Sign in to follow this  
Followers 0
OdiousMortem

infected help please

13 posts in this topic

Hello OdiousMortem! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Step 1

Download the latest version of TDSSKiller from here and save it to your Desktop.

  1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    tdss_1.jpg
  2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
    tdss_2.jpg
  3. Click the Start Scan button.
    tdss_3.jpg
  4. If a suspicious object is detected, the default action will be Skip, click on Continue.
    tdss_4.jpg
  5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
  6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    tdss_5.jpg
  7. Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 2

Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

In your next reply, please include:

  • TDSSKiller log
  • OTL.Txt and Extras.Txt

Share this post


Link to post
Share on other sites

Hi Maniac, thank you for taking the time to help me. :)

Here are the logs.

23:01:32.0468 3684 TDSS rootkit removing tool 2.7.5.0 Jan 18 2012 09:26:24

23:01:32.0828 3684 ============================================================

23:01:32.0828 3684 Current date / time: 2012/01/18 23:01:32.0828

23:01:32.0828 3684 SystemInfo:

23:01:32.0828 3684

23:01:32.0828 3684 OS Version: 6.0.6001 ServicePack: 1.0

23:01:32.0828 3684 Product type: Workstation

23:01:32.0828 3684 ComputerName: BEN-PC

23:01:32.0829 3684 UserName: Ben

23:01:32.0829 3684 Windows directory: C:\Windows

23:01:32.0829 3684 System windows directory: C:\Windows

23:01:32.0829 3684 Processor architecture: Intel x86

23:01:32.0829 3684 Number of processors: 2

23:01:32.0829 3684 Page size: 0x1000

23:01:32.0829 3684 Boot type: Normal boot

23:01:32.0829 3684 ============================================================

23:01:33.0424 3684 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

23:01:33.0503 3684 Initialize success

23:01:35.0967 3904 ============================================================

23:01:35.0967 3904 Scan started

23:01:35.0967 3904 Mode: Manual;

23:01:35.0967 3904 ============================================================

23:01:37.0077 3904 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys

23:01:37.0082 3904 ACPI - ok

23:01:37.0236 3904 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

23:01:37.0247 3904 adp94xx - ok

23:01:37.0344 3904 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

23:01:37.0351 3904 adpahci - ok

23:01:37.0383 3904 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

23:01:37.0387 3904 adpu160m - ok

23:01:37.0496 3904 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

23:01:37.0501 3904 adpu320 - ok

23:01:37.0668 3904 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys

23:01:37.0674 3904 AFD - ok

23:01:37.0809 3904 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys

23:01:37.0812 3904 agp440 - ok

23:01:37.0913 3904 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

23:01:37.0917 3904 aic78xx - ok

23:01:37.0952 3904 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys

23:01:37.0954 3904 aliide - ok

23:01:38.0085 3904 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

23:01:38.0088 3904 amdagp - ok

23:01:38.0195 3904 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys

23:01:38.0197 3904 amdide - ok

23:01:38.0299 3904 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

23:01:38.0301 3904 AmdK7 - ok

23:01:38.0326 3904 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys

23:01:38.0330 3904 AmdK8 - ok

23:01:38.0454 3904 ApfiltrService (1de27858a431a5749e0f3df54ba935b9) C:\Windows\system32\DRIVERS\Apfiltr.sys

23:01:38.0460 3904 ApfiltrService - ok

23:01:38.0634 3904 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

23:01:38.0638 3904 arc - ok

23:01:38.0790 3904 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

23:01:38.0794 3904 arcsas - ok

23:01:38.0921 3904 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

23:01:38.0923 3904 AsyncMac - ok

23:01:39.0042 3904 atapi (0d83c87a801a3dfcd1bf73893fe7518c) C:\Windows\system32\drivers\atapi.sys

23:01:39.0044 3904 atapi - ok

23:01:39.0191 3904 ATSwpWDF (30407fb218940ae61f1aa3821b69f567) C:\Windows\system32\Drivers\ATSwpWDF.sys

23:01:39.0203 3904 ATSwpWDF - ok

23:01:39.0345 3904 BCM42RLY (7bd70aeed0d975285a1b20bd012ebf4e) C:\Windows\system32\drivers\BCM42RLY.sys

23:01:39.0348 3904 BCM42RLY - ok

23:01:39.0489 3904 BCM43XX (fa6707a346cd122407f3b0bad1c47639) C:\Windows\system32\DRIVERS\bcmwl6.sys

23:01:39.0522 3904 BCM43XX - ok

23:01:39.0683 3904 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

23:01:39.0685 3904 Beep - ok

23:01:39.0830 3904 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

23:01:39.0833 3904 blbdrive - ok

23:01:40.0018 3904 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys

23:01:40.0022 3904 bowser - ok

23:01:40.0161 3904 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

23:01:40.0164 3904 BrFiltLo - ok

23:01:40.0267 3904 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

23:01:40.0270 3904 BrFiltUp - ok

23:01:40.0384 3904 Bridge (72df06d26ae4ced2e08f428b96302b0e) C:\Windows\system32\DRIVERS\bridge.sys

23:01:40.0387 3904 Bridge - ok

23:01:40.0411 3904 BridgeMP (72df06d26ae4ced2e08f428b96302b0e) C:\Windows\system32\DRIVERS\bridge.sys

23:01:40.0413 3904 BridgeMP - ok

23:01:40.0521 3904 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

23:01:40.0525 3904 Brserid - ok

23:01:40.0623 3904 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

23:01:40.0626 3904 BrSerWdm - ok

23:01:40.0736 3904 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

23:01:40.0738 3904 BrUsbMdm - ok

23:01:40.0847 3904 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

23:01:40.0850 3904 BrUsbSer - ok

23:01:40.0978 3904 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

23:01:40.0981 3904 BTHMODEM - ok

23:01:41.0132 3904 catchme - ok

23:01:41.0248 3904 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

23:01:41.0251 3904 cdfs - ok

23:01:41.0360 3904 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys

23:01:41.0364 3904 cdrom - ok

23:01:41.0467 3904 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys

23:01:41.0470 3904 circlass - ok

23:01:41.0569 3904 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys

23:01:41.0576 3904 CLFS - ok

23:01:41.0707 3904 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

23:01:41.0710 3904 CmBatt - ok

23:01:41.0818 3904 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys

23:01:41.0820 3904 cmdide - ok

23:01:41.0930 3904 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

23:01:41.0932 3904 Compbatt - ok

23:01:42.0032 3904 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys

23:01:42.0035 3904 crcdisk - ok

23:01:42.0171 3904 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys

23:01:42.0174 3904 Crusoe - ok

23:01:42.0310 3904 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys

23:01:42.0314 3904 DfsC - ok

23:01:42.0448 3904 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys

23:01:42.0450 3904 disk - ok

23:01:42.0610 3904 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

23:01:42.0613 3904 drmkaud - ok

23:01:42.0729 3904 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys

23:01:42.0747 3904 DXGKrnl - ok

23:01:42.0864 3904 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys

23:01:42.0870 3904 e1express - ok

23:01:42.0991 3904 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys

23:01:42.0995 3904 E1G60 - ok

23:01:43.0121 3904 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys

23:01:43.0126 3904 Ecache - ok

23:01:43.0261 3904 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys

23:01:43.0270 3904 elxstor - ok

23:01:43.0400 3904 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys

23:01:43.0403 3904 ErrDev - ok

23:01:43.0481 3904 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys

23:01:43.0486 3904 exfat - ok

23:01:43.0537 3904 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys

23:01:43.0542 3904 fastfat - ok

23:01:43.0673 3904 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys

23:01:43.0676 3904 fdc - ok

23:01:43.0767 3904 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

23:01:43.0770 3904 FileInfo - ok

23:01:43.0825 3904 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

23:01:43.0828 3904 Filetrace - ok

23:01:43.0917 3904 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

23:01:43.0919 3904 flpydisk - ok

23:01:43.0946 3904 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys

23:01:43.0952 3904 FltMgr - ok

23:01:43.0977 3904 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

23:01:43.0981 3904 Fs_Rec - ok

23:01:44.0010 3904 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys

23:01:44.0013 3904 gagp30kx - ok

23:01:44.0069 3904 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

23:01:44.0072 3904 GEARAspiWDM - ok

23:01:44.0239 3904 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys

23:01:44.0240 3904 HDAudBus - ok

23:01:44.0269 3904 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

23:01:44.0272 3904 HidBth - ok

23:01:44.0374 3904 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys

23:01:44.0376 3904 HidIr - ok

23:01:44.0418 3904 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys

23:01:44.0420 3904 HidUsb - ok

23:01:44.0523 3904 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys

23:01:44.0525 3904 HpCISSs - ok

23:01:44.0590 3904 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys

23:01:44.0658 3904 HTTP - ok

23:01:44.0777 3904 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys

23:01:44.0780 3904 i2omp - ok

23:01:44.0915 3904 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

23:01:44.0918 3904 i8042prt - ok

23:01:44.0958 3904 iaStor (2358c53f30cb9dcd1d3843c4e2f299b2) C:\Windows\system32\drivers\iastor.sys

23:01:44.0961 3904 iaStor - ok

23:01:45.0013 3904 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys

23:01:45.0020 3904 iaStorV - ok

23:01:45.0212 3904 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys

23:01:45.0278 3904 igfx - ok

23:01:45.0388 3904 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

23:01:45.0391 3904 iirsp - ok

23:01:45.0527 3904 IntcHdmiAddService (98d303ccb3415e9202e82043b37d66dc) C:\Windows\system32\drivers\IntcHdmi.sys

23:01:45.0531 3904 IntcHdmiAddService - ok

23:01:45.0595 3904 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

23:01:45.0597 3904 intelide - ok

23:01:45.0663 3904 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

23:01:45.0664 3904 intelppm - ok

23:01:45.0813 3904 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

23:01:45.0816 3904 IpFilterDriver - ok

23:01:45.0829 3904 IpInIp - ok

23:01:45.0858 3904 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys

23:01:45.0861 3904 IPMIDRV - ok

23:01:45.0896 3904 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

23:01:45.0900 3904 IPNAT - ok

23:01:46.0010 3904 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

23:01:46.0013 3904 IRENUM - ok

23:01:46.0036 3904 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys

23:01:46.0039 3904 isapnp - ok

23:01:46.0077 3904 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys

23:01:46.0081 3904 iScsiPrt - ok

23:01:46.0106 3904 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

23:01:46.0110 3904 iteatapi - ok

23:01:46.0166 3904 itecir (8bcd857c7932ad005d5f9c89329da2e1) C:\Windows\system32\DRIVERS\itecir.sys

23:01:46.0169 3904 itecir - ok

23:01:46.0198 3904 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

23:01:46.0200 3904 iteraid - ok

23:01:46.0247 3904 k57nd60x (a67e8cfcad7d4f8b35643d6c79ba64c3) C:\Windows\system32\DRIVERS\k57nd60x.sys

23:01:46.0252 3904 k57nd60x - ok

23:01:46.0287 3904 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

23:01:46.0290 3904 kbdclass - ok

23:01:46.0354 3904 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys

23:01:46.0356 3904 kbdhid - ok

23:01:46.0426 3904 KL1 (186b54479d98e48aee0e9ada4b3c4d31) C:\Windows\system32\DRIVERS\kl1.sys

23:01:46.0430 3904 KL1 - ok

23:01:46.0460 3904 kl2 (bf485bfba13c0ab116701fd9c55324d0) C:\Windows\system32\DRIVERS\kl2.sys

23:01:46.0463 3904 kl2 - ok

23:01:46.0545 3904 KLIF (af04d0ce7939324e9a605b159295706c) C:\Windows\system32\DRIVERS\klif.sys

23:01:46.0735 3904 KLIF - ok

23:01:46.0860 3904 KLIM6 (6295a19003f935ecc6ccbe9e2376427b) C:\Windows\system32\DRIVERS\klim6.sys

23:01:46.0863 3904 KLIM6 - ok

23:01:46.0906 3904 klmouflt (3de1771c135328420315e21dde229bba) C:\Windows\system32\DRIVERS\klmouflt.sys

23:01:46.0909 3904 klmouflt - ok

23:01:46.0964 3904 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys

23:01:46.0974 3904 KSecDD - ok

23:01:47.0029 3904 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

23:01:47.0032 3904 lltdio - ok

23:01:47.0076 3904 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys

23:01:47.0080 3904 LSI_FC - ok

23:01:47.0111 3904 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys

23:01:47.0115 3904 LSI_SAS - ok

23:01:47.0185 3904 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys

23:01:47.0189 3904 LSI_SCSI - ok

23:01:47.0228 3904 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

23:01:47.0231 3904 luafv - ok

23:01:47.0246 3904 MCSTRM - ok

23:01:47.0288 3904 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys

23:01:47.0290 3904 megasas - ok

23:01:47.0329 3904 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys

23:01:47.0338 3904 MegaSR - ok

23:01:47.0365 3904 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

23:01:47.0369 3904 Modem - ok

23:01:47.0401 3904 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

23:01:47.0403 3904 monitor - ok

23:01:47.0434 3904 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

23:01:47.0437 3904 mouclass - ok

23:01:47.0463 3904 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

23:01:47.0465 3904 mouhid - ok

23:01:47.0499 3904 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

23:01:47.0503 3904 MountMgr - ok

23:01:47.0539 3904 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys

23:01:47.0543 3904 mpio - ok

23:01:47.0576 3904 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

23:01:47.0607 3904 mpsdrv - ok

23:01:47.0630 3904 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

23:01:47.0633 3904 Mraid35x - ok

23:01:47.0668 3904 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys

23:01:47.0672 3904 MRxDAV - ok

23:01:47.0720 3904 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys

23:01:47.0724 3904 mrxsmb - ok

23:01:47.0792 3904 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys

23:01:47.0798 3904 mrxsmb10 - ok

23:01:47.0821 3904 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys

23:01:47.0825 3904 mrxsmb20 - ok

23:01:47.0871 3904 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys

23:01:47.0874 3904 msahci - ok

23:01:47.0904 3904 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys

23:01:47.0908 3904 msdsm - ok

23:01:47.0952 3904 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

23:01:47.0955 3904 Msfs - ok

23:01:47.0989 3904 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

23:01:47.0997 3904 msisadrv - ok

23:01:48.0045 3904 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

23:01:48.0048 3904 MSKSSRV - ok

23:01:48.0081 3904 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

23:01:48.0083 3904 MSPCLOCK - ok

23:01:48.0116 3904 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

23:01:48.0119 3904 MSPQM - ok

23:01:48.0145 3904 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys

23:01:48.0150 3904 MsRPC - ok

23:01:48.0191 3904 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

23:01:48.0192 3904 mssmbios - ok

23:01:48.0220 3904 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

23:01:48.0222 3904 MSTEE - ok

23:01:48.0255 3904 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys

23:01:48.0258 3904 Mup - ok

23:01:48.0320 3904 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys

23:01:48.0325 3904 NativeWifiP - ok

23:01:48.0384 3904 NDIS (c8560010a542b5dca94c62468dc20784) C:\Windows\system32\drivers\ndis.sys

23:01:48.0394 3904 NDIS - ok

23:01:48.0425 3904 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

23:01:48.0428 3904 NdisTapi - ok

23:01:48.0453 3904 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

23:01:48.0455 3904 Ndisuio - ok

23:01:48.0482 3904 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys

23:01:48.0487 3904 NdisWan - ok

23:01:48.0507 3904 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

23:01:48.0510 3904 NDProxy - ok

23:01:48.0536 3904 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

23:01:48.0539 3904 NetBIOS - ok

23:01:48.0566 3904 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys

23:01:48.0572 3904 netbt - ok

23:01:48.0628 3904 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

23:01:48.0631 3904 nfrd960 - ok

23:01:48.0655 3904 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys

23:01:48.0658 3904 Npfs - ok

23:01:48.0689 3904 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

23:01:48.0692 3904 nsiproxy - ok

23:01:48.0750 3904 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys

23:01:48.0783 3904 Ntfs - ok

23:01:48.0807 3904 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

23:01:48.0810 3904 ntrigdigi - ok

23:01:48.0834 3904 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

23:01:48.0837 3904 Null - ok

23:01:48.0869 3904 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys

23:01:48.0874 3904 nvraid - ok

23:01:48.0893 3904 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys

23:01:48.0896 3904 nvstor - ok

23:01:48.0931 3904 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys

23:01:48.0935 3904 nv_agp - ok

23:01:48.0948 3904 NwlnkFlt - ok

23:01:48.0967 3904 NwlnkFwd - ok

23:01:49.0019 3904 OA001Ufd (a015dd2ba6009c8bdd00a6c431302d06) C:\Windows\system32\DRIVERS\OA001Ufd.sys

23:01:49.0024 3904 OA001Ufd - ok

23:01:49.0057 3904 OA001Vid (d8713c79ed64012863b3344ffc2d406e) C:\Windows\system32\DRIVERS\OA001Vid.sys

23:01:49.0065 3904 OA001Vid - ok

23:01:49.0100 3904 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys

23:01:49.0102 3904 ohci1394 - ok

23:01:49.0172 3904 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

23:01:49.0176 3904 Parport - ok

23:01:49.0209 3904 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys

23:01:49.0212 3904 partmgr - ok

23:01:49.0235 3904 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

23:01:49.0238 3904 Parvdm - ok

23:01:49.0271 3904 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys

23:01:49.0276 3904 pci - ok

23:01:49.0296 3904 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys

23:01:49.0298 3904 pciide - ok

23:01:49.0334 3904 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

23:01:49.0339 3904 pcmcia - ok

23:01:49.0416 3904 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

23:01:49.0450 3904 PEAUTH - ok

23:01:49.0523 3904 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

23:01:49.0526 3904 PptpMiniport - ok

23:01:49.0558 3904 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys

23:01:49.0561 3904 Processor - ok

23:01:49.0622 3904 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys

23:01:49.0625 3904 PSched - ok

23:01:49.0684 3904 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\Windows\system32\Drivers\PxHelp20.sys

23:01:49.0687 3904 PxHelp20 - ok

23:01:49.0755 3904 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys

23:01:49.0789 3904 ql2300 - ok

23:01:49.0822 3904 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

23:01:49.0827 3904 ql40xx - ok

23:01:49.0856 3904 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

23:01:49.0858 3904 QWAVEdrv - ok

23:01:49.0956 3904 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys

23:01:50.0011 3904 R300 - ok

23:01:50.0035 3904 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

23:01:50.0037 3904 RasAcd - ok

23:01:50.0069 3904 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

23:01:50.0073 3904 Rasl2tp - ok

23:01:50.0107 3904 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys

23:01:50.0111 3904 RasPppoe - ok

23:01:50.0137 3904 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys

23:01:50.0141 3904 RasSstp - ok

23:01:50.0174 3904 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys

23:01:50.0181 3904 rdbss - ok

23:01:50.0215 3904 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

23:01:50.0218 3904 RDPCDD - ok

23:01:50.0264 3904 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys

23:01:50.0271 3904 rdpdr - ok

23:01:50.0297 3904 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

23:01:50.0299 3904 RDPENCDD - ok

23:01:50.0329 3904 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys

23:01:50.0335 3904 RDPWD - ok

23:01:50.0393 3904 rimmptsk (c2ef513bbe069f0d4ee0938a76f975d3) C:\Windows\system32\DRIVERS\rimmptsk.sys

23:01:50.0396 3904 rimmptsk - ok

23:01:50.0427 3904 rimsptsk (c398bca91216755b098679a8da8a2300) C:\Windows\system32\DRIVERS\rimsptsk.sys

23:01:50.0430 3904 rimsptsk - ok

23:01:50.0493 3904 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys

23:01:50.0496 3904 RimUsb - ok

23:01:50.0533 3904 rismxdp (2a2554cb24506e0a0508fc395c4a1b42) C:\Windows\system32\DRIVERS\rixdptsk.sys

23:01:50.0535 3904 rismxdp - ok

23:01:50.0581 3904 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

23:01:50.0584 3904 rspndr - ok

23:01:50.0624 3904 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

23:01:50.0628 3904 sbp2port - ok

23:01:50.0708 3904 SCDEmu (c23dbd9bfba8b1170706e0896b3cf7da) C:\Windows\system32\drivers\SCDEmu.sys

23:01:50.0711 3904 SCDEmu - ok

23:01:50.0770 3904 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys

23:01:50.0774 3904 sdbus - ok

23:01:50.0792 3904 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

23:01:50.0795 3904 secdrv - ok

23:01:50.0824 3904 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

23:01:50.0835 3904 Serenum - ok

23:01:50.0868 3904 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

23:01:50.0872 3904 Serial - ok

23:01:50.0910 3904 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

23:01:50.0913 3904 sermouse - ok

23:01:50.0957 3904 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys

23:01:50.0960 3904 sffdisk - ok

23:01:50.0988 3904 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys

23:01:50.0991 3904 sffp_mmc - ok

23:01:51.0046 3904 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys

23:01:51.0049 3904 sffp_sd - ok

23:01:51.0068 3904 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

23:01:51.0071 3904 sfloppy - ok

23:01:51.0120 3904 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys

23:01:51.0123 3904 sisagp - ok

23:01:51.0168 3904 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys

23:01:51.0171 3904 SiSRaid2 - ok

23:01:51.0213 3904 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys

23:01:51.0217 3904 SiSRaid4 - ok

23:01:51.0269 3904 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys

23:01:51.0272 3904 Smb - ok

23:01:51.0312 3904 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

23:01:51.0314 3904 spldr - ok

23:01:51.0384 3904 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys

23:01:51.0392 3904 srv - ok

23:01:51.0456 3904 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys

23:01:51.0461 3904 srv2 - ok

23:01:51.0514 3904 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys

23:01:51.0518 3904 srvnet - ok

23:01:51.0590 3904 STHDA (805b1fc7e25613ce2dc93c0759d0aa30) C:\Windows\system32\DRIVERS\stwrt.sys

23:01:51.0600 3904 STHDA - ok

23:01:51.0660 3904 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

23:01:51.0662 3904 swenum - ok

23:01:51.0704 3904 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

23:01:51.0707 3904 Symc8xx - ok

23:01:51.0731 3904 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

23:01:51.0735 3904 Sym_hi - ok

23:01:51.0758 3904 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

23:01:51.0762 3904 Sym_u3 - ok

23:01:51.0841 3904 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys

23:01:51.0873 3904 Tcpip - ok

23:01:51.0905 3904 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys

23:01:51.0912 3904 Tcpip6 - ok

23:01:51.0940 3904 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys

23:01:51.0942 3904 tcpipreg - ok

23:01:51.0971 3904 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

23:01:51.0973 3904 TDPIPE - ok

23:01:52.0009 3904 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

23:01:52.0012 3904 TDTCP - ok

23:01:52.0039 3904 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys

23:01:52.0043 3904 tdx - ok

23:01:52.0067 3904 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys

23:01:52.0070 3904 TermDD - ok

23:01:52.0163 3904 TrueSight (f69641efdb19acb4753b0155f7fdeed5) c:\windows\system32\drivers\TrueSight.sys

23:01:52.0293 3904 TrueSight - ok

23:01:52.0336 3904 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

23:01:52.0339 3904 tssecsrv - ok

23:01:52.0362 3904 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

23:01:52.0364 3904 tunmp - ok

23:01:52.0421 3904 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys

23:01:52.0425 3904 tunnel - ok

23:01:52.0456 3904 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys

23:01:52.0459 3904 uagp35 - ok

23:01:52.0495 3904 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys

23:01:52.0501 3904 udfs - ok

23:01:52.0544 3904 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys

23:01:52.0547 3904 uliagpkx - ok

23:01:52.0579 3904 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys

23:01:52.0624 3904 uliahci - ok

23:01:52.0658 3904 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

23:01:52.0662 3904 UlSata - ok

23:01:52.0701 3904 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

23:01:52.0705 3904 ulsata2 - ok

23:01:52.0735 3904 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

23:01:52.0739 3904 umbus - ok

23:01:52.0767 3904 UMPass (88bd96a1baeed33ee8bdf9499c07a841) C:\Windows\system32\DRIVERS\umpass.sys

23:01:52.0770 3904 UMPass - ok

23:01:52.0841 3904 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\Windows\system32\Drivers\usbaapl.sys

23:01:52.0844 3904 USBAAPL - ok

23:01:52.0892 3904 usbbus (d9f3bb7c292f194f3b053ce295754eb8) C:\Windows\system32\DRIVERS\lgusbbus.sys

23:01:52.0894 3904 usbbus - ok

23:01:52.0934 3904 usbccgp (a7cd5b4adea26765cab06bdab7b07b13) C:\Windows\system32\DRIVERS\usbccgp.sys

23:01:52.0938 3904 usbccgp - ok

23:01:52.0972 3904 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

23:01:52.0976 3904 usbcir - ok

23:01:53.0002 3904 UsbDiag (c4f77da649f99fad116ea585376fc164) C:\Windows\system32\DRIVERS\lgusbdiag.sys

23:01:53.0005 3904 UsbDiag - ok

23:01:53.0051 3904 usbehci (686d4188ae36254c3008b71fedacadf3) C:\Windows\system32\DRIVERS\usbehci.sys

23:01:53.0054 3904 usbehci - ok

23:01:53.0088 3904 usbhub (4e42f665a658f08d153f7fffe7c83806) C:\Windows\system32\DRIVERS\usbhub.sys

23:01:53.0094 3904 usbhub - ok

23:01:53.0118 3904 USBModem (c0613ce45e617bc671de8ebb1b30d175) C:\Windows\system32\DRIVERS\lgusbmodem.sys

23:01:53.0120 3904 USBModem - ok

23:01:53.0154 3904 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

23:01:53.0158 3904 usbohci - ok

23:01:53.0196 3904 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

23:01:53.0199 3904 usbprint - ok

23:01:53.0251 3904 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS

23:01:53.0254 3904 USBSTOR - ok

23:01:53.0278 3904 usbuhci (40f95a3d6d50d82f947f1d167c2ec39d) C:\Windows\system32\DRIVERS\usbuhci.sys

23:01:53.0281 3904 usbuhci - ok

23:01:53.0313 3904 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

23:01:53.0316 3904 vga - ok

23:01:53.0330 3904 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

23:01:53.0334 3904 VgaSave - ok

23:01:53.0360 3904 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys

23:01:53.0363 3904 viaagp - ok

23:01:53.0386 3904 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys

23:01:53.0389 3904 ViaC7 - ok

23:01:53.0417 3904 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys

23:01:53.0419 3904 viaide - ok

23:01:53.0449 3904 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

23:01:53.0453 3904 volmgr - ok

23:01:53.0486 3904 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys

23:01:53.0495 3904 volmgrx - ok

23:01:53.0514 3904 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys

23:01:53.0518 3904 volsnap - ok

23:01:53.0549 3904 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys

23:01:53.0554 3904 vsmraid - ok

23:01:53.0604 3904 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

23:01:53.0606 3904 WacomPen - ok

23:01:53.0658 3904 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

23:01:53.0661 3904 Wanarp - ok

23:01:53.0677 3904 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

23:01:53.0678 3904 Wanarpv6 - ok

23:01:53.0717 3904 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

23:01:53.0720 3904 Wd - ok

23:01:53.0757 3904 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

23:01:53.0769 3904 Wdf01000 - ok

23:01:53.0909 3904 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys

23:01:53.0910 3904 WmiAcpi - ok

23:01:53.0983 3904 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys

23:01:53.0987 3904 WpdUsb - ok

23:01:54.0022 3904 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

23:01:54.0025 3904 ws2ifsl - ok

23:01:54.0088 3904 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

23:01:54.0092 3904 WUDFRd - ok

23:01:54.0150 3904 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

23:01:54.0206 3904 \Device\Harddisk0\DR0 - ok

23:01:54.0220 3904 Boot (0x1200) (a431838945ca4aead0b42711b8ca0e9b) \Device\Harddisk0\DR0\Partition0

23:01:54.0221 3904 \Device\Harddisk0\DR0\Partition0 - ok

23:01:54.0227 3904 Boot (0x1200) (94dae90339cdc212d455c611584c7221) \Device\Harddisk0\DR0\Partition1

23:01:54.0228 3904 \Device\Harddisk0\DR0\Partition1 - ok

23:01:54.0230 3904 ============================================================

23:01:54.0230 3904 Scan finished

23:01:54.0230 3904 ============================================================

23:01:54.0249 2200 Detected object count: 0

23:01:54.0249 2200 Actual detected object count: 0

23:02:03.0471 4160 Deinitialize success

Share this post


Link to post
Share on other sites

OTL logfile created on: 1/18/2012 11:02:15 PM - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Ben\Desktop

Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6001.18000)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.99 Gb Available Physical Memory | 49.53% Memory free

4.22 Gb Paging File | 3.02 Gb Available in Paging File | 71.53% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 139.25 Gb Total Space | 77.50 Gb Free Space | 55.65% Space Free | Partition Type: NTFS

Drive D: | 9.77 Gb Total Space | 4.48 Gb Free Space | 45.89% Space Free | Partition Type: NTFS

Computer Name: BEN-PC | User Name: Ben | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/18 22:59:05 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Ben\Desktop\OTL.exe

PRC - [2011/04/24 23:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe

PRC - [2009/05/21 10:13:58 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe

PRC - [2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2008/09/25 11:11:38 | 000,072,704 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe

PRC - [2008/08/13 23:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe

PRC - [2008/07/15 11:12:48 | 001,226,024 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DellDock.exe

PRC - [2008/06/30 05:28:24 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe

PRC - [2008/06/30 05:28:14 | 000,196,608 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe

PRC - [2008/06/30 05:28:12 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe

PRC - [2008/06/30 05:28:12 | 000,046,376 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe

PRC - [2008/06/26 06:10:00 | 000,221,273 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\stacsv.exe

PRC - [2008/06/26 06:09:50 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\AEstSrv.exe

PRC - [2008/06/09 12:47:36 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe

PRC - [2008/05/05 17:46:38 | 001,168,632 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\AtService.exe

PRC - [2008/05/02 14:09:04 | 000,161,048 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe

PRC - [2007/10/03 15:45:02 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe

PRC - [2007/10/03 15:44:58 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

========== Modules (No Company Name) ==========

MOD - [2011/06/30 02:35:18 | 015,881,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MenuSkinning\5d8533dc28d20583d71e1c7433141d31\MenuSkinning.ni.dll

MOD - [2011/06/30 02:34:59 | 011,800,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\f8694104e62a8182b9fbbae0e5173fcf\System.Web.ni.dll

MOD - [2011/06/30 02:34:50 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\dee800943eedfcd6120a7b56f0887fb0\System.Runtime.Remoting.ni.dll

MOD - [2011/06/30 02:34:39 | 000,284,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\431e8bcd04578dc3a991db1fd45816cb\VistaBridgeLibrary.ni.dll

MOD - [2011/06/30 02:34:35 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\18f2261a32e4aa98d770c405554bd8d5\System.Management.ni.dll

MOD - [2011/06/30 02:34:34 | 002,261,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DellDock\d452b64f7cb8848b2e94eb8b3a304bb9\DellDock.ni.exe

MOD - [2011/06/30 02:34:32 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MyDock.Util\d794c4339c61676b7e195efc65e858fc\MyDock.Util.ni.dll

MOD - [2011/06/30 02:34:24 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\f183e57f94e56ac92ee99eed8e63943d\System.Configuration.ni.dll

MOD - [2011/06/30 02:34:21 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\bc78764e2649bd53edc5c9884efba391\Accessibility.ni.dll

MOD - [2011/06/30 02:31:51 | 005,451,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\59f9dfe0ea64752c07f5a59c283c163b\System.Xml.ni.dll

MOD - [2011/06/30 02:31:34 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f4fbd5c3aa0de64cce8f542b447a31a8\System.Windows.Forms.ni.dll

MOD - [2011/06/30 02:31:24 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\54d1bb7213f94f2bfa67b0b560785220\System.Drawing.ni.dll

MOD - [2011/06/30 02:30:19 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\a9288099fbc6849c6c7523745b4f64f4\System.ni.dll

MOD - [2011/06/30 02:29:54 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a189480a53deaaf80a820de30553259b\mscorlib.ni.dll

MOD - [2011/04/24 23:13:30 | 007,008,656 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtgui4.dll

MOD - [2011/04/24 23:13:28 | 000,192,912 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtsql4.dll

MOD - [2011/04/24 23:13:26 | 001,270,160 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtscript4.dll

MOD - [2011/04/24 23:13:26 | 000,758,160 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtnetwork4.dll

MOD - [2011/04/24 23:13:24 | 002,118,032 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtcore4.dll

MOD - [2011/04/24 23:13:24 | 002,089,360 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtdeclarative4.dll

MOD - [2011/04/20 19:56:28 | 000,025,088 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\imageformats\qgif4.dll

MOD - [2009/09/05 00:54:38 | 000,180,224 | ---- | M] () -- C:\Program Files\QuickTime\QTSystem\QTCF.dll

MOD - [2009/09/04 22:15:06 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2009/09/04 22:14:56 | 000,120,096 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll

MOD - [2009/09/04 22:14:44 | 000,039,712 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll

MOD - [2008/08/05 07:16:20 | 000,055,808 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/04/24 23:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe -- (AVP)

SRV - [2008/09/25 11:24:51 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)

SRV - [2008/09/25 11:11:38 | 000,072,704 | ---- | M] (Creative Labs) [Auto | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)

SRV - [2008/08/13 23:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)

SRV - [2008/06/26 06:10:00 | 000,221,273 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\stacsv.exe -- (STacSV)

SRV - [2008/06/26 06:09:50 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\AEstSrv.exe -- (AESTFilters)

SRV - [2008/06/09 12:47:36 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)

SRV - [2008/05/05 17:46:38 | 001,168,632 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files\Fingerprint Sensor\AtService.exe -- (ATService)

SRV - [2008/05/02 14:09:04 | 000,161,048 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)

SRV - [2007/10/03 15:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®

========== Driver Services (SafeList) ==========

DRV - [2012/01/18 01:20:49 | 000,570,160 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)

DRV - [2011/03/10 18:36:18 | 000,023,856 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)

DRV - [2011/03/04 13:23:20 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)

DRV - [2011/03/04 13:23:14 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\kl1.sys -- (KL1)

DRV - [2009/11/02 20:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)

DRV - [2008/11/02 03:44:10 | 000,056,572 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)

DRV - [2008/08/05 07:16:06 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)

DRV - [2008/07/28 02:14:08 | 000,144,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA001Ufd.sys -- (OA001Ufd)

DRV - [2008/07/28 02:14:06 | 000,277,504 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA001Vid.sys -- (OA001Vid)

DRV - [2008/06/30 05:28:10 | 000,170,032 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)

DRV - [2008/06/30 00:54:56 | 000,475,136 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATSwpWDF.sys -- (ATSwpWDF)

DRV - [2008/06/26 06:10:08 | 000,380,928 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)

DRV - [2008/03/14 08:04:26 | 000,054,784 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)

DRV - [2008/03/11 01:42:24 | 000,203,264 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) Broadcom NetLink

DRV - [2008/03/11 01:27:52 | 000,111,616 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®

DRV - [2008/03/11 01:24:46 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)

DRV - [2008/03/11 01:24:44 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)

DRV - [2008/03/11 01:24:42 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)

DRV - [2008/01/20 21:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®

DRV - [2007/04/09 09:56:22 | 000,021,248 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)

DRV - [2007/04/09 09:55:08 | 000,022,912 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)

DRV - [2007/04/09 09:53:24 | 000,012,672 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)

DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5080925

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5080925

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5080925

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)

FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Ben\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll (Move Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files\DigitalPersona\Bin\FirefoxExt\ [2008/09/25 11:17:56 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\linkfilter@kaspersky.ru [2012/01/18 01:47:31 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru [2012/01/18 01:47:32 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files\DigitalPersona\Bin\firefoxext [2008/09/25 11:17:56 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Users\Ben\AppData\Roaming\Move Networks [2009/12/29 19:31:29 | 000,000,000 | ---D | M]

Hosts file not found

O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)

O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)

O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)

O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)

O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)

O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe (Kaspersky Lab ZAO)

O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)

O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)

O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)

O4 - Startup: C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)

O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)

O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{396080BC-FE0C-4BE3-BFB1-8D750CDA9370}: DhcpNameServer = 68.87.64.230 68.87.66.234

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96897720-D01F-49ED-BEED-9EF87160FFD2}: DhcpNameServer = 75.75.75.75 75.75.76.76

O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) -C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)

O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)

O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)

O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Tranportation_1920x1200.jpg

O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Tranportation_1920x1200.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{7272e445-3434-11df-b616-00217086295e}\Shell\AutoRun\command - "" = F:\slacker.synclauncher.exe

O33 - MountPoints2\{7272e445-3434-11df-b616-00217086295e}\Shell\slacker\command - "" = F:\slacker.synclauncher.exe

O33 - MountPoints2\{7272e455-3434-11df-b616-00217086295e}\Shell\AutoRun\command - "" = F:\slacker.synclauncher.exe

O33 - MountPoints2\{7272e455-3434-11df-b616-00217086295e}\Shell\slacker\command - "" = F:\slacker.synclauncher.exe

O33 - MountPoints2\{dd45ab02-9112-11e0-bf6a-00217086295e}\Shell - "" = AutoRun

O33 - MountPoints2\{dd45ab02-9112-11e0-bf6a-00217086295e}\Shell\AutoRun\command - "" = G:\TL-Bootstrap.exe

O33 - MountPoints2\{e47fcae7-41e2-11e1-b41c-00217086295e}\Shell - "" = AutoRun

O33 - MountPoints2\{e47fcae7-41e2-11e1-b41c-00217086295e}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a

O33 - MountPoints2\{e9db83b9-4719-11df-9dd4-00217086295e}\Shell - "" = AutoRun

O33 - MountPoints2\{e9db83b9-4719-11df-9dd4-00217086295e}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/18 22:59:01 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Ben\Desktop\OTL.exe

[2012/01/18 22:58:39 | 001,975,600 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Ben\Desktop\tdsskiller.exe

[2012/01/18 12:21:47 | 000,000,000 | ---D | C] -- C:\Users\Ben\Desktop\RK_Quarantine

[2012/01/18 12:07:45 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Ben\Desktop\dds.scr

[2012/01/18 12:03:28 | 000,000,000 | --SD | C] -- C:\ComboFix

[2012/01/18 10:56:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO

[2012/01/18 10:56:42 | 000,000,000 | ---D | C] -- C:\Program Files\PowerISO

[2012/01/18 01:25:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus 2012

[2012/01/18 01:21:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab

[2012/01/18 01:21:51 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab

[2012/01/18 01:20:49 | 000,570,160 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys

[2012/01/17 23:52:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders

[2012/01/17 21:38:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\catroot2

[2012/01/17 21:26:37 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2012/01/17 21:00:23 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7-Zip

[2012/01/17 21:00:23 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip

[2012/01/17 21:00:08 | 000,000,000 | ---D | C] -- C:\Program Files\Free Offers from Freeze.com

[2012/01/17 20:34:52 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\ElevatedDiagnostics

[2012/01/17 17:48:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Martau

[2012/01/17 17:48:35 | 000,000,000 | ---D | C] -- C:\Program Files\Total Uninstall 5

[2012/01/17 17:26:16 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Roaming\Auslogics

[2012/01/17 17:26:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics

[2012/01/17 17:26:13 | 000,000,000 | ---D | C] -- C:\Program Files\Auslogics

[2012/01/17 17:25:04 | 000,000,000 | ---D | C] -- C:\Windows\pss

[2012/01/17 17:22:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

[2012/01/17 17:22:13 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2012/01/17 17:03:22 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro

[2012/01/17 15:07:12 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Roaming\Malwarebytes

[2012/01/17 14:24:52 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT

[2009/01/02 11:01:46 | 008,653,312 | ---- | C] (Dell, Inc. ) -- C:\Users\Ben\AppData\Roaming\DataSafeDotNet.exe

[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/18 22:59:05 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Ben\Desktop\OTL.exe

[2012/01/18 22:58:46 | 001,975,600 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Ben\Desktop\tdsskiller.exe

[2012/01/18 22:56:35 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012/01/18 22:54:33 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2012/01/18 22:54:33 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2012/01/18 22:51:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012/01/18 22:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At46.job

[2012/01/18 22:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At45.job

[2012/01/18 21:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At43.job

[2012/01/18 21:34:59 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At44.job

[2012/01/18 20:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At42.job

[2012/01/18 20:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At41.job

[2012/01/18 19:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At40.job

[2012/01/18 19:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At39.job

[2012/01/18 18:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At38.job

[2012/01/18 18:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At37.job

[2012/01/18 17:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At36.job

[2012/01/18 17:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At35.job

[2012/01/18 16:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At34.job

[2012/01/18 16:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At33.job

[2012/01/18 15:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At32.job

[2012/01/18 15:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At31.job

[2012/01/18 15:00:58 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2012/01/18 15:00:58 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2012/01/18 14:54:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012/01/18 12:49:49 | 000,000,359 | ---- | M] () -- C:\Users\Ben\Desktop\fix.reg

[2012/01/18 12:35:03 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At26.job

[2012/01/18 12:34:59 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At25.job

[2012/01/18 12:29:09 | 000,000,945 | ---- | M] () -- C:\Users\Ben\Desktop\Launch Internet Explorer Browser.lnk

[2012/01/18 12:25:04 | 000,334,421 | ---- | M] () -- C:\Users\Ben\Desktop\FSS.exe

[2012/01/18 12:22:38 | 000,111,872 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys

[2012/01/18 12:07:08 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Ben\Desktop\dds.scr

[2012/01/18 10:56:43 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\PowerISO.lnk

[2012/01/18 10:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At22.job

[2012/01/18 10:34:59 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At21.job

[2012/01/18 09:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At20.job

[2012/01/18 09:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At19.job

[2012/01/18 08:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At18.job

[2012/01/18 08:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At17.job

[2012/01/18 07:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At16.job

[2012/01/18 07:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At15.job

[2012/01/18 06:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At14.job

[2012/01/18 06:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At13.job

[2012/01/18 05:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At12.job

[2012/01/18 05:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At11.job

[2012/01/18 04:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At10.job

[2012/01/18 04:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At9.job

[2012/01/18 03:35:01 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At8.job

[2012/01/18 03:35:01 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At7.job

[2012/01/18 02:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At6.job

[2012/01/18 02:34:59 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At5.job

[2012/01/18 01:47:13 | 000,115,369 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat

[2012/01/18 01:47:12 | 000,097,961 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat

[2012/01/18 01:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At4.job

[2012/01/18 01:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At3.job

[2012/01/18 01:29:43 | 000,017,408 | ---- | M] () -- C:\Users\Ben\AppData\Local\WebpageIcons.db

[2012/01/18 01:28:35 | 000,000,974 | ---- | M] () -- C:\Users\Ben\Desktop\Kaspersky Anti-Virus 2012.lnk

[2012/01/18 01:20:49 | 000,570,160 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys

[2012/01/18 00:35:04 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At2.job

[2012/01/18 00:35:04 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At1.job

[2012/01/17 23:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At48.job

[2012/01/17 23:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At47.job

[2012/01/17 17:26:14 | 000,001,041 | ---- | M] () -- C:\Users\Ben\Desktop\Auslogics Disk Defrag.lnk

[2012/01/17 17:20:37 | 000,023,624 | ---- | M] () -- C:\Windows\System32\drivers\hitmanpro36.sys

[2012/01/17 17:14:17 | 000,001,432 | ---- | M] () -- C:\Windows\System32\.crusader

[2012/01/17 14:37:15 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At29.job

[2012/01/17 14:36:30 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At30.job

[2012/01/17 11:38:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job

[2012/01/17 11:35:45 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At24.job

[2012/01/17 11:35:01 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At23.job

[2012/01/16 07:29:18 | 000,000,000 | ---- | M] () -- C:\Windows\System32\null

[2012/01/12 18:06:58 | 000,023,552 | ---- | M] () -- C:\Users\Ben\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012/01/12 13:35:42 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At27.job

[2012/01/12 13:35:25 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At28.job

[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/18 12:49:49 | 000,000,359 | ---- | C] () -- C:\Users\Ben\Desktop\fix.reg

[2012/01/18 12:25:14 | 000,334,421 | ---- | C] () -- C:\Users\Ben\Desktop\FSS.exe

[2012/01/18 12:21:49 | 000,111,872 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys

[2012/01/18 10:56:43 | 000,000,806 | ---- | C] () -- C:\Users\Public\Desktop\PowerISO.lnk

[2012/01/18 01:29:38 | 000,017,408 | ---- | C] () -- C:\Users\Ben\AppData\Local\WebpageIcons.db

[2012/01/18 01:28:35 | 000,000,974 | ---- | C] () -- C:\Users\Ben\Desktop\Kaspersky Anti-Virus 2012.lnk

[2012/01/18 01:25:58 | 000,115,369 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat

[2012/01/18 01:25:58 | 000,097,961 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat

[2012/01/17 17:48:37 | 000,000,845 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Uninstall 5.lnk

[2012/01/17 17:26:14 | 000,001,041 | ---- | C] () -- C:\Users\Ben\Desktop\Auslogics Disk Defrag.lnk

[2012/01/17 17:14:17 | 000,001,432 | ---- | C] () -- C:\Windows\System32\.crusader

[2012/01/17 17:03:34 | 000,023,624 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro36.sys

[2011/12/15 08:20:23 | 000,000,000 | ---- | C] () -- C:\ProgramData\0U7uKtJ4.exe.b

[2011/12/09 18:28:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\50qPmDuK.com.b

[2011/12/09 18:26:33 | 000,000,112 | ---- | C] () -- C:\ProgramData\gSFE4L.dat

[2011/03/11 12:43:54 | 000,029,763 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat

[2009/08/30 16:38:59 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Strings

[2009/08/30 16:38:59 | 000,000,268 | RH-- | C] () -- C:\Users\Ben\AppData\Roaming\StatusSheet

[2009/08/30 16:38:59 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT

[2009/08/30 16:38:59 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Synth Leads

[2008/12/28 20:49:45 | 000,005,972 | ---- | C] () -- C:\Users\Ben\AppData\Local\d3d9caps.dat

[2008/12/21 17:45:24 | 000,870,128 | ---- | C] () -- C:\Users\Ben\AppData\Roaming\mcs.rma

[2008/12/21 17:45:24 | 000,000,004 | ---- | C] () -- C:\Users\Ben\AppData\Roaming\BEE317

[2008/10/06 16:18:17 | 000,002,206 | ---- | C] () -- C:\Users\Ben\AppData\Roaming\wklnhst.dat

[2008/10/02 19:13:55 | 000,023,552 | ---- | C] () -- C:\Users\Ben\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008/10/02 18:51:53 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin

[2008/10/02 18:51:53 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin

[2008/09/25 13:51:43 | 002,215,364 | ---- | C] () -- C:\Windows\System32\igklg400.bin

[2008/09/25 13:51:43 | 001,971,732 | ---- | C] () -- C:\Windows\System32\igklg450.bin

[2008/09/25 13:51:43 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll

[2008/09/25 13:51:43 | 000,029,932 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.bin

[2008/09/25 13:51:43 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll

[2008/09/25 11:21:21 | 000,000,076 | RHS- | C] () -- C:\Windows\CT4CET.bin

[2008/09/25 11:14:23 | 000,055,808 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll

[2008/09/25 11:14:22 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE

[2008/09/25 11:12:23 | 000,101,376 | ---- | C] () -- C:\Windows\System32\APOMngr.dll

[2008/09/25 11:12:23 | 000,066,560 | ---- | C] () -- C:\Windows\System32\CmdRtr.dll

[2008/09/25 11:12:23 | 000,000,628 | ---- | C] () -- C:\Windows\System32\PCI_VEN_1102&DEV_FF05&SUBSYS_00001102.ini

[2008/02/03 18:11:25 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat

[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2006/11/02 07:47:37 | 000,295,832 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006/11/02 05:33:01 | 000,604,502 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2006/11/02 05:33:01 | 000,104,170 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2006/11/02 05:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll

[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

========== LOP Check ==========

[2012/01/17 17:26:16 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\Auslogics

[2008/10/02 17:56:12 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\DigitalPersona

[2009/08/30 16:43:45 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\Nikon

[2010/03/20 10:33:24 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\Research In Motion

[2008/10/06 16:18:19 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\Template

[2012/01/18 00:35:04 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At1.job

[2012/01/18 04:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At10.job

[2012/01/18 05:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At11.job

[2012/01/18 05:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At12.job

[2012/01/18 06:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At13.job

[2012/01/18 06:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At14.job

[2012/01/18 07:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At15.job

[2012/01/18 07:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At16.job

[2012/01/18 08:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At17.job

[2012/01/18 08:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At18.job

[2012/01/18 09:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At19.job

[2012/01/18 00:35:04 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At2.job

[2012/01/18 09:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At20.job

[2012/01/18 10:34:59 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At21.job

[2012/01/18 10:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At22.job

[2012/01/17 11:35:01 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At23.job

[2012/01/17 11:35:45 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At24.job

[2012/01/18 12:34:59 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At25.job

[2012/01/18 12:35:03 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At26.job

[2012/01/12 13:35:42 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At27.job

[2012/01/12 13:35:25 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At28.job

[2012/01/17 14:37:15 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At29.job

[2012/01/18 01:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At3.job

[2012/01/17 14:36:30 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At30.job

[2012/01/18 15:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At31.job

[2012/01/18 15:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At32.job

[2012/01/18 16:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At33.job

[2012/01/18 16:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At34.job

[2012/01/18 17:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At35.job

[2012/01/18 17:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At36.job

[2012/01/18 18:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At37.job

[2012/01/18 18:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At38.job

[2012/01/18 19:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At39.job

[2012/01/18 01:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At4.job

[2012/01/18 19:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At40.job

[2012/01/18 20:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At41.job

[2012/01/18 20:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At42.job

[2012/01/18 21:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At43.job

[2012/01/18 21:34:59 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At44.job

[2012/01/18 22:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At45.job

[2012/01/18 22:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At46.job

[2012/01/17 23:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At47.job

[2012/01/17 23:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At48.job

[2012/01/18 02:34:59 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At5.job

[2012/01/18 02:35:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At6.job

[2012/01/18 03:35:01 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At7.job

[2012/01/18 03:35:01 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At8.job

[2012/01/18 04:35:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At9.job

[2012/01/18 13:18:19 | 000,032,650 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

Share this post


Link to post
Share on other sites

OTL Extras logfile created on: 1/18/2012 11:02:15 PM - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Ben\Desktop

Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6001.18000)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.99 Gb Available Physical Memory | 49.53% Memory free

4.22 Gb Paging File | 3.02 Gb Available in Paging File | 71.53% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 139.25 Gb Total Space | 77.50 Gb Free Space | 55.65% Space Free | Partition Type: NTFS

Drive D: | 9.77 Gb Total Space | 4.48 Gb Free Space | 45.89% Space Free | Partition Type: NTFS

Computer Name: BEN-PC | User Name: Ben | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{00C07495-D36C-47C2-903E-2A9038ADD8B7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{025C3FBC-A96A-428D-8880-EA893D3AB962}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{02B3B8F2-9C34-4BC0-84F5-65FE276678C2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{135FD638-D9B6-4669-B3AF-C2395DD9AD87}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{21B2E0CA-10D0-4BBB-B009-5360DCE7F30D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{2D68328C-3494-4920-B667-0E596BAEE947}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{31D1CB88-76A2-44A0-8C20-FEEF43898620}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{45717056-A0B5-47CB-BC6F-26708CEDFB30}" = lport=3390 | protocol=6 | dir=in | app=system |

"{6596CC10-5CBA-4D09-A094-EFB83EB8C065}" = lport=3390 | protocol=6 | dir=in | app=system |

"{68BBEF71-B0AC-4BBA-965B-BC33D0BB4632}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |

"{6E519DBB-5A65-4B71-9946-4558671F2E6B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{71520B43-0156-4A2C-A720-E40CCEE13F2E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{74A67321-4AEE-40E7-B46C-46535FF6D83E}" = rport=10244 | protocol=6 | dir=out | app=system |

"{771A73B5-8F6C-4F5E-B234-9EF31C905800}" = lport=10244 | protocol=6 | dir=in | app=system |

"{855B75FD-EE6C-4C59-8DF7-0EACF72629D7}" = rport=10244 | protocol=6 | dir=out | app=system |

"{A6F5A0C8-A247-464A-B5E5-F69F40925098}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{B8531F9E-5467-4D65-AB9D-0971AFEE331D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{BBA62406-8524-4CE4-B8CE-458D4D7ED8C6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{CDFC1387-9F45-4AEA-8350-6B27B2674FC6}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |

"{D4CBCC6E-A7F0-4057-BDA4-D9863D2F32FE}" = lport=10244 | protocol=6 | dir=in | app=system |

"{DEE1F6A0-6681-4286-AD2B-D5BF0B8578B3}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |

"{F98309DC-AD7E-4060-8523-0C307621BBDC}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{126ACA5A-33F8-40F0-8B36-7397B5F7F0BF}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |

"{1B2D21F3-054C-43A2-9CC7-E8FBA85682BF}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |

"{205C25C8-1CAF-4866-BD81-D22723528243}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |

"{23F6C1A4-BDF5-4DD1-A4E4-C79E6D149420}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{26336B2B-6AF1-45C5-8398-4ECFE6F931EB}" = protocol=17 | dir=in | app=c:\program files\dell video chat\dellvideochat.exe |

"{3ECB2187-1ADC-4B29-ACCC-6AC72E0E850F}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |

"{4EBFB35B-BA00-4DCF-B5F0-DAEBA1696222}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |

"{4F755447-0024-46FE-952F-457806B9F19F}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |

"{5342D1C6-571D-4A02-AC02-FA6FCF95FCC5}" = protocol=6 | dir=in | app=c:\program files\dell video chat\dellvideochat.exe |

"{54486F1B-952B-4154-BD12-11D630F1A608}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |

"{6ADFF835-BFA6-4B45-B7B2-D2F5F2E53495}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{70DE34BF-4041-4ECE-99F2-0167DFFE410E}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |

"{88EF060D-3892-47A2-89E5-DD06305C5ECA}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |

"{8FD8052C-C10C-4DA2-9FB4-3E4A97C70305}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |

"{BBE31CE7-EA8F-4D5F-A9F5-4CBA28E75758}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{CE8D79AA-F1DB-4E43-9120-2641D1BA6E87}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{D2ECED06-B213-4C9B-829E-4A508F5F6264}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR

"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour

"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data

"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE

"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support

"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online

"{140BF0D0-E848-405C-9A01-D3256B918B6D}" = AuthenTec Fingerprint System

"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{184E7118-0295-43C4-B72C-1D54AA75AAF7}" = Windows Live Mail

"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{255909FA-8E58-4BC2-A83A-3C71EB5DD6EC}" = EarthLink Setup Files

"{2D4F6BE3-6FEF-4FE9-9D01-1406B220D08C}" = Windows Live Photo Gallery

"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager

"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5

"{35EAF162-26F1-4DD2-8349-297F5CE31FD5}" = DigitalPersona Personal 3.1.0

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Anti-Virus 2012

"{53C6D09E-EAB6-49E5-BA4C-BA7FF13830FB}" = Sound Blaster Audigy ADVANCED MB

"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth

"{5A447CFB-B64E-4D3C-9744-2EA44EFB8F97}" = BlackBerry Device Software Updater

"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector

"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator

"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3

"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs

"{6D3963B0-E13B-4FC3-B0FF-506A304BB043}" = Cisco EAP-FAST Module

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com

"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide

"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{9176251A-4CC1-4DDB-B343-B487195EB397}" = Windows Live Writer

"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)

"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect

"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad

"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support

"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9

"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy

"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5

"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver

"{C4972073-2BFE-475D-8441-564EA97DA161}" = QuickSet

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center

"{D45E8C45-B601-4A80-AFD8-E16338744DE1}" = ArcSoft Panorama Maker 4

"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag

"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)

"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer

"{EC2A8F27-4FBF-4E41-B27B-FE822511B761}" = iTunes

"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock

"{FB26A501-6BA6-459B-89AA-9736730752FB}" = VoiceOver Kit

"{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver

"7-Zip 9.20" = 7-Zip 9.20

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Advanced Audio FX Engine" = Advanced Audio FX Engine

"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card Utility

"CCleaner" = CCleaner

"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com

"Creative OA001" = Integrated Webcam Driver (1.02.02.0603)

"Dell Video Chat" = Dell Video Chat (remove only)

"Dell Webcam Central" = Dell Webcam Central

"Google Desktop" = Google Desktop

"Google Updater" = Google Updater

"GoToAssist" = GoToAssist 8.0.0.514

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Anti-Virus 2012

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"PowerISO" = PowerISO

"Scrabble" = Scrabble (remove only)

"Total Uninstall 5_is1" = Total Uninstall 5.10.1

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 1/17/2012 6:00:49 PM | Computer Name = Ben-PC | Source = WinMgmt | ID = 10

Description =

Error - 1/17/2012 6:17:23 PM | Computer Name = Ben-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083

Description =

Error - 1/17/2012 6:17:25 PM | Computer Name = Ben-PC | Source = WinMgmt | ID = 10

Description =

Error - 1/17/2012 6:50:04 PM | Computer Name = Ben-PC | Source = VSS | ID = 8194

Description =

Error - 1/17/2012 6:51:20 PM | Computer Name = Ben-PC | Source = VSS | ID = 8194

Description =

Error - 1/17/2012 9:01:47 PM | Computer Name = Ben-PC | Source = WinMgmt | ID = 10

Description =

Error - 1/17/2012 9:27:28 PM | Computer Name = Ben-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083

Description =

Error - 1/17/2012 9:30:13 PM | Computer Name = Ben-PC | Source = VSS | ID = 8194

Description =

Error - 1/17/2012 9:44:37 PM | Computer Name = Ben-PC | Source = WinMgmt | ID = 10

Description =

Error - 1/17/2012 9:45:06 PM | Computer Name = Ben-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083

Description =

[ Broadcom Wireless LAN Events ]

Error - 1/17/2012 5:46:51 PM | Computer Name = Ben-PC | Source = WLAN-Tray | ID = 0

Description = 16:46:51, Tue, Jan 17, 12 Error - User "" does not have administrative

privileges on this system

Error - 1/17/2012 5:46:51 PM | Computer Name = Ben-PC | Source = WLAN-Tray | ID = 0

Description = 16:46:51, Tue, Jan 17, 12 Error - User "" does not have administrative

privileges on this system

Error - 1/17/2012 6:14:27 PM | Computer Name = Ben-PC | Source = WLAN-Tray | ID = 0

Description = 17:14:27, Tue, Jan 17, 12 Error - User "" does not have administrative

privileges on this system

Error - 1/17/2012 6:14:27 PM | Computer Name = Ben-PC | Source = WLAN-Tray | ID = 0

Description = 17:14:27, Tue, Jan 17, 12 Error - User "" does not have administrative

privileges on this system

Error - 1/17/2012 7:20:05 PM | Computer Name = Ben-PC | Source = WLAN-Tray | ID = 0

Description = 18:20:05, Tue, Jan 17, 12 Error - User "" does not have administrative

privileges on this system

Error - 1/17/2012 7:20:05 PM | Computer Name = Ben-PC | Source = WLAN-Tray | ID = 0

Description = 18:20:05, Tue, Jan 17, 12 Error - User "" does not have administrative

privileges on this system

Error - 1/17/2012 9:02:46 PM | Computer Name = Ben-PC | Source = WLAN-Tray | ID = 0

Description = 20:02:45, Tue, Jan 17, 12 Error - Unable to gain access to user store

Error - 1/17/2012 9:43:13 PM | Computer Name = Ben-PC | Source = WLAN-Tray | ID = 0

Description = 20:43:13, Tue, Jan 17, 12 Error - User "" does not have administrative

privileges on this system

Error - 1/17/2012 9:43:13 PM | Computer Name = Ben-PC | Source = WLAN-Tray | ID = 0

Description = 20:43:13, Tue, Jan 17, 12 Error - User "" does not have administrative

privileges on this system

Error - 1/18/2012 10:43:15 AM | Computer Name = Ben-PC | Source = WLAN-Tray | ID = 0

Description = 09:43:15, Wed, Jan 18, 12 Error - User "" does not have administrative

privileges on this system

[ DigitalPersona Pro Events ]

Error - 12/30/2008 6:22:39 PM | Computer Name = Ben-PC | Source = DigitalPersona Pro | ID = 17827841

Description = One-to-one fingerprint match failed.

Error - 6/6/2010 1:57:48 PM | Computer Name = Ben-PC | Source = DigitalPersona Pro | ID = 17827841

Description = One-to-one fingerprint match failed.

Error - 1/23/2011 6:22:45 PM | Computer Name = Ben-PC | Source = DigitalPersona Pro | ID = 17827841

Description = One-to-one fingerprint match failed.

Error - 1/23/2011 6:22:49 PM | Computer Name = Ben-PC | Source = DigitalPersona Pro | ID = 17827841

Description = One-to-one fingerprint match failed.

[ Media Center Events ]

Error - 1/10/2009 11:18:06 PM | Computer Name = Ben-PC | Source = Mcx2Dvcs | ID = 401

Description =

Error - 1/10/2009 11:20:15 PM | Computer Name = Ben-PC | Source = McrMgr | ID = 107

Description =

Error - 1/10/2009 11:20:25 PM | Computer Name = Ben-PC | Source = McrMgr | ID = 107

Description =

Error - 2/13/2009 6:35:07 PM | Computer Name = Ben-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 6/11/2009 5:59:18 PM | Computer Name = Ben-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 11/3/2009 6:38:31 PM | Computer Name = Ben-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 1/4/2010 6:30:40 PM | Computer Name = Ben-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 11/1/2010 9:20:01 PM | Computer Name = Ben-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]

Error - 8/5/2009 2:12:00 AM | Computer Name = Ben-PC | Source = DCOM | ID = 10010

Description =

Error - 8/5/2009 2:12:01 AM | Computer Name = Ben-PC | Source = DCOM | ID = 10010

Description =

Error - 8/5/2009 2:12:01 AM | Computer Name = Ben-PC | Source = Service Control Manager | ID = 7043

Description =

Error - 8/5/2009 12:33:13 PM | Computer Name = Ben-PC | Source = HTTP | ID = 15016

Description =

Error - 8/5/2009 12:33:57 PM | Computer Name = Ben-PC | Source = Service Control Manager | ID = 7000

Description =

Error - 8/6/2009 10:15:10 AM | Computer Name = Ben-PC | Source = HTTP | ID = 15016

Description =

Error - 8/6/2009 10:15:56 AM | Computer Name = Ben-PC | Source = Service Control Manager | ID = 7000

Description =

Error - 8/7/2009 1:51:51 AM | Computer Name = Ben-PC | Source = Service Control Manager | ID = 7011

Description =

Error - 8/7/2009 2:38:02 PM | Computer Name = Ben-PC | Source = Service Control Manager | ID = 7011

Description =

Error - 8/8/2009 12:53:57 AM | Computer Name = Ben-PC | Source = Service Control Manager | ID = 7011

Description =

< End of report >

Share this post


Link to post
Share on other sites

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    :OTL
    [2012/01/17 21:00:08 | 000,000,000 | ---D | C] -- C:\Program Files\Free Offers from Freeze.com
    [2011/12/15 08:20:23 | 000,000,000 | ---- | C] () -- C:\ProgramData\0U7uKtJ4.exe.b
    [2011/12/09 18:28:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\50qPmDuK.com.b
    [2011/12/09 18:26:33 | 000,000,112 | ---- | C] () -- C:\ProgramData\gSFE4L.dat
    [2008/12/21 17:45:24 | 000,870,128 | ---- | C] () -- C:\Users\Ben\AppData\Roaming\mcs.rma
    [2008/12/21 17:45:24 | 000,000,004 | ---- | C] () -- C:\Users\Ben\AppData\Roaming\BEE317
    [2008/10/06 16:18:17 | 000,002,206 | ---- | C] () -- C:\Users\Ben\AppData\Roaming\wklnhst.dat
    [2008/09/25 11:21:21 | 000,000,076 | RHS- | C] () -- C:\Windows\CT4CET.bin

    :files
    C:\Windows\tasks\*.job

    :Commands
    [resethosts]
    [emptytemp]


  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post the log file.

Share this post


Link to post
Share on other sites

All processes killed

========== OTL ==========

C:\Program Files\Free Offers from Freeze.com folder moved successfully.

File C:\ProgramData\0U7uKtJ4.exe.b not found.

C:\Windows\System32\50qPmDuK.com.b moved successfully.

File C:\ProgramData\gSFE4L.dat not found.

C:\Users\Ben\AppData\Roaming\mcs.rma moved successfully.

C:\Users\Ben\AppData\Roaming\BEE317 moved successfully.

C:\Users\Ben\AppData\Roaming\wklnhst.dat moved successfully.

C:\Windows\CT4CET.bin moved successfully.

========== FILES ==========

C:\Windows\tasks\At1.job moved successfully.

C:\Windows\tasks\At10.job moved successfully.

C:\Windows\tasks\At11.job moved successfully.

C:\Windows\tasks\At12.job moved successfully.

C:\Windows\tasks\At13.job moved successfully.

C:\Windows\tasks\At14.job moved successfully.

C:\Windows\tasks\At15.job moved successfully.

C:\Windows\tasks\At16.job moved successfully.

C:\Windows\tasks\At17.job moved successfully.

C:\Windows\tasks\At18.job moved successfully.

C:\Windows\tasks\At19.job moved successfully.

C:\Windows\tasks\At2.job moved successfully.

C:\Windows\tasks\At20.job moved successfully.

C:\Windows\tasks\At21.job moved successfully.

C:\Windows\tasks\At22.job moved successfully.

C:\Windows\tasks\At23.job moved successfully.

C:\Windows\tasks\At24.job moved successfully.

C:\Windows\tasks\At25.job moved successfully.

C:\Windows\tasks\At26.job moved successfully.

C:\Windows\tasks\At27.job moved successfully.

C:\Windows\tasks\At28.job moved successfully.

C:\Windows\tasks\At29.job moved successfully.

C:\Windows\tasks\At3.job moved successfully.

C:\Windows\tasks\At30.job moved successfully.

C:\Windows\tasks\At31.job moved successfully.

C:\Windows\tasks\At32.job moved successfully.

C:\Windows\tasks\At33.job moved successfully.

C:\Windows\tasks\At34.job moved successfully.

C:\Windows\tasks\At35.job moved successfully.

C:\Windows\tasks\At36.job moved successfully.

C:\Windows\tasks\At37.job moved successfully.

C:\Windows\tasks\At38.job moved successfully.

C:\Windows\tasks\At39.job moved successfully.

C:\Windows\tasks\At4.job moved successfully.

C:\Windows\tasks\At40.job moved successfully.

C:\Windows\tasks\At41.job moved successfully.

C:\Windows\tasks\At42.job moved successfully.

C:\Windows\tasks\At43.job moved successfully.

C:\Windows\tasks\At44.job moved successfully.

C:\Windows\tasks\At45.job moved successfully.

C:\Windows\tasks\At46.job moved successfully.

C:\Windows\tasks\At47.job moved successfully.

C:\Windows\tasks\At48.job moved successfully.

C:\Windows\tasks\At5.job moved successfully.

C:\Windows\tasks\At6.job moved successfully.

C:\Windows\tasks\At7.job moved successfully.

C:\Windows\tasks\At8.job moved successfully.

C:\Windows\tasks\At9.job moved successfully.

C:\Windows\tasks\Google Software Updater.job moved successfully.

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.

========== COMMANDS ==========

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Ben

->Temp folder emptied: 32582 bytes

->Temporary Internet Files folder emptied: 5107867 bytes

->Java cache emptied: 0 bytes

->Flash cache emptied: 456 bytes

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

User: Mcx1

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 23477153 bytes

RecycleBin emptied: 2821 bytes

Total Files Cleaned = 27.00 mb

OTL by OldTimer - Version 3.2.31.0 log created on 01192012_095958

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Share this post


Link to post
Share on other sites

Hello again Maniac. Here is the combofix log.

ComboFix 12-01-19.02 - Ben 01/19/2012 23:08:51.1.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2037.795 [GMT -5:00]

Running from: c:\users\Ben\Desktop\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\system32\oem49.inf

.

.

((((((((((((((((((((((((( Files Created from 2011-12-20 to 2012-01-20 )))))))))))))))))))))))))))))))

.

.

2012-01-20 04:17 . 2012-01-20 04:17 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-01-20 03:53 . 2012-01-20 03:53 -------- d-----w- c:\windows\system32\ca-ES

2012-01-20 03:53 . 2012-01-20 03:53 -------- d-----w- c:\windows\system32\eu-ES

2012-01-20 03:53 . 2012-01-20 03:53 -------- d-----w- c:\windows\system32\vi-VN

2012-01-19 18:13 . 2011-10-04 22:22 703824 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7AD62C7C-A16B-4711-842F-EA9C273960C9}\gapaengine.dll

2012-01-19 18:13 . 2012-01-17 09:39 6557240 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AEB919DB-BE2B-41DA-8583-5FFF5AE3A8E7}\mpengine.dll

2012-01-19 17:57 . 2012-01-19 17:58 -------- d-----w- c:\program files\Microsoft Security Client

2012-01-19 17:56 . 2010-04-05 20:00 221568 ----a-w- c:\windows\system32\drivers\netio.sys

2012-01-19 17:52 . 2009-04-11 06:28 203264 ----a-w- c:\windows\system32\uDWM.dll

2012-01-19 17:51 . 2009-04-11 06:32 53736 ----a-w- c:\windows\system32\drivers\disk.sys

2012-01-19 17:50 . 2009-04-11 06:28 61952 ----a-w- c:\windows\system32\wbem\xml\wmi2xml.dll

2012-01-19 17:49 . 2010-12-18 04:47 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2012-01-19 17:49 . 2010-12-18 06:26 129536 ----a-w- c:\program files\Internet Explorer\sqmapi.dll

2012-01-19 17:49 . 2010-12-18 06:22 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-01-19 17:49 . 2010-12-18 06:22 247808 ----a-w- c:\program files\Internet Explorer\ieproxy.dll

2012-01-19 17:47 . 2009-03-08 11:32 72704 ----a-w- c:\windows\system32\admparse.dll

2012-01-19 17:44 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll

2012-01-19 17:44 . 2010-09-06 16:19 17920 ----a-w- c:\windows\system32\netevent.dll

2012-01-19 17:43 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll

2012-01-19 16:29 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin

2012-01-19 15:54 . 2010-02-20 23:06 24064 ----a-w- c:\windows\system32\nshhttp.dll

2012-01-19 15:54 . 2010-02-20 23:05 30720 ----a-w- c:\windows\system32\httpapi.dll

2012-01-19 15:54 . 2010-02-20 20:53 411648 ----a-w- c:\windows\system32\drivers\http.sys

2012-01-19 15:51 . 2009-10-09 21:56 1181696 ----a-w- c:\windows\system32\WsmSvc.dll

2012-01-19 15:51 . 2009-10-09 21:56 241152 ----a-w- c:\windows\system32\winrscmd.dll

2012-01-19 15:51 . 2009-10-09 21:56 246272 ----a-w- c:\windows\system32\WSManHTTPConfig.exe

2012-01-19 15:51 . 2009-10-09 21:55 252416 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll

2012-01-19 15:48 . 2012-01-19 15:48 637848 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-01-19 15:43 . 2012-01-19 15:48 567184 ----a-w- c:\windows\system32\deployJava1.dll

2012-01-19 15:42 . 2009-09-10 14:58 1418752 ----a-w- c:\program files\Windows Media Player\setup_wm.exe

2012-01-19 15:42 . 2009-09-10 14:58 310784 ----a-w- c:\windows\system32\unregmp2.exe

2012-01-19 15:40 . 2010-04-16 16:46 502272 ----a-w- c:\windows\system32\usp10.dll

2012-01-19 15:39 . 2010-10-15 14:08 3602320 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-01-19 15:33 . 2011-02-22 13:23 69632 ----a-w- c:\windows\system32\drivers\bowser.sys

2012-01-19 15:32 . 2011-06-02 13:34 2043392 ----a-w- c:\windows\system32\win32k.sys

2012-01-19 15:32 . 2010-08-26 16:37 157184 ----a-w- c:\windows\system32\t2embed.dll

2012-01-19 15:31 . 2009-07-17 13:54 71680 ----a-w- c:\windows\system32\atl.dll

2012-01-19 15:31 . 2010-06-28 17:00 1316864 ----a-w- c:\windows\system32\ole32.dll

2012-01-19 15:31 . 2010-06-28 14:54 339968 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe

2012-01-19 15:31 . 2009-06-10 11:42 160256 ----a-w- c:\windows\system32\wkssvc.dll

2012-01-19 15:31 . 2010-08-17 14:11 128000 ----a-w- c:\windows\system32\spoolsv.exe

2012-01-19 15:30 . 2011-04-21 13:58 273408 ----a-w- c:\windows\system32\drivers\afd.sys

2012-01-19 15:30 . 2010-06-17 18:08 10926592 ----a-w- c:\program files\Movie Maker\MOVIEMK.dll

2012-01-19 15:30 . 2010-06-17 16:16 150016 ----a-w- c:\program files\Movie Maker\MOVIEMK.exe

2012-01-19 15:30 . 2009-04-11 06:28 23040 ----a-w- c:\program files\Movie Maker\WMM2EXT.dll

2012-01-19 15:30 . 2009-04-11 06:28 195072 ----a-w- c:\program files\Movie Maker\WMM2AE.dll

2012-01-19 15:30 . 2010-12-14 14:49 1169408 ----a-w- c:\windows\system32\sdclt.exe

2012-01-19 15:30 . 2010-04-05 17:02 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL

2012-01-19 15:30 . 2010-06-11 16:15 1248768 ----a-w- c:\windows\system32\msxml3.dll

2012-01-19 15:29 . 2010-01-21 15:05 62464 ----a-w- c:\windows\system32\l3codeca.acm

2012-01-19 15:29 . 2009-04-11 06:27 220672 ----a-w- c:\windows\system32\l3codecp.acm

2012-01-19 15:29 . 2010-12-20 16:35 563712 ----a-w- c:\windows\system32\oleaut32.dll

2012-01-19 15:29 . 2009-04-23 12:14 623616 ----a-w- c:\windows\system32\localspl.dll

2012-01-19 15:29 . 2010-08-31 15:46 954752 ----a-w- c:\windows\system32\mfc40.dll

2012-01-19 15:29 . 2010-08-31 15:46 954288 ----a-w- c:\windows\system32\mfc40u.dll

2012-01-19 15:29 . 2010-06-18 17:31 36864 ----a-w- c:\windows\system32\rtutils.dll

2012-01-19 15:28 . 2009-06-15 14:52 1259008 ----a-w- c:\windows\system32\lsasrv.dll

2012-01-19 15:28 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll

2012-01-19 15:28 . 2009-06-15 14:54 175104 ----a-w- c:\windows\system32\wdigest.dll

2012-01-19 15:28 . 2009-06-15 23:15 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-01-19 15:28 . 2009-06-15 14:53 72704 ----a-w- c:\windows\system32\secur32.dll

2012-01-19 15:28 . 2009-06-15 12:48 9728 ----a-w- c:\windows\system32\lsass.exe

2012-01-19 15:28 . 2008-02-29 06:35 6656 ----a-w- c:\windows\system32\kbd106n.dll

2012-01-19 15:26 . 2011-05-02 17:16 739328 ----a-w- c:\windows\system32\inetcomm.dll

2012-01-19 15:09 . 2010-10-28 13:20 2048 ----a-w- c:\windows\system32\tzres.dll

2012-01-19 15:06 . 2009-07-15 12:39 313344 ----a-w- c:\windows\system32\wmpdxm.dll

2012-01-19 15:06 . 2009-07-15 10:21 43520 ----a-w- c:\windows\system32\msdxm.tlb

2012-01-19 15:06 . 2009-07-15 10:21 18432 ----a-w- c:\windows\system32\amcompat.tlb

2012-01-19 15:00 . 2009-09-04 11:41 60928 ----a-w- c:\windows\system32\msasn1.dll

2012-01-19 14:58 . 2010-08-31 15:44 531968 ----a-w- c:\windows\system32\comctl32.dll

2012-01-19 10:18 . 2008-06-26 11:10 380928 ----a-w- c:\windows\system32\drivers\stwrt.sys

2012-01-19 10:18 . 2008-06-26 11:10 678912 ----a-w- c:\windows\system32\stapo.dll

2012-01-19 10:18 . 2008-06-26 11:10 344576 ----a-w- c:\windows\system32\stcplx.dll

2012-01-19 10:18 . 2008-06-26 11:10 405504 ----a-w- c:\windows\system32\stapi32.dll

2012-01-19 10:18 . 2008-06-26 11:09 173568 ----a-w- c:\windows\system32\st326017.dll

2012-01-19 10:08 . 2012-01-19 10:08 -------- d-----w- C:\$WINDOWS.~Q

2012-01-19 10:03 . 2012-01-19 10:03 -------- d-----w- C:\$INPLACE.~TR

2012-01-19 08:45 . 2009-12-23 11:33 172032 ----a-w- c:\windows\system32\wintrust.dll

2012-01-19 08:44 . 2010-01-13 17:34 98304 ----a-w- c:\windows\system32\cabview.dll

2012-01-19 08:40 . 2009-11-08 15:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2012-01-19 08:40 . 2009-11-08 15:55 49472 ----a-w- c:\windows\system32\netfxperf.dll

2012-01-19 08:40 . 2009-11-08 15:55 297808 ----a-w- c:\windows\system32\mscoree.dll

2012-01-19 08:40 . 2009-11-08 15:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe

2012-01-19 08:40 . 2009-11-08 15:55 1130824 ----a-w- c:\windows\system32\dfshim.dll

2012-01-19 08:30 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll

2012-01-19 08:30 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe

2012-01-19 08:30 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll

2012-01-19 08:30 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll

2012-01-19 08:29 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll

2012-01-19 08:29 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll

2012-01-19 08:29 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll

2012-01-19 08:29 . 2009-08-07 00:23 171608 ----a-w- c:\windows\system32\wuwebv.dll

2012-01-19 08:29 . 2009-08-06 23:44 33792 ----a-w- c:\windows\system32\wuapp.exe

2012-01-19 08:27 . 2012-01-19 17:56 -------- d-----w- c:\windows\Debug

2012-01-19 08:01 . 2012-01-19 08:01 -------- d-----w- c:\users\Default\video

2012-01-19 08:01 . 2012-01-19 08:01 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help

2012-01-19 07:37 . 2012-01-19 17:56 -------- d-----w- c:\users\Ben

2012-01-19 07:37 . 2012-01-19 07:37 -------- d-----w- c:\users\Mcx1

2012-01-19 07:35 . 2012-01-19 07:35 -------- d-----w- c:\program files\IDT

2012-01-19 07:35 . 2008-06-26 11:09 45568 ----a-w- c:\windows\system32\ctppld.dll

2012-01-19 07:35 . 2008-06-26 11:09 492544 ----a-w- c:\windows\system32\ctapo32.dll

2012-01-19 07:35 . 2008-06-26 11:09 372736 ----a-w- c:\windows\system32\aestecap.dll

2012-01-19 07:35 . 2008-06-26 11:09 53248 ----a-w- c:\windows\system32\aestaren.dll

2012-01-19 07:35 . 2008-06-26 11:09 133632 ----a-w- c:\windows\system32\aestacap.dll

2012-01-19 07:35 . 2008-06-26 11:10 2473984 ----a-w- c:\windows\system32\stlang.dll

2012-01-19 07:35 . 2008-06-26 11:09 516096 ----a-w- c:\windows\system32\idtmini1.exe

2012-01-19 07:35 . 2008-06-26 11:09 5615715 ----a-w- c:\windows\system32\idtcpl.cpl

2012-01-19 07:35 . 2008-06-26 11:09 73728 ----a-w- c:\windows\system32\AESTCom.dll

2012-01-19 07:35 . 2012-01-19 07:35 -------- d-----w- c:\program files\DellTPad

2012-01-19 05:27 . 2012-01-19 07:46 -------- d-----w- c:\programdata\WeCareReminder

2012-01-19 05:27 . 2012-01-19 07:44 -------- d-----w- c:\program files\Magical Jelly Bean

2012-01-18 17:21 . 2012-01-18 17:22 111872 ----a-w- c:\windows\system32\drivers\TrueSight.sys

2012-01-18 04:52 . 2012-01-19 07:48 -------- d-----w- c:\windows\system32\EventProviders

2012-01-18 02:00 . 2012-01-19 07:39 -------- d-----w- c:\program files\7-Zip

2012-01-17 22:26 . 2012-01-19 07:40 -------- d-----w- c:\program files\Auslogics

2012-01-17 22:22 . 2012-01-19 07:40 -------- d-----w- c:\program files\CCleaner

2012-01-17 22:03 . 2012-01-17 22:20 23624 ----a-w- c:\windows\system32\drivers\hitmanpro36.sys

2012-01-17 22:03 . 2012-01-19 07:45 -------- d-----w- c:\programdata\HitmanPro

2012-01-03 13:10 . 2012-01-03 13:10 182672 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-12-14 13:27 . 2011-12-14 13:27 677136 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2011-12-05 00:15 . 2011-12-05 00:15 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-03-11 141848]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-03-11 166424]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-03-11 133656]

"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-06-30 196608]

"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-08-05 3563520]

"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]

"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-03 178712]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-09 305440]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-09-30 252296]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]

"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-06-26 442467]

.

c:\users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-7-15 1226024]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-7-15 1226024]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

"ConsentPromptBehaviorAdmin"= 5 (0x5)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]

2008-09-25 16:24 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Notification Packages REG_MULTI_SZ scecli DPPWDFLT

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Nikon Monitor.lnk]

backup=c:\windows\pss\Nikon Monitor.lnk.CommonStartup

backupExtension=.CommonStartup

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Nikon Monitor.lnk

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickSet.lnk]

backup=c:\windows\pss\QuickSet.lnk.CommonStartup

backupExtension=.CommonStartup

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell DataSafe Online]

2009-11-13 21:15 1807600 ----a-w- c:\program files\Dell DataSafe Online\DataSafeOnline.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central]

2008-06-03 20:54 446635 ----a-w- c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]

2009-05-21 15:13 206064 ----a-w- c:\program files\Dell Support Center\bin\sprtcmd.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DpAgent]

2008-06-09 17:47 814144 ----a-w- c:\program files\DigitalPersona\Bin\DpAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]

2008-03-11 17:44 16384 ----a-w- c:\program files\Dell Support Center\gs_agent\custom\dsca.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECenter]

2008-02-29 04:18 17920 ----a-w- c:\dell\E-Center\EULALauncher.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]

2010-07-23 02:37 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]

2008-01-14 15:13 132392 ----a-w- c:\program files\Dell\MediaDirect\PCMService.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2009-09-05 05:54 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SightSpeed]

2008-06-13 02:56 4758904 ----a-w- c:\program files\Dell Video Chat\DellVideoChat.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2008-09-25 16:15 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]

2008-06-26 11:10 442467 ----a-w- c:\program files\IDT\WDM\sttray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]

2000-05-11 06:00 90112 ----a-w- c:\windows\Updreg.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]

2008-01-21 02:25 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

.

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\aestsrv.exe [2008-06-26 73728]

.

.

--- Other Services/Drivers In Memory ---

.

*Deregistered* - KL1

*Deregistered* - kl2

*Deregistered* - KLIF

*Deregistered* - SCDEmu

.

Contents of the 'Scheduled Tasks' folder

.

2012-01-19 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-09-25 21:11]

.

2012-01-20 c:\windows\Tasks\User_Feed_Synchronization-{22D4D774-F2D4-4B8B-ACB2-624E13C9F8D8}.job

- c:\windows\system32\msfeedssync.exe [2012-01-19 04:47]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://espn.go.com/boston/

uInternet Settings,ProxyOverride = *.local

TCP: DhcpNameServer = 75.75.75.75 75.75.76.76

.

- - - - ORPHANS REMOVED - - - -

.

MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe

MSConfigStartUp-Finally Fast - c:\program files\Ascentive\Finally Fast\FinallyFast.exe

MSConfigStartUp-PWRISOVM - c:\program files\PowerISO\PWRISOVM.EXE

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-01-19 23:17

Windows 6.0.6002 Service Pack 2 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'lsass.exe'(716)

c:\windows\system32\DPPWDFLT.dll

.

Completion time: 2012-01-19 23:20:41

ComboFix-quarantined-files.txt 2012-01-20 04:20

.

Pre-Run: 85,826,928,640 bytes free

Post-Run: 85,654,147,072 bytes free

.

- - End Of File - - 0B9898E3E6C765D45FF8733900A04CB5

Share this post


Link to post
Share on other sites

Please locate to:

C:\Qoobox\Add-Remove Programs.txt

Post its content in your next reply.

Share this post


Link to post
Share on other sites

Update for Microsoft Office 2007 (KB2508958)

7-Zip 9.20

Acrobat.com

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Reader X (10.1.2)

Advanced Audio FX Engine

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ArcSoft Panorama Maker 4

ASPCA Reminder by We-Care.com v5.0.5.1

Auslogics Disk Defrag

AuthenTec Fingerprint System

BlackBerry Device Software Updater

Bonjour

Browser Address Error Redirector

CCleaner

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

Compatibility Pack for the 2007 Office system

Creative MediaSource 5

Dell DataSafe Online

Dell Dock

Dell Getting Started Guide

Dell Support Center (Support Software)

Dell Touchpad

Dell Video Chat (remove only)

Dell Webcam Central

Dell Wireless WLAN Card Utility

DigitalPersona Personal 3.1.0

EarthLink Setup Files

EDocs

FileHippo.com Update Checker

Google Desktop

Google Earth

Google Toolbar for Internet Explorer

Google Update Helper

Google Updater

GoToAssist 8.0.0.514

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Integrated Webcam Driver (1.06.03.0309)

Intel® Matrix Storage Manager

ITECIR Driver

iTunes

Java Auto Updater

Java 6 Update 30

Java 6 Update 5

Java 7 Update 2

LG USB Modem driver

Live! Cam Avatar Creator

Magical Jelly Bean KeyFinder

MediaDirect

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Antimalware

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Works

Move Media Player

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nikon Message Center

Nikon Transfer

QuickSet

QuickTime

Roxio Creator Audio

Roxio Creator Copy

Roxio Creator Data

Roxio Creator DE

Roxio Creator Tools

Roxio Express Labeler 3

Roxio Update Manager

Scrabble (remove only)

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB2553089)

Security Update for 2007 Microsoft Office System (KB2553090)

Security Update for 2007 Microsoft Office System (KB2584063)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Sound Blaster Audigy ADVANCED MB

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition

Update for Microsoft Office 2007 System (KB2539530)

Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

VoiceOver Kit

Windows Live Mail

Windows Live Photo Gallery

Windows Live Writer

Share this post


Link to post
Share on other sites

Detected a change in your system. Apparently you have changed your antivirus program. Please do not do such, especially in this case, radical change, because this can further complicate my job and need more time and energy on your part. Thanks for understanding!

In this case, our work is complicated because there are remained visible remnants of Kaspersky. We need to take for that before procceding further. Please follow these instructions for the Kaspersky Removal Tool:

http://support.kaspersky.com/faq/?qid=208279463

In your next reply, please include:

  • KavRemover log
  • a new fresh OTL log file

Share this post


Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.