Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Help my computer is hijacked by a Redirector

Started by SL2010 , Jan 20 2010 09:23 PM

  • Please log in to reply

#1
SL2010
Posted 20 January 2010 - 09:23 PM

SL2010

    Member

  • Member
  • PipPip
  • 17 posts
Hi,

I just found out that my son has re-infected our computer with some sort
of browser redirect virus\malware\trojan.

below are my logs from MBAM and OTL. I also just ran TFC and let it do a reboot.

any help would be greatly appreciated.
Thanks

OTL log
OTL logfile created on: 1/20/2010 9:59:40 PM - Run 4
OTL by OldTimer - Version 3.1.20.1 Folder = C:\Documents and Settings\Brian\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 54.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 40.00 Gb Total Space | 10.45 Gb Free Space | 26.13% Space Free | Partition Type: NTFS
Drive D: | 232.88 Gb Total Space | 207.24 Gb Free Space | 88.99% Space Free | Partition Type: NTFS
Drive E: | 103.04 Gb Total Space | 88.24 Gb Free Space | 85.64% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SELENE
Current User Name: Brian
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/12/29 09:29:59 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Brian\Desktop\OTL.exe
PRC - [2009/09/18 07:58:55 | 00,186,744 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Norton Internet Security\AddOns\Norton AddOn Pack\Engine\3.7.0.23\ccProxy.exe
PRC - [2009/09/04 13:16:54 | 00,158,448 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneLauncher.exe
PRC - [2009/09/04 13:16:54 | 00,058,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ZuneBusEnum.exe
PRC - [2009/08/22 02:28:17 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.38\ccSvcHst.exe
PRC - [2009/06/30 16:10:30 | 00,116,280 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
PRC - [2009/03/23 13:55:41 | 00,221,184 | ---- | M] (Linksys LLC - A Division of Cisco Systems) -- C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe
PRC - [2009/01/07 14:47:02 | 00,440,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
PRC - [2009/01/07 14:46:56 | 01,468,296 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe
PRC - [2008/12/12 17:06:40 | 00,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2008/12/01 11:10:05 | 01,251,720 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2008/12/01 09:58:32 | 00,382,384 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jucheck.exe
PRC - [2008/12/01 09:58:32 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2008/12/01 09:58:32 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2008/12/01 09:58:31 | 00,144,792 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\system32\java.exe
PRC - [2008/11/13 14:43:49 | 00,204,800 | ---- | M] () -- C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
PRC - [2008/10/16 17:07:40 | 00,147,456 | ---- | M] (Razer USA Ltd.) -- C:\Program Files\Razer\Lycosa\razerhid.exe
PRC - [2008/10/15 16:47:00 | 00,143,360 | ---- | M] () -- C:\Program Files\Razer\Lycosa\razertra.exe
PRC - [2008/09/25 14:53:32 | 00,181,680 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton SystemWorks Basic Edition\Norton Utilities\Speed Disk\NOPDB.exe
PRC - [2008/09/25 14:53:16 | 00,095,600 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton SystemWorks Basic Edition\Norton Utilities\NPROTECT.EXE
PRC - [2008/09/25 14:52:04 | 00,085,360 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton SystemWorks Basic Edition\NswUiTray.exe
PRC - [2008/04/24 13:26:18 | 00,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
PRC - [2008/04/24 13:25:22 | 00,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
PRC - [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/26 02:25:18 | 00,286,720 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
PRC - [2008/03/25 21:27:58 | 00,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2008/03/25 20:49:02 | 00,184,320 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
PRC - [2008/03/25 20:49:00 | 00,569,344 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
PRC - [2008/03/25 20:40:42 | 00,214,360 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2007/09/28 03:32:26 | 00,344,064 | ---- | M] (Sonix) -- C:\WINDOWS\vsnp2std.exe
PRC - [2006/09/11 04:40:32 | 00,218,032 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2006/05/03 11:43:46 | 00,413,696 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2006/01/02 16:41:22 | 00,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2003/12/02 15:38:13 | 00,077,824 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\QuickTime\qttask.exe
PRC - [2003/10/06 20:26:10 | 00,229,376 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\usbsircs\USBsircs.exe
PRC - [2003/06/23 19:32:54 | 01,409,024 | ---- | M] (Support.com, Inc.) -- C:\Program Files\support.com\client\bin\tgcmd.exe
PRC - [2003/05/23 13:43:00 | 00,088,363 | ---- | M] (Agere Systems) -- C:\WINDOWS\AGRSMMSG.exe
PRC - [2002/08/20 13:29:26 | 00,040,960 | ---- | M] (Easy Systems Japan Ltd.) -- C:\WINDOWS\system32\ezSP_Px.exe


========== Modules (SafeList) ==========

MOD - [2009/12/29 09:29:59 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Brian\Desktop\OTL.exe
MOD - [2009/08/22 02:28:14 | 00,419,696 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.38\asOEHook.dll
MOD - [2008/04/13 19:12:01 | 00,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2007/04/19 14:21:40 | 00,116,264 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprthook.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/09/18 07:58:55 | 00,186,744 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Norton Internet Security\AddOns\Norton AddOn Pack\Engine\3.7.0.23\ccProxy.exe -- (ccProxy)
SRV - [2009/09/04 13:17:00 | 00,447,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2009/09/04 13:16:54 | 05,893,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2009/09/04 13:16:54 | 00,058,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ZuneBusEnum.exe -- (ZuneBusEnum)
SRV - [2009/08/22 02:28:17 | 00,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.38\ccSvcHst.exe -- (Norton Internet Security)
SRV - [2008/12/12 17:06:40 | 00,642,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2008/12/01 11:10:05 | 01,251,720 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/12/01 09:58:32 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2008/11/20 14:18:52 | 00,136,120 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/11/13 14:43:49 | 00,204,800 | ---- | M] () [Auto | Running] -- C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe -- (LinksysUpdater)
SRV - [2008/11/04 00:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/09/25 14:53:32 | 00,181,680 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton SystemWorks Basic Edition\Norton Utilities\Speed Disk\NOPDB.exe -- (Speed Disk service)
SRV - [2008/09/25 14:53:16 | 00,095,600 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton SystemWorks Basic Edition\Norton Utilities\NPROTECT.EXE -- (NProtectService)
SRV - [2008/07/18 13:13:20 | 00,053,760 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.dll -- (Pml Driver HPZ12)
SRV - [2008/07/18 13:13:20 | 00,044,032 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPZinw12.dll -- (Net Driver HPZ12)
SRV - [2008/04/24 13:26:18 | 00,202,560 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe -- (sprtsvc_ddoctorv2) SupportSoft Sprocket Service (ddoctorv2)
SRV - [2008/03/25 21:27:36 | 00,135,168 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2008/03/25 21:25:50 | 00,630,784 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL -- (HPSLPSVC)
SRV - [2008/03/25 20:38:24 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2007/07/11 09:33:28 | 00,069,632 | R--- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/05/03 11:57:00 | 00,520,192 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2006/05/03 11:43:46 | 00,413,696 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2003/10/21 00:00:56 | 01,286,144 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe -- (VAIOMediaPlatform-VideoServer-AppServer)
SRV - [2003/10/21 00:00:40 | 00,712,704 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-VideoServer-UPnP) VAIO Media Video Server (UPnP)
SRV - [2003/10/21 00:00:40 | 00,712,704 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-PhotoServer-UPnP) VAIO Media Photo Server (UPnP)
SRV - [2003/10/21 00:00:40 | 00,712,704 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-MusicServer-UPnP) VAIO Media Music Server (UPnP)
SRV - [2003/10/21 00:00:38 | 00,057,344 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-VideoServer-HTTP) VAIO Media Video Server (HTTP)
SRV - [2003/10/21 00:00:38 | 00,057,344 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-PhotoServer-HTTP) VAIO Media Photo Server (HTTP)
SRV - [2003/10/21 00:00:38 | 00,057,344 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-MusicServer-HTTP) VAIO Media Music Server (HTTP)
SRV - [2003/10/21 00:00:14 | 00,925,696 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Photo\appsrv\PhotoAppSrv.exe -- (VAIOMediaPlatform-PhotoServer-AppServer)
SRV - [2003/10/21 00:00:08 | 00,503,897 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Music\SSSvr.exe -- (VAIOMediaPlatform-MusicServer-AppServer)
SRV - [2003/10/03 12:24:06 | 00,090,112 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Giga Pocket\RM_SV.exe -- (Sony TV Tuner Manager)
SRV - [2003/09/25 13:38:56 | 00,118,784 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Giga Pocket\halsv.exe -- (Sony TV Tuner Controller)
SRV - [2003/08/18 20:56:00 | 00,077,824 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2003/07/28 20:31:14 | 00,065,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe -- (SPTISRV)


========== Driver Services (SafeList) ==========

DRV - [2010/01/06 17:40:14 | 00,482,432 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1008000.026\ccHPx86.sys -- (ccHP)
DRV - [2009/10/28 17:37:22 | 00,329,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100119.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2009/09/02 00:28:46 | 00,040,832 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\zumbus.sys -- (zumbus)
DRV - [2009/08/26 03:00:00 | 00,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009/08/26 03:00:00 | 00,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/08/25 03:00:00 | 01,323,568 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100120.005\NAVEX15.SYS -- (NAVEX15)
DRV - [2009/08/25 03:00:00 | 00,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100120.005\NAVENG.SYS -- (NAVENG)
DRV - [2009/08/22 02:28:17 | 00,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1008000.026\SYMEFA.SYS -- (SymEFA)
DRV - [2009/08/22 02:28:17 | 00,308,272 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1008000.026\SRTSP.SYS -- (SRTSP)
DRV - [2009/08/22 02:28:17 | 00,259,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1008000.026\BHDrvx86.sys -- (BHDrvx86)
DRV - [2009/08/22 02:28:17 | 00,217,136 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1008000.026\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/08/22 02:28:17 | 00,089,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NIS\1008000.026\SYMFW.SYS -- (SYMFW)
DRV - [2009/08/22 02:28:17 | 00,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1008000.026\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2009/08/22 02:28:17 | 00,036,400 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NIS\1008000.026\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2009/08/22 02:28:17 | 00,033,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NIS\1008000.026\SYMIDS.SYS -- (SYMIDS)
DRV - [2009/08/18 22:56:26 | 00,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/08/18 14:11:17 | 00,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2009/08/18 14:11:17 | 00,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2009/08/09 13:19:18 | 00,027,136 | ---- | M] (NCH Swift Sound) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nchssvad.sys -- (NCHSSVAD)
DRV - [2009/06/17 11:56:24 | 00,079,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2009/06/17 11:56:16 | 00,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/06/17 11:56:06 | 00,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/06/17 11:55:26 | 00,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2008/12/19 19:08:28 | 00,027,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\point32.sys -- (Point32)
DRV - [2008/12/12 17:05:20 | 00,025,264 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\purendis.sys -- (purendis)
DRV - [2008/12/12 17:05:18 | 00,023,984 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pnarp.sys -- (pnarp)
DRV - [2008/12/09 03:27:27 | 00,000,000 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.hs -- (LVUVC) Logitech QuickCam E3500(UVC)
DRV - [2008/09/25 14:53:36 | 00,095,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SdDriver.SYS -- (SDdriver)
DRV - [2008/09/25 14:53:14 | 00,087,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NPDRIVER.SYS -- (NPDriver)
DRV - [2008/05/22 13:21:46 | 00,016,896 | ---- | M] (Razer USA Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Lycosa.sys -- (LycoFltr)
DRV - [2008/04/13 13:53:09 | 00,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 13:45:29 | 00,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/13 13:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 12:45:32 | 00,059,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GcKernel.sys -- (GcKernel)
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/09/05 00:48:24 | 12,212,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snp2sxp.sys -- (SNP2STD) USB2.0 PC Camera (SNP2STD)
DRV - [2007/07/26 03:00:00 | 00,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\PxHelp20.sys -- (PxHelp20)
DRV - [2007/07/23 15:05:20 | 00,009,104 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLADResM.SYS -- (DLADResM)
DRV - [2007/07/23 15:04:58 | 00,037,360 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2007/07/23 15:04:56 | 00,098,448 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2007/07/23 15:04:56 | 00,093,552 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2007/07/23 15:04:54 | 00,027,216 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2007/07/23 15:04:52 | 00,032,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2007/07/23 15:04:52 | 00,016,304 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2007/07/23 15:04:50 | 00,108,752 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2007/07/23 14:55:44 | 00,099,808 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2007/07/23 14:49:44 | 00,030,064 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007/07/23 14:49:44 | 00,014,576 | ---- | M] (Roxio) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2007/07/23 14:43:42 | 00,052,000 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2007/06/15 10:47:26 | 01,127,936 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
DRV - [2006/11/02 07:00:08 | 00,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006/05/16 01:17:22 | 00,049,664 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)
DRV - [2006/05/03 11:50:42 | 01,540,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/10/21 19:58:58 | 00,016,496 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2005/10/21 19:52:48 | 00,021,568 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2005/01/10 18:15:30 | 00,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2005/01/10 18:15:24 | 00,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2003/10/30 14:20:54 | 00,766,848 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smrt.sys -- (smrt)
DRV - [2003/10/01 17:48:24 | 00,594,048 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm)
DRV - [2003/08/18 20:56:00 | 01,343,803 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2003/05/23 13:44:00 | 01,171,648 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2003/04/15 12:40:54 | 00,113,504 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ialmsbw.sys -- ({6080A529-897E-4629-A488-ABA0C29B635E}) Intel® Graphics Platform (SoftBIOS)
DRV - [2003/04/15 12:40:46 | 00,078,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ialmkchw.sys -- ({D31A0762-0CEB-444e-ACFF-B049A1F6FE91}) Intel® Graphics Chipset (KCH)
DRV - [2003/04/15 12:39:46 | 00,090,907 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm)
DRV - [2003/03/31 07:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2003/03/11 08:21:38 | 00,121,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e1000325.sys -- (E1000) Intel®
DRV - [2003/03/04 14:56:26 | 00,145,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B) Intel®
DRV - [2002/08/28 21:59:12 | 00,036,224 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\an983.sys -- (AN983)
DRV - [2002/04/01 17:15:00 | 00,004,816 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio)
DRV - [2001/10/24 19:16:10 | 00,036,224 | R--- | M] (LinkSys Group Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lne100v5.sys -- (LNE100) Linksys LNE100TX(v5)
DRV - [2001/08/17 13:53:32 | 00,006,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\serscan.sys -- (StillCam)
DRV - [2001/08/17 13:02:50 | 00,002,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HIDSwvd.sys -- (HIDSwvd)
DRV - [2000/12/05 19:18:02 | 00,003,952 | R--- | M] (Sony Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:4.51
FF - prefs.js..extensions.enabledItems: [email protected]:1.0

FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009/09/20 17:48:06 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/17 22:51:24 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/09 19:59:17 | 00,000,000 | ---D | M]

[2009/08/31 21:42:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Brian\Application Data\Mozilla\Extensions
[2010/01/09 21:58:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\abpzacik.default\extensions
[2010/01/20 11:55:17 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: (27 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.38\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.38\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.38\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.38\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AGRSMMSG] C:\WINDOWS\AGRSMMSG.exe (Agere Systems)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [ddoctorv2] C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [EverioService] C:\Program Files\CyberLink\PCM4Everio\EverioService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe (Easy Systems Japan Ltd.)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LELA] C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe (Linksys LLC - A Division of Cisco Systems)
O4 - HKLM..\Run: [Lycosa] C:\Program Files\Razer\Lycosa\razerhid.exe (Razer USA Ltd.)
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [NSWosCheck] C:\Program Files\Norton SystemWorks Basic Edition\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [NswUiTray] C:\Program Files\Norton SystemWorks Basic Edition\NswUiTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [P17Helper] C:\WINDOWS\System32\P17.dll ()
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
O4 - HKLM..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe (Sonix)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [VAIO Recovery] C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe (Sony Electronics Inc)
O4 - HKLM..\Run: [ZTgServerSwitch] c:\program files\support.com\client\bin\tgcmd.exe (Support.com, Inc.)
O4 - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Remocon Driver.lnk = C:\Program Files\Sony\usbsircs\USBsircs.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\Brian\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files\Common Files\Logishrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks Basic Edition\Norton Cleanup\WCQuick.lnk ()
O9 - Extra 'Tools' menuitem : Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks Basic Edition\Norton Cleanup\WCQuick.lnk ()
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www2.snapfish...fishActivia.cab (Snapfish Activia)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.4.1.cab (DLM Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1227922992578 (WUWebControl Class)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symant...ex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1239251253406 (MUWebControl Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} http://h20264.www2.h...nosticsxp2k.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_01)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.71.230 68.87.73.246
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.38\CoIEPlg.dll (Symantec Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/12/01 20:36:01 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{46a9b953-bdda-11dd-917a-000ea63a1999}\Shell - "" = AutoRun
O33 - MountPoints2\{46a9b953-bdda-11dd-917a-000ea63a1999}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{46a9b953-bdda-11dd-917a-000ea63a1999}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/01/20 21:58:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Brian\Desktop\redirect20010120
[2010/01/20 07:32:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/01/17 00:11:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Razer
[2010/01/17 00:10:23 | 00,016,896 | ---- | C] (Razer USA Ltd.) -- C:\WINDOWS\System32\drivers\Lycosa.sys
[2010/01/17 00:10:14 | 00,065,536 | ---- | C] (Razer Inc.) -- C:\WINDOWS\System32\Lycosa.cpl
[2010/01/17 00:10:14 | 00,000,000 | ---D | C] -- C:\Program Files\Razer
[2010/01/16 22:50:50 | 00,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010/01/13 22:12:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010/01/12 22:51:36 | 00,027,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\point32.sys
[2010/01/12 22:50:52 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint
[2010/01/12 18:05:02 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2010/01/07 17:55:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Brian\Application Data\Roxio
[2010/01/07 17:05:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Uninstall
[2010/01/07 17:04:28 | 00,052,000 | ---- | C] (Roxio) -- C:\WINDOWS\System32\drivers\DRVNDDM.SYS
[2010/01/07 17:04:27 | 00,108,752 | ---- | C] (Roxio) -- C:\WINDOWS\System32\drivers\DLAIFS_M.SYS
[2010/01/07 17:04:27 | 00,099,808 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\DRVMCDB.SYS
[2010/01/07 17:04:27 | 00,098,448 | ---- | C] (Roxio) -- C:\WINDOWS\System32\drivers\DLAUDF_M.SYS
[2010/01/07 17:04:27 | 00,093,552 | ---- | C] (Roxio) -- C:\WINDOWS\System32\drivers\DLAUDFAM.SYS
[2010/01/07 17:04:27 | 00,037,360 | ---- | C] (Roxio) -- C:\WINDOWS\System32\drivers\DLABMFSM.SYS
[2010/01/07 17:04:27 | 00,032,848 | ---- | C] (Roxio) -- C:\WINDOWS\System32\drivers\DLABOIOM.SYS
[2010/01/07 17:04:27 | 00,030,064 | ---- | C] (Roxio) -- C:\WINDOWS\System32\drivers\DLARTL_M.SYS
[2010/01/07 17:04:27 | 00,027,216 | ---- | C] (Roxio) -- C:\WINDOWS\System32\drivers\DLAOPIOM.SYS
[2010/01/07 17:04:27 | 00,016,304 | ---- | C] (Roxio) -- C:\WINDOWS\System32\drivers\DLAPoolM.SYS
[2010/01/07 17:04:27 | 00,014,576 | ---- | C] (Roxio) -- C:\WINDOWS\System32\drivers\DLACDBHM.SYS
[2010/01/07 17:04:27 | 00,009,104 | ---- | C] (Roxio) -- C:\WINDOWS\System32\drivers\DLADResM.SYS
[2010/01/07 17:04:10 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SureThing Shared
[2010/01/07 17:03:17 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
[2010/01/07 17:02:46 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2010/01/07 17:02:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Brian\Application Data\InstallShield
[2010/01/07 17:02:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2010/01/07 17:02:33 | 00,000,000 | ---D | C] -- C:\Program Files\Roxio
[2010/01/04 00:38:19 | 00,000,000 | ---D | C] -- C:\test
[2010/01/02 21:57:51 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd
[2010/01/02 21:57:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogiShrd
[2010/01/02 21:53:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop\Microsoft IntelliPoint
[2010/01/02 21:52:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop\Microsoft IntelliType Pro
[2010/01/02 19:18:28 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2009/12/29 16:18:59 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/12/29 16:16:52 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/12/29 16:16:52 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/12/29 16:16:52 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/12/29 16:16:52 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/12/29 16:16:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/12/29 16:15:58 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/12/29 14:46:48 | 00,000,000 | ---D | C] -- C:\_OTL
[2009/12/29 13:46:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Brian\Local Settings\Application Data\ICS
[2009/12/29 10:35:09 | 00,410,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Brian\Desktop\TFC.exe
[2009/12/29 10:15:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Brian\Desktop\geeks2go
[2009/12/29 09:29:59 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Brian\Desktop\OTL.exe
[2009/12/25 12:09:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2009/12/25 11:17:44 | 00,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll
[2009/12/25 11:15:59 | 00,000,000 | ---D | C] -- C:\Program Files\Zune
[2009/12/25 11:13:25 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdrom.sys
[2009/12/25 11:13:24 | 00,922,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imapi2fs.dll
[2009/12/25 11:13:24 | 00,922,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imapi2fs.dll
[2009/12/25 11:13:24 | 00,426,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imapi2.dll
[2009/12/25 11:13:24 | 00,426,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imapi2.dll
[2009/12/22 16:41:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2009/12/22 16:41:33 | 00,000,000 | ---D | C] -- C:\Program Files\Comcast
[2009/12/22 16:38:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Brian\Local Settings\Application Data\SupportSoft
[2009/12/22 16:38:24 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SupportSoft
[2009/10/19 21:15:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2009/04/01 06:03:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Yahoo!
[2008/12/02 16:09:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2008/12/01 11:02:32 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2006/11/16 02:57:44 | 00,077,824 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2std.dll
[2003/12/01 20:35:49 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2002/04/11 09:41:06 | 00,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll

========== Files - Modified Within 30 Days ==========

[2010/01/20 11:59:32 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Brian\Ÿ;Ÿ;
[2010/01/20 11:58:30 | 00,000,951 | ---- | M] () -- C:\Documents and Settings\Brian\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2010/01/20 11:58:29 | 00,012,620 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/20 11:55:33 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/01/20 11:54:48 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/20 11:54:37 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/20 11:54:18 | 21,468,81536 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/20 07:50:33 | 05,767,168 | -H-- | M] () -- C:\Documents and Settings\Brian\NTUSER.DAT
[2010/01/20 07:50:14 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Brian\ntuser.ini
[2010/01/20 07:30:54 | 00,004,456 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/01/19 14:48:54 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Brian\Ÿ9Ÿ9
[2010/01/18 12:01:19 | 00,000,320 | ---- | M] () -- C:\WINDOWS\tasks\Norton SystemWorks One Button Checkup.job
[2010/01/17 00:10:33 | 01,173,524 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1008000.026\Cat.DB
[2010/01/17 00:10:19 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2010/01/15 18:17:00 | 00,002,257 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/01/13 03:04:13 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/12 22:57:36 | 00,309,992 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/01/12 22:56:06 | 00,000,290 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job
[2010/01/12 22:52:19 | 00,085,848 | ---- | M] () -- C:\Documents and Settings\Brian\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/01/12 22:51:50 | 00,001,862 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Mouse.lnk
[2010/01/10 19:30:29 | 00,528,276 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/01/10 19:30:29 | 00,445,462 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/01/10 19:30:29 | 00,072,744 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/01/09 19:59:20 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/01/07 17:04:28 | 00,000,232 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010/01/07 17:03:24 | 00,001,923 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Roxio Creator Home.lnk
[2010/01/07 07:34:18 | 00,002,244 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton Internet Security.lnk
[2010/01/06 17:40:14 | 00,482,432 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1008000.026\cchpx86.sys
[2010/01/06 17:40:12 | 00,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1008000.026\isolate.ini
[2010/01/04 21:59:17 | 00,098,058 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\random-1[1].jpg
[2010/01/04 18:41:28 | 00,719,370 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\100_1503.JPG
[2010/01/04 01:54:26 | 00,000,402 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\mckBU.bat
[2010/01/02 21:59:21 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2010/01/02 21:59:10 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
[2010/01/02 19:19:37 | 00,000,300 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job
[2009/12/29 16:46:30 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/12/29 16:45:59 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/12/29 16:19:10 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009/12/29 10:35:11 | 00,410,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Brian\Desktop\TFC.exe
[2009/12/29 09:29:59 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Brian\Desktop\OTL.exe
[2009/12/25 12:10:20 | 00,057,344 | ---- | M] () -- C:\Documents and Settings\Brian\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/25 11:29:20 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_ZuneDriver_01_09_00.Wdf
[2009/12/25 11:29:20 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2009/12/25 11:27:34 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_09_00.Wdf
[2009/12/25 11:17:57 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_zumbus_01009.Wdf
[2009/12/25 11:17:56 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2009/12/25 11:16:41 | 00,000,628 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Zune.lnk
[2009/12/25 11:08:40 | 00,000,238 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\Zune MP3 players, software, and music community Zune.net.url
[2009/12/22 16:42:15 | 00,000,136 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\Comcast Security.url
[2009/12/22 16:42:15 | 00,000,117 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\Comcast Email.url
[2009/12/22 16:41:51 | 00,001,960 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Comcast Desktop Doctor.lnk
[2009/12/22 16:38:52 | 00,001,144 | ---- | M] () -- C:\net_save.dna

========== Files Created - No Company Name ==========

[2010/01/20 11:58:28 | 00,000,951 | ---- | C] () -- C:\Documents and Settings\Brian\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2010/01/13 07:58:34 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2010/01/13 07:58:34 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2010/01/12 22:51:49 | 00,001,862 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Mouse.lnk
[2010/01/09 19:59:18 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/01/07 17:04:27 | 00,001,109 | ---- | C] () -- C:\WINDOWS\System32\drivers\PConfig.DCF
[2010/01/07 17:03:24 | 00,001,923 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Roxio Creator Home.lnk
[2010/01/04 22:53:12 | 00,719,370 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\100_1503.JPG
[2010/01/04 22:06:05 | 00,098,058 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\random-1[1].jpg
[2010/01/04 00:37:44 | 00,000,402 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\mckBU.bat
[2010/01/02 21:59:21 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2010/01/02 21:59:10 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
[2010/01/02 19:15:06 | 00,000,290 | ---- | C] () -- C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job
[2010/01/02 19:15:05 | 00,000,300 | ---- | C] () -- C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job
[2009/12/29 16:19:09 | 00,000,211 | ---- | C] () -- C:\Boot.bak
[2009/12/29 16:19:04 | 00,260,272 | ---- | C] () -- C:\cmldr
[2009/12/29 16:16:52 | 00,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/12/29 16:16:52 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/12/29 16:16:52 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/12/29 16:16:52 | 00,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2009/12/29 16:16:52 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/12/28 23:24:21 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Brian\Ÿ;Ÿ;
[2009/12/25 11:29:20 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_ZuneDriver_01_09_00.Wdf
[2009/12/25 11:29:20 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2009/12/25 11:27:34 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_09_00.Wdf
[2009/12/25 11:17:57 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_zumbus_01009.Wdf
[2009/12/25 11:17:56 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2009/12/25 11:16:41 | 00,000,628 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Zune.lnk
[2009/12/25 11:08:40 | 00,000,238 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\Zune MP3 players, software, and music community Zune.net.url
[2009/12/22 16:42:15 | 00,000,136 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\Comcast Security.url
[2009/12/22 16:42:15 | 00,000,117 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\Comcast Email.url
[2009/12/22 16:42:14 | 00,015,086 | ---- | C] () -- C:\WINDOWS\ComcastEmail.ico
[2009/12/22 16:42:14 | 00,007,982 | ---- | C] () -- C:\WINDOWS\ComcastSecurity.ico
[2009/12/22 16:41:51 | 00,001,960 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Comcast Desktop Doctor.lnk
[2009/12/17 00:29:14 | 00,000,232 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/09/20 13:44:52 | 00,000,061 | ---- | C] () -- C:\WINDOWS\SONIC.INI
[2009/08/03 14:07:42 | 00,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/05/17 14:06:08 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/05/17 14:06:06 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/05/17 14:05:59 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/05/17 14:03:36 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/05/17 14:03:34 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/04/09 06:46:40 | 01,353,048 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/02/22 19:55:37 | 00,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/02/22 19:55:36 | 00,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/02/22 19:55:36 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\DVDIFOFilter.dll
[2009/02/22 17:38:02 | 00,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2008/11/29 02:32:07 | 00,057,344 | ---- | C] () -- C:\Documents and Settings\Brian\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/28 22:59:33 | 00,005,663 | ---- | C] () -- C:\WINDOWS\System32\ludap17.ini
[2008/11/28 22:59:33 | 00,000,075 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2008/11/28 19:57:13 | 00,000,128 | ---- | C] () -- C:\Documents and Settings\Brian\Local Settings\Application Data\fusioncache.dat
[2008/11/28 19:40:16 | 00,010,020 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/11/28 19:37:02 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/11/28 19:35:10 | 00,001,295 | ---- | C] () -- C:\WINDOWS\System32\Px.ini
[2007/09/05 00:48:24 | 12,212,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2sxp.sys
[2007/01/25 05:48:34 | 00,025,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncamd.sys
[2005/05/03 19:38:42 | 00,064,512 | ---- | C] () -- C:\WINDOWS\System32\P17.dll
[2004/12/09 04:23:10 | 00,015,497 | ---- | C] () -- C:\WINDOWS\snp2std.ini
[2003/12/02 15:44:25 | 00,000,890 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2003/12/02 15:41:26 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2003/12/02 15:40:09 | 00,262,416 | ---- | C] () -- C:\WINDOWS\System32\ASFV2.DLL
[2003/12/02 15:39:35 | 00,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll
[2003/12/02 15:01:22 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/12/01 20:53:24 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/12/01 20:39:54 | 00,000,800 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/12/01 19:28:51 | 00,126,976 | ---- | C] () -- C:\WINDOWS\System32\e1000msg.dll
[2003/12/01 19:28:51 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2003/12/01 19:28:41 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\cbldrm.dll
[2003/12/01 19:28:40 | 00,000,666 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/10/02 18:48:18 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll
[2002/06/12 15:21:12 | 00,049,152 | R--- | C] () -- C:\WINDOWS\System32\winchip.dll
< End of report >



MBAM log
Malwarebytes' Anti-Malware 1.42
Database version: 3289
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

1/20/2010 9:58:00 PM
mbam-log-2010-01-20 (21-58-00).txt

Scan type: Quick Scan
Objects scanned: 136692
Time elapsed: 16 minute(s), 59 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Edited by SL2010, 21 January 2010 - 09:56 PM.

  • 0

Advertisements

#2
SL2010
Posted 21 January 2010 - 08:29 PM

SL2010

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
:)

Edited by SL2010, 21 January 2010 - 09:58 PM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP