Inactive Search results being redirected IE and Firefox

[Inactive] Search results being redirected IE and Firefox

This is what happens:
In both Firefox and IE:
I go to google, I put in search terms and hit search
I find valid search results
I click on one of the search result links, and get redirected to useless search websites, such as "whattoseek.net "
Clicking "Back" is useless
It happens about 75% of the time

After searching for a solution, I have tried advice other people have received, and I ran the Panda Scan, also the Malwarebytes, HijackThis and HouseCall. Nothing gave me an option to fix anything.

I deleted cookies, temporary files, etc. Vista won't let me get to Documents and Settings -- says my access is denied even though I'm logged in as an administrator (tried to go to local settings to delete temp files).

I restored IE to the default settings.
I started a new Firefox profile, same problem.

Firefox has also been randomly freezing - I don't know if this is related. It freezes, so I close the window, try to open it, says Firefox is already open, and i have to go to task manager to stop the firefox process.

I ran the DDS - I tried searching for how to disable script blockers but of course couldn't get anywhere, and by that time the scan had already started and completed.... so if the scan results are bad, let me know how to disable the script blockers and i'll run it again.

Please help!! Thanks in advance


Here are the DDS and Attach files:

DDS (Ver_10-03-17.01) - NTFSx86
Run by Cara at 21:03:33.47 on Sat 06/19/2010
Internet Explorer: 7.0.6000.16681 BrowserJavaVersion: 1.6.0_13
Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6000.0.1252.1.1033.18.893.226 [GMT -5:00]

SP: Windows Defender *enabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\sttray.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Users\Cara\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\STacSV.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\servicing\TrustedInstaller.exe
c:\program files\windows defender\MpCmdRun.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Cara\Downloads\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uWindow Title = Internet Explorer provided by Dell
uStart Page = hxxp://partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=1080410
mStart Page = hxxp://partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=1080410
mDefault_Page_URL = hxxp://partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=1080410
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyng.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\2.0.301.7164\swg.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyng.dll
uRun: [DW6]
uRun: [MySpaceIM] c:\program files\myspace\im\MySpaceIM.exe
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Google Update] "c:\users\cara\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [ECenter] c:\dell\e-center\EULALauncher.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SigmatelSysTrayApp] sttray.exe
mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\CLIStart.exe "
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe "
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe "
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe
mPolicies-system: EnableLUA = 0 (0x0)
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxp://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\users\cara\appdata\roaming\mozilla\firefox\profiles\knszno0y.cara\
FF - prefs.js: browser.startup.homepage - hxxps://mail.google.com/mail/?hl=en&shva=1#
FF - plugin: c:\program files\picasa2\npPicasa2.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - plugin: c:\users\cara\appdata\local\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\users\cara\appdata\roaming\move networks\plugins\npqmp071505000011.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref( "ui.use_native_colors ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "ui.use_native_popup_windows ", false);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.enable_click_image_resizing ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "accessibility.browsewithcaret_shortcut.enabled ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "javascript.options.mem.high_water_mark ", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref( "javascript.options.mem.gc_frequency ", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.auth.force-generic-ntlm ", false);
c:\program files\mozilla firefox\greprefs\all.js - pref( "svg.smil.enabled ", false);
c:\program files\mozilla firefox\greprefs\all.js - pref( "ui.trackpoint_hack.enabled ", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.debug ", false);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.agedWeight ", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.bucketSize ", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.maxTimeGroupings ", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.timeGroupingSize ", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.boundaryWeight ", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.prefixWeight ", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref( "html5.enable ", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref ", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.renego_unrestricted_hosts ", " ");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.treat_unsafe_negotiation_as_broken ", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.require_safe_negotiation ", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl3.rsa_seed_sha ", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref( "app.update.download.backgroundInterval ", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref( "app.update.url.manual ", "http://www.firefox.com ");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref( "browser.search.param.yahoo-fr-ja ", "mozff ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name ", "chrome://browser/locale/browser.properties ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description ", "chrome://browser/locale/browser.properties ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "xpinstall.whitelist.add ", "addons.mozilla.org ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "xpinstall.whitelist.add.36 ", "getpersonas.com ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "lightweightThemes.update.enabled ", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.allTabs.previews ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "plugins.hide_infobar_for_outdated_plugin ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "plugins.update.notifyUser ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "toolbar.customization.usesheet ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.taskbar.previews.enable ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.taskbar.previews.max ", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.taskbar.previews.cachetime ", 20);

============= SERVICES / DRIVERS ===============

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2010-6-13 28552]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-4-10 30192]

=============== Created Last 30 ================

2010-06-14 02:00:27 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2010-06-14 02:00:19 0 d-----w- c:\program files\Panda Security
2010-06-14 01:27:27 0 d-----w- c:\users\cara\appdata\roaming\Malwarebytes
2010-06-14 01:26:57 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-14 01:26:56 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-14 01:26:56 0 d-----w- c:\programdata\Malwarebytes
2010-06-14 01:26:56 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-08 22:33:27 80896 ------w- c:\windows\system32\dbbc.sys

==================== Find3M ====================

2009-01-23 13:46:35 86016 ----a-w- c:\windows\inf\infstor.dat
2009-01-23 13:46:35 51200 ----a-w- c:\windows\inf\infpub.dat
2009-01-23 13:46:34 86016 ----a-w- c:\windows\inf\infstrng.dat
2008-08-04 14:45:10 174 --sha-w- c:\program files\desktop.ini
2008-06-24 16:31:01 665600 ----a-w- c:\windows\inf\drvindex.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2008-12-31 16:48:44 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2008-12-31 16:48:44 32768 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2008-12-31 16:48:44 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat
2008-04-10 15:35:34 8192 --sha-w- c:\windows\users\default\NTUSER.DAT

============= FINISH: 21:05:01.37 ===============



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft® Windows Vistaâ„¢ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 4/10/2008 2:44:31 AM
System Uptime: 6/19/2010 8:41:23 PM (1 hours ago)

Motherboard: Dell Inc. | | 0WY383
Processor: AMD Athlon(tm) 64 X2 Dual-Core Processor TK-57 | Socket M2/S1G1 | 800/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 64 GiB total, 37.512 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 6.304 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP104: 12/16/2009 8:27:48 PM - Scheduled Checkpoint
RP105: 1/23/2010 4:08:20 PM - Windows Modules Installer
RP106: 3/21/2010 12:07:41 PM - Scheduled Checkpoint
RP107: 3/24/2010 12:36:20 PM - Scheduled Checkpoint
RP108: 4/15/2010 8:53:31 PM - Scheduled Checkpoint
RP109: 6/14/2010 5:45:43 PM - Scheduled Checkpoint

==== Installed Programs ======================

7-Zip 4.58 beta
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9
Adobe Shockwave Player
AIM 6
Apple Mobile Device Support
Apple Software Update
ATI Catalyst Control Center Ex
ATI PCI Express (3GIO) Filter Driver
Bonjour
Broadcom Management Programs
Browser Address Error Redirector
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Conexant HDA D330 MDC V.92 Modem
Dell Getting Started Guide
Dell Support Center
Dell Touchpad
Dell Wireless WLAN Card
Digital Line Detect
Google Chrome
Google Desktop
Google Gmail Notifier
Google Toolbar for Internet Explorer
ImTOO MOV Converter
iTunes
Java(TM) 6 Update 13
Java(TM) 6 Update 5
Java(TM) SE Runtime Environment 6
Malwarebytes' Anti-Malware
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Standard 2007
Microsoft Office Word 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 Redistributable
MobileMe Control Panel
Modem Diagnostic Tool
Move Media Player
Mozilla Firefox (3.6.3)
Music Rescue 3.1.6
Netflix Movie Viewer
NetWaiting
Network Play System (Patching)
Octoshape add-in for Adobe Flash Player
Panda ActiveScan 2.0
Personal Entertainment Launcher
Picasa 2
Product Support Launcher
QuickSet
QuickTime
SigmaTel Audio
Sim File Maid (remove only)
The Sims
The Weather Channel Desktop 6
User's Guides
Viewpoint Media Player
Windows Media Player Firefox Plugin
Yahoo! Messenger
Zynga Toolbar

==== Event Viewer Messages From Past Week ========

6/15/2010 6:36:39 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
6/13/2010 12:15:00 PM, Error: Microsoft-Windows-SharedAccess_NAT [34001] - The ICS_IPV6 failed to configure IPv6 stack.
6/13/2010 12:15:00 PM, Error: Microsoft-Windows-SharedAccess_NAT [30013] - The DHCP allocator has disabled itself on IP address 192.168.1.3, since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.
6/13/2010 12:13:37 PM, Error: ACPI [6] - IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 5, function 0. Please contact your system vendor for technical assistance.
6/13/2010 12:13:35 PM, Error: ACPI [6] - IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 6, function 0. Please contact your system vendor for technical assistance.
6/12/2010 2:05:33 PM, Error: Service Control Manager [7000] - The BCM42RLY service failed to start due to the following error: The system cannot find the file specified.

==== End Of File ===========================

 

Here's the malware scan: restarting and downloading GMER next
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4217

Windows 6.0.6000
Internet Explorer 7.0.6000.16681

6/19/2010 10:20:22 PM
mbam-log-2010-06-19 (22-20-22).txt

Scan type: Quick scan
Objects scanned: 128211
Time elapsed: 13 minute(s), 51 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

 

GMER log

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-06-19 23:46:52
Windows 6.0.6000
Running: 1yj7qmhp.exe; Driver: C:\Users\Cara\AppData\Local\Temp\pxtdipow.sys


---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[1104] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [741EFE0C] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1104] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [741BC53D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1104] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [741AA31F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1104] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [741ACBEF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1104] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [741A8AAA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1104] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [741BDAB8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1104] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [741A7D8D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1104] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [741A7CF4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1104] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [741A6A4E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1104] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [7423BE7C] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1104] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [741C8A5E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1104] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [741A90CD] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1104] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [741B2248] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1104] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [741B2273] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1104] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [741B7724] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1104] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [741B7546] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1104] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [741E861D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

Device \FileSystem\fastfat \Fat 942409F6

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

 

ComboFix 10-06-19.03 - Cara 06/20/2010 0:35.1.2 - x86
Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6000.0.1252.1.1033.18.893.492 [GMT -5:00]
Running from: c:\users\Cara\Desktop\Malware ****\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
SP: AntiVir Desktop *disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
SP: Windows Defender *disabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2010-05-20 to 2010-06-20 )))))))))))))))))))))))))))))))
.

2010-06-20 05:44 . 2010-06-20 05:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-06-20 05:28 . 2010-06-20 05:28 -------- d-----w- c:\users\Cara\AppData\Roaming\Avira
2010-06-20 02:57 . 2010-03-01 15:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-06-20 02:57 . 2010-02-16 19:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-06-20 02:57 . 2009-05-11 17:49 17016 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-06-20 02:57 . 2009-05-11 17:49 51992 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-06-20 02:57 . 2010-06-20 02:57 -------- d-----w- c:\programdata\Avira
2010-06-20 02:57 . 2010-06-20 02:57 -------- d-----w- c:\program files\Avira
2010-06-20 01:37 . 2010-06-20 01:37 680 ----a-w- c:\users\Cara\AppData\Local\d3d9caps.dat
2010-06-14 02:00 . 2009-06-30 14:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2010-06-14 02:00 . 2010-06-14 02:00 -------- d-----w- c:\program files\Panda Security
2010-06-14 01:27 . 2010-06-14 01:27 -------- d-----w- c:\users\Cara\AppData\Roaming\Malwarebytes
2010-06-14 01:26 . 2010-04-29 20:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-14 01:26 . 2010-06-14 01:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-14 01:26 . 2010-06-14 01:26 -------- d-----w- c:\programdata\Malwarebytes
2010-06-14 01:26 . 2010-04-29 20:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-08 22:33 . 2010-06-08 22:33 80896 ------w- c:\windows\system32\dbbc.sys
2010-05-23 01:40 . 2010-03-29 14:59 52224 ----a-w- c:\users\Cara\AppData\Roaming\Mozilla\Firefox\Profiles\3te386a9.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
2010-05-23 01:40 . 2010-03-29 14:59 101376 ----a-w- c:\users\Cara\AppData\Roaming\Mozilla\Firefox\Profiles\3te386a9.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-20 23:34 . 2010-05-20 23:34 -------- d-----w- c:\users\Cara\AppData\Roaming\AdobeUM
2010-05-20 23:33 . 2008-07-17 17:51 -------- d-----w- c:\program files\Common Files\Adobe
2010-05-02 03:59 . 2010-05-02 03:59 658184 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-12-08 01:50 . 2009-12-08 01:50 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2008-04-10 15:35 . 2008-04-10 15:16 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
2010-02-04 17:59 2349592 ----a-w- c:\program files\Zynga\tbZyng.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{7b13ec3e-999a-4b70-b9cb-2617b8323822} "= "c:\program files\Zynga\tbZyng.dll" [2010-02-04 2349592]

[HKEY_CLASSES_ROOT\clsid\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{7B13EC3E-999A-4B70-B9CB-2617B8323822} "= "c:\program files\Zynga\tbZyng.dll" [2010-02-04 2349592]

[HKEY_CLASSES_ROOT\clsid\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe "= "c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"Google Update "= "c:\users\Cara\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-02-01 135664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ECenter "= "c:\dell\E-Center\EULALauncher.exe" [2008-01-18 17920]
"SynTPEnh "= "c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-05-24 857648]
"SigmatelSysTrayApp "= "sttray.exe" [2007-04-24 303104]
"ATICCC "= "c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-07-11 90112]
"Broadcom Wireless Manager UI "= "c:\windows\system32\WLTRAY.exe" [2007-12-08 3444736]
"dscactivate "= "c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-02-14 16384]
"SunJavaUpdateSched "= "c:\program files\Java\jre6\bin\jusched.exe" [2009-12-08 148888]
"avgnt "= "c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2007-7-20 1180952]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA "= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs "=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@= "Service "

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1167157780-497472970-3894054306-1000]
"EnableNotifications "=dword:00000001
"EnableNotificationsRef "=dword:00000001

R3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2009-12-08 30192]
S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-06-30 28552]
S1 dbbc;dbbc;c:\windows\system32\dbbc.sys [2010-06-08 80896]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]

.
Contents of the 'Scheduled Tasks' folder

2010-06-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1167157780-497472970-3894054306-1000Core.job
- c:\users\Cara\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-01 23:43]

2010-06-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1167157780-497472970-3894054306-1000UA.job
- c:\users\Cara\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-01 23:43]
.
.
------- Supplementary Scan -------
.
uStart Page = https://mail.google.com/mail/?shva=1#
mStart Page = hxxp://partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=1080410
uInternet Settings,ProxyOverride = *.local
DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
FF - ProfilePath - c:\users\Cara\AppData\Roaming\Mozilla\Firefox\Profiles\knszno0y.Cara\
FF - prefs.js: browser.startup.homepage - hxxps://mail.google.com/mail/?hl=en&shva=1#
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Picasa2\npPicasa2.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF - plugin: c:\users\Cara\AppData\Local\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\users\Cara\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "ui.use_native_colors ", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.auth.force-generic-ntlm ", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "svg.smil.enabled ", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref( "security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref ", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref( "security.ssl.renego_unrestricted_hosts ", " ");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref( "security.ssl.treat_unsafe_negotiation_as_broken ", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref( "security.ssl.require_safe_negotiation ", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name ", "chrome://browser/locale/browser.properties ");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description ", "chrome://browser/locale/browser.properties ");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "plugins.update.notifyUser ", false);
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-DW6 - (no file)
HKCU-Run-MySpaceIM - c:\program files\MySpace\IM\MySpaceIM.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-20 00:45
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial "=dword:00000000
.
Completion time: 2010-06-20 00:50:33
ComboFix-quarantined-files.txt 2010-06-20 05:50

Pre-Run: 39,892,635,648 bytes free
Post-Run: 40,946,102,272 bytes free

- - End Of File - - 99649CDFF5206062E4565DC67A93E9A2

 

If it matters, the problems occurs with Google Chrome as well.

 

OTL logfile created on: 6/20/2010 2:02:10 PM - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Cara\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16681)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

893.00 Mb Total Physical Memory | 393.00 Mb Available Physical Memory | 44.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 59.00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 64.44 Gb Total Space | 37.76 Gb Free Space | 58.60% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.30 Gb Free Space | 63.04% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOME-PC
Current User Name: Cara
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/06/20 14:01:43 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Cara\Desktop\OTL.exe
PRC - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/03/02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2008/04/10 10:22:13 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/07/20 18:13:26 | 001,180,952 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2007/04/24 07:31:14 | 000,303,104 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\sttray.exe
PRC - [2007/04/24 07:31:10 | 000,090,112 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2006/04/28 10:14:44 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe


========== Modules (SafeList) ==========

MOD - [2010/06/20 14:01:43 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Cara\Desktop\OTL.exe
MOD - [2007/07/20 18:13:32 | 000,103,704 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\dadkeyb.dll
MOD - [2006/11/02 04:44:49 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2006/11/02 04:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/12/07 20:50:40 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-110309-193829)
SRV - [2008/04/10 10:23:00 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/04/24 07:31:10 | 000,090,112 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)


========== Driver Services (SafeList) ==========

DRV - [2010/06/08 17:33:27 | 000,080,896 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\dbbc.sys -- (dbbc)
DRV - [2010/03/01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/02/16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/06/30 09:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008/04/10 10:35:31 | 000,020,152 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/04/10 10:35:31 | 000,019,128 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/04/10 10:35:31 | 000,017,592 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/12/07 00:52:48 | 001,044,984 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2007/10/17 04:33:56 | 002,085,888 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2007/05/24 00:08:56 | 000,182,456 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/04/29 00:24:30 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/04/29 00:24:28 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/04/29 00:24:28 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/04/29 00:24:28 | 000,206,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007/04/24 07:31:16 | 000,323,584 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/04/24 07:29:38 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2007/04/24 07:00:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/04/24 07:00:18 | 000,043,520 | ---- | M] (REDC) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/04/24 07:00:16 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 04:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 02:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2006/11/02 02:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/10/30 10:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://partnerpage.google.com/small...n&client=dell-usuk&channel=us-smb&ibd=1080410

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://mail.google.com/mail/?shva=1#
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "https://mail.google.com/mail/?hl=en&shva=1# "

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/20 19:58:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/08 17:35:28 | 000,000,000 | ---D | M]

[2008/10/23 16:02:49 | 000,000,000 | ---D | M] -- C:\Users\Cara\AppData\Roaming\Mozilla\Extensions
[2010/06/08 17:16:00 | 000,000,000 | ---D | M] -- C:\Users\Cara\AppData\Roaming\Mozilla\Firefox\Profiles\3te386a9.default\extensions
[2010/05/22 20:40:16 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\Cara\AppData\Roaming\Mozilla\Firefox\Profiles\3te386a9.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2008/10/13 12:00:36 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Cara\AppData\Roaming\Mozilla\Firefox\Profiles\3te386a9.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/06/08 17:36:05 | 000,000,000 | ---D | M] -- C:\Users\Cara\AppData\Roaming\Mozilla\Firefox\Profiles\knszno0y.Cara\extensions
[2010/06/19 20:13:01 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Zynga Toolbar) - {7B13EC3E-999A-4B70-B9CB-2617B8323822} - C:\Program Files\Zynga\tbZyng.dll (Conduit Ltd.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell.com/systemprofiler/SysProExe.CAB (WMI Class)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img2.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img2.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2006/11/02 06:18:47 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 90 Days ==========

[2010/06/20 14:00:59 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Users\Cara\Desktop\OTL.exe
[2010/06/20 13:54:03 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/06/20 00:50:36 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/06/20 00:48:48 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/06/20 00:31:43 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/06/20 00:28:26 | 000,000,000 | ---D | C] -- C:\Users\Cara\AppData\Roaming\Avira
[2010/06/19 23:59:30 | 000,000,000 | ---D | C] -- C:\Users\Cara\Desktop\Malware ****
[2010/06/19 21:57:19 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010/06/19 21:57:14 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010/06/19 21:57:14 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/06/19 21:57:14 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010/06/19 21:57:13 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010/06/19 21:57:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010/06/19 21:57:08 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/06/13 21:00:27 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\pavboot.sys
[2010/06/13 21:00:19 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2010/06/13 20:27:27 | 000,000,000 | ---D | C] -- C:\Users\Cara\AppData\Roaming\Malwarebytes
[2010/06/13 20:26:57 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/06/13 20:26:56 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/06/13 20:26:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/13 20:26:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/05/20 18:34:25 | 000,000,000 | ---D | C] -- C:\Users\Cara\AppData\Roaming\AdobeUM
[2010/05/20 18:34:07 | 000,000,000 | ---D | C] -- C:\Users\Cara\Documents\My eBooks
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/06/20 14:06:04 | 000,621,552 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/06/20 14:06:04 | 000,104,868 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/06/20 14:06:03 | 000,720,778 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/06/20 14:04:12 | 002,359,296 | -HS- | M] () -- C:\Users\Cara\NTUSER.DAT
[2010/06/20 14:01:43 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Cara\Desktop\OTL.exe
[2010/06/20 13:59:40 | 000,000,433 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2010/06/20 13:57:47 | 000,003,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/06/20 13:57:47 | 000,003,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/06/20 13:57:35 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/06/20 13:57:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/06/20 13:55:35 | 001,282,439 | -H-- | M] () -- C:\Users\Cara\AppData\Local\IconCache.db
[2010/06/20 00:45:53 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/06/20 00:17:02 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1167157780-497472970-3894054306-1000UA.job
[2010/06/19 23:23:16 | 126,409,011 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/06/19 20:37:59 | 000,000,680 | ---- | M] () -- C:\Users\Cara\AppData\Local\d3d9caps.dat
[2010/06/19 20:06:14 | 000,000,036 | ---- | M] () -- C:\Users\Cara\AppData\Local\housecall.guid.cache
[2010/06/19 17:17:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1167157780-497472970-3894054306-1000Core.job
[2010/06/08 17:33:27 | 000,080,896 | ---- | M] () -- C:\Windows\System32\dbbc.sys
[2010/06/04 13:13:16 | 165,368,143 | ---- | M] () -- C:\Users\Cara\Desktop\VID00126.MP4
[2010/06/04 13:10:40 | 119,949,803 | ---- | M] () -- C:\Users\Cara\Desktop\VID00125.MP4
[2010/06/04 13:06:08 | 082,891,961 | ---- | M] () -- C:\Users\Cara\Desktop\VID00124.MP4
[2010/06/01 12:31:24 | 045,358,863 | ---- | M] () -- C:\Users\Cara\Desktop\VID00022.MP4
[2010/05/31 15:38:32 | 108,632,383 | ---- | M] () -- C:\Users\Cara\Desktop\VID00021.MP4
[2010/05/30 09:02:48 | 017,986,883 | ---- | M] () -- C:\Users\Cara\Desktop\VID00020.MP4
[2010/05/29 17:40:38 | 056,392,989 | ---- | M] () -- C:\Users\Cara\Desktop\VID00015.MP4
[2010/05/20 22:27:19 | 002,501,459 | ---- | M] () -- C:\Users\Cara\Desktop\SetupManualNetgear.pdf
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/11 21:00:11 | 000,012,772 | ---- | M] () -- C:\Users\Cara\Documents\108 Spirit Drive.docx
[2010/04/09 16:38:35 | 001,036,626 | ---- | M] () -- C:\Users\Cara\Desktop\Jacobs Program Review.pptx
[2010/04/06 19:47:05 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/03/24 20:08:06 | 000,002,001 | ---- | M] () -- C:\Users\Cara\Desktop\Google Chrome.lnk
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/06/19 22:39:46 | 126,409,011 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/06/19 20:37:58 | 000,000,680 | ---- | C] () -- C:\Users\Cara\AppData\Local\d3d9caps.dat
[2010/06/19 20:06:14 | 000,000,036 | ---- | C] () -- C:\Users\Cara\AppData\Local\housecall.guid.cache
[2010/06/08 17:33:27 | 000,080,896 | ---- | C] () -- C:\Windows\System32\dbbc.sys
[2010/06/04 12:12:50 | 165,368,143 | ---- | C] () -- C:\Users\Cara\Desktop\VID00126.MP4
[2010/06/04 12:12:30 | 119,949,803 | ---- | C] () -- C:\Users\Cara\Desktop\VID00125.MP4
[2010/06/04 12:12:17 | 082,891,961 | ---- | C] () -- C:\Users\Cara\Desktop\VID00124.MP4
[2010/06/02 21:19:14 | 045,358,863 | ---- | C] () -- C:\Users\Cara\Desktop\VID00022.MP4
[2010/06/02 21:18:28 | 017,986,883 | ---- | C] () -- C:\Users\Cara\Desktop\VID00020.MP4
[2010/06/02 21:17:36 | 056,392,989 | ---- | C] () -- C:\Users\Cara\Desktop\VID00015.MP4
[2010/06/02 21:05:23 | 108,632,383 | ---- | C] () -- C:\Users\Cara\Desktop\VID00021.MP4
[2010/05/20 22:27:13 | 002,501,459 | ---- | C] () -- C:\Users\Cara\Desktop\SetupManualNetgear.pdf
[2010/04/11 20:40:32 | 000,012,772 | ---- | C] () -- C:\Users\Cara\Documents\108 Spirit Drive.docx
[2010/04/09 16:38:24 | 001,036,626 | ---- | C] () -- C:\Users\Cara\Desktop\Jacobs Program Review.pptx
[2010/04/06 19:47:05 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2008/04/10 10:36:03 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/04/10 10:36:02 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2008/04/10 10:35:51 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/04/10 03:05:00 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2008/04/10 02:55:57 | 000,006,656 | ---- | C] () -- C:\Windows\System32\stacutil.dll
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/01/12 17:09:14 | 000,090,112 | ---- | C] () -- C:\Windows\System32\DXFLib.dll
[2006/01/12 17:08:06 | 000,143,360 | ---- | C] () -- C:\Windows\System32\opcode.dll

========== LOP Check ==========

[2008/07/28 20:28:49 | 000,000,000 | ---D | M] -- C:\Users\Cara\AppData\Roaming\acccore
[2008/07/28 21:39:30 | 000,000,000 | ---D | M] -- C:\Users\Cara\AppData\Roaming\Aim
[2008/04/25 17:20:39 | 000,000,000 | ---D | M] -- C:\Users\Cara\AppData\Roaming\PeerNetworking
[2008/09/20 17:05:56 | 000,000,000 | ---D | M] -- C:\Users\Cara\AppData\Roaming\SecondLife
[2010/06/20 13:56:20 | 000,032,574 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2007/12/08 17:34:10 | 000,054,784 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\bcmwlrmt.dll
[2006/11/02 04:47:18 | 000,228,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2008/04/10 10:29:21 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006/11/02 05:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 05:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 05:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 05:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 05:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< End of report >


OTL Extras logfile created on: 6/20/2010 2:02:10 PM - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Cara\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16681)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

893.00 Mb Total Physical Memory | 393.00 Mb Available Physical Memory | 44.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 59.00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 64.44 Gb Total Space | 37.76 Gb Free Space | 58.60% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.30 Gb Free Space | 63.04% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOME-PC
Current User Name: Cara
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1 "
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1167157780-497472970-3894054306-1000]
"EnableNotifications" = 1
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04BD3C9F-B3BC-4370-94F4-58DDB3249F01}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{09889B2F-ABDE-4F88-8220-C4A8E7E11C04}" = lport=138 | protocol=17 | dir=in | app=system |
"{105512D3-9FBF-4C90-9188-7ADD8182C71E}" = rport=137 | protocol=17 | dir=out | app=system |
"{1237C38E-9531-4BD5-8091-763FD2571156}" = rport=445 | protocol=6 | dir=out | app=system |
"{168493EC-FF66-4728-95F1-B1A8DC8DA73D}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{1F90D2A3-B4E2-4FCF-9F7B-11FA49888E81}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{210F5802-B164-4DC8-897F-128637478293}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{2C16BBDC-25C3-4A58-86B5-BBC004A06FDE}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{3011C934-0CBC-4A55-832E-FE6AEB231289}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{33EBF8B7-9495-4E48-88A3-56632F507405}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{429E63CA-ADDD-45DA-B8DA-8DF90B4F83CB}" = rport=2869 | protocol=6 | dir=out | app=system |
"{4EA6B204-322F-40C8-901B-AB497DEBF0D7}" = lport=445 | protocol=6 | dir=in | app=system |
"{4F0ADBD5-84A2-41AE-BC53-2938326AE2CC}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{53D0B347-FF5A-4CEB-AED0-DC0CE7AD081E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{5A4F6850-5D2F-4B1C-9C21-ACFFC983D202}" = rport=11999 | protocol=6 | dir=in | name=yahoo games |
"{62D095B3-E205-4FF8-AA3B-15E81793AC11}" = lport=2869 | protocol=6 | dir=in | app=system |
"{825F6B3C-7043-4516-A7CA-C806E49AC3A6}" = lport=137 | protocol=17 | dir=in | app=system |
"{9708B1BF-BF46-48C7-B9B9-980E3DA3D597}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ADAA2D39-35F2-495F-B416-28EA58FB36E4}" = lport=139 | protocol=6 | dir=in | app=system |
"{BFA49DB6-CBD8-448E-A850-BFB2AAA66F7A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BFF7A609-4954-4566-A59F-1FD79E519CBA}" = rport=139 | protocol=6 | dir=out | app=system |
"{C43686CA-2AB4-4B7B-A52B-E000E2EA0E5E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C7D47B50-BF43-47E9-BC6D-899462EF6F10}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DE1A0203-AA09-46DB-AA28-C2735DFB24CE}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03641102-E814-428D-8264-53BCE278CCFB}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{12C13056-5033-42B0-9028-6F55B02B1BEB}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{1F3C79B3-B18D-453C-A046-4A72057AE088}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{227BE8B2-BBCF-408D-B26A-DEDF83B3983C}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{29B6133E-EEAF-45AB-AEA2-A69CA712258A}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{382022BE-9BDD-4A08-9F50-9739059B1740}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3AF260DC-EBFB-4FD0-BA11-0A7E9220EE7A}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{3D39204B-A25C-4FD5-A4EF-3959CB5D8761}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{56B64675-E0E4-424F-8975-F3DEDAE95552}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{58E3CED7-E514-432D-B199-F6393B987054}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7EF08EEF-62E2-4274-B22A-8DB54C77508F}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{9EE57576-BA03-46DD-97D2-E4AC38A7CC9A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{A1D4D15E-8528-4C4E-B5F6-336271DF7188}" = dir=in | app=c:\program files\myspace\im\myspaceim.exe |
"{A5C6FAEB-EC5B-4FA5-A087-A54F1BDF09FD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C0631F1C-4938-4CF3-91F0-4C99B3B4354E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C2446AC4-3E65-4127-9EBD-C459BD93B27B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C9EA559B-35BE-4613-BA65-09E521354575}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{E10F2D61-0004-4C1C-82B4-2963C439335A}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{E6B3E1A2-40C1-4C20-8A27-67F6FFFED20C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EBDC2D92-A6F5-44B2-ADA7-1DCAB16F0091}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F09C2147-F49E-4A7F-8412-4CAC1C8E2AA8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F3462451-B31B-41EE-AE57-E194B9DC3BC2}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{FC7535E5-1EE3-4B44-8088-44C0234F8807}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"TCP Query User{4D36915F-33E8-406C-8355-1022CD4AA820}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{CAA5AA6C-E1CE-44F0-B4F8-F04B3E1C79AC}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{36772505-3B7E-4222-B9FC-0EF5BEC9B777}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{CAF87F3B-634C-4577-BD87-EC97F8596CED}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" = Google Gmail Notifier
"{0F95AA42-0FF6-4D48-9CA1-64C8D0777500}" = QuickSet
"{15CC668C-F37C-CE24-9047-40EC8034E29D}" = ATI Catalyst Control Center Ex
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{37F964E4-9C3F-4066-B933-1747D3AC6737}" = Personal Entertainment Launcher
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4E5386F5-C0F6-4532-A54A-374865AEAB71}" = Cisco PEAP Module
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76F9CF97-FC4B-4E20-B363-D127C888448F}" = Cisco LEAP Module
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0000-0000-0000000FF1CE}" = Microsoft Office PowerPoint 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0000-0000-0000000FF1CE}" = Microsoft Office Word 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{924EB80F-C2BB-4B9F-8412-88BBA937393F}" = MobileMe Control Panel
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{B8ABB25D-1E30-4ED7-A3CE-0F8BED439647}" = Product Support Launcher
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{BF53252E-4AB2-4C7F-A0FD-6100755745E3}" = Cisco EAP-FAST Module
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E713653C-8312-4BC6-AFC9-ADE1F2F04AB9}" = ATI PCI Express (3GIO) Filter Driver
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}" = iTunes
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"7-Zip" = 7-Zip 4.58 beta
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AIM_6" = AIM 6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Google Desktop" = Google Desktop
"ImTOO MOV Converter" = ImTOO MOV Converter
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Music Rescue_is1" = Music Rescue 3.1.6
"Network Play System (Patching)" = Network Play System (Patching)
"Picasa2" = Picasa 2
"POWERPOINT" = Microsoft Office PowerPoint 2007
"Sim File Maid" = Sim File Maid (remove only)
"STANDARD" = Microsoft Office Standard 2007
"SynTPDeinstKey" = Dell Touchpad
"The Sims" = The Sims
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"ViewpointMediaPlayer" = Viewpoint Media Player
"WORD" = Microsoft Office Word 2007
"Yahoo! Messenger" = Yahoo! Messenger
"Zynga Toolbar" = Zynga Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Move Media Player" = Move Media Player
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/14/2010 6:16:09 PM | Computer Name = Home-PC | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, time stamp 0x4c05deaa,
faulting module NPSWF32.dll, version 10.0.45.2, time stamp 0x4b5f91c2, exception
code 0xc0000005, fault offset 0x00135512, process id 0x1be8, application start time
0x01cb0c0dda87b845.

Error - 6/19/2010 9:35:37 PM | Computer Name = Home-PC | Source = EventSystem | ID = 4609
Description =

Error - 6/19/2010 10:54:01 PM | Computer Name = Home-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Users\Cara\AppData\Local\Temp\RarSFX0\redist.dll ".
Dependent
Assembly Microsoft.VC90.CRT,processorArchitecture= "x86 ",publicKeyToken= "1fc8b3b9a1e18e3b ",type= "win32 ",version= "9.0.30729.4148 "
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 6/19/2010 11:26:58 PM | Computer Name = Home-PC | Source = Application Error | ID = 1000
Description = Faulting application bcmwltry.exe, version 4.170.25.12, time stamp
0x46f3437a, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception
code 0xc0000005, fault offset 0x03cc9282, process id 0x68c, application start time
0x01cb102824288484.

Error - 6/20/2010 12:24:06 AM | Computer Name = Home-PC | Source = EventSystem | ID = 4609
Description =

Error - 6/20/2010 12:27:08 AM | Computer Name = Home-PC | Source = Perflib | ID = 1008
Description =

Error - 6/20/2010 12:27:08 AM | Computer Name = Home-PC | Source = Perflib | ID = 1010
Description =

Error - 6/20/2010 12:27:09 AM | Computer Name = Home-PC | Source = PerfNet | ID = 2004
Description =

Error - 6/20/2010 12:27:09 AM | Computer Name = Home-PC | Source = PerfNet | ID = 2002
Description =

Error - 6/20/2010 12:49:03 AM | Computer Name = Home-PC | Source = Application Error | ID = 1000
Description = Faulting application bcmwltry.exe, version 4.170.25.12, time stamp
0x46f3437a, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception
code 0xc0000005, fault offset 0x03cc8dba, process id 0x6b0, application start time
0x01cb1033bd23dfd4.

[ Media Center Events ]
Error - 3/9/2009 7:27:55 PM | Computer Name = Home-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 7/16/2009 8:32:09 AM | Computer Name = Home-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.

[ OSession Events ]
Error - 10/9/2008 11:05:21 PM | Computer Name = Home-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 41
seconds with 0 seconds of active time. This session ended with a crash.

Error - 10/9/2008 11:05:55 PM | Computer Name = Home-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 18
seconds with 0 seconds of active time. This session ended with a crash.

Error - 10/12/2008 6:42:33 PM | Computer Name = Home-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3104
seconds with 120 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 11/24/2008 9:49:34 AM | Computer Name = Home-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 11/24/2008 9:49:35 AM | Computer Name = Home-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 11/24/2008 10:06:25 AM | Computer Name = Home-PC | Source = bowser | ID = 8003
Description =

Error - 11/24/2008 12:14:51 PM | Computer Name = Home-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 11/24/2008 12:14:52 PM | Computer Name = Home-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 11/24/2008 12:14:52 PM | Computer Name = Home-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 11/24/2008 12:14:53 PM | Computer Name = Home-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 11/24/2008 12:14:54 PM | Computer Name = Home-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 11/24/2008 12:14:55 PM | Computer Name = Home-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 11/24/2008 12:14:55 PM | Computer Name = Home-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >

 

All processes killed
========== OTL ==========
Starting removal of ActiveX control {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
File oft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Cara
->Temp folder emptied: 127243 bytes
->Temporary Internet Files folder emptied: 157892573 bytes
->Java cache emptied: 52838100 bytes
->FireFox cache emptied: 77153876 bytes
->Google Chrome cache emptied: 208474396 bytes
->Flash cache emptied: 3204328 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: ScottyRock155
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 12036 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 411368 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 44452 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 477.00 mb


[EMPTYFLASH]

User: All Users

User: Cara
->Flash cache emptied: 0 bytes

User: Default

User: Default User

User: Public

User: ScottyRock155

Total Flash Files Cleaned = 0.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.6.0 log created on 06202010_145652

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

 

OTL logfile created on: 6/20/2010 3:29:37 PM - Run 2
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Cara\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16681)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

893.00 Mb Total Physical Memory | 293.00 Mb Available Physical Memory | 33.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 52.00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 64.44 Gb Total Space | 38.79 Gb Free Space | 60.19% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.30 Gb Free Space | 63.04% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOME-PC
Current User Name: Cara
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/06/20 14:01:43 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Cara\Desktop\OTL.exe
PRC - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/03/02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2008/04/10 10:22:13 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/07/20 18:13:26 | 001,180,952 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2007/04/24 07:31:14 | 000,303,104 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\sttray.exe
PRC - [2007/04/24 07:31:10 | 000,090,112 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2006/04/28 10:14:44 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe


========== Modules (SafeList) ==========

MOD - [2010/06/20 14:01:43 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Cara\Desktop\OTL.exe
MOD - [2006/11/02 04:44:49 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2006/11/02 04:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/12/07 20:50:40 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-110309-193829)
SRV - [2008/04/10 10:23:00 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/04/24 07:31:10 | 000,090,112 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)


========== Driver Services (SafeList) ==========

DRV - [2010/06/08 17:33:27 | 000,080,896 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\dbbc.sys -- (dbbc)
DRV - [2010/03/01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/02/16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/06/30 09:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008/04/10 10:35:31 | 000,020,152 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/04/10 10:35:31 | 000,019,128 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/04/10 10:35:31 | 000,017,592 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/12/07 00:52:48 | 001,044,984 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2007/10/17 04:33:56 | 002,085,888 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2007/05/24 00:08:56 | 000,182,456 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/04/29 00:24:30 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/04/29 00:24:28 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/04/29 00:24:28 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/04/29 00:24:28 | 000,206,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007/04/24 07:31:16 | 000,323,584 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/04/24 07:29:38 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2007/04/24 07:00:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/04/24 07:00:18 | 000,043,520 | ---- | M] (REDC) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/04/24 07:00:16 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 04:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 02:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2006/11/02 02:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/10/30 10:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://partnerpage.google.com/small...n&client=dell-usuk&channel=us-smb&ibd=1080410

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://mail.google.com/mail/?shva=1#
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "https://mail.google.com/mail/?hl=en&shva=1# "

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/20 19:58:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/20 14:35:29 | 000,000,000 | ---D | M]

[2008/10/23 16:02:49 | 000,000,000 | ---D | M] -- C:\Users\Cara\AppData\Roaming\Mozilla\Extensions
[2010/06/08 17:16:00 | 000,000,000 | ---D | M] -- C:\Users\Cara\AppData\Roaming\Mozilla\Firefox\Profiles\3te386a9.default\extensions
[2010/05/22 20:40:16 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\Cara\AppData\Roaming\Mozilla\Firefox\Profiles\3te386a9.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2008/10/13 12:00:36 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Cara\AppData\Roaming\Mozilla\Firefox\Profiles\3te386a9.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/06/08 17:36:05 | 000,000,000 | ---D | M] -- C:\Users\Cara\AppData\Roaming\Mozilla\Firefox\Profiles\knszno0y.Cara\extensions
[2010/06/20 14:52:05 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/20 14:52:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/06/20 14:51:27 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll

O1 HOSTS File: ([2010/06/20 15:01:17 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Zynga Toolbar) - {7B13EC3E-999A-4B70-B9CB-2617B8323822} - C:\Program Files\Zynga\tbZyng.dll (Conduit Ltd.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell.com/systemprofiler/SysProExe.CAB (WMI Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img2.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img2.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/06/20 14:56:52 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/06/20 14:52:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/06/20 14:00:59 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Users\Cara\Desktop\OTL.exe
[2010/06/20 13:54:03 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/06/20 00:50:36 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/06/20 00:48:48 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/06/20 00:31:43 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/06/20 00:28:26 | 000,000,000 | ---D | C] -- C:\Users\Cara\AppData\Roaming\Avira
[2010/06/19 23:59:30 | 000,000,000 | ---D | C] -- C:\Users\Cara\Desktop\Malware ****
[2010/06/19 21:57:19 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010/06/19 21:57:14 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010/06/19 21:57:14 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/06/19 21:57:14 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010/06/19 21:57:13 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010/06/19 21:57:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010/06/19 21:57:08 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/06/13 21:00:27 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\pavboot.sys
[2010/06/13 21:00:19 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2010/06/13 20:27:27 | 000,000,000 | ---D | C] -- C:\Users\Cara\AppData\Roaming\Malwarebytes
[2010/06/13 20:26:57 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/06/13 20:26:56 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/06/13 20:26:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/13 20:26:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/05/20 18:34:25 | 000,000,000 | ---D | C] -- C:\Users\Cara\AppData\Roaming\AdobeUM
[2010/05/20 18:34:07 | 000,000,000 | ---D | C] -- C:\Users\Cara\Documents\My eBooks

========== Files - Modified Within 90 Days ==========

[2010/06/20 15:29:46 | 002,359,296 | -HS- | M] () -- C:\Users\Cara\NTUSER.DAT
[2010/06/20 15:17:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1167157780-497472970-3894054306-1000UA.job
[2010/06/20 15:10:53 | 000,621,552 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/06/20 15:10:53 | 000,104,868 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/06/20 15:10:52 | 000,720,778 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/06/20 15:04:44 | 000,000,432 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2010/06/20 15:03:18 | 000,003,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/06/20 15:03:18 | 000,003,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/06/20 15:03:08 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/06/20 15:03:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/06/20 15:01:17 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2010/06/20 14:36:22 | 001,365,593 | -H-- | M] () -- C:\Users\Cara\AppData\Local\IconCache.db
[2010/06/20 14:01:43 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Cara\Desktop\OTL.exe
[2010/06/20 00:45:53 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/06/19 23:23:16 | 126,409,011 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/06/19 20:37:59 | 000,000,680 | ---- | M] () -- C:\Users\Cara\AppData\Local\d3d9caps.dat
[2010/06/19 20:06:14 | 000,000,036 | ---- | M] () -- C:\Users\Cara\AppData\Local\housecall.guid.cache
[2010/06/19 17:17:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1167157780-497472970-3894054306-1000Core.job
[2010/06/08 17:33:27 | 000,080,896 | ---- | M] () -- C:\Windows\System32\dbbc.sys
[2010/06/04 13:13:16 | 165,368,143 | ---- | M] () -- C:\Users\Cara\Desktop\VID00126.MP4
[2010/06/04 13:10:40 | 119,949,803 | ---- | M] () -- C:\Users\Cara\Desktop\VID00125.MP4
[2010/06/04 13:06:08 | 082,891,961 | ---- | M] () -- C:\Users\Cara\Desktop\VID00124.MP4
[2010/06/01 12:31:24 | 045,358,863 | ---- | M] () -- C:\Users\Cara\Desktop\VID00022.MP4
[2010/05/31 15:38:32 | 108,632,383 | ---- | M] () -- C:\Users\Cara\Desktop\VID00021.MP4
[2010/05/30 09:02:48 | 017,986,883 | ---- | M] () -- C:\Users\Cara\Desktop\VID00020.MP4
[2010/05/29 17:40:38 | 056,392,989 | ---- | M] () -- C:\Users\Cara\Desktop\VID00015.MP4
[2010/05/20 22:27:19 | 002,501,459 | ---- | M] () -- C:\Users\Cara\Desktop\SetupManualNetgear.pdf
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/11 21:00:11 | 000,012,772 | ---- | M] () -- C:\Users\Cara\Documents\108 Spirit Drive.docx
[2010/04/09 16:38:35 | 001,036,626 | ---- | M] () -- C:\Users\Cara\Desktop\Jacobs Program Review.pptx
[2010/04/06 19:47:05 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/03/24 20:08:06 | 000,002,001 | ---- | M] () -- C:\Users\Cara\Desktop\Google Chrome.lnk

========== Files Created - No Company Name ==========

[2010/06/19 22:39:46 | 126,409,011 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/06/19 20:37:58 | 000,000,680 | ---- | C] () -- C:\Users\Cara\AppData\Local\d3d9caps.dat
[2010/06/19 20:06:14 | 000,000,036 | ---- | C] () -- C:\Users\Cara\AppData\Local\housecall.guid.cache
[2010/06/08 17:33:27 | 000,080,896 | ---- | C] () -- C:\Windows\System32\dbbc.sys
[2010/06/04 12:12:50 | 165,368,143 | ---- | C] () -- C:\Users\Cara\Desktop\VID00126.MP4
[2010/06/04 12:12:30 | 119,949,803 | ---- | C] () -- C:\Users\Cara\Desktop\VID00125.MP4
[2010/06/04 12:12:17 | 082,891,961 | ---- | C] () -- C:\Users\Cara\Desktop\VID00124.MP4
[2010/06/02 21:19:14 | 045,358,863 | ---- | C] () -- C:\Users\Cara\Desktop\VID00022.MP4
[2010/06/02 21:18:28 | 017,986,883 | ---- | C] () -- C:\Users\Cara\Desktop\VID00020.MP4
[2010/06/02 21:17:36 | 056,392,989 | ---- | C] () -- C:\Users\Cara\Desktop\VID00015.MP4
[2010/06/02 21:05:23 | 108,632,383 | ---- | C] () -- C:\Users\Cara\Desktop\VID00021.MP4
[2010/05/20 22:27:13 | 002,501,459 | ---- | C] () -- C:\Users\Cara\Desktop\SetupManualNetgear.pdf
[2010/04/11 20:40:32 | 000,012,772 | ---- | C] () -- C:\Users\Cara\Documents\108 Spirit Drive.docx
[2010/04/09 16:38:24 | 001,036,626 | ---- | C] () -- C:\Users\Cara\Desktop\Jacobs Program Review.pptx
[2010/04/06 19:47:05 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2008/04/10 10:36:03 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/04/10 10:36:02 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2008/04/10 10:35:51 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/04/10 03:05:00 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2008/04/10 02:55:57 | 000,006,656 | ---- | C] () -- C:\Windows\System32\stacutil.dll
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/01/12 17:09:14 | 000,090,112 | ---- | C] () -- C:\Windows\System32\DXFLib.dll
[2006/01/12 17:08:06 | 000,143,360 | ---- | C] () -- C:\Windows\System32\opcode.dll

========== LOP Check ==========

[2008/07/28 20:28:49 | 000,000,000 | ---D | M] -- C:\Users\Cara\AppData\Roaming\acccore
[2008/07/28 21:39:30 | 000,000,000 | ---D | M] -- C:\Users\Cara\AppData\Roaming\Aim
[2008/04/25 17:20:39 | 000,000,000 | ---D | M] -- C:\Users\Cara\AppData\Roaming\PeerNetworking
[2008/09/20 17:05:56 | 000,000,000 | ---D | M] -- C:\Users\Cara\AppData\Roaming\SecondLife
[2010/06/20 15:02:02 | 000,032,574 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========


< End of report >

 

Still having the redirecting problem.

Finished TFC. Kapersky's free virus scan is "temporarily unavailable" while they come up with the new version.

 

20:40:39:346 2276 TDSS rootkit removing tool 2.3.2.0 May 31 2010 10:39:48
20:40:39:346 2276 ================================================================================
20:40:39:346 2276 SystemInfo:

20:40:39:346 2276 OS Version: 6.0.6000 ServicePack: 0.0
20:40:39:346 2276 Product type: Workstation
20:40:39:346 2276 ComputerName: HOME-PC
20:40:39:346 2276 UserName: Cara
20:40:39:346 2276 Windows directory: C:\Windows
20:40:39:346 2276 Processor architecture: Intel x86
20:40:39:346 2276 Number of processors: 2
20:40:39:346 2276 Page size: 0x1000
20:40:39:361 2276 Boot type: Normal boot
20:40:39:361 2276 ================================================================================
20:40:49:314 2276 Initialize success
20:40:49:314 2276
20:40:49:314 2276 Scanning Services ...
20:40:50:892 2276 Raw services enum returned 419 services
20:40:51:142 2276
20:40:51:158 2276 Scanning Drivers ...
20:40:53:471 2276 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
20:40:53:533 2276 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
20:40:53:596 2276 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
20:40:53:658 2276 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
20:40:53:939 2276 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
20:40:54:096 2276 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
20:40:54:314 2276 agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys
20:40:54:346 2276 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
20:40:54:439 2276 aliide (dc67a153fdb8105b25d05334b5e1d8e2) C:\Windows\system32\drivers\aliide.sys
20:40:54:502 2276 amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys
20:40:54:533 2276 amdide (835c4c3355088298a5ebd818fa31430f) C:\Windows\system32\drivers\amdide.sys
20:40:54:580 2276 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
20:40:54:877 2276 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\DRIVERS\amdk8.sys
20:40:55:017 2276 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
20:40:55:189 2276 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
20:40:55:377 2276 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
20:40:55:533 2276 atapi (e03e8c99d15d0381e02743c36afc7c6f) C:\Windows\system32\drivers\atapi.sys
20:40:55:752 2276 AtiPcie (4aa1eb65481c392955939e735d27118b) C:\Windows\system32\DRIVERS\AtiPcie.sys
20:40:55:971 2276 avgntflt (a88d29d928ad2b830e87b53e3f9bc182) C:\Windows\system32\DRIVERS\avgntflt.sys
20:40:56:017 2276 avipbb (1289e9a5d9118a25a13c0009519088e3) C:\Windows\system32\DRIVERS\avipbb.sys
20:40:56:205 2276 BCM43XX (cdf7f28ffd693b1b4137845dd1ef1ccc) C:\Windows\system32\DRIVERS\bcmwl6.sys
20:40:56:299 2276 bcm4sbxp (cd4646067cc7dcba1907fa0acf7e3966) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
20:40:56:392 2276 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
20:40:56:455 2276 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
20:40:56:502 2276 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
20:40:56:549 2276 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
20:40:56:611 2276 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
20:40:56:674 2276 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
20:40:56:721 2276 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
20:40:56:767 2276 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
20:40:56:814 2276 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
20:40:56:971 2276 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
20:40:57:017 2276 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
20:40:57:080 2276 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
20:40:57:174 2276 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
20:40:57:236 2276 CmBatt (ed97ad3df1b9005989eaf149bf06c821) C:\Windows\system32\DRIVERS\CmBatt.sys
20:40:57:314 2276 cmdide (e79cbb2195e965f6e3256e2c1b23fd1c) C:\Windows\system32\drivers\cmdide.sys
20:40:57:346 2276 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\DRIVERS\compbatt.sys
20:40:57:392 2276 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
20:40:57:455 2276 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
20:40:57:549 2276 dbbc (a165620cfe6adf2ac8e230eddec76017) C:\Windows\system32\dbbc.sys
20:40:57:549 2276 Suspicious file (NoAccess): C:\Windows\system32\dbbc.sys. md5: a165620cfe6adf2ac8e230eddec76017
20:40:57:627 2276 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
20:40:57:689 2276 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
20:40:57:767 2276 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
20:40:57:877 2276 DXGKrnl (b95202efd0464d226e7542c1e319c028) C:\Windows\System32\drivers\dxgkrnl.sys
20:40:58:002 2276 e1express (7505290504c8e2d172fa378cc0497bcc) C:\Windows\system32\DRIVERS\e1e6032.sys
20:40:58:080 2276 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
20:40:58:127 2276 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
20:40:58:236 2276 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
20:40:58:314 2276 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
20:40:58:377 2276 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
20:40:58:424 2276 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
20:40:58:455 2276 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
20:40:58:502 2276 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
20:40:58:549 2276 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
20:40:58:596 2276 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
20:40:58:658 2276 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
20:40:58:767 2276 GEARAspiWDM (ab8a6a87d9d7255c3884d5b9541a6e80) C:\Windows\system32\Drivers\GEARAspiWDM.sys
20:40:58:830 2276 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
20:40:58:877 2276 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:40:58:971 2276 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
20:40:59:049 2276 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
20:40:59:142 2276 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\DRIVERS\hidusb.sys
20:40:59:189 2276 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
20:40:59:299 2276 HSF_DPV (e9e589c9ab799f52e18f057635a2b362) C:\Windows\system32\DRIVERS\HSX_DPV.sys
20:40:59:455 2276 HSXHWAZL (7845d2385f4dc7dfb3ccaf0c2fa4948e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
20:40:59:517 2276 HTTP (f31d27ccf514549a17e79bebe01b40b6) C:\Windows\system32\drivers\HTTP.sys
20:40:59:596 2276 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
20:40:59:721 2276 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
20:40:59:986 2276 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
20:41:00:033 2276 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
20:41:00:064 2276 intelide (0084046c084d68e494f8cf36bcf08186) C:\Windows\system32\drivers\intelide.sys
20:41:00:096 2276 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
20:41:00:127 2276 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:41:00:174 2276 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
20:41:00:346 2276 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
20:41:00:439 2276 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
20:41:00:517 2276 isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys
20:41:00:596 2276 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
20:41:00:736 2276 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
20:41:00:799 2276 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
20:41:00:892 2276 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
20:41:00:939 2276 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\DRIVERS\kbdhid.sys
20:41:01:049 2276 klmd23 (67e1faa88fb397b3d56909d7e04f4dd3) C:\Windows\system32\drivers\klmd.sys
20:41:01:455 2276 KSecDD (11d0bc1f2afd8abbb5a3dc47a042de54) C:\Windows\system32\Drivers\ksecdd.sys
20:41:01:517 2276 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
20:41:01:564 2276 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
20:41:01:783 2276 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
20:41:01:814 2276 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
20:41:01:861 2276 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
20:41:01:892 2276 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
20:41:01:924 2276 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
20:41:01:939 2276 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
20:41:02:064 2276 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
20:41:02:142 2276 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
20:41:02:221 2276 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
20:41:02:283 2276 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
20:41:02:361 2276 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
20:41:02:455 2276 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
20:41:02:502 2276 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
20:41:02:564 2276 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
20:41:02:627 2276 mrxsmb (529b64f9735d27fef1b8ea1678f8c79e) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:41:02:721 2276 mrxsmb10 (58a9ab5754fa4cabede7401283b5a771) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:41:02:767 2276 mrxsmb20 (30a67c7d8b80281028916ded6a64aec9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:41:02:799 2276 msahci (d420bc42a637ac3cc4f411220549c0dc) C:\Windows\system32\drivers\msahci.sys
20:41:02:846 2276 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
20:41:02:892 2276 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
20:41:02:939 2276 msisadrv (207df26dbb2537c20276da0e15892274) C:\Windows\system32\drivers\msisadrv.sys
20:41:03:017 2276 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
20:41:03:064 2276 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
20:41:03:111 2276 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
20:41:03:142 2276 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
20:41:03:205 2276 mssmbios (7dbaa028f625aa46b95dda4fbe4b602b) C:\Windows\system32\DRIVERS\mssmbios.sys
20:41:03:283 2276 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
20:41:03:330 2276 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
20:41:03:439 2276 NativeWifiP (1d162e52fb691eb555a476b04b4bff3f) C:\Windows\system32\DRIVERS\nwifi.sys
20:41:03:533 2276 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
20:41:03:611 2276 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
20:41:03:674 2276 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
20:41:03:736 2276 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
20:41:03:783 2276 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
20:41:03:830 2276 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
20:41:03:892 2276 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
20:41:03:955 2276 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
20:41:04:017 2276 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
20:41:04:049 2276 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
20:41:04:189 2276 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
20:41:04:283 2276 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
20:41:04:314 2276 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
20:41:04:377 2276 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
20:41:04:424 2276 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
20:41:04:486 2276 nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys
20:41:04:596 2276 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
20:41:04:658 2276 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
20:41:04:752 2276 partmgr (84be786f33fdbd8765e05df3b7f5b9e6) C:\Windows\system32\drivers\partmgr.sys
20:41:04:783 2276 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
20:41:04:892 2276 pavboot (3adb8bd6154a3ef87496e8fce9c22493) C:\Windows\system32\drivers\pavboot.sys
20:41:04:939 2276 pci (bdd96f9cf34d58958aff1be6ef4c8020) C:\Windows\system32\drivers\pci.sys
20:41:05:080 2276 pciide (b2fc76090ef1003463ccb07cabb35cff) C:\Windows\system32\drivers\pciide.sys
20:41:05:158 2276 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
20:41:05:236 2276 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
20:41:05:361 2276 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys
20:41:05:439 2276 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
20:41:05:533 2276 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
20:41:05:642 2276 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
20:41:05:799 2276 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
20:41:06:080 2276 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
20:41:06:142 2276 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
20:41:06:439 2276 R300 (554685122b4f973e21d66c2baaf29543) C:\Windows\system32\DRIVERS\atikmdag.sys
20:41:06:736 2276 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
20:41:06:877 2276 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:41:06:955 2276 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
20:41:07:205 2276 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
20:41:07:377 2276 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:41:07:689 2276 rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys
20:41:07:799 2276 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
20:41:07:939 2276 RDPWD (e2afac98fc6ca2ad2d09f2de1bc71ad9) C:\Windows\system32\drivers\RDPWD.sys
20:41:08:189 2276 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\Windows\system32\DRIVERS\rimmptsk.sys
20:41:08:314 2276 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\Windows\system32\drivers\rimsptsk.sys
20:41:08:377 2276 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\Windows\system32\drivers\rixdptsk.sys
20:41:08:439 2276 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
20:41:08:502 2276 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
20:41:08:564 2276 sdbus (7b3973cc28b8aa3e9e2e5d53e720e2c9) C:\Windows\system32\DRIVERS\sdbus.sys
20:41:08:674 2276 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:41:08:767 2276 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
20:41:08:830 2276 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
20:41:08:861 2276 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
20:41:08:924 2276 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\DRIVERS\sffdisk.sys
20:41:08:971 2276 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
20:41:09:033 2276 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\DRIVERS\sffp_sd.sys
20:41:09:064 2276 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
20:41:09:111 2276 sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys
20:41:09:158 2276 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
20:41:09:221 2276 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
20:41:09:299 2276 Smb (46baf398809a0f3b2d3300a1760e4b91) C:\Windows\system32\DRIVERS\smb.sys
20:41:09:361 2276 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
20:41:09:408 2276 srv (2c677528b24d64d22886ecbe5cd97f20) C:\Windows\system32\DRIVERS\srv.sys
20:41:09:502 2276 srv2 (e8c4d5bca3c7b5c2a040052aa467b5bf) C:\Windows\system32\DRIVERS\srv2.sys
20:41:09:549 2276 srvnet (cd11a0767e82dd8b1a3a26d305dbec0f) C:\Windows\system32\DRIVERS\srvnet.sys
20:41:09:627 2276 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
20:41:09:705 2276 STHDA (3cfea727795243364bb6a7f9a091faa3) C:\Windows\system32\drivers\stwrt.sys
20:41:09:767 2276 swenum (3b80b4383c9bce13279c8482734b32b2) C:\Windows\system32\DRIVERS\swenum.sys
20:41:09:861 2276 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
20:41:09:908 2276 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
20:41:09:955 2276 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
20:41:10:002 2276 SynTP (dd17b63f26430e179ef6bdef5ac735bd) C:\Windows\system32\DRIVERS\SynTP.sys
20:41:10:111 2276 Tcpip (52a8bd6294f7d1443c6184c67ae13af4) C:\Windows\system32\drivers\tcpip.sys
20:41:10:236 2276 Tcpip6 (52a8bd6294f7d1443c6184c67ae13af4) C:\Windows\system32\DRIVERS\tcpip.sys
20:41:10:299 2276 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
20:41:10:346 2276 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
20:41:10:377 2276 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
20:41:10:424 2276 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
20:41:10:502 2276 TermDD (849ed71967d45f15c3e0abfc633fdf2a) C:\Windows\system32\DRIVERS\termdd.sys
20:41:10:564 2276 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:41:10:611 2276 tunmp (a858917785681743c512950fdfa14db7) C:\Windows\system32\DRIVERS\tunmp.sys
20:41:10:674 2276 tunnel (29f1d1d888ee61d20d5662e72aa34129) C:\Windows\system32\DRIVERS\tunnel.sys
20:41:10:705 2276 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
20:41:10:799 2276 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
20:41:10:846 2276 uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys
20:41:10:924 2276 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
20:41:10:971 2276 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
20:41:11:033 2276 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
20:41:11:111 2276 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
20:41:11:158 2276 usbccgp (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\DRIVERS\usbccgp.sys
20:41:11:205 2276 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
20:41:11:267 2276 usbehci (c9fcd05b0a80ea08c2768e5a279b14de) C:\Windows\system32\DRIVERS\usbehci.sys
20:41:11:314 2276 usbhub (5e44f7d957f7560da06bfe6b84b58a35) C:\Windows\system32\DRIVERS\usbhub.sys
20:41:11:392 2276 usbohci (9333e482a173938788cbde8f81ec52fb) C:\Windows\system32\DRIVERS\usbohci.sys
20:41:11:424 2276 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\DRIVERS\usbprint.sys
20:41:11:517 2276 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:41:11:580 2276 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
20:41:11:611 2276 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
20:41:11:674 2276 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
20:41:11:736 2276 viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys
20:41:11:799 2276 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
20:41:11:846 2276 viaide (f3b4762eb85a2aff4999401f14c3262b) C:\Windows\system32\drivers\viaide.sys
20:41:11:892 2276 volmgr (fd16fac15f9f165ac19a618e7b391f5c) C:\Windows\system32\drivers\volmgr.sys
20:41:11:955 2276 volmgrx (420c48e593b9520c2dee45d671f923e1) C:\Windows\system32\drivers\volmgrx.sys
20:41:12:111 2276 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
20:41:12:158 2276 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
20:41:12:221 2276 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
20:41:12:299 2276 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
20:41:12:299 2276 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
20:41:12:346 2276 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
20:41:12:439 2276 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys
20:41:12:533 2276 winachsf (4daca8f07537d4d7e3534bb99294aa26) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
20:41:12:627 2276 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:41:12:658 2276 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
20:41:12:705 2276 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:41:12:767 2276 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys
20:41:12:767 2276
20:41:12:767 2276 Completed
20:41:12:767 2276
20:41:12:767 2276 Results:
20:41:12:767 2276 Registry objects infected / cured / cured on reboot: 0 / 0 / 0
20:41:12:767 2276 File objects infected / cured / cured on reboot: 0 / 0 / 0
20:41:12:767 2276
20:41:12:799 2276 KLMD(ARK) unloaded successfully

 

Nothing to post because it didn't find anything. I took a screenshot but I guess I can't upload attachments here.


Here's what it says
No threats found.
Scanned files 82724
Infected files 0
Cleaned files 0
Total scan time 01:06:32
Scan status Finished

Is there any end in sight??

 

Kenco by jpshortstuff (31.12.09.1)
Log created at 06:40 on 21/06/2010 (Cara)

========== Task Unlocker ==========

========== KencoScan ==========
C:\Windows\system32\bcdsrv.dll -> Error setting security information [5]!
C:\Windows\system32\scksp.dll -> Error setting security information [5]!

========== C:\Windows\Tasks ==========
GoogleUpdateTaskUserS-1-5-21-1167157780-497472970-3894054306-1000Core.job -> [23:43 01/02/2010] 852 bytes
GoogleUpdateTaskUserS-1-5-21-1167157780-497472970-3894054306-1000UA.job -> [23:43 01/02/2010] 904 bytes

-=E.O.F=-

I'm going to work now, so I'll try the second part this afternoon.

Thanks for all your help with this