Jump to content

Redirecting Virus


Recommended Posts

I have been having problems with web searches redirecting me to other sites. First it started on my laptop(wireless) and now it's on my desktop(wired). Malwarebytes is below the DDS. These are all reports on my desktop - I don't use my laptop anymore.

Thank you for your help!

Here is the DDS:

DDS (Ver_10-12-12.02) - NTFSx86

Run by k at 15:58:25.05 on Tue 02/01/2011

Internet Explorer: 8.0.6001.18999

Microsoft

ark.zip

Attach.zip

Link to post
Share on other sites

Hi and Welcome!

First, disable Spybot's TeaTimer or any fixes we make will be reversed. This is a two step process.

First:

- Right click Spybot in the System Tray (looks like a calendar with a padlock symbol)

- Choose Exit Spybot S&D Resident

Second:

- Open Spybot S&D

- Click Mode, check Advanced Mode

- Go To Left Panel, Click Tools, then also in left panel, click Resident

Uncheck the following:Resident "TeaTimer" (Protection of over-all system settings) Active.

Keep Teatimer OFF until we are completely finished with your clean-up!!!

Download TFC to your desktop

http://oldtimer.geekstogo.com/TFC.exe

  • Close any open windows.
  • Double click the TFC icon to run the program
  • TFC will close all open programs itself in order to run,
  • Click the Start button to begin the process.
  • Allow TFC to run uninterrupted.
  • The program should not take long to finish it's job
  • Once its finished it should automatically reboot your machine,
  • if it doesn't, manually reboot to ensure a complete clean

It's normal after running TFC cleaner that the PC will be slower to boot the first time.

Some background information on what we're planning to do can be found HERE

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
    TDSSKillerSuspicious-1.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

===========

Download OTL and save it on your desktop:

http://oldtimer.geekstogo.com/OTL.exe

  • Close all open windows on the Task Bar. Click the OTL icon (for Vista or Win 7, right click the icon and Run as Administrator) to start the program.
  • In the lower right corner of the Top Panel, checkmark "LOP Check" and checkmark "Purity Check".
  • Now click Run Scan at Top left and let the program run uninterrupted. The scan may take 5-10 minutes.
  • Do NOT touch your keyboard until the scan is done!!
  • It will produce two (2) logs on your desktop, one will pop up called OTL.txt; the other will be named Extras.txt.
  • Copy/Paste OTL.txt and attach Extras.txt into your next reply,
  • Exit OTL by clicking the X at top right.

Please Copy/Paste the following logs into your next reply:

1. TDSSKiller

2. OTL

Link to post
Share on other sites

Thank you for your help!

TDSS

2011/02/02 08:00:32.0109 4072 TDSS rootkit removing tool 2.4.16.0 Feb 1 2011 10:34:03

2011/02/02 08:00:32.0306 4072 ================================================================================

2011/02/02 08:00:32.0306 4072 SystemInfo:

2011/02/02 08:00:32.0306 4072

2011/02/02 08:00:32.0307 4072 OS Version: 6.0.6002 ServicePack: 2.0

2011/02/02 08:00:32.0307 4072 Product type: Workstation

2011/02/02 08:00:32.0307 4072 ComputerName: PC-3

2011/02/02 08:00:32.0307 4072 UserName: k

2011/02/02 08:00:32.0308 4072 Windows directory: C:\Windows

2011/02/02 08:00:32.0308 4072 System windows directory: C:\Windows

2011/02/02 08:00:32.0308 4072 Processor architecture: Intel x86

2011/02/02 08:00:32.0308 4072 Number of processors: 1

2011/02/02 08:00:32.0308 4072 Page size: 0x1000

2011/02/02 08:00:32.0308 4072 Boot type: Normal boot

2011/02/02 08:00:32.0308 4072 ================================================================================

2011/02/02 08:00:33.0161 4072 Initialize success

2011/02/02 08:00:34.0685 0156 ================================================================================

2011/02/02 08:00:34.0686 0156 Scan started

2011/02/02 08:00:34.0686 0156 Mode: Manual;

2011/02/02 08:00:34.0686 0156 ================================================================================

2011/02/02 08:00:36.0179 0156 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

2011/02/02 08:00:36.0420 0156 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

2011/02/02 08:00:36.0574 0156 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

2011/02/02 08:00:36.0784 0156 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

2011/02/02 08:00:36.0872 0156 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

2011/02/02 08:00:36.0971 0156 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys

2011/02/02 08:00:37.0028 0156 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\DRIVERS\agp440.sys

2011/02/02 08:00:37.0084 0156 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

2011/02/02 08:00:37.0134 0156 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys

2011/02/02 08:00:37.0190 0156 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

2011/02/02 08:00:37.0236 0156 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys

2011/02/02 08:00:37.0296 0156 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

2011/02/02 08:00:37.0335 0156 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys

2011/02/02 08:00:37.0447 0156 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

2011/02/02 08:00:37.0490 0156 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

2011/02/02 08:00:37.0544 0156 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

2011/02/02 08:00:37.0599 0156 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

2011/02/02 08:00:37.0704 0156 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

2011/02/02 08:00:38.0030 0156 BHDrvx86 (83a2fec59a0a0fc73bf6598e901b2fbd) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20110114.001\BHDrvx86.sys

2011/02/02 08:00:38.0140 0156 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

2011/02/02 08:00:38.0227 0156 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys

2011/02/02 08:00:38.0313 0156 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

2011/02/02 08:00:38.0346 0156 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

2011/02/02 08:00:38.0411 0156 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

2011/02/02 08:00:38.0463 0156 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

2011/02/02 08:00:38.0521 0156 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

2011/02/02 08:00:38.0554 0156 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

2011/02/02 08:00:38.0596 0156 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

2011/02/02 08:00:38.0892 0156 ccHP (e941e709847fa00e0dd6d58d2b8fb5e1) C:\Windows\system32\drivers\N360\0403000.005\ccHPx86.sys

2011/02/02 08:00:39.0046 0156 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

2011/02/02 08:00:39.0159 0156 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

2011/02/02 08:00:39.0216 0156 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys

2011/02/02 08:00:39.0283 0156 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

2011/02/02 08:00:39.0350 0156 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys

2011/02/02 08:00:39.0386 0156 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys

2011/02/02 08:00:39.0451 0156 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys

2011/02/02 08:00:39.0496 0156 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys

2011/02/02 08:00:39.0583 0156 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\Windows\system32\drivers\csc.sys

2011/02/02 08:00:39.0695 0156 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys

2011/02/02 08:00:39.0948 0156 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

2011/02/02 08:00:40.0183 0156 dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys

2011/02/02 08:00:40.0391 0156 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys

2011/02/02 08:00:40.0488 0156 Dot4Scan (a84d8a9006b1ae515cc7b6b3586c295a) C:\Windows\system32\DRIVERS\Dot4Scan.sys

2011/02/02 08:00:40.0610 0156 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys

2011/02/02 08:00:41.0224 0156 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

2011/02/02 08:00:41.0413 0156 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys

2011/02/02 08:00:41.0580 0156 E100B (d00eeae1cacd77a1a8396bbc19140bba) C:\Windows\system32\DRIVERS\e100b325.sys

2011/02/02 08:00:41.0655 0156 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys

2011/02/02 08:00:41.0770 0156 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

2011/02/02 08:00:41.0881 0156 eeCtrl (089296aedb9b72b4916ac959752bdc89) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

2011/02/02 08:00:42.0133 0156 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys

2011/02/02 08:00:42.0259 0156 EraserUtilRebootDrv (850259334652d392e33ee3412562e583) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

2011/02/02 08:00:42.0446 0156 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys

2011/02/02 08:00:42.0693 0156 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

2011/02/02 08:00:42.0941 0156 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

2011/02/02 08:00:43.0190 0156 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys

2011/02/02 08:00:43.0307 0156 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

2011/02/02 08:00:43.0355 0156 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

2011/02/02 08:00:43.0409 0156 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

2011/02/02 08:00:43.0493 0156 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

2011/02/02 08:00:43.0566 0156 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

2011/02/02 08:00:43.0622 0156 fvevol (fecf4c2e42440a8d132bf94eee3c3fc9) C:\Windows\system32\DRIVERS\fvevol.sys

2011/02/02 08:00:43.0667 0156 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys

2011/02/02 08:00:43.0725 0156 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

2011/02/02 08:00:43.0826 0156 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\drivers\hdaudbus.sys

2011/02/02 08:00:43.0883 0156 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

2011/02/02 08:00:43.0971 0156 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

2011/02/02 08:00:44.0060 0156 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

2011/02/02 08:00:44.0133 0156 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys

2011/02/02 08:00:44.0237 0156 HSFHWBS2 (1dc3a578929ede805f33b67b391f7aa4) C:\Windows\system32\DRIVERS\HSFHWBS2.sys

2011/02/02 08:00:44.0449 0156 HSF_DPV (6cad234becf58529879b6c303f02777f) C:\Windows\system32\DRIVERS\HSF_DPV.sys

2011/02/02 08:00:44.0653 0156 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

2011/02/02 08:00:44.0802 0156 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys

2011/02/02 08:00:44.0882 0156 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

2011/02/02 08:00:45.0003 0156 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys

2011/02/02 08:00:45.0380 0156 IDSVix86 (33ca0e61eab15d439a1f592ddc020712) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20110131.001\IDSvix86.sys

2011/02/02 08:00:45.0516 0156 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

2011/02/02 08:00:45.0621 0156 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

2011/02/02 08:00:45.0813 0156 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

2011/02/02 08:00:46.0029 0156 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

2011/02/02 08:00:46.0298 0156 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys

2011/02/02 08:00:46.0390 0156 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

2011/02/02 08:00:46.0697 0156 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

2011/02/02 08:00:46.0834 0156 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys

2011/02/02 08:00:46.0965 0156 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

2011/02/02 08:00:47.0179 0156 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

2011/02/02 08:00:47.0272 0156 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

2011/02/02 08:00:47.0346 0156 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

2011/02/02 08:00:47.0452 0156 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys

2011/02/02 08:00:47.0580 0156 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys

2011/02/02 08:00:47.0862 0156 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

2011/02/02 08:00:48.0307 0156 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys

2011/02/02 08:00:48.0410 0156 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys

2011/02/02 08:00:48.0489 0156 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys

2011/02/02 08:00:48.0549 0156 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

2011/02/02 08:00:48.0627 0156 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys

2011/02/02 08:00:48.0719 0156 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys

2011/02/02 08:00:48.0987 0156 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

2011/02/02 08:00:49.0164 0156 MODEMCSA (cbb59c41f19efea1a000793e08070a62) C:\Windows\system32\drivers\MODEMCSA.sys

2011/02/02 08:00:49.0346 0156 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

2011/02/02 08:00:49.0442 0156 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

2011/02/02 08:00:49.0549 0156 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

2011/02/02 08:00:49.0617 0156 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

2011/02/02 08:00:49.0680 0156 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys

2011/02/02 08:00:49.0752 0156 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

2011/02/02 08:00:49.0859 0156 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

2011/02/02 08:00:49.0965 0156 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

2011/02/02 08:00:50.0173 0156 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys

2011/02/02 08:00:50.0313 0156 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys

2011/02/02 08:00:50.0394 0156 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys

2011/02/02 08:00:50.0539 0156 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys

2011/02/02 08:00:50.0598 0156 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys

2011/02/02 08:00:50.0750 0156 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

2011/02/02 08:00:50.0803 0156 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

2011/02/02 08:00:50.0903 0156 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

2011/02/02 08:00:50.0979 0156 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

2011/02/02 08:00:51.0041 0156 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

2011/02/02 08:00:51.0178 0156 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

2011/02/02 08:00:51.0382 0156 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

2011/02/02 08:00:51.0520 0156 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

2011/02/02 08:00:51.0612 0156 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

2011/02/02 08:00:51.0745 0156 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

2011/02/02 08:00:51.0997 0156 NAVENG (c8ef74e4d8105b1d02d58ea4734cf616) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110201.003\NAVENG.SYS

2011/02/02 08:00:52.0336 0156 NAVEX15 (94b3164055d821a62944d9fe84036470) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110201.003\NAVEX15.SYS

2011/02/02 08:00:52.0613 0156 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

2011/02/02 08:00:52.0695 0156 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

2011/02/02 08:00:52.0798 0156 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

2011/02/02 08:00:52.0875 0156 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

2011/02/02 08:00:52.0954 0156 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

2011/02/02 08:00:53.0020 0156 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

2011/02/02 08:00:53.0113 0156 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

2011/02/02 08:00:53.0346 0156 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

2011/02/02 08:00:53.0456 0156 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

2011/02/02 08:00:53.0633 0156 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

2011/02/02 08:00:53.0979 0156 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

2011/02/02 08:00:54.0138 0156 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

2011/02/02 08:00:54.0318 0156 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

2011/02/02 08:00:55.0027 0156 nvlddmkm (73a70f1d89c942eedd99a3f10459b051) C:\Windows\system32\DRIVERS\nvlddmkm.sys

2011/02/02 08:00:55.0387 0156 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys

2011/02/02 08:00:55.0484 0156 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys

2011/02/02 08:00:55.0596 0156 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys

2011/02/02 08:00:55.0812 0156 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys

2011/02/02 08:00:56.0004 0156 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys

2011/02/02 08:00:56.0089 0156 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys

2011/02/02 08:00:56.0150 0156 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys

2011/02/02 08:00:56.0247 0156 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

2011/02/02 08:00:56.0353 0156 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys

2011/02/02 08:00:56.0450 0156 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

2011/02/02 08:00:56.0567 0156 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

2011/02/02 08:00:56.0809 0156 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

2011/02/02 08:00:56.0883 0156 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys

2011/02/02 08:00:56.0992 0156 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

2011/02/02 08:00:57.0086 0156 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys

2011/02/02 08:00:57.0299 0156 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys

2011/02/02 08:00:57.0484 0156 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

2011/02/02 08:00:57.0608 0156 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

2011/02/02 08:00:57.0696 0156 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

2011/02/02 08:00:57.0784 0156 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

2011/02/02 08:00:57.0895 0156 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

2011/02/02 08:00:57.0977 0156 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

2011/02/02 08:00:58.0107 0156 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

2011/02/02 08:00:58.0268 0156 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

2011/02/02 08:00:58.0473 0156 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\DRIVERS\rdpdr.sys

2011/02/02 08:00:58.0658 0156 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

2011/02/02 08:00:58.0801 0156 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys

2011/02/02 08:00:58.0978 0156 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

2011/02/02 08:00:59.0129 0156 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

2011/02/02 08:00:59.0284 0156 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

2011/02/02 08:00:59.0390 0156 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys

2011/02/02 08:00:59.0471 0156 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys

2011/02/02 08:00:59.0535 0156 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

2011/02/02 08:00:59.0671 0156 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys

2011/02/02 08:00:59.0740 0156 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys

2011/02/02 08:00:59.0818 0156 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys

2011/02/02 08:00:59.0908 0156 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

2011/02/02 08:01:00.0013 0156 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys

2011/02/02 08:01:00.0100 0156 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys

2011/02/02 08:01:00.0170 0156 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys

2011/02/02 08:01:00.0293 0156 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

2011/02/02 08:01:00.0476 0156 smwdm (1319ea66a96250d59665d133c0ff7cd0) C:\Windows\system32\drivers\smwdm.sys

2011/02/02 08:01:00.0549 0156 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

2011/02/02 08:01:00.0669 0156 SRTSP (ec5c3c6260f4019b03dfaa03ec8cbf6a) C:\Windows\System32\Drivers\N360\0403000.005\SRTSP.SYS

2011/02/02 08:01:00.0772 0156 SRTSPX (55d5c37ed41231e3ac2063d16df50840) C:\Windows\system32\drivers\N360\0403000.005\SRTSPX.SYS

2011/02/02 08:01:00.0857 0156 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys

2011/02/02 08:01:00.0914 0156 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys

2011/02/02 08:01:01.0015 0156 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys

2011/02/02 08:01:01.0159 0156 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

2011/02/02 08:01:01.0250 0156 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

2011/02/02 08:01:01.0399 0156 SymDS (56890bf9d9204b93042089d4b45ae671) C:\Windows\system32\drivers\N360\0403000.005\SYMDS.SYS

2011/02/02 08:01:01.0644 0156 SymEFA (1c91df5188150510a6f0cf78f7d94b69) C:\Windows\system32\drivers\N360\0403000.005\SYMEFA.SYS

2011/02/02 08:01:01.0826 0156 SymEvent (961b48b86f94d4cc8ceb483f8aa89374) C:\Windows\system32\Drivers\SYMEVENT.SYS

2011/02/02 08:01:02.0316 0156 SymIRON (dc80fbf0a348e54853ef82eed4e11e35) C:\Windows\system32\drivers\N360\0403000.005\Ironx86.SYS

2011/02/02 08:01:02.0901 0156 SYMTDIv (bf610335eda8d9026e45b4ac73d0de58) C:\Windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS

2011/02/02 08:01:03.0356 0156 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

2011/02/02 08:01:03.0485 0156 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

2011/02/02 08:01:03.0864 0156 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys

2011/02/02 08:01:04.0312 0156 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys

2011/02/02 08:01:04.0797 0156 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys

2011/02/02 08:01:04.0984 0156 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

2011/02/02 08:01:05.0164 0156 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

2011/02/02 08:01:05.0251 0156 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

2011/02/02 08:01:05.0378 0156 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

2011/02/02 08:01:05.0672 0156 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

2011/02/02 08:01:05.0788 0156 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

2011/02/02 08:01:05.0845 0156 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys

2011/02/02 08:01:05.0913 0156 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys

2011/02/02 08:01:06.0008 0156 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

2011/02/02 08:01:06.0212 0156 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys

2011/02/02 08:01:06.0321 0156 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys

2011/02/02 08:01:06.0389 0156 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

2011/02/02 08:01:06.0814 0156 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

2011/02/02 08:01:07.0091 0156 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

2011/02/02 08:01:07.0607 0156 UMPass (88bd96a1baeed33ee8bdf9499c07a841) C:\Windows\system32\DRIVERS\umpass.sys

2011/02/02 08:01:08.0015 0156 usbccgp (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\drivers\usbccgp.sys

2011/02/02 08:01:08.0214 0156 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

2011/02/02 08:01:08.0358 0156 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

2011/02/02 08:01:08.0511 0156 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

2011/02/02 08:01:08.0621 0156 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

2011/02/02 08:01:08.0694 0156 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys

2011/02/02 08:01:08.0832 0156 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

2011/02/02 08:01:08.0884 0156 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

2011/02/02 08:01:08.0976 0156 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

2011/02/02 08:01:09.0036 0156 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

2011/02/02 08:01:09.0113 0156 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys

2011/02/02 08:01:09.0175 0156 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys

2011/02/02 08:01:09.0398 0156 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys

2011/02/02 08:01:09.0508 0156 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

2011/02/02 08:01:09.0581 0156 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

2011/02/02 08:01:09.0665 0156 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

2011/02/02 08:01:09.0791 0156 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys

2011/02/02 08:01:09.0907 0156 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

2011/02/02 08:01:09.0973 0156 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

2011/02/02 08:01:10.0014 0156 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

2011/02/02 08:01:10.0139 0156 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

2011/02/02 08:01:10.0236 0156 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

2011/02/02 08:01:10.0543 0156 winachsf (ab7646d4cb9bb83d29d21ef7e00a0d15) C:\Windows\system32\DRIVERS\HSF_CNXT.sys

2011/02/02 08:01:10.0841 0156 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys

2011/02/02 08:01:11.0023 0156 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

2011/02/02 08:01:11.0158 0156 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

2011/02/02 08:01:11.0767 0156 ================================================================================

2011/02/02 08:01:11.0767 0156 Scan finished

2011/02/02 08:01:11.0767 0156 ================================================================================

OTL

OTL logfile created on: 2/2/2011 8:04:43 AM - Run 1

OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\k\Desktop

Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18999)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 71.00% Memory free

4.00 Gb Paging File | 4.00 Gb Available in Paging File | 83.00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 298.08 Gb Total Space | 153.58 Gb Free Space | 51.52% Space Free | Partition Type: NTFS

Drive D: | 624.86 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Drive E: | 232.88 Gb Total Space | 116.45 Gb Free Space | 50.00% Space Free | Partition Type: NTFS

Computer Name: PC-3 | User Name: k | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/02/02 08:02:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\k\Desktop\OTL.exe

PRC - [2011/01/07 21:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

PRC - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccsvchst.exe

PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

PRC - [2008/01/20 21:21:41 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe

========== Modules (SafeList) ==========

MOD - [2011/02/02 08:02:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\k\Desktop\OTL.exe

MOD - [2011/01/23 00:29:20 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c

2\msvcr90.dll

MOD - [2011/01/23 00:29:20 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c

2\msvcp90.dll

MOD - [2010/09/20 14:26:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\asoehook.dll

MOD - [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [unknown | Running] -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe -- (N360)

SRV - [2009/09/24 20:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)

SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)

SRV - [2008/01/20 21:21:41 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - [2011/01/22 21:13:45 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110201.003\NAVEX15.SYS -- (NAVEX15)

DRV - [2011/01/22 21:13:45 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110201.003\NAVENG.SYS -- (NAVENG)

DRV - [2011/01/07 22:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2011/01/02 12:18:57 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)

DRV - [2011/01/01 01:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)

DRV - [2011/01/01 01:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)

DRV - [2010/12/01 01:03:34 | 000,353,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20110131.001\IDSvix86.sys -- (IDSVix86)

DRV - [2010/11/23 03:34:08 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20110114.001\BHDrvx86.sys -- (BHDrvx86)

DRV - [2010/05/05 23:01:59 | 000,339,504 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS -- (SYMTDIv)

DRV - [2010/04/29 00:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\Ironx86.SYS -- (SymIRON)

DRV - [2010/04/21 22:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMEFA.SYS -- (SymEFA)

DRV - [2010/04/21 21:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\Drivers\N360\0403000.005\SRTSP.SYS -- (SRTSP)

DRV - [2010/04/21 21:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)

DRV - [2010/02/25 19:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\ccHPx86.sys -- (ccHP)

DRV - [2010/02/03 20:40:47 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMDS.SYS -- (SymDS)

DRV - [2008/01/20 21:21:57 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\umpass.sys -- (UMPass)

DRV - [2008/01/20 21:21:35 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)

DRV - [2008/01/20 21:21:35 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)

DRV - [2008/01/20 21:21:35 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)

DRV - [2008/01/20 21:21:34 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)

DRV - [2008/01/20 21:21:34 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)

DRV - [2008/01/20 21:21:34 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)

DRV - [2008/01/20 21:21:33 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)

DRV - [2008/01/20 21:21:33 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)

DRV - [2008/01/20 21:21:33 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®

DRV - [2008/01/20 21:21:33 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)

DRV - [2008/01/20 21:21:32 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)

DRV - [2008/01/20 21:21:32 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)

DRV - [2008/01/20 21:21:32 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)

DRV - [2008/01/20 21:21:31 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)

DRV - [2008/01/20 21:21:31 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)

DRV - [2008/01/20 21:21:31 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)

DRV - [2008/01/20 21:21:31 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)

DRV - [2008/01/20 21:21:30 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)

DRV - [2008/01/20 21:21:29 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)

DRV - [2008/01/20 21:21:29 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)

DRV - [2008/01/20 21:21:29 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)

DRV - [2008/01/20 21:21:28 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)

DRV - [2008/01/20 21:21:09 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)

DRV - [2008/01/20 21:21:09 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)

DRV - [2008/01/20 21:21:09 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)

DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)

DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)

DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)

DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)

DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)

DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)

DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)

DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)

DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)

DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)

DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)

DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)

DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)

DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)

DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)

DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)

DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)

DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)

DRV - [2005/05/23 10:31:46 | 001,034,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSF_DPV.sys -- (HSF_DPV)

DRV - [2005/05/23 10:30:50 | 000,229,376 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSFHWBS2.sys -- (HSFHWBS2)

DRV - [2005/05/23 10:30:42 | 000,716,288 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSF_CNXT.sys -- (winachsf)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?st=1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn\ [2011/01/02 17:08:24 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn\ [2011/01/02 12:20:57 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/01/04 12:54:56 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/01/04 12:54:56 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2004/08/04 07:00:00 | 000,000,734 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)

O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O13 - gopher Prefix: missing

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownlo...sreqlab_nvd.cab (System Requirements Lab Class)

O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s...ri_4.4.13.0.cab (SysInfo Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.109.67.27 213.109.72.22 1.1.1.1

O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\k\Desktop\Backgrounds\1270970427796.jpg

O24 - Desktop BackupWallPaper: C:\Users\k\Desktop\Backgrounds\1270970427796.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2011/01/28 18:19:45 | 000,000,073 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2005/03/30 01:39:08 | 000,000,048 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]

O32 - AutoRun File - [2008/12/15 04:52:18 | 000,000,080 | ---- | M] () - E:\Autorun.inf -- [ NTFS ]

O33 - MountPoints2\{1658d404-1698-11e0-bc6f-0007e942b8b6}\Shell\AutoRun\command - "" = E:\wdsync.exe

O33 - MountPoints2\{65633d81-f8ad-11df-938d-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{65633d81-f8ad-11df-938d-806e6f6e6963}\Shell\AutoRun\command - "" = D:\DATA\STUBSTUB.EXE -- [2005/04/01 07:16:07 | 000,010,240 | R--- | M] (ArenaNet)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/02 08:02:14 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\k\Desktop\OTL.exe

[2011/02/02 07:53:59 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\k\Desktop\TFC.exe

[2011/02/02 07:50:10 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{D76FD82B-FA59-4188-A2DF-67042DC86ADC}

[2011/02/01 14:44:56 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{510AE91C-6DCD-4999-804F-AECDE2D6293E}

[2011/02/01 14:21:09 | 001,360,472 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\k\Desktop\TDSSKiller.exe

[2011/02/01 02:44:43 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{2974EE54-CBF8-4F6E-8C9E-945FAE5FE2F7}

[2011/01/31 14:44:30 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{0471B5EB-7174-421A-BB05-C9B8E57CF681}

[2011/01/31 02:44:17 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{E920A6F0-F7E2-4463-A4B0-4494531F6CAC}

[2011/01/30 14:44:05 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{B013FC51-886C-4C59-9ABF-F426869744B8}

[2011/01/30 07:40:10 | 000,000,000 | ---D | C] -- C:\Users\k\Documents\Guild Wars

[2011/01/30 07:38:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars

[2011/01/30 02:43:53 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{8A307458-C42C-49FB-A4F8-98C7F99690BB}

[2011/01/29 04:51:54 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{F4334F42-857D-4CFA-9298-3C50DCC1C73C}

[2011/01/28 18:19:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ti 83

[2011/01/28 18:19:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TI Shared

[2011/01/28 18:19:41 | 000,000,000 | ---D | C] -- C:\Program Files\TI Education

[2011/01/28 16:51:32 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{708C86DE-44D4-43DC-96EB-6D1651636844}

[2011/01/27 16:09:32 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{03784383-AB5F-4EC4-AF82-B379CA02A81F}

[2011/01/26 20:56:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx

[2011/01/26 20:56:10 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Essentials Codec Pack

[2011/01/26 20:56:10 | 000,000,000 | ---D | C] -- C:\Program Files\Essentials Codec Pack

[2011/01/26 13:28:35 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{EC8463CE-7AAC-49FA-95AD-53A7669321BA}

[2011/01/26 01:28:25 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{0535FC7E-42EC-40C3-8000-1E8DD30778EF}

[2011/01/26 01:28:03 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{341056B5-BFBD-4AC9-B7B8-BFDA250A50E5}

[2011/01/25 13:28:13 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{9B1B80AC-FA57-43A5-96CA-6184033112F6}

[2011/01/25 01:26:01 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{CA8B584A-DD0C-417F-9394-951BA995FAE7}

[2011/01/24 23:03:05 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\WinRAR

[2011/01/24 23:02:21 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR

[2011/01/24 13:25:49 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{17919AB4-9A84-4500-A2C9-9D9433FA99AF}

[2011/01/24 01:37:42 | 000,000,000 | ---D | C] -- C:\Users\k\Documents\My Received Files

[2011/01/24 01:25:39 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{81BF7F96-C8CC-4242-A042-E2D6164A558F}

[2011/01/23 12:38:31 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{60DF154A-B22B-4E45-B4C1-39553FA69344}

[2011/01/23 06:18:24 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\PeerNetworking

[2011/01/23 05:33:22 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\MCE Logs

[2011/01/23 02:49:24 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\Malwarebytes

[2011/01/23 02:49:16 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2011/01/23 02:49:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011/01/23 02:49:11 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2011/01/23 02:49:11 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2011/01/23 01:58:56 | 000,000,000 | ---D | C] -- C:\Users\k\Desktop\Backgrounds

[2011/01/23 01:01:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy

[2011/01/23 01:00:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy

[2011/01/23 01:00:51 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy

[2011/01/23 00:44:13 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\Media Player Classic

[2011/01/23 00:38:21 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{40A4D48A-F70B-438C-A802-BDB83E587D66}

[2011/01/23 00:38:01 | 000,000,000 | ---D | C] -- C:\Users\k\Tracing

[2011/01/23 00:28:12 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live

[2011/01/23 00:25:57 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\Windows Live

[2011/01/23 00:25:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live

[2011/01/23 00:17:58 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA

[2011/01/23 00:15:47 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation

[2011/01/23 00:14:21 | 015,047,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll

[2011/01/23 00:14:21 | 010,467,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys

[2011/01/23 00:14:21 | 000,941,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322090.dll

[2011/01/23 00:14:21 | 000,837,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322040.dll

[2011/01/23 00:14:21 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll

[2011/01/23 00:14:20 | 004,941,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll

[2011/01/23 00:14:20 | 002,895,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll

[2011/01/23 00:14:20 | 002,251,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll

[2011/01/23 00:14:19 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll

[2011/01/23 00:14:19 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd

[2011/01/23 00:13:35 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation

[2011/01/23 00:12:30 | 000,000,000 | ---D | C] -- C:\NVIDIA

[2011/01/22 22:00:50 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\LolClient

[2011/01/22 21:44:48 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll

[2011/01/22 21:43:53 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab

[2011/01/22 21:23:34 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe

[2011/01/22 21:21:14 | 000,000,000 | ---D | C] -- C:\Users\k\Desktop\New Folder (2)

[2011/01/14 09:04:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ahead Nero

[2011/01/14 09:04:03 | 000,000,000 | ---D | C] -- C:\Program Files\Ahead

[2011/01/14 09:03:53 | 000,254,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmclien.dll

[2011/01/14 09:02:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield

[2011/01/07 21:06:44 | 000,580,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\easyUpdatusAPIU.dll

[2011/01/07 21:06:34 | 003,597,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll

[2011/01/07 21:06:14 | 002,620,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll

[2011/01/07 21:06:02 | 000,111,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll

[2011/01/07 21:06:02 | 000,066,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll

[2011/01/04 12:54:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter

[2011/01/04 12:54:27 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AC3Filter

[2011/01/04 12:54:25 | 000,000,000 | ---D | C] -- C:\Program Files\AC3Filter

[2011/01/04 12:53:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus

[2011/01/04 11:16:39 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\CrashDumps

========== Files - Modified Within 30 Days ==========

[2011/02/02 08:03:44 | 000,607,168 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011/02/02 08:03:44 | 000,104,808 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011/02/02 08:02:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\k\Desktop\OTL.exe

[2011/02/02 07:59:43 | 000,002,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2011/02/02 07:59:43 | 000,002,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2011/02/02 07:59:27 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/02/02 07:59:22 | 000,000,250 | ---- | M] () -- C:\Windows\tasks\WGASetup.job

[2011/02/02 07:58:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/02/02 07:58:43 | 2146,230,272 | -HS- | M] () -- C:\hiberfil.sys

[2011/02/02 07:53:54 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\k\Desktop\TFC.exe

[2011/02/01 19:36:12 | 004,263,406 | ---- | M] () -- C:\Users\k\Desktop\Combo-Fix.exe

[2011/02/01 19:31:42 | 001,723,428 | ---- | M] () -- C:\Windows\System32\drivers\N360\0403000.005\Cat.DB

[2011/02/01 19:30:16 | 000,000,466 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for k.job

[2011/02/01 18:22:00 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011/02/01 16:58:39 | 000,002,131 | ---- | M] () -- C:\Users\k\Desktop\ark.zip

[2011/02/01 16:58:33 | 000,001,777 | ---- | M] () -- C:\Users\k\Desktop\Attach.zip

[2011/02/01 15:53:44 | 000,296,448 | ---- | M] () -- C:\Users\k\Desktop\gdpjer02.exe

[2011/02/01 15:53:26 | 000,624,128 | ---- | M] () -- C:\Users\k\Desktop\dds.scr

[2011/02/01 15:53:16 | 000,000,000 | ---- | M] () -- C:\Users\k\defogger_reenable

[2011/02/01 15:44:10 | 000,050,477 | ---- | M] () -- C:\Users\k\Desktop\Defogger.exe

[2011/02/01 15:26:15 | 000,028,160 | ---- | M] () -- C:\Users\k\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/02/01 10:36:10 | 001,360,472 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\k\Desktop\TDSSKiller.exe

[2011/02/01 09:39:32 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job

[2011/01/30 22:25:59 | 000,000,515 | ---- | M] () -- C:\Users\k\Desktop\Gw - Shortcut.lnk

[2011/01/28 18:19:45 | 000,000,073 | ---- | M] () -- C:\AUTOEXEC.BAT

[2011/01/28 18:19:44 | 000,002,098 | ---- | M] () -- C:\Users\Public\Desktop\TI-83 Plus Flash Debugger.lnk

[2011/01/24 23:59:16 | 000,000,162 | -H-- | M] () -- C:\Users\k\Desktop\~$M_2045L_FRAHN_SPRING_2011_THURSDAY_7.DOC

[2011/01/24 23:55:05 | 000,048,128 | ---- | M] () -- C:\Users\k\Desktop\CHM_2045L_FRAHN_SPRING_2011_THURSDAY_7.DOC

[2011/01/23 18:48:04 | 000,000,606 | ---- | M] () -- C:\Users\k\Desktop\lol.launcher - Shortcut.lnk

[2011/01/23 06:18:24 | 000,018,770 | ---- | M] () -- C:\Users\k\AppData\Roaming\UserTile.png

[2011/01/23 03:05:15 | 000,375,136 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2011/01/23 02:49:16 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/01/23 01:01:12 | 000,001,055 | ---- | M] () -- C:\Users\k\Desktop\Spybot - Search & Destroy.lnk

[2011/01/23 00:44:31 | 004,411,392 | ---- | M] (Gabest) -- C:\Users\k\Desktop\mplayerc.exe

[2011/01/22 22:50:23 | 000,000,290 | ---- | M] () -- C:\Users\k\Desktop\Expansion Drive (E) - Shortcut.lnk

[2011/01/22 22:35:48 | 000,001,356 | ---- | M] () -- C:\Users\k\AppData\Local\d3d9caps.dat

[2011/01/22 21:26:26 | 000,001,841 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2011/01/07 22:27:00 | 015,047,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll

[2011/01/07 22:27:00 | 013,011,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll

[2011/01/07 22:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys

[2011/01/07 22:27:00 | 010,078,312 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll

[2011/01/07 22:27:00 | 004,941,928 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll

[2011/01/07 22:27:00 | 002,895,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll

[2011/01/07 22:27:00 | 002,251,368 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll

[2011/01/07 22:27:00 | 001,965,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll

[2011/01/07 22:27:00 | 000,941,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322090.dll

[2011/01/07 22:27:00 | 000,837,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322040.dll

[2011/01/07 22:27:00 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll

[2011/01/07 22:27:00 | 000,010,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd

[2011/01/07 22:27:00 | 000,004,756 | ---- | M] () -- C:\Windows\System32\nvinfo.pb

[2011/01/07 21:06:44 | 000,580,200 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\easyUpdatusAPIU.dll

[2011/01/07 21:06:34 | 003,597,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll

[2011/01/07 21:06:14 | 002,620,520 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll

[2011/01/07 21:06:02 | 000,111,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll

[2011/01/07 21:06:02 | 000,066,664 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll

[2011/01/04 12:55:01 | 000,001,390 | ---- | M] () -- C:\Users\k\Desktop\DivX Movies.lnk

[2011/01/04 12:54:44 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk

[2011/01/04 12:53:57 | 000,000,957 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk

[2011/01/04 11:10:07 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk

========== Files Created - No Company Name ==========

[2011/02/01 19:36:22 | 004,263,406 | ---- | C] () -- C:\Users\k\Desktop\Combo-Fix.exe

[2011/02/01 16:58:39 | 000,002,131 | ---- | C] () -- C:\Users\k\Desktop\ark.zip

[2011/02/01 16:58:33 | 000,001,777 | ---- | C] () -- C:\Users\k\Desktop\Attach.zip

[2011/02/01 15:53:42 | 000,296,448 | ---- | C] () -- C:\Users\k\Desktop\gdpjer02.exe

[2011/02/01 15:53:23 | 000,624,128 | ---- | C] () -- C:\Users\k\Desktop\dds.scr

[2011/02/01 15:53:16 | 000,000,000 | ---- | C] () -- C:\Users\k\defogger_reenable

[2011/02/01 15:44:10 | 000,050,477 | ---- | C] () -- C:\Users\k\Desktop\Defogger.exe

[2011/01/30 22:26:04 | 000,000,515 | ---- | C] () -- C:\Users\k\Desktop\Gw - Shortcut.lnk

[2011/01/28 18:19:44 | 000,002,098 | ---- | C] () -- C:\Users\Public\Desktop\TI-83 Plus Flash Debugger.lnk

[2011/01/24 23:59:16 | 000,000,162 | -H-- | C] () -- C:\Users\k\Desktop\~$M_2045L_FRAHN_SPRING_2011_THURSDAY_7.DOC

[2011/01/24 23:55:05 | 000,048,128 | ---- | C] () -- C:\Users\k\Desktop\CHM_2045L_FRAHN_SPRING_2011_THURSDAY_7.DOC

[2011/01/24 22:22:38 | 000,000,408 | ---- | C] () -- C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job

[2011/01/23 18:48:08 | 000,000,606 | ---- | C] () -- C:\Users\k\Desktop\lol.launcher - Shortcut.lnk

[2011/01/23 06:18:24 | 000,018,770 | ---- | C] () -- C:\Users\k\AppData\Roaming\UserTile.png

[2011/01/23 02:49:16 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/01/23 01:01:12 | 000,001,055 | ---- | C] () -- C:\Users\k\Desktop\Spybot - Search & Destroy.lnk

[2011/01/23 00:32:25 | 000,002,025 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk

[2011/01/23 00:14:21 | 000,004,756 | ---- | C] () -- C:\Windows\System32\nvinfo.pb

[2011/01/22 22:50:23 | 000,000,290 | ---- | C] () -- C:\Users\k\Desktop\Expansion Drive (E) - Shortcut.lnk

[2011/01/22 22:37:13 | 2146,230,272 | -HS- | C] () -- C:\hiberfil.sys

[2011/01/04 12:55:01 | 000,001,390 | ---- | C] () -- C:\Users\k\Desktop\DivX Movies.lnk

[2011/01/04 12:54:44 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk

[2011/01/04 12:53:57 | 000,000,957 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk

[2011/01/04 11:10:07 | 000,002,129 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk

[2011/01/02 13:05:27 | 000,028,160 | ---- | C] () -- C:\Users\k\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/11/26 11:49:23 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2010/11/25 11:23:07 | 000,001,356 | ---- | C] () -- C:\Users\k\AppData\Local\d3d9caps.dat

[2010/11/07 14:58:39 | 000,004,161 | ---- | C] () -- C:\Windows\ODBCINST.INI

[2008/01/20 21:23:41 | 000,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en

[2006/11/02 07:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2011/01/02 15:56:14 | 000,000,000 | ---D | M] -- C:\Users\k\AppData\Roaming\Local

[2011/01/22 22:00:50 | 000,000,000 | ---D | M] -- C:\Users\k\AppData\Roaming\LolClient

[2010/11/25 11:12:42 | 000,000,000 | ---D | M] -- C:\Users\k\AppData\Roaming\MSNInstaller

[2011/01/23 06:18:24 | 000,000,000 | ---D | M] -- C:\Users\k\AppData\Roaming\PeerNetworking

[2011/01/02 16:54:09 | 000,000,000 | ---D | M] -- C:\Users\k\AppData\Roaming\Uniblue

[2008/01/20 21:54:58 | 000,003,456 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[2011/02/02 07:59:22 | 000,000,250 | ---- | M] () -- C:\Windows\Tasks\WGASetup.job

========== Purity Check ==========

< End of report >

Extras.Txt

Link to post
Share on other sites

We're going to rerun OTL with a script as follows:

  • Disable the active protection component of your antivirus by following the directions that apply here:
    http://www.bleepingcomputer.com/forums/topic114351.html
  • Close all open windows on the Task Bar. Click the OTL icon (for Vista or Win 7, right click the icon and Run as Administrator) to restart the OTL program.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    :OTL
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    :File
    C:\Users\k\AppData\Local\{D76FD82B-FA59-4188-A2DF-67042DC86ADC}
    C:\Users\k\AppData\Local\{510AE91C-6DCD-4999-804F-AECDE2D6293E}
    C:\Users\k\AppData\Local\{2974EE54-CBF8-4F6E-8C9E-945FAE5FE2F7}
    C:\Users\k\AppData\Local\{0471B5EB-7174-421A-BB05-C9B8E57CF681}
    C:\Users\k\AppData\Local\{E920A6F0-F7E2-4463-A4B0-4494531F6CAC}
    C:\Users\k\AppData\Local\{B013FC51-886C-4C59-9ABF-F426869744B8}
    C:\Users\k\AppData\Local\{8A307458-C42C-49FB-A4F8-98C7F99690BB}
    C:\Users\k\AppData\Local\{F4334F42-857D-4CFA-9298-3C50DCC1C73C}
    C:\Users\k\AppData\Local\{708C86DE-44D4-43DC-96EB-6D1651636844}
    C:\Users\k\AppData\Local\{03784383-AB5F-4EC4-AF82-B379CA02A81F}
    C:\Users\k\AppData\Local\{EC8463CE-7AAC-49FA-95AD-53A7669321BA}
    C:\Users\k\AppData\Local\{0535FC7E-42EC-40C3-8000-1E8DD30778EF}
    C:\Users\k\AppData\Local\{341056B5-BFBD-4AC9-B7B8-BFDA250A50E5}
    C:\Users\k\AppData\Local\{9B1B80AC-FA57-43A5-96CA-6184033112F6}
    C:\Users\k\AppData\Local\{CA8B584A-DD0C-417F-9394-951BA995FAE7}
    C:\Users\k\AppData\Local\{17919AB4-9A84-4500-A2C9-9D9433FA99AF}
    C:\Users\k\AppData\Local\{81BF7F96-C8CC-4242-A042-E2D6164A558F}
    C:\Users\k\AppData\Local\{60DF154A-B22B-4E45-B4C1-39553FA69344}
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [emptyflash]
    [createrestorepoint]
    [reboot]


  • Now click Run Fix and let the program run uninterrupted.
  • It should reboot your PC when it is done, if it doesn't please reboot manually.
  • Copy/Paste OTL Log in your next reply

This entry in your log shows that you downloaded Combofix:

2011/02/01 19:36:12 | 004,263,406 | ---- | M] () -- C:\Users\k\Desktop\Combo-Fix.exe

Did you run it, and if you did I need to see this log:

C:\Combofix.txt

If there is more than one log, I'd like to see all of them copied and pasted into your topic.

If you connect through a router, it is very possible and probable that your router may be the source of your infection. Have you tried resetting it or connecting directly to your modem via an Ethernet cable (hard-wired) connection?

Link to post
Share on other sites

OTL logfile created on: 2/2/2011 9:14:23 PM - Run 2

OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\k\Desktop

Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18999)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 65.00% Memory free

4.00 Gb Paging File | 3.00 Gb Available in Paging File | 75.00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 298.08 Gb Total Space | 153.35 Gb Free Space | 51.45% Space Free | Partition Type: NTFS

Drive D: | 624.86 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Drive E: | 232.88 Gb Total Space | 116.45 Gb Free Space | 50.00% Space Free | Partition Type: NTFS

Computer Name: PC-3 | User Name: k | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/02/02 08:02:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\k\Desktop\OTL.exe

PRC - [2011/01/07 21:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

PRC - [2010/12/08 16:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe

PRC - [2010/11/10 01:13:30 | 000,025,456 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe

PRC - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccsvchst.exe

PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

PRC - [2008/01/20 21:21:41 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe

========== Modules (SafeList) ==========

MOD - [2011/02/02 08:02:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\k\Desktop\OTL.exe

MOD - [2011/01/23 00:29:20 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c

2\msvcr90.dll

MOD - [2011/01/23 00:29:20 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c

2\msvcp90.dll

MOD - [2010/09/20 14:26:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\asoehook.dll

MOD - [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [unknown | Running] -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe -- (N360)

SRV - [2009/09/24 20:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)

SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)

SRV - [2008/01/20 21:21:41 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - [2011/01/22 21:13:45 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110202.022\NAVEX15.SYS -- (NAVEX15)

DRV - [2011/01/22 21:13:45 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110202.022\NAVENG.SYS -- (NAVENG)

DRV - [2011/01/07 22:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2011/01/02 12:18:57 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)

DRV - [2011/01/01 01:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)

DRV - [2011/01/01 01:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)

DRV - [2010/12/01 01:03:34 | 000,353,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20110202.001\IDSvix86.sys -- (IDSVix86)

DRV - [2010/11/23 03:34:08 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20110114.001\BHDrvx86.sys -- (BHDrvx86)

DRV - [2010/05/05 23:01:59 | 000,339,504 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS -- (SYMTDIv)

DRV - [2010/04/29 00:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\Ironx86.SYS -- (SymIRON)

DRV - [2010/04/21 22:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMEFA.SYS -- (SymEFA)

DRV - [2010/04/21 21:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\Drivers\N360\0403000.005\SRTSP.SYS -- (SRTSP)

DRV - [2010/04/21 21:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)

DRV - [2010/02/25 19:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\ccHPx86.sys -- (ccHP)

DRV - [2010/02/03 20:40:47 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMDS.SYS -- (SymDS)

DRV - [2008/01/20 21:21:57 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\umpass.sys -- (UMPass)

DRV - [2008/01/20 21:21:35 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)

DRV - [2008/01/20 21:21:35 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)

DRV - [2008/01/20 21:21:35 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)

DRV - [2008/01/20 21:21:34 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)

DRV - [2008/01/20 21:21:34 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)

DRV - [2008/01/20 21:21:34 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)

DRV - [2008/01/20 21:21:33 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)

DRV - [2008/01/20 21:21:33 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)

DRV - [2008/01/20 21:21:33 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®

DRV - [2008/01/20 21:21:33 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)

DRV - [2008/01/20 21:21:32 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)

DRV - [2008/01/20 21:21:32 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)

DRV - [2008/01/20 21:21:32 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)

DRV - [2008/01/20 21:21:31 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)

DRV - [2008/01/20 21:21:31 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)

DRV - [2008/01/20 21:21:31 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)

DRV - [2008/01/20 21:21:31 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)

DRV - [2008/01/20 21:21:30 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)

DRV - [2008/01/20 21:21:29 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)

DRV - [2008/01/20 21:21:29 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)

DRV - [2008/01/20 21:21:29 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)

DRV - [2008/01/20 21:21:28 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)

DRV - [2008/01/20 21:21:09 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)

DRV - [2008/01/20 21:21:09 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)

DRV - [2008/01/20 21:21:09 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)

DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)

DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)

DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)

DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)

DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)

DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)

DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)

DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)

DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)

DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)

DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)

DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)

DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)

DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)

DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)

DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)

DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)

DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)

DRV - [2005/05/23 10:31:46 | 001,034,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSF_DPV.sys -- (HSF_DPV)

DRV - [2005/05/23 10:30:50 | 000,229,376 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSFHWBS2.sys -- (HSFHWBS2)

DRV - [2005/05/23 10:30:42 | 000,716,288 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSF_CNXT.sys -- (winachsf)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?st=1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn\ [2011/01/02 17:08:24 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn\ [2011/01/02 12:20:57 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/01/04 12:54:56 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/01/04 12:54:56 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2004/08/04 07:00:00 | 000,000,734 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)

O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O13 - gopher Prefix: missing

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownlo...sreqlab_nvd.cab (System Requirements Lab Class)

O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s...ri_4.4.13.0.cab (SysInfo Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.109.67.27 213.109.72.22 1.1.1.1

O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\k\Desktop\Backgrounds\1270970427796.jpg

O24 - Desktop BackupWallPaper: C:\Users\k\Desktop\Backgrounds\1270970427796.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2011/01/28 18:19:45 | 000,000,073 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2005/03/30 01:39:08 | 000,000,048 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]

O32 - AutoRun File - [2008/12/15 04:52:18 | 000,000,080 | ---- | M] () - E:\Autorun.inf -- [ NTFS ]

O33 - MountPoints2\{1658d404-1698-11e0-bc6f-0007e942b8b6}\Shell\AutoRun\command - "" = E:\wdsync.exe

O33 - MountPoints2\{65633d81-f8ad-11df-938d-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{65633d81-f8ad-11df-938d-806e6f6e6963}\Shell\AutoRun\command - "" = D:\DATA\STUBSTUB.EXE -- [2005/04/01 07:16:07 | 000,010,240 | R--- | M] (ArenaNet)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[CREATERESTOREPOINT]

Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/02/02 19:50:38 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{13F972B1-8396-4970-8B1B-C4FB194DC7DA}

[2011/02/02 08:02:14 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\k\Desktop\OTL.exe

[2011/02/02 07:53:59 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\k\Desktop\TFC.exe

[2011/02/02 07:50:10 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{D76FD82B-FA59-4188-A2DF-67042DC86ADC}

[2011/02/01 14:44:56 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{510AE91C-6DCD-4999-804F-AECDE2D6293E}

[2011/02/01 14:21:09 | 001,360,472 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\k\Desktop\TDSSKiller.exe

[2011/02/01 02:44:43 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{2974EE54-CBF8-4F6E-8C9E-945FAE5FE2F7}

[2011/01/31 14:44:30 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{0471B5EB-7174-421A-BB05-C9B8E57CF681}

[2011/01/31 02:44:17 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{E920A6F0-F7E2-4463-A4B0-4494531F6CAC}

[2011/01/30 14:44:05 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{B013FC51-886C-4C59-9ABF-F426869744B8}

[2011/01/30 07:40:10 | 000,000,000 | ---D | C] -- C:\Users\k\Documents\Guild Wars

[2011/01/30 07:38:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars

[2011/01/30 02:43:53 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{8A307458-C42C-49FB-A4F8-98C7F99690BB}

[2011/01/29 04:51:54 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{F4334F42-857D-4CFA-9298-3C50DCC1C73C}

[2011/01/28 18:19:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ti 83

[2011/01/28 18:19:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TI Shared

[2011/01/28 18:19:41 | 000,000,000 | ---D | C] -- C:\Program Files\TI Education

[2011/01/28 16:51:32 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{708C86DE-44D4-43DC-96EB-6D1651636844}

[2011/01/27 16:09:32 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{03784383-AB5F-4EC4-AF82-B379CA02A81F}

[2011/01/26 20:56:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx

[2011/01/26 20:56:10 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Essentials Codec Pack

[2011/01/26 20:56:10 | 000,000,000 | ---D | C] -- C:\Program Files\Essentials Codec Pack

[2011/01/26 13:28:35 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{EC8463CE-7AAC-49FA-95AD-53A7669321BA}

[2011/01/26 01:28:25 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{0535FC7E-42EC-40C3-8000-1E8DD30778EF}

[2011/01/26 01:28:03 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{341056B5-BFBD-4AC9-B7B8-BFDA250A50E5}

[2011/01/25 13:28:13 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{9B1B80AC-FA57-43A5-96CA-6184033112F6}

[2011/01/25 01:26:01 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{CA8B584A-DD0C-417F-9394-951BA995FAE7}

[2011/01/24 23:03:05 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\WinRAR

[2011/01/24 23:02:21 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR

[2011/01/24 13:25:49 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{17919AB4-9A84-4500-A2C9-9D9433FA99AF}

[2011/01/24 01:37:42 | 000,000,000 | ---D | C] -- C:\Users\k\Documents\My Received Files

[2011/01/24 01:25:39 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{81BF7F96-C8CC-4242-A042-E2D6164A558F}

[2011/01/23 12:38:31 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{60DF154A-B22B-4E45-B4C1-39553FA69344}

[2011/01/23 06:18:24 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\PeerNetworking

[2011/01/23 05:33:22 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\MCE Logs

[2011/01/23 02:49:24 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\Malwarebytes

[2011/01/23 02:49:16 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2011/01/23 02:49:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011/01/23 02:49:11 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2011/01/23 02:49:11 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2011/01/23 01:58:56 | 000,000,000 | ---D | C] -- C:\Users\k\Desktop\Backgrounds

[2011/01/23 01:01:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy

[2011/01/23 01:00:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy

[2011/01/23 01:00:51 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy

[2011/01/23 00:44:13 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\Media Player Classic

[2011/01/23 00:38:21 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{40A4D48A-F70B-438C-A802-BDB83E587D66}

[2011/01/23 00:38:01 | 000,000,000 | ---D | C] -- C:\Users\k\Tracing

[2011/01/23 00:28:12 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live

[2011/01/23 00:25:57 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\Windows Live

[2011/01/23 00:25:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live

[2011/01/23 00:17:58 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA

[2011/01/23 00:15:47 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation

[2011/01/23 00:14:21 | 015,047,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll

[2011/01/23 00:14:21 | 010,467,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys

[2011/01/23 00:14:21 | 000,941,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322090.dll

[2011/01/23 00:14:21 | 000,837,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322040.dll

[2011/01/23 00:14:21 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll

[2011/01/23 00:14:20 | 004,941,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll

[2011/01/23 00:14:20 | 002,895,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll

[2011/01/23 00:14:20 | 002,251,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll

[2011/01/23 00:14:19 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll

[2011/01/23 00:14:19 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd

[2011/01/23 00:13:35 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation

[2011/01/23 00:12:30 | 000,000,000 | ---D | C] -- C:\NVIDIA

[2011/01/22 22:00:50 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\LolClient

[2011/01/22 21:44:48 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll

[2011/01/22 21:43:53 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab

[2011/01/22 21:23:34 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe

[2011/01/22 21:21:14 | 000,000,000 | ---D | C] -- C:\Users\k\Desktop\New Folder (2)

[2011/01/14 09:04:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ahead Nero

[2011/01/14 09:04:03 | 000,000,000 | ---D | C] -- C:\Program Files\Ahead

[2011/01/14 09:03:53 | 000,254,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmclien.dll

[2011/01/14 09:02:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield

[2011/01/07 21:06:44 | 000,580,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\easyUpdatusAPIU.dll

[2011/01/07 21:06:34 | 003,597,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll

[2011/01/07 21:06:14 | 002,620,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll

[2011/01/07 21:06:02 | 000,111,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll

[2011/01/07 21:06:02 | 000,066,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll

[2011/01/04 12:54:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter

[2011/01/04 12:54:27 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AC3Filter

[2011/01/04 12:54:25 | 000,000,000 | ---D | C] -- C:\Program Files\AC3Filter

[2011/01/04 12:53:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus

[2011/01/04 11:16:39 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\CrashDumps

========== Files - Modified Within 30 Days ==========

[2011/02/02 21:15:45 | 001,723,428 | ---- | M] () -- C:\Windows\System32\drivers\N360\0403000.005\Cat.DB

[2011/02/02 21:11:04 | 000,011,923 | ---- | M] () -- C:\Users\k\Desktop\Chapter 4.docx

[2011/02/02 20:08:48 | 000,000,466 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for k.job

[2011/02/02 19:59:02 | 000,002,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2011/02/02 19:59:02 | 000,002,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2011/02/02 18:48:54 | 000,020,971 | ---- | M] () -- C:\Users\k\Desktop\Patrick Naugle Chapter 3.docx

[2011/02/02 18:22:00 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011/02/02 08:03:44 | 000,607,168 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011/02/02 08:03:44 | 000,104,808 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011/02/02 08:02:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\k\Desktop\OTL.exe

[2011/02/02 07:59:27 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/02/02 07:59:22 | 000,000,250 | ---- | M] () -- C:\Windows\tasks\WGASetup.job

[2011/02/02 07:58:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/02/02 07:58:43 | 2146,230,272 | -HS- | M] () -- C:\hiberfil.sys

[2011/02/02 07:53:54 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\k\Desktop\TFC.exe

[2011/02/01 19:36:12 | 004,263,406 | ---- | M] () -- C:\Users\k\Desktop\Combo-Fix.exe

[2011/02/01 16:58:39 | 000,002,131 | ---- | M] () -- C:\Users\k\Desktop\ark.zip

[2011/02/01 16:58:33 | 000,001,777 | ---- | M] () -- C:\Users\k\Desktop\Attach.zip

[2011/02/01 15:53:44 | 000,296,448 | ---- | M] () -- C:\Users\k\Desktop\gdpjer02.exe

[2011/02/01 15:53:26 | 000,624,128 | ---- | M] () -- C:\Users\k\Desktop\dds.scr

[2011/02/01 15:53:16 | 000,000,000 | ---- | M] () -- C:\Users\k\defogger_reenable

[2011/02/01 15:44:10 | 000,050,477 | ---- | M] () -- C:\Users\k\Desktop\Defogger.exe

[2011/02/01 15:26:15 | 000,028,160 | ---- | M] () -- C:\Users\k\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/02/01 10:36:10 | 001,360,472 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\k\Desktop\TDSSKiller.exe

[2011/02/01 09:39:32 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job

[2011/01/30 22:25:59 | 000,000,515 | ---- | M] () -- C:\Users\k\Desktop\Gw - Shortcut.lnk

[2011/01/28 18:19:45 | 000,000,073 | ---- | M] () -- C:\AUTOEXEC.BAT

[2011/01/28 18:19:44 | 000,002,098 | ---- | M] () -- C:\Users\Public\Desktop\TI-83 Plus Flash Debugger.lnk

[2011/01/24 23:59:16 | 000,000,162 | -H-- | M] () -- C:\Users\k\Desktop\~$M_2045L_FRAHN_SPRING_2011_THURSDAY_7.DOC

[2011/01/24 23:55:05 | 000,048,128 | ---- | M] () -- C:\Users\k\Desktop\CHM_2045L_FRAHN_SPRING_2011_THURSDAY_7.DOC

[2011/01/23 18:48:04 | 000,000,606 | ---- | M] () -- C:\Users\k\Desktop\lol.launcher - Shortcut.lnk

[2011/01/23 06:18:24 | 000,018,770 | ---- | M] () -- C:\Users\k\AppData\Roaming\UserTile.png

[2011/01/23 03:05:15 | 000,375,136 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2011/01/23 02:49:16 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/01/23 01:01:12 | 000,001,055 | ---- | M] () -- C:\Users\k\Desktop\Spybot - Search & Destroy.lnk

[2011/01/23 00:44:31 | 004,411,392 | ---- | M] (Gabest) -- C:\Users\k\Desktop\mplayerc.exe

[2011/01/22 22:50:23 | 000,000,290 | ---- | M] () -- C:\Users\k\Desktop\Expansion Drive (E) - Shortcut.lnk

[2011/01/22 22:35:48 | 000,001,356 | ---- | M] () -- C:\Users\k\AppData\Local\d3d9caps.dat

[2011/01/22 21:26:26 | 000,001,841 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2011/01/07 22:27:00 | 015,047,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll

[2011/01/07 22:27:00 | 013,011,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll

[2011/01/07 22:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys

[2011/01/07 22:27:00 | 010,078,312 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll

[2011/01/07 22:27:00 | 004,941,928 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll

[2011/01/07 22:27:00 | 002,895,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll

[2011/01/07 22:27:00 | 002,251,368 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll

[2011/01/07 22:27:00 | 001,965,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll

[2011/01/07 22:27:00 | 000,941,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322090.dll

[2011/01/07 22:27:00 | 000,837,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322040.dll

[2011/01/07 22:27:00 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll

[2011/01/07 22:27:00 | 000,010,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd

[2011/01/07 22:27:00 | 000,004,756 | ---- | M] () -- C:\Windows\System32\nvinfo.pb

[2011/01/07 21:06:44 | 000,580,200 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\easyUpdatusAPIU.dll

[2011/01/07 21:06:34 | 003,597,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll

[2011/01/07 21:06:14 | 002,620,520 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll

[2011/01/07 21:06:02 | 000,111,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll

[2011/01/07 21:06:02 | 000,066,664 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll

[2011/01/04 12:55:01 | 000,001,390 | ---- | M] () -- C:\Users\k\Desktop\DivX Movies.lnk

[2011/01/04 12:54:44 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk

[2011/01/04 12:53:57 | 000,000,957 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk

[2011/01/04 11:10:07 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk

========== Files Created - No Company Name ==========

[2011/02/02 20:36:58 | 000,011,923 | ---- | C] () -- C:\Users\k\Desktop\Chapter 4.docx

[2011/02/02 15:58:54 | 000,020,971 | ---- | C] () -- C:\Users\k\Desktop\Patrick Naugle Chapter 3.docx

[2011/02/01 19:36:22 | 004,263,406 | ---- | C] () -- C:\Users\k\Desktop\Combo-Fix.exe

[2011/02/01 16:58:39 | 000,002,131 | ---- | C] () -- C:\Users\k\Desktop\ark.zip

[2011/02/01 16:58:33 | 000,001,777 | ---- | C] () -- C:\Users\k\Desktop\Attach.zip

[2011/02/01 15:53:42 | 000,296,448 | ---- | C] () -- C:\Users\k\Desktop\gdpjer02.exe

[2011/02/01 15:53:23 | 000,624,128 | ---- | C] () -- C:\Users\k\Desktop\dds.scr

[2011/02/01 15:53:16 | 000,000,000 | ---- | C] () -- C:\Users\k\defogger_reenable

[2011/02/01 15:44:10 | 000,050,477 | ---- | C] () -- C:\Users\k\Desktop\Defogger.exe

[2011/01/30 22:26:04 | 000,000,515 | ---- | C] () -- C:\Users\k\Desktop\Gw - Shortcut.lnk

[2011/01/28 18:19:44 | 000,002,098 | ---- | C] () -- C:\Users\Public\Desktop\TI-83 Plus Flash Debugger.lnk

[2011/01/24 23:59:16 | 000,000,162 | -H-- | C] () -- C:\Users\k\Desktop\~$M_2045L_FRAHN_SPRING_2011_THURSDAY_7.DOC

[2011/01/24 23:55:05 | 000,048,128 | ---- | C] () -- C:\Users\k\Desktop\CHM_2045L_FRAHN_SPRING_2011_THURSDAY_7.DOC

[2011/01/24 22:22:38 | 000,000,408 | ---- | C] () -- C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job

[2011/01/23 18:48:08 | 000,000,606 | ---- | C] () -- C:\Users\k\Desktop\lol.launcher - Shortcut.lnk

[2011/01/23 06:18:24 | 000,018,770 | ---- | C] () -- C:\Users\k\AppData\Roaming\UserTile.png

[2011/01/23 02:49:16 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/01/23 01:01:12 | 000,001,055 | ---- | C] () -- C:\Users\k\Desktop\Spybot - Search & Destroy.lnk

[2011/01/23 00:32:25 | 000,002,025 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk

[2011/01/23 00:14:21 | 000,004,756 | ---- | C] () -- C:\Windows\System32\nvinfo.pb

[2011/01/22 22:50:23 | 000,000,290 | ---- | C] () -- C:\Users\k\Desktop\Expansion Drive (E) - Shortcut.lnk

[2011/01/22 22:37:13 | 2146,230,272 | -HS- | C] () -- C:\hiberfil.sys

[2011/01/04 12:55:01 | 000,001,390 | ---- | C] () -- C:\Users\k\Desktop\DivX Movies.lnk

[2011/01/04 12:54:44 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk

[2011/01/04 12:53:57 | 000,000,957 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk

[2011/01/04 11:10:07 | 000,002,129 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk

[2011/01/02 13:05:27 | 000,028,160 | ---- | C] () -- C:\Users\k\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/11/26 11:49:23 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2010/11/25 11:23:07 | 000,001,356 | ---- | C] () -- C:\Users\k\AppData\Local\d3d9caps.dat

[2010/11/07 14:58:39 | 000,004,161 | ---- | C] () -- C:\Windows\ODBCINST.INI

[2008/01/20 21:23:41 | 000,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en

[2006/11/02 07:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== Custom Scans ==========

< :OTL >

< O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. >

< :File >

< C:\Users\k\AppData\Local\{D76FD82B-FA59-4188-A2DF-67042DC86ADC} >

< C:\Users\k\AppData\Local\{510AE91C-6DCD-4999-804F-AECDE2D6293E} >

< C:\Users\k\AppData\Local\{2974EE54-CBF8-4F6E-8C9E-945FAE5FE2F7} >

< C:\Users\k\AppData\Local\{0471B5EB-7174-421A-BB05-C9B8E57CF681} >

< C:\Users\k\AppData\Local\{E920A6F0-F7E2-4463-A4B0-4494531F6CAC} >

< C:\Users\k\AppData\Local\{B013FC51-886C-4C59-9ABF-F426869744B8} >

< C:\Users\k\AppData\Local\{8A307458-C42C-49FB-A4F8-98C7F99690BB} >

< C:\Users\k\AppData\Local\{F4334F42-857D-4CFA-9298-3C50DCC1C73C} >

< C:\Users\k\AppData\Local\{708C86DE-44D4-43DC-96EB-6D1651636844} >

< C:\Users\k\AppData\Local\{03784383-AB5F-4EC4-AF82-B379CA02A81F} >

< C:\Users\k\AppData\Local\{EC8463CE-7AAC-49FA-95AD-53A7669321BA} >

< C:\Users\k\AppData\Local\{0535FC7E-42EC-40C3-8000-1E8DD30778EF} >

< C:\Users\k\AppData\Local\{341056B5-BFBD-4AC9-B7B8-BFDA250A50E5} >

< C:\Users\k\AppData\Local\{9B1B80AC-FA57-43A5-96CA-6184033112F6} >

< C:\Users\k\AppData\Local\{CA8B584A-DD0C-417F-9394-951BA995FAE7} >

< C:\Users\k\AppData\Local\{17919AB4-9A84-4500-A2C9-9D9433FA99AF} >

< C:\Users\k\AppData\Local\{81BF7F96-C8CC-4242-A042-E2D6164A558F} >

< C:\Users\k\AppData\Local\{60DF154A-B22B-4E45-B4C1-39553FA69344} >

< :Commands >

< [purity] >

< [resethosts] >

< [emptytemp] >

< [emptyflash] >

< [reboot] >

< End of report >

I haven't run ComboFix yet, and I haven't tried to reset my router or connect directly to the modem yet. Should I try these things?

Link to post
Share on other sites

Sorry, I misread and did a normal scan. Here is the Fix:

All processes killed

========== OTL ==========

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.

Error: Unable to interpret <:File> in the current context!

Error: Unable to interpret <C:\Users\k\AppData\Local\{D76FD82B-FA59-4188-A2DF-67042DC86ADC}> in the current context!

Error: Unable to interpret <C:\Users\k\AppData\Local\{510AE91C-6DCD-4999-804F-AECDE2D6293E}> in the current context!

Error: Unable to interpret <C:\Users\k\AppData\Local\{2974EE54-CBF8-4F6E-8C9E-945FAE5FE2F7}> in the current context!

Error: Unable to interpret <C:\Users\k\AppData\Local\{0471B5EB-7174-421A-BB05-C9B8E57CF681}> in the current context!

Error: Unable to interpret <C:\Users\k\AppData\Local\{E920A6F0-F7E2-4463-A4B0-4494531F6CAC}> in the current context!

Error: Unable to interpret <C:\Users\k\AppData\Local\{B013FC51-886C-4C59-9ABF-F426869744B8}> in the current context!

Error: Unable to interpret <C:\Users\k\AppData\Local\{8A307458-C42C-49FB-A4F8-98C7F99690BB}> in the current context!

Error: Unable to interpret <C:\Users\k\AppData\Local\{F4334F42-857D-4CFA-9298-3C50DCC1C73C}> in the current context!

Error: Unable to interpret <C:\Users\k\AppData\Local\{708C86DE-44D4-43DC-96EB-6D1651636844}> in the current context!

Error: Unable to interpret <C:\Users\k\AppData\Local\{03784383-AB5F-4EC4-AF82-B379CA02A81F}> in the current context!

Error: Unable to interpret <C:\Users\k\AppData\Local\{EC8463CE-7AAC-49FA-95AD-53A7669321BA}> in the current context!

Error: Unable to interpret <C:\Users\k\AppData\Local\{0535FC7E-42EC-40C3-8000-1E8DD30778EF}> in the current context!

Error: Unable to interpret <C:\Users\k\AppData\Local\{341056B5-BFBD-4AC9-B7B8-BFDA250A50E5}> in the current context!

Error: Unable to interpret <C:\Users\k\AppData\Local\{9B1B80AC-FA57-43A5-96CA-6184033112F6}> in the current context!

Error: Unable to interpret <C:\Users\k\AppData\Local\{CA8B584A-DD0C-417F-9394-951BA995FAE7}> in the current context!

Error: Unable to interpret <C:\Users\k\AppData\Local\{17919AB4-9A84-4500-A2C9-9D9433FA99AF}> in the current context!

Error: Unable to interpret <C:\Users\k\AppData\Local\{81BF7F96-C8CC-4242-A042-E2D6164A558F}> in the current context!

Error: Unable to interpret <C:\Users\k\AppData\Local\{60DF154A-B22B-4E45-B4C1-39553FA69344}> in the current context!

========== COMMANDS ==========

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: k

->Temp folder emptied: 63264 bytes

->Temporary Internet Files folder emptied: 562116 bytes

->Google Chrome cache emptied: 361150107 bytes

->Flash cache emptied: 10929 bytes

User: Mcx1

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 66016 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 345.00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: k

->Flash cache emptied: 0 bytes

User: Mcx1

User: Public

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.20.6 log created on 02022011_214844

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Link to post
Share on other sites

We're going to rerun OTL with a script as follows:

  • Disable the active protection component of your antivirus by following the directions that apply here:
    http://www.bleepingcomputer.com/forums/topic114351.html
  • Close all open windows on the Task Bar. Click the OTL icon (for Vista or Win 7, right click the icon and Run as Administrator) to restart the OTL program.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    :OTL
    C:\Users\k\AppData\Local\{D76FD82B-FA59-4188-A2DF-67042DC86ADC}
    C:\Users\k\AppData\Local\{510AE91C-6DCD-4999-804F-AECDE2D6293E}
    C:\Users\k\AppData\Local\{2974EE54-CBF8-4F6E-8C9E-945FAE5FE2F7}
    C:\Users\k\AppData\Local\{0471B5EB-7174-421A-BB05-C9B8E57CF681}
    C:\Users\k\AppData\Local\{E920A6F0-F7E2-4463-A4B0-4494531F6CAC}
    C:\Users\k\AppData\Local\{B013FC51-886C-4C59-9ABF-F426869744B8}
    C:\Users\k\AppData\Local\{8A307458-C42C-49FB-A4F8-98C7F99690BB}
    C:\Users\k\AppData\Local\{F4334F42-857D-4CFA-9298-3C50DCC1C73C}
    C:\Users\k\AppData\Local\{708C86DE-44D4-43DC-96EB-6D1651636844}
    C:\Users\k\AppData\Local\{03784383-AB5F-4EC4-AF82-B379CA02A81F}
    C:\Users\k\AppData\Local\{EC8463CE-7AAC-49FA-95AD-53A7669321BA}
    C:\Users\k\AppData\Local\{0535FC7E-42EC-40C3-8000-1E8DD30778EF}
    C:\Users\k\AppData\Local\{341056B5-BFBD-4AC9-B7B8-BFDA250A50E5}
    C:\Users\k\AppData\Local\{9B1B80AC-FA57-43A5-96CA-6184033112F6}
    C:\Users\k\AppData\Local\{CA8B584A-DD0C-417F-9394-951BA995FAE7}
    C:\Users\k\AppData\Local\{17919AB4-9A84-4500-A2C9-9D9433FA99AF}
    C:\Users\k\AppData\Local\{81BF7F96-C8CC-4242-A042-E2D6164A558F}
    C:\Users\k\AppData\Local\{60DF154A-B22B-4E45-B4C1-39553FA69344}
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [emptyflash]
    [createrestorepoint]
    [reboot]


  • Now click Run Fix and let the program run uninterrupted.
  • It should reboot your PC when it is done, if it doesn't please reboot manually.
  • Copy/Paste OTL Log in your next reply

1. Click on the Vista Orb (Start Button)

2. Go to All Programs -> Accessories

3. Now right click on Command Prompt and select "Run as Administrator" from context menu.

4. This should open an elevated command prompt

5. Now in the Command prompt Window, Copy/paste the following:

NETSH WINHTTP RESET PROXY

7. Press the ENTER key on your keyboard.

8. Copy/paste the following:

IPConfig /flushdns

9. Press the ENTER key on your keyboard.

10. Close the CMD Prompt, and Restart the computer

Now I want You to bypass your router by directly connecting to your modem via an Ethernet cable and see if this corrects your redirects.

Link to post
Share on other sites

I reset my router and it appears that it no longer redirects, but right now I'm going to continue with the cmd prompt to be safe.

All processes killed

========== OTL ==========

========== COMMANDS ==========

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: k

->Temp folder emptied: 31832 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Google Chrome cache emptied: 11805338 bytes

->Flash cache emptied: 654 bytes

User: Mcx1

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Public

->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 0 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 11.00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: k

->Flash cache emptied: 0 bytes

User: Mcx1

User: Public

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.20.6 log created on 02022011_231931

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Link to post
Share on other sites

I want you to give it a day to see if there are no redirects. Then let me know because the lack of symptoms means it is gone.

The reason I suspected it was your router is because your logs were basically clean. The 'usual suspects' that are responsible for redirecting your browser were NOT present.

When You get back to me next, I'll give You some prevention tips, which includes changing your router password from the default one it was assigned!!

Link to post
Share on other sites

Glad to hear everything is working well, and Excellent job, Snuggles!

Here's two articles on Router Safety and Security:

http://makingwindowseasy.com/2010/01/20/router-safety/

http://lastwatchdog.com/americans-borrowin...ast+Watchdog%29

We have a few steps to finish up now.

You should update your version of the Sun Java Platform (JRE) to the newest version which is Java Runtime Environment (JRE) 6 Update 23, if you have not done that already.

You can check your currently installed JRE version here.

If you find you need to update to the Java Runtime Environment (JRE) 6 Update 23, then follow these steps:

1. Download the latest JRE version clicking the "Agree and Start Free Download" button.

2. Save the installer to your desktop.

3. Close any programs you may have running - especially your web browser.

4. Next, remove all older versions of the Sun Java Platform using the Control Panel's Add/Remove Program feature (as they may contain security vulnerabilities).

5. Reboot your system

6. Then from your desktop double-click on jxpiinstall.exe to install the newest version of the Sun Java Platform

7. "Install the Yahoo Toolbar' is prechecked by default, so be sure to UNCHECK it, if you do not care to have it, or You already have it installed - it is NOT part of the JRE install and it is NOT required for any Java applications.

8. You may verify that the current version installed properly by clicking http://java.com/en/download/installed.jsp here.

--------------------

Now clear the Java cache:

After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)

  • On the General tab, under Temporary Internet Files, click the Settings button.
  • Next, click on the Delete Files button
  • There are two options in the window to clear the cache - Leave BOTH Checked
    • Applications and Applets
    • Trace and Log Files

    [*]Click OK on Delete Temporary Files Window

    Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.

    [*] Click OK to leave the Temporary Files Window

    [*]Click OK to leave the Java Control Panel.

As Java Cache can be an infection repository, You can quickly scan it periodically for infectious elements, by right-clicking the following folder and selecting the "Scan with <Your antivirus>" option:

The location of this folder usually is:

In XP:

C:\Documents and Settings\<user_name>\Application Data\Sun\Java\Deployment\cache\

In Vista and Windows 7:

C:\Users\<user_name>\AppData\LocalLow\Sun\Java\Deployment\cache\

==

Now we'll remove the tools I had you download as follows:

If I asked you to download and run an ARK (Antirootkit program) such as Gmer, Rootkit Unhooker, or Root Repeal, then please uninstall it by doing the following:

  • Delete the contents of the C:\ARK folder (or whatever folder you chose to install the antirootkit in)
  • Delete the C:\ARK folder(or whatever folder you chose to install the antirootkit in)

If I asked You to download OTL, TDSSKiller, MBRCheck or mbr.exe, please delete these programs from your Desktop (or their download location).

To remove Combofix and it's quarantine folder:

Click Start -> Run, and copy/paste the following bolded text in the Open: box and select OK:

"%userprofile%\desktop\Combo-Fix.exe" /uninstall

This will do the following:

  • Uninstall Combofix and all its associated files and folders.
  • Flush your system restore points and create a new restore point.
  • Rehide your system files and folders
  • Reset your system clock

---

Here are some additional measures you should take to keep your system in good working order and ensure your continued security.

1. Scan your system for outdated versions of commonly used software applications that may also cause your PC be vulnerable, using the Secunia Online Software Inspector (OSI) by clicking the Start Scanner button. This is very important because recent statistics confirm that an overwhelming majority of infections are aquired through application not Operating System flaws. Commonly used programs like Quicktime, Java, and Adobe Acrobat Reader, itunes, FlashPlayer and many others are frequently targeted today. You can make your computer much more secure if you update to the most current versions of these programs and any others that Secunia alerts you to.

Just click the "Start Scanner" button to get a listing of all outdated and possibly insecure resident programs.

Note: If your firewall prompts you about access, allow it.

2. Keep MBAM as an on demand scanner because I highly recommend it, and the quick scan will find most all active malware in minutes.

3. You can reduce your startups by downloading Malwarebyte's StartUp Lite and saving it to a convenient location. Just double-click StartUpLite.exe. Then, check the options you would like based on the descriptions provided, then select continue. This will free up system resources because nonessential background programs will no longer be running when you start up your computer.

You should visit the Windows Updates website, and obtain the most current Operating System updates/patches, and Internet Explorer released versions.

The easiest and fastest way to obtain Windows Updates is by clicking Control Panel -> Windows Update.

However, setting your computer to download and install updates automatically will relieve you of the responsibility of doing this on a continual basis. It is important to periodically check that Windows Updates is functioning properly because many threats disable it as part of their strategy to compromise your system. Windows Updates are released on the second Tuesday of every month.

Finally, please review the additional suggestions offered by Tony Klein in How did I get infected in the first place. so you can maintain a safe and secure computing environment.

Happy Surfing! :)

Link to post
Share on other sites

  • 3 weeks later...
  • Staff

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.