Inactive started w/google redirect&now taken over entire pc

okay so here's what happened.. I stood and watched the entire scan..Completed 50 stages I believe was the number.. It said deleting infected files..and then it said rebooting and thats what it did..

When it restarted it still would not start in Normal mode so I again started it in Safe mode.. I went to find the combofix log and saw that I could just enter into my command line C:\ComboFix.txt so that is what I did to locate it..It popped up I clicked on it and it said File was empty..could not find it anywhere..

Went back into ComboFix to see if it would run a scan and produce a log but now I cannot get Combofix to run..Clicked thru the same prompts as last time and ok on the warnings about Virus Fighter being detected but it refused to run..just nothing after clicking ok on the warning..

So now what?

I know it ran the scan..I know it said it was deleting infected files..but now zero record of it and it fails to run now..

 

ok will start on it now! Thanks!

 

here's Rkill log am starting broni.exe now..
This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 03/27/2011 at 22:04:47.
Operating System: Windows Vista (TM) Home Premium


Processes terminated by Rkill or while it was running:

C:\Users\Buddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\75R8NKP1\rkill[1].com


Rkill completed on 03/27/2011 at 22:04:50.

 

ok combo/broni fix is working..hopefully I'll get a d@mn log out of it this time.lol I'm crossing my fingers and toes..Letcha know soon..

 

wow it did it again.. Just went straight to the rebooting after it said it had completed all 50 stages and was deleting infected files..I so hope there is a log available this time..it's restarting now..

 

No ComboFix log

 

ok..will do.. Thanks for sticking with me thru this mess..You are appreciated much

 

It says its all clean..
TDSS log:

2011/03/27 22:44:24.0829 1272 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/03/27 22:44:25.0165 1272 ================================================================================
2011/03/27 22:44:25.0165 1272 SystemInfo:
2011/03/27 22:44:25.0166 1272
2011/03/27 22:44:25.0166 1272 OS Version: 6.0.6001 ServicePack: 1.0
2011/03/27 22:44:25.0166 1272 Product type: Workstation
2011/03/27 22:44:25.0166 1272 ComputerName: BUDDY-PC
2011/03/27 22:44:25.0166 1272 UserName: Buddy
2011/03/27 22:44:25.0166 1272 Windows directory: C:\Windows
2011/03/27 22:44:25.0166 1272 System windows directory: C:\Windows
2011/03/27 22:44:25.0166 1272 Processor architecture: Intel x86
2011/03/27 22:44:25.0166 1272 Number of processors: 2
2011/03/27 22:44:25.0166 1272 Page size: 0x1000
2011/03/27 22:44:25.0166 1272 Boot type: Safe boot with network
2011/03/27 22:44:25.0166 1272 ================================================================================
2011/03/27 22:44:25.0501 1272 Initialize success
2011/03/27 22:44:45.0734 1540 ================================================================================
2011/03/27 22:44:45.0734 1540 Scan started
2011/03/27 22:44:45.0734 1540 Mode: Manual;
2011/03/27 22:44:45.0734 1540 ================================================================================
2011/03/27 22:44:46.0174 1540 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
2011/03/27 22:44:46.0246 1540 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/03/27 22:44:46.0326 1540 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/03/27 22:44:46.0356 1540 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/03/27 22:44:46.0386 1540 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/03/27 22:44:46.0546 1540 AFD (763e172a55177e478cb419f88fd0ba03) C:\Windows\system32\drivers\afd.sys
2011/03/27 22:44:46.0634 1540 AgereSoftModem (38325c6aa8eae011897d61ce48ec6435) C:\Windows\system32\DRIVERS\AGRSM.sys
2011/03/27 22:44:46.0792 1540 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/03/27 22:44:46.0887 1540 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/03/27 22:44:46.0952 1540 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/03/27 22:44:47.0027 1540 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/03/27 22:44:47.0063 1540 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/03/27 22:44:47.0176 1540 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/03/27 22:44:47.0199 1540 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2011/03/27 22:44:47.0388 1540 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/03/27 22:44:47.0465 1540 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/03/27 22:44:47.0529 1540 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/03/27 22:44:47.0571 1540 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
2011/03/27 22:44:47.0709 1540 athr (8be56f8300e1c37b578da23c71816b7a) C:\Windows\system32\DRIVERS\athr.sys
2011/03/27 22:44:47.0891 1540 AVFSFilter (afb27b96a230f7d922fcbab57f316158) C:\Windows\system32\DRIVERS\avfsfilter.sys
2011/03/27 22:44:47.0957 1540 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/03/27 22:44:48.0030 1540 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/03/27 22:44:48.0183 1540 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2011/03/27 22:44:48.0281 1540 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/03/27 22:44:48.0357 1540 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/03/27 22:44:48.0492 1540 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/03/27 22:44:48.0563 1540 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/03/27 22:44:48.0639 1540 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/03/27 22:44:48.0679 1540 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/03/27 22:44:48.0782 1540 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/03/27 22:44:48.0850 1540 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/03/27 22:44:48.0886 1540 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
2011/03/27 22:44:48.0931 1540 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2011/03/27 22:44:49.0036 1540 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
2011/03/27 22:44:49.0194 1540 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/03/27 22:44:49.0241 1540 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/03/27 22:44:49.0283 1540 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/03/27 22:44:49.0312 1540 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/03/27 22:44:49.0344 1540 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/03/27 22:44:49.0419 1540 DfsC (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys
2011/03/27 22:44:49.0565 1540 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
2011/03/27 22:44:49.0654 1540 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/03/27 22:44:49.0738 1540 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
2011/03/27 22:44:49.0866 1540 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/03/27 22:44:49.0958 1540 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
2011/03/27 22:44:50.0125 1540 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/03/27 22:44:50.0251 1540 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/03/27 22:44:50.0438 1540 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
2011/03/27 22:44:50.0466 1540 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
2011/03/27 22:44:50.0529 1540 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/03/27 22:44:50.0664 1540 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/03/27 22:44:50.0700 1540 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/03/27 22:44:50.0798 1540 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/03/27 22:44:50.0845 1540 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
2011/03/27 22:44:50.0935 1540 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/03/27 22:44:51.0000 1540 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/03/27 22:44:51.0097 1540 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2011/03/27 22:44:51.0217 1540 grmnusb (6003bc70f1a8307262bd3c941bda0b7e) C:\Windows\system32\drivers\grmnusb.sys
2011/03/27 22:44:51.0383 1540 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/03/27 22:44:51.0413 1540 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/03/27 22:44:51.0457 1540 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/03/27 22:44:51.0559 1540 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/03/27 22:44:51.0640 1540 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\drivers\hidusb.sys
2011/03/27 22:44:51.0764 1540 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/03/27 22:44:51.0843 1540 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
2011/03/27 22:44:51.0953 1540 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
2011/03/27 22:44:52.0098 1540 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
2011/03/27 22:44:52.0203 1540 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/03/27 22:44:52.0298 1540 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/03/27 22:44:52.0348 1540 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/03/27 22:44:52.0457 1540 igfx (c134e69ce901422d1f2d7ea8d69098fe) C:\Windows\system32\DRIVERS\igdkmd32.sys
2011/03/27 22:44:52.0600 1540 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/03/27 22:44:52.0673 1540 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Windows\system32\drivers\int15.sys
2011/03/27 22:44:52.0780 1540 IntcHdmiAddService (98d303ccb3415e9202e82043b37d66dc) C:\Windows\system32\drivers\IntcHdmi.sys
2011/03/27 22:44:52.0836 1540 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/03/27 22:44:52.0883 1540 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/03/27 22:44:52.0945 1540 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/03/27 22:44:53.0058 1540 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/03/27 22:44:53.0115 1540 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/03/27 22:44:53.0178 1540 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/03/27 22:44:53.0228 1540 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/03/27 22:44:53.0286 1540 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/03/27 22:44:53.0371 1540 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/03/27 22:44:53.0441 1540 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/03/27 22:44:53.0492 1540 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/03/27 22:44:53.0555 1540 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
2011/03/27 22:44:53.0636 1540 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
2011/03/27 22:44:53.0746 1540 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/03/27 22:44:53.0837 1540 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/03/27 22:44:53.0954 1540 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/03/27 22:44:54.0106 1540 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/03/27 22:44:54.0152 1540 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/03/27 22:44:54.0241 1540 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/03/27 22:44:54.0312 1540 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/03/27 22:44:54.0357 1540 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/03/27 22:44:54.0409 1540 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/03/27 22:44:54.0435 1540 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/03/27 22:44:54.0468 1540 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\drivers\mouhid.sys
2011/03/27 22:44:54.0508 1540 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/03/27 22:44:54.0592 1540 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/03/27 22:44:54.0642 1540 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/03/27 22:44:54.0706 1540 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/03/27 22:44:54.0780 1540 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
2011/03/27 22:44:54.0850 1540 mrxsmb (7afc42e60432fd1014f5342f2b1b1f74) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/03/27 22:44:54.0920 1540 mrxsmb10 (8a75752ae17924f65452746674b14b78) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/03/27 22:44:54.0998 1540 mrxsmb20 (f4d0f3252e651f02be64984ffa738394) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/03/27 22:44:55.0060 1540 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2011/03/27 22:44:55.0131 1540 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/03/27 22:44:55.0225 1540 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/03/27 22:44:55.0344 1540 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/03/27 22:44:55.0470 1540 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/03/27 22:44:55.0511 1540 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/03/27 22:44:55.0642 1540 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/03/27 22:44:55.0716 1540 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
2011/03/27 22:44:55.0793 1540 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/03/27 22:44:55.0879 1540 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/03/27 22:44:55.0939 1540 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
2011/03/27 22:44:56.0042 1540 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
2011/03/27 22:44:56.0129 1540 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
2011/03/27 22:44:56.0241 1540 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/03/27 22:44:56.0301 1540 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/03/27 22:44:56.0387 1540 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/03/27 22:44:56.0458 1540 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/03/27 22:44:56.0514 1540 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/03/27 22:44:56.0587 1540 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
2011/03/27 22:44:56.0744 1540 NETw3v32 (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys
2011/03/27 22:44:56.0909 1540 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/03/27 22:44:56.0997 1540 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
2011/03/27 22:44:57.0074 1540 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/03/27 22:44:57.0197 1540 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
2011/03/27 22:44:57.0264 1540 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/03/27 22:44:57.0312 1540 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/03/27 22:44:57.0357 1540 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/03/27 22:44:57.0442 1540 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/03/27 22:44:57.0484 1540 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/03/27 22:44:57.0594 1540 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
2011/03/27 22:44:57.0700 1540 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/03/27 22:44:57.0753 1540 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
2011/03/27 22:44:57.0809 1540 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/03/27 22:44:57.0883 1540 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
2011/03/27 22:44:57.0945 1540 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
2011/03/27 22:44:57.0989 1540 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/03/27 22:44:58.0071 1540 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/03/27 22:44:58.0239 1540 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/03/27 22:44:58.0270 1540 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2011/03/27 22:44:58.0421 1540 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
2011/03/27 22:44:58.0487 1540 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
2011/03/27 22:44:58.0568 1540 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/03/27 22:44:58.0677 1540 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/03/27 22:44:58.0746 1540 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/03/27 22:44:58.0778 1540 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/03/27 22:44:58.0856 1540 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/03/27 22:44:58.0918 1540 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/03/27 22:44:58.0961 1540 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
2011/03/27 22:44:58.0988 1540 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
2011/03/27 22:44:59.0010 1540 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/03/27 22:44:59.0115 1540 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2011/03/27 22:44:59.0155 1540 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/03/27 22:44:59.0213 1540 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
2011/03/27 22:44:59.0371 1540 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/03/27 22:44:59.0414 1540 RTL8169 (cb0bd9e10e3e244d312c106dee1bbb93) C:\Windows\system32\DRIVERS\Rtlh86.sys
2011/03/27 22:44:59.0463 1540 RTSTOR (0d1c1b0de2819fe1ea25098183130b64) C:\Windows\system32\drivers\RTSTOR.SYS
2011/03/27 22:44:59.0502 1540 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/03/27 22:44:59.0564 1540 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/03/27 22:44:59.0677 1540 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/03/27 22:44:59.0727 1540 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/03/27 22:44:59.0766 1540 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/03/27 22:44:59.0881 1540 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/03/27 22:44:59.0919 1540 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/03/27 22:45:00.0005 1540 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2011/03/27 22:45:00.0055 1540 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/03/27 22:45:00.0137 1540 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/03/27 22:45:00.0181 1540 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/03/27 22:45:00.0208 1540 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/03/27 22:45:00.0267 1540 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
2011/03/27 22:45:00.0358 1540 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/03/27 22:45:00.0440 1540 srv (5754e8bae40943871d0ab9becbf335e8) C:\Windows\system32\DRIVERS\srv.sys
2011/03/27 22:45:00.0487 1540 srv2 (d47b09ff7d28ee44d728f57c2d1fab86) C:\Windows\system32\DRIVERS\srv2.sys
2011/03/27 22:45:00.0559 1540 srvnet (32d52290341a740881521e118106acd6) C:\Windows\system32\DRIVERS\srvnet.sys
2011/03/27 22:45:00.0653 1540 STHDA (9b33aa7f98d54747b486fe33d4903278) C:\Windows\system32\drivers\stwrt.sys
2011/03/27 22:45:00.0724 1540 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/03/27 22:45:00.0785 1540 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/03/27 22:45:00.0810 1540 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/03/27 22:45:00.0886 1540 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/03/27 22:45:00.0946 1540 SynTP (1f452f22df0c00dd2529867e1ea0dc25) C:\Windows\system32\DRIVERS\SynTP.sys
2011/03/27 22:45:01.0126 1540 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
2011/03/27 22:45:01.0215 1540 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
2011/03/27 22:45:01.0284 1540 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
2011/03/27 22:45:01.0322 1540 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/03/27 22:45:01.0408 1540 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/03/27 22:45:01.0453 1540 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
2011/03/27 22:45:01.0523 1540 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
2011/03/27 22:45:01.0608 1540 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/03/27 22:45:01.0632 1540 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/03/27 22:45:01.0754 1540 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
2011/03/27 22:45:01.0797 1540 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/03/27 22:45:01.0855 1540 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
2011/03/27 22:45:01.0947 1540 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/03/27 22:45:01.0996 1540 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/03/27 22:45:02.0034 1540 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/03/27 22:45:02.0069 1540 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/03/27 22:45:02.0110 1540 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/03/27 22:45:02.0157 1540 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys
2011/03/27 22:45:02.0231 1540 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/03/27 22:45:02.0287 1540 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/03/27 22:45:02.0354 1540 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
2011/03/27 22:45:02.0412 1540 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
2011/03/27 22:45:02.0447 1540 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/03/27 22:45:02.0505 1540 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/03/27 22:45:02.0559 1540 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/03/27 22:45:02.0624 1540 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/03/27 22:45:02.0659 1540 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2011/03/27 22:45:02.0760 1540 UVCFTR (7b8424bbaafbc127c8f55ad6007d6d6b) C:\Windows\system32\Drivers\UVCFTR_S.SYS
2011/03/27 22:45:02.0841 1540 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/03/27 22:45:02.0890 1540 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/03/27 22:45:02.0956 1540 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/03/27 22:45:03.0006 1540 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/03/27 22:45:03.0073 1540 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/03/27 22:45:03.0140 1540 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/03/27 22:45:03.0260 1540 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
2011/03/27 22:45:03.0339 1540 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
2011/03/27 22:45:03.0411 1540 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/03/27 22:45:03.0534 1540 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/03/27 22:45:03.0598 1540 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/27 22:45:03.0631 1540 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/27 22:45:03.0744 1540 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/03/27 22:45:03.0794 1540 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/03/27 22:45:03.0973 1540 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
2011/03/27 22:45:04.0171 1540 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
2011/03/27 22:45:04.0280 1540 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/03/27 22:45:04.0385 1540 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/03/27 22:45:04.0471 1540 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/03/27 22:45:04.0592 1540 ================================================================================
2011/03/27 22:45:04.0592 1540 Scan finished
2011/03/27 22:45:04.0592 1540 ================================================================================

 

Computer Name: BUDDY-PC | User Name: Buddy | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/03/27 22:54:26 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Buddy\Desktop\OTL.exe
PRC - [2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/20 21:24:02 | 000,498,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\HelpPane.exe


========== Modules (SafeList) ==========

MOD - [2011/03/27 22:54:26 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Buddy\Desktop\OTL.exe
MOD - [2010/08/31 10:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/03/25 16:54:28 | 006,449,984 | ---- | M] (SurfRight B.V.) [Auto | Stopped] -- C:\Users\Buddy\Downloads\HitmanPro35.exe -- (HitmanPro35CrusaderBoot) Hitman Pro 3.5 Crusader (Boot)
SRV - [2010/12/24 08:03:39 | 001,141,896 | ---- | M] (SPAMfighter ApS) [Auto | Stopped] -- C:\Program Files\Fighters\FighterSuiteService.exe -- (Suite Service)
SRV - [2010/12/24 07:45:07 | 000,797,848 | ---- | M] () [Auto | Stopped] -- C:/Program Files/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe -- (AV Engine Scanning Service)
SRV - [2010/12/24 07:45:07 | 000,093,328 | ---- | M] () [Auto | Stopped] -- C:/Program Files/Common Files/Common Toolkit Suite/AVEngine/AVWatchService.exe -- (AV Watch Service)
SRV - [2010/11/23 21:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) [Unknown | Stopped] -- C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe -- (NSL)
SRV - [2008/06/11 12:18:30 | 000,024,576 | ---- | M] () [Auto | Stopped] -- C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe -- (ETService)
SRV - [2008/05/05 17:25:46 | 000,165,416 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\Gateway Games\Gateway Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/11 14:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Stopped] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007/07/27 12:49:42 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Program Files\IDT\WDM\stacsv.exe -- (STacSV)


========== Driver Services (SafeList) ==========

DRV - [2010/12/24 07:45:10 | 000,010,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avfsfilter.sys -- (AVFSFilter)
DRV - [2008/07/28 02:53:48 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/06/11 12:13:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008/02/29 18:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008/01/25 19:46:40 | 000,106,496 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/01/20 21:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2007/07/27 12:50:22 | 000,329,728 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/06/06 02:21:32 | 000,111,616 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - [2007/05/23 19:37:40 | 000,011,776 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp32&d=1210&m=t-6330u
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1328857917-3039519800-2467850559-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1328857917-3039519800-2467850559-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1328857917-3039519800-2467850559-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=Z007&form=ZGAPHP
IE - HKU\S-1-5-21-1328857917-3039519800-2467850559-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKU\S-1-5-21-1328857917-3039519800-2467850559-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1328857917-3039519800-2467850559-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1328857917-3039519800-2467850559-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1328857917-3039519800-2467850559-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1328857917-3039519800-2467850559-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1328857917-3039519800-2467850559-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.swagbucks.com/ "
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: printwithoutads@oleg.vaskevich:1.1
FF - prefs.js..extensions.enabledItems: {394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}:1.2.0
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.2
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {e968fc70-8f95-4ab9-9e79-304de2a71ee1}:0.7.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {203FB6B2-2E1E-4474-863B-4C483ECCE78E}:1.2.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {fe0258ab-4f74-43a1-8781-bcdf340f9ee9}:2.6.4
FF - prefs.js..extensions.enabledItems: adban@ad-ban.appspot.com:1.5.1
FF - prefs.js..extensions.enabledItems: historyblock@kain:1.3.5
FF - prefs.js..extensions.enabledItems: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.2.5.2
FF - prefs.js..network.proxy.ftp: "50.16.161.226 "
FF - prefs.js..network.proxy.ftp_port: 80
FF - prefs.js..network.proxy.gopher: "50.16.161.226 "
FF - prefs.js..network.proxy.gopher_port: 80
FF - prefs.js..network.proxy.http: "50.16.161.226 "
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.socks: "50.16.161.226 "
FF - prefs.js..network.proxy.socks_port: 80
FF - prefs.js..network.proxy.ssl: "50.16.161.226 "
FF - prefs.js..network.proxy.ssl_port: 80
FF - prefs.js..network.proxy.type: 1


FF - HKLM\software\mozilla\Firefox\Extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.2.0.6\coFFNST\ [2011/03/08 02:41:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/23 20:11:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/23 20:11:04 | 000,000,000 | ---D | M]

[2010/12/06 01:30:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Buddy\AppData\Roaming\Mozilla\Extensions
[2011/03/27 14:33:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Buddy\AppData\Roaming\Mozilla\Firefox\Profiles\zse52tuc.default\extensions
[2011/02/12 01:14:54 | 000,000,000 | ---D | M] (LightShot (screenshot tool)) -- C:\Users\Buddy\AppData\Roaming\Mozilla\Firefox\Profiles\zse52tuc.default\extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}
[2011/03/15 17:48:01 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Buddy\AppData\Roaming\Mozilla\Firefox\Profiles\zse52tuc.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/02/12 01:14:54 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Buddy\AppData\Roaming\Mozilla\Firefox\Profiles\zse52tuc.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/03/23 20:35:04 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Buddy\AppData\Roaming\Mozilla\Firefox\Profiles\zse52tuc.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011/02/12 01:14:54 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Buddy\AppData\Roaming\Mozilla\Firefox\Profiles\zse52tuc.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/02/19 05:55:04 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Users\Buddy\AppData\Roaming\Mozilla\Firefox\Profiles\zse52tuc.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
[2011/03/17 04:50:32 | 000,000,000 | ---D | M] (Redirect Remover) -- C:\Users\Buddy\AppData\Roaming\Mozilla\Firefox\Profiles\zse52tuc.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}
[2011/03/17 04:50:30 | 000,000,000 | ---D | M] (AdBan) -- C:\Users\Buddy\AppData\Roaming\Mozilla\Firefox\Profiles\zse52tuc.default\extensions\adban@ad-ban.appspot.com
[2011/03/23 20:35:07 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Buddy\AppData\Roaming\Mozilla\Firefox\Profiles\zse52tuc.default\extensions\engine@conduit.com
[2011/03/17 04:50:29 | 000,000,000 | ---D | M] (HistoryBlock) -- C:\Users\Buddy\AppData\Roaming\Mozilla\Firefox\Profiles\zse52tuc.default\extensions\historyblock@kain
[2010/12/06 01:43:28 | 000,000,000 | ---D | M] (Print Without Ads) -- C:\Users\Buddy\AppData\Roaming\Mozilla\Firefox\Profiles\zse52tuc.default\extensions\printwithoutads@oleg.vaskevich
[2011/03/17 04:50:29 | 000,000,000 | ---D | M] (Stealthy) -- C:\Users\Buddy\AppData\Roaming\Mozilla\Firefox\Profiles\zse52tuc.default\extensions\stealthyextension@gmail.com
[2011/03/17 04:50:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Buddy\AppData\Roaming\Mozilla\Firefox\Profiles\zse52tuc.default\extensions\stealthyextension@gmail.com\chrome
[2011/03/15 05:06:12 | 000,001,919 | ---- | M] () -- C:\Users\Buddy\AppData\Roaming\Mozilla\Firefox\Profiles\zse52tuc.default\searchplugins\bing-zugo.xml
[2011/03/08 17:49:53 | 000,002,463 | ---- | M] () -- C:\Users\Buddy\AppData\Roaming\Mozilla\Firefox\Profiles\zse52tuc.default\searchplugins\safesearch.xml
[2011/03/26 18:45:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/02/06 02:17:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/02/09 20:07:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/08 02:34:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/03/08 02:41:56 | 000,000,000 | ---D | M] (Norton Safe Web Lite Toolbar) -- C:\PROGRAMDATA\NORTON\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.2.0.6\COFFNST
[2010/12/08 04:03:28 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2011/03/27 21:20:15 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No

 

OTL logfile created on: 3/27/2011 10:55:19 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Buddy\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 86.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 93.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.88 Gb Total Space | 133.58 Gb Free Space | 59.93% Space Free | Partition Type: NTFS

CLSID value found.
O2 - BHO: (Norton Safe Web Lite BHO) - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Safe Web Lite) - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1328857917-3039519800-2467850559-1000\..\Toolbar\WebBrowser: (Norton Safe Web Lite) - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-1328857917-3039519800-2467850559-1000\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Gateway\traybar.exe (Chicony)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [VFPROguard] C:\Program Files\Fighters\VIRUSfighter\vfproTray.exe (SPAMfighter)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1328857917-3039519800-2467850559-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1328857917-3039519800-2467850559-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1328857917-3039519800-2467850559-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1328857917-3039519800-2467850559-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-1328857917-3039519800-2467850559-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} Reg Error: Key error. (GameTap Player)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\GTW3_Wide.bmp
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\GTW3_Wide.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.clmp3enc - C:\Program Files\CyberLink\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.yv12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 30 Days ==========

[2011/03/27 22:54:18 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Buddy\Desktop\OTL.exe
[2011/03/27 22:37:12 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/03/27 22:27:26 | 000,000,000 | --SD | C] -- C:\broni5141b
[2011/03/27 22:26:43 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011/03/27 22:16:17 | 000,000,000 | ---D | C] -- C:\Users\Buddy\AppData\Local\temp
[2011/03/27 22:06:41 | 000,000,000 | --SD | C] -- C:\broni
[2011/03/27 21:09:14 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/03/27 21:09:14 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/03/27 21:09:14 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/03/27 21:09:09 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011/03/27 21:09:09 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/03/27 20:49:23 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/03/27 19:12:37 | 000,000,000 | ---D | C] -- C:\Users\Buddy\AppData\Roaming\SUPERAntiSpyware.com
[2011/03/27 19:12:37 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/03/27 19:12:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/03/27 19:12:26 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/03/27 15:45:48 | 000,301,528 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/03/27 15:45:48 | 000,019,544 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/03/27 15:45:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/03/27 15:45:47 | 000,371,544 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/03/27 15:45:47 | 000,053,592 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/03/27 15:45:47 | 000,049,240 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/03/27 15:45:47 | 000,025,432 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/03/27 15:45:35 | 000,190,016 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/03/27 15:45:35 | 000,040,648 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/03/27 15:45:28 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/03/27 15:45:28 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/03/27 14:44:19 | 000,000,000 | ---D | C] -- C:\Users\Buddy\AppData\Roaming\Malwarebytes
[2011/03/27 14:44:14 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/03/27 14:44:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/03/27 14:44:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/03/27 14:44:11 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/03/27 14:44:11 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/03/27 14:41:44 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Buddy\Desktop\TFC.exe
[2011/03/27 02:47:55 | 000,000,000 | ---D | C] -- C:\Users\Buddy\AppData\Roaming\Uniblue
[2011/03/27 02:47:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2011/03/27 02:47:50 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2011/03/27 02:47:32 | 000,000,000 | ---D | C] -- C:\Users\Buddy\AppData\Local\OpenCandy
[2011/03/27 02:47:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SIW
[2011/03/27 02:47:30 | 000,000,000 | ---D | C] -- C:\Program Files\SIW
[2011/03/27 02:47:30 | 000,000,000 | ---D | C] -- C:\Users\Buddy\AppData\Roaming\OpenCandy
[2011/03/25 17:04:34 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe
[2011/03/25 16:55:03 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2011/03/25 16:54:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2011/03/25 15:46:09 | 000,000,000 | ---D | C] -- C:\Users\Buddy\Desktop\tdsskiller
[2011/03/23 23:24:25 | 000,000,000 | ---D | C] -- C:\Users\Buddy\AppData\Local\Trusted Software
[2011/03/23 23:24:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusted Software
[2011/03/23 23:24:02 | 000,000,000 | ---D | C] -- C:\Program Files\Trusted Software
[2011/03/23 20:35:35 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2011/03/23 20:35:24 | 000,000,000 | ---D | C] -- C:\Program Files\ConduitEngine
[2011/03/23 20:35:16 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrentBar
[2011/03/23 20:33:48 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2011/03/23 20:32:16 | 000,000,000 | ---D | C] -- C:\Users\Buddy\AppData\Roaming\uTorrent
[2011/03/23 02:32:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Master Uneraser
[2011/03/23 02:32:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InterCrypto Shared
[2011/03/23 02:32:38 | 000,000,000 | ---D | C] -- C:\Program Files\Master Uneraser
[2011/03/23 00:57:39 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2011/03/20 15:54:02 | 011,888,488 | ---- | C] (GARMIN Corp.) -- C:\Users\Buddy\MapSource.exe
[2011/03/19 18:39:22 | 000,000,000 | ---D | C] -- C:\Users\Buddy\AppData\Local\NPE
[2011/03/19 14:42:01 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011/03/16 17:39:45 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2011/03/16 17:29:12 | 000,000,000 | ---D | C] -- C:\Users\Buddy\AppData\Roaming\FreeFileViewer
[2011/03/16 16:42:30 | 000,000,000 | ---D | C] -- C:\Users\Buddy\AppData\Local\Apps
[2011/03/16 16:32:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileViewer
[2011/03/16 16:32:40 | 000,000,000 | ---D | C] -- C:\Program Files\FreeFileViewer
[2011/03/16 16:05:14 | 000,000,000 | ---D | C] -- C:\ProgramData\clp
[2011/03/16 16:04:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters
[2011/03/16 16:04:25 | 000,000,000 | ---D | C] -- C:\Program Files\Fighters
[2011/03/16 16:04:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Common Toolkit Suite
[2011/03/16 16:04:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Common Toolkit Suite
[2011/03/16 16:04:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Fighters
[2011/03/16 16:03:47 | 000,000,000 | -H-D | C] -- C:\ProgramData\{C2854F90-E25A-4436-A624-DAA1A3535BAF}
[2011/03/16 16:03:15 | 000,000,000 | ---D | C] -- C:\Users\Buddy\AppData\Roaming\Fighters
[2011/03/16 16:03:14 | 000,000,000 | ---D | C] -- C:\Users\Buddy\AppData\Local\PackageAware
[2011/03/16 00:01:23 | 001,320,224 | ---- | C] (Garmin, Ltd.) -- C:\Users\Buddy\SetupDEU.dll
[2011/03/16 00:01:23 | 001,316,128 | ---- | C] (Garmin, Ltd.) -- C:\Users\Buddy\SetupSLV.dll
[2011/03/16 00:01:23 | 001,316,128 | ---- | C] (Garmin, Ltd.) -- C:\Users\Buddy\SetupSKY.dll
[2011/03/16 00:01:23 | 001,316,128 | ---- | C] (Garmin, Ltd.) -- C:\Users\Buddy\SetupPLK.dll
[2011/03/16 00:01:23 | 001,316,128 | ---- | C] (Garmin, Ltd.) -- C:\Users\Buddy\SetupITA.dll
[2011/03/16 00:01:23 | 001,316,128 | ---- | C] (Garmin, Ltd.) -- C:\Users\Buddy\SetupHUN.dll
[2011/03/16 00:01:23 | 001,316,128 | ---- | C] (Garmin, Ltd.) -- C:\Users\Buddy\SetupHRV.dll
[2011/03/16 00:01:23 | 001,316,128 | ---- | C] (Garmin, Ltd.) -- C:\Users\Buddy\SetupFRA.dll
[2011/03/16 00:01:23 | 001,316,128 | ---- | C] (Garmin, Ltd.) -- C:\Users\Buddy\SetupELL.dll
[2011/03/16 00:01:23 | 001,312,032 | ---- | C] (Garmin, Ltd.) -- C:\Users\Buddy\SetupTRK.dll
[2011/03/16 00:01:23 | 001,312,032 | ---- | C] (Garmin, Ltd.) -- C:\Users\Buddy\SetupSVE.dll
[2011/03/16 00:01:23 | 001,312,032 | ---- | C] (Garmin, Ltd.) -- C:\Users\Buddy\SetupRUS.dll
[2011/03/16 00:01:23 | 001,312,032 | ---- | C] (Garmin, Ltd.) -- C:\Users\Buddy\SetupPTG.dll
[2011/03/16 00:01:23 | 001,312,032 | ---- | C] (Garmin, Ltd.) -- C:\Users\Buddy\SetupPTB.dll
[2011/03/16 00:01:23 | 001,312,032 | ---- | C] (Garmin, Ltd.) -- C:\Users\Buddy\SetupNOR.dll
[2011/03/16 00:01:23 | 001,312,032 | ---- | C] (Garmin, Ltd.) -- C:\Users\Buddy\SetupNLD.dll
[2011/03/16 00:01:23 | 001,312,032 | ---- | C] (Garmin, Ltd.) -- C:\Users\Buddy\SetupLOC.dll
[2011/03/16 00:01:23 | 001,312,032 | ---- | C] (Garmin, Ltd.) -- C:\Users\Buddy\SetupKOR.dll
[2011/03/16 00:01:23 | 001,312,032 | ---- | C] (Garmin, Ltd.) -- C:\Users\Buddy\SetupJPN.dll
[2011/03/16 00:01:23 | 001,312,032 | ---- | C] (Garmin, Ltd.) -- C:\Users\Buddy\SetupFIN.dll
[2011/03/16 00:01:23 | 001,312,032 | ---- | C] (Garmin, Ltd.) -- C:\Users\Buddy\SetupESP.dll
[2011/03/16 00:01:23 | 001,312,032 | ---- | C] (Garmin, Ltd.) -- C:\Users\Buddy\SetupENU.dll
[2011/03/16 00:01:23 | 001,312,032 | ---- | C] (Garmin, Ltd.) -- C:\Users\Buddy\SetupDAN.dll
[2011/03/16 00:01:23 | 001,312,032 | ---- | C] (Garmin, Ltd.) -- C:\Users\Buddy\SetupCSY.dll
[2011/03/16 00:01:23 | 001,312,032 | ---- | C] (Garmin, Ltd.) -- C:\Users\Buddy\SetupCHT.dll
[2011/03/16 00:01:23 | 001,312,032 | ---- | C] (Garmin, Ltd.) -- C:\Users\Buddy\SetupCHS.dll
[2011/03/16 00:01:23 | 000,000,000 | ---D | C] -- C:\Users\Buddy\USB_Drivers
[2011/03/16 00:01:23 | 000,000,000 | ---D | C] -- C:\Users\Buddy\EULA
[2011/03/15 22:34:06 | 060,468,584 | ---- | C] (Garmin International) -- C:\Users\Buddy\MapSource_6157.exe
[2011/03/15 22:24:08 | 000,000,000 | ---D | C] -- C:\Users\Buddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Garmin
[2011/03/15 21:27:22 | 008,797,032 | ---- | C] (GARMIN Corp.) -- C:\Users\Buddy\MapInstall (1).exe
[2011/03/15 17:50:27 | 000,000,000 | ---D | C] -- C:\Users\Buddy\Documents\My Downloads
[2011/03/15 17:50:27 | 000,000,000 | ---D | C] -- C:\Users\Buddy\AppData\Roaming\FinalTorrent
[2011/03/15 17:48:39 | 000,000,000 | ---D | C] -- C:\Program Files\File Type Assistant
[2011/03/15 17:48:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalTorrent
[2011/03/15 17:48:32 | 000,000,000 | ---D | C] -- C:\Program Files\FinalTorrent
[2011/03/15 17:48:11 | 000,000,000 | ---D | C] -- C:\Program Files\Free Offers from Freeze.com
[2011/03/15 04:26:01 | 000,000,000 | ---D | C] -- C:\Users\Buddy\Documents\My Garmin
[2011/03/15 04:26:00 | 000,000,000 | ---D | C] -- C:\Users\Buddy\AppData\Roaming\GARMIN
[2011/03/14 22:43:19 | 000,000,000 | ---D | C] -- C:\Users\Buddy\All pix from Kodak Easyshare
[2011/03/12 01:49:10 | 000,017,536 | ---- | C] (GARMIN Corp.) -- C:\Windows\System32\drivers\grmn0200.sys
[2011/03/12 01:49:10 | 000,016,512 | ---- | C] (GARMIN Corp.) -- C:\Windows\System32\drivers\grmn0400.sys
[2011/03/12 01:49:10 | 000,011,776 | ---- | C] (GARMIN Corp.) -- C:\Windows\System32\drivers\grmn1200.sys
[2011/03/10 12:27:50 | 001,377,112 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Buddy\Documents\TDSSKiller.exe
[2011/03/08 02:41:49 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Safe Web Lite
[2011/03/08 02:35:43 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/03/08 02:32:44 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2011/03/07 23:21:59 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2011/03/07 22:55:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
[2011/03/07 22:51:08 | 000,000,000 | ---D | C] -- C:\ProgramData\GARMIN
[2011/03/07 22:51:08 | 000,000,000 | ---D | C] -- C:\Program Files\Garmin
[2011/03/07 22:51:06 | 000,000,000 | ---D | C] -- C:\Garmin
[2011/03/07 22:51:05 | 000,000,000 | ---D | C] -- C:\MapSource
[2011/03/07 02:27:03 | 000,000,000 | ---D | C] -- C:\Users\Buddy\Documents\Usenet.nl
[1 C:\Users\Buddy\Documents\*.tmp files -> C:\Users\Buddy\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/03/27 22:54:26 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Buddy\Desktop\OTL.exe
[2011/03/27 22:42:21 | 001,263,721 | ---- | M] () -- C:\Users\Buddy\Desktop\tdsskiller.zip
[2011/03/27 22:38:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/03/27 22:38:27 | 268,435,456 | -HS- | M] () -- C:\Windows\System32\temppf.sys
[2011/03/27 22:24:43 | 004,303,772 | R--- | M] () -- C:\Users\Buddy\Desktop\broni.exe
[2011/03/27 22:17:27 | 000,016,968 | ---- | M] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2011/03/27 21:20:15 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/03/27 19:12:33 | 000,001,762 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/03/27 19:04:56 | 000,000,892 | ---- | M] () -- C:\Users\Buddy\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/03/27 19:04:56 | 000,000,868 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/27 15:50:45 | 000,001,356 | ---- | M] () -- C:\Users\Buddy\AppData\Local\d3d9caps.dat
[2011/03/27 15:45:48 | 000,001,791 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/03/27 15:45:47 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/03/27 14:49:53 | 000,301,568 | ---- | M] () -- C:\Users\Buddy\Desktop\ib1n4w5o.exe
[2011/03/27 14:41:48 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Buddy\Desktop\TFC.exe
[2011/03/27 02:47:51 | 000,000,875 | ---- | M] () -- C:\Users\Buddy\Application Data\Microsoft\Internet Explorer\Quick Launch\RegistryBooster.lnk
[2011/03/27 02:47:51 | 000,000,851 | ---- | M] () -- C:\Users\Public\Desktop\RegistryBooster.lnk
[2011/03/27 02:47:30 | 000,000,694 | ---- | M] () -- C:\Users\Buddy\Desktop\SIW.lnk
[2011/03/26 18:42:52 | 000,028,886 | ---- | M] () -- C:\Users\Buddy\Desktop\miss-piggy.jpg
[2011/03/26 16:54:36 | 000,034,560 | ---- | M] () -- C:\Windows\System32\drivers\Normandy.sys
[2011/03/26 16:20:36 | 000,133,632 | ---- | M] () -- C:\Users\Buddy\Desktop\RKUnhookerLE.EXE
[2011/03/26 16:19:50 | 000,625,664 | ---- | M] () -- C:\Users\Buddy\Desktop\dds.scr
[2011/03/26 16:19:10 | 000,050,477 | ---- | M] () -- C:\Users\Buddy\Desktop\Defogger.exe
[2011/03/25 17:05:29 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/03/25 17:05:29 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/03/25 17:04:34 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe
[2011/03/25 17:04:34 | 000,003,234 | ---- | M] () -- C:\Windows\System32\.crusader
[2011/03/25 16:55:04 | 000,001,747 | ---- | M] () -- C:\Users\Public\Desktop\Hitman Pro 3.5.lnk
[2011/03/25 16:38:49 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/25 16:38:46 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\Free File Viewer Update Checker.job
[2011/03/25 16:38:46 | 000,000,368 | ---- | M] () -- C:\Windows\tasks\FinalTorrent Update Checker.job
[2011/03/25 16:12:19 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2011/03/24 15:08:08 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/24 01:01:58 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/03/24 01:01:58 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/03/23 23:44:27 | 000,022,016 | ---- | M] () -- C:\Users\Buddy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/23 23:24:07 | 000,002,193 | ---- | M] () -- C:\Users\Public\Desktop\File Type Mechanic.lnk
[2011/03/23 20:35:03 | 000,000,714 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2011/03/22 22:43:46 | 274,328,611 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/03/22 22:27:58 | 000,002,177 | -H-- | M] () -- C:\Users\Buddy\Documents\.picasa.ini
[2011/03/22 22:26:55 | 000,150,475 | ---- | M] () -- C:\Users\Buddy\Documents\cp affidavit.jpg
[2011/03/22 20:56:20 | 000,129,378 | ---- | M] () -- C:\Users\Buddy\Documents\child **** affidavit.jpg
[2011/03/22 18:28:57 | 000,006,637 | ---- | M] () -- C:\Users\Buddy\Documents\Pi Red and Blue.jpg
[2011/03/22 18:27:51 | 000,004,886 | ---- | M] () -- C:\Users\Buddy\Documents\Pi Red.jpg
[2011/03/21 02:15:55 | 000,020,278 | ---- | M] () -- C:\Users\Buddy\Documents\keychain5.jpg
[2011/03/21 02:09:56 | 000,011,781 | ---- | M] () -- C:\Users\Buddy\Documents\keychain4.jpg
[2011/03/21 02:08:34 | 000,015,464 | ---- | M] () -- C:\Users\Buddy\Documents\keychain3.jpg
[2011/03/21 02:07:08 | 000,016,383 | ---- | M] () -- C:\Users\Buddy\Documents\keychain2.jpg
[2011/03/21 02:05:23 | 000,018,209 | ---- | M] () -- C:\Users\Buddy\Documents\keychain.jpg
[2011/03/17 18:13:18 | 000,001,933 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/03/17 01:50:26 | 000,044,443 | ---- | M] () -- C:\Users\Buddy\Documents\2011 bracket picks sample.jpg
[2011/03/16 16:32:43 | 000,000,862 | ---- | M] () -- C:\Users\Buddy\Application Data\Microsoft\Internet Explorer\Quick Launch\FreeFileViewer.lnk
[2011/03/16 16:32:43 | 000,000,838 | ---- | M] () -- C:\Users\Buddy\FreeFileViewer.lnk
[2011/03/16 16:26:37 | 001,261,034 | ---- | M] () -- C:\Users\Buddy\Documents\OUR COMPUTER ALL DETAILS NEEDED.nfo
[2011/03/16 16:04:32 | 000,001,733 | ---- | M] () -- C:\Users\Public\Desktop\VIRUSfighter.lnk
[2011/03/15 21:43:17 | 060,468,584 | ---- | M] (Garmin International) -- C:\Users\Buddy\MapSource_6157.exe
[2011/03/15 17:48:33 | 000,000,838 | ---- | M] () -- C:\Users\Buddy\Application Data\Microsoft\Internet Explorer\Quick Launch\FinalTorrent.lnk
[2011/03/10 12:27:50 | 001,377,112 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Buddy\Documents\TDSSKiller.exe
[2011/03/10 02:43:53 | 000,001,000 | -H-- | M] () -- C:\Users\Buddy\.picasa.ini
[2011/02/25 23:53:05 | 000,064,279 | ---- | M] () -- C:\Users\Buddy\Documents\Cd found in BJD room-Hailey Dunn.jpg
[1 C:\Users\Buddy\Documents\*.tmp files -> C:\Users\Buddy\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/03/27 22:24:43 | 004,303,772 | R--- | C] () -- C:\Users\Buddy\Desktop\broni.exe
[2011/03/27 21:09:14 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/03/27 21:09:14 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/03/27 21:09:14 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/03/27 21:09:14 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/03/27 21:09:14 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/03/27 19:12:33 | 000,001,762 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/03/27 19:04:56 | 000,000,892 | ---- | C] () -- C:\Users\Buddy\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/03/27 15:45:48 | 000,001,791 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/03/27 14:49:53 | 000,301,568 | ---- | C] () -- C:\Users\Buddy\Desktop\ib1n4w5o.exe
[2011/03/27 14:44:14 | 000,000,868 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/27 02:47:51 | 000,000,875 | ---- | C] () -- C:\Users\Buddy\Application Data\Microsoft\Internet Explorer\Quick Launch\RegistryBooster.lnk
[2011/03/27 02:47:51 | 000,000,851 | ---- | C] () -- C:\Users\Public\Desktop\RegistryBooster.lnk
[2011/03/27 02:47:30 | 000,000,694 | ---- | C] () -- C:\Users\Buddy\Desktop\SIW.lnk
[2011/03/26 18:43:59 | 000,028,886 | ---- | C] () -- C:\Users\Buddy\Desktop\miss-piggy.jpg
[2011/03/26 16:35:19 | 000,034,560 | ---- | C] () -- C:\Windows\System32\drivers\Normandy.sys
[2011/03/26 16:20:34 | 000,133,632 | ---- | C] () -- C:\Users\Buddy\Desktop\RKUnhookerLE.EXE
[2011/03/26 16:19:47 | 000,625,664 | ---- | C] () -- C:\Users\Buddy\Desktop\dds.scr
[2011/03/26 16:19:10 | 000,050,477 | ---- | C] () -- C:\Users\Buddy\Desktop\Defogger.exe
[2011/03/25 17:06:38 | 268,435,456 | -HS- | C] () -- C:\Windows\System32\temppf.sys
[2011/03/25 17:04:34 | 000,003,234 | ---- | C] () -- C:\Windows\System32\.crusader
[2011/03/25 16:55:06 | 000,016,968 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2011/03/25 16:55:04 | 000,001,747 | ---- | C] () -- C:\Users\Public\Desktop\Hitman Pro 3.5.lnk
[2011/03/25 15:40:06 | 001,263,721 | ---- | C] () -- C:\Users\Buddy\Desktop\tdsskiller.zip
[2011/03/23 23:24:07 | 000,002,193 | ---- | C] () -- C:\Users\Public\Desktop\File Type Mechanic.lnk
[2011/03/23 20:33:51 | 000,000,714 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2011/03/22 22:26:55 | 000,150,475 | ---- | C] () -- C:\Users\Buddy\Documents\cp affidavit.jpg
[2011/03/22 20:56:20 | 000,129,378 | ---- | C] () -- C:\Users\Buddy\Documents\child **** affidavit.jpg
[2011/03/22 18:28:57 | 000,006,637 | ---- | C] () -- C:\Users\Buddy\Documents\Pi Red and Blue.jpg
[2011/03/22 18:27:51 | 000,004,886 | ---- | C] () -- C:\Users\Buddy\Documents\Pi Red.jpg
[2011/03/21 02:11:48 | 000,020,278 | ---- | C] () -- C:\Users\Buddy\Documents\keychain5.jpg
[2011/03/21 02:09:56 | 000,011,781 | ---- | C] () -- C:\Users\Buddy\Documents\keychain4.jpg
[2011/03/21 02:08:34 | 000,015,464 | ---- | C] () -- C:\Users\Buddy\Documents\keychain3.jpg
[2011/03/21 02:07:08 | 000,016,383 | ---- | C] () -- C:\Users\Buddy\Documents\keychain2.jpg
[2011/03/21 02:05:23 | 000,018,209 | ---- | C] () -- C:\Users\Buddy\Documents\keychain.jpg
[2011/03/19 14:55:03 | 000,001,750 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
[2011/03/17 01:50:26 | 000,044,443 | ---- | C] () -- C:\Users\Buddy\Documents\2011 bracket picks sample.jpg
[2011/03/16 16:32:52 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\Free File Viewer Update Checker.job
[2011/03/16 16:32:43 | 000,000,862 | ---- | C] () -- C:\Users\Buddy\Application Data\Microsoft\Internet Explorer\Quick Launch\FreeFileViewer.lnk
[2011/03/16 16:32:43 | 000,000,838 | ---- | C] () -- C:\Users\Buddy\FreeFileViewer.lnk
[2011/03/16 16:26:37 | 001,261,034 | ---- | C] () -- C:\Users\Buddy\Documents\OUR COMPUTER ALL DETAILS NEEDED.nfo
[2011/03/16 16:04:32 | 000,001,733 | ---- | C] () -- C:\Users\Public\Desktop\VIRUSfighter.lnk
[2011/03/16 00:01:22 | 000,404,480 | ---- | C] () -- C:\Users\Buddy\MSMAIN.msi
[2011/03/16 00:01:19 | 059,892,560 | ---- | C] () -- C:\Users\Buddy\Disk1.cab
[2011/03/15 17:48:36 | 000,000,368 | ---- | C] () -- C:\Windows\tasks\FinalTorrent Update Checker.job
[2011/03/15 17:48:33 | 000,000,838 | ---- | C] () -- C:\Users\Buddy\Application Data\Microsoft\Internet Explorer\Quick Launch\FinalTorrent.lnk
[2011/03/15 05:15:44 | 921,583,616 | ---- | C] () -- C:\Users\Buddy\gmapprom1.img
[2011/02/25 23:53:04 | 000,064,279 | ---- | C] () -- C:\Users\Buddy\Documents\Cd found in BJD room-Hailey Dunn.jpg
[2011/02/13 19:06:08 | 000,011,752 | ---- | C] () -- C:\ProgramData\791-1.JPG
[2010/12/24 07:45:10 | 000,010,264 | ---- | C] () -- C:\Windows\System32\drivers\avfsfilter.sys
[2010/12/21 22:51:36 | 000,022,016 | ---- | C] () -- C:\Users\Buddy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/18 04:59:14 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2010/12/17 01:46:59 | 000,001,356 | ---- | C] () -- C:\Users\Buddy\AppData\Local\d3d9caps.dat
[2010/12/13 03:14:46 | 000,000,082 | ---- | C] () -- C:\Users\Buddy\AppData\Roaming\wklnhst.dat
[2010/12/07 05:12:22 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/12/07 05:12:22 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010/12/06 04:17:55 | 000,001,940 | ---- | C] () -- C:\Users\Buddy\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/12/06 02:20:57 | 000,005,115 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini
[2010/12/06 01:30:01 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/12/03 04:11:01 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008/08/08 05:27:45 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/08/08 05:27:40 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/08/08 05:27:40 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/08/08 05:27:40 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/08/08 05:27:40 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/08/08 05:27:40 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,297,920 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,604,502 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,104,170 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

========== LOP Check ==========

[2011/03/16 18:30:47 | 000,000,000 | ---D | M] -- C:\Users\Alternate Admn\AppData\Roaming\Fighters
[2011/03/16 19:35:25 | 000,000,000 | ---D | M] -- C:\Users\Alternate Admn\AppData\Roaming\Usenet.nl
[2011/03/27 15:18:09 | 000,000,000 | ---D | M] -- C:\Users\Buddy\AppData\Roaming\Fighters
[2011/03/16 16:02:31 | 000,000,000 | ---D | M] -- C:\Users\Buddy\AppData\Roaming\FinalTorrent
[2011/03/16 20:07:22 | 000,000,000 | ---D | M] -- C:\Users\Buddy\AppData\Roaming\FreeFileViewer
[2011/03/15 04:27:31 | 000,000,000 | ---D | M] -- C:\Users\Buddy\AppData\Roaming\GARMIN
[2011/03/20 15:52:52 | 000,000,000 | ---D | M] -- C:\Users\Buddy\AppData\Roaming\Missing-Hailey Dunn
[2011/03/27 02:47:30 | 000,000,000 | ---D | M] -- C:\Users\Buddy\AppData\Roaming\OpenCandy
[2010/12/07 03:06:35 | 000,000,000 | ---D | M] -- C:\Users\Buddy\AppData\Roaming\Permanence
[2011/01/31 22:44:35 | 000,000,000 | ---D | M] -- C:\Users\Buddy\AppData\Roaming\Pixel Studio Pro
[2010/12/16 15:30:56 | 000,000,000 | ---D | M] -- C:\Users\Buddy\AppData\Roaming\Softinterface, Inc
[2010/12/13 03:14:48 | 000,000,000 | ---D | M] -- C:\Users\Buddy\AppData\Roaming\Template
[2011/03/27 02:47:55 | 000,000,000 | ---D | M] -- C:\Users\Buddy\AppData\Roaming\Uniblue
[2011/03/25 15:56:17 | 000,000,000 | ---D | M] -- C:\Users\Buddy\AppData\Roaming\uTorrent
[2011/03/25 16:38:46 | 000,000,368 | ---- | M] () -- C:\Windows\Tasks\FinalTorrent Update Checker.job
[2011/03/25 16:38:46 | 000,000,378 | ---- | M] () -- C:\Windows\Tasks\Free File Viewer Update Checker.job
[2011/03/25 17:05:28 | 000,028,004 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< >

< >

< %SYSTEMDRIVE%\*.* >
[2006/09/18 16:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2008/01/20 21:24:42 | 000,333,203 | RHS- | M] () -- C:\bootmgr
[2008/08/08 05:30:30 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2008/08/09 01:33:00 | 000,000,090 | ---- | M] () -- C:\cds.log
[2006/09/18 16:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2008/08/09 01:32:01 | 000,000,165 | ---- | M] () -- C:\Labelprint.log
[2011/03/25 16:11:56 | 3524,988,928 | -HS- | M] () -- C:\pagefile.sys
[2011/03/27 22:26:09 | 000,000,477 | ---- | M] () -- C:\rkill.log
[2011/03/25 20:44:50 | 000,118,250 | ---- | M] () -- C:\TDSSKiller.2.4.21.0_25.03.2011_20.36.16_log.txt
[2011/03/27 22:53:46 | 000,059,622 | ---- | M] () -- C:\TDSSKiller.2.4.21.0_27.03.2011_22.44.24_log.txt

< %systemroot%\Fonts\*.com >
[2006/11/02 07:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 07:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 07:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 07:37:12 | 000,030,808 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/18 16:37:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2006/11/02 07:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 21:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2011/02/23 09:04:21 | 000,040,648 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2008/01/20 21:43:21 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2008/01/20 22:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/20 22:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/20 22:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 05:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 05:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/12/24 04:04:55 | 000,000,286 | -HS- | M] () -- C:\Users\Buddy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2011/03/27 22:24:43 | 004,303,772 | R--- | M] () -- C:\Users\Buddy\Desktop\broni.exe
[2011/03/26 16:19:10 | 000,050,477 | ---- | M] () -- C:\Users\Buddy\Desktop\Defogger.exe
[2011/03/27 14:49:53 | 000,301,568 | ---- | M] () -- C:\Users\Buddy\Desktop\ib1n4w5o.exe
[2011/03/27 22:54:26 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Buddy\Desktop\OTL.exe
[2011/03/26 16:20:36 | 000,133,632 | ---- | M] () -- C:\Users\Buddy\Desktop\RKUnhookerLE.EXE
[2011/03/27 14:41:48 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Buddy\Desktop\TFC.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >
[2010/01/26 14:18:26 | 008,797,032 | ---- | M] (GARMIN Corp.) -- C:\Users\Buddy\MapInstall (1).exe
[2010/01/26 14:18:26 | 008,797,032 | ---- | M] (GARMIN Corp.) -- C:\Users\Buddy\MapInstall.exe
[2010/01/24 22:26:44 | 011,888,488 | ---- | M] (GARMIN Corp.) -- C:\Users\Buddy\MapSource (1).exe
[2010/01/24 22:26:44 | 011,888,488 | ---- | M] (GARMIN Corp.) -- C:\Users\Buddy\MapSource.exe
[2011/03/15 21:43:17 | 060,468,584 | ---- | M] (Garmin International) -- C:\Users\Buddy\MapSource_6157.exe

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2010/12/03 04:05:23 | 000,000,402 | -HS- | M] () -- C:\Users\Buddy\Favorites\desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2011/02/13 19:05:33 | 000,011,752 | ---- | M] () -- C:\ProgramData\791-1.JPG
[2010/12/06 02:20:57 | 000,005,115 | ---- | M] () -- C:\ProgramData\N360BUOptions.ini

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< MD5 for: AGP440.SYS >
[2008/01/20 21:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/20 21:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/20 21:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/20 21:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 04:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 01:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\bcfed137e95e2bc1b83ef80262a82b16\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/20 21:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008/01/20 21:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/20 21:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 04:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: EXPLORER.EXE >
[2008/10/29 01:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe
[2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 22:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SoftwareDistribution\Download\bcfed137e95e2bc1b83ef80262a82b16\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/27 21:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/20 21:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: IASTORV.SYS >
[2008/01/20 21:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/20 21:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/20 21:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/04/11 01:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\bcfed137e95e2bc1b83ef80262a82b16\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/20 21:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008/01/20 21:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/20 21:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/20 21:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/20 21:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/20 21:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008/01/20 21:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 01:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\bcfed137e95e2bc1b83ef80262a82b16\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: USERINIT.EXE >
[2008/01/20 21:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/20 21:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< End of report >

 

OTL Extras logfile created on: 3/27/2011 10:55:19 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Buddy\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 86.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 93.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.88 Gb Total Space | 133.58 Gb Free Space | 59.93% Space Free | Partition Type: NTFS

Computer Name: BUDDY-PC | User Name: Buddy | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1328857917-3039519800-2467850559-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1 ",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1 "
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\Trusted Software\File Type Mechanic\FileTypeMechanicManager.exe -scanunknown "%1" (Trusted Software)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [scan_with_VIRUSfighter] -- C:\Program Files\Fighters\VIRUSfighter\vfproTray.exe /scan "%1" (SPAMfighter)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{113B36B4-2E39-4AF0-BE0E-11F2BB19FF27}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1F9388D3-BEBE-45D3-BC4E-BFE754251C57}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3A294241-6156-437E-8B55-B7A48E394191}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{503863C0-809C-4313-AC51-6A2E955907BE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{51D20135-5594-479B-BDB3-BF39009B5476}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5805B989-B390-4B09-8357-B93ACB2EBB6E}" = lport=139 | protocol=6 | dir=in | app=system |
"{6B0503CB-F980-4A9A-8625-B59F3512E74C}" = lport=138 | protocol=17 | dir=in | app=system |
"{741F8E3B-2947-440A-919B-5CAD7F73BEB7}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{84B9C6F5-8BCF-42A9-BE10-20D92E84359F}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{96838E9A-7A55-4523-BD08-92174731EB57}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B6FD7781-F9C0-4D7C-B057-9A9DA3E2BC27}" = rport=445 | protocol=6 | dir=out | app=system |
"{BDCB73F2-771A-4582-A646-C552199565FB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{BE46067F-2E6B-4844-8096-0B7C111D6E2B}" = lport=137 | protocol=17 | dir=in | app=system |
"{D0C21D5C-D172-48C1-97CB-F57B812F6FE9}" = lport=445 | protocol=6 | dir=in | app=system |
"{D1F8CB66-E6AC-43EF-BCBC-C561DE150C5F}" = rport=137 | protocol=17 | dir=out | app=system |
"{DA4E0A32-EDE2-4B14-BA13-26E3B235397D}" = rport=138 | protocol=17 | dir=out | app=system |
"{E522F7FD-6F17-455E-9954-BC6FCA71AB86}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E6C3202F-5292-4A70-88F6-8098ED548E62}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F7772AB7-7C69-4C6C-84D6-0A864D1E52D8}" = rport=139 | protocol=6 | dir=out | app=system |
"{FEA97726-68E6-4FDF-A966-0E7D96D77BFB}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D10A641-3114-40E2-9E77-CEE37A997E44}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{135C77D3-DB28-4137-A64E-ECDD9C3B6FAE}" = dir=in | app=c:\program files\finaltorrent\ftcheckforupdates.exe |
"{28B5AA4E-9704-4CBB-B5D1-F70BFA43AE47}" = dir=in | app=c:\program files\freefileviewer\ffvcheckforupdates.exe |
"{2FDCC924-AB3A-4EF9-A7CD-FA480D0CE962}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{44109248-604D-4A79-B12A-318C74CC7CC2}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{4EC53414-F932-4D8A-B8E3-82276DFF1F8F}" = dir=in | app=c:\program files\finaltorrent\finaltorrent.exe |
"{63CFFE2A-F1DB-450A-93D0-98824FBF1B28}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{6A98D708-9407-42D4-A1E3-CA83CE748350}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{6B0CF78F-7FFB-4B63-A1D6-2A0A1D5A7093}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{6F32AA0E-9A0C-4746-8006-B4D64C2CE848}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{74DF7772-4F5F-4B9D-9ACB-6E588F57B836}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{76F4FD6A-C65E-4EC8-8DDC-82B45A94CDC1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{7A9F3C8D-1994-4CAD-A07A-733D7CFA81BE}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{7F859D29-1E07-40A6-87BB-1F4E6E428AEC}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe |
"{8CE2CCEB-2280-4020-85C0-83EADCD080B1}" = dir=in | app=c:\program files\finaltorrent\finaltorrent.exe |
"{8DFD0C16-7110-4870-8C2A-77433A7ACD02}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{98512FC1-EDC6-4D42-A306-C9F78507DE36}" = dir=in | app=c:\program files\freefileviewer\ffvcheckforupdates.exe |
"{9FF85D59-1F5F-4272-932C-9C7C7CA8A303}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A63FECBD-94F4-4CD0-B6EF-E29C85CB89F5}" = dir=in | app=c:\program files\freefileviewer\ffvcheckforupdates.exe |
"{C05AD4E5-C6DB-4C90-8A28-5B6C3846717C}" = dir=in | app=c:\program files\freefileviewer\ffvcheckforupdates.exe |
"{DA086E27-0EA1-491C-A3E8-D1C8453D44BC}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{EB12C67E-F41E-4241-9158-33FE8486330C}" = dir=in | app=c:\program files\finaltorrent\ftcheckforupdates.exe |
"{EF22C3E4-CF85-4B0F-B32A-849AA80173DC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"TCP Query User{1484B90F-6CB6-4756-8B4B-37CB5AA6A85A}C:\program files\permanence\siriusxmstreamer\siriusxmstreamer.exe" = protocol=6 | dir=in | app=c:\program files\permanence\siriusxmstreamer\siriusxmstreamer.exe |
"TCP Query User{636182EB-0D30-4603-8FB6-392E225133FA}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{FFE667C3-053D-44A6-9747-DE2DA3A497A4}C:\program files\permanence\siriusxmstreamer\siriusxmstreamer.exe" = protocol=6 | dir=in | app=c:\program files\permanence\siriusxmstreamer\siriusxmstreamer.exe |
"UDP Query User{09299B22-C875-40FE-9C14-FE3C4E80ABDD}C:\program files\permanence\siriusxmstreamer\siriusxmstreamer.exe" = protocol=17 | dir=in | app=c:\program files\permanence\siriusxmstreamer\siriusxmstreamer.exe |
"UDP Query User{9F8ACE1B-D258-4174-B983-D2648F330C41}C:\program files\permanence\siriusxmstreamer\siriusxmstreamer.exe" = protocol=17 | dir=in | app=c:\program files\permanence\siriusxmstreamer\siriusxmstreamer.exe |
"UDP Query User{A94A5F98-EB09-4E1D-A5E1-654DE69E68E4}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07D8511D-C9FE-4A93-933F-EAA5C8F20095}" = IDT Audio
"{12A3AF78-CBB5-484B-AE87-927C4DE6B9A8}" = Garmin City Navigator North America NT 2011.10 Update
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19479256-01B0-4D71-8AB2-9FBD40597777}" = Master Uneraser
"{1BA87CE4-F5B4-43B4-AD67-19F3F0FE98A8}" = SiriusXMStreamer
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 24
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{39098402-3F7A-4257-A4AE-FC1181D1B40B}" = Camera Assistant Software for Gateway
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{5F00DF7E-418B-4CD9-8EC5-781156BCC49E}" = Microsoft Money Shared Libraries
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Gateway Recovery Management
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{A0222F6E-7785-46A0-AE9B-3D2D1ACF84C5}" = VIRUSfighter
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9C89180-E3B6-4451-A788-0BDC8A5EF34A}_is1" = Hailey Dunn Seeker
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C0}" = WinZip 15.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D17111CB-C992-42A9-9D56-C19395102AAA}" = Garmin WebUpdater
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EA6EB7D0-C920-4434-B43D-0DDD0AF8F497}" = Garmin MapSource
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{FAE36873-1941-4076-A9A5-48812B5EA0B7}" = iTunes
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Trusted Sof~BC5638B8_is1" = File Type Mechanic
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"conduitEngine" = Conduit Engine
"FinalTorrent_is1" = FinalTorrent 2011
"FreeFileViewer_is1" = Free File Viewer 2011
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HitmanPro35" = Hitman Pro 3.5
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Money2007b" = Microsoft Money Essentials
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"NST" = Norton Safe Web Lite
"Picasa 3" = Picasa 3
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Trusted Software Assistant_is1" = File Type Assistant
"uTorrent" = µTorrent
"uTorrentBar Toolbar" = uTorrentBar Toolbar
"VIRUSfighter" = VIRUSfighter
"WildTangent gateway Master Uninstall" = Gateway Games

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1328857917-3039519800-2467850559-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

 

Is it still really bad? Am I any closer to ridding my poor poor computer of this BS?

 

Ok will do.. Thanks so much for the help..I'm an insomniac so I'll stay up til it's all done and then just post what happens.. Answer whenever you can tomorrow..Sleep well!!

And again thanks so much for all your help!