Jump to content

Issues with audio after removing malware


Recommended Posts

I ran a scan and removed all of the items. Once I did this, I had no sound on sites like YouTube. When I restart my computer and the system loads windows, I get the usual sound through the speakers, but I can't get sound from websites. Was wondering if one of these files that I deleted is the reason I lost my audio. Here is what came up in my scan. Do I definitely need to remove all of these files?:

Malwarebytes' Anti-Malware 1.51.0.1200

www.malwarebytes.org

Database version: 6832

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

6/11/2011 7:19:29 AM

mbam-log-2011-06-11 (07-19-12).txt

Scan type: Quick scan

Objects scanned: 229484

Time elapsed: 27 minute(s), 14 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 7

Registry Values Infected: 2

Registry Data Items Infected: 0

Folders Infected: 6

Files Infected: 8

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{851552F5-B878-4B03-904F-2AD6A4CC8994} (PUP.Zwangi) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{851552F5-B878-4B03-904F-2AD6A4CC8994} (PUP.Zwangi) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09F1ADAC-76D8-4D0F-99A5-5C907DADB988} (Rogue.Multiple) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (Trojan.Proxy) -> No action taken.

HKEY_CLASSES_ROOT\sp (TrojanProxy.Agent) -> No action taken.

HKEY_CURRENT_USER\Software\FLV Direct Player (Adware.FLVPlayer) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\sp (TrojanProxy.Agent) -> No action taken.

Registry Values Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{851552F5-B878-4B03-904F-2AD6A4CC8994} (PUP.Zwangi) -> Value: {851552F5-B878-4B03-904F-2AD6A4CC8994} -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{851552F5-B878-4B03-904F-2AD6A4CC8994} (PUP.Zwangi) -> Value: {851552F5-B878-4B03-904F-2AD6A4CC8994} -> No action taken.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

c:\program files\flv direct player (Adware.BHO.FL) -> No action taken.

c:\program files\flv direct player\Skin (Adware.BHO.FL) -> No action taken.

c:\program files\flv direct player\Skin\directflv (Adware.BHO.FL) -> No action taken.

c:\program files\MyWaySA (Adware.MyWebSearch) -> No action taken.

c:\program files\MyWaySA\SrchAsDe (Adware.MyWebSearch) -> No action taken.

c:\documents and settings\all users\start menu\Programs\flv direct player (Adware.FLVPlayer) -> No action taken.

Files Infected:

c:\documents and settings\Chris\local settings\Temp\jar_cache6145090449525805034.tmp (Trojan.FakeAlert) -> No action taken.

c:\documents and settings\Chris\local settings\Temp\0.3186283753898934.exe (Trojan.FakeAlert) -> No action taken.

c:\documents and settings\Chris\local settings\Temp\0.46213286233336826.exe (Trojan.FakeAlert) -> No action taken.

c:\documents and settings\Chris\local settings\Temp\nsh15A5.tmp\downloads\289721250.ex_ (Adware.Agent) -> No action taken.

c:\WINDOWS\Temp\tbwk\setup.exe (Trojan.Proxy) -> No action taken.

c:\documents and settings\Chris\0.5086542202863648.exe (Trojan.FakeAlert) -> No action taken.

c:\program files\mozilla firefox\searchplugins\flvtube.xml (PUP.Zwangi) -> No action taken.

c:\WINDOWS\hosts (Trojan.Agent) -> No action taken.

Link to post
Share on other sites

  • Replies 54
  • Created
  • Last Reply

Top Posters In This Topic

Hello chrismo4136

Welcome to Malwarebytes.

Please try the following to see if it keeps your sound working properly.

First let's try to uninstall the programs that I suspect are the issue.

Please uninstall the following programs from the Add\remove programs list.

flv direct player

Zwangi

After doing this reboot then run mbam again let it remove the items and reboot again.

This time tell me if the sound issues persist.

Also please post the new mbam too after the removal.

Link to post
Share on other sites

In the add\remove programs list uninstall it from there it will be listed just as it is shown here as Flv media player.

To get to that panel go to Start> Control Panel> add\Remove programs.

There should be an entry there select it then hit the change\remove button.

Link to post
Share on other sites

Ok that is fine it may have been partially removed and no longer has an add\remove listing, go ahead and see if the browser plays audio fine.

If so update and run mbam and remove what it finds.

Reboot and see if the audio plays normally.

Post the log as well please.

Link to post
Share on other sites

Ok that tells me what I need to know.

Please go to start>run then type in this devmgmt.msc then hit ok.

This will open the device manager.

Click the plus sign next to sounds video and game controllers.

Look there after clicking the plus sign and tell me if you see anything listed with a mark next to it.

If you do please tell me the name of what is marked.

If nothing is marked also tell me the names of all the devices listed there under the sounds video and game controllers section.

Link to post
Share on other sites

OK please do the following please.

Still from within the device manager right click on this device > Soundblaster Live! 24-bit and choose uninstall and hit yes to the prompt.

Reboot once more and the device will reinstall itself again.

After that see if you have sound again.

Let me know the result.

Link to post
Share on other sites

Ok when you get back please do the following:

  • Download OTL to your desktop.
  • Double click on OTL to run it.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
    under the Custom scans and fixes area please paste in the following:
    • drivers32

[*]Then click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

Link to post
Share on other sites

OTL Extras logfile created on: 6/11/2011 4:54:09 PM - Run 1

OTL by OldTimer - Version 3.2.24.0 Folder = C:\Documents and Settings\Chris\Desktop

Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.07 Mb Total Physical Memory | 93.45 Mb Available Physical Memory | 9.22% Memory free

2.38 Gb Paging File | 1.44 Gb Available in Paging File | 60.29% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 144.33 Gb Total Space | 43.31 Gb Free Space | 30.01% Space Free | Partition Type: NTFS

Computer Name: D6HB5T81 | User Name: Chris | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 1

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"9051:UDP" = 9051:UDP:LocalSubNet:Enabled:Verizon Tech Wizard

"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL

"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL

"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL

"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL

"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL

"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)

"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader

"C:\Program Files\Common Files\AOL\1132953169\ee\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1132953169\ee\aolsoftware.exe:*:Enabled:AOL Services

"C:\Program Files\Common Files\AOL\1132953169\ee\aim6.exe" = C:\Program Files\Common Files\AOL\1132953169\ee\aim6.exe:*:Enabled:AIM

"C:\Program Files\Abacast\Abaclient.exe" = C:\Program Files\Abacast\Abaclient.exe:*:Enabled:Abaclient

"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger

"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed

"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:

Link to post
Share on other sites

OTL logfile created on: 6/11/2011 4:54:09 PM - Run 1

OTL by OldTimer - Version 3.2.24.0 Folder = C:\Documents and Settings\Chris\Desktop

Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.07 Mb Total Physical Memory | 93.45 Mb Available Physical Memory | 9.22% Memory free

2.38 Gb Paging File | 1.44 Gb Available in Paging File | 60.29% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 144.33 Gb Total Space | 43.31 Gb Free Space | 30.01% Space Free | Partition Type: NTFS

Computer Name: D6HB5T81 | User Name: Chris | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Chris\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()

PRC - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe (Threat Expert Ltd.)

PRC - C:\Program Files\Spyware Doctor\BDT\FGuard.exe (Threat Expert Ltd.)

PRC - C:\Program Files\Spyware Doctor\TFEngine\TFService.exe (PC Tools)

PRC - C:\Program Files\Spyware Doctor\pctsGui.exe (PC Tools)

PRC - C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)

PRC - C:\Program Files\Spyware Doctor\Update.exe (PC Tools)

PRC - C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\WINDOWS\system32\dwwin.exe (Microsoft Corporation)

PRC - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe (Authentium, Inc.)

PRC - C:\WINDOWS\system32\drwtsn32.exe (Microsoft Corporation)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Chris\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll (PC Tools)

MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)

MOD - C:\Program Files\Spyware Doctor\smum32.dll (PC Tools)

========== Win32 Services (SafeList) ==========

SRV - (RoxLiveShare9) -- File not found

SRV - (MpfService) -- File not found

SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

SRV - (Browser Defender Update Service) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe (Threat Expert Ltd.)

SRV - (ThreatFire) -- C:\Program Files\Spyware Doctor\TFEngine\TFService.exe (PC Tools)

SRV - (sdCoreService) -- C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)

SRV - (sdAuxService) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)

SRV - (RPSUpdaterR) -- C:\Program Files\Verizon\PC Security Checkup\rpsupdaterR.exe (Radialpoint Inc.)

SRV - (dvpapi) -- C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe (Authentium, Inc.)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)

DRV - (TFSysMon) -- C:\WINDOWS\system32\drivers\TfSysMon.sys (PC Tools)

DRV - (TfFsMon) -- C:\WINDOWS\system32\drivers\TfFsMon.sys (PC Tools)

DRV - (TfNetMon) -- C:\WINDOWS\system32\drivers\TfNetMon.sys (PC Tools)

DRV - (PCTCore) -- C:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools)

DRV - (pctplsg) -- C:\WINDOWS\system32\drivers\pctplsg.sys (PC Tools)

DRV - (pctgntdi) -- C:\WINDOWS\system32\drivers\pctgntdi.sys (PC Tools)

DRV - (pctEFA) -- C:\WINDOWS\system32\drivers\pctEFA.sys (PC Tools)

DRV - (pctDS) -- C:\WINDOWS\system32\drivers\pctDS.sys (PC Tools)

DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()

DRV - (SCDEmu) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)

DRV - (MREMP50) -- C:\Program Files\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))

DRV - (MRESP50) -- C:\Program Files\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))

DRV - (MCSTRM) -- C:\WINDOWS\System32\drivers\mcstrm.sys (RealNetworks, Inc.)

DRV - (CSS DVP) -- C:\WINDOWS\system32\drivers\Css-Dvp.sys (Authentium, Inc.)

DRV - (IntelC53) -- C:\WINDOWS\system32\drivers\IntelC53.sys (Intel Corporation)

DRV - (P17) -- C:\WINDOWS\system32\drivers\P17.sys (Creative Technology Ltd.)

DRV - (IntelC52) -- C:\WINDOWS\system32\drivers\IntelC52.sys (Intel Corporation)

DRV - (IntelC51) -- C:\WINDOWS\system32\drivers\IntelC51.sys (Intel Corporation)

DRV - (mohfilt) -- C:\WINDOWS\system32\drivers\mohfilt.sys (Intel Corporation)

DRV - (ctsfm2k) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)

DRV - (ossrv) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)

DRV - (PfModNT) -- C:\WINDOWS\system32\drivers\Pfmodnt.sys (Creative Technology Ltd.)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://www.yahoo.com/ext/search/search.html'>http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr8/*http://www.yahoo.com/ext/search/search.html

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Yahoo-FlvTube"

FF - prefs.js..browser.search.defaultenginename: "Yahoo-FlvTube"

FF - prefs.js..browser.search.order.1: "Yahoo-FlvTube"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.search.selectedEngineURL: "http://flvtubesearch.co/?tmp=toolbar_flvtube_results&prt=flvtubetb01ff&clid=&subid=&Keywords={searchTerms}"

FF - prefs.js..browser.startup.homepage: "www.yahoo.com"

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7

FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:3.0.0.204

FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17

FF - prefs.js..keyword.URL: "http://flvtubesearch.co/?prt=02ff&clid=&subid=&Keywords="

FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010/05/28 23:40:02 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2008/12/01 19:50:50 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\Spyware Doctor\BDT\FireFox\ [2010/12/09 19:58:10 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/05/13 23:07:34 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/05/13 23:07:34 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/30 12:08:05 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/30 12:08:03 | 000,000,000 | ---D | M]

[2009/01/28 00:59:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Chris\Application Data\Mozilla\Extensions

[2009/01/28 00:59:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Chris\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

[2011/04/30 06:16:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\9pifip8p.default\extensions

[2010/05/29 23:37:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\9pifip8p.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010/04/14 11:47:06 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\9pifip8p.default\extensions\{896642E4-C556-4ED3-85D1-9AC431603E7D}

[2010/04/14 11:48:40 | 000,001,836 | ---- | M] () -- C:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\9pifip8p.default\searchplugins\bing-ff.xml

[2008/12/12 14:23:54 | 000,002,158 | ---- | M] () -- C:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\9pifip8p.default\searchplugins\MySpace.xml

[2011/04/30 12:08:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2011/04/30 12:08:05 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2009/04/01 17:39:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

[2009/06/09 16:17:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

[2009/08/04 19:20:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

[2010/11/07 13:46:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

File not found (No name found) --

[2009/11/28 09:29:25 | 000,000,000 | -H-D | M] (Move Media Player) -- C:\DOCUMENTS AND SETTINGS\CHRIS\APPLICATION DATA\MOVE NETWORKS

[2008/12/01 19:50:50 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

[2011/04/14 12:26:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll

[2007/04/10 18:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll

[2010/09/15 05:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

[2009/09/25 12:41:34 | 000,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll

[2006/10/26 20:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL

[2011/04/14 03:39:02 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll

[2010/12/18 16:06:20 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll

[2010/12/18 16:06:20 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll

[2010/12/18 16:06:20 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll

[2010/12/18 16:06:21 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll

[2010/12/18 16:06:21 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll

[2010/12/18 16:06:21 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll

[2010/12/18 16:06:21 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll

[2010/01/01 04:00:00 | 000,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml

[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

[2010/01/01 04:00:00 | 000,001,131 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml

[2010/10/18 11:51:12 | 000,008,547 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\flvtube.xml

[2010/01/01 04:00:00 | 000,002,364 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml

[2010/01/01 04:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml

[2010/01/01 04:00:00 | 000,001,096 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

Hosts file not found

O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - Reg Error: Value error. File not found

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)

O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)

O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)

O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)

O4 - HKLM..\Run: [hpqSRMon] File not found

O4 - HKLM..\Run: [iSTray] C:\Program Files\Spyware Doctor\pctsGui.exe (PC Tools)

O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files\Spyware Doctor\BDT\FGuard.exe (Threat Expert Ltd.)

O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)

O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: &Yahoo! Search - C:\Program Files\Yahoo!\Common [2010/04/14 12:01:48 | 000,000,000 | ---D | M]

O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: Yahoo! &Dictionary - C:\Program Files\Yahoo!\Common [2010/04/14 12:01:48 | 000,000,000 | ---D | M]

O8 - Extra context menu item: Yahoo! &Maps - C:\Program Files\Yahoo!\Common [2010/04/14 12:01:48 | 000,000,000 | ---D | M]

O8 - Extra context menu item: Yahoo! &SMS - C:\Program Files\Yahoo!\Common [2010/04/14 12:01:48 | 000,000,000 | ---D | M]

O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)

O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)

O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} https://activatemyfios.verizon.net/sdcCommon/download/FIOS/Verizon%20FiOS%20Installer.cab (Support.com Configuration Class)

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab (QuickTime Object)

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {4788DE0A-3552-49EA-AC8C-233DA52523B9} http://www.blackberry.com/devicesoftware/AxLoader.cab (AxLoaderPassword Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} http://www.trendsecure.com/easy_install/_activex/en-US/TSEasyInstallX.CAB (TSEasyInstallX Control)

O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Reg Error: Key error.)

O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} http://download.abacast.com/download/files/abasetup161.cab (Reg Error: Key error.)

O16 - DPF: vzTCPConfig https://www.verizon.net/WhatsNext/CheckMyPc/vzTCPConfig.CAB (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.250.0.12

O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)

O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\SYSTEM32\Userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)

O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)

O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)

O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)

O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O24 - Desktop Components:0 (My Current Home Page) - About:Home

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Desktop Background.bmp

O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2005/08/16 06:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun

O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe

O34 - HKLM BootExecute: (SDEarlyDelete \??\C:\Program Files\SpywareDetector) - File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O34 - HKLM BootExecute: (et) - File not found

O34 - HKLM BootExecute: (??) - File not found

O34 - HKLM BootExecute: (;??) - File not found

O34 - HKLM BootExecute: (sdLogAction^sd.LogEvent.action.Whitelist^WL_Url^adopt.specificclick.net) - File not found

O34 - HKLM BootExecute: (??) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\AC3ACM.acm (fccHandler)

Drivers32: msacm.alf2cd - C:\WINDOWS\System32\alf2cd.acm (NCT Company)

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: MSACM.MSNAUDIO - C:\WINDOWS\System32\MSNAUDIO.ACM (Microsoft Corporation)

Drivers32: msacm.scg726 - C:\WINDOWS\System32\scg726.acm (SHARP Corporation)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)

Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept)

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

Drivers32: vidc.LEAD - LCODCCMP.DLL File not found

Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()

Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2011/06/11 16:10:52 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Chris\Desktop\OTL(1).exe

[2011/06/11 15:55:14 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Chris\Desktop\OTL.exe

[2011/06/11 01:43:30 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Chris\0.5086542202863648.exe

[2011/06/11 01:43:30 | 000,000,000 | ---D | C] -- C:\Program Files\MyWaySA

[2011/06/11 01:43:30 | 000,000,000 | ---D | C] -- C:\Program Files\flv direct player

[2011/06/11 01:43:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\flv direct player

[2011/06/10 20:11:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Application Data\Malwarebytes

[2011/06/10 20:10:27 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2011/06/10 20:10:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011/06/10 20:10:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2011/06/10 20:10:17 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2011/06/10 20:10:16 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2011/06/10 20:09:02 | 009,435,312 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Chris\Desktop\mbam-setup-1.51.0.1200.exe

[2011/06/10 14:40:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun

[2011/06/06 22:47:52 | 000,271,704 | R--- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpzids01.dll

[2011/06/06 22:47:10 | 000,309,760 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\difxapi.dll

[2011/06/06 22:47:09 | 000,729,088 | R--- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpwwiax4.dll

[2011/06/06 22:47:09 | 000,593,920 | R--- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpwtscl3.dll

[2011/06/06 22:47:09 | 000,364,544 | R--- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hppldcoi.dll

[2011/06/06 22:47:09 | 000,294,912 | R--- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpovst11.dll

[2011/06/06 22:42:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HP Product Assistant

[2011/06/04 12:13:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth

[2011/05/26 19:24:03 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2011/05/24 20:38:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\My Documents\My Albums

[2011/05/23 22:42:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Desktop\Lady Gaga

[2011/05/13 23:09:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Application Data\DDMSettings

[2005/11/12 17:02:50 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll

[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[4 C:\*.tmp files -> C:\*.tmp -> ]

[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/11 16:44:22 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2011/06/11 16:44:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011/06/11 16:44:08 | 1063,407,616 | -HS- | M] () -- C:\hiberfil.sys

[2011/06/11 16:10:53 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chris\Desktop\OTL(1).exe

[2011/06/11 15:56:23 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chris\Desktop\OTL.exe

[2011/06/11 10:31:35 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011/06/11 10:20:27 | 000,000,588 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm

[2011/06/11 10:20:27 | 000,000,588 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm

[2011/06/11 01:43:30 | 000,034,504 | ---- | M] () -- C:\WINDOWS\hosts

[2011/06/10 22:09:02 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2011/06/10 20:10:28 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/06/10 20:09:09 | 009,435,312 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Chris\Desktop\mbam-setup-1.51.0.1200.exe

[2011/06/06 22:55:31 | 000,178,360 | ---- | M] () -- C:\WINDOWS\hpwins20.dat

[2011/06/06 22:46:13 | 000,001,858 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential 2.5.lnk

[2011/06/06 22:45:21 | 000,002,669 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Document Manager.lnk

[2011/06/06 22:43:51 | 000,000,984 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Solution Center.lnk

[2011/06/06 22:38:46 | 000,705,886 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB

[2011/06/06 22:12:01 | 000,658,800 | ---- | M] () -- C:\WINDOWS\hpwins20.dat.temp

[2011/06/04 20:29:06 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2011/06/04 12:13:10 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk

[2011/06/02 08:56:12 | 000,032,256 | ---- | M] () -- C:\Documents and Settings\Chris\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2011/05/26 19:24:03 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2011/05/23 22:43:38 | 000,001,852 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Amazon Cloud Player.lnk

[2011/05/23 22:42:34 | 001,053,480 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\AmazonMP3Installer.exe

[2011/05/23 19:57:57 | 000,029,756 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\129166870583106181.jpg

[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[4 C:\*.tmp files -> C:\*.tmp -> ]

[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/11 01:43:30 | 000,034,504 | ---- | C] () -- C:\WINDOWS\hosts

[2011/06/10 20:10:28 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/06/06 22:46:13 | 000,001,858 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential 2.5.lnk

[2011/06/06 22:45:21 | 000,002,669 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Document Manager.lnk

[2011/06/06 22:43:51 | 000,000,984 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Solution Center.lnk

[2011/06/06 22:35:44 | 000,658,800 | ---- | C] () -- C:\WINDOWS\hpwins20.dat.temp

[2011/06/06 22:35:44 | 000,002,428 | ---- | C] () -- C:\WINDOWS\hpwmdl20.dat.temp

[2011/06/06 22:11:00 | 000,178,360 | ---- | C] () -- C:\WINDOWS\hpwins20.dat

[2011/06/06 22:10:30 | 000,002,428 | R--- | C] () -- C:\WINDOWS\hpwmdl20.dat

[2011/06/04 12:13:10 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk

[2011/05/23 22:43:38 | 000,001,852 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Amazon Cloud Player.lnk

[2011/05/23 22:42:32 | 001,053,480 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\AmazonMP3Installer.exe

[2011/05/23 19:57:53 | 000,029,756 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\129166870583106181.jpg

[2010/07/18 23:20:01 | 000,012,054 | R--- | C] () -- C:\WINDOWS\hpwscr20.dat

[2010/01/15 11:42:48 | 000,104,279 | ---- | C] () -- C:\WINDOWS\hpoins04.dat.temp

[2010/01/15 11:42:48 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat.temp

[2009/11/03 11:27:14 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll.old

[2009/11/03 11:27:14 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll

[2009/08/11 10:26:49 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfmonnt.dll

[2009/08/11 10:26:46 | 000,000,164 | ---- | C] () -- C:\WINDOWS\System32\psconv.ini

[2009/06/18 20:55:11 | 000,104,279 | ---- | C] () -- C:\WINDOWS\hpoins04.dat

[2009/06/18 20:55:11 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat

[2009/06/17 14:11:58 | 000,131,882 | ---- | C] () -- C:\WINDOWS\hpqins00.dat

[2008/10/15 19:11:41 | 000,137,607 | ---- | C] () -- C:\WINDOWS\HPHins15.dat

[2008/10/15 19:11:40 | 000,002,828 | ---- | C] () -- C:\WINDOWS\hphmdl15.dat

[2008/01/28 10:56:39 | 000,010,752 | ---- | C] () -- C:\WINDOWS\DCEBoot.exe

[2008/01/28 10:48:42 | 000,000,020 | ---- | C] () -- C:\WINDOWS\SDWormsToDelete.ini

[2008/01/28 10:45:20 | 000,011,728 | ---- | C] () -- C:\WINDOWS\System32\SDEarlyDelete.exe

[2008/01/28 10:45:12 | 000,000,104 | ---- | C] () -- C:\WINDOWS\System32\ProxySettings.ini

[2007/12/30 16:53:47 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI

[2007/05/01 18:17:43 | 000,000,038 | ---- | C] () -- C:\WINDOWS\iltwain.ini

[2007/04/02 05:58:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini

[2007/03/20 21:52:23 | 000,060,952 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat

[2006/02/04 13:49:10 | 000,002,683 | ---- | C] () -- C:\WINDOWS\cdplayer.ini

[2006/01/26 01:01:12 | 000,003,350 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys

[2005/12/23 22:09:11 | 000,118,784 | ---- | C] () -- C:\WINDOWS\dsdxirmv.exe

[2005/12/18 20:14:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI

[2005/12/13 09:30:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI

[2005/12/08 01:07:40 | 000,001,359 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache

[2005/12/01 00:44:31 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Chris\Application Data\PFP120JPR.{PB

[2005/12/01 00:44:31 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Chris\Application Data\PFP120JCM.{PB

[2005/11/25 17:10:50 | 000,000,028 | ---- | C] () -- C:\WINDOWS\atid.ini

[2005/11/25 02:10:33 | 000,032,256 | ---- | C] () -- C:\Documents and Settings\Chris\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2005/11/24 14:56:12 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\D75550F70E.sys

[2005/11/15 19:29:41 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini

[2005/11/15 19:20:11 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Chris\Local Settings\Application Data\fusioncache.dat

[2005/11/12 17:37:00 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2005/11/12 17:32:58 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE

[2005/11/12 17:29:27 | 000,000,450 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2005/11/12 17:27:07 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2005/11/12 17:24:24 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\SFMAN.DAT

[2005/11/12 17:24:24 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI

[2005/11/12 17:24:09 | 000,000,072 | ---- | C] () -- C:\WINDOWS\SBWIN.INI

[2005/11/12 17:02:52 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll

[2005/11/12 17:02:50 | 000,060,928 | ---- | C] () -- C:\WINDOWS\System32\P17.dll

[2005/11/12 17:02:42 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe

[2005/11/12 17:02:20 | 000,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

[2005/08/16 06:48:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2005/08/16 06:38:45 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2005/08/16 06:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini

[2005/08/16 06:33:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2005/08/16 06:27:59 | 000,286,904 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2005/08/16 06:18:35 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2005/08/16 06:18:33 | 000,445,722 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2005/08/16 06:18:33 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2005/08/16 06:18:33 | 000,072,928 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2005/08/16 06:18:33 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2005/08/16 06:18:32 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2005/08/16 06:18:30 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2005/08/16 06:18:28 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2005/08/16 06:18:23 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2005/08/16 06:18:23 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2005/08/16 06:18:15 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2005/08/16 06:18:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

[2005/08/05 16:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

[2004/12/20 12:08:28 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2004/12/20 12:03:26 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

========== LOP Check ==========

[2009/02/17 00:01:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus

[2010/07/06 15:30:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro

[2008/02/03 23:44:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream

[2005/12/23 22:17:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Propellerhead Software

[2011/06/11 17:00:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2007/03/09 20:13:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint

[2010/04/02 14:45:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2009/09/12 21:49:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

[2009/04/09 14:59:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

[2008/10/14 21:40:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Amazon

[2008/10/16 02:05:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\AVSMedia

[2010/06/29 01:07:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Azureus

[2005/12/23 22:14:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Cakewalk

[2010/07/06 15:38:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\DAEMON Tools Pro

[2011/05/13 23:09:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\DDMSettings

[2010/04/01 22:37:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Facebook

[2010/05/27 18:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\GetRightToGo

[2005/11/17 02:00:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Leadertech

[2010/08/19 15:45:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Oxohi

[2005/12/23 22:24:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Propellerhead Software

[2008/10/16 01:56:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Seven Zip

[2010/02/02 13:51:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\TechWizard

[2007/03/09 20:13:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Viewpoint

[2010/08/19 15:45:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Ykeci

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 153 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

@Alternate Data Stream - 142 bytes -> C:\Program Files\Spyware Doctor:pctlsp.log

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CA73D29

@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8

< End of report >

Link to post
Share on other sites

Ok does the audio devices say no audio device installed still?

Also some infections are present still please update and run mbam let it remove everything.

After that reboot and check the audio.

Post the log as well please from mbam.

Let me know if you hear anything or if nothing or the status.

Link to post
Share on other sites

Here's the latest log, I haven't removed them yet.

Malwarebytes' Anti-Malware 1.51.0.1200

www.malwarebytes.org

Database version: 6834

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

6/11/2011 8:38:23 PM

mbam-log-2011-06-11 (20-37-37).txt

Scan type: Quick scan

Objects scanned: 229613

Time elapsed: 1 hour(s), 14 minute(s), 15 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 6

Registry Values Infected: 2

Registry Data Items Infected: 0

Folders Infected: 6

Files Infected: 5

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{851552F5-B878-4B03-904F-2AD6A4CC8994} (PUP.Zwangi) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{851552F5-B878-4B03-904F-2AD6A4CC8994} (PUP.Zwangi) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09F1ADAC-76D8-4D0F-99A5-5C907DADB988} (Rogue.Multiple) -> No action taken.

HKEY_CLASSES_ROOT\sp (TrojanProxy.Agent) -> No action taken.

HKEY_CURRENT_USER\Software\FLV Direct Player (Adware.FLVPlayer) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\sp (TrojanProxy.Agent) -> No action taken.

Registry Values Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{851552F5-B878-4B03-904F-2AD6A4CC8994} (PUP.Zwangi) -> Value: {851552F5-B878-4B03-904F-2AD6A4CC8994} -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{851552F5-B878-4B03-904F-2AD6A4CC8994} (PUP.Zwangi) -> Value: {851552F5-B878-4B03-904F-2AD6A4CC8994} -> No action taken.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

c:\program files\flv direct player (Adware.BHO.FL) -> No action taken.

c:\program files\flv direct player\Skin (Adware.BHO.FL) -> No action taken.

c:\program files\flv direct player\Skin\directflv (Adware.BHO.FL) -> No action taken.

c:\program files\MyWaySA (Adware.MyWebSearch) -> No action taken.

c:\program files\MyWaySA\SrchAsDe (Adware.MyWebSearch) -> No action taken.

c:\documents and settings\all users\start menu\Programs\flv direct player (Adware.FLVPlayer) -> No action taken.

Files Infected:

c:\documents and settings\Chris\local settings\Temp\jar_cache6145090449525805034.tmp (Trojan.FakeAlert) -> No action taken.

c:\documents and settings\Chris\local settings\Temp\0.46213286233336826.exe (Trojan.FakeAlert) -> No action taken.

c:\documents and settings\Chris\local settings\Temp\nsh15A5.tmp\downloads\289721250.ex_ (Adware.Agent) -> No action taken.

c:\program files\mozilla firefox\searchplugins\flvtube.xml (PUP.Zwangi) -> No action taken.

c:\WINDOWS\hosts (Trojan.Agent) -> No action taken.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.