[md262]

Our computer may be infected with malware. Both Internet Explorer and Google Chrome won't run unless it's in safe mode. When we can log onto the internet, we are redirected to spam sites such as breaking news. Appreciate any suggestions/comments. Thank you in advance!

Here are some logs:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6513

Windows 6.0.6000
Internet Explorer 7.0.6000.16982

5/6/2011 12:20:09 PM
mbam-log-2011-05-06 (12-20-09).txt

Scan type: Quick scan
Objects scanned: 198898
Time elapsed: 3 minute(s), 38 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

--------------------------------------

OTL logfile created on: 5/6/2011 1:38:33 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\jklm\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 67.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.72 Gb Total Space | 271.04 Gb Free Space | 59.47% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.29 Gb Free Space | 62.87% Space Free | Partition Type: NTFS

Computer Name: JKLM-PC | User Name: jklm | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/06 13:38:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\jklm\Desktop\OTL.exe
PRC - [2010/11/11 13:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2009/12/07 18:37:52 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2006/11/02 02:45:13 | 000,497,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\HelpPane.exe


========== Modules (SafeList) ==========

MOD - [2011/05/06 13:38:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\jklm\Desktop\OTL.exe
MOD - [2006/11/02 02:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (CLTNetCnService)
SRV - [2010/11/11 13:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2007/09/05 09:45:20 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/06/15 12:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto | Stopped] -- C:\Windows\System32\bgsvcgen.exe -- (bgsvcgen)
SRV - [2007/03/19 10:44:44 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)


========== Driver Services (SafeList) ==========

DRV - [2011/05/05 06:37:42 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl7f7a024f.sys -- (MpKsl7f7a024f)
DRV - [2011/05/05 06:01:29 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl4f8c8453.sys -- (MpKsl4f8c8453)
DRV - [2011/05/05 05:53:19 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl1827f77f.sys -- (MpKsl1827f77f)
DRV - [2011/05/05 05:45:09 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKslf64432ad.sys -- (MpKslf64432ad)
DRV - [2011/05/05 05:36:51 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKslbbff5934.sys -- (MpKslbbff5934)
DRV - [2011/05/05 05:29:19 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl6b3411d5.sys -- (MpKsl6b3411d5)
DRV - [2011/05/05 05:22:02 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl226f02db.sys -- (MpKsl226f02db)
DRV - [2011/05/05 05:12:16 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl263c93b2.sys -- (MpKsl263c93b2)
DRV - [2011/05/05 05:05:44 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKslb0a41b36.sys -- (MpKslb0a41b36)
DRV - [2011/05/05 04:58:15 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl16dc691b.sys -- (MpKsl16dc691b)
DRV - [2011/05/05 04:36:24 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl383ff3de.sys -- (MpKsl383ff3de)
DRV - [2011/05/05 04:28:01 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl05122a8b.sys -- (MpKsl05122a8b)
DRV - [2011/05/05 04:19:35 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKslfb0b5383.sys -- (MpKslfb0b5383)
DRV - [2011/05/05 04:11:13 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsla57f232b.sys -- (MpKsla57f232b)
DRV - [2011/05/05 04:02:32 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKslc93dacc6.sys -- (MpKslc93dacc6)
DRV - [2011/05/05 03:51:40 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKslfb7ca551.sys -- (MpKslfb7ca551)
DRV - [2011/05/05 03:43:26 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsldb52d373.sys -- (MpKsldb52d373)
DRV - [2011/05/05 03:35:09 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl39cccd03.sys -- (MpKsl39cccd03)
DRV - [2011/05/05 03:26:51 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl15459026.sys -- (MpKsl15459026)
DRV - [2011/05/05 03:18:03 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKslce548baa.sys -- (MpKslce548baa)
DRV - [2011/05/05 03:06:51 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl61579ca0.sys -- (MpKsl61579ca0)
DRV - [2011/05/05 02:58:39 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl9f057cca.sys -- (MpKsl9f057cca)
DRV - [2011/05/05 02:50:29 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl105993f9.sys -- (MpKsl105993f9)
DRV - [2011/05/05 02:42:17 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl39d542ce.sys -- (MpKsl39d542ce)
DRV - [2011/05/05 02:33:50 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl0d686f1d.sys -- (MpKsl0d686f1d)
DRV - [2011/05/05 02:25:32 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl131d5cbc.sys -- (MpKsl131d5cbc)
DRV - [2011/05/05 02:17:17 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl05671e18.sys -- (MpKsl05671e18)
DRV - [2011/05/05 02:09:19 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl5202f2fa.sys -- (MpKsl5202f2fa)
DRV - [2011/05/05 02:00:59 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl5c5b17aa.sys -- (MpKsl5c5b17aa)
DRV - [2011/05/05 01:52:39 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl51d3b77d.sys -- (MpKsl51d3b77d)
DRV - [2011/05/05 01:44:45 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsld96ab5de.sys -- (MpKsld96ab5de)
DRV - [2011/05/05 01:36:34 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl25a6d2fb.sys -- (MpKsl25a6d2fb)
DRV - [2011/05/05 01:28:24 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsla2e7b1eb.sys -- (MpKsla2e7b1eb)
DRV - [2011/05/05 01:19:21 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKslde0596fa.sys -- (MpKslde0596fa)
DRV - [2011/05/05 01:09:25 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl93d52003.sys -- (MpKsl93d52003)
DRV - [2011/05/05 01:02:59 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl3b5093e9.sys -- (MpKsl3b5093e9)
DRV - [2011/05/05 00:56:30 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl464c6428.sys -- (MpKsl464c6428)
DRV - [2011/05/05 00:50:06 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKslbcbe5725.sys -- (MpKslbcbe5725)
DRV - [2011/05/05 00:42:29 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl9b3b6fe3.sys -- (MpKsl9b3b6fe3)
DRV - [2011/05/04 22:57:10 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKslb29da2e4.sys -- (MpKslb29da2e4)
DRV - [2011/05/04 22:48:57 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl94b85baa.sys -- (MpKsl94b85baa)
DRV - [2011/05/04 22:05:20 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl1f57339a.sys -- (MpKsl1f57339a)
DRV - [2011/02/19 15:21:03 | 000,007,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\utm5ndm3.sys -- (utm5ndm3)
DRV - [2010/10/24 22:25:38 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2009/10/21 23:23:18 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/10/21 23:23:18 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/05/03 20:32:16 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2007/04/29 01:42:24 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2007/02/25 10:10:48 | 000,005,376 | ---- | M] (Gteko Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/11/02 00:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/10/18 11:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/10/05 15:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/04 17:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/02/20 19:17:00 | 000,033,408 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdrbsdrv.sys -- (cdrbsdrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=us&ibd=2070905
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.2
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {57DBC34D-AEB3-4F4B-AF6B-2A4F07172859}:1.9.1

FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/27 21:52:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/04 14:31:22 | 000,000,000 | ---D | M]

[2010/03/21 07:22:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jklm\AppData\Roaming\Mozilla\Extensions
[2011/01/14 16:50:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jklm\AppData\Roaming\Mozilla\Firefox\Profiles\k9fdndyk.default\extensions
[2010/07/26 22:17:22 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\jklm\AppData\Roaming\Mozilla\Firefox\Profiles\k9fdndyk.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010/03/21 07:33:02 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\jklm\AppData\Roaming\Mozilla\Firefox\Profiles\k9fdndyk.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/03/21 07:21:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\USERS\JKLM\APPDATA\LOCAL\{57DBC34D-AEB3-4F4B-AF6B-2A4F07172859}

Hosts file not found
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O4 - HKLM..\Run: [dscactivate] c:\dell\dsca.exe ( )
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D1E1F7ED622A0E5D.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: motive.com ([pattta.att] https in Trusted sites)
O15 - HKCU\..Trusted Domains: motive.com ([patttbc.att] https in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www.costcopho...stcoActivia.cab (Snapfish Activia)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {A1662FB6-39BE-41BB-ACDC-0448FB1B5817} http://images3.pnime...veX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnime...veX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...inAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/06 13:38:00 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\jklm\Desktop\OTL.exe
[2011/05/06 05:34:03 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011/05/05 22:58:03 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011/05/05 22:58:03 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/05/05 22:58:03 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/05/05 22:58:03 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/05/05 22:57:48 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/04/22 23:55:20 | 000,000,000 | ---D | C] -- C:\Users\jklm\Desktop\Run
[2011/04/10 15:38:36 | 000,000,000 | ---D | C] -- C:\Users\jklm\Documents\New Folder
[2009/02/07 21:59:14 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\jklm\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2011/05/06 13:38:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\jklm\Desktop\OTL.exe
[2011/05/06 13:36:30 | 000,685,376 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/06 13:36:30 | 000,126,264 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/06 13:31:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/06 12:12:04 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296283253-215777900-395999709-1000UA.job
[2011/05/06 12:11:38 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/06 12:11:33 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/06 12:11:33 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/06 08:42:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/06 05:20:29 | 114,018,669 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/05/05 23:14:45 | 000,000,680 | ---- | M] () -- C:\Users\jklm\AppData\Local\d3d9caps.dat
[2011/05/04 14:12:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296283253-215777900-395999709-1000Core.job
[2011/05/04 09:39:02 | 000,002,633 | ---- | M] () -- C:\Users\jklm\Desktop\Microsoft Office Outlook 2007.lnk
[2011/05/03 06:25:04 | 000,000,166 | ---- | M] () -- C:\Users\jklm\Desktop\NEW MEPHISTO WOMEN'S BABATA SANDAL BROWN 35 5 US $225 - eBay.url
[2011/05/02 17:43:10 | 000,200,192 | ---- | M] () -- C:\Users\jklm\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/28 16:14:02 | 000,002,039 | ---- | M] () -- C:\Users\jklm\Desktop\Google Chrome.lnk
[2011/04/28 16:14:02 | 000,002,001 | ---- | M] () -- C:\Users\jklm\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/04/22 07:29:48 | 000,002,609 | ---- | M] () -- C:\Users\jklm\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk

========== Files Created - No Company Name ==========

[2099/01/01 12:00:00 | 000,006,456 | -H-- | C] () -- C:\ProgramData\nikujohe
[2011/05/05 22:58:03 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/05/05 22:58:03 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/05/05 22:58:03 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/05/05 22:58:03 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/05/05 22:58:03 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/05/04 22:03:44 | 114,018,669 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/05/03 06:25:04 | 000,000,166 | ---- | C] () -- C:\Users\jklm\Desktop\NEW MEPHISTO WOMEN'S BABATA SANDAL BROWN 35 5 US $225 - eBay.url
[2011/02/09 06:44:40 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\utm5ndm3.sys
[2010/07/18 20:08:12 | 000,000,120 | ---- | C] () -- C:\Users\jklm\AppData\Local\Uhadoh.dat
[2010/07/18 20:08:12 | 000,000,000 | ---- | C] () -- C:\Users\jklm\AppData\Local\Egodejuzak.bin
[2009/07/23 17:16:35 | 000,000,680 | ---- | C] () -- C:\Users\jklm\AppData\Local\d3d9caps.dat
[2009/02/07 21:59:14 | 000,007,887 | ---- | C] () -- C:\Users\jklm\AppData\Roaming\pcouffin.cat
[2009/02/07 21:59:14 | 000,001,144 | ---- | C] () -- C:\Users\jklm\AppData\Roaming\pcouffin.inf
[2007/09/21 05:11:46 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2007/09/16 18:31:16 | 000,397,312 | ---- | C] () -- C:\Windows\System32\zshp1020.exe
[2007/09/16 18:21:14 | 000,106,496 | R--- | C] () -- C:\Windows\System32\vshp1020.dll
[2007/09/16 18:12:05 | 000,200,192 | ---- | C] () -- C:\Users\jklm\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/09/05 09:47:40 | 000,910,464 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/09/05 09:47:40 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007/09/05 09:47:40 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1255.dll
[2006/11/10 06:26:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/07 12:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 05:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 05:47:37 | 000,418,704 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:33:01 | 000,685,376 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 03:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 03:33:01 | 000,126,264 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 03:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 03:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 03:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 01:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 01:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 00:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/11/02 00:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006/11/02 00:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006/09/16 21:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/16 21:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll

========== LOP Check ==========

[2010/10/18 20:27:35 | 000,000,000 | ---D | M] -- C:\Users\jklm\AppData\Roaming\6044A78B2B04858E5713A47E3F8BC32C
[2010/09/12 14:45:01 | 000,000,000 | ---D | M] -- C:\Users\jklm\AppData\Roaming\GARMIN
[2011/02/12 09:44:26 | 000,000,000 | ---D | M] -- C:\Users\jklm\AppData\Roaming\HandBrake
[2010/09/17 18:13:25 | 000,000,000 | ---D | M] -- C:\Users\jklm\AppData\Roaming\Orbit
[2010/05/31 16:19:21 | 000,000,000 | ---D | M] -- C:\Users\jklm\AppData\Roaming\Panasonic
[2010/09/03 18:52:07 | 000,000,000 | ---D | M] -- C:\Users\jklm\AppData\Roaming\ProgSense
[2009/07/23 19:22:47 | 000,000,000 | ---D | M] -- C:\Users\jklm\AppData\Roaming\Vso
[2011/05/06 12:25:34 | 000,032,572 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >


--------------------------

OTL Extras logfile created on: 5/6/2011 1:38:33 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\jklm\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 67.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.72 Gb Total Space | 271.04 Gb Free Space | 59.47% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.29 Gb Free Space | 62.87% Space Free | Partition Type: NTFS

Computer Name: JKLM-PC | User Name: jklm | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{A4443683-63BD-4AFA-8384-AEBA2E1C92DD}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{017987AD-A597-40B1-ACF3-1F4A9BA724CA}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{0C9BE2E1-8336-46D5-9B4C-FD9ECBDFBBD9}" = protocol=6 | dir=in | app=c:\windows\servicing\trustedinstaller.exe |
"{128D15FF-68CA-484C-9DF3-EE480CD7C830}" = protocol=17 | dir=in | app=c:\windows\servicing\trustedinstaller.exe |
"{147B7379-A2D4-4131-9518-27ECE3DD56E8}" = protocol=6 | dir=in | app=c:\windows\system32\logonui.exe |
"{1B9A0C73-1428-4A1F-9652-8708FE4A7FC0}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{20602F05-FB36-41B8-9FC0-360A14F7123D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5415A3AA-7EB2-4754-91D4-FB64AA5CF5AB}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{61A37F26-CA62-4E41-8A85-120887C164A4}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7A625494-DCFB-4181-B11F-1B633548E8F3}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A9527B14-3CC4-4CAB-BE3B-5725A9D963F9}" = protocol=17 | dir=in | app=c:\windows\system32\logonui.exe |
"{BE6D5BDD-952A-4995-BB79-F51335334B3F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EB6A993A-1843-4DB5-9C80-2E0B98B34BE9}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{A95037B5-9F73-49E1-88C8-96C04E88205D}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{F0229D1E-1F1F-41C4-BCA0-269EDEA4F641}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"UDP Query User{836A5650-9619-4C54-9458-40DF647E64BD}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"UDP Query User{A79D3154-1FEF-4A2A-B14A-418925D098B5}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{03C5896D-8F49-471E-8F92-801A94570038}" = VideoCam Suite
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}" = Dell System Customization Wizard
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2357B8BC-88C9-4A72-818C-050CC4EB0778}" = AOL Install
"{2C6C74C2-042F-4D36-B7B0-0C538FCF01AB}" = Dell DataSafe Online
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3E25E350-949F-4DB7-8288-2A60E018B4C1}" = Games, Music, & Photos Launcher
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{5E68BB65-4059-4FE5-AAC4-0CD1D79BBDE2}" = EarthLink Setup Files
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel® PRO Network Connections 12.1.11.0
"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUSR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUSR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUSR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUSR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUSR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9EDF1A5D-D8E0-413E-9782-75DD4A8C831B}" = VideoCam Suite 1.0
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A70800000002}" = Adobe Reader 7.0.8
"{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B8C54AB1-7E1A-40E8-B794-EDB6E8921F3A}" = Dell Support Center
"{C7DD94A8-F775-426C-B56C-8E555A59F9E2}" = Garmin Communicator Plugin
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CCFF1E13-77A2-4032-8B12-7566982A27DF}" = Internet Service Offers Launcher
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E6FA148F-1E7D-4A42-A9A2-7DFABC2C6A2B}" = SportTracks 2.1
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player
"ATT-SST" = AT&T Self Support Tool
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 PCI V.92 Modem
"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.7
"Google Desktop" = Google Desktop
"HandBrake" = HandBrake 0.9.5
"HijackThis" = HijackThis 2.0.2
"HP-LaserJet 1020 series" = LaserJet 1020 series
"MediaMonkey_is1" = MediaMonkey 3.2
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"OrderReminder HP LaserJet 1020" = OrderReminder HP LaserJet 1020
"PROPLUSR" = Microsoft Office Professional Plus 2007
"PROSetDX" = Intel® PRO Network Connections 12.1.11.0
"Uninstall_is1" = Uninstall 1.0.0.1
"WinRAR archiver" = WinRAR archiver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/6/2011 8:33:56 AM | Computer Name = jklm-PC | Source = Application Error | ID = 1000
Description = Faulting application PEV.cfxxe, version 0.0.0.0, time stamp 0x4bd0e994,
faulting module PEV.cfxxe, version 0.0.0.0, time stamp 0x4bd0e994, exception code
0xc00000fd, fault offset 0x0005763a, process id 0xc94, application start time 0x01cc0be9d11d95f7.

Error - 5/6/2011 8:44:39 AM | Computer Name = jklm-PC | Source = WerSvc | ID = 5007
Description =

Error - 5/6/2011 8:51:19 AM | Computer Name = jklm-PC | Source = Application Error | ID = 1000
Description = Faulting application PEV.cfxxe, version 0.0.0.0, time stamp 0x4bd0e994,
faulting module PEV.cfxxe, version 0.0.0.0, time stamp 0x4bd0e994, exception code
0xc00000fd, fault offset 0x00057ac3, process id 0x4f8, application start time 0x01cc0bec39496e61.

Error - 5/6/2011 9:37:16 AM | Computer Name = jklm-PC | Source = Application Error | ID = 1000
Description = Faulting application PEV.cfxxe, version 0.0.0.0, time stamp 0x4bd0e994,
faulting module PEV.cfxxe, version 0.0.0.0, time stamp 0x4bd0e994, exception code
0xc00000fd, fault offset 0x00057632, process id 0x3b1c, application start time 0x01cc0bf2a82a8931.

Error - 5/6/2011 3:12:08 PM | Computer Name = jklm-PC | Source = System Restore | ID = 8193
Description =

Error - 5/6/2011 3:12:10 PM | Computer Name = jklm-PC | Source = MsiInstaller | ID = 11706
Description =

Error - 5/6/2011 3:15:57 PM | Computer Name = jklm-PC | Source = WerSvc | ID = 5007
Description =

Error - 5/6/2011 4:27:57 PM | Computer Name = jklm-PC | Source = EventSystem | ID = 4609
Description =

Error - 5/6/2011 4:29:31 PM | Computer Name = jklm-PC | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, time stamp 0x4db90fe3,
faulting module chrome.dll, version 11.0.696.60, time stamp 0x4db90f7a, exception
code 0x80000003, fault offset 0x00524797, process id 0x16c, application start time
0x01cc0c2c4d7efd2c.

Error - 5/6/2011 4:32:40 PM | Computer Name = jklm-PC | Source = EventSystem | ID = 4609
Description =

[ Media Center Events ]
Error - 3/6/2009 8:31:43 PM | Computer Name = jklm-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 6/11/2009 7:36:41 PM | Computer Name = jklm-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 9/11/2009 11:33:11 PM | Computer Name = jklm-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 5/6/2011 4:28:20 PM | Computer Name = jklm-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 5/6/2011 4:28:20 PM | Computer Name = jklm-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 5/6/2011 4:28:38 PM | Computer Name = jklm-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 5/6/2011 4:28:42 PM | Computer Name = jklm-PC | Source = DCOM | ID = 10005
Description =

Error - 5/6/2011 4:28:44 PM | Computer Name = jklm-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 5/6/2011 4:32:18 PM | Computer Name = jklm-PC | Source = DCOM | ID = 10005
Description =

Error - 5/6/2011 4:32:40 PM | Computer Name = jklm-PC | Source = DCOM | ID = 10005
Description =

Error - 5/6/2011 4:33:06 PM | Computer Name = jklm-PC | Source = DCOM | ID = 10005
Description =

Error - 5/6/2011 4:33:26 PM | Computer Name = jklm-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 5/6/2011 4:33:26 PM | Computer Name = jklm-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >

[Advertisements]

Hello md262,

Welcome to the Malware forum.

Please run OTL.exe

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  

  :OTL
  [2010/03/21 07:21:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
  File not found (No name found) -- C:\USERS\JKLM\APPDATA\LOCAL\{57DBC34D-AEB3-4F4B-AF6B-2A4F07172859}
  
  :Commands
  [emptytemp]
  [emptyflash]
  [Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot when it is done
• It will produce a log for you on reboot, please post that log in your next reply.

Next

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan



On completion of the scan click save log, save it to your desktop and post in your next reply

So when you return please post

• OTL fix log
• aswMBR log

[emeraldnzl]

Hello md262,

Welcome to the Malware forum.

Please run OTL.exe

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  

  :OTL
  [2010/03/21 07:21:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
  File not found (No name found) -- C:\USERS\JKLM\APPDATA\LOCAL\{57DBC34D-AEB3-4F4B-AF6B-2A4F07172859}
  
  :Commands
  [emptytemp]
  [emptyflash]
  [Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot when it is done
• It will produce a log for you on reboot, please post that log in your next reply.

Next

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan



On completion of the scan click save log, save it to your desktop and post in your next reply

So when you return please post

• OTL fix log
• aswMBR log

[md262]

Thanks for your assistance. Here are the logs:

All processes killed
========== OTL ==========
Folder C:\Program Files\Mozilla Firefox\extensions\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Jenna
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: jklm
->Temp folder emptied: 133258166 bytes
->Temporary Internet Files folder emptied: 2745683545 bytes
->Java cache emptied: 6178621 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 1905008 bytes
->Flash cache emptied: 35345 bytes

User: Kayla
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Leslie
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Michael
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 735036200 bytes
RecycleBin emptied: 787 bytes

Total Files Cleaned = 3,454.00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Jenna
->Flash cache emptied: 0 bytes

User: jklm
->Flash cache emptied: 0 bytes

User: Kayla

User: Leslie
->Flash cache emptied: 0 bytes

User: Michael
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 05102011_200435

Files\Folders moved on Reboot...
C:\Users\jklm\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VSF9ZN9K\300339-malware[1].htm moved successfully.
File move failed. C:\Users\jklm\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VSF9ZN9K\AVCACQRT15CAZIS8EMCA8AZOA1CA46NFYICAJY60NYCAMJ86WXCAEIJC96CA88778ECA82ZVRHCAIVAE84CAMMZXR7CA2AMABACACDTIYRCAX9C2QQCAA92X29CADU0SCLCA6DJGXCCA1HLXUWCAVWCLAG.htm scheduled to be moved on reboot.
File move failed. C:\Users\jklm\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q0I03UPP\C0CA7TAC3GCA1VX49RCARKGF9DCA0DHOC3CAK84VU7CAJUZA24CA8N15GICAZ7VHN5CAL8QJ2OCA4Z6OK7CA50YQ57CAE9K614CALSA5ATCAKC5539CAP0UROTCAYXDJKGCAI7GOVMCAD6D9T9CAVVKH4B.htm scheduled to be moved on reboot.
File move failed. C:\Users\jklm\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ESPTQUBE\B0CAHVTRYMCAX6GS00CALVZ1EZCA1SZEM2CA8ZTDXYCAW51UZ3CA5DYDCTCA9XN1W9CAZT67T5CAHHJ1W9CA9REUJUCA9W3C4ECAES48UWCAYCNUJYCAC3LTZHCAIUEQY1CAXAIOYBCA3Y15IGCA8ENF3D.htm scheduled to be moved on reboot.
File move failed. C:\Users\jklm\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ESPTQUBE\SYCAU909Y2CAENOFAWCAUQPSP9CAXYAMMICA27KFT0CA01MS6PCAAOU2BKCAC4XF96CACNF6SGCAP65NYJCADNUNW5CA6B82TPCA6MQDZ4CA484GH8CAMWGH5GCAG9T3Y5CA7TY95ECAFH6X9CCAV1N9TV.htm scheduled to be moved on reboot.
C:\Users\jklm\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\A0AB7674-8D67-4F4D-B5E1-96FAEADFB79D.dat moved successfully.
C:\Users\jklm\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

Registry entries deleted on Reboot...



---------------------------------------------------



aswMBR version 0.9.5.256 Copyright© 2011 AVAST Software
Run date: 2011-05-10 19:57:03
-----------------------------
19:57:03.840 OS Version: Windows 6.0.6000
19:57:03.840 Number of processors: 2 586 0xF0D
19:57:03.840 ComputerName: JKLM-PC UserName: jklm
19:57:05.041 Initialize success
19:57:07.584 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:57:07.584 Disk 0 Vendor: ST3500630AS 3.ADG Size: 476940MB BusType: 3
19:57:09.628 Disk 0 MBR read successfully
19:57:09.628 Disk 0 MBR scan
19:57:09.628 Disk 0 TDL4@MBR code has been found
19:57:09.628 Disk 0 MBR hidden
19:57:09.628 Disk 0 MBR [TDL4] **ROOTKIT**
19:57:09.643 Disk 0 trace - called modules:
19:57:09.643 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x85bb54d0]<<
19:57:09.643 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84c4bad8]
19:57:09.659 3 ntkrnlpa.exe[820b07e2] -> nt!IofCallDriver -> [0x84bfb928]
19:57:09.659 5 acpi.sys[8046932a] -> nt!IofCallDriver -> [0x84262bb0]
19:57:09.659 \Driver\atapi[0x85929288] -> IRP_MJ_CREATE -> 0x85bb54d0
19:57:09.675 Scan finished successfully
19:57:52.850 Disk 0 MBR has been saved successfully to "C:\Users\jklm\Desktop\MBR.dat"
19:57:52.865 The log file has been saved successfully to "C:\Users\jklm\Desktop\aswMBR.txt"

[emeraldnzl]

Hello md262,

Re-Run aswMBR

Click Scan

On completion of the scan

Click the Fix for TDL4






Save the log as before and post in your next reply

[md262]

Thanks. Here is the new aswMBR log:

aswMBR version 0.9.5.256 Copyright© 2011 AVAST Software
Run date: 2011-05-10 22:52:44
-----------------------------
22:52:44.524 OS Version: Windows 6.0.6000
22:52:44.524 Number of processors: 2 586 0xF0D
22:52:44.524 ComputerName: JKLM-PC UserName: jklm
22:52:45.600 Initialize success
22:52:58.860 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:52:58.860 Disk 0 Vendor: ST3500630AS 3.ADG Size: 476940MB BusType: 3
22:53:00.888 Disk 0 MBR read successfully
22:53:00.888 Disk 0 MBR scan
22:53:00.888 Disk 0 TDL4@MBR code has been found
22:53:00.888 Disk 0 MBR hidden
22:53:00.888 Disk 0 MBR [TDL4] **ROOTKIT**
22:53:00.904 Disk 0 trace - called modules:
22:53:00.904 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x85b7f4d0]<<
22:53:00.904 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84c4aad8]
22:53:00.920 3 ntkrnlpa.exe[820b07e2] -> nt!IofCallDriver -> [0x84bf6268]
22:53:00.920 5 acpi.sys[8046932a] -> nt!IofCallDriver -> [0x8425c8b8]
22:53:00.920 \Driver\atapi[0x85b6ee78] -> IRP_MJ_CREATE -> 0x85b7f4d0
22:53:00.935 Scan finished successfully
22:53:37.455 Disk 0 fixing MBR ...
22:53:47.608 Disk 0 MBR restored successfully
22:53:47.608 Verifying disinfection
22:54:02.010 Infection fixed successfully - please reboot ASAP
22:54:30.455 Disk 0 MBR has been saved successfully to "C:\Users\jklm\Desktop\MBR.dat"
22:54:30.455 The log file has been saved successfully to "C:\Users\jklm\Desktop\aswMBR2.txt"

[md262]

I wanted to point out that our computer keeps logging me off on its own. When I restart the computer, it continues to go through the bootup process but never finishes and keeps restarting in an endless cycle. I finally rebooted in safe mode so at least the computer is able to operate. Please feel free to let me know how to proceed. Thanks very much.

[emeraldnzl]

Hello md262,

Please read carefully and follow these steps.

• Download TDSSKiller and save it to your Desktop.
• Extract its contents to your desktop.
• Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  
• If an infected file is detected, the default action will be Cure, click on Continue.
  
  
  
• If a suspicious file is detected, the default action will be Skip, click on Continue.
  
  
  
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  
  
  
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
• If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

[md262]

Thanks. Ran the process as indicated and "System scan completed - Infection: not found".



2011/05/10 23:19:02.0270 1544 TDSS rootkit removing tool 2.5.0.0 May 1 2011 14:20:16
2011/05/10 23:19:02.0820 1544 ================================================================================
2011/05/10 23:19:02.0820 1544 SystemInfo:
2011/05/10 23:19:02.0820 1544
2011/05/10 23:19:02.0820 1544 OS Version: 6.0.6000 ServicePack: 0.0
2011/05/10 23:19:02.0820 1544 Product type: Workstation
2011/05/10 23:19:02.0820 1544 ComputerName: JKLM-PC
2011/05/10 23:19:02.0820 1544 UserName: jklm
2011/05/10 23:19:02.0820 1544 Windows directory: C:\Windows
2011/05/10 23:19:02.0820 1544 System windows directory: C:\Windows
2011/05/10 23:19:02.0820 1544 Processor architecture: Intel x86
2011/05/10 23:19:02.0820 1544 Number of processors: 2
2011/05/10 23:19:02.0820 1544 Page size: 0x1000
2011/05/10 23:19:02.0820 1544 Boot type: Safe boot with network
2011/05/10 23:19:02.0820 1544 ================================================================================
2011/05/10 23:19:03.0182 1544 Initialize success
2011/05/10 23:19:21.0821 1452 ================================================================================
2011/05/10 23:19:21.0821 1452 Scan started
2011/05/10 23:19:21.0821 1452 Mode: Manual;
2011/05/10 23:19:21.0821 1452 ================================================================================
2011/05/10 23:19:22.0169 1452 ACPI (192bdbd1540645c4a2aa69f24cce197f) C:\Windows\system32\drivers\acpi.sys
2011/05/10 23:19:22.0236 1452 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/05/10 23:19:22.0279 1452 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/05/10 23:19:22.0317 1452 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/05/10 23:19:22.0350 1452 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/05/10 23:19:22.0459 1452 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
2011/05/10 23:19:22.0510 1452 agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys
2011/05/10 23:19:22.0536 1452 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/05/10 23:19:22.0590 1452 aliide (5c42a992e68724d2cd3ddb4fc3b0409f) C:\Windows\system32\drivers\aliide.sys
2011/05/10 23:19:22.0621 1452 amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys
2011/05/10 23:19:22.0659 1452 amdide (849dfacdde533da5d1810f0caf84eb19) C:\Windows\system32\drivers\amdide.sys
2011/05/10 23:19:22.0691 1452 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/05/10 23:19:22.0710 1452 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/05/10 23:19:22.0764 1452 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/05/10 23:19:22.0789 1452 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/05/10 23:19:22.0829 1452 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/05/10 23:19:22.0880 1452 atapi (9e7e85ec61d1c9c3171cc08427108863) C:\Windows\system32\drivers\atapi.sys
2011/05/10 23:19:22.0943 1452 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
2011/05/10 23:19:23.0043 1452 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
2011/05/10 23:19:23.0082 1452 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/05/10 23:19:23.0122 1452 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/05/10 23:19:23.0161 1452 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/05/10 23:19:23.0200 1452 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/05/10 23:19:23.0213 1452 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/05/10 23:19:23.0244 1452 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/05/10 23:19:23.0273 1452 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/05/10 23:19:23.0321 1452 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\Windows\system32\drivers\BVRPMPR5.SYS
2011/05/10 23:19:23.0460 1452 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
2011/05/10 23:19:23.0505 1452 cdrbsdrv (e0042bd5bef17a6a3ef1df576bde24d1) C:\Windows\system32\drivers\cdrbsdrv.sys
2011/05/10 23:19:23.0573 1452 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
2011/05/10 23:19:23.0621 1452 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/05/10 23:19:23.0664 1452 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
2011/05/10 23:19:23.0717 1452 cmdide (de11a06e187756ecb86cfa82dac40ff7) C:\Windows\system32\drivers\cmdide.sys
2011/05/10 23:19:23.0745 1452 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
2011/05/10 23:19:23.0786 1452 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/05/10 23:19:23.0818 1452 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/05/10 23:19:23.0914 1452 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
2011/05/10 23:19:24.0030 1452 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
2011/05/10 23:19:24.0084 1452 dot4 (57b2d433a08b95e4f1b53a919937f3e5) C:\Windows\system32\DRIVERS\Dot4.sys
2011/05/10 23:19:24.0117 1452 Dot4Print (d93fa484bb62fbe7e5ef335c5415d3cf) C:\Windows\system32\DRIVERS\Dot4Prt.sys
2011/05/10 23:19:24.0146 1452 Dot4Scan (8455e3fb3738ef33f0c6073a3efa013e) C:\Windows\system32\DRIVERS\Dot4Scan.sys
2011/05/10 23:19:24.0185 1452 dot4usb (599742c4260fb3e8edb3be148b8ce856) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/05/10 23:19:24.0227 1452 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
2011/05/10 23:19:24.0316 1452 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
2011/05/10 23:19:24.0360 1452 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\Windows\system32\DRIVERS\dsunidrv.sys
2011/05/10 23:19:24.0399 1452 DXGKrnl (f032a2f91287a0b800891c7bef9ca7a8) C:\Windows\System32\drivers\dxgkrnl.sys
2011/05/10 23:19:24.0461 1452 e1express (04944f4fc4f0477185f5d26ae0ddb90e) C:\Windows\system32\DRIVERS\e1e6032.sys
2011/05/10 23:19:24.0492 1452 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/05/10 23:19:24.0608 1452 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
2011/05/10 23:19:24.0702 1452 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/05/10 23:19:24.0777 1452 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
2011/05/10 23:19:24.0809 1452 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/05/10 23:19:24.0906 1452 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
2011/05/10 23:19:24.0947 1452 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
2011/05/10 23:19:24.0980 1452 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/05/10 23:19:25.0033 1452 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
2011/05/10 23:19:25.0116 1452 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
2011/05/10 23:19:25.0142 1452 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/05/10 23:19:25.0196 1452 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2011/05/10 23:19:25.0252 1452 grmnusb (6003bc70f1a8307262bd3c941bda0b7e) C:\Windows\system32\drivers\grmnusb.sys
2011/05/10 23:19:25.0308 1452 HDAudBus (ffb271303ba3c59d9c97b7af1175de95) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/05/10 23:19:25.0335 1452 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/05/10 23:19:25.0356 1452 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/05/10 23:19:25.0398 1452 HidUsb (01e7971e9f4bd6ac6a08db52d0ea0418) C:\Windows\system32\DRIVERS\hidusb.sys
2011/05/10 23:19:25.0433 1452 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/05/10 23:19:25.0483 1452 HSF_DPV (53229dcf431d76434816cd29251168a0) C:\Windows\system32\DRIVERS\HSX_DPV.sys
2011/05/10 23:19:25.0530 1452 HSXHWBS2 (ed98350ecd4a5a9c9f1e641c09872bb2) C:\Windows\system32\DRIVERS\HSXHWBS2.sys
2011/05/10 23:19:25.0590 1452 HTTP (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys
2011/05/10 23:19:25.0625 1452 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/05/10 23:19:25.0693 1452 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/05/10 23:19:25.0767 1452 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
2011/05/10 23:19:25.0801 1452 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/05/10 23:19:25.0883 1452 igfx (4b1ac83548269f1829803b4c88be6c83) C:\Windows\system32\DRIVERS\igdkmd32.sys
2011/05/10 23:19:25.0947 1452 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/05/10 23:19:26.0031 1452 IntcAzAudAddService (4eae74c8bcbca309a5d7cbad7e231427) C:\Windows\system32\drivers\RTKVHDA.sys
2011/05/10 23:19:26.0115 1452 intelide (1b16626beae3a52e611fc681cd796f86) C:\Windows\system32\DRIVERS\intelide.sys
2011/05/10 23:19:26.0140 1452 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
2011/05/10 23:19:26.0168 1452 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/05/10 23:19:26.0215 1452 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/05/10 23:19:26.0254 1452 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
2011/05/10 23:19:26.0293 1452 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
2011/05/10 23:19:26.0332 1452 isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys
2011/05/10 23:19:26.0374 1452 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/05/10 23:19:26.0395 1452 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/05/10 23:19:26.0432 1452 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/05/10 23:19:26.0494 1452 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/05/10 23:19:26.0532 1452 kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/05/10 23:19:26.0618 1452 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
2011/05/10 23:19:26.0713 1452 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
2011/05/10 23:19:26.0797 1452 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/05/10 23:19:26.0838 1452 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/05/10 23:19:26.0898 1452 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/05/10 23:19:26.0965 1452 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
2011/05/10 23:19:27.0013 1452 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
2011/05/10 23:19:27.0058 1452 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/05/10 23:19:27.0127 1452 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
2011/05/10 23:19:27.0171 1452 monitor (ec839ba91e45cce6eadafc418fff8206) C:\Windows\system32\DRIVERS\monitor.sys
2011/05/10 23:19:27.0205 1452 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
2011/05/10 23:19:27.0259 1452 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
2011/05/10 23:19:27.0329 1452 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
2011/05/10 23:19:27.0398 1452 MpFilter (7e34bfa1a7b60bba1da03d677f16cd63) C:\Windows\system32\DRIVERS\MpFilter.sys
2011/05/10 23:19:27.0452 1452 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/05/10 23:19:28.0643 1452 MpNWMon (f32e2d6a1640a469a9ed4f1929a4a861) C:\Windows\system32\DRIVERS\MpNWMon.sys
2011/05/10 23:19:28.0673 1452 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
2011/05/10 23:19:28.0714 1452 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/05/10 23:19:28.0780 1452 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
2011/05/10 23:19:28.0886 1452 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
2011/05/10 23:19:28.0993 1452 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
2011/05/10 23:19:29.0034 1452 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/05/10 23:19:29.0068 1452 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/05/10 23:19:29.0096 1452 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/05/10 23:19:29.0127 1452 msahci (0d1c042188ffe61a702a9df5944de5ba) C:\Windows\system32\drivers\msahci.sys
2011/05/10 23:19:29.0157 1452 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/05/10 23:19:29.0212 1452 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
2011/05/10 23:19:29.0262 1452 msisadrv (207df26dbb2537c20276da0e15892274) C:\Windows\system32\drivers\msisadrv.sys
2011/05/10 23:19:29.0303 1452 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
2011/05/10 23:19:29.0342 1452 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/05/10 23:19:29.0369 1452 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
2011/05/10 23:19:29.0401 1452 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
2011/05/10 23:19:29.0436 1452 mssmbios (7dbaa028f625aa46b95dda4fbe4b602b) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/05/10 23:19:29.0473 1452 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
2011/05/10 23:19:29.0532 1452 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
2011/05/10 23:19:29.0589 1452 NativeWifiP (497de786240303ee67ab01f5690c24c2) C:\Windows\system32\DRIVERS\nwifi.sys
2011/05/10 23:19:29.0693 1452 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
2011/05/10 23:19:29.0725 1452 NdisTapi (7584f1794b23b83d63cc124a8c56d103) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/05/10 23:19:29.0749 1452 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/05/10 23:19:29.0790 1452 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/05/10 23:19:29.0811 1452 NDProxy (874c12e3ad1431cabc854697d302c563) C:\Windows\system32\drivers\NDProxy.sys
2011/05/10 23:19:29.0872 1452 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
2011/05/10 23:19:29.0928 1452 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
2011/05/10 23:19:29.0969 1452 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/05/10 23:19:30.0018 1452 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
2011/05/10 23:19:30.0044 1452 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
2011/05/10 23:19:30.0091 1452 Ntfs (3f379380a4a2637f559444e338cf1b51) C:\Windows\system32\drivers\Ntfs.sys
2011/05/10 23:19:30.0142 1452 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/05/10 23:19:30.0193 1452 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
2011/05/10 23:19:30.0217 1452 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
2011/05/10 23:19:30.0271 1452 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/05/10 23:19:30.0311 1452 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/05/10 23:19:30.0338 1452 nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys
2011/05/10 23:19:30.0434 1452 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
2011/05/10 23:19:30.0495 1452 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/05/10 23:19:30.0576 1452 partmgr (84be786f33fdbd8765e05df3b7f5b9e6) C:\Windows\system32\drivers\partmgr.sys
2011/05/10 23:19:30.0612 1452 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/05/10 23:19:30.0671 1452 pci (bdd96f9cf34d58958aff1be6ef4c8020) C:\Windows\system32\drivers\pci.sys
2011/05/10 23:19:30.0704 1452 pciide (54d23dc5b5072311116826fdb7f6e83e) C:\Windows\system32\drivers\pciide.sys
2011/05/10 23:19:30.0732 1452 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/05/10 23:19:30.0776 1452 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
2011/05/10 23:19:30.0923 1452 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/05/10 23:19:31.0006 1452 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys
2011/05/10 23:19:31.0040 1452 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/05/10 23:19:31.0119 1452 PSched (b74edf14453c9987e99e66535047ebee) C:\Windows\system32\DRIVERS\pacer.sys
2011/05/10 23:19:31.0189 1452 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\Windows\system32\Drivers\PxHelp20.sys
2011/05/10 23:19:31.0258 1452 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/05/10 23:19:31.0328 1452 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/05/10 23:19:31.0368 1452 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
2011/05/10 23:19:31.0449 1452 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/05/10 23:19:31.0514 1452 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
2011/05/10 23:19:31.0548 1452 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/05/10 23:19:31.0565 1452 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/05/10 23:19:31.0632 1452 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
2011/05/10 23:19:31.0666 1452 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/05/10 23:19:31.0710 1452 rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys
2011/05/10 23:19:31.0741 1452 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
2011/05/10 23:19:31.0770 1452 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
2011/05/10 23:19:31.0835 1452 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
2011/05/10 23:19:31.0880 1452 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/05/10 23:19:31.0969 1452 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/05/10 23:19:31.0999 1452 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/05/10 23:19:32.0055 1452 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/05/10 23:19:32.0101 1452 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
2011/05/10 23:19:32.0136 1452 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys
2011/05/10 23:19:32.0157 1452 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
2011/05/10 23:19:32.0177 1452 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys
2011/05/10 23:19:32.0194 1452 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/05/10 23:19:32.0225 1452 sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys
2011/05/10 23:19:32.0257 1452 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/05/10 23:19:32.0282 1452 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/05/10 23:19:32.0372 1452 Smb (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys
2011/05/10 23:19:32.0420 1452 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
2011/05/10 23:19:32.0480 1452 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
2011/05/10 23:19:32.0548 1452 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
2011/05/10 23:19:32.0563 1452 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
2011/05/10 23:19:32.0612 1452 swenum (3b80b4383c9bce13279c8482734b32b2) C:\Windows\system32\DRIVERS\swenum.sys
2011/05/10 23:19:32.0659 1452 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/05/10 23:19:32.0687 1452 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/05/10 23:19:32.0710 1452 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/05/10 23:19:32.0855 1452 Tcpip (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys
2011/05/10 23:19:32.0889 1452 Tcpip6 (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys
2011/05/10 23:19:32.0934 1452 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
2011/05/10 23:19:32.0968 1452 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
2011/05/10 23:19:32.0991 1452 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
2011/05/10 23:19:33.0052 1452 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
2011/05/10 23:19:33.0132 1452 TermDD (849ed71967d45f15c3e0abfc633fdf2a) C:\Windows\system32\DRIVERS\termdd.sys
2011/05/10 23:19:33.0190 1452 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/05/10 23:19:33.0245 1452 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
2011/05/10 23:19:33.0257 1452 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
2011/05/10 23:19:33.0285 1452 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/05/10 23:19:33.0323 1452 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
2011/05/10 23:19:33.0364 1452 uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys
2011/05/10 23:19:33.0403 1452 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/05/10 23:19:33.0425 1452 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/05/10 23:19:33.0466 1452 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/05/10 23:19:33.0511 1452 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
2011/05/10 23:19:33.0561 1452 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\Windows\system32\Drivers\usbaapl.sys
2011/05/10 23:19:33.0586 1452 usbccgp (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/05/10 23:19:33.0630 1452 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/05/10 23:19:33.0689 1452 usbehci (11fa3acbf0de0286829c69e01fe705e4) C:\Windows\system32\DRIVERS\usbehci.sys
2011/05/10 23:19:33.0723 1452 usbhub (6a7858a38b5105731e219e7c6a238730) C:\Windows\system32\DRIVERS\usbhub.sys
2011/05/10 23:19:33.0758 1452 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/05/10 23:19:33.0783 1452 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\DRIVERS\usbprint.sys
2011/05/10 23:19:33.0805 1452 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/05/10 23:19:33.0831 1452 usbuhci (4013315fed70a2d293b998cbba4022ee) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/05/10 23:19:33.0886 1452 utm5ndm3 (524d8d450622db4a7875b111c299a76b) C:\Windows\system32\Drivers\utm5ndm3.sys
2011/05/10 23:19:33.0918 1452 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/05/10 23:19:33.0966 1452 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
2011/05/10 23:19:34.0011 1452 viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys
2011/05/10 23:19:34.0044 1452 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/05/10 23:19:34.0080 1452 viaide (c0ace9d0f5a5ee0b00f58345947a57fc) C:\Windows\system32\drivers\viaide.sys
2011/05/10 23:19:34.0170 1452 volmgr (fd16fac15f9f165ac19a618e7b391f5c) C:\Windows\system32\drivers\volmgr.sys
2011/05/10 23:19:34.0258 1452 volmgrx (420c48e593b9520c2dee45d671f923e1) C:\Windows\system32\drivers\volmgrx.sys
2011/05/10 23:19:34.0333 1452 volsnap (11ef6c1caef76b685233450a126125d6) C:\Windows\system32\drivers\volsnap.sys
2011/05/10 23:19:34.0384 1452 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/05/10 23:19:34.0418 1452 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/05/10 23:19:34.0488 1452 Wanarp (6e1a5be9a0605f3d932ff35fba2b22b3) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/10 23:19:34.0521 1452 Wanarpv6 (6e1a5be9a0605f3d932ff35fba2b22b3) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/10 23:19:34.0555 1452 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/05/10 23:19:34.0639 1452 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys
2011/05/10 23:19:34.0722 1452 winachsf (6d2350bb6e77e800fc4be4e5b7a2e89a) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
2011/05/10 23:19:34.0819 1452 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
2011/05/10 23:19:34.0901 1452 WpdUsb (2d27171b16a577ef14c1273668753485) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/05/10 23:19:34.0958 1452 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
2011/05/10 23:19:35.0002 1452 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/05/10 23:19:35.0049 1452 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys
2011/05/10 23:19:35.0096 1452 ================================================================================
2011/05/10 23:19:35.0097 1452 Scan finished
2011/05/10 23:19:35.0097 1452 ================================================================================
2011/05/10 23:20:11.0036 1876 ================================================================================
2011/05/10 23:20:11.0037 1876 Scan started
2011/05/10 23:20:11.0037 1876 Mode: Manual;
2011/05/10 23:20:11.0037 1876 ================================================================================
2011/05/10 23:20:11.0254 1876 ACPI (192bdbd1540645c4a2aa69f24cce197f) C:\Windows\system32\drivers\acpi.sys
2011/05/10 23:20:11.0312 1876 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/05/10 23:20:11.0347 1876 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/05/10 23:20:11.0368 1876 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/05/10 23:20:11.0393 1876 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/05/10 23:20:11.0477 1876 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
2011/05/10 23:20:11.0512 1876 agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys
2011/05/10 23:20:11.0546 1876 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/05/10 23:20:11.0575 1876 aliide (5c42a992e68724d2cd3ddb4fc3b0409f) C:\Windows\system32\drivers\aliide.sys
2011/05/10 23:20:11.0606 1876 amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys
2011/05/10 23:20:11.0635 1876 amdide (849dfacdde533da5d1810f0caf84eb19) C:\Windows\system32\drivers\amdide.sys
2011/05/10 23:20:11.0659 1876 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/05/10 23:20:11.0686 1876 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/05/10 23:20:11.0765 1876 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/05/10 23:20:11.0799 1876 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/05/10 23:20:11.0830 1876 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/05/10 23:20:11.0881 1876 atapi (9e7e85ec61d1c9c3171cc08427108863) C:\Windows\system32\drivers\atapi.sys
2011/05/10 23:20:11.0944 1876 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
2011/05/10 23:20:12.0011 1876 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
2011/05/10 23:20:12.0042 1876 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/05/10 23:20:12.0074 1876 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/05/10 23:20:12.0104 1876 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/05/10 23:20:12.0135 1876 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/05/10 23:20:12.0159 1876 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/05/10 23:20:12.0176 1876 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/05/10 23:20:12.0208 1876 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/05/10 23:20:12.0247 1876 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\Windows\system32\drivers\BVRPMPR5.SYS
2011/05/10 23:20:12.0362 1876 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
2011/05/10 23:20:12.0398 1876 cdrbsdrv (e0042bd5bef17a6a3ef1df576bde24d1) C:\Windows\system32\drivers\cdrbsdrv.sys
2011/05/10 23:20:12.0474 1876 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
2011/05/10 23:20:12.0506 1876 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/05/10 23:20:12.0548 1876 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
2011/05/10 23:20:12.0585 1876 cmdide (de11a06e187756ecb86cfa82dac40ff7) C:\Windows\system32\drivers\cmdide.sys
2011/05/10 23:20:12.0612 1876 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
2011/05/10 23:20:12.0662 1876 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/05/10 23:20:12.0686 1876 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/05/10 23:20:12.0782 1876 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
2011/05/10 23:20:12.0856 1876 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
2011/05/10 23:20:12.0902 1876 dot4 (57b2d433a08b95e4f1b53a919937f3e5) C:\Windows\system32\DRIVERS\Dot4.sys
2011/05/10 23:20:12.0935 1876 Dot4Print (d93fa484bb62fbe7e5ef335c5415d3cf) C:\Windows\system32\DRIVERS\Dot4Prt.sys
2011/05/10 23:20:12.0956 1876 Dot4Scan (8455e3fb3738ef33f0c6073a3efa013e) C:\Windows\system32\DRIVERS\Dot4Scan.sys
2011/05/10 23:20:12.0986 1876 dot4usb (599742c4260fb3e8edb3be148b8ce856) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/05/10 23:20:13.0012 1876 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
2011/05/10 23:20:13.0109 1876 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
2011/05/10 23:20:13.0153 1876 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\Windows\system32\DRIVERS\dsunidrv.sys
2011/05/10 23:20:13.0200 1876 DXGKrnl (f032a2f91287a0b800891c7bef9ca7a8) C:\Windows\System32\drivers\dxgkrnl.sys
2011/05/10 23:20:13.0246 1876 e1express (04944f4fc4f0477185f5d26ae0ddb90e) C:\Windows\system32\DRIVERS\e1e6032.sys
2011/05/10 23:20:13.0285 1876 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/05/10 23:20:13.0376 1876 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
2011/05/10 23:20:13.0428 1876 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/05/10 23:20:13.0503 1876 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
2011/05/10 23:20:13.0535 1876 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/05/10 23:20:13.0582 1876 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
2011/05/10 23:20:13.0615 1876 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
2011/05/10 23:20:13.0639 1876 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/05/10 23:20:13.0701 1876 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
2011/05/10 23:20:13.0759 1876 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
2011/05/10 23:20:13.0793 1876 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/05/10 23:20:13.0831 1876 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2011/05/10 23:20:13.0887 1876 grmnusb (6003bc70f1a8307262bd3c941bda0b7e) C:\Windows\system32\drivers\grmnusb.sys
2011/05/10 23:20:13.0934 1876 HDAudBus (ffb271303ba3c59d9c97b7af1175de95) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/05/10 23:20:13.0961 1876 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/05/10 23:20:13.0990 1876 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/05/10 23:20:14.0033 1876 HidUsb (01e7971e9f4bd6ac6a08db52d0ea0418) C:\Windows\system32\DRIVERS\hidusb.sys
2011/05/10 23:20:14.0068 1876 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/05/10 23:20:14.0126 1876 HSF_DPV (53229dcf431d76434816cd29251168a0) C:\Windows\system32\DRIVERS\HSX_DPV.sys
2011/05/10 23:20:14.0173 1876 HSXHWBS2 (ed98350ecd4a5a9c9f1e641c09872bb2) C:\Windows\system32\DRIVERS\HSXHWBS2.sys
2011/05/10 23:20:14.0225 1876 HTTP (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys
2011/05/10 23:20:14.0252 1876 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/05/10 23:20:14.0294 1876 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/05/10 23:20:14.0343 1876 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
2011/05/10 23:20:14.0402 1876 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/05/10 23:20:14.0483 1876 igfx (4b1ac83548269f1829803b4c88be6c83) C:\Windows\system32\DRIVERS\igdkmd32.sys
2011/05/10 23:20:14.0540 1876 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/05/10 23:20:14.0607 1876 IntcAzAudAddService (4eae74c8bcbca309a5d7cbad7e231427) C:\Windows\system32\drivers\RTKVHDA.sys
2011/05/10 23:20:14.0667 1876 intelide (1b16626beae3a52e611fc681cd796f86) C:\Windows\system32\DRIVERS\intelide.sys
2011/05/10 23:20:14.0700 1876 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
2011/05/10 23:20:14.0736 1876 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/05/10 23:20:14.0783 1876 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/05/10 23:20:14.0814 1876 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
2011/05/10 23:20:14.0853 1876 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
2011/05/10 23:20:14.0883 1876 isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys
2011/05/10 23:20:14.0934 1876 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/05/10 23:20:14.0955 1876 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/05/10 23:20:14.0975 1876 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/05/10 23:20:15.0037 1876 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/05/10 23:20:15.0067 1876 kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/05/10 23:20:15.0178 1876 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
2011/05/10 23:20:15.0248 1876 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
2011/05/10 23:20:15.0316 1876 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/05/10 23:20:15.0364 1876 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/05/10 23:20:15.0416 1876 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/05/10 23:20:15.0474 1876 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
2011/05/10 23:20:15.0523 1876 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
2011/05/10 23:20:15.0551 1876 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/05/10 23:20:15.0595 1876 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
2011/05/10 23:20:15.0630 1876 monitor (ec839ba91e45cce6eadafc418fff8206) C:\Windows\system32\DRIVERS\monitor.sys
2011/05/10 23:20:15.0673 1876 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
2011/05/10 23:20:15.0727 1876 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
2011/05/10 23:20:15.0806 1876 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
2011/05/10 23:20:15.0857 1876 MpFilter (7e34bfa1a7b60bba1da03d677f16cd63) C:\Windows\system32\DRIVERS\MpFilter.sys
2011/05/10 23:20:15.0878 1876 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/05/10 23:20:16.0803 1876 MpNWMon (f32e2d6a1640a469a9ed4f1929a4a861) C:\Windows\system32\DRIVERS\MpNWMon.sys
2011/05/10 23:20:16.0833 1876 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
2011/05/10 23:20:16.0874 1876 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/05/10 23:20:16.0949 1876 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
2011/05/10 23:20:17.0029 1876 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
2011/05/10 23:20:17.0084 1876 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
2011/05/10 23:20:17.0144 1876 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/05/10 23:20:17.0170 1876 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/05/10 23:20:17.0190 1876 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/05/10 23:20:17.0220 1876 msahci (0d1c042188ffe61a702a9df5944de5ba) C:\Windows\system32\drivers\msahci.sys
2011/05/10 23:20:17.0267 1876 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/05/10 23:20:17.0322 1876 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
2011/05/10 23:20:17.0364 1876 msisadrv (207df26dbb2537c20276da0e15892274) C:\Windows\system32\drivers\msisadrv.sys
2011/05/10 23:20:17.0405 1876 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
2011/05/10 23:20:17.0435 1876 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/05/10 23:20:17.0462 1876 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
2011/05/10 23:20:17.0494 1876 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
2011/05/10 23:20:17.0521 1876 mssmbios (7dbaa028f625aa46b95dda4fbe4b602b) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/05/10 23:20:17.0550 1876 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
2011/05/10 23:20:17.0600 1876 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
2011/05/10 23:20:17.0633 1876 NativeWifiP (497de786240303ee67ab01f5690c24c2) C:\Windows\system32\DRIVERS\nwifi.sys
2011/05/10 23:20:17.0728 1876 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
2011/05/10 23:20:17.0760 1876 NdisTapi (7584f1794b23b83d63cc124a8c56d103) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/05/10 23:20:17.0792 1876 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/05/10 23:20:17.0816 1876 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/05/10 23:20:17.0838 1876 NDProxy (874c12e3ad1431cabc854697d302c563) C:\Windows\system32\drivers\NDProxy.sys
2011/05/10 23:20:17.0898 1876 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
2011/05/10 23:20:17.0955 1876 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
2011/05/10 23:20:17.0995 1876 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/05/10 23:20:18.0053 1876 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
2011/05/10 23:20:18.0087 1876 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
2011/05/10 23:20:18.0143 1876 Ntfs (3f379380a4a2637f559444e338cf1b51) C:\Windows\system32\drivers\Ntfs.sys
2011/05/10 23:20:18.0168 1876 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/05/10 23:20:18.0220 1876 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
2011/05/10 23:20:18.0269 1876 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
2011/05/10 23:20:18.0297 1876 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/05/10 23:20:18.0346 1876 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/05/10 23:20:18.0373 1876 nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys
2011/05/10 23:20:18.0443 1876 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
2011/05/10 23:20:18.0521 1876 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/05/10 23:20:18.0595 1876 partmgr (84be786f33fdbd8765e05df3b7f5b9e6) C:\Windows\system32\drivers\partmgr.sys
2011/05/10 23:20:18.0614 1876 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/05/10 23:20:18.0681 1876 pci (bdd96f9cf34d58958aff1be6ef4c8020) C:\Windows\system32\drivers\pci.sys
2011/05/10 23:20:18.0706 1876 pciide (54d23dc5b5072311116826fdb7f6e83e) C:\Windows\system32\drivers\pciide.sys
2011/05/10 23:20:18.0750 1876 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/05/10 23:20:18.0794 1876 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
2011/05/10 23:20:18.0933 1876 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/05/10 23:20:19.0041 1876 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys
2011/05/10 23:20:19.0075 1876 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/05/10 23:20:19.0163 1876 PSched (b74edf14453c9987e99e66535047ebee) C:\Windows\system32\DRIVERS\pacer.sys
2011/05/10 23:20:19.0216 1876 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\Windows\system32\Drivers\PxHelp20.sys
2011/05/10 23:20:19.0269 1876 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/05/10 23:20:19.0296 1876 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/05/10 23:20:19.0328 1876 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
2011/05/10 23:20:19.0426 1876 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/05/10 23:20:19.0474 1876 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
2011/05/10 23:20:19.0500 1876 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/05/10 23:20:19.0529 1876 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/05/10 23:20:19.0634 1876 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
2011/05/10 23:20:19.0684 1876 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/05/10 23:20:19.0728 1876 rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys
2011/05/10 23:20:19.0759 1876 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
2011/05/10 23:20:19.0797 1876 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
2011/05/10 23:20:19.0878 1876 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
2011/05/10 23:20:19.0915 1876 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/05/10 23:20:19.0979 1876 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/05/10 23:20:20.0009 1876 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/05/10 23:20:20.0048 1876 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/05/10 23:20:20.0086 1876 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
2011/05/10 23:20:20.0130 1876 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys
2011/05/10 23:20:20.0158 1876 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
2011/05/10 23:20:20.0178 1876 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys
2011/05/10 23:20:20.0204 1876 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/05/10 23:20:20.0251 1876 sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys
2011/05/10 23:20:20.0284 1876 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/05/10 23:20:20.0309 1876 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/05/10 23:20:20.0399 1876 Smb (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys
2011/05/10 23:20:20.0447 1876 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
2011/05/10 23:20:20.0507 1876 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
2011/05/10 23:20:20.0558 1876 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
2011/05/10 23:20:20.0597 1876 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
2011/05/10 23:20:20.0638 1876 swenum (3b80b4383c9bce13279c8482734b32b2) C:\Windows\system32\DRIVERS\swenum.sys
2011/05/10 23:20:20.0669 1876 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/05/10 23:20:20.0697 1876 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/05/10 23:20:20.0745 1876 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/05/10 23:20:20.0924 1876 Tcpip (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys
2011/05/10 23:20:20.0965 1876 Tcpip6 (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys
2011/05/10 23:20:21.0027 1876 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
2011/05/10 23:20:21.0062 1876 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
2011/05/10 23:20:21.0101 1876 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
2011/05/10 23:20:21.0170 1876 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
2011/05/10 23:20:21.0234 1876 TermDD (849ed71967d45f15c3e0abfc633fdf2a) C:\Windows\system32\DRIVERS\termdd.sys
2011/05/10 23:20:21.0316 1876 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/05/10 23:20:21.0364 1876 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
2011/05/10 23:20:21.0397 1876 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
2011/05/10 23:20:21.0436 1876 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/05/10 23:20:21.0483 1876 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
2011/05/10 23:20:21.0540 1876 uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys
2011/05/10 23:20:21.0587 1876 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/05/10 23:20:21.0643 1876 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/05/10 23:20:21.0667 1876 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/05/10 23:20:21.0695 1876 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
2011/05/10 23:20:21.0754 1876 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\Windows\system32\Drivers\usbaapl.sys
2011/05/10 23:20:21.0788 1876 usbccgp (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/05/10 23:20:21.0815 1876 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/05/10 23:20:21.0866 1876 usbehci (11fa3acbf0de0286829c69e01fe705e4) C:\Windows\system32\DRIVERS\usbehci.sys
2011/05/10 23:20:21.0892 1876 usbhub (6a7858a38b5105731e219e7c6a238730) C:\Windows\system32\DRIVERS\usbhub.sys
2011/05/10 23:20:21.0917 1876 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/05/10 23:20:21.0943 1876 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\DRIVERS\usbprint.sys
2011/05/10 23:20:21.0982 1876 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/05/10 23:20:21.0999 1876 usbuhci (4013315fed70a2d293b998cbba4022ee) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/05/10 23:20:22.0046 1876 utm5ndm3 (524d8d450622db4a7875b111c299a76b) C:\Windows\system32\Drivers\utm5ndm3.sys
2011/05/10 23:20:22.0095 1876 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/05/10 23:20:22.0143 1876 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
2011/05/10 23:20:22.0171 1876 viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys
2011/05/10 23:20:22.0221 1876 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/05/10 23:20:22.0264 1876 viaide (c0ace9d0f5a5ee0b00f58345947a57fc) C:\Windows\system32\drivers\viaide.sys
2011/05/10 23:20:22.0338 1876 volmgr (fd16fac15f9f165ac19a618e7b391f5c) C:\Windows\system32\drivers\volmgr.sys
2011/05/10 23:20:22.0409 1876 volmgrx (420c48e593b9520c2dee45d671f923e1) C:\Windows\system32\drivers\volmgrx.sys
2011/05/10 23:20:22.0485 1876 volsnap (11ef6c1caef76b685233450a126125d6) C:\Windows\system32\drivers\volsnap.sys
2011/05/10 23:20:22.0543 1876 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/05/10 23:20:22.0595 1876 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/05/10 23:20:22.0640 1876 Wanarp (6e1a5be9a0605f3d932ff35fba2b22b3) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/10 23:20:22.0656 1876 Wanarpv6 (6e1a5be9a0605f3d932ff35fba2b22b3) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/10 23:20:22.0698 1876 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/05/10 23:20:22.0791 1876 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys
2011/05/10 23:20:22.0874 1876 winachsf (6d2350bb6e77e800fc4be4e5b7a2e89a) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
2011/05/10 23:20:22.0946 1876 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
2011/05/10 23:20:23.0028 1876 WpdUsb (2d27171b16a577ef14c1273668753485) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/05/10 23:20:23.0052 1876 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
2011/05/10 23:20:23.0104 1876 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/05/10 23:20:23.0151 1876 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys
2011/05/10 23:20:23.0198 1876 ================================================================================
2011/05/10 23:20:23.0198 1876 Scan finished
2011/05/10 23:20:23.0198 1876 ================================================================================

[emeraldnzl]

Hi md262,

I wanted to point out that our computer keeps logging me off on its own. When I restart the computer, it continues to go through the bootup process but never finishes and keeps restarting in an endless cycle. I finally rebooted in safe mode so at least the computer is able to operate

I have just seen this... we must have cross posted.

See if you can carry out the action in my last post.

If the problem persists after that try booting to Last Known good Configuration instead of Safe Mode.

Tell me how you get on.

[emeraldnzl]

Cross posted again.

Are you still having the rebooting problem?

[md262]

Sorry...Yes, still having the rebooting problem. Computer seems to only be able run now in safe mode.

[emeraldnzl]

I see you have used ComboFix.

Please run it and post the log it produces back here. If it wants to update allow it to do so.

Note: I have to go out shortly to a meeting, I will be back in about 3 hours. I will check in when I get back.

[md262]

Thanks. Below is the combofix log:


ComboFix 11-05-10.02 - jklm 05/11/2011 5:53.10.2 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.2037.1489 [GMT -7:00]
Running from: c:\users\jklm\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-04-11 to 2011-05-11 )))))))))))))))))))))))))))))))
.
.
2011-05-11 13:00 . 2011-05-11 13:00 -------- d-----w- c:\users\jklm\AppData\Local\temp
2011-05-11 13:00 . 2011-05-11 13:00 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-05-11 13:00 . 2011-05-11 13:00 -------- d-----w- c:\users\Michael\AppData\Local\temp
2011-05-11 13:00 . 2011-05-11 13:00 -------- d-----w- c:\users\Leslie\AppData\Local\temp
2011-05-11 13:00 . 2011-05-11 13:00 -------- d-----w- c:\users\Kayla\AppData\Local\temp
2011-05-11 13:00 . 2011-05-11 13:00 -------- d-----w- c:\users\Jenna\AppData\Local\temp
2011-05-11 13:00 . 2011-05-11 13:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-11 06:45 . 2011-04-11 07:04 7071056 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0612ACE9-2A5F-495D-9F14-7E451F93ABE8}\mpengine.dll
2011-05-11 02:44 . 2011-05-11 02:44 -------- d-----w- C:\_OTL
2011-05-08 05:20 . 2011-05-08 05:20 -------- d-----w- c:\program files\ESET
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-11 07:04 . 2011-02-11 02:50 7071056 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-02-19 22:21 . 2011-02-09 13:44 7168 ----a-w- c:\windows\system32\drivers\utm5ndm3.sys
2011-02-12 23:30 . 2011-02-12 23:30 2048 ----a-w- c:\windows\system32\tzres.dll
2011-02-12 23:29 . 2011-02-12 23:29 396800 ----a-w- c:\windows\system32\drivers\http.sys
2011-02-12 23:29 . 2011-02-12 23:29 31232 ----a-w- c:\windows\system32\httpapi.dll
2011-02-12 23:29 . 2011-02-12 23:29 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-07-21 20:18 . 2010-07-21 20:18 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

<pre>
c:\program files\ATT-SST\McciTrayApp .exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier .exe
c:\program files\Common Files\InstallShield\UpdateService\issch .exe
c:\program files\Google\Google Desktop Search\GoogleDesktop .exe
c:\program files\Hewlett-Packard\OrderReminder\OrderReminder .exe
c:\program files\iTunes\iTunesHelper .exe
c:\program files\Malwarebytes' Anti-Malware\mbam .exe
c:\program files\Microsoft Security Client\msseces .exe
c:\program files\QuickTime\QTTask .exe
</pre>

.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="oobefldr.dll" [2006-11-02 2159104]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-25 68856]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-05-11 4452352]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-04-14 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-04-14 154392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-04-14 138008]
"dscactivate"="c:\dell\dsca.exe" [2007-07-30 16384]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 221184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
"<NO NAME>"="" [N/A]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
Auto run of VideoCam Suite 1.0.lnk - c:\program files\Panasonic\VideoCamSuite\VideoCamSuiteAutoStart.exe [2010-5-31 161160]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-9-5 50688]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R1 MpKsl05122a8b;MpKsl05122a8b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl05122a8b.sys [x]
R1 MpKsl05671e18;MpKsl05671e18;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl05671e18.sys [x]
R1 MpKsl0d686f1d;MpKsl0d686f1d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl0d686f1d.sys [x]
R1 MpKsl105993f9;MpKsl105993f9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl105993f9.sys [x]
R1 MpKsl131d5cbc;MpKsl131d5cbc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl131d5cbc.sys [x]
R1 MpKsl15459026;MpKsl15459026;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl15459026.sys [x]
R1 MpKsl16dc691b;MpKsl16dc691b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl16dc691b.sys [x]
R1 MpKsl1827f77f;MpKsl1827f77f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl1827f77f.sys [x]
R1 MpKsl1f57339a;MpKsl1f57339a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl1f57339a.sys [x]
R1 MpKsl226f02db;MpKsl226f02db;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl226f02db.sys [x]
R1 MpKsl25a6d2fb;MpKsl25a6d2fb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl25a6d2fb.sys [x]
R1 MpKsl263c93b2;MpKsl263c93b2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl263c93b2.sys [x]
R1 MpKsl383ff3de;MpKsl383ff3de;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl383ff3de.sys [x]
R1 MpKsl39cccd03;MpKsl39cccd03;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl39cccd03.sys [x]
R1 MpKsl39d542ce;MpKsl39d542ce;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl39d542ce.sys [x]
R1 MpKsl3b5093e9;MpKsl3b5093e9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl3b5093e9.sys [x]
R1 MpKsl3c50334b;MpKsl3c50334b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl3c50334b.sys [x]
R1 MpKsl464c6428;MpKsl464c6428;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl464c6428.sys [x]
R1 MpKsl4f8c8453;MpKsl4f8c8453;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl4f8c8453.sys [x]
R1 MpKsl51d3b77d;MpKsl51d3b77d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl51d3b77d.sys [x]
R1 MpKsl5202f2fa;MpKsl5202f2fa;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl5202f2fa.sys [x]
R1 MpKsl5c5b17aa;MpKsl5c5b17aa;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl5c5b17aa.sys [x]
R1 MpKsl61579ca0;MpKsl61579ca0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl61579ca0.sys [x]
R1 MpKsl6b3411d5;MpKsl6b3411d5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl6b3411d5.sys [x]
R1 MpKsl7f7a024f;MpKsl7f7a024f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl7f7a024f.sys [x]
R1 MpKsl93d52003;MpKsl93d52003;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl93d52003.sys [x]
R1 MpKsl94b85baa;MpKsl94b85baa;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl94b85baa.sys [x]
R1 MpKsl9b3b6fe3;MpKsl9b3b6fe3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl9b3b6fe3.sys [x]
R1 MpKsl9f057cca;MpKsl9f057cca;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsl9f057cca.sys [x]
R1 MpKsla2e7b1eb;MpKsla2e7b1eb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsla2e7b1eb.sys [x]
R1 MpKsla57f232b;MpKsla57f232b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsla57f232b.sys [x]
R1 MpKslb0a41b36;MpKslb0a41b36;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKslb0a41b36.sys [x]
R1 MpKslb29da2e4;MpKslb29da2e4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKslb29da2e4.sys [x]
R1 MpKslbbff5934;MpKslbbff5934;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKslbbff5934.sys [x]
R1 MpKslbcbe5725;MpKslbcbe5725;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKslbcbe5725.sys [x]
R1 MpKslc93dacc6;MpKslc93dacc6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKslc93dacc6.sys [x]
R1 MpKslce548baa;MpKslce548baa;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKslce548baa.sys [x]
R1 MpKsld96ab5de;MpKsld96ab5de;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsld96ab5de.sys [x]
R1 MpKsldb52d373;MpKsldb52d373;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKsldb52d373.sys [x]
R1 MpKslde0596fa;MpKslde0596fa;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKslde0596fa.sys [x]
R1 MpKslf64432ad;MpKslf64432ad;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKslf64432ad.sys [x]
R1 MpKslfb0b5383;MpKslfb0b5383;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKslfb0b5383.sys [x]
R1 MpKslfb7ca551;MpKslfb7ca551;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E48D9C4-F3A5-4A9A-8DC0-2ADB3564A62C}\MpKslfb7ca551.sys [x]
R1 MpKslfc30cac7;MpKslfc30cac7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{78000E4D-1A6E-4C06-AF83-8434BF12C9F7}\MpKslfc30cac7.sys [x]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-03 135664]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-03 135664]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-25 43392]
R3 utm5ndm3;AVZ Kernel Driver;c:\windows\system32\Drivers\utm5ndm3.sys [2011-02-19 7168]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ECACHE
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-03 03:06]
.
2011-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-03 03:06]
.
2011-05-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2296283253-215777900-395999709-1000Core.job
- c:\users\jklm\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-10 08:32]
.
2011-05-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2296283253-215777900-395999709-1000UA.job
- c:\users\jklm\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-10 08:32]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2070905
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D1E1F7ED622A0E5D.dll/cmsidewiki.html
Trusted Zone: motive.com\pattta.att
Trusted Zone: motive.com\patttbc.att
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
FF - ProfilePath - c:\users\jklm\AppData\Roaming\Mozilla\Firefox\Profiles\k9fdndyk.default\
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-11 06:00
Windows 6.0.6000 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2011-05-11 06:01:22
ComboFix-quarantined-files.txt 2011-05-11 13:01
.
Pre-Run: 284,112,826,368 bytes free
Post-Run: 284,570,468,352 bytes free
.
- - End Of File - - 272084C222DD04C3FC5E56137218EE40

[emeraldnzl]

Hello md262,

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

KillAll::

RenV::
c:\program files\ATT-SST\McciTrayApp .exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier .exe
c:\program files\Common Files\InstallShield\UpdateService\issch .exe
c:\program files\Google\Google Desktop Search\GoogleDesktop .exe
c:\program files\Hewlett-Packard\OrderReminder\OrderReminder .exe
c:\program files\iTunes\iTunesHelper .exe
c:\program files\Malwarebytes' Anti-Malware\mbam .exe
c:\program files\Microsoft Security Client\msseces .exe
c:\program files\QuickTime\QTTask .exe

Reboot::

Save this as CFScript.txt, in the same location as ComboFix.exe



Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it will produce a log for you at C:\ComboFix.txt. Please post that here for further review.

[md262]

Thanks.

This text file was found under C:\Combofix\Combofix.txt:

ComboFix 11-05-11.01 - jklm 05/11/2011 21:18:31.10.2 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.2037.1496 [GMT -7:00]
Running from: C:\Users\jklm\Desktop\ComboFix.exe
Command switches used :: C:\Users\jklm\Desktop\cfscript.txt