Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

browser and google search redirecting to local advertisin

Started by y2krex , May 14 2011 08:21 AM

  • Please log in to reply

#1
y2krex
Posted 14 May 2011 - 08:21 AM

y2krex

    New Member

  • Member
  • Pip
  • 3 posts
Hey GUys,

i have a fairly new windows 7 64 bit machine and the browser started redirecting to local advertisements. i have treid Malwrare bytes, combofix, unhackme but nothing seems to fix it. ANy help would be greatly appreciated. below is my OTL log:


OTL logfile created on: 14/05/2011 10:14:04 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Wayne\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 79.00% Memory free
16.00 Gb Paging File | 14.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596.07 Gb Total Space | 543.36 Gb Free Space | 91.16% Space Free | Partition Type: NTFS
Drive D: | 566.83 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: HPPROBOOK | User Name: Motteram | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/14 22:13:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Wayne\Desktop\OTL.exe
PRC - [2011/04/15 17:43:20 | 007,797,112 | ---- | M] (TeamViewer GmbH) -- c:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
PRC - [2011/04/15 17:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011/04/15 17:43:20 | 002,038,648 | ---- | M] (TeamViewer GmbH) -- c:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Desktop.exe
PRC - [2011/04/15 17:14:10 | 000,108,408 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\tv_w32.exe
PRC - [2010/09/09 20:26:00 | 005,251,072 | ---- | M] (Telstra) -- C:\Program Files (x86)\Telstra\Mobile Broadband Manager\TelstraUCM.exe
PRC - [2010/03/03 18:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/03 18:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/02/26 08:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360 Premier Edition\Engine\4.3.0.5\ccsvchst.exe
PRC - [2009/12/11 15:57:38 | 011,265,536 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
PRC - [2009/12/11 15:57:20 | 000,297,984 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2009/11/04 11:46:56 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/11/04 11:46:54 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/09/04 11:35:14 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe


========== Modules (SafeList) ==========

MOD - [2011/05/14 22:13:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Wayne\Desktop\OTL.exe
MOD - [2011/04/15 17:14:10 | 000,050,552 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\tv_w32.dll
MOD - [2010/08/21 13:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009/07/14 09:15:07 | 000,149,019 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crtdll.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/08 10:05:34 | 000,271,360 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/08/05 02:22:44 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/07/16 13:03:58 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2009/12/16 12:48:12 | 000,102,968 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service)
SRV:64bit: - [2009/09/04 11:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/07/14 09:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 09:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/03/27 16:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV:64bit: - [2009/03/02 10:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2011/04/15 17:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010/09/02 10:53:08 | 000,308,080 | ---- | M] (Sierra Wireless, Inc.) [Auto | Running] -- C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe -- (SwiCardDetectSvc)
SRV - [2010/03/18 11:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 18:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2010/02/26 08:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton 360 Premier Edition\Engine\4.3.0.5\ccSvcHst.exe -- (N360)
SRV - [2009/12/11 15:57:20 | 000,297,984 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2009/11/04 11:46:56 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2009/11/04 11:46:54 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/05/14 20:23:42 | 000,020,040 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hitmanpro35.sys -- (hitmanpro35)
DRV:64bit: - [2011/05/01 16:52:40 | 000,173,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/04/13 15:04:38 | 000,045,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011/04/12 13:01:38 | 000,052,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)
DRV:64bit: - [2011/03/11 14:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 14:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/21 05:36:02 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/09/08 10:05:34 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/08/05 02:52:36 | 006,859,776 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/08/05 01:47:20 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/07/16 13:04:04 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2010/07/16 13:03:48 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2010/07/16 11:04:44 | 000,009,216 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV:64bit: - [2010/06/21 16:07:34 | 000,102,656 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\swiwdmbusx64.sys -- (swiwdmbus)
DRV:64bit: - [2010/06/21 15:51:30 | 000,210,944 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\swumxa3.sys -- (SWUMXA3) Sierra Wireless USB MUX Driver (UMTSA3)
DRV:64bit: - [2010/06/21 15:51:02 | 000,240,640 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\swnc8ua3.sys -- (SWNC8UA3) Sierra Wireless MUX NDIS Driver (UMTSA3)
DRV:64bit: - [2010/06/03 17:18:56 | 001,379,376 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/05/20 17:06:38 | 000,096,384 | ---- | M] (Realtek Semiconductor Corp.) [2 MP Fixed] [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvc.sys -- (rtsuvc)
DRV:64bit: - [2010/05/06 12:01:59 | 000,451,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symtdiv.sys -- (SYMTDIv)
DRV:64bit: - [2010/05/06 03:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/04/29 13:03:51 | 000,150,064 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010/04/22 11:02:20 | 000,221,232 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symefa64.sys -- (SymEFA)
DRV:64bit: - [2010/04/22 10:29:51 | 000,505,392 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2010/04/22 10:29:51 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2010/04/13 23:01:44 | 000,054,824 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2010/03/03 17:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/02/26 08:22:52 | 000,615,040 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\cchpx64.sys -- (ccHP)
DRV:64bit: - [2010/02/04 09:40:47 | 000,433,200 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symds64.sys -- (SymDS)
DRV:64bit: - [2009/12/31 18:04:57 | 000,360,712 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2009/11/11 13:11:00 | 000,232,480 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/09/23 09:46:18 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2009/09/23 09:32:39 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2009/09/23 09:32:33 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2009/09/22 00:47:14 | 001,484,800 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/09/17 10:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2009/09/17 09:56:24 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/09/17 09:56:16 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/09/17 09:56:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/09/17 09:56:10 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/08/13 09:20:46 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 09:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 08:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/11 04:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/19 05:17:08 | 000,034,152 | R--- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2011/05/10 07:38:25 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/05/10 07:38:25 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/05/02 05:13:12 | 001,828,984 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110513.037\EX64.SYS -- (NAVEX15)
DRV - [2011/05/02 05:13:12 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110513.037\ENG64.SYS -- (NAVENG)
DRV - [2011/04/26 16:27:36 | 000,476,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20110513.001\IDSviA64.sys -- (IDSVia64)
DRV - [2011/04/19 02:08:34 | 001,127,032 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20110430.001\BHDrvx64.sys -- (BHDrvx64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-au
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn\ [2011/05/02 05:13:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn\ [2011/05/01 16:54:46 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2011/05/14 22:10:21 | 000,000,002 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (File Sanitizer for HP ProtectTools) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [BigPondWirelessBroadbandCM] C:\Program Files (x86)\Telstra\Mobile Broadband Manager\TelstraUCM.exe (Telstra)
O4 - HKLM..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.109.65.137 213.109.72.205
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/14 22:13:51 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Wayne\Desktop\OTL.exe
[2011/05/14 20:40:15 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/05/14 20:38:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced IP Scanner v2
[2011/05/14 20:38:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Advanced IP Scanner v2
[2011/05/14 20:29:14 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\CrashDumps
[2011/05/14 20:09:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2011/05/14 20:09:20 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
[2011/05/14 17:41:49 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2011/05/09 10:13:04 | 000,135,168 | R--- | C] (ZTE Corporation) -- C:\Windows\SysNative\drivers\ZTEusbnet.sys
[2011/05/09 10:13:04 | 000,121,344 | R--- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys
[2011/05/09 10:13:04 | 000,121,344 | R--- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys
[2011/05/09 10:13:04 | 000,121,344 | R--- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys
[2011/05/09 10:13:01 | 000,102,656 | ---- | C] (Sierra Wireless Inc.) -- C:\Windows\SysNative\drivers\swiwdmbusx64.sys
[2011/05/09 10:13:00 | 000,210,944 | ---- | C] (Sierra Wireless Inc.) -- C:\Windows\SysNative\drivers\swumxa3.sys
[2011/05/09 10:12:58 | 000,240,640 | ---- | C] (Sierra Wireless Inc.) -- C:\Windows\SysNative\drivers\swnc8ua3.sys
[2011/05/09 10:12:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telstra
[2011/05/09 10:12:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Telstra
[2011/05/09 10:10:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sierra Wireless Inc
[2011/05/09 10:09:58 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Roaming\Sierra Wireless
[2011/05/09 10:09:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Sierra Wireless
[2011/05/09 10:00:24 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\ElevatedDiagnostics
[2011/05/09 08:50:01 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/05/08 15:20:26 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/05/08 15:15:47 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/05/08 12:37:25 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Roaming\Malwarebytes
[2011/05/08 12:37:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/05/08 12:37:19 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/05/08 11:33:26 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/05/08 10:58:23 | 000,000,000 | ---D | C] -- C:\Temp
[2011/05/07 12:01:47 | 000,000,000 | R--D | C] -- C:\Users\Wayne\Virtual Machines
[2011/05/07 11:56:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2011/05/07 11:47:54 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
[2011/05/07 11:47:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-TW
[2011/05/07 11:47:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-CN
[2011/05/07 11:47:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Virtual PC
[2011/05/07 11:47:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\tr-TR
[2011/05/07 11:47:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\th-TH
[2011/05/07 11:47:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\sv-SE
[2011/05/07 11:47:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ru-RU
[2011/05/07 11:47:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ro-RO
[2011/05/07 11:47:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-PT
[2011/05/07 11:47:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-BR
[2011/05/07 11:47:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pl-PL
[2011/05/07 11:47:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nl-NL
[2011/05/07 11:47:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nb-NO
[2011/05/07 11:47:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ko-KR
[2011/05/07 11:47:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ja-JP
[2011/05/07 11:47:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\it-IT
[2011/05/07 11:47:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\hu-HU
[2011/05/07 11:47:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\he-IL
[2011/05/07 11:47:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fr-FR
[2011/05/07 11:47:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fi-FI
[2011/05/07 11:47:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\es-ES
[2011/05/07 11:47:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\el-GR
[2011/05/07 11:47:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE
[2011/05/07 11:47:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\da-DK
[2011/05/07 11:47:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\cs-CZ
[2011/05/07 11:47:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ar-SA
[2011/05/07 11:07:04 | 000,000,000 | ---D | C] -- C:\Program Files\Windows XP Mode
[2011/05/07 10:21:50 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Roaming\TeamViewer
[2011/05/06 14:18:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse
[2011/05/06 14:17:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint
[2011/05/03 07:30:30 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJFax
[2011/05/03 06:22:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2011/05/03 06:20:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Network Utilities
[2011/05/03 06:20:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2011/05/03 06:19:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX860 series Manual
[2011/05/03 06:18:18 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2011/05/03 06:18:11 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2011/05/03 06:18:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX860 series
[2011/05/03 06:17:15 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2011/05/03 06:13:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2011/05/02 05:13:33 | 000,451,120 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symtdiv.sys
[2011/05/02 05:13:32 | 000,615,040 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\cchpx64.sys
[2011/05/02 05:13:32 | 000,505,392 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\srtsp64.sys
[2011/05/02 05:13:32 | 000,433,200 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symds64.sys
[2011/05/02 05:13:32 | 000,221,232 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symefa64.sys
[2011/05/02 05:13:32 | 000,150,064 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\ironx64.sys
[2011/05/02 05:13:32 | 000,032,304 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\srtspx64.sys
[2011/05/02 05:13:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64\0403000.005
[2011/05/01 19:20:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2011/05/01 18:58:36 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\Microsoft Games
[2011/05/01 18:23:24 | 000,000,000 | ---D | C] -- C:\Users\Wayne\Desktop\ARUSHA
[2011/05/01 18:08:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2011/05/01 18:03:58 | 000,000,000 | ---D | C] -- C:\Users\Wayne\Desktop\Motteram Management
[2011/05/01 17:56:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Autodesk
[2011/05/01 17:55:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
[2011/05/01 17:54:10 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Roaming\Autodesk
[2011/05/01 17:54:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoCAD 2004
[2011/05/01 17:36:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011/05/01 17:35:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2011/05/01 17:35:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2011/05/01 17:35:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011/05/01 17:35:06 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/05/01 17:31:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games
[2011/05/01 17:20:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/05/01 17:18:28 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\Microsoft Help
[2011/05/01 17:18:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2011/05/01 17:18:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011/05/01 17:17:21 | 000,000,000 | R--D | C] -- C:\MSOCache
[2011/05/01 16:52:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011/05/01 16:52:40 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2011/05/01 16:52:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2011/05/01 16:52:40 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2011/05/01 16:52:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64
[2011/05/01 16:52:30 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360 Premier Edition
[2011/05/01 16:52:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360 Premier Edition
[2011/05/01 16:52:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011/05/01 16:52:00 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2011/05/01 16:52:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2011/05/01 16:24:54 | 000,000,000 | ---D | C] -- C:\Users\Wayne\Documents\Outlook Data
[2011/05/01 16:10:36 | 000,000,000 | ---D | C] -- C:\Users\Wayne\Documents\Unzipped
[2011/05/01 16:10:36 | 000,000,000 | ---D | C] -- C:\Users\Wayne\Documents\Symantec
[2011/05/01 16:09:16 | 000,000,000 | --SD | C] -- C:\Users\Wayne\Documents\My Webs
[2011/05/01 16:09:16 | 000,000,000 | ---D | C] -- C:\Users\Wayne\Documents\Outlook Archived emails
[2011/05/01 16:08:14 | 000,000,000 | ---D | C] -- C:\Users\Wayne\Documents\My doc's - Work
[2011/05/01 16:08:11 | 000,000,000 | --SD | C] -- C:\Users\Wayne\Documents\My Data Sources
[2011/05/01 16:08:11 | 000,000,000 | ---D | C] -- C:\Users\Wayne\Documents\My doc's - Private
[2011/05/01 16:08:11 | 000,000,000 | ---D | C] -- C:\Users\Wayne\Documents\Downloads
[2011/05/01 16:07:38 | 000,581,632 | ---- | C] (Joshua F. Madison) -- C:\Users\Wayne\Documents\convert2.exe
[2011/05/01 16:05:02 | 000,000,000 | ---D | C] -- C:\Users\Wayne\Desktop\DESKTOP ITEMS
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/14 22:13:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Wayne\Desktop\OTL.exe
[2011/05/14 22:10:21 | 000,000,002 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/05/14 20:50:43 | 000,000,072 | ---- | M] () -- C:\Users\Wayne\advanced_ip_scanner_MAC.bin
[2011/05/14 20:38:27 | 001,413,818 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\Cat.DB
[2011/05/14 20:26:13 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/14 20:26:13 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/14 20:23:42 | 000,020,040 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2011/05/14 20:18:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/14 20:13:41 | 000,003,143 | ---- | M] () -- C:\Users\Wayne\Desktop\Autodesk Design Review 2010 (Windows XP Mode).lnk
[2011/05/14 20:09:46 | 000,003,145 | ---- | M] () -- C:\Users\Wayne\Desktop\AutoCAD 2010 - English (Windows XP Mode).lnk
[2011/05/14 11:49:40 | 000,730,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/05/14 11:49:40 | 000,633,494 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/05/14 11:49:40 | 000,112,576 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/05/09 20:32:05 | 000,001,437 | ---- | M] () -- C:\Users\Wayne\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/05/09 20:25:31 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/05/09 20:25:31 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011/05/09 10:13:26 | 000,002,109 | ---- | M] () -- C:\Users\Public\Desktop\Mobile Broadband Manager.lnk
[2011/05/08 16:19:06 | 000,001,165 | ---- | M] () -- C:\Users\Wayne\Desktop\Server - Work.lnk
[2011/05/07 11:52:19 | 000,413,368 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/05/06 14:18:03 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf
[2011/05/06 14:03:37 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01009.Wdf
[2011/05/06 10:35:20 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/05/05 05:49:58 | 000,001,133 | ---- | M] () -- C:\Users\Wayne\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2011/05/03 06:30:07 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/05/03 05:33:23 | 000,002,553 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2011/05/01 17:42:27 | 000,735,230 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/05/01 16:52:40 | 000,173,104 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2011/05/01 16:52:40 | 000,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2011/05/01 16:52:40 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/14 20:50:43 | 000,000,072 | ---- | C] () -- C:\Users\Wayne\advanced_ip_scanner_MAC.bin
[2011/05/14 20:20:02 | 000,003,145 | ---- | C] () -- C:\Users\Wayne\Desktop\AutoCAD 2010 - English (Windows XP Mode).lnk
[2011/05/14 20:19:47 | 000,003,143 | ---- | C] () -- C:\Users\Wayne\Desktop\Autodesk Design Review 2010 (Windows XP Mode).lnk
[2011/05/14 20:13:28 | 000,020,040 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2011/05/09 20:25:31 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/05/09 20:25:31 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011/05/09 10:13:26 | 000,002,109 | ---- | C] () -- C:\Users\Public\Desktop\Mobile Broadband Manager.lnk
[2011/05/07 11:56:43 | 000,001,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 6.lnk
[2011/05/06 14:18:03 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf
[2011/05/06 14:03:37 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01009.Wdf
[2011/05/06 10:35:20 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/05/03 06:30:07 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/05/03 06:18:01 | 000,014,592 | ---- | C] () -- C:\Windows\SysNative\CNC1735D.TBL
[2011/05/03 06:17:00 | 000,117,850 | ---- | C] () -- C:\Windows\SysNative\Cnmnput.chm
[2011/05/03 05:32:31 | 001,413,818 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\Cat.DB
[2011/05/02 05:13:33 | 000,007,787 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symnetv64.cat
[2011/05/02 05:13:33 | 000,001,473 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symnetv.inf
[2011/05/02 05:13:32 | 000,007,829 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symefa64.cat
[2011/05/02 05:13:32 | 000,007,414 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\srtspx64.cat
[2011/05/02 05:13:32 | 000,007,410 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\srtsp64.cat
[2011/05/02 05:13:32 | 000,007,406 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symds64.cat
[2011/05/02 05:13:32 | 000,007,402 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\iron.cat
[2011/05/02 05:13:32 | 000,007,368 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symnet64.cat
[2011/05/02 05:13:32 | 000,007,358 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\cchpx64.cat
[2011/05/02 05:13:32 | 000,003,373 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symefa.inf
[2011/05/02 05:13:32 | 000,002,793 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symds.inf
[2011/05/02 05:13:32 | 000,001,838 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\cchpx64.inf
[2011/05/02 05:13:32 | 000,001,445 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symnet.inf
[2011/05/02 05:13:32 | 000,001,437 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\srtsp64.inf
[2011/05/02 05:13:32 | 000,001,421 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\srtspx64.inf
[2011/05/02 05:13:32 | 000,000,771 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\iron.inf
[2011/05/02 05:13:13 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\isolate.ini
[2011/05/02 03:42:11 | 000,002,553 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2011/05/01 17:45:22 | 000,001,133 | ---- | C] () -- C:\Users\Wayne\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2011/05/01 17:42:27 | 000,735,230 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/05/01 16:52:40 | 000,007,440 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2011/05/01 16:52:40 | 000,000,854 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2011/05/01 16:07:38 | 000,310,924 | ---- | C] () -- C:\Users\Wayne\Documents\Motteram Pipe fittings1.dwg
[2011/05/01 16:07:38 | 000,288,336 | ---- | C] () -- C:\Users\Wayne\Documents\Motteram Pipe fittings1.bak
[2011/05/01 16:05:04 | 000,001,165 | ---- | C] () -- C:\Users\Wayne\Desktop\Server - Work.lnk
[2011/05/01 16:05:04 | 000,000,388 | ---- | C] () -- C:\Users\Wayne\Desktop\Server - Static Data.lnk
[2011/05/01 16:05:04 | 000,000,374 | ---- | C] () -- C:\Users\Wayne\Desktop\Server - Private.lnk
[2011/04/10 23:53:49 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/04/10 23:40:57 | 000,000,178 | ---- | C] () -- C:\Windows\SysWow64\HPPA.ini
[2010/06/02 15:28:14 | 000,002,189 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009/07/14 13:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 10:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 10:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 08:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 07:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 05:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/11 05:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011/05/01 17:54:10 | 000,000,000 | ---D | M] -- C:\Users\Wayne\AppData\Roaming\Autodesk
[2011/05/09 10:09:58 | 000,000,000 | ---D | M] -- C:\Users\Wayne\AppData\Roaming\Sierra Wireless
[2011/05/07 10:21:50 | 000,000,000 | ---D | M] -- C:\Users\Wayne\AppData\Roaming\TeamViewer
[2009/07/14 13:08:49 | 000,006,904 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
y2krex
Posted 14 May 2011 - 08:59 PM

y2krex

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
anyone able to help please?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP