Google Redirect Virus

Hi guys, I too have gotten infected with the goggle redirect virus. Can't search anything. Have tried Malwarebytes/Ccleaner/Superantispyware professional all to no avail. I am running Windows 7 64-bit so cannot use Combofix. I really hope you guys can help me get rid of this stupid thing. I have read the forum Virus removal rules and here are the logs (plus some):

OTL
OTL logfile created on: 11/15/2010 10:30:08 AM - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Owner\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.7930.16406)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 47.00% Memory free
8.00 Gb Paging File | 5.00 Gb Available in Paging File | 61.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1397.17 Gb Total Space | 1327.56 Gb Free Space | 95.02% Space Free | Partition Type: NTFS
Drive F: | 1397.26 Gb Total Space | 138.63 Gb Free Space | 9.92% Space Free | Partition Type: NTFS
Drive G: | 931.28 Gb Total Space | 69.68 Gb Free Space | 7.48% Space Free | Partition Type: FAT32
Drive H: | 931.28 Gb Total Space | 51.98 Gb Free Space | 5.58% Space Free | Partition Type: FAT32

Computer Name: BENS | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/05 17:31:08 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
PRC - [2010/10/28 21:32:32 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010/10/28 21:32:31 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/10/05 19:59:51 | 000,186,760 | ---- | M] () -- C:\Program Files (x86)\Photodex\ProShowProducer\scsiaccess.exe
PRC - [2010/09/27 18:55:25 | 000,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
PRC - [2010/09/13 13:02:00 | 000,039,408 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
PRC - [2010/08/31 23:26:04 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010/08/25 12:27:26 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
PRC - [2010/04/29 14:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/04/29 14:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010/04/29 14:39:32 | 000,437,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2010/03/04 22:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
PRC - [2009/07/07 13:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2009/06/02 18:05:58 | 000,457,200 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
PRC - [2008/04/23 02:08:13 | 000,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
PRC - [2004/12/17 08:00:00 | 000,118,784 | ---- | M] (WinZip Computing, Inc.) -- C:\Program Files (x86)\WinZip\WZQKPICK.EXE

========== Modules (SafeList) ==========

MOD - [2010/11/05 17:31:08 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
MOD - [2010/08/21 00:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/30 10:09:28 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2010/06/29 12:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2010/10/11 00:18:27 | 000,607,040 | ---- | M] (TuneUp Software) [On_Demand | Stop_Pending] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010/10/05 19:59:51 | 000,186,760 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Photodex\ProShowProducer\scsiaccess.exe -- (ScsiAccess)
SRV - [2010/09/30 10:14:20 | 001,403,200 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010/09/30 10:09:20 | 000,030,016 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2010/09/27 18:55:25 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe -- (N360)
SRV - [2010/09/13 13:02:00 | 000,039,408 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe -- (BOT4Service)
SRV - [2010/07/16 05:48:26 | 000,354,288 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe -- (RoxWatch12)
SRV - [2010/07/16 05:48:04 | 001,099,248 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe -- (RoxMediaDB13)
SRV - [2010/04/29 14:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/04 22:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009/07/13 00:08:04 | 000,024,168 | ---- | M] (The Within Network, LLC) [Auto | Running] -- C:\Windows\UnsignedThemesSvc.exe -- (UnsignedThemes)
SRV - [2009/07/07 13:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/02 18:05:58 | 000,457,200 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe -- (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/09/27 18:55:37 | 000,172,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2010/09/27 18:55:26 | 000,583,296 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0308000.029\cchpx64.sys -- (ccHP)
DRV:64bit: - [2010/09/27 18:55:26 | 000,476,720 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2010/09/27 18:55:26 | 000,402,992 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2010/09/27 18:55:26 | 000,334,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0308000.029\BHDrvx64.sys -- (BHDrvx64)
DRV:64bit: - [2010/09/27 18:55:26 | 000,278,576 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symtdi.sys -- (SYMTDI)
DRV:64bit: - [2010/09/27 18:55:26 | 000,120,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symfw.sys -- (SYMFW)
DRV:64bit: - [2010/09/27 18:55:26 | 000,056,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symndisv.sys -- (SYMNDISV)
DRV:64bit: - [2010/09/27 18:55:26 | 000,034,152 | R--- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2010/09/27 18:55:26 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2010/09/27 18:55:26 | 000,031,280 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)
DRV:64bit: - [2010/07/07 13:21:18 | 001,612,888 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha20x22k.sys -- (ha20x22k)
DRV:64bit: - [2010/07/07 13:21:06 | 001,567,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k)
DRV:64bit: - [2010/07/07 13:20:56 | 000,118,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:64bit: - [2010/07/07 13:20:48 | 000,213,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:64bit: - [2010/07/07 13:20:40 | 000,015,960 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:64bit: - [2010/07/07 13:16:32 | 000,179,288 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:64bit: - [2010/07/07 13:16:24 | 000,697,816 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV:64bit: - [2010/07/07 13:16:14 | 000,580,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:64bit: - [2010/07/07 13:16:06 | 001,445,976 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV:64bit: - [2010/07/07 13:16:06 | 001,445,976 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV:64bit: - [2010/07/07 13:15:56 | 000,095,320 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV:64bit: - [2010/07/07 13:15:56 | 000,095,320 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV:64bit: - [2010/07/07 13:15:56 | 000,095,320 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTHWIUT.SYS -- ({EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTHWIUT.SYS)
DRV:64bit: - [2010/07/07 13:15:50 | 000,230,488 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV:64bit: - [2010/07/07 13:15:50 | 000,230,488 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT)
DRV:64bit: - [2010/04/29 14:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2010/03/19 02:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/02/17 13:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 00:09:20 | 000,030,568 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\uxpatch.sys -- (uxpatch)
DRV:64bit: - [2009/07/07 13:48:44 | 000,035,376 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\purendis.sys -- (purendis)
DRV:64bit: - [2009/07/07 13:48:44 | 000,033,328 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\pnarp.sys -- (pnarp)
DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:32:17 | 000,404,352 | ---- | M] (Lumanate, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Angel2.sys -- (Angel2)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/02 00:00:00 | 000,027,632 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SaibVdAd64.sys -- (SaibVdAd64)
DRV:64bit: - [2009/06/02 00:00:00 | 000,027,120 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Sahdad64.sys -- (Sahdad64)
DRV:64bit: - [2009/06/02 00:00:00 | 000,019,952 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Saibad64.sys -- (Saibad64)
DRV:64bit: - [2008/12/14 08:20:54 | 000,030,512 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\pnpcap.sys -- (pnpcap)
DRV:64bit: - [2008/04/16 07:39:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2010/10/19 15:36:20 | 000,476,720 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20101112.001\IDSviA64.sys -- (IDSVia64)
DRV - [2010/09/28 03:00:00 | 001,804,336 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20101114.003\EX64.SYS -- (NAVEX15)
DRV - [2010/09/28 03:00:00 | 000,117,808 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20101114.003\ENG64.SYS -- (NAVENG)
DRV - [2010/09/27 12:39:14 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010/09/27 12:39:14 | 000,132,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/11/12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/10/14 06:24:44 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/...?FORM=IEFM1&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:3.9.2
FF - prefs.js..extensions.enabledItems: SkipScreen@SkipScreen:0.5.7amo
FF - prefs.js..extensions.enabledItems: [email protected]:0.3.7
FF - prefs.js..extensions.enabledItems: {1de0de3c-0b5c-4f67-90c6-689623894991}:0.3
FF - prefs.js..extensions.enabledItems: {340c2bbc-ce74-4362-90b5-7c26312808ef}:1.5
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: [email protected]:0.1.9
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: [email protected]:0.6.1.30
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {70d9978a-e867-451c-8c9f-a88135a58c8d}:1.0
FF - prefs.js..keyword.URL: "http://www.bing.com/...?FORM=IEFM1&q="
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2010/11/04 23:00:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/11/04 22:58:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/11/09 11:58:47 | 000,000,000 | ---D | M]

[2010/11/04 23:08:03 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\mozilla\Extensions
[2010/11/14 14:41:44 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\callrve0.default\extensions
[2010/11/04 23:08:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\callrve0.default\extensions\{1de0de3c-0b5c-4f67-90c6-689623894991}
[2010/11/04 23:08:06 | 000,000,000 | ---D | M] (Firefox Sync) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\callrve0.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}
[2010/11/04 23:08:06 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\callrve0.default\extensions\{70d9978a-e867-451c-8c9f-a88135a58c8d}
[2010/11/04 23:08:06 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\callrve0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/11/04 23:08:06 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\callrve0.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010/11/04 23:08:07 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\callrve0.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010/11/08 00:45:41 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\callrve0.default\extensions\[email protected]
[2010/11/08 00:45:45 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\callrve0.default\extensions\[email protected]
[2010/11/04 23:08:04 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\callrve0.default\extensions\[email protected]
[2010/11/04 23:08:05 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\callrve0.default\extensions\[email protected]
[2010/10/03 10:14:01 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\callrve0.default\extensions\gamebox@toolbar
[2010/11/04 23:08:05 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\callrve0.default\extensions\SkipScreen@SkipScreen
[2010/11/04 23:08:05 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\callrve0.default\extensions\[email protected]
[2010/10/06 23:34:48 | 000,001,820 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\FireFox\Profiles\callrve0.default\searchplugins\bing.xml
[2010/11/09 09:47:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/11/04 22:58:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/05 19:09:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/10/27 09:43:40 | 000,000,835 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PopupBlockerBHO.CPopupBlockerBHO) - {0D929918-C804-4756-B0AC-640EF3F061E9} - C:\Program Files (x86)\SmartPopupBlocker\PopupBlockerBHO.dll (aa)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [CPMonitor] C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell....r/SysProExe.CAB (WMI Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...15112/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.)
O18:64bit: - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/02/18 11:50:50 | 000,000,000 | ---D | M] - G:\autorun -- [ FAT32 ]
O32 - AutoRun File - [2007/08/20 21:55:06 | 000,000,070 | RH-- | M] () - G:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2008/02/18 11:50:50 | 000,000,000 | ---D | M] - H:\autorun -- [ FAT32 ]
O32 - AutoRun File - [2007/08/20 21:55:06 | 000,000,070 | RH-- | M] () - H:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/15 10:29:14 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2010/11/09 12:00:48 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\AdobeUM
[2010/11/09 11:57:20 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe PDF
[2010/11/09 09:44:09 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Logs
[2010/11/09 00:24:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2010/11/08 15:13:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Misc Presentations
[2010/11/08 15:00:56 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Clinician 1 Materials
[2010/11/07 11:32:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Feedback Tool
[2010/11/05 02:42:15 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010/11/05 02:35:28 | 000,000,000 | -H-D | C] -- C:\$WINDOWS.~Q
[2010/11/05 02:30:27 | 000,000,000 | -H-D | C] -- C:\$INPLACE.~TR
[2010/11/04 22:53:35 | 000,000,000 | -HSD | C] -- C:\Users\Owner\AppData\Local\Temporary Internet Files
[2010/11/04 22:53:35 | 000,000,000 | -HSD | C] -- C:\Users\Owner\Templates
[2010/11/04 22:53:35 | 000,000,000 | -HSD | C] -- C:\Users\Owner\Start Menu
[2010/11/04 22:53:35 | 000,000,000 | -HSD | C] -- C:\Users\Owner\SendTo
[2010/11/04 22:53:35 | 000,000,000 | -HSD | C] -- C:\Users\Owner\Recent
[2010/11/04 22:53:35 | 000,000,000 | -HSD | C] -- C:\Users\Owner\PrintHood
[2010/11/04 22:53:35 | 000,000,000 | -HSD | C] -- C:\Users\Owner\NetHood
[2010/11/04 22:53:35 | 000,000,000 | -HSD | C] -- C:\Users\Owner\Documents\My Videos
[2010/11/04 22:53:35 | 000,000,000 | -HSD | C] -- C:\Users\Owner\Documents\My Pictures
[2010/11/04 22:53:35 | 000,000,000 | -HSD | C] -- C:\Users\Owner\Documents\My Music
[2010/11/04 22:53:35 | 000,000,000 | -HSD | C] -- C:\Users\Owner\My Documents
[2010/11/04 22:53:35 | 000,000,000 | -HSD | C] -- C:\Users\Owner\Local Settings
[2010/11/04 22:53:35 | 000,000,000 | -HSD | C] -- C:\Users\Owner\AppData\Local\History
[2010/11/04 22:53:35 | 000,000,000 | -HSD | C] -- C:\Users\Owner\Cookies
[2010/11/04 22:53:35 | 000,000,000 | -HSD | C] -- C:\Users\Owner\Application Data
[2010/11/04 22:53:35 | 000,000,000 | -HSD | C] -- C:\Users\Owner\AppData\Local\Application Data
[2010/11/04 22:53:34 | 000,000,000 | --SD | C] -- C:\Users\Owner\AppData\Roaming\Microsoft
[2010/11/04 22:53:34 | 000,000,000 | R--D | C] -- C:\Users\Owner\Videos
[2010/11/04 22:53:34 | 000,000,000 | R--D | C] -- C:\Users\Owner\Saved Games
[2010/11/04 22:53:34 | 000,000,000 | R--D | C] -- C:\Users\Owner\Pictures
[2010/11/04 22:53:34 | 000,000,000 | R--D | C] -- C:\Users\Owner\Music
[2010/11/04 22:53:34 | 000,000,000 | R--D | C] -- C:\Users\Owner\Links
[2010/11/04 22:53:34 | 000,000,000 | R--D | C] -- C:\Users\Owner\Favorites
[2010/11/04 22:53:34 | 000,000,000 | R--D | C] -- C:\Users\Owner\Downloads
[2010/11/04 22:53:34 | 000,000,000 | R--D | C] -- C:\Users\Owner\Documents
[2010/11/04 22:53:34 | 000,000,000 | R--D | C] -- C:\Users\Owner\Desktop
[2010/11/04 22:53:34 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData
[2010/11/04 22:53:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Temp
[2010/11/04 22:53:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Microsoft
[2010/11/04 22:53:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Media Center Programs
[2010/11/04 22:52:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2010/11/04 22:49:20 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010/11/04 22:48:26 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010/11/04 22:48:17 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/11/04 22:47:23 | 000,466,520 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2010/11/04 22:47:23 | 000,445,016 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2010/11/04 22:47:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2010/11/04 22:47:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\data
[2010/11/04 22:47:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\data
[2010/11/04 22:44:58 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010/11/02 05:57:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Symantec
[2010/11/01 01:34:42 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW
[2010/10/27 09:19:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010/10/24 22:57:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2010/10/24 22:36:16 | 007,715,847 | ---- | C] (McAfee Inc.) -- C:\Users\Owner\Desktop\stinger10101075.exe
[2010/10/24 20:08:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Veetle
[2010/10/24 13:55:45 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Ashampoo
[2010/10/24 13:55:38 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\ashampoo
[2010/10/24 13:55:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ashampoo
[2010/10/24 13:55:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo
[2010/10/24 12:55:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Home Photo Studio
[2010/10/24 12:08:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Version Cue
[2010/10/24 12:08:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\AdobeStockPhotos
[2010/10/24 11:58:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2010/10/22 13:35:38 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Windows Live Writer
[2010/10/22 13:35:38 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Windows Live Writer
[2010/10/22 10:46:50 | 000,000,000 | ---D | C] -- C:\Windows\en
[2010/10/22 10:44:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/10/22 10:43:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSN Toolbar
[2010/10/22 10:43:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bing Bar Installer
[2010/10/22 10:41:52 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Windows Live
[2010/10/22 09:39:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xvid
[2010/10/17 11:15:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Current My documents
[2010/07/07 11:36:44 | 000,014,336 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/15 10:01:09 | 001,184,382 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\Cat.DB
[2010/11/15 10:00:10 | 000,000,095 | ---- | M] () -- C:\Users\Public\Documents\AcPro7_0_0.sta
[2010/11/14 23:25:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/14 22:31:41 | 000,000,820 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000002-00000000-00000000-00001102-0000000B-00411102}.rfx
[2010/11/14 14:33:53 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/14 14:33:53 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/09 13:15:30 | 000,002,453 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2010/11/09 11:58:47 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat 7.0 Professional.lnk
[2010/11/09 09:53:58 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/11/09 09:53:58 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/11/09 09:53:58 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/11/09 09:47:48 | 002,332,488 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/11/09 09:46:30 | 3219,132,416 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/09 00:24:21 | 000,002,093 | ---- | M] () -- C:\Users\Owner\Desktop\HijackThis.lnk
[2010/11/08 20:46:46 | 000,630,272 | ---- | M] () -- C:\Users\Owner\Desktop\dds.scr
[2010/11/08 00:59:11 | 000,000,857 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2010/11/08 00:59:11 | 000,000,833 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010/11/08 00:55:37 | 000,295,424 | ---- | M] () -- C:\Users\Owner\Desktop\nm37q278.exe
[2010/11/08 00:13:37 | 000,001,437 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/11/07 11:37:21 | 000,000,930 | ---- | M] () -- C:\ProgramData\{550596C6-13E4-262D-8900-000080B58166}
[2010/11/07 10:40:44 | 000,116,507 | ---- | M] () -- C:\Users\Owner\Desktop\crazy.gif
[2010/11/05 22:05:59 | 000,063,336 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000002-00000000-00000000-00001102-0000000B-00411102}.rfx
[2010/11/05 17:31:08 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2010/11/04 23:25:24 | 000,042,045 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010/11/04 23:25:24 | 000,042,045 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010/11/04 23:19:27 | 000,022,744 | ---- | M] () -- C:\Windows\SysNative\emptyregdb.dat
[2010/11/04 22:47:23 | 000,466,520 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2010/11/04 22:47:23 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2010/11/04 22:46:22 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/11/04 20:44:41 | 000,001,890 | ---- | M] () -- C:\Windows\diagwrn.xml
[2010/11/04 20:44:41 | 000,001,890 | ---- | M] () -- C:\Windows\diagerr.xml
[2010/10/27 09:43:40 | 000,000,835 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010/10/25 20:19:28 | 005,268,486 | ---- | M] () -- C:\Users\Owner\Desktop\WinRAR 3.93.zip
[2010/10/25 19:45:29 | 001,405,846 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\3exbb2464EX.exe
[2010/10/24 22:56:05 | 000,886,272 | -H-- | M] () -- C:\Users\Owner\AppData\Roaming\System.Data.SQLite.DLL
[2010/10/24 13:55:38 | 000,001,115 | ---- | M] () -- C:\Users\Owner\Desktop\Ashampoo Photo Commander 8.lnk
[2010/10/24 12:55:44 | 000,000,998 | ---- | M] () -- C:\Users\Public\Desktop\Home Photo Studio.lnk
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/09 13:09:26 | 000,000,095 | ---- | C] () -- C:\Users\Public\Documents\AcPro7_0_0.sta
[2010/11/09 11:58:47 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2010/11/09 11:58:47 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat 7.0 Professional.lnk
[2010/11/09 00:24:21 | 000,002,093 | ---- | C] () -- C:\Users\Owner\Desktop\HijackThis.lnk
[2010/11/09 00:17:03 | 000,630,272 | ---- | C] () -- C:\Users\Owner\Desktop\dds.scr
[2010/11/08 00:55:40 | 000,295,424 | ---- | C] () -- C:\Users\Owner\Desktop\nm37q278.exe
[2010/11/07 11:36:57 | 000,072,533 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2010/11/07 11:36:57 | 000,072,533 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2010/11/07 11:33:51 | 000,000,930 | ---- | C] () -- C:\ProgramData\{550596C6-13E4-262D-8900-000080B58166}
[2010/11/07 10:40:43 | 000,116,507 | ---- | C] () -- C:\Users\Owner\Desktop\crazy.gif
[2010/11/05 22:15:20 | 000,095,320 | ---- | C] () -- C:\Windows\SysNative\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTHWIUT.SYS
[2010/11/04 23:26:55 | 3219,132,416 | -HS- | C] () -- C:\hiberfil.sys
[2010/11/04 23:19:27 | 000,022,744 | ---- | C] () -- C:\Windows\SysNative\emptyregdb.dat
[2010/11/04 22:53:34 | 000,000,290 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/11/04 22:53:34 | 000,000,272 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/11/04 22:46:22 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/11/04 20:44:41 | 000,001,890 | ---- | C] () -- C:\Windows\diagwrn.xml
[2010/11/04 20:44:41 | 000,001,890 | ---- | C] () -- C:\Windows\diagerr.xml
[2010/10/25 20:19:32 | 005,268,486 | ---- | C] () -- C:\Users\Owner\Desktop\WinRAR 3.93.zip
[2010/10/25 19:45:29 | 001,405,846 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\3exbb2464EX.exe
[2010/10/24 22:55:56 | 000,886,272 | -H-- | C] () -- C:\Users\Owner\AppData\Roaming\System.Data.SQLite.DLL
[2010/10/24 13:55:38 | 000,001,115 | ---- | C] () -- C:\Users\Owner\Desktop\Ashampoo Photo Commander 8.lnk
[2010/10/24 12:55:44 | 000,000,998 | ---- | C] () -- C:\Users\Public\Desktop\Home Photo Studio.lnk
[2010/10/22 09:39:44 | 000,815,104 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010/10/22 09:39:44 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/10/22 09:39:44 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax
[2010/09/27 11:43:05 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2010/07/07 12:23:10 | 000,017,868 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini
[2010/07/07 12:23:06 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2010/07/07 11:33:04 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CtxfiRes.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/01 01:12:32 | 000,000,285 | ---- | C] () -- C:\Windows\SysWow64\kill.ini

========== LOP Check ==========

[2010/11/04 23:07:51 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Ashampoo
[2010/11/04 23:07:51 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\BitTorrent
[2010/11/04 23:07:51 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Boilsoft
[2010/11/04 23:07:51 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Command & Conquer 3 Kane's Wrath
[2010/11/04 23:07:51 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2010/11/04 23:07:55 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GetRightToGo
[2010/11/04 23:07:55 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\LimeWire
[2010/11/04 23:08:07 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\NCH Swift Sound
[2010/11/04 23:08:07 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Netscape
[2010/11/04 23:08:07 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\OpenOffice.org
[2010/11/04 23:08:07 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Opera
[2010/11/04 23:08:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PeaZip
[2010/11/04 23:08:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Photodex
[2010/10/05 13:45:21 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Recordpad
[2010/11/04 23:08:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Simple Star
[2010/11/04 23:08:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SoftGrid Client
[2010/10/10 16:19:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TP
[2010/11/04 23:08:09 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TuneUp Software
[2010/11/04 23:08:09 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Windows Live Writer
[2009/07/14 00:08:49 | 000,003,378 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:24:52 AM, on 11/9/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v9.00 (9.00.7930.16406)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
C:\Program Files (x86)\WinZip\WZQKPICK.EXE
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\CCleaner\CCleaner.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: PopupBlockerBHO.CPopupBlockerBHO - {0D929918-C804-4756-B0AC-640EF3F061E9} - C:\Program Files (x86)\SmartPopupBlocker\PopupBlockerBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [CPMonitor] "C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files (x86)\WinZip\WZQKPICK.EXE
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) - http://support.dell....r/SysProExe.CAB
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creat...15112/CTPID.cab
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Roxio SAIB Service (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269) - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BOT4Service - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMSAccess - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RoxMediaDB13 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Unsigned Themes (UnsignedThemes) - The Within Network, LLC - C:\Windows\UnsignedThemesSvc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11943 bytes

DDS:

DDS (Ver_10-11-09.01) - NTFS_AMD64
Run by Owner at 10:22:24.51 on Mon 11/15/2010
Internet Explorer: 9.0.7930.16406 BrowserJavaVersion: 1.6.0_21
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4093.2070 [GMT -5:00]

SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\UnsignedThemesSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\WinZip\WZQKPICK.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
C:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Owner\Desktop\dds.scr
C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

uSearch Bar = Preserve
uInternet Settings,ProxyOverride = *.local
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
BHO: PopupBlockerBHO.CPopupBlockerBHO: {0d929918-c804-4756-b0ac-640ef3f061e9} - C:\Program Files (x86)\SmartPopupBlocker\PopupBlockerBHO.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll
TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [CPMonitor] "C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe"
mRun: [Acrobat Assistant 7.0] "C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
mRun: [<NO NAME>]
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEA~1.LNK - C:\Windows\Installer\{AC76BA86-1033-0000-7760-100000000002}\SC_Acrobat.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WINZIP~1.LNK - C:\Program Files (x86)\WinZip\WZQKPICK.EXE
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxp://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\CoIEPlg.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

================= FIREFOX ===================

FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\callrve0.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: network.proxy.type - 0
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
FF - component: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\callrve0.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\WINNT_x86-msvc\components\WeaveCrypto.dll
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified

============= SERVICES / DRIVERS ===============

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-9-27 55856]
R0 Sahdad64;HDD Filter Driver;C:\Windows\System32\drivers\Sahdad64.sys [2010-9-27 27120]
R0 Saibad64;Volume Filter Driver;C:\Windows\System32\drivers\Saibad64.sys [2010-9-27 19952]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\0308000.029\SymEFA64.sys [2010-9-27 402992]
R1 BHDrvx64;Symantec Heuristics Driver;C:\Windows\System32\drivers\N360x64\0308000.029\BHDrvx64.sys [2010-9-27 334384]
R1 ccHP;Symantec Hash Provider;C:\Windows\System32\drivers\N360x64\0308000.029\cchpx64.sys [2010-9-27 583296]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20101112.001\IDSviA64.sys [2010-10-19 476720]
R1 SaibVdAd64;Virtual Disk Driver;C:\Windows\System32\drivers\SaibVdAd64.sys [2010-9-27 27632]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6-29 128752]
R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [2009-6-2 457200]
R2 BOT4Service;BOT4Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [2010-8-30 39408]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2010-10-7 304464]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe [2010-9-27 117640]
R2 pnpcap;Pure Networks Packet Capture Driver;C:\Windows\System32\drivers\pnpcap.sys [2010-9-29 30512]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2010-9-30 1403200]
R2 UnsignedThemes;Unsigned Themes;C:\Windows\UnsignedThemesSvc.exe [2009-7-13 24168]
R2 uxpatch;uxpatch;C:\Windows\System32\drivers\uxpatch.sys [2009-7-13 30568]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-9-28 132656]
R3 ha20x22k;Creative 20X2 HAL Driver;C:\Windows\System32\drivers\ha20x22k.sys [2010-7-7 1612888]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2010-9-27 24664]
R3 SYMNDISV;Symantec Network Filter Driver;C:\Windows\System32\drivers\N360x64\0308000.029\symndisv.sys [2010-9-27 56880]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam.sys [2008-4-16 14464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [2010-7-16 354288]
S3 {EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTHWIUT.SYS;{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTHWIUT.SYS;C:\Windows\System32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTHWIUT.SYS [2010-11-5 95320]
S3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\System32\drivers\CT20XUT.sys [2010-7-7 230488]
S3 CT20XUT;CT20XUT;C:\Windows\System32\drivers\CT20XUT.sys [2010-7-7 230488]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\System32\drivers\CTEXFIFX.sys [2010-7-7 1445976]
S3 CTEXFIFX;CTEXFIFX;C:\Windows\System32\drivers\CTEXFIFX.sys [2010-7-7 1445976]
S3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\System32\drivers\CTHWIUT.sys [2010-7-7 95320]
S3 CTHWIUT;CTHWIUT;C:\Windows\System32\drivers\CTHWIUT.sys [2010-7-7 95320]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RoxMediaDB13;RoxMediaDB13;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [2010-7-16 1099248]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-9-27 1255736]

=============== Created Last 30 ================

2010-11-09 05:24:21 -------- d-----w- C:\Program Files (x86)\Trend Micro
2010-11-07 16:35:59 257024 ----a-w- C:\Windows\System32\mfreadwrite.dll
2010-11-07 16:34:19 466432 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2010-11-07 16:34:19 279552 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2010-11-07 16:34:19 229888 ----a-w- C:\Windows\System32\XpsRasterService.dll
2010-11-07 16:34:19 135168 ----a-w- C:\Windows\SysWow64\XpsRasterService.dll
2010-11-07 16:33:20 1863680 ----a-w- C:\Windows\System32\ExplorerFrame.dll
2010-11-07 16:33:20 1495040 ----a-w- C:\Windows\SysWow64\ExplorerFrame.dll
2010-11-07 16:32:47 -------- d-----w- C:\Program Files (x86)\Feedback Tool
2010-11-06 07:10:56 311808 ----a-w- C:\Windows\System32\msv1_0.dll
2010-11-06 07:10:56 257024 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2010-11-06 07:00:55 243712 ----a-w- C:\Windows\System32\drivers\ks.sys
2010-11-06 03:15:20 95320 ----a-w- C:\Windows\System32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTHWIUT.SYS
2010-11-05 07:42:15 -------- d-----w- C:\Windows\Panther
2010-11-05 07:35:28 -------- d--h--w- C:\$WINDOWS.~Q
2010-11-05 07:30:27 -------- d--h--w- C:\$INPLACE.~TR
2010-11-05 07:08:55 558592 ----a-w- C:\Windows\System32\spoolsv.exe
2010-11-05 07:07:55 463360 ----a-w- C:\Windows\System32\drivers\srv.sys
2010-11-05 07:07:55 402944 ----a-w- C:\Windows\System32\drivers\srv2.sys
2010-11-05 07:07:55 236032 ----a-w- C:\Windows\System32\srvsvc.dll
2010-11-05 07:07:55 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2010-11-05 07:07:54 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
2010-11-05 07:07:49 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2010-11-05 07:07:49 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2010-11-05 07:07:49 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2010-11-05 07:07:49 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2010-11-05 07:07:47 51712 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2010-11-05 07:07:47 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2010-11-05 07:05:25 3123712 ----a-w- C:\Windows\System32\win32k.sys
2010-11-05 04:47:07 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2010-11-05 04:47:07 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2010-11-05 04:47:07 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2010-11-05 04:47:07 444752 ----a-w- C:\Windows\System32\mscoree.dll
2010-11-05 04:47:07 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2010-11-05 04:47:07 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2010-11-05 04:47:07 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2010-11-05 04:47:07 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2010-11-05 04:47:07 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2010-11-05 04:47:06 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2010-11-05 04:37:07 220672 ----a-w- C:\Windows\System32\wintrust.dll
2010-11-05 04:37:07 172032 ----a-w- C:\Windows\SysWow64\wintrust.dll
2010-11-05 04:37:06 139264 ----a-w- C:\Windows\System32\cabview.dll
2010-11-05 04:37:06 132608 ----a-w- C:\Windows\SysWow64\cabview.dll
2010-11-05 03:52:40 230400 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpzppw71.dll
2010-11-05 03:48:26 -------- d-sh--w- C:\Windows\Installer
2010-11-05 03:48:17 -------- d-----w- C:\Program Files\NVIDIA Corporation
2010-11-05 03:47:23 466520 ----a-w- C:\Windows\System32\wrap_oal.dll
2010-11-05 03:47:23 445016 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2010-11-05 03:47:23 123480 ----a-w- C:\Windows\System32\OpenAL32.dll
2010-11-05 03:47:23 109144 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2010-11-05 03:47:23 -------- d-----w- C:\Program Files (x86)\OpenAL
2010-11-05 03:47:12 -------- d-----w- C:\Windows\SysWow64\data
2010-11-05 03:47:09 -------- d-----w- C:\Windows\System32\data
2010-11-02 10:57:28 -------- d-----w- C:\Users\Owner\AppData\Local\Symantec
2010-10-26 00:45:29 1405846 ----a-w- C:\Users\Owner\AppData\Roaming\3exbb2464EX.exe
2010-10-25 03:55:56 886272 ---ha-w- C:\Users\Owner\AppData\Roaming\System.Data.SQLite.DLL
2010-10-25 01:08:19 -------- d-----w- C:\Program Files (x86)\Veetle
2010-10-24 18:55:45 -------- d-----w- C:\Users\Owner\AppData\Roaming\Ashampoo
2010-10-24 18:55:38 -------- d-----w- C:\Users\Owner\AppData\Local\ashampoo
2010-10-24 18:55:38 -------- d-----w- C:\PROGRA~3\ashampoo
2010-10-24 18:55:19 -------- d-----w- C:\Program Files (x86)\Ashampoo
2010-10-24 17:55:34 -------- d-----w- C:\Program Files (x86)\Home Photo Studio
2010-10-24 16:58:42 -------- d-----w- C:\Windows\SysWow64\spool
2010-10-22 18:35:38 -------- d-----w- C:\Users\Owner\AppData\Roaming\Windows Live Writer
2010-10-22 18:35:38 -------- d-----w- C:\Users\Owner\AppData\Local\Windows Live Writer
2010-10-22 15:46:50 -------- d-----w- C:\Windows\en
2010-10-22 15:43:21 -------- d-----w- C:\Program Files (x86)\MSN Toolbar
2010-10-22 15:43:06 -------- d-----w- C:\Program Files (x86)\Bing Bar Installer
2010-10-22 15:42:12 469256 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\b0781ce01cb71ff09\InstallManager_WLE_WLE.exe
2010-10-22 15:42:07 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\ae1dd9301cb71ff07\DXSETUP.exe
2010-10-22 15:42:07 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\ae1dd9301cb71ff07\dsetup32.dll
2010-10-22 15:42:06 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\ae1dd9301cb71ff07\DSETUP.dll
2010-10-22 15:42:05 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\ad2b3bd01cb71ff06\DSETUP.dll
2010-10-22 15:42:05 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\ad2b3bd01cb71ff06\DXSETUP.exe
2010-10-22 15:42:05 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\ad2b3bd01cb71ff06\dsetup32.dll
2010-10-22 15:41:52 -------- d-----w- C:\Users\Owner\AppData\Local\Windows Live
2010-10-22 14:39:44 815104 ----a-w- C:\Windows\SysWow64\xvidcore.dll
2010-10-22 14:39:44 77824 ----a-w- C:\Windows\SysWow64\xvid.ax
2010-10-22 14:39:44 180224 ----a-w- C:\Windows\SysWow64\xvidvfw.dll
2010-10-22 14:39:44 -------- d-----w- C:\Program Files (x86)\Xvid

==================== Find3M ====================

2010-10-06 00:09:02 423656 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2010-09-30 15:15:00 34624 ----a-w- C:\Windows\System32\TURegOpt.exe
2010-09-30 15:09:36 25920 ----a-w- C:\Windows\System32\authuitu.dll
2010-09-30 15:09:32 21312 ----a-w- C:\Windows\SysWow64\authuitu.dll
2010-09-30 15:09:28 36160 ----a-w- C:\Windows\System32\uxtuneup.dll
2010-09-30 15:09:20 30016 ----a-w- C:\Windows\SysWow64\uxtuneup.dll
2010-09-23 04:47:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
2010-09-23 04:32:56 301936 ----a-w- C:\Windows\WLXPGSS.SCR
2010-09-21 18:49:02 252800 ----a-w- C:\Windows\System32\LIVESSP.DLL
2010-09-21 18:03:14 208768 ----a-w- C:\Windows\SysWow64\LIVESSP.DLL
2010-09-10 05:35:44 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2010-09-10 05:35:43 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2010-09-08 15:17:46 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2010-09-08 15:17:46 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2010-09-01 05:46:36 1355264 ----a-w- C:\Windows\SysWow64\jscript9.dll
2010-09-01 05:44:32 367104 ----a-w- C:\Windows\SysWow64\html.iec
2010-09-01 05:44:30 1448448 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2010-09-01 05:44:24 1122304 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-09-01 05:44:06 424960 ----a-w- C:\Windows\SysWow64\vbscript.dll
2010-09-01 05:43:22 23552 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-09-01 05:43:12 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2010-09-01 05:43:12 114176 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2010-09-01 05:43:10 76800 ----a-w- C:\Windows\SysWow64\SetIEInstalledDate.exe
2010-09-01 05:43:10 74752 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2010-09-01 05:43:02 448512 ----a-w- C:\Windows\System32\html.iec
2010-09-01 05:41:56 601088 ----a-w- C:\Windows\System32\vbscript.dll
2010-09-01 05:40:56 76800 ----a-w- C:\Windows\System32\tdc.ocx
2010-09-01 05:40:40 215552 ----a-w- C:\Windows\System32\msls31.dll
2010-08-31 04:32:30 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll
2010-08-31 04:32:30 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll
2010-08-26 05:27:28 148992 ----a-w- C:\Windows\System32\t2embed.dll
2010-08-26 04:39:58 109056 ----a-w- C:\Windows\SysWow64\t2embed.dll
2010-08-21 06:38:47 1024512 ----a-w- C:\Windows\System32\wmpmde.dll
2010-08-21 06:36:49 340992 ----a-w- C:\Windows\System32\schannel.dll
2010-08-21 06:31:06 633856 ----a-w- C:\Windows\System32\comctl32.dll
2010-08-21 05:36:33 738816 ----a-w- C:\Windows\SysWow64\wmpmde.dll
2010-08-21 05:36:24 224256 ----a-w- C:\Windows\SysWow64\schannel.dll
2010-08-21 05:33:24 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll

============= FINISH: 10:23:41.36 ===============

#1
benhwa

Posted 15 November 2010 - 09:48 AM

Advertisements

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us