/02 08:01:09.0113 0156 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys

2011/02/02 08:01:09.0175 0156 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys

2011/02/02 08:01:09.0398 0156 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys

2011/02/02 08:01:09.0508 0156 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

2011/02/02 08:01:09.0581 0156 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

2011/02/02 08:01:09.0665 0156 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

2011/02/02 08:01:09.0791 0156 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys

2011/02/02 08:01:09.0907 0156 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

2011/02/02 08:01:09.0973 0156 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

2011/02/02 08:01:10.0014 0156 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

2011/02/02 08:01:10.0139 0156 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

2011/02/02 08:01:10.0236 0156 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

2011/02/02 08:01:10.0543 0156 winachsf (ab7646d4cb9bb83d29d21ef7e00a0d15) C:\Windows\system32\DRIVERS\HSF_CNXT.sys

2011/02/02 08:01:10.0841 0156 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys

2011/02/02 08:01:11.0023 0156 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

2011/02/02 08:01:11.0158 0156 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

2011/02/02 08:01:11.0767 0156 ================================================================================

2011/02/02 08:01:11.0767 0156 Scan finished

2011/02/02 08:01:11.0767 0156 ================================================================================

OTL

OTL logfile created on: 2/2/2011 8:04:43 AM - Run 1

OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\k\Desktop

Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18999)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 71.00% Memory free

4.00 Gb Paging File | 4.00 Gb Available in Paging File | 83.00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 298.08 Gb Total Space | 153.58 Gb Free Space | 51.52% Space Free | Partition Type: NTFS

Drive D: | 624.86 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Drive E: | 232.88 Gb Total Space | 116.45 Gb Free Space | 50.00% Space Free | Partition Type: NTFS

Computer Name: PC-3 | User Name: k | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/02/02 08:02:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\k\Desktop\OTL.exe

PRC - [2011/01/07 21:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

PRC - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccsvchst.exe

PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

PRC - [2008/01/20 21:21:41 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe

========== Modules (SafeList) ==========

MOD - [2011/02/02 08:02:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\k\Desktop\OTL.exe

MOD - [2011/01/23 00:29:20 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c

2\msvcr90.dll

MOD - [2011/01/23 00:29:20 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c

2\msvcp90.dll

MOD - [2010/09/20 14:26:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\asoehook.dll

MOD - [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [unknown | Running] -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe -- (N360)

SRV - [2009/09/24 20:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)

SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)

SRV - [2008/01/20 21:21:41 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - [2011/01/22 21:13:45 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110201.003\NAVEX15.SYS -- (NAVEX15)

DRV - [2011/01/22 21:13:45 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110201.003\NAVENG.SYS -- (NAVENG)

DRV - [2011/01/07 22:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2011/01/02 12:18:57 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)

DRV - [2011/01/01 01:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)

DRV - [2011/01/01 01:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)

DRV - [2010/12/01 01:03:34 | 000,353,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20110131.001\IDSvix86.sys -- (IDSVix86)

DRV - [2010/11/23 03:34:08 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20110114.001\BHDrvx86.sys -- (BHDrvx86)

DRV - [2010/05/05 23:01:59 | 000,339,504 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS -- (SYMTDIv)

DRV - [2010/04/29 00:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\Ironx86.SYS -- (SymIRON)

DRV - [2010/04/21 22:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMEFA.SYS -- (SymEFA)

DRV - [2010/04/21 21:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\Drivers\N360\0403000.005\SRTSP.SYS -- (SRTSP)

DRV - [2010/04/21 21:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)

DRV - [2010/02/25 19:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\ccHPx86.sys -- (ccHP)

DRV - [2010/02/03 20:40:47 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMDS.SYS -- (SymDS)

DRV - [2008/01/20 21:21:57 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\umpass.sys -- (UMPass)

DRV - [2008/01/20 21:21:35 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)

DRV - [2008/01/20 21:21:35 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)

DRV - [2008/01/20 21:21:35 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)

DRV - [2008/01/20 21:21:34 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)

DRV - [2008/01/20 21:21:34 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)

DRV - [2008/01/20 21:21:34 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)

DRV - [2008/01/20 21:21:33 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)

DRV - [2008/01/20 21:21:33 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)

DRV - [2008/01/20 21:21:33 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®

DRV - [2008/01/20 21:21:33 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)

DRV - [2008/01/20 21:21:32 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)

DRV - [2008/01/20 21:21:32 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)

DRV - [2008/01/20 21:21:32 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)

DRV - [2008/01/20 21:21:31 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)

DRV - [2008/01/20 21:21:31 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)

DRV - [2008/01/20 21:21:31 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)

DRV - [2008/01/20 21:21:31 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)

DRV - [2008/01/20 21:21:30 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)

DRV - [2008/01/20 21:21:29 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)

DRV - [2008/01/20 21:21:29 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)

DRV - [2008/01/20 21:21:29 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)

DRV - [2008/01/20 21:21:28 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)

DRV - [2008/01/20 21:21:09 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)

DRV - [2008/01/20 21:21:09 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)

DRV - [2008/01/20 21:21:09 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)

DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)

DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)

DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)

DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)

DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)

DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)

DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)

DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)

DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)

DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)

DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)

DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)

DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)

DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)

DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)

DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)

DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)

DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)

DRV - [2005/05/23 10:31:46 | 001,034,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSF_DPV.sys -- (HSF_DPV)

DRV - [2005/05/23 10:30:50 | 000,229,376 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSFHWBS2.sys -- (HSFHWBS2)

DRV - [2005/05/23 10:30:42 | 000,716,288 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSF_CNXT.sys -- (winachsf)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?st=1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn\ [2011/01/02 17:08:24 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn\ [2011/01/02 12:20:57 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/01/04 12:54:56 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/01/04 12:54:56 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2004/08/04 07:00:00 | 000,000,734 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)

O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O13 - gopher Prefix: missing

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownlo...sreqlab_nvd.cab (System Requirements Lab Class)

O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s...ri_4.4.13.0.cab (SysInfo Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.109.67.27 213.109.72.22 1.1.1.1

O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\k\Desktop\Backgrounds\1270970427796.jpg

O24 - Desktop BackupWallPaper: C:\Users\k\Desktop\Backgrounds\1270970427796.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2011/01/28 18:19:45 | 000,000,073 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2005/03/30 01:39:08 | 000,000,048 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]

O32 - AutoRun File - [2008/12/15 04:52:18 | 000,000,080 | ---- | M] () - E:\Autorun.inf -- [ NTFS ]

O33 - MountPoints2\{1658d404-1698-11e0-bc6f-0007e942b8b6}\Shell\AutoRun\command - "" = E:\wdsync.exe

O33 - MountPoints2\{65633d81-f8ad-11df-938d-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{65633d81-f8ad-11df-938d-806e6f6e6963}\Shell\AutoRun\command - "" = D:\DATA\STUBSTUB.EXE -- [2005/04/01 07:16:07 | 000,010,240 | R--- | M] (ArenaNet)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/02 08:02:14 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\k\Desktop\OTL.exe

[2011/02/02 07:53:59 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\k\Desktop\TFC.exe

[2011/02/02 07:50:10 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{D76FD82B-FA59-4188-A2DF-67042DC86ADC}

[2011/02/01 14:44:56 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{510AE91C-6DCD-4999-804F-AECDE2D6293E}

[2011/02/01 14:21:09 | 001,360,472 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\k\Desktop\TDSSKiller.exe

[2011/02/01 02:44:43 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{2974EE54-CBF8-4F6E-8C9E-945FAE5FE2F7}

[2011/01/31 14:44:30 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{0471B5EB-7174-421A-BB05-C9B8E57CF681}

[2011/01/31 02:44:17 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{E920A6F0-F7E2-4463-A4B0-4494531F6CAC}

[2011/01/30 14:44:05 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{B013FC51-886C-4C59-9ABF-F426869744B8}

[2011/01/30 07:40:10 | 000,000,000 | ---D | C] -- C:\Users\k\Documents\Guild Wars

[2011/01/30 07:38:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars

[2011/01/30 02:43:53 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{8A307458-C42C-49FB-A4F8-98C7F99690BB}

[2011/01/29 04:51:54 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{F4334F42-857D-4CFA-9298-3C50DCC1C73C}

[2011/01/28 18:19:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ti 83

[2011/01/28 18:19:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TI Shared

[2011/01/28 18:19:41 | 000,000,000 | ---D | C] -- C:\Program Files\TI Education

[2011/01/28 16:51:32 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{708C86DE-44D4-43DC-96EB-6D1651636844}

[2011/01/27 16:09:32 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{03784383-AB5F-4EC4-AF82-B379CA02A81F}

[2011/01/26 20:56:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx

[2011/01/26 20:56:10 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Essentials Codec Pack

[2011/01/26 20:56:10 | 000,000,000 | ---D | C] -- C:\Program Files\Essentials Codec Pack

[2011/01/26 13:28:35 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{EC8463CE-7AAC-49FA-95AD-53A7669321BA}

[2011/01/26 01:28:25 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{0535FC7E-42EC-40C3-8000-1E8DD30778EF}

[2011/01/26 01:28:03 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{341056B5-BFBD-4AC9-B7B8-BFDA250A50E5}

[2011/01/25 13:28:13 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{9B1B80AC-FA57-43A5-96CA-6184033112F6}

[2011/01/25 01:26:01 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{CA8B584A-DD0C-417F-9394-951BA995FAE7}

[2011/01/24 23:03:05 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\WinRAR

[2011/01/24 23:02:21 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR

[2011/01/24 13:25:49 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{17919AB4-9A84-4500-A2C9-9D9433FA99AF}

[2011/01/24 01:37:42 | 000,000,000 | ---D | C] -- C:\Users\k\Documents\My Received Files

[2011/01/24 01:25:39 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{81BF7F96-C8CC-4242-A042-E2D6164A558F}

[2011/01/23 12:38:31 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{60DF154A-B22B-4E45-B4C1-39553FA69344}

[2011/01/23 06:18:24 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\PeerNetworking

[2011/01/23 05:33:22 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\MCE Logs

[2011/01/23 02:49:24 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\Malwarebytes

[2011/01/23 02:49:16 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2011/01/23 02:49:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011/01/23 02:49:11 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2011/01/23 02:49:11 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2011/01/23 01:58:56 | 000,000,000 | ---D | C] -- C:\Users\k\Desktop\Backgrounds

[2011/01/23 01:01:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy

[2011/01/23 01:00:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy

[2011/01/23 01:00:51 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy

[2011/01/23 00:44:13 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\Media Player Classic

[2011/01/23 00:38:21 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{40A4D48A-F70B-438C-A802-BDB83E587D66}

[2011/01/23 00:38:01 | 000,000,000 | ---D | C] -- C:\Users\k\Tracing

[2011/01/23 00:28:12 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live

[2011/01/23 00:25:57 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\Windows Live

[2011/01/23 00:25:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live

[2011/01/23 00:17:58 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA

[2011/01/23 00:15:47 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation

[2011/01/23 00:14:21 | 015,047,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll

[2011/01/23 00:14:21 | 010,467,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys

[2011/01/23 00:14:21 | 000,941,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322090.dll

[2011/01/23 00:14:21 | 000,837,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322040.dll

[2011/01/23 00:14:21 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll

[2011/01/23 00:14:20 | 004,941,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll

[2011/01/23 00:14:20 | 002,895,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll

[2011/01/23 00:14:20 | 002,251,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll

[2011/01/23 00:14:19 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll

[2011/01/23 00:14:19 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd

[2011/01/23 00:13:35 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation

[2011/01/23 00:12:30 | 000,000,000 | ---D | C] -- C:\NVIDIA

[2011/01/22 22:00:50 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\LolClient

[2011/01/22 21:44:48 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll

[2011/01/22 21:43:53 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab

[2011/01/22 21:23:34 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe

[2011/01/22 21:21:14 | 000,000,000 | ---D | C] -- C:\Users\k\Desktop\New Folder (2)

[2011/01/14 09:04:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ahead Nero

[2011/01/14 09:04:03 | 000,000,000 | ---D | C] -- C:\Program Files\Ahead

[2011/01/14 09:03:53 | 000,254,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmclien.dll

[2011/01/14 09:02:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield

[2011/01/07 21:06:44 | 000,580,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\easyUpdatusAPIU.dll

[2011/01/07 21:06:34 | 003,597,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll

[2011/01/07 21:06:14 | 002,620,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll

[2011/01/07 21:06:02 | 000,111,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll

[2011/01/07 21:06:02 | 000,066,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll

[2011/01/04 12:54:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter

[2011/01/04 12:54:27 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AC3Filter

[2011/01/04 12:54:25 | 000,000,000 | ---D | C] -- C:\Program Files\AC3Filter

[2011/01/04 12:53:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus

[2011/01/04 11:16:39 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\CrashDumps

========== Files - Modified Within 30 Days ==========

[2011/02/02 08:03:44 | 000,607,168 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011/02/02 08:03:44 | 000,104,808 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011/02/02 08:02:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\k\Desktop\OTL.exe

[2011/02/02 07:59:43 | 000,002,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2011/02/02 07:59:43 | 000,002,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2011/02/02 07:59:27 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/02/02 07:59:22 | 000,000,250 | ---- | M] () -- C:\Windows\tasks\WGASetup.job

[2011/02/02 07:58:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/02/02 07:58:43 | 2146,230,272 | -HS- | M] () -- C:\hiberfil.sys

[2011/02/02 07:53:54 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\k\Desktop\TFC.exe

[2011/02/01 19:36:12 | 004,263,406 | ---- | M] () -- C:\Users\k\Desktop\Combo-Fix.exe

[2011/02/01 19:31:42 | 001,723,428 | ---- | M] () -- C:\Windows\System32\drivers\N360\0403000.005\Cat.DB

[2011/02/01 19:30:16 | 000,000,466 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for k.job

[2011/02/01 18:22:00 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011/02/01 16:58:39 | 000,002,131 | ---- | M] () -- C:\Users\k\Desktop\ark.zip

[2011/02/01 16:58:33 | 000,001,777 | ---- | M] () -- C:\Users\k\Desktop\Attach.zip

[2011/02/01 15:53:44 | 000,296,448 | ---- | M] () -- C:\Users\k\Desktop\gdpjer02.exe

[2011/02/01 15:53:26 | 000,624,128 | ---- | M] () -- C:\Users\k\Desktop\dds.scr

[2011/02/01 15:53:16 | 000,000,000 | ---- | M] () -- C:\Users\k\defogger_reenable

[2011/02/01 15:44:10 | 000,050,477 | ---- | M] () -- C:\Users\k\Desktop\Defogger.exe

[2011/02/01 15:26:15 | 000,028,160 | ---- | M] () -- C:\Users\k\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/02/01 10:36:10 | 001,360,472 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\k\Desktop\TDSSKiller.exe

[2011/02/01 09:39:32 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job

[2011/01/30 22:25:59 | 000,000,515 | ---- | M] () -- C:\Users\k\Desktop\Gw - Shortcut.lnk

[2011/01/28 18:19:45 | 000,000,073 | ---- | M] () -- C:\AUTOEXEC.BAT

[2011/01/28 18:19:44 | 000,002,098 | ---- | M] () -- C:\Users\Public\Desktop\TI-83 Plus Flash Debugger.lnk

[2011/01/24 23:59:16 | 000,000,162 | -H-- | M] () -- C:\Users\k\Desktop\~$M_2045L_FRAHN_SPRING_2011_THURSDAY_7.DOC

[2011/01/24 23:55:05 | 000,048,128 | ---- | M] () -- C:\Users\k\Desktop\CHM_2045L_FRAHN_SPRING_2011_THURSDAY_7.DOC

[2011/01/23 18:48:04 | 000,000,606 | ---- | M] () -- C:\Users\k\Desktop\lol.launcher - Shortcut.lnk

[2011/01/23 06:18:24 | 000,018,770 | ---- | M] () -- C:\Users\k\AppData\Roaming\UserTile.png

[2011/01/23 03:05:15 | 000,375,136 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2011/01/23 02:49:16 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/01/23 01:01:12 | 000,001,055 | ---- | M] () -- C:\Users\k\Desktop\Spybot - Search & Destroy.lnk

[2011/01/23 00:44:31 | 004,411,392 | ---- | M] (Gabest) -- C:\Users\k\Desktop\mplayerc.exe

[2011/01/22 22:50:23 | 000,000,290 | ---- | M] () -- C:\Users\k\Desktop\Expansion Drive (E) - Shortcut.lnk

[2011/01/22 22:35:48 | 000,001,356 | ---- | M] () -- C:\Users\k\AppData\Local\d3d9caps.dat

[2011/01/22 21:26:26 | 000,001,841 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2011/01/07 22:27:00 | 015,047,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll

[2011/01/07 22:27:00 | 013,011,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll

[2011/01/07 22:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys

[2011/01/07 22:27:00 | 010,078,312 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll

[2011/01/07 22:27:00 | 004,941,928 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll

[2011/01/07 22:27:00 | 002,895,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll

[2011/01/07 22:27:00 | 002,251,368 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll

[2011/01/07 22:27:00 | 001,965,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll

[2011/01/07 22:27:00 | 000,941,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322090.dll

[2011/01/07 22:27:00 | 000,837,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322040.dll

[2011/01/07 22:27:00 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll

[2011/01/07 22:27:00 | 000,010,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd

[2011/01/07 22:27:00 | 000,004,756 | ---- | M] () -- C:\Windows\System32\nvinfo.pb

[2011/01/07 21:06:44 | 000,580,200 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\easyUpdatusAPIU.dll

[2011/01/07 21:06:34 | 003,597,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll

[2011/01/07 21:06:14 | 002,620,520 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll

[2011/01/07 21:06:02 | 000,111,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll

[2011/01/07 21:06:02 | 000,066,664 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll

[2011/01/04 12:55:01 | 000,001,390 | ---- | M] () -- C:\Users\k\Desktop\DivX Movies.lnk

[2011/01/04 12:54:44 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk

[2011/01/04 12:53:57 | 000,000,957 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk

[2011/01/04 11:10:07 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk

========== Files Created - No Company Name ==========

[2011/02/01 19:36:22 | 004,263,406 | ---- | C] () -- C:\Users\k\Desktop\Combo-Fix.exe

[2011/02/01 16:58:39 | 000,002,131 | ---- | C] () -- C:\Users\k\Desktop\ark.zip

[2011/02/01 16:58:33 | 000,001,777 | ---- | C] () -- C:\Users\k\Desktop\Attach.zip

[2011/02/01 15:53:42 | 000,296,448 | ---- | C] () -- C:\Users\k\Desktop\gdpjer02.exe

[2011/02/01 15:53:23 | 000,624,128 | ---- | C] () -- C:\Users\k\Desktop\dds.scr

[2011/02/01 15:53:16 | 000,000,000 | ---- | C] () -- C:\Users\k\defogger_reenable

[2011/02/01 15:44:10 | 000,050,477 | ---- | C] () -- C:\Users\k\Desktop\Defogger.exe

[2011/01/30 22:26:04 | 000,000,515 | ---- | C] () -- C:\Users\k\Desktop\Gw - Shortcut.lnk

[2011/01/28 18:19:44 | 000,002,098 | ---- | C] () -- C:\Users\Public\Desktop\TI-83 Plus Flash Debugger.lnk

[2011/01/24 23:59:16 | 000,000,162 | -H-- | C] () -- C:\Users\k\Desktop\~$M_2045L_FRAHN_SPRING_2011_THURSDAY_7.DOC

[2011/01/24 23:55:05 | 000,048,128 | ---- | C] () -- C:\Users\k\Desktop\CHM_2045L_FRAHN_SPRING_2011_THURSDAY_7.DOC

[2011/01/24 22:22:38 | 000,000,408 | ---- | C] () -- C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job

[2011/01/23 18:48:08 | 000,000,606 | ---- | C] () -- C:\Users\k\Desktop\lol.launcher - Shortcut.lnk

[2011/01/23 06:18:24 | 000,018,770 | ---- | C] () -- C:\Users\k\AppData\Roaming\UserTile.png

[2011/01/23 02:49:16 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/01/23 01:01:12 | 000,001,055 | ---- | C] () -- C:\Users\k\Desktop\Spybot - Search & Destroy.lnk

[2011/01/23 00:32:25 | 000,002,025 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk

[2011/01/23 00:14:21 | 000,004,756 | ---- | C] () -- C:\Windows\System32\nvinfo.pb

[2011/01/22 22:50:23 | 000,000,290 | ---- | C] () -- C:\Users\k\Desktop\Expansion Drive (E) - Shortcut.lnk

[2011/01/22 22:37:13 | 2146,230,272 | -HS- | C] () -- C:\hiberfil.sys

[2011/01/04 12:55:01 | 000,001,390 | ---- | C] () -- C:\Users\k\Desktop\DivX Movies.lnk

[2011/01/04 12:54:44 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk

[2011/01/04 12:53:57 | 000,000,957 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk

[2011/01/04 11:10:07 | 000,002,129 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk

[2011/01/02 13:05:27 | 000,028,160 | ---- | C] () -- C:\Users\k\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/11/26 11:49:23 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2010/11/25 11:23:07 | 000,001,356 | ---- | C] () -- C:\Users\k\AppData\Local\d3d9caps.dat

[2010/11/07 14:58:39 | 000,004,161 | ---- | C] () -- C:\Windows\ODBCINST.INI

[2008/01/20 21:23:41 | 000,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en

[2006/11/02 07:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2011/01/02 15:56:14 | 000,000,000 | ---D | M] -- C:\Users\k\AppData\Roaming\Local

[2011/01/22 22:00:50 | 000,000,000 | ---D | M] -- C:\Users\k\AppData\Roaming\LolClient

[2010/11/25 11:12:42 | 000,000,000 | ---D | M] -- C:\Users\k\AppData\Roaming\MSNInstaller

[2011/01/23 06:18:24 | 000,000,000 | ---D | M] -- C:\Users\k\AppData\Roaming\PeerNetworking

[2011/01/02 16:54:09 | 000,000,000 | ---D | M] -- C:\Users\k\AppData\Roaming\Uniblue

[2008/01/20 21:54:58 | 000,003,456 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[2011/02/02 07:59:22 | 000,000,250 | ---- | M] () -- C:\Windows\Tasks\WGASetup.job

========== Purity Check ==========

< End of report >

Extras.Txt

negster22 · February 3, 2011

We're going to rerun OTL with a script as follows:

Disable the active protection component of your antivirus by following the directions that apply here:
http://www.bleepingcomputer.com/forums/topic114351.html
Close all open windows on the Task Bar. Click the OTL icon (for Vista or Win 7, right click the icon and Run as Administrator) to restart the OTL program.

Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
:File
C:\Users\k\AppData\Local\{D76FD82B-FA59-4188-A2DF-67042DC86ADC}
C:\Users\k\AppData\Local\{510AE91C-6DCD-4999-804F-AECDE2D6293E}
C:\Users\k\AppData\Local\{2974EE54-CBF8-4F6E-8C9E-945FAE5FE2F7}
C:\Users\k\AppData\Local\{0471B5EB-7174-421A-BB05-C9B8E57CF681}
C:\Users\k\AppData\Local\{E920A6F0-F7E2-4463-A4B0-4494531F6CAC}
C:\Users\k\AppData\Local\{B013FC51-886C-4C59-9ABF-F426869744B8}
C:\Users\k\AppData\Local\{8A307458-C42C-49FB-A4F8-98C7F99690BB}
C:\Users\k\AppData\Local\{F4334F42-857D-4CFA-9298-3C50DCC1C73C}
C:\Users\k\AppData\Local\{708C86DE-44D4-43DC-96EB-6D1651636844}
C:\Users\k\AppData\Local\{03784383-AB5F-4EC4-AF82-B379CA02A81F}
C:\Users\k\AppData\Local\{EC8463CE-7AAC-49FA-95AD-53A7669321BA}
C:\Users\k\AppData\Local\{0535FC7E-42EC-40C3-8000-1E8DD30778EF}
C:\Users\k\AppData\Local\{341056B5-BFBD-4AC9-B7B8-BFDA250A50E5}
C:\Users\k\AppData\Local\{9B1B80AC-FA57-43A5-96CA-6184033112F6}
C:\Users\k\AppData\Local\{CA8B584A-DD0C-417F-9394-951BA995FAE7}
C:\Users\k\AppData\Local\{17919AB4-9A84-4500-A2C9-9D9433FA99AF}
C:\Users\k\AppData\Local\{81BF7F96-C8CC-4242-A042-E2D6164A558F}
C:\Users\k\AppData\Local\{60DF154A-B22B-4E45-B4C1-39553FA69344}
:Commands
	  [purity]
	  [resethosts]
	  [emptytemp]
	  [emptyflash]
	  [createrestorepoint]
	  [reboot]

Now click Run Fix and let the program run uninterrupted.
It should reboot your PC when it is done, if it doesn't please reboot manually.
Copy/Paste OTL Log in your next reply

This entry in your log shows that you downloaded Combofix:

2011/02/01 19:36:12 | 004,263,406 | ---- | M] () -- C:\Users\k\Desktop\Combo-Fix.exe

Did you run it, and if you did I need to see this log:

C:\Combofix.txt

If there is more than one log, I'd like to see all of them copied and pasted into your topic.

If you connect through a router, it is very possible and probable that your router may be the source of your infection. Have you tried resetting it or connecting directly to your modem via an Ethernet cable (hard-wired) connection?

Snuggles · February 3, 2011

OTL logfile created on: 2/2/2011 9:14:23 PM - Run 2

OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\k\Desktop

Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18999)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 65.00% Memory free

4.00 Gb Paging File | 3.00 Gb Available in Paging File | 75.00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 298.08 Gb Total Space | 153.35 Gb Free Space | 51.45% Space Free | Partition Type: NTFS

Drive D: | 624.86 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Drive E: | 232.88 Gb Total Space | 116.45 Gb Free Space | 50.00% Space Free | Partition Type: NTFS

Computer Name: PC-3 | User Name: k | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/02/02 08:02:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\k\Desktop\OTL.exe

PRC - [2011/01/07 21:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

PRC - [2010/12/08 16:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe

PRC - [2010/11/10 01:13:30 | 000,025,456 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe

PRC - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccsvchst.exe

PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

PRC - [2008/01/20 21:21:41 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe

========== Modules (SafeList) ==========

MOD - [2011/02/02 08:02:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\k\Desktop\OTL.exe

MOD - [2011/01/23 00:29:20 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c

2\msvcr90.dll

MOD - [2011/01/23 00:29:20 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c

2\msvcp90.dll

MOD - [2010/09/20 14:26:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\asoehook.dll

MOD - [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [unknown | Running] -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe -- (N360)

SRV - [2009/09/24 20:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)

SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)

SRV - [2008/01/20 21:21:41 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - [2011/01/22 21:13:45 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110202.022\NAVEX15.SYS -- (NAVEX15)

DRV - [2011/01/22 21:13:45 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110202.022\NAVENG.SYS -- (NAVENG)

DRV - [2011/01/07 22:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2011/01/02 12:18:57 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)

DRV - [2011/01/01 01:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)

DRV - [2011/01/01 01:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)

DRV - [2010/12/01 01:03:34 | 000,353,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20110202.001\IDSvix86.sys -- (IDSVix86)

DRV - [2010/11/23 03:34:08 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20110114.001\BHDrvx86.sys -- (BHDrvx86)

DRV - [2010/05/05 23:01:59 | 000,339,504 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS -- (SYMTDIv)

DRV - [2010/04/29 00:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\Ironx86.SYS -- (SymIRON)

DRV - [2010/04/21 22:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMEFA.SYS -- (SymEFA)

DRV - [2010/04/21 21:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\Drivers\N360\0403000.005\SRTSP.SYS -- (SRTSP)