Solved Suspected Malware; Unable to load/run Programs

[Resolved] Suspected Malware; Unable to load/run Programs

Hey there guys, long time no see, eh? Things have been going great for me, and I'm in college now! Bought myself a shiny new laptop, and it's been running great... Until today. Lately, it's been running a little off, and for some reason I can't load up Hotmail, or run Steam. Steam refuses to connect, despite all of the troubleshooting I've done, and my laptop refuses to connect to Hotmail, despite all my best attempts to do so. Anyways, here are the logs that are required... I'm not certain that there are any viruses/malware, but I've been letting a friend use my laptop lately, and I have no clue if he would have picked anything up during his frequent forays onto the internet.

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-03-15 21:22:17
Windows 6.1.7600
Running: jjlh1bqp.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Bind ????????????????@machine.inf,%intel_mfg%;Intel??????Microsoft 6to4 Adapter #117??2??{4d36e972-e325-11ce-bfc1-08002be10318}?oft??????????????????????????????????????????????????????????????????? ?????s????????????????????????si??????????Extended Base???????????@nettun.inf,%msft%;Microsoft?S????N??????n??????????*6to4mp?ro????X??????a???t????????????????????????????X??????????t??????????{4d36e97d-e325-11ce-bfc1-08002be10318}\0049?????????????????????????????????????????@%systemroot%\system32\rascfg.dll,-32012????????????????????????????????????? ???????|?????????????:????????????&???????????????????????? ??????????????????????????????????????@%SystemRoot%\system32\tcpipcfg.dll,-50004????????8???????????h???????8?????????????16??????16??@nettun.inf,%msft%;Microsoft????Microsoft USB Standard Hub Driver?????????????:??????d?ges???l?m??????????????????????????????????????????X??????z???t???????????????????????s???n??%i???????r??? p???????????????????????????????????6????????????n????tunnel????????????????????????:
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Route ????????tunnel?14A??? ?????????????????????.?? "?????p?k?????6.?????????????????d?????? "??????;???????t??4586563586962756?r??ys??????????TCPIP6TUNNEL?Tcpip6??2???????????d??????????????????????????Microsoft 6to4 Adapter??????????????{5A527C43-81A5-444F-9B78-783EFC7DABEF}??????tunnel??????TCPIP6TUNNEL?Tcpip6??????????????0??? ??????q???????????????*6to4mp?????? ????????????????????????????4?????????????????192.168.0.1?????6-21-2006?????$??????F??????????? ???????@????????????????????$?N?u???????????????????????????????N?????????????????{67916BD8-5748-408C-872B-B35F43FF444D}?M?????????????y???????????????i???????s??? ???????d??????.d???????????G??????????????????????????????????m????s????????????$?????????????????ROOT\*6TO4MP\0103??????????????????d?????????????????????????????????????h??text????????????????????????????????????????????????????nettun.inf?SAT??? ???????2?????18}??6to4mp.ndi??????? ??????????????????*6to4mp??????????????????????????????????8????????????`?????????????? ???????0??????n4??6.1.7600.16
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Export ????????????02??????????????? ???????`???????????j?6????????????&????????????????????????????????B????????????????N?????????????????????Microsoft Office Word?????,?????????????Microsoft Office Word?????~??????e??{0??C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE,1??????????????????????C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE /IMG_WIA???? ???????`???????????l?6????????????&?????????????????????????,??????8??75??Microsoft Office Word?????,??????????1??Microsoft Office Word?????~?????????????C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE,1???????????????}???e??C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE /IMG_WIA??????????????`???`????? ???????`???????????`?6????????????&????????????????????E???????`???-??5A???????n???:???????????n??????????? ???????a???????????/?,??????(?????????????r ????N????????????D-1??? p??????1????????????N??????n?????Da\???????????l??????????@nettun.inf,%msft%;Microsoft??????:??????????????????k??????????Net?????int????????
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Bind ????????@netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor)????{00000000-0000-0000-FFFF-FFFFFFFFFFFF}???????h?j?k?k?k?k?l?l?k?l?l??{4d36e972-e325-11ce-bfc1-08002be10318}\0005?????????????@netrasa.inf,%msft%;Microsoft???? "??l???y?????r????usbhub???6??????????????????Net?cp???l???????k???3???3??? ???????j?????k?????k?.??????????:?????????D????????j???????????l??? ???????k???????????k?.????????P????????/????N??l????????D??i??Net?ta???l?????k?&??{8ECC055D-047F-11D1-A537-0000F8753ED1}?.in??{4d36e97d-e325-11ce-bfc1-08002be10318}????????h??????5?g?5???l??????????????????{4d36e972-e325-11ce-bfc1-08002be10318}\0001?? ??Microsoft???*6to4mp??????????????l??? ???????j?????k?????k?.??????????;? ???????D????????????????????l??? ???????k???????????k?.????????^???????????? .??????5???????????l?l?k???????l?????k?&??{00000000-0000-0000-FFFF-FFFFFFFFFFFF}???????????@???1??s????????i???????e??? *??l???p???????1??{4d36e972-e325-11ce-bfc1-08002be10318}??Ne??????????????????????ROOT\mssmbios??Bri????X??k???????e???k?????
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Route ?????????????????????k??????????????????????????????????t????????y??LegacyDriver?????????????5???????????????k???.???????1??????????????????????????????????????? ??@???????????????@?h?k?k?k?k?k???????k???F??sw???????|???????x??Net?A-???????????????????????f?h?k?k?k???k????N??m??? ????D??5???????????????????????????? "??p??????p????????l???????????????????/???????/???????????o??????ro??? ???????j?????k?????k?.???????????? ???????D?????N??k??????????????? ???????k???????????k?.????????N????????????????k???-??s0????N??k???5???????&?????k?&???????k??????????srvnet?????????????????????s?5??tunnel?D5A??????00??? ???????j?????k?????k?.??????????-?????????????????????????????????????? ???????k???????????k?.????????N????????????l?l?k???l??? ???????j?????k?????k?.?????????????????????????????????0??????_D??? ???????k?????????????.????????N???????????? (??k??????????????LegacyDriver???????k?&??? ???????j?????k?????k?.???????????? ???????O????????x??LegacyDriver?2???h?k?k?k??????????N??l???n????DaxM??FSFilter Virtualiza
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Export ??????????????????P????????????n??????????????????????&??o???????????e???o????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????Interface Un-quarantine filter?????????????????????????????????????????????????????????????????????????????????????? ??????????? ????(??????P????????????(??????P????????????(??????P????????????(??????P????????????(??????P????????????(??????P?????????????P??????????????????? ?????@??o?????????e???????????????? ????????????????&???????w???????????????????b????<??o????????h??????????????????s?????????????????????n????????el???&??????? ???????????????????????&????????????????????????????????V??????????????d??Composite Bus Enumerator Driver?????????<???????????????????????????t???*6to4mp?????OSessions????&???o???????????????????????????&??????????????????????????????@%SystemRoot%\system32\qmgr.dll,-1001???? ???????o???????????n????????L??????????????????????&???????4???????????????????8???&???o???????????????????????????o?
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Bind ???l?????l?l??????<??m???~?g?2???????????,????????????????????????N??l?????????D????ms_pptpminiport??1??????????????????????tunnel?" "???????????m?m?l??? ???????l?????l???????0????????????&???????????????????????? ???????l?????l???????0????????????????????? ???????l???????????l?0?????????????????????????????7?????????????????????????????????????????l???????l???l????? ???????j?????l?????k?.??????????E?????????????????????????????????? ???????l???????????k?.????????V?????????????>??l?????g??????X??????????e?????l?&???????k???????????????T???%???e??????????*6to4mp??????????????????g??????????????????????????????????????.e??????ne???m?m?m???????????????????????k???????????????????1???????????l??????????6.1.7600.16385??6.???????????????????l?los??t???? ???????j?????l?????k?.??????????G? ????????????????k??????????????? ???????l???????????k?.????????V??????????????????????????????????????????????l?&????*??l??????????WAN Miniport (IKEv2)?????????????????????????l??????????netavpna.inf?????????????????????? ??l???1?
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Route ?????|??*6to4mp??y?????????????l????? ???????l?????l???????0?????????????????????????l?????????????????l???l???l???l???l???l???l???l????????????????? ???????l???????????k?0?????????????????????????3?????l????? ???????j?????l???????.??????????U??????????T???a?j???????j???k???k???k???k???k???k???????k???k???????????k???k???k???k???k???k???k???k???k???k???k???k???k???k???k???k???????????????????????????k???k???k???k???k???k???k???k???k???k???k???k???k???k???k???k???k???k???k???k???k???k???k???k???k???k???????k???l???l???l???l???l???k???l???????????l???l???l???k???l???l???l???????????l???l???l???l???l???l???l???l???l???l???l???m???m???m???m???m???m???m???m???m???m???m???m???m???m???m???m???m???m???m???m???m???m???m???m???m???m???m???m???m???m???m???m???m???m???m???m???m???m???m???m???m???m????????????????????? ??????????????x?????N??l?????????D????????6F???????????????????|?????????????k?&??DETECTEDInternal\volmgr?DETECTED\volmgr??????????????B???????????B???????????????????l?l?????????????????????i???????|??? ?
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Export ????????system32\DRIVERS\vdrvroot.sys????????????????????{??69??t???AudioGroup?Sys???z????????????????2Local Area Connection* 10???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? "RAS Async Adapter?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage@Bind ???v?????????5???????5??????????????LegacyDriver?5??????????????????????????? ???????n?????s????????????????X????????????????????????????????????????|??????????????????????t????????????????s??????????????system32\DRIVERS\kbdclass.sys?bdclass.sys????????????|??????Microsoft????????????????????????????????s???s??ep????X??????0???4???????s??????sW??????????????t????????????????????t???s??Microsoft????????????????????e???????????s??? ???????s???????????p????????0????? ?????????????????????????????s??????s??????????????????????????????????????????????? ???????n?????s?????s??????????V????????V???????????????????????s??????p????s?s?s????????????????????????R??s????????h?????SCSI Miniport????s?s?s?s?s?s?s?????s?????s??\SystemRoot\system32\DRIVERS\iaStorV.sys? ????V??s???????????d?????????????g?????t??t????????????!???e??iastorv.inf_amd64_neutral_18cccb83b34e1453????????????????????????????????????????????N??s????????h?????? ???????s???????????s????????&????? ??????????????????????????????e????? ???????n?????s?? ??s?
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage@Route ?????j??????????1:Brightness=0.0,Contrast=1.0,Saturation=1.0,Gamma=0.0,Hue=0.0;2:Brightness=-3.0,Contrast=1.16,Saturation=1.25,Gamma=0.0,Hue=0.0;3:Brightness=-3.0,Contrast=1.07,Saturation=1.10,Gamma=0.0,Hue=0.0;4:Brightness=7.0,Contrast=1.25,Saturation=0.96,Gamma=0.0,Hue=0.0?????????0???????????????????????1???????????????????????????0????????????F??????0???????????????????????????0???????????????????????????3???????????????????0(Box:2,Narrow-tent:4,Wide-tent:6,Edge-detect:12) 2(Box:2,Narrow-tent:4,Wide-tent:6) 4(Box:4,Narrow-tent:6,Wide-tent:8,Edge-detect:12) 8(Box:8,Narrow-tent:12,Wide-tent:16,Edge-detect:24) 16(Box:16,Narrow-tent:24,Wide-tent:32)???????0?????????????????????? ?)??????? ??0???????????????????0????C??p "???????w???????e??????1???????????????????0?????????????????$??????^??????????????0???????????????????????0??????D????*6to4mp?????????1????????????????F??????0????|?E?|???????z???????e??????????????0????????????F??? ??0???????????????tunnel?0.1??????0???????????????????0??????????e????p "?????
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage@Export ???|?s??????????????????????????????? ???????n?????|??????????????????????????r?????? ???????|???????? ??|??????????F??????????e?????????{??????e????? ??{???????????????|???????t????F??|???????y??%systemroot%\system32\msscntrs.dll?????????|?????|?????????????????e?????????|???(??????P???gsrvctr.ini??????????{??????e???? ??????????????r????????????????????????? ??{???????????|??? ???????????????????????????????????????|?|?|?|?|?|?|?|?|?|????? ???????n?????|????????????????????????????? ???????|???????? ??|??????????F??????????e?????????|???????t??Collect???????F??|???????y??%systemroot%\system32\msscntrs.dll?????????|?????|???????????'?????e?,???????|??????????????gthrctr.ini??,??LocalSystem?????? ??????????????r?????????????????????????T??|?????????e????? ????????????????????????????????p??????|?|?|?|?|?|?|?|?|?|????? ???????n???????????|????????$?????????????????@%SystemRoot%\system32\ui0detect.exe,-101?????H??|????????h?????%SystemRoot%\system32\UI0Detect.exe???????T??|?????????n????@%SystemRoot%\system32\
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBT\Linkage@Bind ????????????16??????????????????????\D???????|??Microsoft 6to4 Adapter #128?fc??tunnel??????????????{4d36e972-e325-11ce-bfc1-08002be10318}\0144?????????????*6to4mp?????????????*6to4mp?????????-4??????????????????{00000000-0000-0000-FFFF-FFFFFFFFFFFF}??????{4d36e972-e325-11ce-bfc1-08002be10318}\0142??o???7??????????????????????11???????????2??{4d36e972-e325-11ce-bfc1-08002be10318}\0145?? ???????????r?????s(2??????????? ??text?????????2???????????B??int?CE???????????????????16?????*6to4mp?????@nettun.inf,%msft%;Microsoft??????????????~?????????????????????????????????6to4mp.ndi??????Type????????5???11??5???????5???????????? ?????????????????????0????????????&???????????????????????? ?????????????????????0????????????????????? ?????????????????????0????????~???????????nettun.inf:Microsoft.NTamd64:6to4mp.ndi:6.1.7600.16385:*6to4mp??????????????? ?????????????????????0????????????&???????????????????????????????????????? ?????????????????????0????????~???????????? ?????????????????????,??????????????????????s????
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBT\Linkage@Route ????????????????????*6to4mp??7??????????????????????? ???????|???????????m?:????????????&????????????????????1??? ???????-?????09F???????????e?????epi??\\?\Root#*6TO4MP#0147#{cac88484-7515-4c03-82e6-71a87abac361}?_????$?????? ????????????z???????????????????$??????F???????8??????????????? ????????????????????????????$?N?j?????????{4d36e972-e325-11ce-bfc1-08002be10318}\0106?02????????????????????????N?????????????????{DCFB62CF-F380-4EC4-8936-F16E9D2202F7}?-????????????????????????????? ???????s??? ???????d?????????????????????????????t?????????????????t??????????????????????d???????? ???????|???????????u?:??????????Y?&????????????????????9??? ???????4?????0F1???????????F?????e4-??{4d36e972-e325-11ce-bfc1-08002be10318}??{3??Net?8-??? ???????F?????887??*6to4mp??B??? ????????????????????????????$?N?i?????????{4d36e972-e325-11ce-bfc1-08002be10318}\0105?A-??????????? ????????????N?????????????????{B8B426DC-3912-4C50-A3E8-E59DC9A7EE1B}???n???????????????e???????????y???????s??? ???????s???????????????????t?????????
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBT\Linkage@Export ?????t??? ???????n?????{?????{????????$??????????v????T??{?????????e????@%SystemRoot%\system32\tapisrv.dll,-10100?????????????????????????h??{????????h?????????????????t????{??????????????%SystemRoot%\System32\svchost.exe -k NetworkService????????? ?????????????T??{?????????n????@%SystemRoot%\system32\tapisrv.dll,-10101?????2??{??????e????? ??{???????????e??PlugPlay?RpcSs??????? 8??{??????????????NT AUTHORITY\NetworkService???????,??{???+???????+???????????????????????????{??????????????????SeAuditPrivilege?SeChangeNotifyPrivilege?SeCreateGlobalPrivilege?SeImpersonatePrivilege?SeIncreaseQuotaPrivilege?SeAssignPrimaryTokenPrivilege???????{?{?{?{?{?{?{?{?{?{?{??????????????????????????? ???????{???????????y????????,?D??? ???????????? D??{??????????????%SystemRoot%\System32\tapisrv.dll???????????????????????????? ???????{???????????{??????????6??????????e????CloseTapiPerformanceData??????6??{???????t??CollectTapiPerformanceData???????????{???????y??tapiperf.dll????? ??y????????????????0??{??????????OpenTapiPer
Reg HKLM\SYSTEM\CurrentControlSet\services\Smb\Linkage@Bind ?????????u?s????????????????????????????????????????? ??????????????????????????????????s???? ??????????? ?????????????????????0??????????????????????????4?????????s???????????????????? p?????????????????6to4mp.ndi??????Microsoft????????????????????????1??????? ?????????????????????0????????????????????? ?????????????????????0?????????????????????????????????????????????d??es??????? ?????????????????????0????????????????????????????? ???????I???????????????????3?????sA-??tunnel?net??????? ???????????????????z?0????????????????????????????6to4mp.ndi??????????????????????????Microsoft???????????????? ?????????????????????0????????????????????? ?????????????????????0?????????????????????????????????h????????????????????.????????????e?????????????????????????????????????????e??????? p?????????????????????????????????????????? ??x????_???????????????????n?????????nel???n???????????5??????????tunnel??????@volsnap.inf,%storage\volumesnapshot.devicedesc%;Generic volume shadow copy??????????????????????? ?H????????e?
Reg HKLM\SYSTEM\CurrentControlSet\services\Smb\Linkage@Route ????????*6to4mp??A??? ???????????????????????????i????????????????????????$?????????????????7???????????????????Root\*6TO4MP\0081?????N??????d???????????????????????t??????????Net?????Net?????@volsnap.inf,%msft%;Microsoft???? ??w????1???????????|??????????*6to4mp?????????????????????????????????????????????????????????????????Microsoft???????nt??Microsoft????????????????i??? ???????????????h??tunnel?54E????????????N??????|???????|??6-21-2006????????????????????-???????????????????????k???e????X??????????t??????????int?????? 0??????????????e??Microsoft???Net?????*6to4mp?????????????*6to4mp?????? ???????j?????????????.?? "?????p?6?????????????????????????? Z?????????????????@volsnap.inf,%msft%;Microsoft???????????????????????????????Mi??? ???????j?????????????.?? "?????p?4?????????@battery.inf,%msft%;Microsoft????k?k?k?k?k???k????:??????3?g40??Type??????????????X??????????t??@%SystemRoot%\system32\drivers\fvevol.sys,-100??? ???????????}???e???????n???????????0??? ?????????????????e???????????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\Smb\Linkage@Export ?????????????????????????????k??????????????????????????????????ra??????????????????????int?????NO_DRV??????????????????????????????????1????????t??????0???????????????????9 ??? ????????????????????????????????????????????????????0?????Disabled??????????????1?????Enabled??????????7??? ??????????????????????????????.????????????????2????.?????? ????c?????Throughput Enhancement???????? ?????????(???enum????????????????0????????t??????0????i??????????????????????????????????????????????????????????????????? ??????????????????????????????????????ve??????????????????Enabled??????????7??? ??????????????????????????????2???????????????od?????????????x????11??????????1????????t??enum??????2?????????????????Ad Hoc Channel 802.11b/g????????????????????int?????1. Lowest???????0???????????????1??????n????????????????????????1???????????? ??????????????????????????????.?????????????????????.???????????c?????Roaming Aggressiveness???????? ?????????????????2????????t??????0???????????????????????? ?????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Linkage@Bind ????????6-21-2006???????????tunnel???????????e??int?????????????????????????tunnel????????z??????p??????ed???????h???????????t?k??????????????????????8?????????????????????????????????int???????????????????????????????????????N??????4?????D2???????ZZ???????????????????(?????s(0??????????????????-C??????????Microsoft???????tunnel??????????????????????????????????????????????????????tunnel???????????????????????????????????????????????????????????????????_??????????????????? ????????????????????????????????????????????????????h????????g????Microsoft 6to4 Adapter #104??j???????j??????????2???????????????????ta??????????????-C????z??????????????????????????????????????l???????????????????????????????????????e??????????@nettun.inf,%msft%;Microsoft?4???????????????????????????????????????????B??????????????????*6to4mp??e??????? ???????Z?????????????0????????????&???????????????????????????????? ??????????dr????X?????????????????????text?4???????????_??????????????????????????????????????????@nettun.inf,%msft%;Micr
Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Linkage@Route ????????*6to4mp?????? ???????????????????y??????????`????????e??Network Address?????????????????#???? .??????.?????/?T????????????z?????????????6t??????????????????????????????Microsoft 6to4 Adapter???????????????????????3??13??6-21-2006????????????????? ??????v????c6A6??Network Address?C5???????????C???t???? ??????8??A7??? ?????????????????????????????? ???????0D???? ??????8????c0E2???????????e???t???????????-??AD??? ???????U?????????????,??N?????$???<???????????????????????????????C7??? ?????????????????????,????????????'????????????????????}??Local Area Connection* 176??????? ?????????????????????0??L????????? ??????tun??? ??????????????????????????????????????? .??????6?????A62??????????????????? ??????????????????????? ?????????????????????0????????????????????? ?????????????????????0????????????????????? ?????????????????????0????????????????????????????????????????? ?????????????????????0????????????&????????????????????????????????????????????????????????????#H????????????????????????)??????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Linkage@Export ????????????????????9???????0??????????????????s????????????????????12???f?z????????????????????{4d36e972-e325-11ce-bfc1-08002be10318}??????????????????96???????????? ?????????????????????????Microsoft 6to4 Adapter #51?6?2??????? ??@nettun.inf,%6to4mp.displayname%;Microsoft 6to4 Adapter?????{4d36e972-e325-11ce-bfc1-08002be10318}\0064???????6?????????????16???????????{??A1??A1???????????B??????????????ip??text?l???????????????2??? ?????????????????????0????????????????????? ???????????????????k?0????????????????????? ?????????????????????0????????????????????? ???????????????????k?0????????????????????? ?????????????????????0????????????????????? ???????????????????k?0????????????????????? ?????????????????????0????????????????????????????? ?????????????????????0????????????&???????????????????????? ?????????????????????0????????????????????? ???????????????????k?0????????????????????? ?????????????????????,???????????????????????.?.??????????? ??????????? ?????????????????????.????????????????????? ?????????
Reg HKLM\SYSTEM\ControlSet002\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Bind ???.????????????????????????{4D36E96A-E325-11CE-BFC1-08002BE10318}????????X??.???????????d??rimsptsk.inf_amd64_neutral_498cd0d9067e967a???????N??.????????D??.???????.???e???e??rimsptsk????????????? ??????? ???????????.??????????X???%???????????????????3}????N??.???.???????????.?.?.????X??.???.???????d?????.?????????????????????????????????????? ??-?????????????????????.?U???-?-?-?.?.?.?e???.???.???????????????????????.???????????????????????????????????????e???????????????????????????????????????????????.???????????e??????iv??rimsptsk?&???.??{4D36E96A-E325-11CE-BFC1-08002BE10318}?-A5??rimsptsk.inf_amd64_neutral_498cd0d9067e967a?de????N??.???.?????.?/??????0???????????????? ??0???????????????????0??????????????????.?.??? ??????? ???????????.??????????X???%????????????????????e??{4D36E96A-E325-11CE-BFC1-08002BE10318}???????.?.?.????X??.???????????d???????.???????e???.??? ??????? ???????????.??????????X???%???????????????????3}??{4D36E96A-E325-11CE-BFC1-08002BE10318}?.?.???.?.?.??? ???????-???????????,?0???????
Reg HKLM\SYSTEM\ControlSet002\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Route ???.?.??? ??????? ???????????.??????????X???%????????????????????e??{4D36E96A-E325-11CE-BFC1-08002BE10318}???????.?.?.????X??.???????????d???????.???????e???.??? ??????? ???????????.??????????X???%???????????????????3}??{4D36E96A-E325-11CE-BFC1-08002BE10318}?.?.???.?.?.??? ???????-???????????,?0????????????????????Net??|???????.???;??????rimsptsk.inf_amd64_neutral_498cd0d9067e967a?????? ??????? ???????????.??????????X???%???????????????????3?????N??.????????D?Le??rimsptsk?????.?.?.???.??? ??????? ???????????.??????????X???%???????????????????3}??{4D36E96A-E325-11CE-BFC1-08002BE10318}?sit???-?-?.????X??.???????????d??rimsptsk.inf_amd64_neutral_498cd0d9067e967a? ???? ??????? ???????????.??????????X???%???????????????????3?????N??.??????????????{4D36E96A-E325-11CE-BFC1-08002BE10318}???????.?.?.?????.?????????.???.???e??rimsptsk??????X??.???????????d??rimsptsk.inf_amd64_neutral_498cd0d9067e967a??.??? ??????? ???????????.??????????X???%???????????????????? ????N??.????????D?????{4D36E96A-E325-11CE-BFC1-08002BE103
Reg HKLM\SYSTEM\ControlSet002\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Export ???B?????????A???0???e??%SystemRoot%\MEMORY.DMP???????,??B?????????r????%SystemRoot%\Minidump??????????????????s????????????? ???????U?????U??????????L???????????????????t??U????????t?????Hant????? ??????????????????????????????????????????????????pcmcia.inf_amd64_neutral_1678e66e0cbb04b2???{4D36E977-E325-11CE-BFC1-08002BE10318}?-BF????T??B???e???????d????N??B????????D?????pcmcia?002??? ???????B???????????A?6????????X???????????pcmcia.inf_amd64_neutral_1678e66e0cbb04b2???{4D36E977-E325-11CE-BFC1-08002BE10318}??{4???????B???5???e????T??B???????????d??pcmcia.inf_amd64_neutral_1678e66e0cbb04b2???pcmcia?002??? ???????B???????????A?6????????V?????????????N??B????????D?????{4D36E977-E325-11CE-BFC1-08002BE10318}??{4???????B???5???e???B?B?B????T??B???????????d??pcmcia.inf_amd64_neutral_1678e66e0cbb04b2???{4D36E977-E325-11CE-BFC1-08002BE10318}?77-???????B???F???e??pcmcia?18}??? ???????B???????????A?6????????T????????????B?B?B????T??B???????????d??pcmcia.inf_amd64_neutral_1678e66e0cbb04b2?????N??B????????D?????{4D36E9
Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Bind ???k?????????0?????k????? ???????k?????k???????0????????????????????? ???????k???????????k?0????????$???????????????????? ???????j?????????????.??????????????????????Yoot?????k????? ???????k?????k???????0???????????????????????k???k???k???k???k???k???k???k???k????????????? ???????k???????????k?0?????????????????????????????3???????k?????k????? ???????k?????k???????0????????????????????? ???????k???????????k?0??????????????????????X??????????m?????????????????????????????k????{71a27cdd-812a-11d0-bec7-08002be2092f}\0002???????X?????????????LegacyDriver?5??WimFltr????????????????????s???????????????????????? ??????????s???????????????????s?????????????~???????k??????????Net?r????????y?????????????????s?4??????????mfehidk?em???????????????????????????k???5?????????????????????sN????? ??????p???e??mfewfpk??????????????3???????k???k?????????????????s????HP v125w?????????????7???????????????5???7??????????????????hi???k???????????k???k???????????????g?h?k?k?k?k?k????*??k?????????????????????????????????????????????
Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Route ???s?@??Root\*6TO4MP\0004???*6to4mp?? "??*6to4mp?????? ??????????????s???????Net????????????????????????????????????s???s??????8??s????????h???????X??????????&???????t?t????? ???????s?????s???????????????????? ?????? ????? ???????s??????????????????????????????????????? ???????s???????? ??s????????r?p??? ?????????????H??s?????????????????????????4?????????? ???????????????????H??s???????????/?????????????4?????????? ??????????????????t?t?s????0??s???????????????????????????????????????????9p??s????????????????????????????????/????????????????\???(??????P??????????????????? ????????????????????s???s??????l??s??????????????/??????????????X???(??????P????????????(??????P???????????????l??s?????????????????????????????X???(??????P????????????(??????P??????????????????s????????????l??s??????????????/??????????????X???(??????P????????????(??????P??????????????'0??s???,???????????????????/???????????????????????????;????????????????????????D??s?????????????????????????????0???(??????P???????????????D??s?????????????
Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Export ???s??????<??t????????h?????????????Intel Processor Driver??????????*6to4mp????????v?????????5???????5??????????????LegacyDriver?5??????????????????????????? ???????n?????s????????????????X????????????????????????????????????????|??????????????????????t????????????????s??????????????system32\DRIVERS\kbdclass.sys?bdclass.sys????????????|??????Microsoft????????????????????????????????s???s??ep????X??????0???4???????s??????sW??????????????t????????????????????t???s??Microsoft????????????????????e???????????s??? ???????s???????????p????????0????? ?????????????????????????????s??????s??????????????????????????????????????????????? ???????n?????s?????s??????????V????????V???????????????????????s??????p????s?s?s????????????????????????R??s????????h?????SCSI Miniport????s?s?s?s?s?s?s?????s?????s??\SystemRoot\system32\DRIVERS\iaStorV.sys? ????V??s???????????d?????????????g?????t??t????????????!???e??iastorv.inf_amd64_neutral_18cccb83b34e1453????????????????????????????????????????????N??s????????h?????? ???????s?????
Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Bind ???l??????t??n?????g?????????k???1???????l??????????????volmgr??????{4d36e972-e325-11ce-bfc1-08002be10318}???????l???l????X??????.???.??Net??????????????????????l?????l?&??@netsstpa.inf,%msft%;Microsoft????????N????????????D????????????????????????c???????????????????{4d36e97d-e325-11ce-bfc1-08002be10318}??????ROOT\VOLMGR?????? ???????j?????l?????k?.??????????O??????????0???????j??????s????l??? ???????l???????????k?.????????N????????????????l???-???????.??tunnel? "{6??????????????md????N??l???????????????????l??????????{4d36e972-e325-11ce-bfc1-08002be10318}\0003?????? ??????????????x???{4d36e972-e325-11ce-bfc1-08002be10318}???????????????????????????l??????????6.1.7600.16385???????????????????????l?l?????l??? ???????j?????l?????k?.??????????P? ???????F???????????????????????? ???????l???????????k?.????????N?????????????h??????.?g?.???????4??????s??????l?&???????????????????l?l?l????(??l???o?? (??WAN Miniport (PPTP)??3???l?lpo???????????????????????l??????????netrasa.inf??????l?lne???????????????????????l???1?
Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Route ???s???????????????? ????????????? ??k???????????e????,??????????????????????????????????????????s??????????????????SeAuditPrivilege?SeImpersonatePrivilege?SeTcbPrivilege?SeDebugPrivilege??????s?s?s?s?s?s?s?s?s?s?s??????????? ???????s???????????s????????,?B??? ???????????? B??s???????????<??%SystemRoot%\System32\ikeext.dll?????????????????????????????????s?????????n????IkeServiceMain??????? ???????s?????s???????????????????????????o???????s???s????? ???????s???????????s??????????\?????0????????????????????????s0????????s????????????????????????\??s??????0???500?UDP?%windir%\system32\svchost.exe?IKEEXT?????s?s?s?s?s????????????????0?????? ???????n?????s????????????????????????????? ???????s?????????????????????????? ??????????????s????? ???????n???????????s??????????T????????????????????????????????????????s???s?s?s????T??s????????h?????\SystemRoot\system32\DRIVERS\intelide.sys????????2??Tcpip?????????(??s??????p???System Bus Extender???????R??s???????????d??mshdc.inf_amd64_neutral_a69a58a4286f0b22?????s?s?s?
Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Export ?????s???????????????????o????????????8??t????????h?????????????????????????????p???p???Intel(R)????? ???????n??????????????????????R????????k??????????????????????Net??u???????????????????v???????G??Net??????????????e?????????nab????V??????????????d???????????????????????e??????????????????????TCP/IP Registry Compatibility?????N??????a??????????????????? ???????n?????s?????s????????@?????????m?????$??s?????????e????@comres.dll,-2946????????s????????h?????%SystemRoot%\System32\svchost.exe -k NetworkServiceAndNoImpersonation?????$??s?????????n????@comres.dll,-2947???? 8??s??????????????NT AUTHORITY\NetworkService??????????????????????????????????????????????s?????????????? ????????????????s???????????e??RPCSS?SamSS???????,??s????????????????????????????????????2??s??????????????????SeChangeNotifyPrivilege?????? F??s???????????????s??? ???????????????????????????????????????????????????s?s?s???s???????????????s?s?s?s?s?s?s?s?s?s?s?s????? ???????s???????????s????????,?F??? ???????????%systemroot%\system32\msdtc
Reg HKLM\SYSTEM\ControlSet002\services\NetBIOS\Linkage@Bind ???k?t????X??n???????????????@???i???e?????????????????s?????????k????????????N??????1???????????|???????????h???????e???????????????????????k??Net?????DiskDrive????l?l?1??????????????NO???k?k?????????????????????????????????????5???k???k?k?k?k?k?k?k?????k?&???????k???????8??storage\volume???????k?k?????????k??????s?????<??l?????g??????J??o?????????e????Net?????mshome.net??????????????????LegacyDriver????{8ECC055D-047F-11D1-A537-0000F8753ED1}???????????x???????????????????????????????????k???1??8&???????k??????p????????k??????p????k??? ???????j?????k?????k?.??????????F??????????G????????????????????????????????????????X??n???????????k??? ???????j?????k?????k?.??????????*????????S????USB?21???k??????????? ???????k?????????????.????????N???????????{8ECC055D-047F-11D1-A537-0000F8753ED1}??????LegacyDriver?????? ??@???????????k???????????k?????k?&???????????????????????????k???????????????????????????5???k????>??l?????g????????!??????g????????.e???k??? ???????j?????k?????k?.??????????+??????????V????N??k????????D
Reg HKLM\SYSTEM\ControlSet002\services\NetBIOS\Linkage@Route ????????????????????????16???????????8??????52??Microsoft 6to4 Adapter #182??2?????????????????s ???@oem31.inf,%intel%;Intel????????????????????? ??????????????Type????Net?????????????????????????????????????????d?????2Local Area Connection* 25????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????4Microsoft 6to4 Adapter #18????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
Reg HKLM\SYSTEM\ControlSet002\services\NetBIOS\Linkage@Export ?????????z?|?|?|?|?}?}?}?y?y?y??{00000000-0000-0000-FFFF-FFFFFFFFFFFF}?FC0??????????????????????????{4d36e972-e325-11ce-bfc1-08002be10318}??????? ???????0???????????????????????s?????????????????????????????????????????????s? ?????????????????s?????????????p???????????????????????????o?k????????????????????@nettun.inf,%msft%;Microsoft? ??? ??????????????~???????????????????????????????????????????? ???????U?????????????,????????$???<???????????????????????????????nf???????????B??-C????N????????????Dtu??????????? ?????????????????????,????????z?????#385???????????????????????????????????9?????sA0??????????????????????????*6to4mp?????was?????????#???? ???????U?????????????,????????$???<???????????????????????????????14???????????A??????85????X??????|???????????t??? ?????????????????????,????????z?????#?15??{4d36e972-e325-11ce-bfc1-08002be10318}\0122?? ????:????????g ???????????????????????????????#???{4d36e97d-e325-11ce-bfc1-08002be10318}\0054?????????????????????????{4d36e972-e325-11ce-bfc1-08002be10318}?DA5?
Reg HKLM\SYSTEM\ControlSet002\services\NetBT\Linkage@Bind ???k?t??????1.??Net??F?????????????????s????*6to4mp???????^??r???+?????e?+???????t??LegacyDriver?????????V???????t???????k??? ???7??????????????????????? ??k?????????dyB??Storage volumes??????k?k?k??LegacyDriver????? ???????j?????k?????k?.??????????3????????S??????N???????????D?????? ???????k?????????????.????????N???????????LegacyDriver?e????N??n??????????????Net?????LegacyDriver?7??tunnel??????????????Microsoft??????k?&?????????????????s?????????i???????e??????????????????????? B??k?????????rag???l?l?1??tunnel?xe????l?l?1??? ???????j?????k?????k?.??????????4??????????Y???????????e??????iv??? ???????k???????????k?.????????^???????????{8ECC055D-047F-11D1-A537-0000F8753ED1}??HL?????k?&??USB??????????????e???????????????????????????????????????k???????????????????????????????????????y??????? ???h?k?k?k?k???k???????o???+???+??Root\*6TO4MP\0002????????k???5??s???*6to4mp???????N???????????D??????_???????k???t?t?t??????????? ???????j?????k?????k?.??????????5????????S????????????????????????? ???????k?????????????
Reg HKLM\SYSTEM\ControlSet002\services\NetBT\Linkage@Route ??????????????????????????????????????????X??????s???t??@oem36.inf,%intel%;Intel?????k?k????????????t???????Microsoft 6to4 Adapter #168?????????????????????????????????tunnel?-bf??*6to4mp???????X??????1????????N??????????????s???????s??????s???? p??????t?????|????11???????????e???????????????????????????????????????e???????U???p???????e??Root\*6TO4MP\0199?????N????????????D??????????????????????????8?????????????16???????????V??e0??? p?????????????????????????????????????????????????????? ???????????????????2?????set??WmiApRpl.ini??????????????????????????????????????????N?????????????????Microsoft 6to4 Adapter #169?}????????????k?t????????Microsoft Windows Management Interface for ACPI???????????????X??????????t??51458 51464 51476 51486 51496 51516 51560 51570 51608 51614 51630?????.??????????????????|????N????????????D????????????{36fc9e60-c465-11cf-8056-444553540000}\0000???????????????????????????????:??????8?g18??????????Microsoft???????????@machine.inf,%PCISlot%;PCI Slot %1!u!????/?f?Z?f?h?h?g?h???Z???
Reg HKLM\SYSTEM\ControlSet002\services\NetBT\Linkage@Export ?????????k?t????????Microsoft Windows Management Interface for ACPI???????????????X??????????t??51458 51464 51476 51486 51496 51516 51560 51570 51608 51614 51630?????.??????????????????|????N????????????D????????????{36fc9e60-c465-11cf-8056-444553540000}\0000???????????????????????????????:??????8?g18??????????Microsoft???????????@machine.inf,%PCISlot%;PCI Slot %1!u!????/?f?Z?f?h?h?g?h???Z???g?h??@oem31.inf,%intel%;Intel????{36fc9e60-c465-11cf-8056-444553540000}\0001??????f?h?i?i?u?z?i?}?s?z?z??????????????????????{4d36e972-e325-11ce-bfc1-08002be10318}??????? p??????}??????????????????????-1????????????????H???????2Local Area Connection* 28????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????4Microsoft 6to4 Adapter #21????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
Reg HKLM\SYSTEM\ControlSet002\services\Smb\Linkage@Bind ???j?u???l?l????srv2?????????-?????????????)????????`???????????????????p????????????????????-???????????????????????[????????????????N??{?????????e?????T??? ???????T ????????????,??????????&?&???????????????????????? ?????????????U?????/?,???????? "???;??????????????????????????????}?????????U??????????????????????????????USB\ROOT_HUB20\4&2996fece&0??????????U???8??????(I???????U??????????????Monitor?????????????\\?\HDAUDIO#FUNC_01&VEN_111D&DEV_7675&SUBSYS_10280413&REV_1001#4&3559cf9a&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\MuxedInTopology???????X??e???d???u??? ???????T?????????????,??????????(?&???????????????????????USB\ROOT_HUB20\4&7c274b&0????????,???????????????????-???????????????s???????????b?????????R???????k?y???????????l????????????ssmp?????????????????e??????X??k???7??????? ??????????????????monitor?????? ??`???5??????????Acceler??????????-?????????????)????????0????????????????????U???a???e??????p_???????-????????????r????????? \??????????????NDIS?~???????????????????????/?????????????????
Reg HKLM\SYSTEM\ControlSet002\services\Smb\Linkage@Route ???o??????????????????????N??k????????D??????g?k?k?k?k?k?k????N???????????D??????k????????????????????????V??p?????????e?????k???????????????????????k???????????????????????????????k???????????????????????????????j???????e???????????????????????????0?????s6b??????????????????????????????BanzaiU?sv???????k??????????6.1.7600.16385???????k?k?k???????????????????????k???7??????Generic volume??n????k?k?k???????????????????k?k?k???????????????????????h?k?k?k????s???????????????t?????????????X?????????????????????????s????????f???????e???????????D?????s\a??? ???????j?????k?????k?.???????????????????P????????????????????????? ???????k?????????????.????????N????????????i?k?k?k?k?k?k???????k???????,???????????l?l?k??? b?????? ??????????? ^??????5???????????k?????k?&????N??k???????????????????????-??????1c???????????.???????????????????=???r???????j???????e??????????????????????????????????? ???????j?????k?????k?.???????????? ???????Ri???????????D??????\q??? ???????k???????????j?.????????P???????ms???????k???a??sn?????
Reg HKLM\SYSTEM\ControlSet002\services\Smb\Linkage@Export ???t?t???????????????????????????????????????????????????t??????????????????????????t?????6??t????????h??????????t???????u??????????????????*6to4mp??????????????????u??????????? ???????t???????????t????????&????? ??????????????????????????????e????? ???????n?????t???????,?????? ?:????????o???????t???????????s???a??Tdx?tcpip????????i?l?t?t?t?t?t?t?t???????????????????????????????????????????????????? ?????????????*6to4mp?????Type????????tf???r???????t???????????????????????????????t??????e???? ???????t???????????s???????????????????e??\Device\{A97276E2-822B-432B-A9D1-A679890EA5E0}?\Device\{4A376870-8A8B-4265-A4E3-45777DD81C1C}??973?? "{A97276E2-822B-432B-A9D1-A679890EA5E0} "? "{4A376870-8A8B-4265-A4E3-45777DD81C1C} "??376???????????}?????????t????? ???????n?????t???????,????????R????????n??? ???????.??????????????????4D???v?v?v??System32\DRIVERS\netbt.sys???????????s???????e??11?nel??????????????????????????????system32\DRIVERS\netbios.sys????????????????t???????????????????????????*6to4mp??*????`????????????????
Reg HKLM\SYSTEM\ControlSet002\services\TCPIP6\Linkage@Bind ???k?y???????????l????????????ssmp?????????????????e??????X??k???7??????? ??????????????????monitor?????? ??`???5??????????Acceler??????????-?????????????)????????0????????????????????U???a???e??????p_???????-????????????r????????? \??????????????NDIS?~???????????????????????/??????????????????????2e??? ???f???/??????????Network??????U??? ???????U?????U???????,??N?????<???H?????????????????????????????????????????J??U???????????????????U???6????????????.??`???5?ga}?????U?????U??? ???????U?????????????,????????????'????????????????????}??ACPI\PNP0C0A\0???~?????U????? ???????U?????U???????,??N?????4???D????????????????????????????????????????U???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????\??????????????Net??????U??? ???????U?????????????,????????????'????????????????????}??????????????????????????????????????????Net?es??NDIS?????????????y?z?y???????'??????????????????? ?????????????
Reg HKLM\SYSTEM\ControlSet002\services\TCPIP6\Linkage@Route ???s?t???????u??????????????t???????t????????????p??????????? >??o???????????????o??Video Init????????,?????????????????Net?C-??Extended Base???Net??&??System Bus Extender???????8??????6?????eA9??Net?96??PerfMon_Collect??????????o??????e???PerfMon_Close??????????????????e????????%SystemRoot%\System32\qmgr.dll???????o???o??????????????? ???????o???????????o?0????????>??? ???????????? ???????o???????????o??????????$??????????e????? ????????????????????????????????p?????????????????t?????????????$??o??????????????Global\MMF_BITS_s????o?o?o?o?o?o?o?o?o?o?o?o?????? "??p??????p??????????????g?????????????????o???????????????o?????????e????bitsctrs.ini????????????????????? ??????????????r????????????????????????? ??o?????????t????????????????? ???????o???????????o??????????????????????????????4?? ?????????? ????\???????????????????? ??????????????????????????? ??????? ??????????o???o???o????????? ???????n??????????????????????X?8?????????????????????????????System32\Drivers\dfsc.sys???System32\drivers\discache.sys??
Reg HKLM\SYSTEM\ControlSet002\services\TCPIP6\Linkage@Export ???x?y???????????????y???????????????y???;???????????;???????????????????????????????????????????{?{?{??v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|Profile=Public|App=%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe|Name=@FirewallAPI.dll,-31025|Desc=@FirewallAPI.dll,-31014|EmbedCtxt=@FirewallAPI.dll,-31002|?????v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|Profile=Public|App=%ProgramFiles%\Windows Media Player\wmplayer.exe|Name=@FirewallAPI.dll,-31003|Desc=@FirewallAPI.dll,-31006|EmbedCtxt=@FirewallAPI.dll,-31002|????????N??y??????????????tunnel?}?\???????????????g???????y???????x???;?????P?;???????t??????????v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|Profile=Public|App=%ProgramFiles%\Windows Media Player\wmplayer.exe|Name=@FirewallAPI.dll,-31007|Desc=@FirewallAPI.dll,-31010|EmbedCtxt=@FirewallAPI.dll,-31002|?????v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|RPort=10243|App=System|Name=@FirewallAPI.dll,-31289|Desc=@Fir

---- EOF - GMER 1.0.15 ----

 

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Dell Inc.
BIOS Manufacturer: Dell Inc.
System Manufacturer: Dell Inc.
System Product Name: Studio 1558
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 197):
0x0324D000 \SystemRoot\system32\ntoskrnl.exe
0x03204000 \SystemRoot\system32\hal.dll
0x00BD4000 \SystemRoot\system32\kdcom.dll
0x00CFC000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00D40000 \SystemRoot\system32\PSHED.dll
0x00D54000 \SystemRoot\system32\CLFS.SYS
0x00C00000 \SystemRoot\system32\CI.dll
0x00EA0000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F44000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00F53000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x00FAA000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x00FB3000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x00FBD000 \SystemRoot\system32\DRIVERS\pci.sys
0x00FF0000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00E00000 \SystemRoot\System32\drivers\partmgr.sys
0x00E15000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00E1E000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00E2A000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x00E3F000 \SystemRoot\System32\drivers\volmgrx.sys
0x00CC0000 \SystemRoot\System32\drivers\mountmgr.sys
0x00CDA000 \SystemRoot\system32\DRIVERS\atapi.sys
0x00DB2000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x00DDC000 \SystemRoot\system32\DRIVERS\msahci.sys
0x00DE7000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x00CE3000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x010F2000 \SystemRoot\system32\drivers\fltmgr.sys
0x0113E000 \SystemRoot\system32\drivers\fileinfo.sys
0x01152000 \SystemRoot\System32\Drivers\PxHlpa64.sys
0x01231000 \SystemRoot\System32\Drivers\Ntfs.sys
0x0115E000 \SystemRoot\System32\Drivers\msrpc.sys
0x013D4000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01000000 \SystemRoot\System32\Drivers\cng.sys
0x013EE000 \SystemRoot\System32\drivers\pcw.sys
0x01200000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01491000 \SystemRoot\system32\drivers\ndis.sys
0x01583000 \SystemRoot\system32\drivers\NETIO.SYS
0x01400000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01601000 \SystemRoot\System32\drivers\tcpip.sys
0x0142B000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01073000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x01475000 \SystemRoot\system32\DRIVERS\stdflt.sys
0x0147D000 \SystemRoot\System32\Drivers\spldr.sys
0x011BC000 \SystemRoot\System32\drivers\rdyboost.sys
0x015E3000 \SystemRoot\System32\Drivers\mup.sys
0x015F5000 \SystemRoot\System32\drivers\hwpolicy.sys
0x0188D000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x018C7000 \SystemRoot\system32\DRIVERS\disk.sys
0x018DD000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x01945000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x0196F000 \SystemRoot\System32\Drivers\Null.SYS
0x01978000 \SystemRoot\System32\Drivers\Beep.SYS
0x0197F000 \SystemRoot\System32\drivers\vga.sys
0x0198D000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x019B2000 \SystemRoot\System32\drivers\watchdog.sys
0x019C2000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x019CB000 \SystemRoot\system32\drivers\rdpencdd.sys
0x019D4000 \SystemRoot\system32\drivers\rdprefmp.sys
0x019DD000 \SystemRoot\System32\Drivers\Msfs.SYS
0x019E8000 \SystemRoot\System32\Drivers\Npfs.SYS
0x01800000 \SystemRoot\system32\DRIVERS\tdx.sys
0x0181E000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x0182B000 \SystemRoot\System32\DRIVERS\netbt.sys
0x02C15000 \SystemRoot\system32\drivers\afd.sys
0x02C9F000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x02CA8000 \SystemRoot\system32\DRIVERS\pacer.sys
0x02CCE000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x02CE4000 \SystemRoot\system32\DRIVERS\netbios.sys
0x02CF3000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x02D0E000 \SystemRoot\system32\DRIVERS\termdd.sys
0x02D22000 \SystemRoot\System32\Drivers\SCDEmu.SYS
0x02D3C000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x02D8D000 \SystemRoot\system32\drivers\nsiproxy.sys
0x02D99000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x02DA4000 \SystemRoot\System32\drivers\discache.sys
0x02DB3000 \SystemRoot\System32\Drivers\dfsc.sys
0x02DD1000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x0120A000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x010BF000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x04822000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x04E58000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x04F4C000 \SystemRoot\System32\drivers\dxgmms1.sys
0x04F92000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x04FB6000 \SystemRoot\system32\DRIVERS\HECIx64.sys
0x04FC7000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x03CD8000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x05650000 \SystemRoot\system32\DRIVERS\NETw5s64.sys
0x05CFD000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x05D0A000 \SystemRoot\system32\DRIVERS\risdpe64.sys
0x05D23000 \SystemRoot\system32\DRIVERS\rimspe64.sys
0x05D3C000 \SystemRoot\system32\DRIVERS\rixdpe64.sys
0x05D92000 \SystemRoot\system32\DRIVERS\1394ohci.sys
0x03D2E000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
0x05DD0000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x05DEE000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x05600000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x0564B000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x03D7F000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x03D8E000 \SystemRoot\system32\DRIVERS\Acceler.sys
0x03D9A000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x03DB0000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x03DB9000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x03DBE000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x03DCE000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x03C00000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x03C24000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x03C30000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x03C5F000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x03C7A000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x03C9B000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x0564D000 \SystemRoot\system32\DRIVERS\swenum.sys
0x044DA000 \SystemRoot\system32\DRIVERS\ks.sys
0x0451D000 \SystemRoot\system32\DRIVERS\umbus.sys
0x0452F000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x04589000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x045A9000 \SystemRoot\system32\drivers\AtiHdmi.sys
0x04400000 \SystemRoot\system32\drivers\portcls.sys
0x0443D000 \SystemRoot\system32\drivers\drmk.sys
0x0445F000 \SystemRoot\system32\drivers\ksthunk.sys
0x07C3D000 \SystemRoot\system32\DRIVERS\stwrt64.sys
0x07CBC000 \SystemRoot\System32\Drivers\crashdmp.sys
0x07CCA000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x07CD6000 \SystemRoot\System32\Drivers\dump_msahci.sys
0x07CE1000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x000B0000 \SystemRoot\System32\win32k.sys
0x07CF4000 \SystemRoot\System32\drivers\Dxapi.sys
0x07D00000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00510000 \SystemRoot\System32\TSDDD.dll
0x07D0E000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x00720000 \SystemRoot\System32\cdd.dll
0x07D2B000 \SystemRoot\system32\drivers\LVUSBS64.sys
0x07D36000 \SystemRoot\System32\Drivers\usbvideo.sys
0x07D64000 \SystemRoot\system32\DRIVERS\CtClsFlt.sys
0x07D8F000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x07D9D000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x07DB6000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x07DBF000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x07DCC000 \SystemRoot\system32\drivers\luafv.sys
0x07C00000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x04470000 \SystemRoot\system32\drivers\WudfPf.sys
0x07C1D000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x03ECB000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x03F1E000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x03F31000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x03F49000 \SystemRoot\system32\DRIVERS\TurboB.sys
0x03E00000 \SystemRoot\system32\drivers\HTTP.sys
0x03F50000 \SystemRoot\system32\DRIVERS\bowser.sys
0x03F6E000 \SystemRoot\System32\drivers\mpsdrv.sys
0x03F86000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x06269000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x062B7000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x062DA000 \SystemRoot\system32\drivers\peauth.sys
0x06380000 \SystemRoot\System32\Drivers\secdrv.SYS
0x0638B000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x063B8000 \SystemRoot\System32\drivers\tcpipreg.sys
0x06200000 \SystemRoot\System32\DRIVERS\srv2.sys
0x084B7000 \SystemRoot\System32\DRIVERS\srv.sys
0x0854D000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0x08557000 \SystemRoot\System32\Drivers\fastfat.SYS
0x77830000 \Windows\System32\ntdll.dll
0x48170000 \Windows\System32\smss.exe
0xFFB50000 \Windows\System32\apisetschema.dll
0xFF240000 \Windows\System32\autochk.exe
0xFFA30000 \Windows\System32\msctf.dll
0xFFA10000 \Windows\System32\imagehlp.dll
0xFFA00000 \Windows\System32\nsi.dll
0x77A00000 \Windows\System32\normaliz.dll
0x779F0000 \Windows\System32\psapi.dll
0xFF9E0000 \Windows\System32\sechost.dll
0xFF960000 \Windows\System32\shlwapi.dll
0xFF750000 \Windows\System32\ole32.dll
0xFF6B0000 \Windows\System32\clbcatq.dll
0xFF6A0000 \Windows\System32\lpk.dll
0xFF570000 \Windows\System32\wininet.dll
0xFF440000 \Windows\System32\rpcrt4.dll
0xFF360000 \Windows\System32\advapi32.dll
0xFF180000 \Windows\System32\setupapi.dll
0xFF130000 \Windows\System32\Wldap32.dll
0xFE3A0000 \Windows\System32\shell32.dll
0xFE300000 \Windows\System32\comdlg32.dll
0xFE180000 \Windows\System32\urlmon.dll
0xFE130000 \Windows\System32\ws2_32.dll
0xFE090000 \Windows\System32\msvcrt.dll
0xFE060000 \Windows\System32\imm32.dll
0xFDE00000 \Windows\System32\iertutil.dll
0x77730000 \Windows\System32\user32.dll
0x77610000 \Windows\System32\kernel32.dll
0xFDD20000 \Windows\System32\oleaut32.dll
0xFDC50000 \Windows\System32\usp10.dll
0xFDBD0000 \Windows\System32\difxapi.dll
0xFDB60000 \Windows\System32\gdi32.dll
0xFDB20000 \Windows\System32\cfgmgr32.dll
0xFDAB0000 \Windows\System32\KernelBase.dll
0xFD940000 \Windows\System32\crypt32.dll
0xFD900000 \Windows\System32\wintrust.dll
0xFD8E0000 \Windows\System32\devobj.dll
0xFD840000 \Windows\System32\comctl32.dll
0xFD830000 \Windows\System32\msasn1.dll

Processes (total 68):
0 System Idle Process
4 System
408 C:\Windows\System32\smss.exe
536 csrss.exe
600 C:\Windows\System32\wininit.exe
624 csrss.exe
660 C:\Windows\System32\services.exe
688 C:\Windows\System32\lsass.exe
696 C:\Windows\System32\lsm.exe
816 C:\Windows\System32\winlogon.exe
836 C:\Windows\System32\svchost.exe
964 C:\Windows\System32\svchost.exe
140 C:\Windows\System32\atiesrxx.exe
548 C:\Windows\System32\svchost.exe
728 C:\Windows\System32\svchost.exe
612 C:\Windows\System32\svchost.exe
1044 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\stacsv64.exe
1340 C:\Windows\System32\svchost.exe
1424 C:\Windows\System32\atieclxx.exe
1484 C:\Windows\System32\svchost.exe
1596 C:\Windows\System32\wlanext.exe
1604 C:\Windows\System32\conhost.exe
1672 C:\Windows\System32\spoolsv.exe
1720 C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
1740 C:\Windows\System32\svchost.exe
1848 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
1876 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
1936 C:\Program Files\Intel\WiFi\bin\EvtEng.exe
1968 C:\Windows\System32\svchost.exe
2036 C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
1116 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
1760 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
1948 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
2068 C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
2080 C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
2116 C:\Windows\System32\svchost.exe
2248 C:\Windows\System32\conhost.exe
2500 C:\Windows\System32\taskhost.exe
2640 C:\Windows\System32\dwm.exe
2788 C:\Windows\explorer.exe
2908 C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
2192 unsecapp.exe
2800 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
2796 C:\Program Files\IDT\WDM\sttray64.exe
2900 C:\Program Files\Dell\QuickSet\quickset.exe
2424 C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
2568 C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
2536 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
3084 C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
3124 C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
3132 C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
3140 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
3148 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
3764 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
3896 WmiPrvSE.exe
3540 C:\Windows\System32\wbem\unsecapp.exe
4168 C:\Windows\System32\SearchIndexer.exe
4828 C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
5016 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
2848 C:\Program Files\Windows Media Player\wmpnetwk.exe
4304 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
1728 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
4752 C:\Windows\System32\audiodg.exe
5028 C:\Windows\System32\SearchProtocolHost.exe
3324 C:\Windows\System32\SearchFilterHost.exe
1216 C:\Users\Andrew Oonk\Desktop\MBRCheck.exe
5080 C:\Windows\System32\conhost.exe
3580 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000004`67738a00 (NTFS)

PhysicalDrive0 Model Number: ST9500420AS, Rev: D005SDM1

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979


Done!


.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by Andrew Oonk at 21:24:17.63 on Tue 03/15/2011
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4029.2643 [GMT -4:00]
.
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Andrew Oonk\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe "
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe "
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe "
mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
mRunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D= "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe "
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
Trusted Zone: real.com\rhap-app-4-0
Trusted Zone: real.com\rhapreg
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} - hxxp://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun-x64: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun-x64: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
mRun-x64: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
mRun-x64: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
mRun-x64: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\ANDREW~1\AppData\Roaming\Mozilla\Firefox\Profiles\lik7162q.default\
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Users\Andrew Oonk\AppData\Roaming\Mozilla\Firefox\Profiles\lik7162q.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
FF - component: C:\Users\Andrew Oonk\AppData\Roaming\Mozilla\Firefox\Profiles\lik7162q.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Andrew Oonk\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - %profile%\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
FF - Ext: Password Hasher: passhash@mozilla.wijjo.com - %profile%\extensions\passhash@mozilla.wijjo.com
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-8-6 55280]
R0 stdflt;Disk Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdflt.sys [2010-8-6 18792]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [2010-6-26 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-6-26 202752]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-8-14 135336]
R2 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-8-14 267944]
R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2010-8-14 83120]
R2 InstallFilterService;FF Install Filter Service;C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2010-8-6 60928]
R2 rimspci;rimspci;C:\Windows\System32\drivers\rimspe64.sys [2010-6-26 60416]
R2 risdpcie;risdpcie;C:\Windows\System32\drivers\risdpe64.sys [2010-6-26 80896]
R2 rixdpcie;rixdpcie;C:\Windows\System32\drivers\rixdpe64.sys [2010-6-26 55808]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-8-6 673088]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-11-2 13784]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-8-6 2320920]
R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\Acceler.sys [2010-6-26 23912]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2010-8-6 172704]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-6-26 56344]
R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\System32\drivers\LVUSBS64.sys [2008-7-26 50072]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2009-9-15 6952960]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-1-12 325152]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe --> C:\Program Files\Dell\DellDock\DockLogin.exe [?]
S3 lvpepf64;Volume Adapter;C:\Windows\System32\drivers\lv302a64.sys [2008-7-26 15768]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2008-7-26 790424]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2009-9-21 315664]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-8-10 1255736]
.
=============== Created Last 30 ================
.
2011-03-14 15:06:11 -------- d-----w- C:\Program Files (x86)\SeaMonkey
2011-03-11 01:24:43 -------- d-----w- C:\Users\ANDREW~1\AppData\Roaming\Unity
2011-03-11 01:20:42 -------- d-----w- C:\Users\ANDREW~1\AppData\Local\Unity
2011-03-08 04:26:52 -------- d-----w- C:\Program Files (x86)\Turbine
2011-03-08 03:54:40 -------- d-----w- C:\Users\ANDREW~1\AppData\Local\Turbine
2011-03-08 03:53:36 -------- d-----w- C:\Users\ANDREW~1\AppData\Local\ApplicationHistory
2011-03-08 03:51:57 -------- d-----w- C:\Windows\SysWow64\URTTEMP
2011-03-07 23:23:00 -------- d-----w- C:\Users\ANDREW~1\AppData\Local\PMB Files
2011-03-07 23:22:59 -------- d-----w- C:\PROGRA~3\PMB Files
2011-03-07 23:21:54 -------- d-----w- C:\Program Files (x86)\Pando Networks
2011-02-25 21:04:04 -------- d-----w- C:\Users\ANDREW~1\AppData\Local\Fallout3
2011-02-25 20:38:12 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2011-02-25 20:37:13 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2011-02-25 20:36:52 178800 ----a-w- C:\Windows\SysWow64\CmdLineExt_x64.dll
2011-02-24 05:49:21 367104 ----a-w- C:\Windows\System32\wcncsvc.dll
2011-02-24 05:49:21 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll
2011-02-23 18:14:37 662528 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-02-23 18:14:37 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-02-23 18:14:36 475648 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-02-23 18:14:36 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2011-02-21 04:43:52 -------- d-----w- C:\Users\ANDREW~1\AppData\Roaming\Kalypso Media
2011-02-21 04:40:59 2475352 ----a-w- C:\Windows\System32\D3DX9_42.dll
2011-02-18 15:05:43 -------- d-----w- C:\Users\ANDREW~1\AppData\Local\Apps
.
==================== Find3M ====================
.
2011-02-19 06:37:44 1135104 ----a-w- C:\Windows\System32\FntCache.dll
2011-02-19 06:37:10 1540608 ----a-w- C:\Windows\System32\DWrite.dll
2011-02-19 06:36:49 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-02-19 05:32:48 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-02-19 05:32:35 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-01-31 03:33:20 683801 ----a-w- C:\Windows\unins000.exe
2011-01-26 06:53:10 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2011-01-26 06:53:10 265088 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2011-01-26 06:31:20 144384 ----a-w- C:\Windows\System32\cdd.dll
2011-01-19 08:26:54 86016 ----a-w- C:\Windows\SysWow64\frapsvid.dll
2011-01-19 08:26:50 84992 ----a-w- C:\Windows\System32\frapsv64.dll
2011-01-07 08:06:50 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-01-07 07:27:11 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-01-07 05:49:20 366080 ----a-w- C:\Windows\System32\atmfd.dll
2011-01-07 05:33:11 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-01-05 06:20:30 612352 ----a-w- C:\Windows\System32\vbscript.dll
2011-01-05 05:37:33 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
2011-01-05 04:00:16 3127808 ----a-w- C:\Windows\System32\win32k.sys
2010-12-23 06:07:50 1118720 ----a-w- C:\Windows\System32\sbe.dll
2010-12-23 06:07:49 961024 ----a-w- C:\Windows\System32\CPFilters.dll
2010-12-23 06:07:49 723968 ----a-w- C:\Windows\System32\EncDec.dll
2010-12-23 06:02:33 259072 ----a-w- C:\Windows\System32\mpg2splt.ax
2010-12-23 05:28:29 850432 ----a-w- C:\Windows\SysWow64\sbe.dll
2010-12-23 05:28:28 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll
2010-12-23 05:28:28 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2010-12-23 05:24:02 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
2010-12-21 06:16:27 97280 ----a-w- C:\Windows\System32\wscsvc.dll
2010-12-21 06:16:27 62976 ----a-w- C:\Windows\System32\wscapi.dll
2010-12-21 06:16:16 214016 ----a-w- C:\Windows\System32\winsrv.dll
2010-12-21 06:16:14 442880 ----a-w- C:\Windows\System32\winhttp.dll
2010-12-21 06:16:14 1197056 ----a-w- C:\Windows\System32\wininet.dll
2010-12-21 06:16:09 258048 ----a-w- C:\Windows\System32\WebClnt.dll
2010-12-21 06:15:55 264192 ----a-w- C:\Windows\System32\upnp.dll
2010-12-21 06:15:31 15360 ----a-w- C:\Windows\System32\slwga.dll
2010-12-21 06:13:03 2003968 ----a-w- C:\Windows\System32\msxml6.dll
2010-12-21 06:13:03 1880576 ----a-w- C:\Windows\System32\msxml3.dll
2010-12-21 06:10:22 100864 ----a-w- C:\Windows\System32\davclnt.dll
2010-12-21 05:38:24 51200 ----a-w- C:\Windows\SysWow64\wscapi.dll
2010-12-21 05:38:22 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-12-21 05:38:22 350720 ----a-w- C:\Windows\SysWow64\winhttp.dll
2010-12-21 05:38:21 204800 ----a-w- C:\Windows\SysWow64\WebClnt.dll
2010-12-21 05:38:19 204288 ----a-w- C:\Windows\SysWow64\upnp.dll
2010-12-21 05:38:16 14336 ----a-w- C:\Windows\SysWow64\slwga.dll
2010-12-21 05:36:17 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2010-12-21 05:36:16 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2010-12-21 05:34:12 80384 ----a-w- C:\Windows\SysWow64\davclnt.dll
2010-12-20 22:08:40 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-12-18 06:12:28 3138048 ----a-w- C:\Windows\System32\mstscax.dll
2010-12-18 06:11:41 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2010-12-18 06:11:34 714752 ----a-w- C:\Windows\System32\kerberos.dll
2010-12-18 06:08:15 1097216 ----a-w- C:\Windows\System32\mstsc.exe
2010-12-18 05:30:20 2690560 ----a-w- C:\Windows\SysWow64\mstscax.dll
2010-12-18 05:29:40 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-12-18 05:29:31 541184 ----a-w- C:\Windows\SysWow64\kerberos.dll
2010-12-18 05:26:55 1034240 ----a-w- C:\Windows\SysWow64\mstsc.exe
2010-12-18 04:55:03 482816 ----a-w- C:\Windows\System32\html.iec
2010-12-18 04:20:55 386048 ----a-w- C:\Windows\SysWow64\html.iec
2010-12-18 04:13:40 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-12-18 03:47:59 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 21:24:43.24 ===============


.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by Andrew Oonk at 21:24:17.63 on Tue 03/15/2011
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4029.2643 [GMT -4:00]
.
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Andrew Oonk\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe "
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe "
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe "
mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
mRunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D= "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe "
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
Trusted Zone: real.com\rhap-app-4-0
Trusted Zone: real.com\rhapreg
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} - hxxp://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun-x64: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun-x64: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
mRun-x64: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
mRun-x64: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
mRun-x64: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\ANDREW~1\AppData\Roaming\Mozilla\Firefox\Profiles\lik7162q.default\
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Users\Andrew Oonk\AppData\Roaming\Mozilla\Firefox\Profiles\lik7162q.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
FF - component: C:\Users\Andrew Oonk\AppData\Roaming\Mozilla\Firefox\Profiles\lik7162q.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Andrew Oonk\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - %profile%\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
FF - Ext: Password Hasher: passhash@mozilla.wijjo.com - %profile%\extensions\passhash@mozilla.wijjo.com
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-8-6 55280]
R0 stdflt;Disk Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdflt.sys [2010-8-6 18792]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [2010-6-26 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-6-26 202752]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-8-14 135336]
R2 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-8-14 267944]
R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2010-8-14 83120]
R2 InstallFilterService;FF Install Filter Service;C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2010-8-6 60928]
R2 rimspci;rimspci;C:\Windows\System32\drivers\rimspe64.sys [2010-6-26 60416]
R2 risdpcie;risdpcie;C:\Windows\System32\drivers\risdpe64.sys [2010-6-26 80896]
R2 rixdpcie;rixdpcie;C:\Windows\System32\drivers\rixdpe64.sys [2010-6-26 55808]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-8-6 673088]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-11-2 13784]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-8-6 2320920]
R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\Acceler.sys [2010-6-26 23912]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2010-8-6 172704]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-6-26 56344]
R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\System32\drivers\LVUSBS64.sys [2008-7-26 50072]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2009-9-15 6952960]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-1-12 325152]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe --> C:\Program Files\Dell\DellDock\DockLogin.exe [?]
S3 lvpepf64;Volume Adapter;C:\Windows\System32\drivers\lv302a64.sys [2008-7-26 15768]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2008-7-26 790424]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2009-9-21 315664]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-8-10 1255736]
.
=============== Created Last 30 ================
.
2011-03-14 15:06:11 -------- d-----w- C:\Program Files (x86)\SeaMonkey
2011-03-11 01:24:43 -------- d-----w- C:\Users\ANDREW~1\AppData\Roaming\Unity
2011-03-11 01:20:42 -------- d-----w- C:\Users\ANDREW~1\AppData\Local\Unity
2011-03-08 04:26:52 -------- d-----w- C:\Program Files (x86)\Turbine
2011-03-08 03:54:40 -------- d-----w- C:\Users\ANDREW~1\AppData\Local\Turbine
2011-03-08 03:53:36 -------- d-----w- C:\Users\ANDREW~1\AppData\Local\ApplicationHistory
2011-03-08 03:51:57 -------- d-----w- C:\Windows\SysWow64\URTTEMP
2011-03-07 23:23:00 -------- d-----w- C:\Users\ANDREW~1\AppData\Local\PMB Files
2011-03-07 23:22:59 -------- d-----w- C:\PROGRA~3\PMB Files
2011-03-07 23:21:54 -------- d-----w- C:\Program Files (x86)\Pando Networks
2011-02-25 21:04:04 -------- d-----w- C:\Users\ANDREW~1\AppData\Local\Fallout3
2011-02-25 20:38:12 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2011-02-25 20:37:13 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2011-02-25 20:36:52 178800 ----a-w- C:\Windows\SysWow64\CmdLineExt_x64.dll
2011-02-24 05:49:21 367104 ----a-w- C:\Windows\System32\wcncsvc.dll
2011-02-24 05:49:21 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll
2011-02-23 18:14:37 662528 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-02-23 18:14:37 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-02-23 18:14:36 475648 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-02-23 18:14:36 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2011-02-21 04:43:52 -------- d-----w- C:\Users\ANDREW~1\AppData\Roaming\Kalypso Media
2011-02-21 04:40:59 2475352 ----a-w- C:\Windows\System32\D3DX9_42.dll
2011-02-18 15:05:43 -------- d-----w- C:\Users\ANDREW~1\AppData\Local\Apps
.
==================== Find3M ====================
.
2011-02-19 06:37:44 1135104 ----a-w- C:\Windows\System32\FntCache.dll
2011-02-19 06:37:10 1540608 ----a-w- C:\Windows\System32\DWrite.dll
2011-02-19 06:36:49 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-02-19 05:32:48 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-02-19 05:32:35 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-01-31 03:33:20 683801 ----a-w- C:\Windows\unins000.exe
2011-01-26 06:53:10 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2011-01-26 06:53:10 265088 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2011-01-26 06:31:20 144384 ----a-w- C:\Windows\System32\cdd.dll
2011-01-19 08:26:54 86016 ----a-w- C:\Windows\SysWow64\frapsvid.dll
2011-01-19 08:26:50 84992 ----a-w- C:\Windows\System32\frapsv64.dll
2011-01-07 08:06:50 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-01-07 07:27:11 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-01-07 05:49:20 366080 ----a-w- C:\Windows\System32\atmfd.dll
2011-01-07 05:33:11 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-01-05 06:20:30 612352 ----a-w- C:\Windows\System32\vbscript.dll
2011-01-05 05:37:33 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
2011-01-05 04:00:16 3127808 ----a-w- C:\Windows\System32\win32k.sys
2010-12-23 06:07:50 1118720 ----a-w- C:\Windows\System32\sbe.dll
2010-12-23 06:07:49 961024 ----a-w- C:\Windows\System32\CPFilters.dll
2010-12-23 06:07:49 723968 ----a-w- C:\Windows\System32\EncDec.dll
2010-12-23 06:02:33 259072 ----a-w- C:\Windows\System32\mpg2splt.ax
2010-12-23 05:28:29 850432 ----a-w- C:\Windows\SysWow64\sbe.dll
2010-12-23 05:28:28 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll
2010-12-23 05:28:28 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2010-12-23 05:24:02 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
2010-12-21 06:16:27 97280 ----a-w- C:\Windows\System32\wscsvc.dll
2010-12-21 06:16:27 62976 ----a-w- C:\Windows\System32\wscapi.dll
2010-12-21 06:16:16 214016 ----a-w- C:\Windows\System32\winsrv.dll
2010-12-21 06:16:14 442880 ----a-w- C:\Windows\System32\winhttp.dll
2010-12-21 06:16:14 1197056 ----a-w- C:\Windows\System32\wininet.dll
2010-12-21 06:16:09 258048 ----a-w- C:\Windows\System32\WebClnt.dll
2010-12-21 06:15:55 264192 ----a-w- C:\Windows\System32\upnp.dll
2010-12-21 06:15:31 15360 ----a-w- C:\Windows\System32\slwga.dll
2010-12-21 06:13:03 2003968 ----a-w- C:\Windows\System32\msxml6.dll
2010-12-21 06:13:03 1880576 ----a-w- C:\Windows\System32\msxml3.dll
2010-12-21 06:10:22 100864 ----a-w- C:\Windows\System32\davclnt.dll
2010-12-21 05:38:24 51200 ----a-w- C:\Windows\SysWow64\wscapi.dll
2010-12-21 05:38:22 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-12-21 05:38:22 350720 ----a-w- C:\Windows\SysWow64\winhttp.dll
2010-12-21 05:38:21 204800 ----a-w- C:\Windows\SysWow64\WebClnt.dll
2010-12-21 05:38:19 204288 ----a-w- C:\Windows\SysWow64\upnp.dll
2010-12-21 05:38:16 14336 ----a-w- C:\Windows\SysWow64\slwga.dll
2010-12-21 05:36:17 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2010-12-21 05:36:16 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2010-12-21 05:34:12 80384 ----a-w- C:\Windows\SysWow64\davclnt.dll
2010-12-20 22:08:40 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-12-18 06:12:28 3138048 ----a-w- C:\Windows\System32\mstscax.dll
2010-12-18 06:11:41 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2010-12-18 06:11:34 714752 ----a-w- C:\Windows\System32\kerberos.dll
2010-12-18 06:08:15 1097216 ----a-w- C:\Windows\System32\mstsc.exe
2010-12-18 05:30:20 2690560 ----a-w- C:\Windows\SysWow64\mstscax.dll
2010-12-18 05:29:40 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-12-18 05:29:31 541184 ----a-w- C:\Windows\SysWow64\kerberos.dll
2010-12-18 05:26:55 1034240 ----a-w- C:\Windows\SysWow64\mstsc.exe
2010-12-18 04:55:03 482816 ----a-w- C:\Windows\System32\html.iec
2010-12-18 04:20:55 386048 ----a-w- C:\Windows\SysWow64\html.iec
2010-12-18 04:13:40 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-12-18 03:47:59 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 21:24:43.24 ===============


Thanks in advance!

 

Alright, sorry for the accidental double post of DDS.log! So, here is the Attachment.log and the report from TDSSKILLER.

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 8/10/2010 2:41:47 PM
System Uptime: 3/15/2011 8:41:57 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 0874P6
Processor: Intel(R) Core(TM) i7 CPU Q 740 @ 1.73GHz | U2E1 | 919/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 448 GiB total, 369.131 GiB free.
D: is CDROM ()
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP49: 2/9/2011 8:57:41 AM - Windows Update
RP50: 2/17/2011 7:00:02 PM - Scheduled Checkpoint
RP51: 2/20/2011 11:39:48 PM - Installed DirectX
RP52: 2/24/2011 12:45:48 AM - Windows Update
RP53: 2/25/2011 3:38:23 PM - Installed DirectX
RP54: 2/25/2011 3:39:42 PM - Installed DirectX
RP55: 2/25/2011 3:41:03 PM - Installed Fallout 3
RP56: 2/25/2011 3:57:41 PM - Installed Fallout 3 - DLC EN
RP57: 3/7/2011 10:53:41 PM - Installed DirectX
RP58: 3/7/2011 11:37:03 PM - Installed DirectX
RP59: 3/10/2011 2:34:14 AM - Windows Update
.
==== Installed Programs ======================
.
Accelerometer
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X
Advanced Audio FX Engine
ATI Catalyst Control Center
Avira AntiVir Personal - Free Antivirus
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell Getting Started Guide
Dell Support Center (Support Software)
Dell Webcam Central
Doom Builder 2.1
Dungeons & Dragons Online ®: Eberron Unlimited â„¢ v01.13.01.801
Fallout 3
GIMP 2.6.11
GoToAssist 8.0.0.514
Intel(R) Management Engine Components
Java Auto Updater
Java(TM) 6 Update 21
Juniper Networks Setup Client
Juniper Networks Setup Client Activex Control
Junk Mail filter update
Left 4 Dead 2
Left 4 Dead 2 Authoring Tools
Live! Cam Avatar Creator
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft Choice Guard
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2010
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Morrowind
Mozilla Firefox (3.6.15)
MSVCRT
MyITLab ActiveX Installer 2, 9, 8, 65535
Pando Media Booster
PowerISO
Rhapsody
Roxio Burn
SeaMonkey (2.0.12)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Skins
Skulltag
Skype Toolbars
Skypeâ„¢ 4.2
SlimDX Redistributable (March 2009)
Spelling Dictionaries Support For Adobe Reader 9
StarCraft II
Steam
TES Construction Set
Unity Web Player
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
WhackEd2
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
YouTube Downloader 2.6.1
.
==== Event Viewer Messages From Past Week ========
.
3/9/2011 5:48:42 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
3/15/2011 8:42:14 PM, Error: Service Control Manager [7000] - The Dock Login Service service failed to start due to the following error: The system cannot find the file specified.
3/14/2011 1:38:49 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
3/11/2011 1:22:06 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.
3/10/2011 2:07:54 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
3/10/2011 2:07:54 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/10/2011 11:59:31 AM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004
.
==== End Of File ===========================



2011/03/16 09:20:40.0192 1360 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/03/16 09:20:40.0344 1360 ================================================================================
2011/03/16 09:20:40.0344 1360 SystemInfo:
2011/03/16 09:20:40.0344 1360
2011/03/16 09:20:40.0344 1360 OS Version: 6.1.7600 ServicePack: 0.0
2011/03/16 09:20:40.0344 1360 Product type: Workstation
2011/03/16 09:20:40.0344 1360 ComputerName: STUDIO1558
2011/03/16 09:20:40.0344 1360 UserName: Andrew Oonk
2011/03/16 09:20:40.0344 1360 Windows directory: C:\Windows
2011/03/16 09:20:40.0344 1360 System windows directory: C:\Windows
2011/03/16 09:20:40.0344 1360 Running under WOW64
2011/03/16 09:20:40.0344 1360 Processor architecture: Intel x64
2011/03/16 09:20:40.0345 1360 Number of processors: 8
2011/03/16 09:20:40.0345 1360 Page size: 0x1000
2011/03/16 09:20:40.0345 1360 Boot type: Normal boot
2011/03/16 09:20:40.0345 1360 ================================================================================
2011/03/16 09:20:40.0665 1360 Initialize success
2011/03/16 09:20:44.0426 0252 ================================================================================
2011/03/16 09:20:44.0426 0252 Scan started
2011/03/16 09:20:44.0426 0252 Mode: Manual;
2011/03/16 09:20:44.0426 0252 ================================================================================
2011/03/16 09:20:46.0310 0252 1394ohci (69aa89a20dee08bfa650aab6ce37bd10) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/03/16 09:20:46.0374 0252 Acceler (c49c56b35bfc6cda8d1fdcad2885568f) C:\Windows\system32\DRIVERS\Acceler.sys
2011/03/16 09:20:46.0445 0252 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
2011/03/16 09:20:46.0478 0252 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/03/16 09:20:46.0527 0252 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/03/16 09:20:46.0686 0252 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/03/16 09:20:46.0734 0252 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/03/16 09:20:46.0805 0252 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
2011/03/16 09:20:46.0838 0252 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2011/03/16 09:20:46.0906 0252 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2011/03/16 09:20:46.0978 0252 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2011/03/16 09:20:47.0013 0252 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/03/16 09:20:47.0037 0252 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/03/16 09:20:47.0091 0252 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
2011/03/16 09:20:47.0132 0252 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/03/16 09:20:47.0157 0252 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
2011/03/16 09:20:47.0236 0252 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2011/03/16 09:20:47.0278 0252 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/03/16 09:20:47.0299 0252 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/03/16 09:20:47.0360 0252 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/03/16 09:20:47.0401 0252 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
2011/03/16 09:20:47.0461 0252 AtiHdmiService (fb7602c5c508be281368aae0b61b51c6) C:\Windows\system32\drivers\AtiHdmi.sys
2011/03/16 09:20:47.0588 0252 atikmdag (b5fb227a09a9ec28163fa4b45487c3c7) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/03/16 09:20:47.0754 0252 avgntflt (39c2e2870fc0c2ae0595b883cbe716b4) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/03/16 09:20:47.0808 0252 avipbb (c98fa6e5ad0e857d22716bd2b8b1f399) C:\Windows\system32\DRIVERS\avipbb.sys
2011/03/16 09:20:47.0877 0252 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/03/16 09:20:47.0933 0252 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/03/16 09:20:47.0983 0252 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/03/16 09:20:48.0023 0252 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/03/16 09:20:48.0062 0252 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
2011/03/16 09:20:48.0092 0252 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/03/16 09:20:48.0114 0252 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/03/16 09:20:48.0148 0252 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/03/16 09:20:48.0172 0252 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/03/16 09:20:48.0215 0252 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/03/16 09:20:48.0234 0252 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/03/16 09:20:48.0265 0252 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/03/16 09:20:48.0298 0252 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/03/16 09:20:48.0332 0252 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2011/03/16 09:20:48.0371 0252 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/03/16 09:20:48.0411 0252 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/03/16 09:20:48.0480 0252 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/03/16 09:20:48.0503 0252 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2011/03/16 09:20:48.0536 0252 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2011/03/16 09:20:48.0575 0252 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/03/16 09:20:48.0606 0252 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/03/16 09:20:48.0640 0252 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/03/16 09:20:48.0683 0252 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
2011/03/16 09:20:48.0745 0252 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
2011/03/16 09:20:48.0773 0252 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/03/16 09:20:48.0814 0252 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/03/16 09:20:48.0878 0252 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/03/16 09:20:48.0927 0252 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
2011/03/16 09:20:49.0040 0252 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/03/16 09:20:49.0190 0252 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/03/16 09:20:49.0229 0252 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2011/03/16 09:20:49.0293 0252 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/03/16 09:20:49.0321 0252 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/03/16 09:20:49.0368 0252 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/03/16 09:20:49.0401 0252 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/03/16 09:20:49.0428 0252 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/03/16 09:20:49.0445 0252 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/03/16 09:20:49.0489 0252 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2011/03/16 09:20:49.0533 0252 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/03/16 09:20:49.0554 0252 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/03/16 09:20:49.0590 0252 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/03/16 09:20:49.0613 0252 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/03/16 09:20:49.0649 0252 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/03/16 09:20:49.0681 0252 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/03/16 09:20:49.0727 0252 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
2011/03/16 09:20:49.0753 0252 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/03/16 09:20:49.0780 0252 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/03/16 09:20:49.0803 0252 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/03/16 09:20:49.0827 0252 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2011/03/16 09:20:49.0876 0252 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/03/16 09:20:49.0927 0252 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2011/03/16 09:20:49.0995 0252 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2011/03/16 09:20:50.0048 0252 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/03/16 09:20:50.0092 0252 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
2011/03/16 09:20:50.0137 0252 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/03/16 09:20:50.0186 0252 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2011/03/16 09:20:50.0230 0252 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/03/16 09:20:50.0267 0252 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/03/16 09:20:50.0287 0252 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/03/16 09:20:50.0315 0252 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/03/16 09:20:50.0356 0252 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/03/16 09:20:50.0415 0252 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2011/03/16 09:20:50.0458 0252 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/03/16 09:20:50.0502 0252 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/03/16 09:20:50.0529 0252 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/03/16 09:20:50.0561 0252 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2011/03/16 09:20:50.0602 0252 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
2011/03/16 09:20:50.0625 0252 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/03/16 09:20:50.0715 0252 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/03/16 09:20:50.0778 0252 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/03/16 09:20:50.0827 0252 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/03/16 09:20:50.0854 0252 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/03/16 09:20:50.0876 0252 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/03/16 09:20:50.0901 0252 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/03/16 09:20:50.0959 0252 lvpepf64 (07389f6925e490d2db7882110e99921c) C:\Windows\system32\DRIVERS\lv302a64.sys
2011/03/16 09:20:51.0022 0252 LVRS64 (7f0ba3a6e8996f15693c6b7d81da049e) C:\Windows\system32\DRIVERS\lvrs64.sys
2011/03/16 09:20:51.0105 0252 LVUSBS64 (5c3ff68267a5d242ee79ee01b993d6ce) C:\Windows\system32\drivers\LVUSBS64.sys
2011/03/16 09:20:51.0157 0252 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/03/16 09:20:51.0186 0252 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/03/16 09:20:51.0221 0252 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/03/16 09:20:51.0252 0252 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/03/16 09:20:51.0272 0252 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/03/16 09:20:51.0311 0252 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/03/16 09:20:51.0333 0252 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2011/03/16 09:20:51.0357 0252 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2011/03/16 09:20:51.0392 0252 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/03/16 09:20:51.0423 0252 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2011/03/16 09:20:51.0470 0252 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/03/16 09:20:51.0507 0252 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/03/16 09:20:51.0538 0252 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/03/16 09:20:51.0585 0252 msahci (bccf16d5fb1109162380e3e28dc9e4e5) C:\Windows\system32\DRIVERS\msahci.sys
2011/03/16 09:20:51.0623 0252 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2011/03/16 09:20:51.0664 0252 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/03/16 09:20:51.0692 0252 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/03/16 09:20:51.0730 0252 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/03/16 09:20:51.0790 0252 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/03/16 09:20:51.0836 0252 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/03/16 09:20:51.0878 0252 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/03/16 09:20:51.0911 0252 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2011/03/16 09:20:51.0939 0252 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/03/16 09:20:51.0961 0252 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/03/16 09:20:51.0991 0252 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/03/16 09:20:52.0029 0252 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/03/16 09:20:52.0093 0252 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/03/16 09:20:52.0135 0252 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2011/03/16 09:20:52.0187 0252 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/03/16 09:20:52.0217 0252 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/03/16 09:20:52.0236 0252 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/03/16 09:20:52.0263 0252 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/03/16 09:20:52.0290 0252 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2011/03/16 09:20:52.0318 0252 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/03/16 09:20:52.0338 0252 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2011/03/16 09:20:52.0539 0252 NETw5s64 (4d85a450edef10c38882182753a49aae) C:\Windows\system32\DRIVERS\NETw5s64.sys
2011/03/16 09:20:52.0758 0252 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/03/16 09:20:52.0788 0252 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/03/16 09:20:52.0809 0252 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/03/16 09:20:52.0864 0252 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
2011/03/16 09:20:52.0927 0252 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/03/16 09:20:52.0968 0252 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
2011/03/16 09:20:53.0004 0252 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
2011/03/16 09:20:53.0047 0252 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/03/16 09:20:53.0119 0252 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/03/16 09:20:53.0199 0252 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/03/16 09:20:53.0238 0252 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2011/03/16 09:20:53.0288 0252 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
2011/03/16 09:20:53.0331 0252 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
2011/03/16 09:20:53.0366 0252 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/03/16 09:20:53.0382 0252 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/03/16 09:20:53.0415 0252 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/03/16 09:20:53.0540 0252 PID_PEPI (087a343dfc337f37723dd7912de6b6cd) C:\Windows\system32\DRIVERS\LV302V64.SYS
2011/03/16 09:20:53.0670 0252 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2011/03/16 09:20:53.0697 0252 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/03/16 09:20:53.0737 0252 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2011/03/16 09:20:53.0782 0252 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
2011/03/16 09:20:53.0849 0252 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/03/16 09:20:53.0920 0252 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/03/16 09:20:53.0953 0252 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/03/16 09:20:53.0979 0252 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/03/16 09:20:54.0030 0252 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/03/16 09:20:54.0067 0252 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/03/16 09:20:54.0096 0252 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/03/16 09:20:54.0127 0252 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/03/16 09:20:54.0154 0252 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2011/03/16 09:20:54.0185 0252 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/03/16 09:20:54.0219 0252 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/03/16 09:20:54.0252 0252 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/03/16 09:20:54.0283 0252 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/03/16 09:20:54.0314 0252 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2011/03/16 09:20:54.0339 0252 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
2011/03/16 09:20:54.0404 0252 rimmptsk (6faf5b04bedc66d300d9d233b2d222f0) C:\Windows\system32\DRIVERS\rimmpx64.sys
2011/03/16 09:20:54.0420 0252 rimspci (e20b1907fc72a3664ece21e3c20fc63d) C:\Windows\system32\DRIVERS\rimspe64.sys
2011/03/16 09:20:54.0460 0252 rimsptsk (67f50c31713106fd1b0f286f86aa2b2e) C:\Windows\system32\DRIVERS\rimspx64.sys
2011/03/16 09:20:54.0485 0252 risdpcie (a6da2b0c8f5bb3f9f5423cff8d6a02d9) C:\Windows\system32\DRIVERS\risdpe64.sys
2011/03/16 09:20:54.0505 0252 rismxdp (4d7ef3d46346ec4c58784db964b365de) C:\Windows\system32\DRIVERS\rixdpx64.sys
2011/03/16 09:20:54.0542 0252 rixdpcie (6a1cd4674505e6791390a1ab71da1fbe) C:\Windows\system32\DRIVERS\rixdpe64.sys
2011/03/16 09:20:54.0589 0252 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/03/16 09:20:54.0645 0252 RTL8167 (fd978b2bf8a9b2390dcbef435e9c1f9f) C:\Windows\system32\DRIVERS\Rt64win7.sys
2011/03/16 09:20:54.0690 0252 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/03/16 09:20:54.0732 0252 SCDEmu (6ce6f98ea3d07a9c2ce3cd0a5a86352d) C:\Windows\system32\drivers\SCDEmu.sys
2011/03/16 09:20:54.0757 0252 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2011/03/16 09:20:54.0799 0252 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/03/16 09:20:54.0831 0252 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/03/16 09:20:54.0861 0252 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/03/16 09:20:54.0902 0252 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/03/16 09:20:54.0969 0252 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/03/16 09:20:54.0986 0252 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/03/16 09:20:55.0009 0252 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/03/16 09:20:55.0032 0252 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/03/16 09:20:55.0079 0252 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/03/16 09:20:55.0094 0252 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/03/16 09:20:55.0113 0252 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/03/16 09:20:55.0153 0252 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/03/16 09:20:55.0222 0252 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys
2011/03/16 09:20:55.0261 0252 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys
2011/03/16 09:20:55.0315 0252 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys
2011/03/16 09:20:55.0389 0252 stdflt (c48e0745d33897c7a73394214f2b9b4f) C:\Windows\system32\DRIVERS\stdflt.sys
2011/03/16 09:20:55.0448 0252 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/03/16 09:20:55.0510 0252 STHDA (caf5a9708671b14b9670260735b22c4e) C:\Windows\system32\DRIVERS\stwrt64.sys
2011/03/16 09:20:55.0565 0252 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2011/03/16 09:20:55.0614 0252 SynTP (639b57dc871be4b86283027faf1f4e30) C:\Windows\system32\DRIVERS\SynTP.sys
2011/03/16 09:20:55.0704 0252 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys
2011/03/16 09:20:55.0814 0252 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys
2011/03/16 09:20:55.0853 0252 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/03/16 09:20:55.0884 0252 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/03/16 09:20:55.0909 0252 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/03/16 09:20:55.0931 0252 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2011/03/16 09:20:55.0993 0252 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2011/03/16 09:20:56.0069 0252 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/03/16 09:20:56.0111 0252 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2011/03/16 09:20:56.0166 0252 TurboB (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys
2011/03/16 09:20:56.0217 0252 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/03/16 09:20:56.0263 0252 udfs (31ba4a33afab6a69ea092b18017f737f) C:\Windows\system32\DRIVERS\udfs.sys
2011/03/16 09:20:56.0321 0252 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/03/16 09:20:56.0343 0252 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2011/03/16 09:20:56.0383 0252 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/03/16 09:20:56.0451 0252 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
2011/03/16 09:20:56.0480 0252 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/03/16 09:20:56.0502 0252 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2011/03/16 09:20:56.0546 0252 usbehci (cb490987a7f6928a04bb838e3bd8a936) C:\Windows\system32\DRIVERS\usbehci.sys
2011/03/16 09:20:56.0592 0252 usbhub (18124ef0a881a00ee222d02a3ee30270) C:\Windows\system32\DRIVERS\usbhub.sys
2011/03/16 09:20:56.0619 0252 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2011/03/16 09:20:56.0670 0252 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/03/16 09:20:56.0717 0252 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2011/03/16 09:20:56.0744 0252 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/03/16 09:20:56.0766 0252 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/03/16 09:20:56.0811 0252 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys
2011/03/16 09:20:56.0862 0252 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/03/16 09:20:56.0901 0252 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/03/16 09:20:56.0935 0252 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/03/16 09:20:56.0964 0252 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/03/16 09:20:57.0004 0252 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2011/03/16 09:20:57.0056 0252 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/03/16 09:20:57.0095 0252 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2011/03/16 09:20:57.0127 0252 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2011/03/16 09:20:57.0169 0252 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/03/16 09:20:57.0205 0252 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/03/16 09:20:57.0243 0252 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/03/16 09:20:57.0276 0252 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
2011/03/16 09:20:57.0305 0252 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/03/16 09:20:57.0355 0252 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/16 09:20:57.0386 0252 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/16 09:20:57.0440 0252 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/03/16 09:20:57.0474 0252 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/03/16 09:20:57.0553 0252 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/03/16 09:20:57.0585 0252 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
2011/03/16 09:20:57.0610 0252 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/03/16 09:20:57.0698 0252 WinUsb (4d52c872018af7e18d078978dcc3f6f2) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/03/16 09:20:57.0734 0252 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/03/16 09:20:57.0792 0252 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/03/16 09:20:57.0854 0252 WudfPf (c63907207b837a5c05cf6d1606aa0008) C:\Windows\system32\drivers\WudfPf.sys
2011/03/16 09:20:57.0893 0252 WUDFRd (d885a873d733020f8b9b9ff4b1666158) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/03/16 09:20:57.0973 0252 ================================================================================
2011/03/16 09:20:57.0973 0252 Scan finished
2011/03/16 09:20:57.0973 0252 ================================================================================

Thank you!

Oh, and if you're curious, I still cannot open or run Steam, and still cannot load up Hotmail... It's still actin' a little funky.

 

Here is the ComboFix log:

ComboFix 11-03-15.03 - Andrew Oonk 03/16/2011 13:02:36.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4029.2798 [GMT -4:00]
Running from: c:\users\Andrew Oonk\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-02-16 to 2011-03-16 )))))))))))))))))))))))))))))))
.
.
2011-03-16 17:07 . 2011-03-16 17:07 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2011-03-16 17:07 . 2011-03-16 17:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-16 17:07 . 2011-03-16 17:07 -------- d-----w- c:\users\Andy\AppData\Local\temp
2011-03-14 15:06 . 2011-03-16 03:06 -------- d-----w- c:\program files (x86)\SeaMonkey
2011-03-11 01:24 . 2011-03-11 01:24 -------- d-----w- c:\users\Andrew Oonk\AppData\Roaming\Unity
2011-03-11 01:20 . 2011-03-11 01:20 -------- d-----w- c:\users\Andrew Oonk\AppData\Local\Unity
2011-03-08 04:26 . 2011-03-08 04:26 -------- d-----w- c:\program files (x86)\Turbine
2011-03-08 03:54 . 2011-03-08 03:56 -------- d-----w- c:\users\Andrew Oonk\AppData\Local\Turbine
2011-03-08 03:53 . 2011-03-09 05:23 -------- d-----w- c:\users\Andrew Oonk\AppData\Local\ApplicationHistory
2011-03-08 03:51 . 2011-03-08 03:51 -------- d-----w- c:\windows\SysWow64\URTTEMP
2011-03-07 23:23 . 2011-03-08 05:17 -------- d-----w- c:\users\Andrew Oonk\AppData\Local\PMB Files
2011-03-07 23:22 . 2011-03-08 04:08 -------- d-----w- c:\programdata\PMB Files
2011-03-07 23:21 . 2011-03-07 23:21 -------- d-----w- c:\program files (x86)\Pando Networks
2011-02-25 21:04 . 2011-03-02 02:03 -------- d-----w- c:\users\Andrew Oonk\AppData\Local\Fallout3
2011-02-25 20:38 . 2011-02-25 20:38 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2011-02-25 20:37 . 2005-04-04 03:59 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2011-02-25 20:36 . 2011-02-25 20:36 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2011-02-24 05:49 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2011-02-24 05:49 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2011-02-23 18:14 . 2011-01-07 08:07 662528 ----a-w- c:\windows\system32\XpsPrint.dll
2011-02-23 18:14 . 2011-01-07 07:31 442880 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-02-23 18:14 . 2011-01-07 08:07 475648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-23 18:14 . 2011-01-07 07:31 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-21 04:43 . 2011-02-21 04:43 -------- d-----w- c:\users\Andrew Oonk\AppData\Roaming\Kalypso Media
2011-02-21 04:40 . 2009-09-04 22:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll
2011-02-18 15:05 . 2011-02-18 15:05 -------- d-----w- c:\users\Andrew Oonk\AppData\Local\Apps
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-31 03:33 . 2011-01-31 03:33 683801 ----a-w- c:\windows\unins000.exe
2011-01-26 06:53 . 2011-02-09 00:14 982912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-01-26 06:53 . 2011-02-09 00:14 265088 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-01-26 06:31 . 2011-02-09 00:14 144384 ----a-w- c:\windows\system32\cdd.dll
2011-01-19 08:26 . 2011-01-19 08:26 86016 ----a-w- c:\windows\SysWow64\frapsvid.dll
2011-01-19 08:26 . 2011-01-19 08:26 84992 ----a-w- c:\windows\system32\frapsv64.dll
2011-01-07 08:06 . 2011-02-09 00:14 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-01-07 07:27 . 2011-02-09 00:14 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-01-07 05:49 . 2011-02-09 00:14 366080 ----a-w- c:\windows\system32\atmfd.dll
2011-01-07 05:33 . 2011-02-09 00:14 294400 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-01-05 06:20 . 2011-02-09 00:14 612352 ----a-w- c:\windows\system32\vbscript.dll
2011-01-05 05:37 . 2011-02-09 00:14 428032 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-01-05 04:00 . 2011-02-09 00:15 3127808 ----a-w- c:\windows\system32\win32k.sys
2010-12-21 06:16 . 2011-02-09 00:15 97280 ----a-w- c:\windows\system32\wscsvc.dll
2010-12-21 06:16 . 2011-02-09 00:15 62976 ----a-w- c:\windows\system32\wscapi.dll
2010-12-21 06:16 . 2011-02-09 00:14 214016 ----a-w- c:\windows\system32\winsrv.dll
2010-12-21 06:16 . 2011-02-09 00:15 442880 ----a-w- c:\windows\system32\winhttp.dll
2010-12-21 06:16 . 2011-02-09 00:15 1197056 ----a-w- c:\windows\system32\wininet.dll
2010-12-21 06:16 . 2011-02-09 00:15 258048 ----a-w- c:\windows\system32\WebClnt.dll
2010-12-21 06:15 . 2011-02-09 00:15 264192 ----a-w- c:\windows\system32\upnp.dll
2010-12-21 06:15 . 2011-02-09 00:15 15360 ----a-w- c:\windows\system32\slwga.dll
2010-12-21 06:13 . 2011-02-09 00:15 2003968 ----a-w- c:\windows\system32\msxml6.dll
2010-12-21 06:13 . 2011-02-09 00:15 1880576 ----a-w- c:\windows\system32\msxml3.dll
2010-12-21 06:10 . 2011-02-09 00:15 100864 ----a-w- c:\windows\system32\davclnt.dll
2010-12-21 05:38 . 2011-02-09 00:15 51200 ----a-w- c:\windows\SysWow64\wscapi.dll
2010-12-21 05:38 . 2011-02-09 00:15 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2010-12-21 05:38 . 2011-02-09 00:15 350720 ----a-w- c:\windows\SysWow64\winhttp.dll
2010-12-21 05:38 . 2011-02-09 00:15 204800 ----a-w- c:\windows\SysWow64\WebClnt.dll
2010-12-21 05:38 . 2011-02-09 00:15 204288 ----a-w- c:\windows\SysWow64\upnp.dll
2010-12-21 05:38 . 2011-02-09 00:15 14336 ----a-w- c:\windows\SysWow64\slwga.dll
2010-12-21 05:36 . 2011-02-09 00:15 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2010-12-21 05:36 . 2011-02-09 00:15 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2010-12-21 05:34 . 2011-02-09 00:15 80384 ----a-w- c:\windows\SysWow64\davclnt.dll
2010-12-20 22:09 . 2010-10-21 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2010-12-20 22:08 . 2010-10-21 17:09 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-18 06:11 . 2011-02-09 00:15 57856 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-18 06:11 . 2011-02-09 00:15 714752 ----a-w- c:\windows\system32\kerberos.dll
2010-12-18 05:29 . 2011-02-09 00:15 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll
2010-12-18 05:29 . 2011-02-09 00:15 541184 ----a-w- c:\windows\SysWow64\kerberos.dll
2010-12-18 04:55 . 2011-02-09 00:15 482816 ----a-w- c:\windows\system32\html.iec
2010-12-18 04:20 . 2011-02-09 00:15 386048 ----a-w- c:\windows\SysWow64\html.iec
2010-12-18 04:13 . 2011-02-09 00:15 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-12-18 03:47 . 2011-02-09 00:15 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC "= "c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-11-18 98304]
"Dell Webcam Central "= "c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"Desktop Disc Tool "= "c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-10-15 498160]
"DellSupportCenter "= "c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"avgnt "= "c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-11-06 281768]
"PWRISOVM.EXE "= "c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]
"Adobe Reader Speed Launcher "= "c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-10 35736]
"Adobe ARM "= "c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher "= "c:\program files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe" [2010-05-21 165184]
"DSUpdateLauncher "= "c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" [2010-05-21 18240]
.
c:\users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [N/A]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin "= 5 (0x5)
"ConsentPromptBehaviorUser "= 3 (0x3)
"EnableLUA "= 0 (0x0)
"EnableUIADesktopToggle "= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1 "=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=" "
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [x]
R3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2009-09-21 315664]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdflt.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [2009-03-02 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2010-11-06 135336]
S2 InstallFilterService;FF Install Filter Service;c:\program files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2009-06-23 60928]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys [x]
S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe64.sys [x]
S2 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe64.sys [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-05-21 673088]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2320920]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Acceler.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - KLMD25
*Deregistered* - klmd25
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp "= "c:\program files\IDT\WDM\sttray64.exe" [2010-01-20 487424]
"QuickSet "= "c:\program files\Dell\QuickSet\QuickSet.exe" [2010-04-02 3217056]
"FreeFallProtection "= "c:\program files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe" [2009-07-22 2384896]
"IntelWireless "= "c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2009-09-21 1926928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs "=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
Trusted Zone: real.com\rhap-app-4-0
Trusted Zone: real.com\rhapreg
FF - ProfilePath - c:\users\Andrew Oonk\AppData\Roaming\Mozilla\Firefox\Profiles\lik7162q.default\
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - %profile%\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
FF - Ext: Password Hasher: passhash@mozilla.wijjo.com - %profile%\extensions\passhash@mozilla.wijjo.com
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{C73A3942-84C8-4597-9F9B-EE227DCBA758} - c:\programdata\{D19C2D22-6043-47E7-B400-83A351841204}\delldock.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@= "FlashBroker "
"LocalizedString "= "@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled "=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@= "c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@= "Shockwave Flash Object "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@= "c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx "
"ThreadingModel "= "Apartment "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@= "0 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@= "ShockwaveFlash.ShockwaveFlash.10 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@= "c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@= "{D27CDB6B-AE6D-11cf-96B8-444553540000} "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@= "1.0 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@= "ShockwaveFlash.ShockwaveFlash "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@= "Macromedia Flash Factory Object "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@= "c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx "
"ThreadingModel "= "Apartment "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@= "FlashFactory.FlashFactory.1 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@= "c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@= "{D27CDB6B-AE6D-11cf-96B8-444553540000} "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@= "1.0 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@= "FlashFactory.FlashFactory "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@= "IFlashBroker4 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@= "{00020424-0000-0000-C000-000000000046} "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
"Version "= "1.0 "
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-03-16 13:09:49
ComboFix-quarantined-files.txt 2011-03-16 17:09
.
Pre-Run: 396,002,893,824 bytes free
Post-Run: 395,501,453,312 bytes free
.
- - End Of File - - C9ACF659D783DCEFE1CBEDB3DF6D0E0C

 

Here are the OTL Logs:

OTL logfile created on: 3/16/2011 1:56:49 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Andrew Oonk\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 65.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.14 Gb Total Space | 368.61 Gb Free Space | 82.25% Space Free | Partition Type: NTFS

Computer Name: STUDIO1558 | User Name: Andrew Oonk | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/03/16 13:55:34 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Andrew Oonk\Desktop\OTL.exe
PRC - [2010/12/08 18:03:12 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/11/05 21:54:57 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/11/05 21:54:57 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2010/05/21 13:00:52 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2010/05/21 12:58:30 | 000,673,088 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2009/09/30 08:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 08:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/07/22 09:52:12 | 002,384,896 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
PRC - [2009/06/24 17:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
PRC - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe


========== Modules (SafeList) ==========

MOD - [2011/03/16 13:55:34 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Andrew Oonk\Desktop\OTL.exe
MOD - [2010/08/21 01:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/01/20 16:10:00 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/11/18 01:45:40 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/11/02 13:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/09/21 16:24:40 | 001,420,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2009/09/21 16:03:06 | 000,315,664 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2009/09/21 16:00:44 | 000,831,760 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/02 14:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe -- (AESTFilters)
SRV - [2011/03/04 16:22:42 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/12/08 18:03:12 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/11/05 21:54:57 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/08/06 17:57:37 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/05/21 12:58:30 | 000,673,088 | ---- | M] (SoftThinks) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/30 08:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009/09/30 08:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009/06/23 17:02:42 | 000,060,928 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe -- (InstallFilterService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/12/08 18:03:40 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2010/03/02 13:35:01 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2010/01/20 16:10:00 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/01/12 06:37:34 | 000,325,152 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/11/18 02:21:20 | 006,171,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/11/02 13:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/09/29 21:34:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/09/17 00:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009/09/15 12:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel(R)
DRV:64bit: - [2009/08/23 23:20:22 | 000,285,744 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/24 02:13:02 | 000,023,912 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Acceler.sys -- (Acceler)
DRV:64bit: - [2009/07/23 13:57:48 | 000,018,792 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdflt.sys -- (stdflt)
DRV:64bit: - [2009/07/13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/07/04 07:27:02 | 000,055,808 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpe64.sys -- (rixdpcie)
DRV:64bit: - [2009/07/01 20:54:52 | 000,060,416 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspe64.sys -- (rimspci)
DRV:64bit: - [2009/07/01 06:31:58 | 000,080,896 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdpe64.sys -- (risdpcie)
DRV:64bit: - [2009/06/25 05:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009/06/25 04:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2009/06/25 04:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2009/06/15 14:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/07/26 15:26:34 | 000,050,072 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2008/07/26 15:25:48 | 000,790,424 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2008/07/26 15:22:34 | 002,624,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LV302V64.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV:64bit: - [2008/07/26 15:22:22 | 000,015,768 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lv302a64.sys -- (lvpepf64)
DRV:64bit: - [2006/11/01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2480203779-3898403466-1648780137-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-2480203779-3898403466-1648780137-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
FF - prefs.js..extensions.enabledItems: passhash@mozilla.wijjo.com:1.1.6
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/03/07 04:23:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/03/07 04:23:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\SeaMonkey 2.0.12\extensions\\Components: C:\Program Files (x86)\SeaMonkey\components [2011/03/14 11:06:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\SeaMonkey 2.0.12\extensions\\Plugins: C:\Program Files (x86)\SeaMonkey\plugins [2011/03/14 11:06:12 | 000,000,000 | ---D | M]

[2011/03/14 11:06:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andrew Oonk\AppData\Roaming\Mozilla\Extensions
[2011/03/14 11:06:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andrew Oonk\AppData\Roaming\Mozilla\Extensions\{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}
[2011/03/16 12:12:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andrew Oonk\AppData\Roaming\Mozilla\Firefox\Profiles\lik7162q.default\extensions
[2010/09/19 21:42:24 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\Andrew Oonk\AppData\Roaming\Mozilla\Firefox\Profiles\lik7162q.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010/11/09 16:37:27 | 000,000,000 | ---D | M] ( "Password Hasher ") -- C:\Users\Andrew Oonk\AppData\Roaming\Mozilla\Firefox\Profiles\lik7162q.default\extensions\passhash@mozilla.wijjo.com
[2011/03/15 23:06:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andrew Oonk\AppData\Roaming\Mozilla\SeaMonkey\Profiles\967xx8bw.default\extensions
[2011/03/15 23:06:23 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\Andrew Oonk\AppData\Roaming\Mozilla\SeaMonkey\Profiles\967xx8bw.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/03/15 23:06:23 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Users\Andrew Oonk\AppData\Roaming\Mozilla\SeaMonkey\Profiles\967xx8bw.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
[2011/03/15 23:06:23 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Users\Andrew Oonk\AppData\Roaming\Mozilla\SeaMonkey\Profiles\967xx8bw.default\extensions\inspector@mozilla.org
[2010/08/11 16:42:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

O1 HOSTS File: ([2011/03/16 13:08:00 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe ()
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\RunOnce: [DSUpdateLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe (Dell)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)
O4 - Startup: C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2480203779-3898403466-1648780137-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2480203779-3898403466-1648780137-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O15 - HKU\S-1-5-21-2480203779-3898403466-1648780137-1000\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKU\S-1-5-21-2480203779-3898403466-1648780137-1000\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} http://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab (Enlite 2.x Simulation Engine Installer)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 148.61.1.10 148.61.1.15
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - Reg Error: Key error. - File not found
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/03/16 13:55:33 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Andrew Oonk\Desktop\OTL.exe
[2011/03/16 13:09:51 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/03/16 13:01:17 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/03/16 13:01:17 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/03/16 13:01:17 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/03/16 13:01:14 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/03/16 13:00:39 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/03/16 13:00:22 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011/03/16 13:00:19 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2011/03/16 09:20:28 | 000,000,000 | ---D | C] -- C:\Users\Andrew Oonk\Desktop\tdsskiller
[2011/03/15 22:57:50 | 000,000,000 | ---D | C] -- C:\Users\Andrew Oonk\Desktop\public_html
[2011/03/15 20:45:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/03/15 20:40:03 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Andrew Oonk\Desktop\TFC.exe
[2011/03/14 11:06:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SeaMonkey
[2011/03/14 11:06:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SeaMonkey
[2011/03/10 21:24:43 | 000,000,000 | ---D | C] -- C:\Users\Andrew Oonk\AppData\Roaming\Unity
[2011/03/10 21:20:42 | 000,000,000 | ---D | C] -- C:\Users\Andrew Oonk\AppData\Local\Unity
[2011/03/08 00:26:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Turbine
[2011/03/08 00:03:34 | 000,000,000 | ---D | C] -- C:\Users\Andrew Oonk\Documents\Dungeons and Dragons Online
[2011/03/07 23:54:40 | 000,000,000 | ---D | C] -- C:\Users\Andrew Oonk\AppData\Local\Turbine
[2011/03/07 23:53:36 | 000,000,000 | ---D | C] -- C:\Users\Andrew Oonk\AppData\Local\ApplicationHistory
[2011/03/07 23:51:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\URTTEMP
[2011/03/07 19:23:00 | 000,000,000 | ---D | C] -- C:\Users\Andrew Oonk\AppData\Local\PMB Files
[2011/03/07 19:22:59 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2011/03/07 19:21:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2011/02/25 17:04:04 | 000,000,000 | ---D | C] -- C:\Users\Andrew Oonk\AppData\Local\Fallout3
[2011/02/25 16:40:56 | 000,000,000 | ---D | C] -- C:\Users\Andrew Oonk\Documents\My Games
[2011/02/25 16:38:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2011/02/25 16:36:52 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2011/02/23 13:47:57 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/02/21 00:43:52 | 000,000,000 | ---D | C] -- C:\Users\Andrew Oonk\AppData\Roaming\Kalypso Media
[2011/02/18 11:05:43 | 000,000,000 | ---D | C] -- C:\Users\Andrew Oonk\AppData\Local\Apps

========== Files - Modified Within 30 Days ==========

[2011/03/16 13:55:34 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Andrew Oonk\Desktop\OTL.exe
[2011/03/16 13:08:00 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/03/16 12:56:45 | 004,288,498 | R--- | M] () -- C:\Users\Andrew Oonk\Desktop\ComboFix.exe
[2011/03/16 11:22:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/03/16 09:20:13 | 001,263,721 | ---- | M] () -- C:\Users\Andrew Oonk\Desktop\tdsskiller.zip
[2011/03/16 09:18:39 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/03/16 09:18:39 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/03/16 09:16:07 | 003,743,192 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/03/16 09:16:07 | 001,198,330 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/03/16 09:16:07 | 000,006,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/03/16 09:11:06 | 3168,165,888 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/15 21:24:08 | 000,625,664 | ---- | M] () -- C:\Users\Andrew Oonk\Desktop\dds.scr
[2011/03/15 21:23:04 | 000,080,384 | ---- | M] () -- C:\Users\Andrew Oonk\Desktop\MBRCheck.exe
[2011/03/15 20:59:22 | 000,296,448 | ---- | M] () -- C:\Users\Andrew Oonk\Desktop\jjlh1bqp.exe
[2011/03/15 20:40:03 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Andrew Oonk\Desktop\TFC.exe
[2011/03/14 11:06:16 | 000,001,891 | ---- | M] () -- C:\Users\Andrew Oonk\Application Data\Microsoft\Internet Explorer\Quick Launch\SeaMonkey.lnk
[2011/03/14 11:06:16 | 000,001,867 | ---- | M] () -- C:\Users\Public\Desktop\SeaMonkey.lnk
[2011/03/08 00:07:24 | 001,812,360 | ---- | M] () -- C:\Users\Andrew Oonk\Desktop\ddostandard.exe
[2011/03/07 23:54:42 | 000,000,099 | ---- | M] () -- C:\Users\Andrew Oonk\AppData\Local\fusioncache.dat
[2011/03/07 23:53:22 | 000,006,396 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/03/03 12:18:50 | 000,008,192 | ---- | M] () -- C:\Users\Andrew Oonk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/25 16:36:52 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2011/02/23 13:47:54 | 399,562,446 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/02/19 01:17:14 | 000,008,243 | ---- | M] () -- C:\Users\Andrew Oonk\.recently-used.xbel
[2011/02/17 16:03:04 | 000,000,983 | ---- | M] () -- C:\WirelessDiagLog.csv

========== Files Created - No Company Name ==========

[2011/03/16 13:01:17 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/03/16 13:01:17 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/03/16 13:01:17 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/03/16 13:01:17 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/03/16 13:01:17 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/03/16 12:56:37 | 004,288,498 | R--- | C] () -- C:\Users\Andrew Oonk\Desktop\ComboFix.exe
[2011/03/16 09:20:12 | 001,263,721 | ---- | C] () -- C:\Users\Andrew Oonk\Desktop\tdsskiller.zip
[2011/03/15 21:24:07 | 000,625,664 | ---- | C] () -- C:\Users\Andrew Oonk\Desktop\dds.scr
[2011/03/15 21:23:03 | 000,080,384 | ---- | C] () -- C:\Users\Andrew Oonk\Desktop\MBRCheck.exe
[2011/03/15 20:59:21 | 000,296,448 | ---- | C] () -- C:\Users\Andrew Oonk\Desktop\jjlh1bqp.exe
[2011/03/14 11:06:16 | 000,001,891 | ---- | C] () -- C:\Users\Andrew Oonk\Application Data\Microsoft\Internet Explorer\Quick Launch\SeaMonkey.lnk
[2011/03/14 11:06:16 | 000,001,867 | ---- | C] () -- C:\Users\Public\Desktop\SeaMonkey.lnk
[2011/03/08 00:07:14 | 001,812,360 | ---- | C] () -- C:\Users\Andrew Oonk\Desktop\ddostandard.exe
[2011/03/07 23:54:42 | 000,000,099 | ---- | C] () -- C:\Users\Andrew Oonk\AppData\Local\fusioncache.dat
[2011/02/23 13:47:54 | 399,562,446 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/02/21 00:42:54 | 000,006,396 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/02/19 01:17:14 | 000,008,243 | ---- | C] () -- C:\Users\Andrew Oonk\.recently-used.xbel
[2011/02/17 16:02:48 | 000,000,983 | ---- | C] () -- C:\WirelessDiagLog.csv
[2011/01/31 14:54:27 | 000,007,626 | ---- | C] () -- C:\Users\Andrew Oonk\AppData\Local\Resmon.ResmonCfg
[2011/01/30 23:33:23 | 000,683,801 | ---- | C] () -- C:\Windows\unins000.exe
[2011/01/30 23:33:23 | 000,001,073 | ---- | C] () -- C:\Windows\unins000.dat
[2010/08/26 00:34:56 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/08/13 01:33:36 | 000,008,192 | ---- | C] () -- C:\Users\Andrew Oonk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/06 19:43:08 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/08/06 18:09:43 | 000,000,075 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2009/08/07 20:51:34 | 000,178,430 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2010/11/26 03:50:22 | 000,000,000 | ---D | M] -- C:\Users\Andrew Oonk\AppData\Roaming\.doomseeker
[2011/02/16 20:40:27 | 000,000,000 | ---D | M] -- C:\Users\Andrew Oonk\AppData\Roaming\.minecraft
[2011/02/19 00:44:18 | 000,000,000 | ---D | M] -- C:\Users\Andrew Oonk\AppData\Roaming\gtk-2.0
[2011/02/09 00:37:31 | 000,000,000 | ---D | M] -- C:\Users\Andrew Oonk\AppData\Roaming\Juniper Networks
[2011/02/21 00:43:52 | 000,000,000 | ---D | M] -- C:\Users\Andrew Oonk\AppData\Roaming\Kalypso Media
[2011/03/10 21:24:43 | 000,000,000 | ---D | M] -- C:\Users\Andrew Oonk\AppData\Roaming\Unity
[2011/01/21 14:24:46 | 000,032,568 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2011/03/16 13:09:49 | 000,017,788 | ---- | M] () -- C:\ComboFix.txt
[2010/08/06 20:30:17 | 000,003,757 | RH-- | M] () -- C:\dell.sdr
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 09:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 09:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007/11/07 09:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2011/03/16 09:11:06 | 3168,165,888 | -HS- | M] () -- C:\hiberfil.sys
[2007/11/07 09:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 09:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 09:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 09:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 09:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 09:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 09:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 09:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 09:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 09:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2011/03/16 09:11:10 | 4224,225,280 | -HS- | M] () -- C:\pagefile.sys
[2011/03/16 09:21:55 | 000,065,620 | ---- | M] () -- C:\TDSSKiller.2.4.21.0_16.03.2011_09.20.40_log.txt
[2007/11/07 09:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 09:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 09:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI
[2011/02/17 16:03:04 | 000,000,983 | ---- | M] () -- C:\WirelessDiagLog.csv

< %systemroot%\Fonts\*.com >
[2009/07/14 01:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 01:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 01:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 01:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/06/10 16:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2009/07/10 13:15:46 | 000,306,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2009/07/14 00:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/08/10 16:02:15 | 000,000,221 | -HS- | M] () -- C:\Users\Andrew Oonk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2011/03/16 12:56:45 | 004,288,498 | R--- | M] () -- C:\Users\Andrew Oonk\Desktop\ComboFix.exe
[2011/03/08 00:07:24 | 001,812,360 | ---- | M] () -- C:\Users\Andrew Oonk\Desktop\ddostandard.exe
[2011/03/15 20:59:22 | 000,296,448 | ---- | M] () -- C:\Users\Andrew Oonk\Desktop\jjlh1bqp.exe
[2011/03/15 21:23:04 | 000,080,384 | ---- | M] () -- C:\Users\Andrew Oonk\Desktop\MBRCheck.exe
[2010/12/16 02:21:32 | 000,232,501 | ---- | M] () -- C:\Users\Andrew Oonk\Desktop\Minecraft.exe
[2011/03/16 13:55:34 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Andrew Oonk\Desktop\OTL.exe
[2011/03/15 20:45:24 | 006,277,496 | ---- | M] (Microsoft Corporation) -- C:\Users\Andrew Oonk\Desktop\Silverlight.exe
[2011/03/15 20:40:03 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Andrew Oonk\Desktop\TFC.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2009/06/10 17:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\addins\FXSEXT.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2010/08/10 15:22:56 | 000,000,402 | -HS- | M] () -- C:\Users\Andrew Oonk\Favorites\desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2011/01/24 00:14:25 | 000,000,667 | ---- | M] () -- C:\ProgramData\hpzinstall.log

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< End of report >

 

OTL Extras logfile created on: 3/16/2011 1:56:49 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Andrew Oonk\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 65.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.14 Gb Total Space | 368.61 Gb Free Space | 82.25% Space Free | Partition Type: NTFS

Computer Name: STUDIO1558 | User Name: Andrew Oonk | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2480203779-3898403466-1648780137-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll ",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll ",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1 ",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1 "
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416021FF}" = Java(TM) 6 Update 21 (64-bit)
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AE124EE9-EF32-69C5-60F9-FFA0FFF7F9B1}" = ccc-utility64
"{CCAFF072-4DDB-4846-963D-15F02A8E9472}" = Intel(R) PROSet/Wireless WiFi Software
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Dell Touchpad

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{13798206-C1C4-11D7-8CCB-CE81DE993523}}_is1" = WhackEd2
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.6.1
"{1DC7DFF9-2180-0E7E-DB49-817280EE4E93}" = Catalyst Control Center Graphics Light
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21
"{27B94460-B1A6-BE42-D92A-4FCDCF4A719F}" = CCC Help German
"{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}" = Microsoft Games for Windows - LIVE Redistributable
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{47BC5D36-B837-B2A8-FB46-F6EC602A7F9C}" = Catalyst Control Center Graphics Previews Common
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B8C6616-F310-60D3-71FD-057C16DB3E8A}" = CCC Help Finnish
"{5FEF1894-CF67-B16C-11B6-5818358B3FC9}" = CCC Help Russian
"{60E9E76A-FB31-67CB-8071-A1D38A499A86}" = CCC Help French
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6869DEA9-8FA6-E3E0-05B6-8187FEB71D52}" = Skins
"{69533745-1E2D-4C98-8B4A-B7643EF9E1A2}" = Catalyst Control Center - Branding
"{6ED86F6F-7130-48F5-2AF7-5D693098057F}" = CCC Help Norwegian
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = Accelerometer
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9B9F49A2-6791-761F-6077-22977B0FD03D}" = CCC Help Dutch
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A697D62C-643B-5315-204B-D43055A86649}" = CCC Help Swedish
"{A6B483B0-E8E8-0EE1-D678-FEEBDF27FE15}" = Catalyst Control Center Localization All
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A9316AC7-CAB2-C29B-F8B6-6239817B1B45}" = CCC Help Chinese Standard
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AFF254B3-ABBC-15E7-200E-FABF74314C13}" = ccc-core-static
"{B27E389B-AE9B-BEB6-8FCF-BA293F884C70}" = CCC Help Japanese
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{B5AB153E-59F3-AB56-F8A7-43E531368327}" = Catalyst Control Center Graphics Full New
"{BA214394-CDD8-BB3C-3FCC-8294C9A02ACA}" = CCC Help Chinese Traditional
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BF8DC895-9CC3-E284-6ADF-67077E3FBCA2}" = CCC Help Danish
"{C325F588-D6B1-4A7F-B6A2-914C75DDA348}" = Morrowind
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D0016802-8E49-0DED-0B9C-F8946945998F}" = Catalyst Control Center Graphics Full Existing
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D5395E5F-4D45-4665-8F00-234FA33678AF}" = SlimDX Redistributable (March 2009)
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DB3C800B-081B-4146-B4E3-EFB5B77AA913}" = TES Construction Set
"{DC068C99-4AF6-C4B4-178F-790CC62B93ED}" = Catalyst Control Center Graphics Previews Vista
"{DD786529-8C5E-4C64-9FA6-D47FBF17C392}" = Catalyst Control Center InstallProxy
"{DDBBE693-E9E5-A743-4C11-D693F94A80D7}" = Catalyst Control Center Core Implementation
"{DF6BCD20-50DC-4DE6-4798-948DF8CAC38A}" = CCC Help Korean
"{DF8F8A4A-C9EB-79EC-7597-166D3042EAA8}" = CCC Help Spanish
"{E19F161D-7FD0-FECB-41B1-A036862C3E47}" = CCC Help English
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E393AA7A-33AE-1F62-0C33-D107BB03E74E}" = CCC Help Portuguese
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{EE7BEE99-4C13-DF3E-142B-5E4BA8D10CEC}" = CCC Help Italian
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"15b35190-c6f9-11d9-9669-0800200c9a66_is1" = Dungeons & Dragons Online ®: Eberron Unlimited ™ v01.13.01.801
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Dell Webcam Central" = Dell Webcam Central
"Doom Builder 2_is1" = Doom Builder 2.1
"GoToAssist" = GoToAssist 8.0.0.514
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Juniper_Setup_Client Activex Control" = Juniper Networks Setup Client Activex Control
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"MyITLab ActiveX Installer_is1" = MyITLab ActiveX Installer 2, 9, 8, 65535
"PowerISO" = PowerISO
"Rhapsody" = Rhapsody
"SeaMonkey (2.0.12)" = SeaMonkey (2.0.12)
"Skulltag" = Skulltag
"StarCraft II" = StarCraft II
"Steam App 550" = Left 4 Dead 2
"Steam App 563" = Left 4 Dead 2 Authoring Tools
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2480203779-3898403466-1648780137-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Juniper_Setup_Client" = Juniper Networks Setup Client
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/7/2011 11:53:22 PM | Computer Name = Studio1558 | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. The BaseIndex value from the
Performance registry is the first DWORD in the Data section, LastCounter value
is the second DWORD in the Data section, and LastHelp value is the third DWORD in
the Data section.

Error - 3/7/2011 11:53:22 PM | Computer Name = Studio1558 | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service aspnet_state
(ASP.NET State Service) failed. The first DWORD in the Data section contains the
error code.

Error - 3/8/2011 12:19:16 PM | Computer Name = Studio1558 | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. The BaseIndex value from the
Performance registry is the first DWORD in the Data section, LastCounter value
is the second DWORD in the Data section, and LastHelp value is the third DWORD in
the Data section.

Error - 3/8/2011 12:19:16 PM | Computer Name = Studio1558 | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The first DWORD in the Data section contains the error code.

Error - 3/9/2011 11:52:46 AM | Computer Name = Studio1558 | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. The BaseIndex value from the
Performance registry is the first DWORD in the Data section, LastCounter value
is the second DWORD in the Data section, and LastHelp value is the third DWORD in
the Data section.

Error - 3/9/2011 11:52:46 AM | Computer Name = Studio1558 | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The first DWORD in the Data section contains the error code.

Error - 3/10/2011 1:05:08 PM | Computer Name = Studio1558 | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. The BaseIndex value from the
Performance registry is the first DWORD in the Data section, LastCounter value
is the second DWORD in the Data section, and LastHelp value is the third DWORD in
the Data section.

Error - 3/10/2011 1:05:08 PM | Computer Name = Studio1558 | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The first DWORD in the Data section contains the error code.

Error - 3/11/2011 11:21:44 AM | Computer Name = Studio1558 | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. The BaseIndex value from the
Performance registry is the first DWORD in the Data section, LastCounter value
is the second DWORD in the Data section, and LastHelp value is the third DWORD in
the Data section.

Error - 3/11/2011 11:21:44 AM | Computer Name = Studio1558 | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The first DWORD in the Data section contains the error code.

[ Media Center Events ]
Error - 12/4/2010 2:38:20 PM | Computer Name = Studio1558 | Source = MCUpdate | ID = 0
Description = 1:38:15 PM - Error connecting to the internet. 1:38:15 PM - Unable
to contact server..

Error - 12/5/2010 2:53:26 PM | Computer Name = Studio1558 | Source = MCUpdate | ID = 0
Description = 1:53:26 PM - Error connecting to the internet. 1:53:26 PM - Unable
to contact server..

Error - 12/5/2010 2:53:52 PM | Computer Name = Studio1558 | Source = MCUpdate | ID = 0
Description = 1:53:46 PM - Error connecting to the internet. 1:53:46 PM - Unable
to contact server..

Error - 12/10/2010 12:53:39 AM | Computer Name = Studio1558 | Source = MCUpdate | ID = 0
Description = 11:53:29 PM - Error connecting to the internet. 11:53:29 PM - Unable
to contact server..

Error - 12/10/2010 1:54:03 AM | Computer Name = Studio1558 | Source = MCUpdate | ID = 0
Description = 12:54:02 AM - Error connecting to the internet. 12:54:02 AM - Unable
to contact server..

Error - 12/10/2010 2:54:28 AM | Computer Name = Studio1558 | Source = MCUpdate | ID = 0
Description = 1:54:25 AM - Error connecting to the internet. 1:54:25 AM - Unable
to contact server..

Error - 12/10/2010 3:54:52 AM | Computer Name = Studio1558 | Source = MCUpdate | ID = 0
Description = 2:54:50 AM - Error connecting to the internet. 2:54:50 AM - Unable
to contact server..

Error - 12/10/2010 1:08:37 PM | Computer Name = Studio1558 | Source = MCUpdate | ID = 0
Description = 12:08:37 PM - Error connecting to the internet. 12:08:37 PM - Unable
to contact server..

Error - 12/10/2010 1:09:04 PM | Computer Name = Studio1558 | Source = MCUpdate | ID = 0
Description = 12:08:57 PM - Error connecting to the internet. 12:08:57 PM - Unable
to contact server..

Error - 12/15/2010 12:42:31 AM | Computer Name = Studio1558 | Source = MCUpdate | ID = 0
Description = 11:42:28 PM - Error connecting to the internet. 11:42:28 PM - Unable
to contact server..

[ System Events ]
Error - 3/14/2011 8:53:53 AM | Computer Name = Studio1558 | Source = Service Control Manager | ID = 7000
Description = The Dock Login Service service failed to start due to the following
error: %%2

Error - 3/14/2011 1:38:49 PM | Computer Name = Studio1558 | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ShellHWDetection service.

Error - 3/15/2011 11:52:56 AM | Computer Name = Studio1558 | Source = Service Control Manager | ID = 7000
Description = The Dock Login Service service failed to start due to the following
error: %%2

Error - 3/15/2011 4:17:42 PM | Computer Name = Studio1558 | Source = Service Control Manager | ID = 7000
Description = The Dock Login Service service failed to start due to the following
error: %%2

Error - 3/15/2011 6:31:56 PM | Computer Name = Studio1558 | Source = Service Control Manager | ID = 7000
Description = The Dock Login Service service failed to start due to the following
error: %%2

Error - 3/15/2011 8:42:14 PM | Computer Name = Studio1558 | Source = Service Control Manager | ID = 7000
Description = The Dock Login Service service failed to start due to the following
error: %%2

Error - 3/16/2011 9:11:24 AM | Computer Name = Studio1558 | Source = Service Control Manager | ID = 7000
Description = The Dock Login Service service failed to start due to the following
error: %%2

Error - 3/16/2011 1:05:34 PM | Computer Name = Studio1558 | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 3/16/2011 1:07:45 PM | Computer Name = Studio1558 | Source = Application Popup | ID = 1060
Description = \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility
with this system. Please contact your software vendor for a compatible version
of the driver.

Error - 3/16/2011 1:08:02 PM | Computer Name = Studio1558 | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.


< End of report >

 

Oh, and I just discovered that my ATI Catalyst Control Center won't work now... Not sure if it stopped working BEFORE or AFTER the scans we've been doing... I just noticed it by accident, actually... Any explanation as to what's going on with that now?

 

Here are the OTL and SecurityCheck Logs:

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk moved successfully.
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk moved successfully.
File move failed. C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk scheduled to be moved on reboot.
Registry key HKEY_USERS\S-1-5-21-2480203779-3898403466-1648780137-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\real.com\rhap-app-4-0\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-2480203779-3898403466-1648780137-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\real.com\rhapreg\ deleted successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Andrew Oonk
->Temp folder emptied: 348150 bytes
->Temporary Internet Files folder emptied: 107727 bytes
->Java cache emptied: 229489 bytes
->FireFox cache emptied: 47560858 bytes
->Flash cache emptied: 1215 bytes

User: Andy
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 49554 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 46.00 mb


[EMPTYFLASH]

User: All Users

User: Andrew Oonk
->Flash cache emptied: 0 bytes

User: Andy
->Flash cache emptied: 0 bytes

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 03162011_164233

Files\Folders moved on Reboot...
File\Folder C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk not found!
C:\Users\Andrew Oonk\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...


Results of screen317's Security Check version 0.99.7
Windows 7 (UAC is disabled!)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
Avira AntiVir Personal - Free Antivirus
WMI entry may not exist for antivirus; attempting automatic update.
Avira successfully updated!
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Java(TM) 6 Update 24
Out of date Java installed!
Adobe Flash Player 10.2.152.32
Adobe Reader X
Mozilla Firefox (3.6.15)
````````````````````````````````
Process Check:
objlist.exe by Laurent
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
``````````End of Log````````````

 

ESET Online Scanner didn't find any errors, so I guess I'm waiting for you!

EDIT: Also, Catalyst Control Center is up and working again, but I still cannot connect to Hotmail... And Steam won't run, but I'm just going to reinstall it as you suggested.

 

Alright, well, here is the final OTL log:

All processes killed
========== OTL ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Andrew Oonk
->Temp folder emptied: 152495 bytes
->Temporary Internet Files folder emptied: 946233 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 43112175 bytes
->Flash cache emptied: 560 bytes

User: Andy
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 42.00 mb


[EMPTYFLASH]

User: All Users

User: Andrew Oonk
->Flash cache emptied: 0 bytes

User: Andy
->Flash cache emptied: 0 bytes

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.22.3 log created on 03162011_202737

Files\Folders moved on Reboot...
C:\Users\Andrew Oonk\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...


And when I try to load up Hotmail, the browser will sit there and attempt to load the page, and eventually time out. I've tried it with FF and IE, and neither of them work... I s'pose I could check out my permissions to make sure that I didn't accidentally block hotmail somehow... But I really don't think that's the case. Do you have any ideas?


EDIT: I've loaded up Hotmail from other computers, and logged onto my email, so it must be something with my computer... Just thought I should mention that. Also, on a semi-unrelated note, for some reason, the screen display for my volume is no longer working... Normally, when I press the Volume Up/Down buttons, there is a semi-transparent overlay that appears over my screen, with a little meter showing what level my volume is at... And it's suddenly not showing up. I mean, the volume is changing when I press the buttons, but the overlay isn't showing up.

 

Alright. Well, thanks a ton Broni! You've cured my computer issues before, and you've continued to do so even now! Keep up the great work man! You're a very valuable asset, and a great person!