Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Dest Defense Fake Virus scan


  • Please log in to reply

#1
Jack K

Jack K

    Member

  • Member
  • PipPip
  • 17 posts
Currently running Vista. IE8 browser. In the inprivate mode this virus redirects. But not on all web sites. Malwarebytes located and removed but the issue still persits. It appears the IE8 has this virus isolated since it does not show up on the normal browser. AV program is MSE and Prevx3.0.
Attached is the OLT scan this date.
OTL logfile created on: 5/30/2012 8:27:06 AM - Run 1
OTL by OldTimer - Version 3.2.44.0 Folder = C:\Users\Jack\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19222)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

957.76 Mb Total Physical Memory | 146.10 Mb Available Physical Memory | 15.25% Memory free
2.13 Gb Paging File | 1.15 Gb Available in Paging File | 54.07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.79 Gb Total Space | 145.35 Gb Free Space | 65.24% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.20 Gb Free Space | 62.02% Space Free | Partition Type: NTFS

Computer Name: TERRY-PC | User Name: Jack | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/30 08:26:57 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Jack\Desktop\OTL.exe
PRC - [2012/04/19 16:22:17 | 000,353,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_2_202_233_ActiveX.exe
PRC - [2012/03/26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2011/09/17 11:02:51 | 006,416,120 | ---- | M] (Prevx) -- C:\Program Files\Prevx\prevx.exe
PRC - [2011/06/23 19:44:22 | 001,386,776 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2011/06/17 03:35:24 | 000,149,784 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
PRC - [2011/05/21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/05/21 06:01:00 | 000,839,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2009/04/30 16:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/06/29 12:47:48 | 000,292,080 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 966\dlcqmon.exe
PRC - [2007/02/08 01:16:24 | 000,303,104 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\sttray.exe
PRC - [2006/12/12 05:22:34 | 000,537,480 | ---- | M] ( ) -- C:\Windows\System32\dlcqcoms.exe


========== Modules (No Company Name) ==========

MOD - [2011/06/23 19:44:34 | 000,877,848 | ---- | M] () -- C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
MOD - [2007/06/29 12:47:48 | 000,292,080 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 966\dlcqmon.exe
MOD - [2006/09/06 07:12:00 | 000,077,824 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 966\DLCQcfg.dll
MOD - [2006/08/18 13:17:36 | 000,056,056 | ---- | M] () -- C:\Windows\System32\DLAAPI_W.DLL
MOD - [2006/08/08 16:54:18 | 000,278,528 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 966\dlcqscw.dll
MOD - [2006/06/09 03:39:40 | 000,143,360 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 966\dlcqdrec.dll


========== Win32 Services (SafeList) ==========

SRV - [2012/04/19 16:22:19 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/03/26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/09/17 11:02:51 | 006,416,120 | ---- | M] (Prevx) [Auto | Running] -- C:\Program Files\Prevx\prevx.exe -- (CSIScanner)
SRV - [2011/06/17 03:33:46 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011/05/21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010/09/22 16:33:04 | 000,051,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2009/04/30 16:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/04/11 02:28:24 | 000,107,008 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\regsvc.dll -- (RemoteRegistry)
SRV - [2009/04/11 02:28:18 | 000,040,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\bthserv.dll -- (BthServ)
SRV - [2009/03/30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/01/19 19:12:02 | 000,016,936 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe -- (GoToAssist)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/19 03:34:44 | 000,053,760 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\Mcx2Svc.dll -- (Mcx2Svc)
SRV - [2007/05/31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2006/12/12 05:22:34 | 000,537,480 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlcqcoms.exe -- (dlcq_device)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | Boot | Stopped] -- system32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - File not found [Kernel | Boot | Stopped] -- system32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\Capt913D.sys -- (SQTECH913D)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RimUsb.sys -- (RimUsb)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\motoandroid.sys -- (motandroidusb)
DRV - File not found [Kernel | Auto | Stopped] -- -- (MCSTRM)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012/05/30 07:45:04 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{972A8866-8772-4037-8262-4737EFC51D0B}\MpKsl54e6cbc6.sys -- (MpKsl54e6cbc6)
DRV - [2012/05/30 01:16:52 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{972A8866-8772-4037-8262-4737EFC51D0B}\MpKsl76b33942.sys -- (MpKsl76b33942)
DRV - [2012/05/29 20:04:29 | 000,076,696 | ---- | M] (Prevx) [File_System | System | Running] -- C:\Windows\System32\drivers\pxrts.sys -- (pxrts)
DRV - [2012/05/29 20:04:29 | 000,032,008 | ---- | M] (Prevx) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pxscan.sys -- (pxscan)
DRV - [2012/05/29 20:04:28 | 000,026,096 | ---- | M] (Prevx) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pxkbf.sys -- (pxkbf)
DRV - [2012/03/20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/05/21 06:01:00 | 010,589,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011/04/30 08:00:20 | 000,030,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2011/04/30 08:00:18 | 000,039,064 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011/04/30 08:00:06 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011/01/07 16:56:12 | 000,044,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV - [2010/12/07 15:23:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandmodem.sys -- (ANDModem)
DRV - [2010/12/07 15:23:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lganddiag.sys -- (AndDiag)
DRV - [2010/12/07 15:23:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandgps.sys -- (AndGps)
DRV - [2010/12/07 15:22:58 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandbus.sys -- (Andbus)
DRV - [2010/12/05 12:17:21 | 000,035,816 | ---- | M] (Greatis Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Partizan.sys -- (Partizan)
DRV - [2009/04/30 23:01:36 | 000,265,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2009/04/30 22:55:58 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2009/04/30 22:55:34 | 000,013,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lv302af.sys -- (pepifilter)
DRV - [2009/04/30 16:00:12 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/04/11 00:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009/04/11 00:13:59 | 000,226,816 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\udfs.sys -- (udfs)
DRV - [2008/07/26 15:26:22 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008/04/05 10:59:47 | 000,020,520 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2008/04/05 10:59:46 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2008/01/19 01:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV - [2008/01/19 01:49:18 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/01/19 01:49:16 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse)
DRV - [2007/08/09 19:12:30 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007/04/24 09:33:46 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s125mgmt.sys -- (s125mgmt) Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM)
DRV - [2007/04/24 09:33:46 | 000,098,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s125obex.sys -- (s125obex)
DRV - [2007/04/24 09:33:44 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s125mdm.sys -- (s125mdm)
DRV - [2007/04/24 09:33:42 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s125mdfl.sys -- (s125mdfl)
DRV - [2007/03/28 17:07:18 | 000,019,048 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\atapi.sys -- (atapi)
DRV - [2007/03/28 17:07:18 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viaide.sys -- (viaide)
DRV - [2007/03/28 17:07:18 | 000,015,464 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdide.sys -- (amdide)
DRV - [2007/03/28 17:07:18 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\aliide.sys -- (aliide)
DRV - [2007/03/28 17:07:18 | 000,013,416 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\pciide.sys -- (pciide)
DRV - [2007/03/28 17:07:17 | 000,023,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\msahci.sys -- (msahci)
DRV - [2007/03/28 17:07:17 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide)
DRV - [2007/03/28 17:07:17 | 000,014,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\intelide.sys -- (intelide)
DRV - [2007/03/28 17:06:45 | 000,242,688 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2007/03/28 17:06:45 | 000,047,208 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\isapnp.sys -- (isapnp)
DRV - [2007/02/09 00:05:30 | 000,012,856 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2007/02/08 01:16:26 | 000,647,680 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2006/11/10 16:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
DRV - [2006/11/02 05:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 05:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 05:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 05:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 05:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV)
DRV - [2006/11/02 05:51:12 | 000,167,528 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\pcmcia.sys -- (pcmcia)
DRV - [2006/11/02 05:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 05:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 05:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 05:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 05:50:17 | 000,080,488 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm)
DRV - [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 05:50:16 | 000,078,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\mpio.sys -- (mpio)
DRV - [2006/11/02 05:50:16 | 000,076,392 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port)
DRV - [2006/11/02 05:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 05:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 05:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 05:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 05:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs)
DRV - [2006/11/02 05:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 05:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 05:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 05:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 05:49:49 | 000,027,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\i2omp.sys -- (i2omp)
DRV - [2006/11/02 05:49:38 | 000,019,560 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wd.sys -- (Wd)
DRV - [2006/11/02 05:49:32 | 000,018,280 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\compbatt.sys -- (Compbatt)
DRV - [2006/11/02 04:55:23 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM)
DRV - [2006/11/02 04:55:22 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth)
DRV - [2006/11/02 04:55:16 | 000,062,080 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ohci1394.sys -- (ohci1394)
DRV - [2006/11/02 04:55:09 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir) eHome Infrared Receiver (USBCIR)
DRV - [2006/11/02 04:55:08 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\circlass.sys -- (circlass)
DRV - [2006/11/02 04:55:05 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2006/11/02 04:55:01 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidir.sys -- (HidIr)
DRV - [2006/11/02 04:52:52 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen)
DRV - [2006/11/02 04:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sfloppy.sys -- (sfloppy)
DRV - [2006/11/02 04:51:38 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk)
DRV - [2006/11/02 04:51:33 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\fdc.sys -- (fdc)
DRV - [2006/11/02 04:51:32 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\flpydisk.sys -- (flpydisk)
DRV - [2006/11/02 04:51:30 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\parport.sys -- (Parport)
DRV - [2006/11/02 04:42:03 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV)
DRV - [2006/11/02 04:35:03 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi)
DRV - [2006/11/02 04:30:19 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7)
DRV - [2006/11/02 04:30:18 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\intelppm.sys -- (intelppm)
DRV - [2006/11/02 04:30:18 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe)
DRV - [2006/11/02 04:30:18 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7)
DRV - [2006/11/02 04:30:18 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\processr.sys -- (Processor)
DRV - [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 03:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2006/11/02 03:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/10/18 14:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/08/18 13:18:08 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/08/18 13:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/08/18 13:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/08/18 13:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/08/18 13:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/08/18 13:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/08/18 13:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/08/18 13:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/08/11 10:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2006/08/04 20:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2005/07/18 12:23:02 | 000,060,928 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\w600bus.sys -- (w600bus) Sony Ericsson W600 driver (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{087a7792-10bb-455d-bd55-427d589addf5}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ie7&rlz=1I7DKUS
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2644241

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{30665CE0-0C3A-4608-87A3-A98BDD66F74A}: "URL" = http://search.yahoo....ei=utf-8&fr=ie8
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7GGIE_en
IE - HKCU\..\SearchScopes\{B9B9E4B5-276C-46F9-AB7E-5BBC29BC17A2}: "URL" = http://search.condui...&ctid=CT2559647
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:1.7.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.2
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=2.5: C:\Program Files\Virtual Earth 3D\ [2009/04/12 08:45:42 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=3.0: C:\Program Files\Virtual Earth 3D\ [2009/04/12 08:45:42 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2009/04/12 08:45:42 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Jack\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/12/24 18:32:00 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{ABE60218-6332-482F-A9F4-CEE5441F3CCB}: C:\Users\Jack\AppData\Local\{ABE60218-6332-482F-A9F4-CEE5441F3CCB}

[2010/02/06 18:08:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jack\AppData\Roaming\Mozilla\Extensions
[2009/06/22 17:15:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jack\AppData\Roaming\Mozilla\Extensions\[email protected]
File not found (No name found) -- C:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\[email protected]

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.1.1_0\
CHR - Extension: No name found = C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: No name found = C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgkcfihepeihdlfphbndagmompiakeci\1.7_0\

O1 HOSTS File: ([2010/12/06 21:17:36 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (SafeOnline BHO) - {69D72956-317C-44bd-B369-8E44D4EF9801} - C:\Windows\System32\PxSecure.dll (Prevx)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ShopAtHomeIEHelper Class) - {E8DAAA30-6CAA-4b58-9603-8E54238219E2} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome.com)
O3 - HKLM\..\Toolbar: (ShopAtHome.com Toolbar) - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome.com)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {37153479-1976-43C3-A1EE-557513977B64} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (ShopAtHome.com Toolbar) - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome.com)
O4 - HKLM..\Run: [DLCQCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\DLCQtime.DLL ()
O4 - HKLM..\Run: [dlcqmon.exe] C:\Program Files\Dell Photo AIO Printer 966\dlcqmon.exe ()
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1
O15 - HKCU\..Trusted Domains: gmail.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: google.com ([mail] https in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([answers] http in Trusted sites)
O15 - HKCU\..Trusted Domains: msn.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: youtube.com ([www] https in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell....r/SysProExe.CAB (WMI Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1351409F-F8DB-4E5D-976F-7F402CF96B3E}: DhcpNameServer = 75.75.75.75 75.75.76.76
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img36.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img36.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (Partizan)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not found
O37 - HKCU\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/30 08:26:46 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Jack\Desktop\OTL.exe
[2012/05/29 23:37:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/05/29 23:37:22 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/05/29 23:37:21 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/05/08 19:55:51 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/05/08 19:55:51 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012/05/08 19:55:50 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012/05/08 19:55:50 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012/05/08 19:55:50 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012/05/08 19:55:42 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/05/08 19:55:42 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/05/08 19:55:41 | 002,044,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[12 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[12 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/05/30 08:26:57 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Jack\Desktop\OTL.exe
[2012/05/30 07:45:17 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/30 07:45:17 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/30 07:44:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/30 06:41:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/29 23:37:33 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/29 23:34:09 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{B1424317-C5E2-4C19-90CB-5E1935F61E84}.job
[2012/05/29 20:04:31 | 000,071,880 | ---- | M] (Prevx) -- C:\Windows\System32\PxSecure.dll
[2012/05/29 20:04:29 | 000,076,696 | ---- | M] (Prevx) -- C:\Windows\System32\drivers\pxrts.sys
[2012/05/29 20:04:29 | 000,032,008 | ---- | M] (Prevx) -- C:\Windows\System32\drivers\pxscan.sys
[2012/05/29 20:04:28 | 000,026,096 | ---- | M] (Prevx) -- C:\Windows\System32\drivers\pxkbf.sys
[2012/05/29 17:38:45 | 003,772,416 | ---- | M] () -- C:\Users\Jack\Documents\BLVD.MDB
[2012/05/29 17:38:45 | 000,593,045 | ---- | M] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-05-29_173841.ZIP
[2012/05/29 17:30:11 | 000,592,641 | ---- | M] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-05-29_173004.ZIP
[2012/05/29 17:28:20 | 000,592,641 | ---- | M] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-05-29_172813.ZIP
[2012/05/29 10:22:18 | 000,000,294 | ---- | M] () -- C:\Users\Jack\Desktop\Phineas & Ferb Disney Channel (2).url
[2012/05/29 09:48:01 | 000,000,200 | ---- | M] () -- C:\Users\Jack\Desktop\Transformers.com.url
[2012/05/24 00:10:25 | 000,585,666 | ---- | M] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-05-24_001018.ZIP
[2012/05/21 17:35:52 | 000,581,377 | ---- | M] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-05-21_173534.ZIP
[2012/05/21 17:34:48 | 000,606,364 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/05/21 17:34:48 | 000,104,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/05/21 15:09:17 | 000,002,627 | ---- | M] () -- C:\Users\Jack\Desktop\Word 2007.lnk
[2012/05/21 11:48:22 | 000,002,585 | ---- | M] () -- C:\Users\Jack\Desktop\Excel 2007.lnk
[2012/05/19 12:42:18 | 000,000,236 | ---- | M] () -- C:\Users\Jack\Desktop\Disney.url
[2012/05/18 12:36:36 | 000,182,844 | ---- | M] () -- C:\Users\Jack\Desktop\Crp.jpg
[2012/05/16 08:47:40 | 000,000,123 | ---- | M] () -- C:\Users\Jack\Desktop\Microsoft Fix it.url
[2012/05/10 05:17:44 | 000,000,945 | ---- | M] () -- C:\Users\Jack\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/09 13:30:28 | 000,581,020 | ---- | M] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-05-09_133024.ZIP
[2012/05/09 13:09:45 | 000,063,749 | ---- | M] () -- C:\Users\Jack\Desktop\invoice.pdf
[2012/05/09 03:43:09 | 000,425,808 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/05/08 10:09:29 | 000,580,653 | ---- | M] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-05-08_100923.ZIP
[2012/05/07 10:27:36 | 000,580,653 | ---- | M] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-05-07_102732.ZIP
[2012/05/07 10:25:45 | 000,580,653 | ---- | M] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-05-07_102538.ZIP
[2012/05/01 03:03:12 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/04/30 17:47:33 | 000,580,654 | ---- | M] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-04-30_174729.ZIP
[12 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[12 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/29 23:37:33 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/29 17:38:45 | 000,593,045 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-05-29_173841.ZIP
[2012/05/29 17:30:08 | 000,592,641 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-05-29_173004.ZIP
[2012/05/29 17:28:17 | 000,592,641 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-05-29_172813.ZIP
[2012/05/24 00:10:22 | 000,585,666 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-05-24_001018.ZIP
[2012/05/21 17:35:39 | 000,581,377 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-05-21_173534.ZIP
[2012/05/18 12:35:54 | 000,182,844 | ---- | C] () -- C:\Users\Jack\Desktop\Crp.jpg
[2012/05/16 08:47:40 | 000,000,123 | ---- | C] () -- C:\Users\Jack\Desktop\Microsoft Fix it.url
[2012/05/10 05:17:52 | 000,001,738 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Center.lnk
[2012/05/10 05:17:44 | 000,000,945 | ---- | C] () -- C:\Users\Jack\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/10 05:17:37 | 000,000,951 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/05/09 13:30:27 | 000,581,020 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-05-09_133024.ZIP
[2012/05/08 10:09:26 | 000,580,653 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-05-08_100923.ZIP
[2012/05/07 10:27:35 | 000,580,653 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-05-07_102732.ZIP
[2012/05/07 10:25:42 | 000,580,653 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-05-07_102538.ZIP
[2012/05/01 03:03:10 | 000,001,828 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/04/30 17:47:32 | 000,580,654 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-04-30_174729.ZIP
[2012/04/24 09:12:43 | 000,580,654 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-04-24_091240.ZIP
[2012/04/23 11:43:48 | 000,580,599 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-04-23_114345.ZIP
[2012/04/23 11:04:28 | 000,578,009 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-04-23_110425.ZIP
[2012/03/30 13:46:13 | 000,578,008 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-03-30_134610.ZIP
[2012/03/30 13:37:58 | 000,577,346 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-03-30_133755.ZIP
[2012/03/30 08:23:48 | 000,577,344 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-03-30_082345.ZIP
[2012/03/29 10:17:32 | 000,577,344 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-03-29_101729.ZIP
[2012/03/29 10:14:22 | 000,576,528 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-03-29_101419.ZIP
[2012/03/14 21:01:36 | 000,576,318 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-03-14_210132.ZIP
[2012/03/14 20:49:33 | 000,576,319 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-03-14_204929.ZIP
[2012/03/14 20:38:44 | 000,575,910 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-03-14_203840.ZIP
[2012/03/01 10:05:13 | 000,575,133 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-03-01_090509.ZIP
[2012/03/01 09:44:32 | 000,574,859 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-03-01_084429.ZIP
[2012/03/01 09:24:23 | 000,574,859 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-03-01_082420.ZIP
[2012/03/01 04:44:08 | 000,574,518 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-03-01_034405.ZIP
[2012/02/29 13:50:51 | 000,574,145 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-02-29_125048.ZIP
[2012/02/29 11:58:57 | 000,574,145 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-02-29_105854.ZIP
[2012/02/28 17:40:28 | 000,573,837 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-02-28_164024.ZIP
[2012/02/20 15:25:14 | 000,573,302 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-02-20_142510.ZIP
[2012/02/19 02:41:36 | 000,572,541 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-02-19_014131.ZIP
[2012/02/19 02:34:38 | 000,570,990 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-02-19_013435.ZIP
[2012/02/07 15:05:43 | 000,566,976 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-02-07_140540.ZIP
[2012/02/05 16:49:22 | 000,566,355 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-02-05_154919.ZIP
[2012/01/21 09:26:13 | 000,565,117 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-01-21_082610.ZIP
[2012/01/21 09:25:02 | 000,565,117 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-01-21_082458.ZIP
[2012/01/18 22:31:08 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlcqinpa.dll
[2012/01/18 22:31:08 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\DLCQhcp.dll
[2012/01/18 22:31:08 | 000,274,432 | ---- | C] () -- C:\Windows\System32\DLCQinst.dll
[2012/01/18 22:31:07 | 000,454,656 | ---- | C] () -- C:\Windows\System32\dlcqutil.dll
[2012/01/18 22:31:07 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlcqiesc.dll
[2012/01/18 22:31:06 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlcqserv.dll
[2012/01/18 22:31:06 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\dlcqusb1.dll
[2012/01/18 22:31:05 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlcqpmui.dll
[2012/01/18 22:31:05 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlcqprox.dll
[2012/01/18 22:31:05 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlcqpplc.dll
[2012/01/18 22:31:04 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlcqlmpm.dll
[2012/01/18 22:31:04 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlcqinsb.dll
[2012/01/18 22:31:04 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlcqins.dll
[2012/01/18 22:31:04 | 000,139,264 | ---- | C] () -- C:\Windows\System32\dlcqjswr.dll
[2012/01/18 22:31:04 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dlcqinsr.dll
[2012/01/18 22:31:03 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlcqhbn3.dll
[2012/01/18 22:31:03 | 000,385,928 | ---- | C] ( ) -- C:\Windows\System32\dlcqih.exe
[2012/01/18 22:31:03 | 000,188,416 | ---- | C] () -- C:\Windows\System32\dlcqgrd.dll
[2012/01/18 22:31:02 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dlcqcub.dll
[2012/01/18 22:31:02 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlcqcu.dll
[2012/01/18 22:31:02 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dlcqcur.dll
[2012/01/18 22:31:01 | 000,537,480 | ---- | C] ( ) -- C:\Windows\System32\dlcqcoms.exe
[2012/01/18 22:31:01 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlcqcomm.dll
[2012/01/18 22:31:00 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlcqcomc.dll
[2012/01/18 22:30:59 | 000,381,832 | ---- | C] ( ) -- C:\Windows\System32\dlcqcfg.exe
[2012/01/18 22:30:59 | 000,077,824 | ---- | C] () -- C:\Windows\System32\DLCQcfg.dll
[2012/01/10 11:01:28 | 000,563,644 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-01-10_100124.ZIP
[2012/01/09 11:10:46 | 000,563,504 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-01-09_101042.ZIP
[2012/01/09 10:38:12 | 000,562,291 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-01-09_093808.ZIP
[2012/01/09 10:24:56 | 000,561,606 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-01-09_092453.ZIP
[2012/01/09 10:10:33 | 000,561,606 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2012-01-09_091030.ZIP
[2011/12/22 10:09:59 | 000,561,608 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-12-22_090955.ZIP
[2011/12/21 10:39:26 | 000,561,062 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-12-21_093923.ZIP
[2011/12/21 10:32:50 | 000,560,740 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-12-21_093246.ZIP
[2011/12/21 10:25:46 | 000,560,741 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-12-21_092542.ZIP
[2011/12/20 13:59:21 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2011/12/20 13:59:21 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2011/12/01 14:10:46 | 000,557,673 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-12-01_131043.ZIP
[2011/11/24 17:12:35 | 000,553,577 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-11-24_161224.ZIP
[2011/11/16 01:56:34 | 000,553,580 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-11-16_005630.ZIP
[2011/11/16 00:47:46 | 000,000,022 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-11-15_234742.ZIP
[2011/11/14 06:34:58 | 000,550,016 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-11-14_053455.ZIP
[2011/11/13 20:29:02 | 000,549,320 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-11-13_192859.ZIP
[2011/11/13 20:27:22 | 000,549,320 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-11-13_192718.ZIP
[2011/11/13 19:15:37 | 000,548,708 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-11-13_181534.ZIP
[2011/11/11 23:16:56 | 000,548,708 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-11-11_221649.ZIP
[2011/11/11 18:19:23 | 000,548,627 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-11-11_171920.ZIP
[2011/11/11 18:16:44 | 000,548,627 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-11-11_171640.ZIP
[2011/11/11 13:56:06 | 000,547,837 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-11-11_125603.ZIP
[2011/11/03 15:35:18 | 000,546,920 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-11-03_153515.ZIP
[2011/11/03 15:34:44 | 000,546,920 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-11-03_153440.ZIP
[2011/11/03 14:03:12 | 000,546,779 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-11-03_140308.ZIP
[2011/11/01 05:58:43 | 000,544,671 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-11-01_055840.ZIP
[2011/11/01 05:55:47 | 000,544,672 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-11-01_055544.ZIP
[2011/11/01 05:40:45 | 000,544,129 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-11-01_054041.ZIP
[2011/10/25 17:59:25 | 000,543,944 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-10-25_175921.ZIP
[2011/10/25 06:49:17 | 000,543,354 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-10-25_064913.ZIP
[2011/10/20 17:48:45 | 000,542,951 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-10-20_174842.ZIP
[2011/10/20 17:47:34 | 000,542,954 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-10-20_174731.ZIP
[2011/10/19 10:51:16 | 000,542,912 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-10-19_105112.ZIP
[2011/10/19 09:58:48 | 000,541,944 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-10-19_095844.ZIP
[2011/10/19 09:51:16 | 000,542,562 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-10-19_095112.ZIP
[2011/10/18 21:37:01 | 000,542,557 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-10-18_213658.ZIP
[2011/10/15 06:36:54 | 000,542,399 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-10-15_063650.ZIP
[2011/10/15 05:41:11 | 000,533,888 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-10-15_054108.ZIP
[2011/10/14 13:58:27 | 000,533,440 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-10-14_135823.ZIP
[2011/10/14 06:54:00 | 000,533,439 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-10-14_065356.ZIP
[2011/10/11 02:34:32 | 000,532,103 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-10-11_023428.ZIP
[2011/10/10 22:38:38 | 000,528,998 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-10-10_223834.ZIP
[2011/10/10 12:53:31 | 000,517,797 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-10-10_125328.ZIP
[2011/10/10 10:20:17 | 000,517,767 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-10-10_102014.ZIP
[2011/10/09 08:18:44 | 000,517,767 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-10-09_081841.ZIP
[2011/10/09 08:14:15 | 000,517,768 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-10-09_081412.ZIP
[2011/10/08 18:52:28 | 000,517,767 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-10-08_185225.ZIP
[2011/10/08 16:49:17 | 000,517,689 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-10-08_164914.ZIP
[2011/09/28 07:12:41 | 000,517,259 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-09-28_071236.ZIP
[2011/09/26 10:59:29 | 000,517,210 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-09-26_105925.ZIP
[2011/09/20 05:32:25 | 000,516,141 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-09-20_053221.ZIP
[2011/09/10 06:24:27 | 000,517,315 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-09-10_062423.ZIP
[2011/09/09 13:49:35 | 000,517,315 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-09-09_134931.ZIP
[2011/08/21 10:58:39 | 000,517,220 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-08-21_105836.ZIP
[2011/08/16 17:56:18 | 000,517,220 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-08-16_175615.ZIP
[2011/08/16 06:40:54 | 000,517,223 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-08-16_064050.ZIP
[2011/07/27 14:24:40 | 000,516,751 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-07-27_142437.ZIP
[2011/07/26 15:37:38 | 000,516,698 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-07-26_153734.ZIP
[2011/07/26 14:04:53 | 000,516,689 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-07-26_140450.ZIP
[2011/07/26 13:57:50 | 000,516,689 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-07-26_135746.ZIP
[2011/07/19 16:38:00 | 000,516,689 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-07-19_163757.ZIP
[2011/07/19 15:06:47 | 000,516,097 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-07-19_150644.ZIP
[2011/07/15 21:08:09 | 000,517,120 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-07-15_210806.ZIP
[2011/07/14 05:56:07 | 000,517,120 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-07-14_055603.ZIP
[2011/07/13 07:55:12 | 000,516,881 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-07-13_075509.ZIP
[2011/07/08 09:03:51 | 000,516,418 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-07-08_090348.ZIP
[2011/07/08 09:03:03 | 000,516,418 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-07-08_090300.ZIP
[2011/07/08 08:02:15 | 000,516,421 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-07-08_080212.ZIP
[2011/07/08 07:43:25 | 000,516,144 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-07-08_074321.ZIP
[2011/07/08 07:31:14 | 000,515,714 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-07-08_073109.ZIP
[2011/06/29 15:28:23 | 000,513,044 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-06-29_152820.ZIP
[2011/06/29 07:29:52 | 000,512,977 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-06-29_072949.ZIP
[2011/06/28 22:09:12 | 000,514,550 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-06-28_220909.ZIP
[2011/06/28 21:48:12 | 000,513,712 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-06-28_214808.ZIP
[2011/06/27 15:47:25 | 000,511,399 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-06-27_154722.ZIP
[2011/06/27 09:34:15 | 000,511,234 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-06-27_093412.ZIP
[2011/06/24 20:00:22 | 000,511,241 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-06-24_200019.ZIP
[2011/06/24 18:25:06 | 000,511,227 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-06-24_182503.ZIP
[2011/06/24 17:30:24 | 000,509,914 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-06-24_173020.ZIP
[2011/06/24 17:28:56 | 000,509,913 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-06-24_172853.ZIP
[2011/06/24 16:40:21 | 000,509,339 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-06-24_164018.ZIP
[2011/06/24 16:37:37 | 000,508,946 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-06-24_163730.ZIP
[2011/06/24 12:46:14 | 000,508,769 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-06-24_124611.ZIP
[2011/06/22 09:08:55 | 000,508,762 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-06-22_090852.ZIP
[2011/06/22 09:00:52 | 000,508,060 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-06-22_090049.ZIP
[2011/06/22 08:56:02 | 000,508,060 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-06-22_085558.ZIP
[2011/06/20 09:36:00 | 000,508,077 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-06-20_093557.ZIP
[2011/06/18 14:07:33 | 000,508,059 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-06-18_140729.ZIP
[2011/06/17 15:55:02 | 000,507,913 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-06-17_155459.ZIP
[2011/06/12 21:48:08 | 000,507,892 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-06-12_214805.ZIP
[2011/06/11 16:28:24 | 000,507,738 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-06-11_162821.ZIP
[2011/06/11 16:09:19 | 000,507,738 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-06-11_160916.ZIP
[2011/06/11 15:25:28 | 000,511,187 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-06-11_152525.ZIP
[2011/06/11 15:08:25 | 000,511,187 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-06-11_150820.ZIP
[2011/06/11 12:37:11 | 000,511,953 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-06-11_123707.ZIP
[2011/06/11 08:20:28 | 000,511,482 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-06-11_082025.ZIP
[2011/06/08 18:53:51 | 000,511,482 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-06-08_185348.ZIP
[2011/06/08 18:52:55 | 000,511,481 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\BLVD BACKUP_2011-06-08_185252.ZIP
[2011/06/08 14:37:20 | 000,485,403 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\Blvd Backup_2011-06-08_143719.zdb
[2011/06/07 14:23:08 | 000,485,403 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\Blvd Backup_2011-06-07_142307.zdb
[2011/06/06 11:53:19 | 000,485,401 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\Blvd Backup_2011-06-06_115318.zdb
[2011/06/06 11:25:56 | 000,485,402 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\Blvd Backup_2011-06-06_112555.zdb
[2011/06/05 16:16:03 | 000,485,402 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\Blvd Backup_2011-06-05_161602.zdb
[2011/06/03 20:02:40 | 000,476,524 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\Blvd Backup_2011-06-03_200238.zdb
[2011/05/31 23:53:38 | 000,451,736 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\Blvd Backup_2011-05-31_235337.zdb
[2011/05/31 23:52:04 | 000,449,737 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\Blvd Backup_2011-05-31_235203.zdb
[2011/05/30 11:10:34 | 000,467,715 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\Blvd Backup_2011-05-30_111033.zdb
[2011/05/29 06:58:12 | 000,466,479 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\Blvd Backup_2011-05-29_065811.zdb
[2011/01/29 20:16:34 | 000,000,004 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\5B7855
[2011/01/29 20:16:33 | 000,870,128 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\mcs.rma
[2010/12/01 10:36:44 | 000,000,000 | ---- | C] () -- C:\Windows\IMPORT71.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:0D786AE3
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:73933431
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8

< End of report >
  • 0

Advertisements


#2
Gammo

Gammo

    Trusted Helper

  • Malware Removal
  • 2,299 posts
Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

If you haven't done so yet, please go to Malware and Spyware Cleaning Guide and follow the steps instructed there. If you have already done this, we still need a new log to see what has changed since you originally posted your problem.

We need to create an OTL Report
Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Check the box that says Scan All Users.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP