[rickdeez]

Pls advise on how to proceed after running this OTL.....Thanks in advance for your help!


OTL logfile created on: 5/27/2011 5:02:27 PM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Tommy\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.80 Gb Total Physical Memory | 2.17 Gb Available Physical Memory | 57.05% Memory free
7.61 Gb Paging File | 5.75 Gb Available in Paging File | 75.56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284.60 Gb Total Space | 211.47 Gb Free Space | 74.31% Space Free | Partition Type: NTFS
Drive D: | 13.20 Gb Total Space | 2.19 Gb Free Space | 16.63% Space Free | Partition Type: NTFS
Drive E: | 99.34 Mb Total Space | 96.77 Mb Free Space | 97.42% Space Free | Partition Type: FAT32

Computer Name: TOMMY-PC | User Name: Tommy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/27 17:01:54 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Tommy\Desktop\OTL.exe
PRC - [2011/04/16 09:42:42 | 000,235,168 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10p_ActiveX.exe
PRC - [2011/04/05 14:19:16 | 002,692,024 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\NUA.exe
PRC - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe
PRC - [2009/10/07 02:56:44 | 000,415,016 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
PRC - [2009/10/06 03:08:42 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/10/01 00:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/10/01 00:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/09/04 17:35:14 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe


========== Modules (SafeList) ==========

MOD - [2011/05/27 17:01:54 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Tommy\Desktop\OTL.exe
MOD - [2010/11/20 07:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/10/21 03:35:26 | 000,240,640 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/09/04 17:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/08 17:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2009/03/03 06:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\AESTSr64.exe -- (AESTFilters)
SRV - [2010/09/30 17:44:46 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe -- (N360)
SRV - [2009/10/01 00:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2009/10/01 00:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 05:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/03 11:06:12 | 000,173,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/05/08 14:09:58 | 003,053,560 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/05/06 00:01:59 | 000,451,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symtdiv.sys -- (SYMTDIv)
DRV:64bit: - [2010/04/29 01:03:51 | 000,150,064 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010/04/21 23:02:20 | 000,221,232 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symefa64.sys -- (SymEFA)
DRV:64bit: - [2010/04/21 22:29:51 | 000,505,392 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2010/04/21 22:29:51 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2010/02/25 20:22:52 | 000,615,040 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\cchpx64.sys -- (ccHP)
DRV:64bit: - [2009/10/27 03:29:46 | 000,173,456 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PTUMWVsp.sys -- (PTUMWVsp)
DRV:64bit: - [2009/10/27 03:29:40 | 000,173,456 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PTUMWNSP.sys -- (PTUMWNSP)
DRV:64bit: - [2009/10/27 03:29:34 | 000,144,912 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PTUMWNET.sys -- (PTUMWNET)
DRV:64bit: - [2009/10/27 03:29:26 | 000,173,456 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PTUMWMdm.sys -- (PTUMWMdm)
DRV:64bit: - [2009/10/27 03:29:20 | 000,012,688 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PTUMWFLT.sys -- (PTUMWFLT)
DRV:64bit: - [2009/10/27 03:29:14 | 000,173,456 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PTUMWCSP.sys -- (PTUMWCSP)
DRV:64bit: - [2009/10/27 03:29:00 | 000,071,056 | ---- | M] (DEVGURU Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PTUMWBus.sys -- (PTUMWBus)
DRV:64bit: - [2009/10/21 03:35:26 | 000,501,760 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/10/14 23:50:05 | 000,433,200 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symds64.sys -- (SymDS)
DRV:64bit: - [2009/10/08 12:37:50 | 007,749,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/09/26 11:42:58 | 000,233,984 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2009/09/17 16:56:24 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/09/17 16:56:16 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/09/17 16:56:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/09/17 16:56:10 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/09/17 16:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2009/09/02 13:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/08/15 02:54:54 | 000,286,768 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/08/08 00:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/07/30 23:58:42 | 000,236,544 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/07/08 17:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2009/07/08 17:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2009/06/29 14:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 17:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 16:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel®
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/26 17:55:54 | 000,014,336 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpGmb001.sys -- (HpGmb001)
DRV:64bit: - [2009/05/18 18:17:08 | 000,034,152 | R--- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/04/29 12:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2007/01/18 16:10:22 | 000,030,336 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV - [2011/05/18 06:35:41 | 002,011,768 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110527.002\EX64.SYS -- (NAVEX15)
DRV - [2011/05/18 06:35:40 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110527.002\ENG64.SYS -- (NAVENG)
DRV - [2011/05/09 21:02:37 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/05/09 21:02:37 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/04/15 16:29:04 | 001,127,032 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20110518.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011/03/14 14:58:28 | 000,476,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20110526.002\IDSviA64.sys -- (IDSVia64)
DRV - [2009/09/02 13:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/05/25 15:43:58 | 000,043,032 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Verizon Wireless\VZAccess Manager\SMSIVZAM5X64.sys -- (SMSIVZAM5X64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/05/27 18:29:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2010/11/03 18:26:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\ [2010/11/03 11:06:53 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files (x86)\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll ()
O2 - BHO: (ALOT Toolbar Helper) - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Program Files (x86)\alot\bin\BHO\alotBHO.dll (Vertro)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files (x86)\BearShare Applications\MediaBar\DataMngr\IEBHO.dll (MusicLab, LLC)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files (x86)\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll ()
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (ALOT Toolbar) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files (x86)\alot\bin\alot.dll (Vertro)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HP Input Device Main Program] C:\Program Files\HP\HP Wireless Comfort Mobile Mouse\TSR\xDaemon.exe ()
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKCU..\Run: [NortonUpdateAgent] C:\ProgramData\Norton\NUA.exe (Symantec Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{920cc909-7ce1-11e0-aece-002713602dcc}\Shell - "" = AutoRun
O33 - MountPoints2\{920cc909-7ce1-11e0-aece-002713602dcc}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/27 17:01:48 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Tommy\Desktop\OTL.exe
[2011/05/26 12:03:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011/05/26 12:03:44 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/05/26 11:55:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Belarc
[2011/05/25 08:43:04 | 000,000,000 | ---D | C] -- C:\Users\Tommy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
[2011/05/13 09:06:28 | 000,000,000 | ---D | C] -- C:\Users\Tommy\AppData\Local\PackageAware
[2011/05/12 18:55:31 | 000,000,000 | ---D | C] -- C:\Users\Tommy\AppData\Roaming\U3
[2011/05/11 18:01:39 | 000,000,000 | ---D | C] -- C:\1d43ceda939093f0a76a8c93b21e
[2011/05/10 17:13:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2011/05/10 07:23:13 | 000,000,000 | ---D | C] -- C:\Users\Tommy\AppData\Roaming\Tific
[2011/05/10 03:51:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2011/05/10 03:50:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011/05/10 03:46:08 | 000,116,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2011/05/10 03:45:53 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2011/05/01 16:20:19 | 000,000,000 | ---D | C] -- C:\Users\Tommy\AppData\Local\{E0C3CF09-E353-4B39-9577-26011DCBADBE}
[2011/04/30 20:33:42 | 000,000,000 | ---D | C] -- C:\Users\Tommy\AppData\Local\{646CC6EF-FACE-48DB-8FE2-1DFF0F79BF97}
[2011/04/30 20:33:42 | 000,000,000 | ---D | C] -- C:\Users\Tommy\AppData\Local\{0BCC59D9-EB60-4986-B98E-23755E090A21}
[2011/04/30 20:33:32 | 000,000,000 | ---D | C] -- C:\Users\Tommy\AppData\Roaming\Windows Live Writer
[2011/04/30 20:33:32 | 000,000,000 | ---D | C] -- C:\Users\Tommy\AppData\Local\Windows Live Writer
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/27 17:01:54 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Tommy\Desktop\OTL.exe
[2011/05/27 16:27:32 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/27 16:27:32 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/27 16:21:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/27 09:32:16 | 000,001,940 | ---- | M] () -- C:\Users\Tommy\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/05/27 09:01:58 | 3063,046,144 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/26 12:12:52 | 000,351,632 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/05/26 12:09:28 | 000,151,044 | ---- | M] () -- C:\Users\Tommy\Documents\Backup Registry Changes.reg
[2011/05/26 12:03:45 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/05/26 11:55:57 | 000,002,068 | ---- | M] () -- C:\Users\Public\Desktop\Belarc Advisor.lnk
[2011/05/26 11:55:57 | 000,001,308 | ---- | M] () -- C:\Users\Tommy\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2011/05/14 09:50:59 | 000,740,374 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/05/14 09:50:59 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/05/14 09:50:59 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/05/13 17:48:07 | 000,002,675 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Office Word 2007.lnk
[2011/05/13 17:48:07 | 000,002,637 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Office Excel 2007.lnk
[2011/05/11 17:12:39 | 000,000,188 | ---- | M] () -- C:\Users\Tommy\Desktop\PartsTrain.com - Hard to Find Auto Parts and Truck Parts.url
[2011/05/10 09:01:16 | 000,000,175 | ---- | M] () -- C:\Users\Tommy\Desktop\Sign in to Yahoo!.url
[2011/05/10 05:58:47 | 000,001,441 | ---- | M] () -- C:\Users\Tommy\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/05/09 09:15:09 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForTommy.job
[2011/05/07 18:53:37 | 007,586,130 | ---- | M] () -- C:\Users\Tommy\Documents\The Crow And The Butterfly.mp3
[2011/05/07 18:53:33 | 000,006,341 | -HS- | M] () -- C:\Users\Tommy\Documents\Folder.jpg
[2011/05/07 18:53:33 | 000,006,341 | -HS- | M] () -- C:\Users\Tommy\Documents\AlbumArt_{CF951114-10B3-4CEF-96BF-48139539772F}_Large.jpg
[2011/05/07 18:53:33 | 000,001,900 | -HS- | M] () -- C:\Users\Tommy\Documents\AlbumArtSmall.jpg
[2011/05/07 18:53:33 | 000,001,900 | -HS- | M] () -- C:\Users\Tommy\Documents\AlbumArt_{CF951114-10B3-4CEF-96BF-48139539772F}_Small.jpg
[2011/05/07 17:11:55 | 005,081,747 | ---- | M] () -- C:\Users\Tommy\Documents\Love-Hate-Sex-Pain.mp3
[2011/05/07 17:09:04 | 006,255,051 | ---- | M] () -- C:\Users\Tommy\Documents\Goons Lurkin.mp3
[2011/05/07 17:09:00 | 000,023,842 | -HS- | M] () -- C:\Users\Tommy\Documents\AlbumArt_{24062C8F-57E2-482F-A912-5825208DE981}_Large.jpg
[2011/05/07 17:09:00 | 000,005,338 | -HS- | M] () -- C:\Users\Tommy\Documents\AlbumArt_{24062C8F-57E2-482F-A912-5825208DE981}_Small.jpg
[2011/05/07 17:08:41 | 000,010,452 | -HS- | M] () -- C:\Users\Tommy\Documents\AlbumArt_{F0C5CBD8-4B57-4E76-91F9-11E91E3C3117}_Large.jpg
[2011/05/07 17:08:41 | 000,002,501 | -HS- | M] () -- C:\Users\Tommy\Documents\AlbumArt_{F0C5CBD8-4B57-4E76-91F9-11E91E3C3117}_Small.jpg
[2011/05/07 16:57:18 | 006,310,833 | ---- | M] () -- C:\Users\Tommy\Documents\Hesitate.mp3
[2011/05/07 16:54:34 | 004,076,981 | ---- | M] () -- C:\Users\Tommy\Documents\The Animal.mp3
[2011/05/07 16:54:28 | 000,040,476 | -HS- | M] () -- C:\Users\Tommy\Documents\AlbumArt_{DE012779-84D1-42B7-AE44-B21628F0351A}_Large.jpg
[2011/05/07 16:54:28 | 000,007,920 | -HS- | M] () -- C:\Users\Tommy\Documents\AlbumArt_{DE012779-84D1-42B7-AE44-B21628F0351A}_Small.jpg
[2011/05/07 16:51:13 | 000,034,918 | -HS- | M] () -- C:\Users\Tommy\Documents\AlbumArt_{B64FAAA7-AA72-4D22-A84B-210D7D878A25}_Large.jpg
[2011/05/07 16:51:13 | 000,008,628 | -HS- | M] () -- C:\Users\Tommy\Documents\AlbumArt_{B64FAAA7-AA72-4D22-A84B-210D7D878A25}_Small.jpg
[2011/05/07 16:47:25 | 006,733,070 | ---- | M] () -- C:\Users\Tommy\Documents\Trap House.mp3
[2011/05/07 16:47:20 | 000,006,519 | -HS- | M] () -- C:\Users\Tommy\Documents\AlbumArt_{4B55432A-BED3-4F73-8EB1-7551087A1789}_Large.jpg
[2011/05/07 16:47:20 | 000,002,160 | -HS- | M] () -- C:\Users\Tommy\Documents\AlbumArt_{4B55432A-BED3-4F73-8EB1-7551087A1789}_Small.jpg
[2011/05/07 16:38:29 | 006,363,196 | ---- | M] () -- C:\Users\Tommy\Documents\Co-Defendant.mp3
[2011/05/07 16:38:25 | 000,013,625 | -HS- | M] () -- C:\Users\Tommy\Documents\AlbumArt_{6D71EC0F-AE07-4709-B82C-F22B3C813DA1}_Large.jpg
[2011/05/07 16:38:25 | 000,003,076 | -HS- | M] () -- C:\Users\Tommy\Documents\AlbumArt_{6D71EC0F-AE07-4709-B82C-F22B3C813DA1}_Small.jpg
[2011/05/07 16:27:02 | 000,010,307 | -HS- | M] () -- C:\Users\Tommy\Documents\AlbumArt_{78759844-C5BE-494C-9969-FCA5F08975D6}_Large.jpg
[2011/05/07 16:27:01 | 000,002,686 | -HS- | M] () -- C:\Users\Tommy\Documents\AlbumArt_{78759844-C5BE-494C-9969-FCA5F08975D6}_Small.jpg
[2011/05/07 09:37:04 | 005,506,653 | ---- | M] () -- C:\Users\Tommy\Documents\Scars.mp3
[2011/05/07 09:35:22 | 000,012,945 | -HS- | M] () -- C:\Users\Tommy\Documents\AlbumArt_{EA1D0A52-A771-4F4F-A793-8FD9012B4A90}_Large.jpg
[2011/05/07 09:35:22 | 000,002,888 | -HS- | M] () -- C:\Users\Tommy\Documents\AlbumArt_{EA1D0A52-A771-4F4F-A793-8FD9012B4A90}_Small.jpg
[2011/05/07 09:34:58 | 004,989,474 | ---- | M] () -- C:\Users\Tommy\Documents\Slither.mp3
[2011/05/07 09:34:50 | 000,006,517 | -HS- | M] () -- C:\Users\Tommy\Documents\AlbumArt_{8F2878A4-0565-4F83-96F0-92E9C1953C41}_Large.jpg
[2011/05/07 09:34:50 | 000,001,909 | -HS- | M] () -- C:\Users\Tommy\Documents\AlbumArt_{8F2878A4-0565-4F83-96F0-92E9C1953C41}_Small.jpg
[2011/05/07 09:33:37 | 004,052,734 | ---- | M] () -- C:\Users\Tommy\Documents\Isolation.mp3
[2011/05/07 09:31:58 | 000,011,795 | -HS- | M] () -- C:\Users\Tommy\Documents\AlbumArt_{32E88C54-EE6E-45B4-8CAD-C04BE2264989}_Large.jpg
[2011/05/07 09:31:58 | 000,002,134 | -HS- | M] () -- C:\Users\Tommy\Documents\AlbumArt_{32E88C54-EE6E-45B4-8CAD-C04BE2264989}_Small.jpg
[2011/05/07 09:31:35 | 005,881,057 | ---- | M] () -- C:\Users\Tommy\Documents\Never Too Late.mp3
[2011/05/07 09:31:31 | 000,006,542 | -HS- | M] () -- C:\Users\Tommy\Documents\AlbumArt_{DF781BF4-9A3A-44D7-946B-1BDCFF8779FD}_Large.jpg
[2011/05/07 09:31:30 | 000,002,033 | -HS- | M] () -- C:\Users\Tommy\Documents\AlbumArt_{DF781BF4-9A3A-44D7-946B-1BDCFF8779FD}_Small.jpg
[2011/05/07 09:31:16 | 006,825,383 | ---- | M] () -- C:\Users\Tommy\Documents\Savior.mp3
[2011/05/07 09:31:12 | 000,014,564 | -HS- | M] () -- C:\Users\Tommy\Documents\AlbumArt_{07D0747F-558E-46BB-8001-57A8C875DE50}_Large.jpg
[2011/05/07 09:31:12 | 000,003,565 | -HS- | M] () -- C:\Users\Tommy\Documents\AlbumArt_{07D0747F-558E-46BB-8001-57A8C875DE50}_Small.jpg
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/26 12:09:00 | 000,151,044 | ---- | C] () -- C:\Users\Tommy\Documents\Backup Registry Changes.reg
[2011/05/26 12:03:45 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/05/26 11:55:57 | 000,002,080 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk
[2011/05/26 11:55:57 | 000,002,068 | ---- | C] () -- C:\Users\Public\Desktop\Belarc Advisor.lnk
[2011/05/26 11:55:57 | 000,001,308 | ---- | C] () -- C:\Users\Tommy\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2011/05/21 11:38:16 | 000,001,940 | ---- | C] () -- C:\Users\Tommy\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/05/13 17:45:22 | 000,002,675 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Office Word 2007.lnk
[2011/05/13 17:45:22 | 000,002,637 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Office Excel 2007.lnk
[2011/05/10 05:58:37 | 000,001,447 | ---- | C] () -- C:\Users\Tommy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/05/10 03:46:56 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2011/05/10 03:46:39 | 000,281,600 | ---- | C] () -- C:\Windows\SysNative\DShowRdpFilter(2152).dll
[2011/05/10 03:45:39 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2011/05/10 03:45:29 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2011/05/10 03:45:29 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2011/05/10 03:45:17 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2011/05/07 18:53:33 | 000,006,341 | -HS- | C] () -- C:\Users\Tommy\Documents\AlbumArt_{CF951114-10B3-4CEF-96BF-48139539772F}_Large.jpg
[2011/05/07 18:53:33 | 000,001,900 | -HS- | C] () -- C:\Users\Tommy\Documents\AlbumArt_{CF951114-10B3-4CEF-96BF-48139539772F}_Small.jpg
[2011/05/07 17:09:00 | 000,023,842 | -HS- | C] () -- C:\Users\Tommy\Documents\AlbumArt_{24062C8F-57E2-482F-A912-5825208DE981}_Large.jpg
[2011/05/07 17:09:00 | 000,005,338 | -HS- | C] () -- C:\Users\Tommy\Documents\AlbumArt_{24062C8F-57E2-482F-A912-5825208DE981}_Small.jpg
[2011/05/07 17:08:41 | 000,010,452 | -HS- | C] () -- C:\Users\Tommy\Documents\AlbumArt_{F0C5CBD8-4B57-4E76-91F9-11E91E3C3117}_Large.jpg
[2011/05/07 17:08:41 | 000,002,501 | -HS- | C] () -- C:\Users\Tommy\Documents\AlbumArt_{F0C5CBD8-4B57-4E76-91F9-11E91E3C3117}_Small.jpg
[2011/05/07 16:54:28 | 000,040,476 | -HS- | C] () -- C:\Users\Tommy\Documents\AlbumArt_{DE012779-84D1-42B7-AE44-B21628F0351A}_Large.jpg
[2011/05/07 16:54:28 | 000,007,920 | -HS- | C] () -- C:\Users\Tommy\Documents\AlbumArt_{DE012779-84D1-42B7-AE44-B21628F0351A}_Small.jpg
[2011/05/07 16:51:13 | 000,034,918 | -HS- | C] () -- C:\Users\Tommy\Documents\AlbumArt_{B64FAAA7-AA72-4D22-A84B-210D7D878A25}_Large.jpg
[2011/05/07 16:51:13 | 000,008,628 | -HS- | C] () -- C:\Users\Tommy\Documents\AlbumArt_{B64FAAA7-AA72-4D22-A84B-210D7D878A25}_Small.jpg
[2011/05/07 16:47:20 | 000,006,519 | -HS- | C] () -- C:\Users\Tommy\Documents\AlbumArt_{4B55432A-BED3-4F73-8EB1-7551087A1789}_Large.jpg
[2011/05/07 16:47:20 | 000,002,160 | -HS- | C] () -- C:\Users\Tommy\Documents\AlbumArt_{4B55432A-BED3-4F73-8EB1-7551087A1789}_Small.jpg
[2011/05/07 16:38:25 | 000,013,625 | -HS- | C] () -- C:\Users\Tommy\Documents\AlbumArt_{6D71EC0F-AE07-4709-B82C-F22B3C813DA1}_Large.jpg
[2011/05/07 16:38:25 | 000,003,076 | -HS- | C] () -- C:\Users\Tommy\Documents\AlbumArt_{6D71EC0F-AE07-4709-B82C-F22B3C813DA1}_Small.jpg
[2011/05/07 16:27:02 | 000,010,307 | -HS- | C] () -- C:\Users\Tommy\Documents\AlbumArt_{78759844-C5BE-494C-9969-FCA5F08975D6}_Large.jpg
[2011/05/07 16:27:02 | 000,002,686 | -HS- | C] () -- C:\Users\Tommy\Documents\AlbumArt_{78759844-C5BE-494C-9969-FCA5F08975D6}_Small.jpg
[2011/05/07 09:35:22 | 000,012,945 | -HS- | C] () -- C:\Users\Tommy\Documents\AlbumArt_{EA1D0A52-A771-4F4F-A793-8FD9012B4A90}_Large.jpg
[2011/05/07 09:35:22 | 000,002,888 | -HS- | C] () -- C:\Users\Tommy\Documents\AlbumArt_{EA1D0A52-A771-4F4F-A793-8FD9012B4A90}_Small.jpg
[2011/05/07 09:34:50 | 000,006,517 | -HS- | C] () -- C:\Users\Tommy\Documents\AlbumArt_{8F2878A4-0565-4F83-96F0-92E9C1953C41}_Large.jpg
[2011/05/07 09:34:50 | 000,001,909 | -HS- | C] () -- C:\Users\Tommy\Documents\AlbumArt_{8F2878A4-0565-4F83-96F0-92E9C1953C41}_Small.jpg
[2011/05/07 09:31:58 | 000,011,795 | -HS- | C] () -- C:\Users\Tommy\Documents\AlbumArt_{32E88C54-EE6E-45B4-8CAD-C04BE2264989}_Large.jpg
[2011/05/07 09:31:58 | 000,002,134 | -HS- | C] () -- C:\Users\Tommy\Documents\AlbumArt_{32E88C54-EE6E-45B4-8CAD-C04BE2264989}_Small.jpg
[2011/05/07 09:31:31 | 000,006,542 | -HS- | C] () -- C:\Users\Tommy\Documents\AlbumArt_{DF781BF4-9A3A-44D7-946B-1BDCFF8779FD}_Large.jpg
[2011/05/07 09:31:31 | 000,002,033 | -HS- | C] () -- C:\Users\Tommy\Documents\AlbumArt_{DF781BF4-9A3A-44D7-946B-1BDCFF8779FD}_Small.jpg
[2011/05/07 09:31:12 | 000,014,564 | -HS- | C] () -- C:\Users\Tommy\Documents\AlbumArt_{07D0747F-558E-46BB-8001-57A8C875DE50}_Large.jpg
[2011/05/07 09:31:12 | 000,006,341 | -HS- | C] () -- C:\Users\Tommy\Documents\Folder.jpg
[2011/05/07 09:31:12 | 000,003,565 | -HS- | C] () -- C:\Users\Tommy\Documents\AlbumArt_{07D0747F-558E-46BB-8001-57A8C875DE50}_Small.jpg
[2011/05/07 09:31:12 | 000,001,900 | -HS- | C] () -- C:\Users\Tommy\Documents\AlbumArtSmall.jpg
[2011/05/07 09:20:47 | 004,989,474 | ---- | C] () -- C:\Users\Tommy\Documents\Slither.mp3
[2011/05/07 09:20:44 | 008,814,211 | ---- | C] () -- C:\Users\Tommy\Documents\Shine Down.mp3
[2011/05/07 09:20:41 | 006,708,596 | ---- | C] () -- C:\Users\Tommy\Documents\Second Chance.mp3
[2011/05/07 09:20:40 | 004,617,752 | ---- | C] () -- C:\Users\Tommy\Documents\Scream.mp3
[2011/05/07 09:20:37 | 006,489,456 | ---- | C] () -- C:\Users\Tommy\Documents\Schism.mp3
[2011/05/07 09:20:35 | 005,506,653 | ---- | C] () -- C:\Users\Tommy\Documents\Scars.mp3
[2011/05/07 09:20:32 | 006,825,383 | ---- | C] () -- C:\Users\Tommy\Documents\Savior.mp3
[2011/05/07 09:20:30 | 003,325,324 | ---- | C] () -- C:\Users\Tommy\Documents\Riot.mp3
[2011/05/07 09:20:27 | 007,010,890 | ---- | C] () -- C:\Users\Tommy\Documents\preview.mp3
[2011/05/07 09:20:26 | 003,352,604 | ---- | C] () -- C:\Users\Tommy\Documents\Porn Star Dancing.mp3
[2011/05/07 09:20:23 | 005,689,344 | ---- | C] () -- C:\Users\Tommy\Documents\Patience.mp3
[2011/05/07 09:20:21 | 005,634,426 | ---- | C] () -- C:\Users\Tommy\Documents\party ho mo feat. gucci mane.mp3
[2011/05/07 09:20:19 | 004,501,880 | ---- | C] () -- C:\Users\Tommy\Documents\Numb mix.mp3
[2011/05/07 09:20:17 | 004,076,354 | ---- | C] () -- C:\Users\Tommy\Documents\Normal.mp3
[2011/05/07 09:20:15 | 005,881,057 | ---- | C] () -- C:\Users\Tommy\Documents\Never Too Late.mp3
[2011/05/07 09:20:13 | 004,214,584 | ---- | C] () -- C:\Users\Tommy\Documents\Moon Baby.mp3
[2011/05/07 09:20:11 | 005,081,747 | ---- | C] () -- C:\Users\Tommy\Documents\Love-Hate-Sex-Pain.mp3
[2011/05/07 09:20:09 | 003,439,472 | ---- | C] () -- C:\Users\Tommy\Documents\Lit Up.mp3
[2011/05/07 09:20:07 | 004,052,734 | ---- | C] () -- C:\Users\Tommy\Documents\Isolation.mp3
[2011/05/07 09:20:06 | 003,463,168 | ---- | C] () -- C:\Users\Tommy\Documents\In The End.mp3
[2011/05/07 09:20:04 | 004,390,955 | ---- | C] () -- C:\Users\Tommy\Documents\I Will Not Bow.mp3
[2011/05/07 09:20:02 | 003,764,224 | ---- | C] () -- C:\Users\Tommy\Documents\I Hate Everything About You.mp3
[2011/05/07 09:19:59 | 006,310,833 | ---- | C] () -- C:\Users\Tommy\Documents\Hesitate.mp3
[2011/05/07 09:19:57 | 003,485,696 | ---- | C] () -- C:\Users\Tommy\Documents\Happy.mp3
[2011/05/07 09:19:55 | 005,787,817 | ---- | C] () -- C:\Users\Tommy\Documents\Had Enough.mp3
[2011/05/07 09:19:51 | 007,209,993 | ---- | C] () -- C:\Users\Tommy\Documents\Guns and Roses remix.mp3
[2011/05/07 09:19:49 | 006,255,051 | ---- | C] () -- C:\Users\Tommy\Documents\Goons Lurkin.mp3
[2011/05/07 09:19:46 | 006,760,190 | ---- | C] () -- C:\Users\Tommy\Documents\Go Head.mp3
[2011/05/07 09:19:44 | 004,416,871 | ---- | C] () -- C:\Users\Tommy\Documents\Gingerbread Man.mp3
[2011/05/07 09:19:41 | 005,460,610 | ---- | C] () -- C:\Users\Tommy\Documents\Getting Away With Murder.mp3
[2011/05/07 09:19:40 | 003,374,981 | ---- | C] () -- C:\Users\Tommy\Documents\Gasoline.mp3
[2011/05/07 09:19:38 | 003,447,958 | ---- | C] () -- C:\Users\Tommy\Documents\Forget To Remember.mp3
[2011/05/07 09:19:35 | 006,486,609 | ---- | C] () -- C:\Users\Tommy\Documents\Forever.mp3
[2011/05/07 09:19:32 | 006,500,997 | ---- | C] () -- C:\Users\Tommy\Documents\Fall To Pieces.mp3
[2011/05/07 09:19:31 | 002,222,208 | ---- | C] () -- C:\Users\Tommy\Documents\Enemy.mp3
[2011/05/07 09:19:29 | 004,028,940 | ---- | C] () -- C:\Users\Tommy\Documents\Echo.mp3
[2011/05/07 09:19:27 | 005,190,008 | ---- | C] () -- C:\Users\Tommy\Documents\Do What You Do.mp3
[2011/05/07 09:19:25 | 003,250,918 | ---- | C] () -- C:\Users\Tommy\Documents\Cryin' Like A [bleep].mp3
[2011/05/07 09:19:22 | 005,379,028 | ---- | C] () -- C:\Users\Tommy\Documents\Coming Undone.mp3
[2011/05/07 09:19:19 | 006,363,196 | ---- | C] () -- C:\Users\Tommy\Documents\Co-Defendant.mp3
[2011/05/07 09:19:17 | 004,888,420 | ---- | C] () -- C:\Users\Tommy\Documents\Broken Down.mp3
[2011/05/07 09:19:14 | 005,912,178 | ---- | C] () -- C:\Users\Tommy\Documents\Breath.mp3
[2011/05/07 09:19:12 | 003,092,028 | ---- | C] () -- C:\Users\Tommy\Documents\Break.mp3
[2011/05/07 09:19:10 | 004,013,790 | ---- | C] () -- C:\Users\Tommy\Documents\Break Up.mp3
[2011/05/07 09:19:08 | 004,176,711 | ---- | C] () -- C:\Users\Tommy\Documents\Booty Shorts.mp3
[2011/05/07 09:19:06 | 004,667,337 | ---- | C] () -- C:\Users\Tommy\Documents\Bleed It Out.mp3
[2011/05/07 09:19:01 | 007,520,112 | ---- | C] () -- C:\Users\Tommy\Documents\Bad Company.mp3
[2011/05/07 09:18:59 | 005,449,950 | ---- | C] () -- C:\Users\Tommy\Documents\Another Brick In The Wall.mp3
[2011/05/07 09:18:56 | 004,244,593 | ---- | C] () -- C:\Users\Tommy\Documents\Almost Easy.mp3
[2011/05/07 09:18:54 | 004,293,526 | ---- | C] () -- C:\Users\Tommy\Documents\02 swaggin.mp3
[2011/05/07 09:18:52 | 002,916,480 | ---- | C] () -- C:\Users\Tommy\Documents\...To Be Loved.mp3
[2011/05/07 09:18:50 | 005,123,986 | ---- | C] () -- C:\Users\Tommy\Documents\Word Up!.mp3
[2011/05/07 09:18:49 | 003,322,177 | ---- | C] () -- C:\Users\Tommy\Documents\What I've Done.mp3
[2011/05/07 09:18:48 | 004,382,858 | ---- | C] () -- C:\Users\Tommy\Documents\Welcome To The Jungle.mp3
[2011/05/07 09:18:47 | 003,522,918 | ---- | C] () -- C:\Users\Tommy\Documents\Walk Away.mp3
[2011/05/07 09:18:44 | 006,733,070 | ---- | C] () -- C:\Users\Tommy\Documents\Trap House.mp3
[2011/05/07 09:18:42 | 007,586,130 | ---- | C] () -- C:\Users\Tommy\Documents\The Crow And The Butterfly.mp3
[2011/05/07 09:18:40 | 003,582,240 | ---- | C] () -- C:\Users\Tommy\Documents\The Clincher.mp3
[2011/05/07 09:18:39 | 004,076,981 | ---- | C] () -- C:\Users\Tommy\Documents\The Animal.mp3
[2011/05/07 09:18:37 | 005,707,277 | ---- | C] () -- C:\Users\Tommy\Documents\Sweet Child O' Mine.mp3
[2011/05/07 09:18:36 | 003,458,766 | ---- | C] () -- C:\Users\Tommy\Documents\Suffocating Under Words Of Sorrow.mp3
[2011/05/07 09:18:34 | 004,668,250 | ---- | C] () -- C:\Users\Tommy\Documents\Stand Up.mp3
[2011/05/07 09:18:34 | 001,662,831 | ---- | C] () -- C:\Users\Tommy\Documents\Somewhere I Belong.mp3
[2011/05/07 09:18:33 | 001,948,424 | ---- | C] () -- C:\Users\Tommy\Documents\So Far Away.mp3
[2011/03/11 14:12:28 | 000,273,375 | ---- | C] () -- C:\Users\Tommy\AppData\Local\tmp346.2
[2011/03/11 14:12:27 | 000,275,163 | ---- | C] () -- C:\Users\Tommy\AppData\Local\tmp346.1
[2011/03/11 14:12:26 | 000,618,898 | ---- | C] () -- C:\Users\Tommy\AppData\Local\tmp346.0
[2011/03/11 14:12:26 | 000,277,180 | ---- | C] () -- C:\Users\Tommy\AppData\Local\tmp346.JPG
[2011/02/28 11:35:21 | 000,228,018 | ---- | C] () -- C:\Users\Tommy\AppData\Local\tmpPHOTO[2].JPG
[2010/06/14 01:36:27 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat
[2010/05/27 18:29:13 | 000,023,142 | ---- | C] () -- C:\Windows\hpqins15.dat
[2010/05/07 08:55:20 | 000,188,744 | ---- | C] () -- C:\Users\Tommy\AppData\Local\tmp2010-05-06%2021.02.37[1].0
[2010/05/07 08:55:20 | 000,077,679 | ---- | C] () -- C:\Users\Tommy\AppData\Local\tmp2010-05-06%2021.02.37[1].JPG
[2010/04/18 21:51:23 | 000,163,722 | ---- | C] () -- C:\Windows\hphins33.dat
[2010/03/02 22:30:57 | 000,000,122 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2009/12/19 05:23:12 | 000,000,283 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2009/12/19 05:23:12 | 000,000,224 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
[2009/10/08 12:34:52 | 000,874,032 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2009/10/08 12:34:52 | 000,127,896 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2009/10/08 12:34:52 | 000,049,712 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2009/10/08 11:36:18 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2009/10/08 11:36:18 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2009/09/29 19:25:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/11 06:17:52 | 000,000,586 | ---- | C] () -- C:\Windows\hphmdl33.dat
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2010/10/19 17:53:20 | 000,000,000 | ---D | M] -- C:\Users\Tommy\AppData\Roaming\funkitron
[2010/10/25 22:15:36 | 000,000,000 | ---D | M] -- C:\Users\Tommy\AppData\Roaming\Gamelab
[2010/10/20 00:27:24 | 000,000,000 | ---D | M] -- C:\Users\Tommy\AppData\Roaming\GOL_byHasbro
[2010/10/20 02:31:03 | 000,000,000 | ---D | M] -- C:\Users\Tommy\AppData\Roaming\iWin
[2010/03/14 10:17:05 | 000,000,000 | ---D | M] -- C:\Users\Tommy\AppData\Roaming\MusicNet
[2010/03/02 22:30:57 | 000,000,000 | ---D | M] -- C:\Users\Tommy\AppData\Roaming\Neat
[2010/03/02 22:30:56 | 000,000,000 | ---D | M] -- C:\Users\Tommy\AppData\Roaming\Nuance
[2010/10/19 02:04:18 | 000,000,000 | ---D | M] -- C:\Users\Tommy\AppData\Roaming\PlayFirst
[2010/05/08 20:27:57 | 000,000,000 | ---D | M] -- C:\Users\Tommy\AppData\Roaming\Smith Micro
[2011/05/10 07:23:13 | 000,000,000 | ---D | M] -- C:\Users\Tommy\AppData\Roaming\Tific
[2010/02/20 16:26:11 | 000,000,000 | ---D | M] -- C:\Users\Tommy\AppData\Roaming\WildTangent
[2011/04/30 20:33:32 | 000,000,000 | ---D | M] -- C:\Users\Tommy\AppData\Roaming\Windows Live Writer
[2010/05/05 15:44:52 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(2025).TXT
[2010/05/05 15:44:52 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(2486).TXT
[2011/05/11 12:11:08 | 000,032,650 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(2642).TXT
[2010/05/05 15:44:52 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(65).TXT
[2011/05/11 12:11:08 | 000,032,650 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

[Advertisements]

Anyone? Have any advice or direction for me? Thanks for the help

[rickdeez]

Anyone? Have any advice or direction for me? Thanks for the help

[rickdeez]

Is something wrong with my post? Do I need to repost somewhere else? Pls someone advise me. I already went thru another moderator and this is what I was told to do

[emeraldnzl]

Hello rickdeez,

Welcome to the Malware forum.

Couple of things there to deal with and then we need to run some other tools to give us a better idea of what is going on.

Also, you should have got an Extras log when you ran OTL. It should be on your desktop as "Extras.txt" just like the OTL.txt one was. Please post it when you come back.

Now

Please run OTL.exe

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  

  :OTL
  O2 - BHO: (ALOT Toolbar Helper) - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Program Files (x86)\alot\bin\BHO\alotBHO.dll (Vertro)
  O3 - HKLM\..\Toolbar: (ALOT Toolbar) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files (x86)\alot\bin\alot.dll (Vertro)
  O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
  O4 - HKLM..\Run: [] File not found
  O33 - MountPoints2\{920cc909-7ce1-11e0-aece-002713602dcc}\Shell - "" = AutoRun
  O33 - MountPoints2\{920cc909-7ce1-11e0-aece-002713602dcc}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
  
  :Commands
  [resethosts]
  [Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot when it is done
• It will produce a log for you on reboot, please post that log in your next reply.

Next

Please download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy & Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

When you return please post

• OTL fix log
• MBAM log
• Extras.txt

Note: Unless otherwise instructed always post the logs in the forum.

[rickdeez]

okay before I proceed with your 2nd step, I did perform the OTL Run Fix and it did reboot however I did not see a log or have one on my desk top...DO I need to try again? I see the extras from the original OTL that you have requested on my desktop

[rickdeez]

And thank you very very much for your help with this. It is greatly appreciated and much needed

[emeraldnzl]

I did perform the OTL Run Fix and it did reboot however I did not see a log or have one on my desk top...DO I need to try again?

A copy of an OTL fix log is saved in a text file at

:\_OTL\Moved Files
in most cases this will be C:\_OTL\Moved Files

If you ran it properly a copy of the log will be there. Please copy and post back here.

I see the extras from the original OTL that you have requested on my desktop

Excellant, post that back here too.

[rickdeez]

OTL Extras logfile created on: 5/27/2011 5:02:27 PM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Tommy\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.80 Gb Total Physical Memory | 2.17 Gb Available Physical Memory | 57.05% Memory free
7.61 Gb Paging File | 5.75 Gb Available in Paging File | 75.56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284.60 Gb Total Space | 211.47 Gb Free Space | 74.31% Space Free | Partition Type: NTFS
Drive D: | 13.20 Gb Total Space | 2.19 Gb Free Space | 16.63% Space Free | Partition Type: NTFS
Drive E: | 99.34 Mb Total Space | 96.77 Mb Free Space | 97.42% Space Free | Partition Type: FAT32

Computer Name: TOMMY-PC | User Name: Tommy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C336D20-A089-4818-9C56-96AD81BF5A11}" = PANTECH USB Modem V2
"{26A24AE4-039D-4CA4-87B4-2F86416015FF}" = Java™ 6 Update 15 (64-bit)
"{2CD0168D-FBBC-4667-8810-105CB6EC6348}" = HP Deskjet D1600 Printer Driver Software 13.0 Rel .6
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{64A3A4F4-B792-11D6-A78A-00B0D0160150}" = Java™ SE Development Kit 6 Update 15 (64-bit)
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{7EA2D88A-C8B7-4102-8644-0A437B6FC143}" = Neat Mobile Scanner Driver
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{85A42FF0-F0D0-44A3-B226-C124D6E8B1D5}" = HP 3D DriveGuard
"{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu
"{8A2BC7D4-A7D3-45D5-B3D2-394718C53C41}" = Neat ADF Scanner 2008 Driver
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = HP Integrated Module with Bluetooth wireless technology
"{A55F1206-BFA7-4027-92B8-CE4EFDBC3CF2}" = Neat ADF Scanner Driver
"{D1108D4B-72F8-419F-88C5-ABB8DC09B3C7}" = Neat Mobile Scanner (Silver) Driver
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DDE25FC9-892D-4D24-9325-3BAA5C15ACA9}" = Neat Mobile Scanner 2008 Driver
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
"6B8550A319DDC8B17F35F4A89988705E4592349B" = Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000)
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CCleaner" = CCleaner
"FFE7D41DF3C645075BB149E21988B63996C34187" = ENE CIR Receiver Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1747DF05-6890-440B-B094-2146F5DC50E0}" = HP MediaSmart SlingPlayer
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java™ 6 Update 24
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2EA45803-BEB7-46C4-9ADC-46A5F9E7BB77}" = GEAR driver installer for x86 and x64
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35021DFB-F9CA-402A-89A2-47F91E506465}" = HP MediaSmart/TouchSmart Netflix
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{47D7C9B8-BD44-4D2E-9040-E946477B2F9A}" = Microsoft Live Search Toolbar
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant
"{5727583F-3530-45FD-B09E-7E1CB6C135AD}" = DJ_SF_06_D1600_SW_Min
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7BD1EAE4-2E08-4087-8600-44B0ACB0C887}" = NeatWorks Core Files
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{82A213BD-B6AA-4281-A2D3-59D51893CC56}" = HP MediaSmart Software Notebook Demo
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA8B2587-7198-44E6-858D-20EA0E833C9D}" = HP Wireless Comfort Mobile Mouse
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B51605BF-6326-4553-AE96-6D7F1813D5F5}" = HP User Guides 0154
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CDC85536-A0EF-4401-82A6-25D8EFC7EFAC}" = VZAccess Manager
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}" = Adobe Shockwave Player
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF802C05-4660-418c-970C-B988ADB1D316}" = Microsoft Live Search Toolbar
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"{EAE8CF06-28CA-4213-839C-A32817A47E00}" = D1600
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"alotToolbar" = ALOT Toolbar
"BearShare" = BearShare
"BearShare MediaBar" = MediaBar
"Belarc Advisor" = Belarc Advisor 8.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"N360" = Norton Security Suite
"NeatWorks" = NeatWorks
"PokerStars" = PokerStars
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"HuluDesktop" = Hulu Desktop
"MLBScoreboard" = MLBScoreboard
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >


OTL Fix Log
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}\ deleted successfully.
C:\Program Files (x86)\alot\bin\BHO\alotBHO.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}\ deleted successfully.
C:\Program Files (x86)\alot\bin\alot.dll moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{920cc909-7ce1-11e0-aece-002713602dcc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{920cc909-7ce1-11e0-aece-002713602dcc}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{920cc909-7ce1-11e0-aece-002713602dcc}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{920cc909-7ce1-11e0-aece-002713602dcc}\ not found.
File G:\LaunchU3.exe -a not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.23.0 log created on 06132011_213338

[rickdeez]

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6851

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

6/13/2011 10:35:51 PM
mbam-log-2011-06-13 (22-35-51).txt

Scan type: Quick scan
Objects scanned: 201534
Time elapsed: 3 minute(s), 3 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

[emeraldnzl]

Hello rickdeez,

Couple of diagnostic scans to do now:

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan



On completion of the scan click save log, save it to your desktop and post in your next reply

Next

Please download MBRCheck.exe to your Desktop. Run the application.

If no infection is found, it will produce a report on the desktop. Post that report in your next reply.

If an infection is found, you will be presented with the following dialog:

Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Type N and press Enter. A report will be produced on the desktop. Post that report in your next reply.

When you return please post

• aswMBR log
• MBRCheck log

[rickdeez]

aswMBR version 0.9.6.399 Copyright© 2011 AVAST Software
Run date: 2011-06-13 23:03:36
-----------------------------
23:03:36.361 OS Version: Windows x64 6.1.7601 Service Pack 1
23:03:36.361 Number of processors: 4 586 0x2502
23:03:36.361 ComputerName: TOMMY-PC UserName: Tommy
23:03:37.640 Initialize success
23:03:44.068 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
23:03:44.068 Disk 0 Vendor: WDC_WD32 12.0 Size: 305245MB BusType: 3
23:03:44.114 Disk 0 MBR read successfully
23:03:44.130 Disk 0 MBR scan
23:03:44.130 Disk 0 unknown MBR code
23:03:44.130 Service scanning
23:03:45.113 Disk 0 trace - called modules:
23:03:45.113 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
23:03:45.128 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c03060]
23:03:45.128 3 CLASSPNP.SYS[fffff8800114c43f] -> nt!IofCallDriver -> [0xfffffa8004ae6b10]
23:03:45.144 5 hpdskflt.sys[fffff880025e3289] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004988050]
23:03:45.144 Scan finished successfully
23:04:17.171 Disk 0 MBR has been saved successfully to "C:\Users\Tommy\Desktop\MBR.dat"
23:04:17.171 The log file has been saved successfully to "C:\Users\Tommy\Desktop\aswMBR.txt"


MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: Hewlett-Packard
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP Pavilion dv6 Notebook PC
Logical Drives Mask: 0x0000003c

Kernel Drivers (total 256):
0x02E63000 \SystemRoot\system32\ntoskrnl.exe
0x02E1A000 \SystemRoot\system32\hal.dll
0x00BBB000 \SystemRoot\system32\kdcom.dll
0x00CE7000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00D36000 \SystemRoot\system32\PSHED.dll
0x00D4A000 \SystemRoot\system32\CLFS.SYS
0x00C00000 \SystemRoot\system32\CI.dll
0x00EB0000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F54000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00F63000 \SystemRoot\system32\drivers\ACPI.sys
0x00FBA000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00FC3000 \SystemRoot\system32\drivers\msisadrv.sys
0x00FCD000 \SystemRoot\system32\drivers\pci.sys
0x00E00000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00E0D000 \SystemRoot\system32\drivers\isapnp.sys
0x00E16000 \SystemRoot\system32\drivers\mpio.sys
0x00E40000 \SystemRoot\System32\drivers\partmgr.sys
0x00E55000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00E5E000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00E6A000 \SystemRoot\system32\drivers\volmgr.sys
0x01059000 \SystemRoot\System32\drivers\volmgrx.sys
0x010B5000 \SystemRoot\system32\drivers\intelide.sys
0x010BD000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x010CD000 \SystemRoot\system32\drivers\aliide.sys
0x010D4000 \SystemRoot\system32\drivers\amdide.sys
0x010DB000 \SystemRoot\system32\drivers\cmdide.sys
0x010E3000 \SystemRoot\System32\drivers\mountmgr.sys
0x010FD000 \SystemRoot\system32\drivers\msdsm.sys
0x01123000 \SystemRoot\system32\drivers\nvraid.sys
0x0114B000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x0117B000 \SystemRoot\system32\drivers\pciide.sys
0x01182000 \SystemRoot\system32\drivers\viaide.sys
0x0123C000 \SystemRoot\system32\drivers\iaStorV.sys
0x014DB000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x015F7000 \SystemRoot\system32\drivers\atapi.sys
0x01400000 \SystemRoot\system32\drivers\ataport.SYS
0x0142A000 \SystemRoot\system32\DRIVERS\lsi_sas.sys
0x01447000 \SystemRoot\system32\DRIVERS\storport.sys
0x014AA000 \SystemRoot\system32\drivers\msahci.sys
0x014B5000 \SystemRoot\system32\drivers\HpSAMD.sys
0x0135A000 \SystemRoot\system32\DRIVERS\adp94xx.sys
0x0118A000 \SystemRoot\system32\DRIVERS\adpahci.sys
0x01200000 \SystemRoot\system32\DRIVERS\adpu320.sys
0x013D5000 \SystemRoot\system32\drivers\amdsata.sys
0x01000000 \SystemRoot\system32\DRIVERS\amdsbs.sys
0x014CC000 \SystemRoot\system32\drivers\amdxata.sys
0x011E0000 \SystemRoot\system32\DRIVERS\arc.sys
0x00E7F000 \SystemRoot\system32\DRIVERS\arcsas.sys
0x0169E000 \SystemRoot\system32\DRIVERS\elxstor.sys
0x01725000 \SystemRoot\system32\DRIVERS\iirsp.sys
0x01736000 \SystemRoot\system32\DRIVERS\lsi_fc.sys
0x01755000 \SystemRoot\system32\DRIVERS\lsi_sas2.sys
0x01768000 \SystemRoot\system32\DRIVERS\lsi_scsi.sys
0x01787000 \SystemRoot\system32\DRIVERS\megasas.sys
0x01885000 \SystemRoot\system32\DRIVERS\MegaSR.sys
0x01929000 \SystemRoot\system32\DRIVERS\nfrd960.sys
0x01939000 \SystemRoot\system32\drivers\nvstor.sys
0x01A2D000 \SystemRoot\system32\DRIVERS\ql2300.sys
0x01964000 \SystemRoot\system32\DRIVERS\ql40xx.sys
0x01BD1000 \SystemRoot\system32\DRIVERS\SiSRaid2.sys
0x01BDF000 \SystemRoot\system32\DRIVERS\sisraid4.sys
0x01A00000 \SystemRoot\system32\DRIVERS\stexstor.sys
0x019C3000 \SystemRoot\system32\DRIVERS\vsmraid.sys
0x01800000 \SystemRoot\system32\drivers\fltmgr.sys
0x01600000 \SystemRoot\system32\drivers\N360x64\0403000.005\SYMDS64.SYS
0x01A0A000 \SystemRoot\system32\drivers\fileinfo.sys
0x01793000 \SystemRoot\system32\drivers\N360x64\0403000.005\SYMEFA64.SYS
0x01C13000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01E82000 \SystemRoot\System32\Drivers\msrpc.sys
0x01EE0000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01EFB000 \SystemRoot\System32\Drivers\cng.sys
0x01F6D000 \SystemRoot\System32\drivers\pcw.sys
0x01F7E000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x02084000 \SystemRoot\system32\drivers\ndis.sys
0x02177000 \SystemRoot\system32\drivers\NETIO.SYS
0x02000000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x022C5000 \SystemRoot\System32\drivers\tcpip.sys
0x024C9000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x02513000 \SystemRoot\system32\DRIVERS\wd.sys
0x0251B000 \SystemRoot\system32\drivers\volsnap.sys
0x02567000 \SystemRoot\System32\Drivers\spldr.sys
0x0256F000 \SystemRoot\system32\drivers\sbp2port.sys
0x0258C000 \SystemRoot\System32\drivers\rdyboost.sys
0x025C6000 \SystemRoot\System32\Drivers\mup.sys
0x025D8000 \SystemRoot\System32\drivers\hwpolicy.sys
0x025E1000 \SystemRoot\system32\DRIVERS\hpdskflt.sys
0x02200000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x0223A000 \SystemRoot\system32\DRIVERS\disk.sys
0x04C00000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x04C2A000 \SystemRoot\System32\Drivers\Null.SYS
0x04C33000 \SystemRoot\System32\Drivers\Beep.SYS
0x04C3A000 \SystemRoot\System32\drivers\vga.sys
0x04C48000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x04C6D000 \SystemRoot\System32\drivers\watchdog.sys
0x04C7D000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x04C86000 \SystemRoot\system32\drivers\rdpencdd.sys
0x04C8F000 \SystemRoot\system32\drivers\rdprefmp.sys
0x04C98000 \SystemRoot\System32\Drivers\Msfs.SYS
0x04CA3000 \SystemRoot\System32\Drivers\Npfs.SYS
0x0225E000 \SystemRoot\system32\DRIVERS\tdx.sys
0x04CB4000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x01F88000 \SystemRoot\System32\Drivers\N360x64\0403000.005\SYMTDIV.SYS
0x02280000 \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
0x038EE000 \SystemRoot\system32\drivers\afd.sys
0x03977000 \SystemRoot\System32\DRIVERS\netbt.sys
0x039BC000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x039C5000 \SystemRoot\system32\DRIVERS\pacer.sys
0x03800000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x03816000 \SystemRoot\system32\DRIVERS\netbios.sys
0x03842000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x0385D000 \SystemRoot\system32\drivers\termdd.sys
0x03871000 \SystemRoot\system32\drivers\N360x64\0403000.005\Ironx64.SYS
0x03898000 \SystemRoot\system32\drivers\N360x64\0403000.005\SRTSPX64.SYS
0x0202B000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x038AC000 \SystemRoot\system32\drivers\nsiproxy.sys
0x038B8000 \SystemRoot\system32\drivers\mssmbios.sys
0x01E00000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20110610.006\IDSvia64.sys
0x04AF8000 \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
0x04B71000 \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
0x04B97000 \SystemRoot\System32\drivers\discache.sys
0x04BA6000 \SystemRoot\System32\Drivers\dfsc.sys
0x04A00000 \SystemRoot\system32\drivers\N360x64\0403000.005\ccHPx64.sys
0x04A9C000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x0504D000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20110519.002\BHDrvx64.sys
0x05169000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x0518F000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x05441000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x05C88000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x05D7C000 \SystemRoot\System32\drivers\dxgmms1.sys
0x05DC2000 \SystemRoot\system32\DRIVERS\HECIx64.sys
0x05DD3000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x05C00000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x05C56000 \SystemRoot\system32\drivers\HDAudBus.sys
0x06458000 \SystemRoot\system32\DRIVERS\bcmwl664.sys
0x06746000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x06791000 \SystemRoot\system32\DRIVERS\enecir.sys
0x067AE000 \SystemRoot\system32\drivers\i8042prt.sys
0x067CC000 \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
0x067D8000 \SystemRoot\system32\drivers\kbdclass.sys
0x06400000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x0644C000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x067E7000 \SystemRoot\system32\drivers\mouclass.sys
0x05C7A000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x05DE4000 \SystemRoot\system32\DRIVERS\Accelerometer.sys
0x067F6000 \SystemRoot\system32\drivers\wmiacpi.sys
0x05BA5000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x05DF0000 \SystemRoot\system32\drivers\CompositeBus.sys
0x05BBB000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x05BD1000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x05400000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x0540C000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x05194000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x051AF000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x051D0000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x0644E000 \SystemRoot\system32\drivers\swenum.sys
0x05000000 \SystemRoot\system32\drivers\ks.sys
0x051EA000 \SystemRoot\system32\DRIVERS\circlass.sys
0x04AAD000 \SystemRoot\system32\drivers\umbus.sys
0x04ABF000 \SystemRoot\System32\Drivers\fastfat.SYS
0x05EA3000 \SystemRoot\system32\drivers\usbhub.sys
0x05EFD000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x05F12000 \SystemRoot\system32\DRIVERS\stwrt64.sys
0x05F90000 \SystemRoot\system32\DRIVERS\portcls.sys
0x05FCD000 \SystemRoot\system32\DRIVERS\drmk.sys
0x05FEF000 \SystemRoot\system32\drivers\ksthunk.sys
0x05E00000 \SystemRoot\system32\DRIVERS\IntcDAud.sys
0x05E3E000 \SystemRoot\system32\DRIVERS\hidir.sys
0x05E4F000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x05E68000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x05E71000 \SystemRoot\system32\drivers\kbdhid.sys
0x05E7F000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x05E8C000 \SystemRoot\system32\drivers\hidusb.sys
0x00050000 \SystemRoot\System32\win32k.sys
0x04BC4000 \SystemRoot\System32\drivers\Dxapi.sys
0x04BD0000 \SystemRoot\System32\Drivers\crashdmp.sys
0x04CC1000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x04BDE000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x038C3000 \SystemRoot\System32\Drivers\BTHUSB.sys
0x06CA4000 \SystemRoot\System32\Drivers\bthport.sys
0x06D30000 \SystemRoot\system32\drivers\usbccgp.sys
0x06D4D000 \SystemRoot\System32\Drivers\usbvideo.sys
0x06D7B000 \SystemRoot\system32\DRIVERS\rfcomm.sys
0x06DA7000 \SystemRoot\system32\drivers\BthEnum.sys
0x06DB7000 \SystemRoot\system32\DRIVERS\bthpan.sys
0x06C00000 \SystemRoot\system32\drivers\btwavdt.sys
0x02C08000 \SystemRoot\system32\drivers\btwaudio.sys
0x02C8E000 \SystemRoot\system32\DRIVERS\btwl2cap.sys
0x02C9A000 \SystemRoot\system32\DRIVERS\btwrchid.sys
0x02C9E000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00420000 \SystemRoot\System32\TSDDD.dll
0x006A0000 \SystemRoot\System32\cdd.dll
0x00820000 \SystemRoot\System32\ATMFD.DLL
0x02CAC000 \SystemRoot\system32\drivers\luafv.sys
0x02CCF000 \SystemRoot\system32\drivers\WudfPf.sys
0x02CF0000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x02D05000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x02D58000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x02D6B000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x03450000 \SystemRoot\system32\drivers\HTTP.sys
0x03519000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0x03523000 \SystemRoot\system32\DRIVERS\bowser.sys
0x03541000 \SystemRoot\System32\drivers\mpsdrv.sys
0x03559000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x03586000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x035D3000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x044E3000 \SystemRoot\system32\drivers\peauth.sys
0x04589000 \SystemRoot\System32\Drivers\secdrv.SYS
0x04594000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x045C5000 \SystemRoot\System32\drivers\tcpipreg.sys
0x04400000 \SystemRoot\System32\DRIVERS\srv2.sys
0x05276000 \SystemRoot\System32\DRIVERS\srv.sys
0x0530E000 \SystemRoot\system32\drivers\spsys.sys
0x07472000 \SystemRoot\System32\Drivers\N360x64\0403000.005\SRTSP64.SYS
0x07606000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110613.024\EX64.SYS
0x074F8000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110613.024\ENG64.SYS
0x07518000 \??\C:\Users\Tommy\AppData\Local\Temp\aswMBR.sys
0x771A0000 \Windows\System32\ntdll.dll
0x479B0000 \Windows\System32\smss.exe
0xFF4C0000 \Windows\System32\apisetschema.dll
0xFF480000 \Windows\System32\autochk.exe
0x77370000 \Windows\System32\psapi.dll
0xFF440000 \Windows\System32\gdi32.dll
0x77080000 \Windows\System32\kernel32.dll
0xFF3E0000 \Windows\System32\Wldap32.dll
0xFF3D0000 \Windows\System32\nsi.dll
0xFF2C0000 \Windows\System32\msctf.dll
0xFF270000 \Windows\System32\ws2_32.dll
0xFF140000 \Windows\System32\rpcrt4.dll
0xFF0A0000 \Windows\System32\comdlg32.dll
0xFEFC0000 \Windows\System32\oleaut32.dll
0xFEF40000 \Windows\System32\shlwapi.dll
0xFEDC0000 \Windows\System32\urlmon.dll
0xFECF0000 \Windows\System32\usp10.dll
0xFEC50000 \Windows\System32\clbcatq.dll
0xFEBB0000 \Windows\System32\msvcrt.dll
0xFEB90000 \Windows\System32\sechost.dll
0x76F80000 \Windows\System32\user32.dll
0x77360000 \Windows\System32\normaliz.dll
0xFEB60000 \Windows\System32\imm32.dll
0xFE980000 \Windows\System32\setupapi.dll
0xFE8A0000 \Windows\System32\advapi32.dll
0xFE770000 \Windows\System32\wininet.dll
0xFE560000 \Windows\System32\ole32.dll
0xFE550000 \Windows\System32\lpk.dll
0xFD7C0000 \Windows\System32\shell32.dll
0xFD7A0000 \Windows\System32\imagehlp.dll
0xFD720000 \Windows\System32\difxapi.dll
0xFD4C0000 \Windows\System32\iertutil.dll
0xFD480000 \Windows\System32\cfgmgr32.dll
0xFD440000 \Windows\System32\wintrust.dll
0xFD3D0000 \Windows\System32\KernelBase.dll
0xFD3B0000 \Windows\System32\devobj.dll
0xFD310000 \Windows\System32\comctl32.dll
0xFD1A0000 \Windows\System32\crypt32.dll
0xFD190000 \Windows\System32\msasn1.dll
0x76BE0000 \Windows\SysWOW64\normaliz.dll

Processes (total 100):
0 System Idle Process
4 System
348 C:\Windows\System32\smss.exe
460 csrss.exe
520 C:\Windows\System32\wininit.exe
536 csrss.exe
580 C:\Windows\System32\services.exe
596 C:\Windows\System32\lsass.exe
608 C:\Windows\System32\lsm.exe
704 C:\Windows\System32\svchost.exe
768 C:\Windows\System32\svchost.exe
844 C:\Windows\System32\svchost.exe
876 C:\Windows\System32\svchost.exe
916 C:\Windows\System32\svchost.exe
948 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\stacsv64.exe
456 C:\Windows\System32\winlogon.exe
568 C:\Windows\System32\svchost.exe
1084 C:\Windows\System32\hpservice.exe
1264 C:\Windows\System32\svchost.exe
1380 C:\Windows\System32\wlanext.exe
1388 C:\Windows\System32\conhost.exe
1492 C:\Windows\System32\spoolsv.exe
1560 C:\Windows\System32\svchost.exe
1656 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\AESTSr64.exe
1684 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
1716 C:\Windows\SysWOW64\svchost.exe
1776 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
1828 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
1860 C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe
1908 C:\Windows\System32\svchost.exe
1940 C:\Windows\System32\svchost.exe
1960 C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
1996 C:\Windows\System32\svchost.exe
1192 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
2456 C:\Windows\System32\taskhost.exe
2520 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
2672 C:\Windows\System32\sppsvc.exe
2776 C:\Windows\System32\svchost.exe
3044 C:\Windows\System32\svchost.exe
2640 C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe
2888 C:\Windows\System32\rundll32.exe
3752 C:\Windows\System32\dwm.exe
3760 C:\Windows\explorer.exe
3824 C:\Windows\System32\taskeng.exe
3868 C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
3876 C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
3988 C:\Windows\System32\igfxtray.exe
4064 C:\Windows\System32\igfxsrvc.exe
4080 C:\Windows\System32\hkcmd.exe
3200 C:\Windows\System32\igfxpers.exe
1104 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
3260 C:\Program Files\IDT\WDM\sttray64.exe
1244 C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
1744 C:\Program Files\Java\jre6\bin\jusched.exe
3660 C:\Program Files\HP\HP Wireless Comfort Mobile Mouse\TSR\xDaemon.exe
2396 C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
2436 C:\Windows\System32\svchost.exe
2428 C:\ProgramData\Norton\NUA.exe
1340 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
252 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
3820 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
3856 C:\Windows\System32\SearchIndexer.exe
3732 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
4136 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
4144 C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
4160 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
4352 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
4376 C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
4396 WmiPrvSE.exe
4608 C:\Program Files\Windows Media Player\wmpnetwk.exe
4660 C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
5012 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
3688 C:\Windows\System32\svchost.exe
3936 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
276 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
4656 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
4624 C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
1408 C:\Windows\System32\svchost.exe
5244 C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
5284 C:\Program Files (x86)\Internet Explorer\iexplore.exe
5296 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
5372 C:\Program Files (x86)\Internet Explorer\iexplore.exe
5936 C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10r_ActiveX.exe
5604 C:\Windows\System32\wuauclt.exe
3680 C:\Users\Tommy\Desktop\OTL.exe
1316 C:\Program Files (x86)\Internet Explorer\iexplore.exe
2476 C:\Windows\System32\notepad.exe
6004 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
5628 C:\Windows\System32\audiodg.exe
4888 C:\Users\Tommy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CSZHAPTL\aswMBR[1].exe
1624 C:\Windows\System32\SearchProtocolHost.exe
5264 C:\Windows\System32\SearchFilterHost.exe
3148 C:\Windows\System32\notepad.exe
3488 C:\Program Files (x86)\Internet Explorer\iexplore.exe
5828 C:\Windows\System32\SearchProtocolHost.exe
3184 dllhost.exe
2968 dllhost.exe
3792 C:\Users\Tommy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6ZQLQSXM\MBRCheck[1].exe
412 C:\Windows\System32\conhost.exe
2348 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`0c800000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000047`32b00000 (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x0000004a`7f500000 (FAT32)

PhysicalDrive0 Model Number: WDCWD3200BEKT-60V5T1, Rev: 12.01A12

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 54E5778F0C57429FC41FADE578A4B892EA5348CE


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!

[emeraldnzl]

Hello rickdeez,

Please read carefully and follow these steps.

• Download TDSSKiller and save it to your Desktop.
• Extract its contents to your desktop.
• Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  
• If an infected file is detected, the default action will be Cure, click on Continue.
  
  
  
• If a suspicious file is detected, the default action will be Skip, click on Continue.
  
  
  
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  
  
  
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
• If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

[rickdeez]

forgive me, but how do I extract its contents to my desktop?

[rickdeez]

Okay i believe I got it. I didnt have an option to reboot, it only says close in bottom corner. Here is the log:

2011/06/13 23:24:16.0217 4772 TDSS rootkit removing tool 2.5.4.0 Jun 7 2011 17:31:48
2011/06/13 23:24:17.0933 4772 ================================================================================
2011/06/13 23:24:17.0933 4772 SystemInfo:
2011/06/13 23:24:17.0933 4772
2011/06/13 23:24:17.0933 4772 OS Version: 6.1.7601 ServicePack: 1.0
2011/06/13 23:24:17.0933 4772 Product type: Workstation
2011/06/13 23:24:17.0933 4772 ComputerName: TOMMY-PC
2011/06/13 23:24:17.0933 4772 UserName: Tommy
2011/06/13 23:24:17.0933 4772 Windows directory: C:\Windows
2011/06/13 23:24:17.0933 4772 System windows directory: C:\Windows
2011/06/13 23:24:17.0933 4772 Running under WOW64
2011/06/13 23:24:17.0933 4772 Processor architecture: Intel x64
2011/06/13 23:24:17.0933 4772 Number of processors: 4
2011/06/13 23:24:17.0933 4772 Page size: 0x1000
2011/06/13 23:24:17.0933 4772 Boot type: Normal boot
2011/06/13 23:24:17.0933 4772 ================================================================================
2011/06/13 23:24:18.0557 4772 Initialize success
2011/06/13 23:24:49.0086 0776 ================================================================================
2011/06/13 23:24:49.0086 0776 Scan started
2011/06/13 23:24:49.0086 0776 Mode: Manual;
2011/06/13 23:24:49.0086 0776 ================================================================================
2011/06/13 23:24:49.0508 0776 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
2011/06/13 23:24:49.0617 0776 Accelerometer (1cffe9c06e66a57dae1452e449a58240) C:\Windows\system32\DRIVERS\Accelerometer.sys
2011/06/13 23:24:49.0664 0776 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
2011/06/13 23:24:49.0695 0776 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
2011/06/13 23:24:49.0773 0776 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/06/13 23:24:49.0835 0776 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/06/13 23:24:49.0882 0776 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/06/13 23:24:50.0007 0776 AFD (d31dc7a16dea4a9baf179f3d6fbdb38c) C:\Windows\system32\drivers\afd.sys
2011/06/13 23:24:50.0054 0776 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
2011/06/13 23:24:50.0132 0776 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
2011/06/13 23:24:50.0178 0776 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
2011/06/13 23:24:50.0210 0776 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/06/13 23:24:50.0256 0776 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/06/13 23:24:50.0288 0776 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
2011/06/13 23:24:50.0319 0776 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/06/13 23:24:50.0350 0776 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
2011/06/13 23:24:50.0381 0776 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
2011/06/13 23:24:50.0428 0776 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/06/13 23:24:50.0444 0776 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/06/13 23:24:50.0490 0776 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/06/13 23:24:50.0553 0776 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
2011/06/13 23:24:50.0646 0776 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/06/13 23:24:50.0709 0776 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/06/13 23:24:50.0849 0776 BCM43XX (370504f7b1085dddab63581e0e19bb9e) C:\Windows\system32\DRIVERS\bcmwl664.sys
2011/06/13 23:24:50.0958 0776 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/06/13 23:24:51.0130 0776 BHDrvx64 (2175fbc1639e623872081b0f057409c8) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20110519.002\BHDrvx64.sys
2011/06/13 23:24:51.0224 0776 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/06/13 23:24:51.0286 0776 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
2011/06/13 23:24:51.0317 0776 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/06/13 23:24:51.0364 0776 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/06/13 23:24:51.0426 0776 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/06/13 23:24:51.0458 0776 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/06/13 23:24:51.0504 0776 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/06/13 23:24:51.0551 0776 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/06/13 23:24:51.0598 0776 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
2011/06/13 23:24:51.0629 0776 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/06/13 23:24:51.0660 0776 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
2011/06/13 23:24:51.0707 0776 BTHPORT (0d25b6d300ba26a5f2c3b2a8e96b158b) C:\Windows\System32\Drivers\BTHport.sys
2011/06/13 23:24:51.0754 0776 BTHUSB (1f9912f8ec5bfa53432e71e150636a8a) C:\Windows\System32\Drivers\BTHUSB.sys
2011/06/13 23:24:51.0801 0776 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys
2011/06/13 23:24:51.0832 0776 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys
2011/06/13 23:24:51.0879 0776 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
2011/06/13 23:24:51.0894 0776 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys
2011/06/13 23:24:52.0004 0776 ccHP (da66e851e76766d2c84502fe682ab175) C:\Windows\system32\drivers\N360x64\0403000.005\ccHPx64.sys
2011/06/13 23:24:52.0082 0776 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/06/13 23:24:52.0144 0776 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
2011/06/13 23:24:52.0206 0776 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/06/13 23:24:52.0253 0776 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/06/13 23:24:52.0347 0776 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/06/13 23:24:52.0394 0776 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
2011/06/13 23:24:52.0440 0776 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
2011/06/13 23:24:52.0503 0776 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/06/13 23:24:52.0534 0776 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
2011/06/13 23:24:52.0612 0776 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/06/13 23:24:52.0706 0776 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
2011/06/13 23:24:52.0752 0776 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/06/13 23:24:52.0799 0776 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/06/13 23:24:52.0877 0776 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
2011/06/13 23:24:52.0940 0776 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
2011/06/13 23:24:52.0986 0776 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/06/13 23:24:53.0049 0776 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/06/13 23:24:53.0111 0776 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
2011/06/13 23:24:53.0252 0776 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/06/13 23:24:53.0423 0776 eeCtrl (eb0883462ac43829e47929d705d40933) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
2011/06/13 23:24:53.0501 0776 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/06/13 23:24:53.0595 0776 enecir (524c79054636d2e5751169005006460b) C:\Windows\system32\DRIVERS\enecir.sys
2011/06/13 23:24:53.0642 0776 EraserUtilRebootDrv (86fc0d272f6bb43e7214d4ba955a41e7) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
2011/06/13 23:24:53.0688 0776 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
2011/06/13 23:24:53.0766 0776 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/06/13 23:24:53.0798 0776 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/06/13 23:24:53.0844 0776 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/06/13 23:24:53.0891 0776 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/06/13 23:24:53.0922 0776 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/06/13 23:24:53.0954 0776 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/06/13 23:24:54.0000 0776 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
2011/06/13 23:24:54.0047 0776 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/06/13 23:24:54.0094 0776 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
2011/06/13 23:24:54.0156 0776 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/06/13 23:24:54.0219 0776 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/06/13 23:24:54.0266 0776 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/06/13 23:24:54.0328 0776 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/06/13 23:24:54.0359 0776 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/06/13 23:24:54.0390 0776 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
2011/06/13 23:24:54.0422 0776 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
2011/06/13 23:24:54.0468 0776 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
2011/06/13 23:24:54.0500 0776 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/06/13 23:24:54.0562 0776 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/06/13 23:24:54.0593 0776 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/06/13 23:24:54.0671 0776 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
2011/06/13 23:24:54.0765 0776 hpdskflt (05712fddbd45a5864eb326faabc6a4e3) C:\Windows\system32\DRIVERS\hpdskflt.sys
2011/06/13 23:24:54.0796 0776 HpGmb001 (b83cb327083e4b4bd08029e3b1954964) C:\Windows\system32\DRIVERS\HpGmb001.SYS
2011/06/13 23:24:54.0843 0776 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
2011/06/13 23:24:54.0874 0776 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
2011/06/13 23:24:54.0905 0776 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
2011/06/13 23:24:54.0968 0776 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
2011/06/13 23:24:55.0014 0776 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
2011/06/13 23:24:55.0061 0776 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\Windows\system32\DRIVERS\iaStor.sys
2011/06/13 23:24:55.0092 0776 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
2011/06/13 23:24:55.0248 0776 IDSVia64 (d321ff68ff6986bcc18fe85943cb55ef) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20110610.006\IDSvia64.sys
2011/06/13 23:24:55.0482 0776 igfx (404548917acaaa314165c2882b045c94) C:\Windows\system32\DRIVERS\igdkmd64.sys
2011/06/13 23:24:55.0685 0776 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/06/13 23:24:55.0732 0776 IntcDAud (49072edbc5c2f964917d1b585c90ed0a) C:\Windows\system32\DRIVERS\IntcDAud.sys
2011/06/13 23:24:55.0779 0776 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
2011/06/13 23:24:55.0826 0776 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/06/13 23:24:55.0872 0776 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/06/13 23:24:55.0935 0776 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
2011/06/13 23:24:55.0997 0776 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/06/13 23:24:56.0028 0776 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/06/13 23:24:56.0075 0776 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
2011/06/13 23:24:56.0122 0776 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
2011/06/13 23:24:56.0169 0776 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
2011/06/13 23:24:56.0216 0776 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
2011/06/13 23:24:56.0247 0776 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
2011/06/13 23:24:56.0278 0776 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
2011/06/13 23:24:56.0294 0776 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/06/13 23:24:56.0356 0776 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/06/13 23:24:56.0418 0776 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/06/13 23:24:56.0465 0776 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/06/13 23:24:56.0496 0776 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/06/13 23:24:56.0512 0776 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/06/13 23:24:56.0559 0776 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/06/13 23:24:56.0606 0776 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/06/13 23:24:56.0637 0776 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/06/13 23:24:56.0668 0776 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/06/13 23:24:56.0715 0776 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/06/13 23:24:56.0762 0776 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
2011/06/13 23:24:56.0808 0776 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/06/13 23:24:56.0824 0776 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
2011/06/13 23:24:56.0871 0776 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
2011/06/13 23:24:56.0902 0776 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/06/13 23:24:56.0949 0776 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
2011/06/13 23:24:56.0996 0776 mrxsmb (c2b4651001a867ff3f8865863b592991) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/06/13 23:24:57.0042 0776 mrxsmb10 (7e79946afc5f799ab62982282be5ac13) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/06/13 23:24:57.0089 0776 mrxsmb20 (5fb954100cea2bfec6446fbbecaa3f79) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/06/13 23:24:57.0120 0776 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
2011/06/13 23:24:57.0167 0776 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
2011/06/13 23:24:57.0214 0776 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/06/13 23:24:57.0261 0776 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/06/13 23:24:57.0276 0776 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
2011/06/13 23:24:57.0323 0776 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/06/13 23:24:57.0354 0776 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/06/13 23:24:57.0370 0776 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/06/13 23:24:57.0401 0776 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
2011/06/13 23:24:57.0448 0776 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
2011/06/13 23:24:57.0479 0776 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/06/13 23:24:57.0510 0776 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/06/13 23:24:57.0557 0776 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/06/13 23:24:57.0620 0776 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/06/13 23:24:57.0760 0776 NAVENG (f594e1acbbb3ba48586b5dd69b3a6bc2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110613.024\ENG64.SYS
2011/06/13 23:24:57.0838 0776 NAVEX15 (cfe00b55488acf0cd9f62b0401297864) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110613.024\EX64.SYS
2011/06/13 23:24:57.0978 0776 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
2011/06/13 23:24:58.0056 0776 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/06/13 23:24:58.0103 0776 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/06/13 23:24:58.0150 0776 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/06/13 23:24:58.0181 0776 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/06/13 23:24:58.0212 0776 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
2011/06/13 23:24:58.0275 0776 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/06/13 23:24:58.0290 0776 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
2011/06/13 23:24:58.0462 0776 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
2011/06/13 23:24:58.0634 0776 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/06/13 23:24:58.0665 0776 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/06/13 23:24:58.0696 0776 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/06/13 23:24:58.0743 0776 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
2011/06/13 23:24:58.0821 0776 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/06/13 23:24:58.0868 0776 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
2011/06/13 23:24:58.0899 0776 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
2011/06/13 23:24:58.0930 0776 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
2011/06/13 23:24:58.0977 0776 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
2011/06/13 23:24:59.0055 0776 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/06/13 23:24:59.0086 0776 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
2011/06/13 23:24:59.0117 0776 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
2011/06/13 23:24:59.0164 0776 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/06/13 23:24:59.0195 0776 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/06/13 23:24:59.0226 0776 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/06/13 23:24:59.0258 0776 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/06/13 23:24:59.0367 0776 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
2011/06/13 23:24:59.0382 0776 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/06/13 23:24:59.0429 0776 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
2011/06/13 23:24:59.0476 0776 PTUMWBus (452c20382df763f966c12dc48259f34e) C:\Windows\system32\DRIVERS\PTUMWBus.sys
2011/06/13 23:24:59.0523 0776 PTUMWCSP (46823290bf74dffebb4e30f9d1e6a46e) C:\Windows\system32\DRIVERS\PTUMWCSP.sys
2011/06/13 23:24:59.0601 0776 PTUMWFLT (ac86bb916fbea16b0005efc3ba3adb58) C:\Windows\system32\DRIVERS\PTUMWFLT.sys
2011/06/13 23:24:59.0648 0776 PTUMWMdm (cb146794bc3b96661a32cbd68673b479) C:\Windows\system32\DRIVERS\PTUMWMdm.sys
2011/06/13 23:24:59.0694 0776 PTUMWNET (329e77868a92bb6f97c119050d97e9ec) C:\Windows\system32\DRIVERS\PTUMWNET.sys
2011/06/13 23:24:59.0726 0776 PTUMWNSP (258aad147f0b5b7ec45c71d9369145ac) C:\Windows\system32\DRIVERS\PTUMWNSP.sys
2011/06/13 23:24:59.0772 0776 PTUMWVsp (4ffd7e6d2cb293849c1181d08717ea09) C:\Windows\system32\DRIVERS\PTUMWVsp.sys
2011/06/13 23:24:59.0850 0776 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/06/13 23:24:59.0928 0776 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/06/13 23:24:59.0975 0776 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/06/13 23:25:00.0006 0776 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/06/13 23:25:00.0053 0776 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/06/13 23:25:00.0116 0776 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/06/13 23:25:00.0147 0776 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/06/13 23:25:00.0162 0776 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/06/13 23:25:00.0194 0776 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
2011/06/13 23:25:00.0240 0776 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/06/13 23:25:00.0272 0776 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/06/13 23:25:00.0318 0776 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/06/13 23:25:00.0365 0776 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/06/13 23:25:00.0396 0776 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
2011/06/13 23:25:00.0459 0776 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
2011/06/13 23:25:00.0506 0776 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/06/13 23:25:00.0630 0776 RimVSerPort (0de22421179d5a8440b68517ddf2b051) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
2011/06/13 23:25:00.0677 0776 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
2011/06/13 23:25:00.0708 0776 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/06/13 23:25:00.0771 0776 RSUSBSTOR (db30aa4daa0d492fa5d7717d8181ffa1) C:\Windows\system32\Drivers\RtsUStor.sys
2011/06/13 23:25:00.0833 0776 RTL8167 (f65f171165fbb613f7aa3cc78e8cab42) C:\Windows\system32\DRIVERS\Rt64win7.sys
2011/06/13 23:25:00.0880 0776 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
2011/06/13 23:25:00.0911 0776 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
2011/06/13 23:25:00.0958 0776 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
2011/06/13 23:25:01.0005 0776 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/06/13 23:25:01.0052 0776 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/06/13 23:25:01.0083 0776 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/06/13 23:25:01.0114 0776 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/06/13 23:25:01.0161 0776 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
2011/06/13 23:25:01.0192 0776 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
2011/06/13 23:25:01.0223 0776 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
2011/06/13 23:25:01.0254 0776 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/06/13 23:25:01.0301 0776 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/06/13 23:25:01.0332 0776 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/06/13 23:25:01.0379 0776 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/06/13 23:25:01.0442 0776 SMSIVZAM5X64 (b5d3c24e4ea8e6d4850e83dad8c510d4) C:\PROGRA~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS
2011/06/13 23:25:01.0520 0776 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/06/13 23:25:01.0613 0776 SRTSP (96babc4906ecdb1c69d1176f8647ad8e) C:\Windows\System32\Drivers\N360x64\0403000.005\SRTSP64.SYS
2011/06/13 23:25:01.0676 0776 SRTSPX (c7f491a290e0e4222f5cdcd50eeb8167) C:\Windows\system32\drivers\N360x64\0403000.005\SRTSPX64.SYS
2011/06/13 23:25:01.0738 0776 srv (65bbf4920148c2ee279055da7228fc7b) C:\Windows\system32\DRIVERS\srv.sys
2011/06/13 23:25:01.0785 0776 srv2 (da939f762a1ccc2d77428621ddbd40a7) C:\Windows\system32\DRIVERS\srv2.sys
2011/06/13 23:25:01.0847 0776 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
2011/06/13 23:25:01.0925 0776 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
2011/06/13 23:25:01.0988 0776 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
2011/06/13 23:25:02.0034 0776 srvnet (3f847c9dc87299516f7dc82fb6572865) C:\Windows\system32\DRIVERS\srvnet.sys
2011/06/13 23:25:02.0097 0776 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/06/13 23:25:02.0144 0776 STHDA (1fedf8d130ce221521b9bad6703b92de) C:\Windows\system32\DRIVERS\stwrt64.sys
2011/06/13 23:25:02.0190 0776 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
2011/06/13 23:25:02.0268 0776 SymDS (659b227a72b76115975a6a9491b2fe1f) C:\Windows\system32\drivers\N360x64\0403000.005\SYMDS64.SYS
2011/06/13 23:25:02.0331 0776 SymEFA (42c952d131eff724a9959bb6d78c1b63) C:\Windows\system32\drivers\N360x64\0403000.005\SYMEFA64.SYS
2011/06/13 23:25:02.0378 0776 SymEvent (3f9d5fe52585e2653e59fdbfdf09a94c) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2011/06/13 23:25:02.0409 0776 SymIRON (f57588546e738db1583981d8f44e9bc2) C:\Windows\system32\drivers\N360x64\0403000.005\Ironx64.SYS
2011/06/13 23:25:02.0471 0776 SYMTDIv (8abb6e5b7d75cd3f0a988695d0d9186a) C:\Windows\System32\Drivers\N360x64\0403000.005\SYMTDIV.SYS
2011/06/13 23:25:02.0518 0776 SynTP (924d711941956f7420a4925592be8253) C:\Windows\system32\DRIVERS\SynTP.sys
2011/06/13 23:25:02.0658 0776 Tcpip (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\drivers\tcpip.sys
2011/06/13 23:25:02.0783 0776 TCPIP6 (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\DRIVERS\tcpip.sys
2011/06/13 23:25:02.0814 0776 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
2011/06/13 23:25:02.0846 0776 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/06/13 23:25:02.0877 0776 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/06/13 23:25:02.0908 0776 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
2011/06/13 23:25:02.0924 0776 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
2011/06/13 23:25:02.0986 0776 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/06/13 23:25:03.0048 0776 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
2011/06/13 23:25:03.0095 0776 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
2011/06/13 23:25:03.0142 0776 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/06/13 23:25:03.0173 0776 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
2011/06/13 23:25:03.0236 0776 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
2011/06/13 23:25:03.0267 0776 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
2011/06/13 23:25:03.0298 0776 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/06/13 23:25:03.0345 0776 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\drivers\usbccgp.sys
2011/06/13 23:25:03.0376 0776 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
2011/06/13 23:25:03.0423 0776 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\DRIVERS\usbehci.sys
2011/06/13 23:25:03.0454 0776 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
2011/06/13 23:25:03.0485 0776 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2011/06/13 23:25:03.0516 0776 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/06/13 23:25:03.0594 0776 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2011/06/13 23:25:03.0626 0776 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/06/13 23:25:03.0672 0776 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/06/13 23:25:03.0719 0776 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
2011/06/13 23:25:03.0750 0776 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
2011/06/13 23:25:03.0797 0776 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/06/13 23:25:03.0828 0776 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/06/13 23:25:03.0860 0776 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
2011/06/13 23:25:03.0891 0776 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
2011/06/13 23:25:03.0906 0776 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
2011/06/13 23:25:03.0938 0776 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
2011/06/13 23:25:03.0969 0776 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
2011/06/13 23:25:04.0031 0776 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/06/13 23:25:04.0047 0776 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/06/13 23:25:04.0078 0776 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/06/13 23:25:04.0109 0776 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
2011/06/13 23:25:04.0156 0776 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/06/13 23:25:04.0203 0776 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/13 23:25:04.0218 0776 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/13 23:25:04.0281 0776 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/06/13 23:25:04.0328 0776 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/06/13 23:25:04.0390 0776 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/06/13 23:25:04.0421 0776 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/06/13 23:25:04.0499 0776 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/06/13 23:25:04.0608 0776 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
2011/06/13 23:25:04.0671 0776 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/06/13 23:25:04.0718 0776 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
2011/06/13 23:25:04.0749 0776 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/06/13 23:25:04.0811 0776 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
2011/06/13 23:25:04.0889 0776 MBR (0x1B8) (5324087956718af58657053fccba966b) \Device\Harddisk0\DR0
2011/06/13 23:25:04.0905 0776 ================================================================================
2011/06/13 23:25:04.0905 0776 Scan finished
2011/06/13 23:25:04.0905 0776 ================================================================================
2011/06/13 23:25:04.0905 2908 Detected object count: 0
2011/06/13 23:25:04.0905 2908 Actual detected object count: 0

[emeraldnzl]

Hello rickdeez,

Please download ComboFix from one of these locations:

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.
  
  Note: If AVG or CA Internet Security Suite is installed, you must remove these programs before using Combofix. If for some reason these applications will not uninstall, try uninstalling with AppRemover by Opswat. http://www.appremove...ed-applications
  
• Double click on ComboFix.exe & follow the prompts.
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply.