Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Random Audio Ads Playing Spontaneously

Started by KB5085 , May 04 2011 09:38 AM

  • Please log in to reply

#1
KB5085
Posted 04 May 2011 - 09:38 AM

KB5085

    New Member

  • Member
  • Pip
  • 1 posts
When connected to the internet, I get random audio adds. Toyota, Grandparents.com, Motorola, Movies, etc... Usually plays about 30 seconds or so. Then silence for a few minutes. Then another ad.

I also get pop-up messages about a web page errors and the question "do you wish to run scripts on this page".

I have run Malwarebytes and gmr with no issues detected.

OTL Output:
OTL logfile created on: 5/4/2011 10:27:06 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\kbroach\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 48.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 148.91 Gb Total Space | 94.53 Gb Free Space | 63.48% Space Free | Partition Type: NTFS
Drive E: | 442.98 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 1862.36 Gb Total Space | 1848.89 Gb Free Space | 99.28% Space Free | Partition Type: NTFS

Computer Name: KBROACH-LT | User Name: kbroach | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/04 10:26:56 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kbroach\Desktop\OTL.exe
PRC - [2011/03/28 19:17:24 | 000,347,448 | ---- | M] (Cisco WebEx LLC) -- C:\Program Files\WebEx\Productivity Tools\ptoneclk.exe
PRC - [2011/03/28 19:17:24 | 000,336,184 | ---- | M] (Cisco WebEx LLC) -- C:\Program Files\WebEx\Productivity Tools\ptim.exe
PRC - [2011/03/28 19:17:24 | 000,294,712 | ---- | M] (Cisco WebEx LLC) -- C:\Program Files\WebEx\Productivity Tools\ptupdate.exe
PRC - [2011/03/28 19:17:24 | 000,094,008 | ---- | M] (Cisco WebEx LLC) -- C:\Program Files\WebEx\Productivity Tools\ptsrv.exe
PRC - [2009/11/09 21:54:24 | 000,278,016 | ---- | M] (Trondent Development Corp.) -- C:\Program Files\Trondent Development Corp\Infuzer\Infuzer.exe
PRC - [2009/10/08 23:37:10 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2009/10/08 23:37:08 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2009/10/08 23:37:02 | 001,864,888 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
PRC - [2009/10/08 23:37:02 | 001,455,432 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
PRC - [2009/10/08 23:36:58 | 002,477,304 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2009/09/21 16:55:12 | 000,858,384 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2009/09/21 16:50:04 | 000,364,544 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe
PRC - [2009/09/21 16:49:52 | 001,392,640 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
PRC - [2009/09/21 16:44:48 | 000,954,368 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
PRC - [2009/09/21 16:34:44 | 001,206,544 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
PRC - [2009/09/21 16:31:36 | 000,473,360 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2009/08/12 17:20:28 | 000,615,720 | ---- | M] (Juniper Networks) -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
PRC - [2009/05/22 14:51:24 | 000,120,104 | ---- | M] () -- c:\Program Files\Dell\Latitude ON Reader\CLMonitorService.exe
PRC - [2009/05/22 14:50:56 | 000,116,008 | ---- | M] () -- C:\Program Files\Dell\Latitude ON Reader\BIOSEvent.exe
PRC - [2009/04/22 15:41:52 | 000,015,360 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
PRC - [2009/04/22 14:15:56 | 000,656,696 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
PRC - [2009/04/22 10:05:34 | 001,703,936 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
PRC - [2009/04/09 14:05:38 | 001,106,720 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe
PRC - [2009/04/09 14:02:50 | 000,447,264 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
PRC - [2009/03/19 18:25:06 | 000,667,648 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe
PRC - [2009/03/16 20:57:38 | 000,483,420 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2009/03/16 20:57:26 | 000,254,034 | ---- | M] (IDT, Inc.) -- c:\drivers\audio\R213367\stacsv.exe
PRC - [2009/03/16 20:57:14 | 000,729,088 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\AESTFltr.exe
PRC - [2009/02/22 16:51:40 | 000,049,250 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2009/02/22 16:51:24 | 000,200,704 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2009/02/22 16:51:22 | 000,050,472 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2009/02/22 16:51:22 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2009/02/17 16:59:44 | 000,451,904 | ---- | M] () -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
PRC - [2009/02/11 17:38:40 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/02/11 17:38:38 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/02/04 21:26:38 | 000,128,232 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/01/22 10:19:20 | 000,808,296 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
PRC - [2009/01/22 10:19:20 | 000,020,840 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
PRC - [2008/12/29 11:07:28 | 000,320,800 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
PRC - [2008/12/22 14:15:44 | 000,145,408 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
PRC - [2008/10/02 11:23:16 | 000,546,288 | ---- | M] (Google) -- C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
PRC - [2008/08/15 08:51:34 | 001,448,576 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2008/08/15 08:51:34 | 000,604,776 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/04/19 05:56:36 | 000,133,968 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\ASF Agent\ASFAgent.exe
PRC - [2006/03/03 22:03:22 | 000,065,536 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZinw12.exe
PRC - [2006/02/10 08:56:12 | 000,479,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe


========== Modules (SafeList) ==========

MOD - [2011/05/04 10:26:56 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kbroach\Desktop\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/02/26 16:08:20 | 000,130,048 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxdo.dll
MOD - [2008/08/15 08:46:02 | 000,073,728 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\BtMmHook.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (Norton Internet Security)
SRV - [2009/10/08 23:37:10 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2009/10/08 23:37:10 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2009/10/08 23:37:04 | 000,341,320 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC)
SRV - [2009/10/08 23:37:02 | 001,864,888 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2009/10/08 23:36:58 | 002,477,304 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2009/09/21 16:55:12 | 000,858,384 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel®
SRV - [2009/09/21 16:50:04 | 000,364,544 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe -- (WLANKEEPER) Intel®
SRV - [2009/09/21 16:44:48 | 000,954,368 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor) Intel®
SRV - [2009/09/21 16:31:36 | 000,473,360 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel®
SRV - [2009/08/12 17:20:28 | 000,615,720 | ---- | M] (Juniper Networks) [Auto | Running] -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe -- (dsNcService)
SRV - [2009/07/13 14:06:15 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2009/05/22 14:51:24 | 000,120,104 | ---- | M] () [Auto | Running] -- c:\Program Files\Dell\Latitude ON Reader\CLMonitorService.exe -- (CLMonitor)
SRV - [2009/04/22 10:05:34 | 001,703,936 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService)
SRV - [2009/04/09 14:02:50 | 000,447,264 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe -- (dcpsysmgrsvc)
SRV - [2009/03/16 20:57:26 | 000,254,034 | ---- | M] (IDT, Inc.) [Auto | Running] -- c:\drivers\audio\R213367\stacsv.exe -- (STacSV)
SRV - [2009/02/17 16:59:44 | 000,451,904 | ---- | M] () [Auto | Running] -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2009/02/11 17:38:40 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2009/01/22 10:19:20 | 000,808,296 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe -- (Credential Vault Host Control Service)
SRV - [2009/01/22 10:19:20 | 000,020,840 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe -- (Credential Vault Host Storage)
SRV - [2008/12/29 11:07:28 | 000,320,800 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe -- (buttonsvc32)
SRV - [2008/12/12 09:54:00 | 000,638,976 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV - [2008/11/12 13:25:48 | 001,273,856 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2007/08/09 02:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007/04/19 05:56:36 | 000,133,968 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\ASF Agent\ASFAgent.exe -- (ASFAgent)


========== Driver Services (SafeList) ==========

DRV - [2011/05/03 13:42:28 | 000,024,416 | ---- | M] (Greatis Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\regguard.sys -- (RegGuard)
DRV - [2011/05/03 13:33:48 | 000,035,816 | ---- | M] (Greatis Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Partizan.sys -- (Partizan)
DRV - [2011/04/18 08:58:58 | 001,393,144 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110503.021\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/04/18 08:58:58 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/04/18 08:58:58 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110503.021\NAVENG.SYS -- (NAVENG)
DRV - [2010/05/26 03:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/11/06 21:08:02 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/10/08 23:37:12 | 000,320,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2009/10/08 23:37:12 | 000,281,648 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2009/10/08 23:37:12 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2009/10/08 23:36:50 | 000,188,080 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/10/08 23:36:50 | 000,026,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/10/08 23:36:48 | 000,421,424 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2009/10/08 23:36:46 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2009/10/07 16:01:32 | 002,649,216 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2009/09/15 13:34:10 | 005,977,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel®
DRV - [2009/08/12 17:23:20 | 000,077,608 | ---- | M] (Juniper Networks) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NEOFLTR_650_14599.SYS -- (NEOFLTR_650_14599) Juniper Networks TDI Filter Driver (NEOFLTR_650_14599)
DRV - [2009/08/12 17:07:02 | 000,026,624 | ---- | M] (Juniper Networks) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dsNcAdpt.sys -- (dsNcAdpt)
DRV - [2009/08/10 02:46:38 | 000,013,952 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2009/06/26 04:28:04 | 000,033,832 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cvusbdrv.sys -- (cvusbdrv)
DRV - [2009/05/25 16:43:58 | 000,032,408 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Verizon Wireless\VZAccess Manager\SMSIVZAM5.sys -- (SMSIVZAM5)
DRV - [2009/04/27 21:02:26 | 000,040,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel®
DRV - [2009/04/22 14:15:58 | 000,208,824 | ---- | M] (Wave Systems Corp.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\WavxDMgr.sys -- (WavxDMgr)
DRV - [2009/04/15 11:49:48 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbccid.sys -- (USBCCID)
DRV - [2009/04/02 23:25:50 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2009/03/24 15:33:38 | 000,232,744 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SRS_PremiumSound_i386.sys -- (SRS_PremiumSound_Service)
DRV - [2009/03/16 20:57:30 | 001,545,795 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2009/03/16 20:57:12 | 000,112,512 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud)
DRV - [2009/02/26 16:08:52 | 000,109,568 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV - [2009/02/22 17:59:26 | 000,244,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1y5132.sys -- (e1yexpress) Intel®
DRV - [2009/02/22 16:51:20 | 000,170,032 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/11/19 17:54:00 | 000,991,016 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008/11/19 17:51:14 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008/09/02 11:35:22 | 000,332,288 | ---- | M] (Novatel Wireless, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nw01ndis.sys -- (NW001NDIS)
DRV - [2008/09/02 11:35:22 | 000,222,720 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NWADIenum.sys -- (NWADI)
DRV - [2008/08/28 20:12:08 | 000,022,016 | ---- | M] (Printing Novatel Wireless Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NvtSp50.sys -- (NvtSp50)
DRV - [2008/06/04 13:14:00 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\PBADRV.sys -- (PBADRV)
DRV - [2008/05/27 19:03:54 | 000,166,144 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nwdelser2.sys -- (NWDellPort2)
DRV - [2008/05/27 19:03:54 | 000,166,144 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nwdelser.sys -- (NWDellPort)
DRV - [2008/05/27 19:03:54 | 000,166,144 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nwdelmdm.sys -- (NWDellModem)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://g.msn.com/USREL/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.msn.com/sphome.aspx
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://g.msn.com/USREL/1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USREL/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.live.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.cyanoptics.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.cyanoptics.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/02/05 09:54:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/05 16:57:55 | 000,000,000 | ---D | M]

[2010/03/29 16:26:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\kbroach\Application Data\Mozilla\Extensions
[2011/04/13 09:16:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\kbroach\Application Data\Mozilla\Firefox\Profiles\ev7h3i0c.default\extensions
[2010/06/02 16:55:14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\kbroach\Application Data\Mozilla\Firefox\Profiles\ev7h3i0c.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/29 16:26:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/10/08 12:59:29 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/05/04 10:26:58 | 000,000,000 | ---D | M] (ocplugin) -- C:\PROGRAM FILES\WEBEX\PRODUCTIVITY TOOLS

O1 HOSTS File: ([2011/03/15 17:45:49 | 000,000,759 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: HPFAA6D9 HP001A4BFAA6D9
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (WebEx Productivity Tools) - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files\WebEx\Productivity Tools\ptonecli.dll (Cisco WebEx LLC)
O3 - HKLM\..\Toolbar: (WebEx Productivity Tools) - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files\WebEx\Productivity Tools\ptonecli.dll (Cisco WebEx LLC)
O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [BIOSEvent] c:\Program Files\Dell\Latitude ON Reader\BIOSEvent.exe ()
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [ChangeTPMAuth] C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [CLIVFR] c:\Program Files\Dell\Latitude ON Reader\CLIVFR.exe (CyberLink)
O4 - HKLM..\Run: [DellControlPoint] C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe (Dell Inc.)
O4 - HKLM..\Run: [EmbassySecurityCheck] C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel® Corporation)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SecureUpgrade] C:\Program Files\Wave Systems Corp\SecureUpgrade.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [USCService] C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe (Broadcom Corporation)
O4 - HKLM..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe (Wave Systems Corp.)
O4 - HKCU..\Run: [Infuzer] C:\Program Files\Trondent Development Corp\Infuzer\Infuzer.exe (Trondent Development Corp.)
O4 - HKCU..\Run: [PTIM.exe] C:\Program Files\WebEx\Productivity Tools\ptim.exe (Cisco WebEx LLC)
O4 - HKCU..\Run: [PTOneClick] C:\Program Files\WebEx\Productivity Tools\ptoneclk.exe (Cisco WebEx LLC)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil10l_ActiveX.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Dell ControlPoint System Manager.lnk = C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe (Dell Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Infuzer.lnk = C:\Program Files\Trondent Development Corp\Infuzer\Infuzer.exe (Trondent Development Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {4D229F28-7EA6-45DD-8745-7D695D0BE15E} https://na3.salesfor...ps2/install.cab (Reg Error: Key error.)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://overturenetw...bex/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://vpn.cyanopti...SetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.68.166 68.87.74.166
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = cyanoptics.com
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (wvauth) - C:\WINDOWS\System32\wvauth.dll (Wave Systems Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/25 16:29:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/01/28 15:00:27 | 000,000,088 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{01756a83-4d69-11df-913c-0024d61b6cc2}\Shell\AutoRun\command - "" = E:\AUTORUN.EXE
O33 - MountPoints2\{20c0bb4f-6692-11e0-92a3-0024d61b6cc2}\Shell - "" = AutoRun
O33 - MountPoints2\{20c0bb4f-6692-11e0-92a3-0024d61b6cc2}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{20c0bb4f-6692-11e0-92a3-0024d61b6cc2}\Shell\AutoRun\command - "" = E:\VZAccess_Manager.exe /z detect
O33 - MountPoints2\{624b3844-75c5-11e0-92b3-0024d61b6cc2}\Shell - "" = AutoRun
O33 - MountPoints2\{624b3844-75c5-11e0-92b3-0024d61b6cc2}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{624b3844-75c5-11e0-92b3-0024d61b6cc2}\Shell\AutoRun\command - "" = E:\WD SmartWare.exe -- [2010/01/21 19:13:40 | 003,330,848 | R--- | M] (Western Digital)
O33 - MountPoints2\{efe987fd-94ec-11df-91c3-0024d61b6cc2}\Shell - "" = AutoRun
O33 - MountPoints2\{efe987fd-94ec-11df-91c3-0024d61b6cc2}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{efe987fd-94ec-11df-91c3-0024d61b6cc2}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (Partizan) - C:\WINDOWS\System32\Partizan.exe (Greatis Software)
O34 - HKLM BootExecute: (ootExecute settings...) - File not found
O34 - HKLM BootExecute: (ount) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/04 10:26:46 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\kbroach\Desktop\OTL.exe
[2011/05/03 18:04:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kbroach\Start Menu\Programs\Juniper Networks
[2011/05/03 13:47:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\RegRunInfo
[2011/05/03 13:42:28 | 000,024,416 | ---- | C] (Greatis Software) -- C:\WINDOWS\System32\drivers\regguard.sys
[2011/05/03 13:33:48 | 000,039,192 | ---- | C] (Greatis Software) -- C:\WINDOWS\System32\Partizan.exe
[2011/05/03 13:33:48 | 000,035,816 | ---- | C] (Greatis Software) -- C:\WINDOWS\System32\drivers\Partizan.sys
[2011/05/03 13:28:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kbroach\My Documents\RegRun2
[2011/05/03 13:28:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Reanimator
[2011/05/03 13:28:17 | 000,000,000 | ---D | C] -- C:\Program Files\Greatis
[2011/05/03 11:17:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/03 10:54:59 | 007,734,240 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\kbroach\Desktop\mbam-setup.exe
[2011/05/02 22:03:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\kbroach\Recent
[2011/04/27 20:08:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Apps Sync 2.0
[2011/04/16 12:43:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/04/16 12:43:11 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/04/16 12:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/04/13 03:06:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2011/04/12 22:05:20 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/04 10:26:56 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kbroach\Desktop\OTL.exe
[2011/05/04 10:05:11 | 000,000,888 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/04 09:26:53 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\kbroach\Local Settings\Application Data\WavXMapDrive.bat
[2011/05/04 09:26:51 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/04 09:26:50 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/04 09:15:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/04 09:15:08 | 2029,936,640 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/04 07:18:07 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{AFB6C713-0467-4803-BB4C-7F267C472C66}.job
[2011/05/03 18:11:52 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\kbroach\Desktop\Microsoft Office Outlook 2007.lnk
[2011/05/03 15:41:28 | 000,065,536 | ---- | M] () -- C:\Documents and Settings\kbroach\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/03 15:29:45 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\kbroach\Desktop\Microsoft Office Excel 2007.lnk
[2011/05/03 15:21:41 | 000,468,332 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/05/03 15:21:41 | 000,081,024 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/05/03 13:52:41 | 000,301,568 | ---- | M] () -- C:\Documents and Settings\kbroach\Desktop\umtqrsnj.exe
[2011/05/03 13:42:28 | 000,024,416 | ---- | M] (Greatis Software) -- C:\WINDOWS\System32\drivers\regguard.sys
[2011/05/03 13:33:48 | 000,039,192 | ---- | M] (Greatis Software) -- C:\WINDOWS\System32\Partizan.exe
[2011/05/03 13:33:48 | 000,035,816 | ---- | M] (Greatis Software) -- C:\WINDOWS\System32\drivers\Partizan.sys
[2011/05/03 13:32:38 | 000,000,736 | ---- | M] () -- C:\Documents and Settings\kbroach\Desktop\Reanimator.lnk
[2011/05/03 13:28:21 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/05/03 13:28:21 | 000,001,688 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2011/05/03 13:28:21 | 000,000,002 | RHS- | M] () -- C:\WINDOWS\winstart.bat
[2011/05/03 13:27:29 | 009,169,038 | ---- | M] () -- C:\Documents and Settings\kbroach\Desktop\reanimator.zip
[2011/05/03 11:17:02 | 000,000,786 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/03 10:58:00 | 000,504,657 | ---- | M] () -- C:\Documents and Settings\kbroach\Desktop\unhide.exe
[2011/05/03 10:55:04 | 007,734,240 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\kbroach\Desktop\mbam-setup.exe
[2011/05/03 10:52:50 | 001,006,778 | ---- | M] () -- C:\Documents and Settings\kbroach\Desktop\iExplore.exe
[2011/05/02 21:13:07 | 000,000,184 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~19324724
[2011/05/02 21:13:07 | 000,000,152 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~19324724r
[2011/05/02 21:06:41 | 000,000,336 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\19324724
[2011/04/30 14:10:30 | 000,006,468 | ---- | M] () -- C:\bar.emf
[2011/04/30 08:47:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/04/28 06:50:00 | 000,002,483 | ---- | M] () -- C:\Documents and Settings\kbroach\Desktop\Microsoft Office PowerPoint 2007.lnk
[2011/04/27 19:56:55 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\kbroach\Desktop\Microsoft Office Word 2007.lnk
[2011/04/16 12:43:46 | 000,001,544 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/04/15 22:23:56 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/04/14 03:18:01 | 000,276,560 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/14 03:00:54 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/03 13:52:38 | 000,301,568 | ---- | C] () -- C:\Documents and Settings\kbroach\Desktop\umtqrsnj.exe
[2011/05/03 13:28:21 | 000,000,002 | RHS- | C] () -- C:\WINDOWS\winstart.bat
[2011/05/03 13:28:19 | 000,000,736 | ---- | C] () -- C:\Documents and Settings\kbroach\Desktop\Reanimator.lnk
[2011/05/03 13:27:15 | 009,169,038 | ---- | C] () -- C:\Documents and Settings\kbroach\Desktop\reanimator.zip
[2011/05/03 13:11:35 | 2029,936,640 | -HS- | C] () -- C:\hiberfil.sys
[2011/05/03 11:17:02 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/03 10:57:59 | 000,504,657 | ---- | C] () -- C:\Documents and Settings\kbroach\Desktop\unhide.exe
[2011/05/03 10:51:36 | 001,006,778 | ---- | C] () -- C:\Documents and Settings\kbroach\Desktop\iExplore.exe
[2011/05/02 21:06:50 | 000,000,184 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~19324724
[2011/05/02 21:06:50 | 000,000,152 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~19324724r
[2011/05/02 21:06:34 | 000,000,336 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\19324724
[2011/04/16 12:43:46 | 000,001,544 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/10/18 21:32:09 | 000,164,160 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/08/22 07:54:34 | 000,470,108 | ---- | C] () -- C:\WINDOWS\System32\IRAS.sys
[2010/06/08 17:13:11 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/03/29 16:26:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/01/09 12:38:24 | 000,059,832 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/12/19 19:19:25 | 000,065,536 | ---- | C] () -- C:\Documents and Settings\kbroach\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/23 16:28:26 | 000,000,162 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/11/18 10:47:43 | 000,000,743 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2009/11/18 10:33:12 | 000,117,092 | ---- | C] () -- C:\WINDOWS\hpoins11.dat
[2009/11/18 09:54:56 | 000,000,169 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2009/11/18 09:50:11 | 000,117,153 | ---- | C] () -- C:\WINDOWS\hpoins11.dat.temp
[2009/11/18 09:50:10 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat.temp
[2009/11/16 12:52:53 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\kbroach\Local Settings\Application Data\fusioncache.dat
[2009/11/16 12:17:59 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2009/11/12 23:49:53 | 000,038,450 | ---- | C] () -- C:\Documents and Settings\kbroach\Application Data\Comma Separated Values (Windows).ADR
[2009/11/11 19:48:21 | 000,020,886 | ---- | C] () -- C:\WINDOWS\System32\ddmon.dll
[2009/11/06 20:36:39 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\kbroach\Local Settings\Application Data\WavXMapDrive.bat
[2009/10/16 16:35:45 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\glut32.dll
[2009/10/08 15:36:39 | 000,982,192 | ---- | C] () -- C:\WINDOWS\System32\igkrng500.bin
[2009/10/08 15:36:39 | 000,417,344 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin
[2009/10/08 15:36:37 | 000,077,824 | ---- | C] () -- C:\WINDOWS\setpwr32.exe
[2009/10/08 15:33:10 | 000,001,156 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2009/10/08 13:30:45 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/10/08 13:22:44 | 000,232,744 | R--- | C] () -- C:\WINDOWS\System32\drivers\SRS_PremiumSound_i386.sys
[2009/10/08 13:20:25 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2009/10/08 13:20:25 | 000,025,088 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2009/10/08 13:09:50 | 000,279,888 | ---- | C] () -- C:\WINDOWS\System32\brcmbsp.dll
[2009/10/08 13:07:27 | 000,080,368 | ---- | C] () -- C:\WINDOWS\System32\pbadrvdll.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/04/22 09:58:30 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\DTMessageLib.dll
[2009/04/10 12:01:12 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2009/02/26 16:54:52 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_tr.dll
[2009/02/26 16:54:50 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ro.dll
[2009/02/26 16:54:48 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pt-BR.dll
[2009/02/26 16:54:48 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_hu.dll
[2009/02/26 16:54:46 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_he.dll
[2009/02/26 16:54:44 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_el.dll
[2009/02/26 16:54:44 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_fi.dll
[2009/02/26 16:54:42 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_cs.dll
[2009/02/26 16:54:40 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ar.dll
[2009/02/26 16:54:40 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHT.dll
[2009/02/26 16:54:38 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHS.dll
[2009/02/26 16:54:36 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_sv.dll
[2009/02/26 16:54:34 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pt.dll
[2009/02/26 16:54:34 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ru.dll
[2009/02/26 16:54:32 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pl.dll
[2009/02/26 16:54:32 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_no.dll
[2009/02/26 16:54:30 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_nl.dll
[2009/02/26 16:54:28 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ja.dll
[2009/02/26 16:54:28 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ko.dll
[2009/02/26 16:54:26 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_it.dll
[2009/02/26 16:54:24 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_fr.dll
[2009/02/26 16:54:24 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_es.dll
[2009/02/26 16:54:20 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_de.dll
[2009/02/26 16:54:20 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_da.dll
[2009/02/17 09:51:28 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\AmRes_es.dll
[2009/02/17 09:51:28 | 000,512,000 | ---- | C] () -- C:\WINDOWS\System32\AmRes_en.dll
[2009/02/17 09:51:26 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\AmRes_fr.dll
[2009/02/17 09:51:24 | 000,536,576 | ---- | C] () -- C:\WINDOWS\System32\AmRes_it.dll
[2009/02/17 09:51:24 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ja.dll
[2009/02/17 09:51:24 | 000,503,808 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ko.dll
[2009/02/17 09:51:22 | 000,565,248 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ru.dll
[2009/02/17 09:51:22 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pt-BR.dll
[2009/02/17 09:51:20 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\AmRes_fi.dll
[2009/02/17 09:51:20 | 000,479,232 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHT.dll
[2009/02/17 09:51:20 | 000,475,136 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHS.dll
[2009/02/17 09:51:18 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\AmRes_da.dll
[2009/02/17 09:51:16 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\AmRes_nl.dll
[2009/02/17 09:51:16 | 000,528,384 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pl.dll
[2009/02/17 09:51:16 | 000,512,000 | ---- | C] () -- C:\WINDOWS\System32\AmRes_no.dll
[2009/02/17 09:51:14 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\AmRes_sv.dll
[2009/02/17 09:51:04 | 000,528,384 | ---- | C] () -- C:\WINDOWS\System32\AmRes_cs.dll
[2009/02/17 09:51:04 | 000,512,000 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ar.dll
[2009/02/17 09:51:02 | 000,536,576 | ---- | C] () -- C:\WINDOWS\System32\AmRes_el.dll
[2009/02/17 09:51:02 | 000,503,808 | ---- | C] () -- C:\WINDOWS\System32\AmRes_he.dll
[2009/02/17 09:51:00 | 000,532,480 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pt-PT.dll
[2009/02/17 09:51:00 | 000,528,384 | ---- | C] () -- C:\WINDOWS\System32\AmRes_hu.dll
[2009/02/17 09:50:58 | 000,532,480 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ro.dll
[2009/02/17 09:50:58 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\AmRes_tr.dll
[2009/02/17 08:46:36 | 000,544,768 | ---- | C] () -- C:\WINDOWS\System32\AmRes_de.dll
[2009/01/06 16:25:36 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\Wavx_ESC_Logging.dll
[2008/12/22 14:13:54 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\wxvault.dll
[2008/10/06 18:36:56 | 000,839,680 | ---- | C] () -- C:\WINDOWS\System32\DemoLicense.dll
[2008/09/03 14:25:06 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ddcvt.exe
[2008/08/15 08:46:30 | 002,854,912 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/25 16:31:41 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/04/25 16:27:18 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/04/25 16:26:32 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008/04/25 11:16:35 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2008/04/25 11:16:35 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2008/04/25 11:16:35 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2008/04/25 11:16:35 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2008/04/25 11:16:35 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2008/04/25 11:16:24 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/25 11:16:22 | 000,468,332 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/25 11:16:22 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/25 11:16:22 | 000,081,024 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/25 11:16:22 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/25 11:16:22 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/25 11:16:21 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/25 11:16:20 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008/04/25 11:16:18 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/25 11:16:18 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/25 11:16:13 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/25 11:16:11 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/25 04:22:39 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/04/25 04:21:52 | 000,276,560 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/03/25 09:46:00 | 000,077,536 | ---- | C] () -- C:\WINDOWS\System32\xltZlib.dll
[2008/02/19 01:33:34 | 000,446,352 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2007/10/18 20:36:54 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\deskMenu2.dll
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/04/19 05:52:16 | 000,080,720 | ---- | C] () -- C:\WINDOWS\System32\AsfBios.dll
[2007/04/19 05:28:10 | 000,025,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\netamsg.dll
[2006/06/30 12:58:44 | 000,176,128 | R--- | C] () -- C:\WINDOWS\System32\bioapi_mds300.dll
[2006/06/30 12:58:44 | 000,126,976 | R--- | C] () -- C:\WINDOWS\System32\bioapi100.dll
[2006/06/12 08:01:16 | 000,348,160 | ---- | C] () -- C:\WINDOWS\tsp.dll
[2006/05/05 16:18:56 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat
[2004/09/10 13:34:00 | 000,917,504 | ---- | C] () -- C:\WINDOWS\System32\lmgr10.dll
[2004/09/10 13:34:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ADsSecurity.dll
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001/07/07 06:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2000/05/15 15:39:00 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\cscc.dll

< End of report >

Attached Files

  • Attached File  OTL.Txt   96.08KB   86 downloads

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP