Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Tidserv 2 Activity Removal Question [Closed]

Started by pgballer , Jan 02 2012 10:31 PM

  • This topic is locked This topic is locked

#1
pgballer
Posted 02 January 2012 - 10:31 PM

pgballer

    New Member

  • Member
  • Pip
  • 1 posts
My brother suggested that i post on this site for help, this is my first posting and i will try to be as specific as possible. Last week i got a fake xp security 2012 updated that got on our computer. We were able to remove it by updating our norton account which had run out a couple of weeks ago. A Norton warning message started popping up about Tidserv 2 Activity. We ran the manual removal, but it stated there was no activity. The Tidserv warning kept coming up. Internet continues to run slowly, and we have started to have a blue error screen pop up when we restart the computer. I ran the OTL program tonight and i have posted the txt note pad below. Not sure what i do from here? What should be my next step? Thanks so much for any help.

OTL logfile created on: 1/2/2012 8:11:06 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Dan\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.84 Mb Total Physical Memory | 554.42 Mb Available Physical Memory | 54.69% Memory free
2.38 Gb Paging File | 1.85 Gb Available in Paging File | 77.49% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.33 Gb Total Space | 76.91 Gb Free Space | 53.29% Space Free | Partition Type: NTFS

Computer Name: AUBREYDAN | User Name: Dan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/02 20:01:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dan\Desktop\OTL.exe
PRC - [2011/12/27 06:16:44 | 000,508,928 | ---- | M] () -- C:\WINDOWS\svcs.exe
PRC - [2011/06/03 06:24:49 | 000,149,904 | ---- | M] (Microsoft ® Corporation) -- C:\Documents and Settings\Friends\Forefront UAG Remote Access Agent\mympcmpcedu\myportal0\uagqecsvc.exe
PRC - [2011/02/18 10:47:12 | 000,079,192 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
PRC - [2010/07/21 03:43:54 | 000,965,176 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi.exe
PRC - [2010/05/20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2009/11/10 09:14:38 | 000,443,728 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
PRC - [2009/11/10 08:28:06 | 001,131,808 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2009/07/27 16:19:10 | 000,199,184 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
PRC - [2008/04/13 16:12:33 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Restore\rstrui.exe
PRC - [2008/04/13 16:12:31 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ping.exe
PRC - [2008/04/13 16:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/04/24 13:55:18 | 000,032,768 | ---- | M] () -- C:\Program Files\MagicTune Premium\MagicTuneEngine.exe
PRC - [2007/01/15 16:18:00 | 000,036,864 | ---- | M] () -- C:\Program Files\MagicTune Premium\GammaTray.exe
PRC - [2006/12/21 05:54:50 | 001,158,144 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
PRC - [2006/12/21 05:54:50 | 000,785,920 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
PRC - [2006/07/24 08:20:00 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2006/07/06 05:15:00 | 000,151,552 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2006/07/06 05:14:30 | 000,090,112 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2005/10/05 01:12:00 | 000,094,208 | ---- | M] () -- C:\Program Files\Dell\Media Experience\DMXLauncher.exe
PRC - [2005/09/08 03:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2004/04/07 10:07:32 | 001,135,728 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe


========== Modules (No Company Name) ==========

MOD - [2011/12/27 06:16:44 | 000,508,928 | ---- | M] () -- C:\WINDOWS\svcs.exe
MOD - [2011/02/04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2010/02/05 10:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2009/11/03 15:51:42 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/09/04 21:31:52 | 002,076,672 | ---- | M] () -- C:\Program Files\LeapFrog\LeapFrog Connect\QtCore4.dll
MOD - [2009/06/19 20:54:40 | 007,745,536 | ---- | M] () -- C:\Program Files\LeapFrog\LeapFrog Connect\QtGui4.dll
MOD - [2008/06/20 08:02:47 | 000,245,248 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.dll
MOD - [2008/06/20 08:02:47 | 000,245,248 | ---- | M] () -- \\.\globalroot\systemroot\system32\mswsock.dll
MOD - [2008/04/13 16:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 16:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/06/15 14:57:20 | 000,053,248 | ---- | M] () -- C:\Program Files\MagicTune Premium\DProfile.dll
MOD - [2007/06/15 14:57:18 | 000,053,248 | ---- | M] () -- C:\Program Files\MagicTune Premium\EProfile.dll
MOD - [2007/06/15 14:57:14 | 000,057,344 | ---- | M] () -- C:\Program Files\MagicTune Premium\VESADll.dll
MOD - [2007/06/15 14:57:14 | 000,057,344 | ---- | M] () -- C:\Program Files\MagicTune Premium\IProfile.dll
MOD - [2007/06/15 14:57:10 | 000,057,344 | ---- | M] () -- C:\Program Files\MagicTune Premium\DeviceInterface.dll
MOD - [2007/06/13 11:15:52 | 000,073,728 | ---- | M] () -- C:\Program Files\MagicTune Premium\MagicTuneCore.dll
MOD - [2007/04/24 13:55:18 | 000,032,768 | ---- | M] () -- C:\Program Files\MagicTune Premium\MagicTuneEngine.exe
MOD - [2007/01/15 16:18:00 | 000,036,864 | ---- | M] () -- C:\Program Files\MagicTune Premium\GammaTray.exe
MOD - [2005/10/05 01:12:00 | 000,094,208 | ---- | M] () -- C:\Program Files\Dell\Media Experience\DMXLauncher.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/12/27 06:16:44 | 000,508,928 | ---- | M] () [Auto | Running] -- C:\WINDOWS\svcs.exe -- (NetworkLog)
SRV - [2011/06/03 06:24:49 | 000,149,904 | ---- | M] (Microsoft ® Corporation) [Auto | Running] -- C:\Documents and Settings\Friends\Forefront UAG Remote Access Agent\mympcmpcedu\myportal0\uagqecsvc.exe -- (uagqecsvc)
SRV - [2010/05/20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2009/11/10 08:28:06 | 001,131,808 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2007/04/24 13:55:18 | 000,032,768 | ---- | M] () [Auto | Running] -- C:\Program Files\MagicTune Premium\MagicTuneEngine.exe -- (MagicTuneEngine)
SRV - [2006/12/21 05:54:51 | 000,086,528 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe -- (GoogleDesktopManager)
SRV - [2006/07/06 05:14:30 | 000,090,112 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2004/04/07 10:07:32 | 001,135,728 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - [2012/01/01 22:27:12 | 000,026,872 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\FixTDSS.sys -- (FixTDSS)
DRV - [2010/07/07 06:05:32 | 000,014,904 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/05/20 15:27:24 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2007/06/11 07:33:20 | 000,012,672 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MTiCtwl.sys -- (MagicTune)
DRV - [2006/12/21 05:51:51 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2006/12/21 05:49:40 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2006/07/24 08:20:00 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/06/05 01:39:56 | 000,024,064 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iqvw32.sys -- (NAL)
DRV - [2006/01/10 09:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/09/08 03:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/09/08 03:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/09/08 03:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/09/08 03:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/09/08 03:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/09/08 03:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/09/08 03:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/08/25 10:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 10:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2003/11/17 12:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 12:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 12:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/01/10 14:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6061221
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6061221

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6061221
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=us&ibd=6061221
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 6522
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010/08/24 02:09:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/02/15 17:49:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/13 10:42:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/26 22:40:27 | 000,000,000 | ---D | M]

[2010/08/21 15:22:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dan\Application Data\Mozilla\Extensions
[2010/08/21 15:22:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dan\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011/04/01 22:01:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\t44t5xdr.default\extensions
[2010/11/27 14:23:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\t44t5xdr.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/05/30 10:38:54 | 000,002,470 | ---- | M] () -- C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\t44t5xdr.default\searchplugins\safesearch.xml
[2011/11/13 10:42:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/13 10:42:20 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011/01/17 08:32:08 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/11/13 10:42:19 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/11/06 11:37:34 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2011/11/26 22:40:26 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2011/11/26 22:40:26 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2011/11/26 22:40:26 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2011/05/27 16:26:50 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2011/10/01 06:03:34 | 000,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2010/07/22 15:41:04 | 000,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2011/10/01 06:03:34 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/07/22 15:41:04 | 000,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2011/10/01 06:03:34 | 000,001,131 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2011/10/01 06:03:34 | 000,002,364 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2011/11/13 10:42:19 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2011/10/01 06:03:34 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2011/10/01 06:03:34 | 000,001,096 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

Hosts file not found
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.1.0.28\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.1.0.28\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.1.0.28\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Monitor] C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe File not found
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil10l_ActiveX.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GammaTray.lnk = C:\Program Files\MagicTune Premium\GammaTray.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan.lnk = C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe (Nikon Corporation)
O4 - Startup: C:\Documents and Settings\Dan\Start Menu\Programs\Startup\Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe (Secunia)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_22.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {26B2A5DA-BFD6-422F-A89A-28A54C74B12B} http://www.costcopho...veX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} http://disney.go.com...OnlineGames.cab (Disney Online Games ActiveX Control)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www.costcopho...stcoActivia.cab (Snapfish Activia)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail....es/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1226294572830 (MUWebControl Class)
O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} http://www.kodakgall..._2/axofupld.cab (Kodak Gallery Easy Upload Manager Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} http://panda-plugin..../p3dactivex.cab (P3DActiveX Control)
O16 - DPF: {A1662FB6-39BE-41BB-ACDC-0448FB1B5817} http://images3.pnime...veX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {A30FBBDC-FA29-4606-8565-14AADCCA6708} https://photos.ritea...PhotoOnline.cab (Rite Aid One Hour Photo Online Control)
O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} http://offers.e-cent...bin/actxcab.cab (CBSTIEPrint Class)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnime...veX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DEA6994F-3ED5-40BC-B5E3-0FD02411B1B4} http://www.costcopho...eX_Control.cab? (Photo Upload Plugin Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail....ol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O16 - DPF: {EFD1E13D-1CB3-4545-B754-CA410FE7734F} http://www.costcopho...veX_Control.cab (Photo Upload Plugin Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.76.182 68.87.78.134
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D430587A-7836-4442-B92E-5128CAEEDEA4}: DhcpNameServer = 68.87.76.182 68.87.78.134
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) -C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) -C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) -C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") -C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O29 - HKLM SecurityProviders - (msapsspc.dll) -C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) -C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) -C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) -C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) -C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/08/20 22:01:41 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/02 20:01:41 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dan\Desktop\OTL.exe
[2012/01/02 18:14:28 | 000,127,096 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2012/01/02 18:14:28 | 000,060,872 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2012/01/02 18:14:28 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012/01/02 18:13:43 | 000,897,656 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1301000.01C\SymEFA.sys
[2012/01/02 18:13:43 | 000,566,904 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1301000.01C\srtsp.sys
[2012/01/02 18:13:43 | 000,387,192 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1301000.01C\symtdi.sys
[2012/01/02 18:13:43 | 000,344,184 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1301000.01C\symtdiv.sys
[2012/01/02 18:13:43 | 000,340,088 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1301000.01C\SymDS.sys
[2012/01/02 18:13:43 | 000,314,488 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1301000.01C\symnets.sys
[2012/01/02 18:13:43 | 000,149,624 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1301000.01C\Ironx86.sys
[2012/01/02 18:13:43 | 000,031,864 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1301000.01C\srtspx.sys
[2012/01/02 18:13:42 | 000,132,744 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1301000.01C\ccSetx86.sys
[2012/01/02 18:13:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS
[2012/01/02 18:13:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS\1301000.01C
[2012/01/02 18:13:16 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Internet Security
[2012/01/02 18:13:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Norton Internet Security
[2012/01/02 18:13:08 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2012/01/02 17:50:36 | 000,000,000 | ---D | C] -- C:\TDSSKiller
[2012/01/02 14:02:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Start Menu\Programs\Norton
[2012/01/02 14:02:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Norton
[2012/01/01 22:27:12 | 000,026,872 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\FixTDSS.sys
[2012/01/01 22:27:12 | 000,000,000 | ---D | C] -- C:\FixTDSS
[2011/12/31 21:33:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2011/12/29 23:52:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple Computer
[2011/12/27 07:01:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/12/27 06:31:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/12/26 04:23:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2011/12/25 22:54:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/12/25 22:53:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Documents and Settings\Dan\My Documents\*.tmp files -> C:\Documents and Settings\Dan\My Documents\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/02 20:01:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dan\Desktop\OTL.exe
[2012/01/02 19:59:19 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{14268A64-36C0-4FF9-9C90-1FCAD53341FE}.job
[2012/01/02 19:44:04 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/02 19:23:39 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/01/02 18:29:30 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/01/02 18:27:23 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/02 18:27:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/02 18:26:56 | 1063,165,952 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/02 18:22:38 | 000,127,096 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2012/01/02 18:22:38 | 000,060,872 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2012/01/02 18:22:38 | 000,007,510 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2012/01/02 18:22:38 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2012/01/02 18:22:36 | 000,001,973 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton Internet Security.LNK
[2012/01/02 14:27:18 | 000,000,746 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\Norton Installation Files.lnk
[2012/01/02 14:06:05 | 000,006,184 | ---- | M] () -- C:\{ACDA2F2F-F476-4E8A-854B-DAA2D4A716C7}
[2012/01/02 11:35:31 | 000,004,872 | ---- | M] () -- C:\{DFF1F29B-574F-4912-9B16-009C8C1DF454}
[2012/01/02 02:50:45 | 000,004,872 | ---- | M] () -- C:\{1B2171D3-3EB9-4BF9-A82E-38DF3049EAC5}
[2012/01/01 23:13:14 | 000,004,888 | ---- | M] () -- C:\{D696A1B1-F85B-422F-815A-FD02B9883BC1}
[2012/01/01 23:06:50 | 000,004,880 | ---- | M] () -- C:\{B5993130-6604-4554-AFF1-C96FC5A128DC}
[2012/01/01 23:05:40 | 000,004,880 | ---- | M] () -- C:\{A8919B38-A1B1-4883-9826-BE698AC3B4D2}
[2012/01/01 22:27:12 | 000,026,872 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\FixTDSS.sys
[2012/01/01 20:08:45 | 000,004,880 | ---- | M] () -- C:\{59B52F73-288E-4169-A8BB-DDE620278C06}
[2012/01/01 18:16:36 | 000,004,872 | ---- | M] () -- C:\{12C7EE93-51F6-419E-8960-1EDEB5A9DC77}
[2012/01/01 14:03:29 | 000,006,192 | ---- | M] () -- C:\{E7D9AEAD-94A2-498C-842F-2AE316A77118}
[2012/01/01 11:28:14 | 000,004,880 | ---- | M] () -- C:\{618ECA14-8E49-4568-B18A-B7E5C56F9B5E}
[2012/01/01 10:26:29 | 000,004,880 | ---- | M] () -- C:\{C1C9403C-D8A4-492D-A097-F27D156B27E5}
[2012/01/01 03:04:01 | 000,004,880 | ---- | M] () -- C:\{4E702DB9-FE4F-461C-8273-731D3CB4ADAF}
[2012/01/01 00:40:39 | 000,004,880 | ---- | M] () -- C:\{91FD03E8-976B-4434-AE9A-758C9BA0FCEE}
[2011/12/31 23:49:10 | 000,004,864 | ---- | M] () -- C:\{B7674867-A329-4D9E-824D-1B3586EA3C88}
[2011/12/31 21:45:02 | 000,004,888 | ---- | M] () -- C:\{92207A95-F97F-4703-8EFE-42CD358C2306}
[2011/12/31 16:07:02 | 000,004,880 | ---- | M] () -- C:\{9B3C2AF2-C1FB-4C23-878D-80ABE6F331B0}
[2011/12/31 08:57:24 | 000,004,872 | ---- | M] () -- C:\{E8341511-177F-476C-B820-DCB530BCAA96}
[2011/12/31 07:21:26 | 000,004,872 | ---- | M] () -- C:\{E5105E08-03E2-4553-A238-3048FC1A9B3F}
[2011/12/31 02:51:43 | 000,004,872 | ---- | M] () -- C:\{51436A8B-1A02-4F3C-B0E7-1A557BEDEB44}
[2011/12/31 00:05:52 | 000,004,872 | ---- | M] () -- C:\{B730537C-FE91-4338-939C-22EA24BFC1A1}
[2011/12/30 22:51:54 | 000,004,880 | ---- | M] () -- C:\{890D8546-0FC8-4322-B1FE-91C8CD04CFA1}
[2011/12/30 22:45:11 | 000,004,880 | ---- | M] () -- C:\{B4705C70-7EA8-4641-B614-E2E72493D8CC}
[2011/12/30 16:38:03 | 000,004,872 | ---- | M] () -- C:\{67E554D5-F2ED-4CD2-A35E-34C7B240948F}
[2011/12/30 14:45:14 | 000,004,872 | ---- | M] () -- C:\{EEED392B-0499-4AF2-A464-900463EDF21A}
[2011/12/30 08:53:07 | 000,004,872 | ---- | M] () -- C:\{B1552E2A-4832-464C-88BA-C1F1A54FD50C}
[2011/12/29 16:24:32 | 000,004,864 | ---- | M] () -- C:\{D8B4A8F0-A7C8-4811-B3AE-4A256B52B082}
[2011/12/29 13:14:59 | 000,004,872 | ---- | M] () -- C:\{8B7564A4-EC37-4457-B51F-7E93604B8373}
[2011/12/29 12:33:35 | 000,004,880 | ---- | M] () -- C:\{2FA22448-DEFB-4D1F-A87A-1FC02C57CA26}
[2011/12/29 08:20:27 | 000,004,872 | ---- | M] () -- C:\{31CA8530-A0AA-4581-93EC-188DD2529287}
[2011/12/29 05:09:04 | 000,004,880 | ---- | M] () -- C:\{08FF1638-DCA9-41D2-A0CE-446A4E609FA8}
[2011/12/29 00:01:32 | 000,004,880 | ---- | M] () -- C:\{966F489B-31E4-49F7-B6A8-7B3D4376CC95}
[2011/12/28 23:37:42 | 000,004,880 | ---- | M] () -- C:\{4FE8034C-5089-423B-BF2F-2041AFCDE41E}
[2011/12/28 23:31:33 | 000,004,880 | ---- | M] () -- C:\{E988184E-ADA3-43CA-B436-3FBE5C9EEE91}
[2011/12/28 23:24:37 | 000,004,872 | ---- | M] () -- C:\{31042872-E9A1-4B79-83AD-335B9D5EFE4D}
[2011/12/28 22:29:24 | 000,004,880 | ---- | M] () -- C:\{98269710-B1BD-430E-ABE3-1304DFE99EAB}
[2011/12/28 22:20:00 | 000,004,864 | ---- | M] () -- C:\{BAF5335B-9D85-43C8-813A-F7E44912C953}
[2011/12/28 22:11:32 | 000,004,880 | ---- | M] () -- C:\{A116E5E1-072C-4E12-9BDE-79BC9E1D18D6}
[2011/12/28 22:01:12 | 000,004,888 | ---- | M] () -- C:\{D8677CBB-BDD8-4FC4-AC3B-8D958BAFBA4D}
[2011/12/28 21:53:39 | 000,004,880 | ---- | M] () -- C:\{5A62D0DA-1DAD-4A98-8B16-35FB3E449512}
[2011/12/28 21:46:22 | 000,004,880 | ---- | M] () -- C:\{4DC4F415-768D-4F69-A02A-6FEBE8007064}
[2011/12/28 21:28:40 | 000,004,864 | ---- | M] () -- C:\{5E4B7149-843C-41DF-934F-54CF9A0647D7}
[2011/12/28 21:19:46 | 000,004,856 | ---- | M] () -- C:\{6D655873-BBE8-419C-99A0-2E2485AC4D90}
[2011/12/28 21:16:49 | 000,004,872 | ---- | M] () -- C:\{5A50D426-7A8F-42C6-9FD1-BDA90724A4B0}
[2011/12/28 21:15:10 | 000,004,880 | ---- | M] () -- C:\{58EE8D94-2DB4-45BF-9C85-539626CE8265}
[2011/12/28 21:07:41 | 000,004,880 | ---- | M] () -- C:\{02F26276-E2D5-4ECC-9014-6FDD4EE5A98D}
[2011/12/28 20:58:10 | 000,004,872 | ---- | M] () -- C:\{7225C762-7E91-4E1C-9EBD-E4601B476805}
[2011/12/28 20:52:34 | 000,004,888 | ---- | M] () -- C:\{DBDB5F9E-525C-4317-AC37-6706C2DDC038}
[2011/12/28 20:50:56 | 000,004,872 | ---- | M] () -- C:\{EF45EC91-A58A-42E2-BE26-5D8914B24400}
[2011/12/28 20:48:17 | 000,004,872 | ---- | M] () -- C:\{1A12FF1D-59DA-46E2-816C-755D09C0D105}
[2011/12/28 20:38:55 | 000,004,880 | ---- | M] () -- C:\{7BA4E055-4502-47AF-A35B-C1F9F5EEECED}
[2011/12/28 20:30:27 | 000,004,880 | ---- | M] () -- C:\{7BA86222-5112-47AA-9A3D-7F6CBFEBDE60}
[2011/12/28 20:17:08 | 000,004,872 | ---- | M] () -- C:\{6635BB0C-D3B3-4327-9EF6-22F0925DA328}
[2011/12/28 17:29:19 | 000,004,880 | ---- | M] () -- C:\{561073CE-2077-4808-AEA0-95EBCC5220E6}
[2011/12/28 14:44:07 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/12/28 09:17:18 | 000,018,406 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\et48moqk5ux1714vm7423dy5le1nx3u1
[2011/12/27 06:16:44 | 000,508,928 | ---- | M] () -- C:\WINDOWS\svcs.exe
[2011/12/24 07:27:42 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT
[2011/12/16 03:24:05 | 000,290,888 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/16 03:06:29 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Documents and Settings\Dan\My Documents\*.tmp files -> C:\Documents and Settings\Dan\My Documents\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/02 18:14:28 | 000,007,510 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2012/01/02 18:14:28 | 000,000,806 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2012/01/02 18:14:25 | 000,001,973 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton Internet Security.LNK
[2012/01/02 18:13:33 | 000,003,433 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1301000.01C\SymEFA.inf
[2012/01/02 18:13:33 | 000,002,852 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1301000.01C\SymDS.inf
[2012/01/02 18:13:33 | 000,001,468 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1301000.01C\SymNetV.inf
[2012/01/02 18:13:33 | 000,001,440 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1301000.01C\SymNet.inf
[2012/01/02 18:13:33 | 000,001,389 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1301000.01C\srtspx.inf
[2012/01/02 18:13:33 | 000,001,389 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1301000.01C\srtsp.inf
[2012/01/02 18:13:33 | 000,000,828 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1301000.01C\ccSetx86.inf
[2012/01/02 18:13:33 | 000,000,742 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1301000.01C\Iron.inf
[2012/01/02 18:13:19 | 000,007,877 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1301000.01C\symnetv.cat
[2012/01/02 18:13:19 | 000,007,510 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1301000.01C\ccSetx86.cat
[2012/01/02 18:13:19 | 000,007,498 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1301000.01C\SymEFA.cat
[2012/01/02 18:13:19 | 000,007,496 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1301000.01C\srtspx.cat
[2012/01/02 18:13:19 | 000,007,492 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1301000.01C\SymDS.cat
[2012/01/02 18:13:19 | 000,007,492 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1301000.01C\srtsp.cat
[2012/01/02 18:13:19 | 000,007,492 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1301000.01C\iron.cat
[2012/01/02 18:13:19 | 000,007,458 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1301000.01C\SymNet.cat
[2012/01/02 18:13:19 | 000,002,801 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1301000.01C\SymVTcer.dat
[2012/01/02 18:13:19 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1301000.01C\isolate.ini
[2012/01/02 14:06:05 | 000,006,184 | ---- | C] () -- C:\{ACDA2F2F-F476-4E8A-854B-DAA2D4A716C7}
[2012/01/02 14:02:46 | 000,000,746 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\Norton Installation Files.lnk
[2012/01/02 11:35:31 | 000,004,872 | ---- | C] () -- C:\{DFF1F29B-574F-4912-9B16-009C8C1DF454}
[2012/01/02 02:50:45 | 000,004,872 | ---- | C] () -- C:\{1B2171D3-3EB9-4BF9-A82E-38DF3049EAC5}
[2012/01/01 23:13:14 | 000,004,888 | ---- | C] () -- C:\{D696A1B1-F85B-422F-815A-FD02B9883BC1}
[2012/01/01 23:06:50 | 000,004,880 | ---- | C] () -- C:\{B5993130-6604-4554-AFF1-C96FC5A128DC}
[2012/01/01 23:05:40 | 000,004,880 | ---- | C] () -- C:\{A8919B38-A1B1-4883-9826-BE698AC3B4D2}
[2012/01/01 20:08:45 | 000,004,880 | ---- | C] () -- C:\{59B52F73-288E-4169-A8BB-DDE620278C06}
[2012/01/01 18:16:36 | 000,004,872 | ---- | C] () -- C:\{12C7EE93-51F6-419E-8960-1EDEB5A9DC77}
[2012/01/01 14:03:29 | 000,006,192 | ---- | C] () -- C:\{E7D9AEAD-94A2-498C-842F-2AE316A77118}
[2012/01/01 11:28:14 | 000,004,880 | ---- | C] () -- C:\{618ECA14-8E49-4568-B18A-B7E5C56F9B5E}
[2012/01/01 10:26:29 | 000,004,880 | ---- | C] () -- C:\{C1C9403C-D8A4-492D-A097-F27D156B27E5}
[2012/01/01 03:04:01 | 000,004,880 | ---- | C] () -- C:\{4E702DB9-FE4F-461C-8273-731D3CB4ADAF}
[2012/01/01 00:40:39 | 000,004,880 | ---- | C] () -- C:\{91FD03E8-976B-4434-AE9A-758C9BA0FCEE}
[2011/12/31 23:49:10 | 000,004,864 | ---- | C] () -- C:\{B7674867-A329-4D9E-824D-1B3586EA3C88}
[2011/12/31 21:45:02 | 000,004,888 | ---- | C] () -- C:\{92207A95-F97F-4703-8EFE-42CD358C2306}
[2011/12/31 16:07:02 | 000,004,880 | ---- | C] () -- C:\{9B3C2AF2-C1FB-4C23-878D-80ABE6F331B0}
[2011/12/31 08:57:24 | 000,004,872 | ---- | C] () -- C:\{E8341511-177F-476C-B820-DCB530BCAA96}
[2011/12/31 07:21:26 | 000,004,872 | ---- | C] () -- C:\{E5105E08-03E2-4553-A238-3048FC1A9B3F}
[2011/12/31 02:51:43 | 000,004,872 | ---- | C] () -- C:\{51436A8B-1A02-4F3C-B0E7-1A557BEDEB44}
[2011/12/31 00:05:52 | 000,004,872 | ---- | C] () -- C:\{B730537C-FE91-4338-939C-22EA24BFC1A1}
[2011/12/30 22:51:54 | 000,004,880 | ---- | C] () -- C:\{890D8546-0FC8-4322-B1FE-91C8CD04CFA1}
[2011/12/30 22:45:11 | 000,004,880 | ---- | C] () -- C:\{B4705C70-7EA8-4641-B614-E2E72493D8CC}
[2011/12/30 16:38:03 | 000,004,872 | ---- | C] () -- C:\{67E554D5-F2ED-4CD2-A35E-34C7B240948F}
[2011/12/30 14:45:14 | 000,004,872 | ---- | C] () -- C:\{EEED392B-0499-4AF2-A464-900463EDF21A}
[2011/12/30 08:53:07 | 000,004,872 | ---- | C] () -- C:\{B1552E2A-4832-464C-88BA-C1F1A54FD50C}
[2011/12/29 16:24:32 | 000,004,864 | ---- | C] () -- C:\{D8B4A8F0-A7C8-4811-B3AE-4A256B52B082}
[2011/12/29 13:14:59 | 000,004,872 | ---- | C] () -- C:\{8B7564A4-EC37-4457-B51F-7E93604B8373}
[2011/12/29 12:33:35 | 000,004,880 | ---- | C] () -- C:\{2FA22448-DEFB-4D1F-A87A-1FC02C57CA26}
[2011/12/29 08:20:27 | 000,004,872 | ---- | C] () -- C:\{31CA8530-A0AA-4581-93EC-188DD2529287}
[2011/12/29 05:09:04 | 000,004,880 | ---- | C] () -- C:\{08FF1638-DCA9-41D2-A0CE-446A4E609FA8}
[2011/12/29 00:01:32 | 000,004,880 | ---- | C] () -- C:\{966F489B-31E4-49F7-B6A8-7B3D4376CC95}
[2011/12/28 23:37:42 | 000,004,880 | ---- | C] () -- C:\{4FE8034C-5089-423B-BF2F-2041AFCDE41E}
[2011/12/28 23:31:33 | 000,004,880 | ---- | C] () -- C:\{E988184E-ADA3-43CA-B436-3FBE5C9EEE91}
[2011/12/28 23:24:37 | 000,004,872 | ---- | C] () -- C:\{31042872-E9A1-4B79-83AD-335B9D5EFE4D}
[2011/12/28 22:29:24 | 000,004,880 | ---- | C] () -- C:\{98269710-B1BD-430E-ABE3-1304DFE99EAB}
[2011/12/28 22:20:00 | 000,004,864 | ---- | C] () -- C:\{BAF5335B-9D85-43C8-813A-F7E44912C953}
[2011/12/28 22:11:32 | 000,004,880 | ---- | C] () -- C:\{A116E5E1-072C-4E12-9BDE-79BC9E1D18D6}
[2011/12/28 22:01:12 | 000,004,888 | ---- | C] () -- C:\{D8677CBB-BDD8-4FC4-AC3B-8D958BAFBA4D}
[2011/12/28 21:53:39 | 000,004,880 | ---- | C] () -- C:\{5A62D0DA-1DAD-4A98-8B16-35FB3E449512}
[2011/12/28 21:46:22 | 000,004,880 | ---- | C] () -- C:\{4DC4F415-768D-4F69-A02A-6FEBE8007064}
[2011/12/28 21:28:40 | 000,004,864 | ---- | C] () -- C:\{5E4B7149-843C-41DF-934F-54CF9A0647D7}
[2011/12/28 21:19:46 | 000,004,856 | ---- | C] () -- C:\{6D655873-BBE8-419C-99A0-2E2485AC4D90}
[2011/12/28 21:16:49 | 000,004,872 | ---- | C] () -- C:\{5A50D426-7A8F-42C6-9FD1-BDA90724A4B0}
[2011/12/28 21:15:10 | 000,004,880 | ---- | C] () -- C:\{58EE8D94-2DB4-45BF-9C85-539626CE8265}
[2011/12/28 21:07:41 | 000,004,880 | ---- | C] () -- C:\{02F26276-E2D5-4ECC-9014-6FDD4EE5A98D}
[2011/12/28 20:58:10 | 000,004,872 | ---- | C] () -- C:\{7225C762-7E91-4E1C-9EBD-E4601B476805}
[2011/12/28 20:52:34 | 000,004,888 | ---- | C] () -- C:\{DBDB5F9E-525C-4317-AC37-6706C2DDC038}
[2011/12/28 20:50:56 | 000,004,872 | ---- | C] () -- C:\{EF45EC91-A58A-42E2-BE26-5D8914B24400}
[2011/12/28 20:48:17 | 000,004,872 | ---- | C] () -- C:\{1A12FF1D-59DA-46E2-816C-755D09C0D105}
[2011/12/28 20:38:55 | 000,004,880 | ---- | C] () -- C:\{7BA4E055-4502-47AF-A35B-C1F9F5EEECED}
[2011/12/28 20:30:27 | 000,004,880 | ---- | C] () -- C:\{7BA86222-5112-47AA-9A3D-7F6CBFEBDE60}
[2011/12/28 20:17:08 | 000,004,872 | ---- | C] () -- C:\{6635BB0C-D3B3-4327-9EF6-22F0925DA328}
[2011/12/28 17:29:19 | 000,004,880 | ---- | C] () -- C:\{561073CE-2077-4808-AEA0-95EBCC5220E6}
[2011/12/27 06:16:44 | 000,508,928 | ---- | C] () -- C:\WINDOWS\svcs.exe
[2011/12/25 15:59:44 | 000,018,406 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\et48moqk5ux1714vm7423dy5le1nx3u1
[2011/12/24 07:13:54 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/01/17 08:33:26 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011/01/04 14:08:08 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/06/26 15:30:12 | 000,595,160 | ---- | C] () -- C:\WINDOWS\System32\wodCertificate.dll
[2010/06/26 15:30:11 | 000,589,960 | ---- | C] () -- C:\WINDOWS\System32\brgrt.dll
[2010/05/14 15:37:02 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Dan\Application Data\dvd.bmk
[2010/04/08 06:22:02 | 000,000,110 | ---- | C] () -- C:\WINDOWS\{7E7D778E-121D-4BBD-BA29-FAA81B9FBD8C}_WiseFW.ini
[2010/01/09 10:24:17 | 000,061,524 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2008/12/21 20:59:26 | 000,025,312 | ---- | C] () -- C:\WINDOWS\System32\DivXVfWCodec.dll
[2008/12/21 20:59:24 | 000,025,312 | ---- | C] () -- C:\WINDOWS\System32\SamsungVfWCodec.dll
[2008/12/21 20:59:08 | 000,447,200 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2008/12/21 20:52:02 | 000,066,272 | ---- | C] () -- C:\WINDOWS\System32\libfaac.dll
[2007/11/26 21:24:29 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2007/11/11 09:37:53 | 000,001,791 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/10/09 16:23:45 | 000,000,047 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/03/05 12:34:28 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/01/04 06:17:46 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT
[2007/01/01 18:15:15 | 000,003,920 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2007/01/01 18:15:15 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\8E0739D2CF.sys
[2006/12/31 21:44:25 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\fusioncache.dat
[2006/12/21 06:04:41 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/12/21 05:58:12 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/12/21 05:53:43 | 000,000,126 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/12/21 05:49:05 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/12/21 05:24:49 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/12/21 05:24:39 | 000,348,880 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2006/12/21 05:24:39 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4642.dll
[2006/12/21 05:23:07 | 000,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/11/09 23:56:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/16 02:48:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/08/16 02:38:45 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/08/16 02:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/16 02:33:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/16 02:27:59 | 000,290,888 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/16 02:18:35 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/08/16 02:18:33 | 000,442,894 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/08/16 02:18:33 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/08/16 02:18:33 | 000,072,160 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/08/16 02:18:33 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/08/16 02:18:32 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/08/16 02:18:30 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/08/16 02:18:28 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/08/16 02:18:23 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/08/16 02:18:23 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/08/16 02:18:15 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
  • 0

Advertisements

#2
Gammo
Posted 09 January 2012 - 05:13 PM

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below.

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
SRV - [2011/12/27 06:16:44 | 000,508,928 | ---- | M] () [Auto | Running] -- C:\WINDOWS\svcs.exe -- (NetworkLog)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 6522
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Documents and Settings\Dan\My Documents\*.tmp files -> C:\Documents and Settings\Dan\My Documents\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2011/12/28 09:17:18 | 000,018,406 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\et48moqk5ux1714vm7423dy5le1nx3u1
[2011/12/27 06:16:44 | 000,508,928 | ---- | M] () -- C:\WINDOWS\svcs.exe

:Services

:Reg

:Files
ipconfig /flushdns /c
C:\Program Files\Viewpoint

:Commands
[purity]
[resethosts]
[emptytemp]
[emptyflash]
[createrestorepoint]
[reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done





Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop *

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

Please make sure you include the ComboFix log in your next reply as well as describe how your computer is running now
  • 0

#3
Gammo
Posted 16 January 2012 - 05:58 AM

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP