Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Help Please

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Help Please

Unread postby Imaboss12 » January 13th, 2011, 4:22 pm

Internet explorer opens randomly with ads while I'm using firefox.







Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:13:22 PM, on 1/13/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Windows\System32\wpcumi.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Users\Kyle\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: (no name) - {64DE95E5-0A25-4DD9-A472-97BC1D419101} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [CarboniteSetupLite] "C:\Program Files\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=1800
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Metropolis] rundll32.exe C:\Windows\system32\sshnas21.dll,GetHandle
O4 - HKCU\..\Run: [JP595IR86O] C:\Users\Kyle\AppData\Local\Temp\Lll.exe
O4 - Startup: Logitech Touch Mouse Server.lnk = C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: NETGEAR WNA3100 Smart Wizard.lnk = ?
O8 - Extra context menu item: &AIM Toolbar Search - C:\ProgramData\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: dlbc_device - - C:\Windows\system32\dlbccoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate1cac6e08f1acf6b) (gupdate1cac6e08f1acf6b) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WSWNA3100 - Unknown owner - C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10379 bytes
Imaboss12
Active Member
 
Posts: 7
Joined: January 13th, 2011, 4:16 pm
Advertisement
Register to Remove

Re: Help Please

Unread postby askey127 » January 14th, 2011, 4:47 pm

Hi Imaboss12,
Did you anticipate being able to run Vista with no antivirus?

Please do not Remove, Scan, or Install anything unless I ask, until we are through cleaning.
-----------------------------------------------------------
Remove Registry items with HijackThis. Start HijackThis. (Right-click and "Run as administrator" in Vista/Win7)
Click Do System Scan Only. When the Scan is complete, Check the following entries:
(Some of these lines may be missing)
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: (no name) - {64DE95E5-0A25-4DD9-A472-97BC1D419101} - (no file)
O4 - HKCU\..\Run: [Metropolis] rundll32.exe C:\Windows\system32\sshnas21.dll,GetHandle
O4 - HKCU\..\Run: [JP595IR86O] C:\Users\Kyle\AppData\Local\Temp\Lll.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe

Make sure Every other window except HJT is closed (No other tabs showing in the bottom tray), and Click Fix Checked
Click the "X" in the upper right corner of the HiJackThis window to close it.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine
-----------------------------------------------
Download Antivir Free
This program is free for personal, non-business use.
Download AntiVir Free from here : http://www.softpedia.com/get/Antivirus/AntiVir-Personal-Edition.shtml
-----------------------------------------------
Install Antivir
Double Click the Avira Antivir Installer on your desktop (Right click and choose "Run as administrator" in Vista/Win7), and Install the program.
-----------------------------------------------
Update and Scan with Antivir
Right click the red umbrella icon and choose Start Antivir.
When the window comes up click Start Update.
When the update is complete, click on Scan System Now.
This full scan could take a hour or more. Have it fix anything it finds.
-----------------------------------------------
Get Last Avira Report
Right click the red umbrella icon in the system tray and click Start Antivir
In the left pane, click Overview, then click Reports
There wil be reports titled Update and reports titled Scan. Find the most recent report in the list titled Scan
Click on the Report File button, or Right click the report and choose Display Report.
The report contents will come up in Notepad. Highlight the entire report (Ctrl+A) and copy to the clipboard (Ctrl+C).
Paste the contents (Ctrl+V) into your next reply.
-----------------------------------------------------------
Retrieve the List of Installed programs Using HJT
Open HijackThis, click Open The Misc Tools Section. Then scroll down the list if you need to, click Open Uninstall Manager and Save List...
The List of installed programs will automatically be saved as uninstall_list.txt in your HiJackThis folder.
In addition, the list opens in Notepad so you can also save as another name in another location if you wish.
Please paste the contents into your next reply.

So we are looking for the report from Antivir, and the Installed programs list from HiJackThis.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Help Please

Unread postby Imaboss12 » January 15th, 2011, 2:00 pm

Avira AntiVir Personal
Report file date: Saturday, January 15, 2011 10:54

Scanning for 2369745 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows Vista
Windows version : (Service Pack 2) [6.0.6002]
Boot mode : Normally booted
Username : SYSTEM
Computer name : KYLES-PC

Version information:
BUILD.DAT : 10.0.0.609 31824 Bytes 12/13/2010 09:43:00
AVSCAN.EXE : 10.0.3.5 435368 Bytes 12/13/2010 13:39:56
AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/1/2010 17:57:04
LUKE.DLL : 10.0.3.2 104296 Bytes 12/13/2010 13:40:06
LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 04:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 14:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 12/14/2010 15:38:13
VBASE002.VDF : 7.11.0.1 2048 Bytes 12/14/2010 15:38:13
VBASE003.VDF : 7.11.0.2 2048 Bytes 12/14/2010 15:38:13
VBASE004.VDF : 7.11.0.3 2048 Bytes 12/14/2010 15:38:14
VBASE005.VDF : 7.11.0.4 2048 Bytes 12/14/2010 15:38:14
VBASE006.VDF : 7.11.0.5 2048 Bytes 12/14/2010 15:38:14
VBASE007.VDF : 7.11.0.6 2048 Bytes 12/14/2010 15:38:14
VBASE008.VDF : 7.11.0.7 2048 Bytes 12/14/2010 15:38:14
VBASE009.VDF : 7.11.0.8 2048 Bytes 12/14/2010 15:38:14
VBASE010.VDF : 7.11.0.9 2048 Bytes 12/14/2010 15:38:15
VBASE011.VDF : 7.11.0.10 2048 Bytes 12/14/2010 15:38:15
VBASE012.VDF : 7.11.0.11 2048 Bytes 12/14/2010 15:38:15
VBASE013.VDF : 7.11.0.52 128000 Bytes 12/16/2010 15:38:17
VBASE014.VDF : 7.11.0.91 226816 Bytes 12/20/2010 15:38:18
VBASE015.VDF : 7.11.0.122 136192 Bytes 12/21/2010 15:38:19
VBASE016.VDF : 7.11.0.156 122880 Bytes 12/24/2010 15:38:23
VBASE017.VDF : 7.11.0.185 146944 Bytes 12/27/2010 15:38:27
VBASE018.VDF : 7.11.0.228 132608 Bytes 12/30/2010 15:38:30
VBASE019.VDF : 7.11.1.5 148480 Bytes 1/3/2011 15:38:34
VBASE020.VDF : 7.11.1.37 156672 Bytes 1/7/2011 15:38:38
VBASE021.VDF : 7.11.1.65 140800 Bytes 1/10/2011 15:38:44
VBASE022.VDF : 7.11.1.87 225280 Bytes 1/11/2011 15:38:49
VBASE023.VDF : 7.11.1.124 125440 Bytes 1/14/2011 15:38:51
VBASE024.VDF : 7.11.1.125 2048 Bytes 1/14/2011 15:38:52
VBASE025.VDF : 7.11.1.126 2048 Bytes 1/14/2011 15:38:53
VBASE026.VDF : 7.11.1.127 2048 Bytes 1/14/2011 15:38:55
VBASE027.VDF : 7.11.1.128 2048 Bytes 1/14/2011 15:38:56
VBASE028.VDF : 7.11.1.129 2048 Bytes 1/14/2011 15:38:59
VBASE029.VDF : 7.11.1.130 2048 Bytes 1/14/2011 15:38:59
VBASE030.VDF : 7.11.1.131 2048 Bytes 1/14/2011 15:39:00
VBASE031.VDF : 7.11.1.144 41472 Bytes 1/14/2011 15:39:06
Engineversion : 8.2.4.140
AEVDF.DLL : 8.1.2.1 106868 Bytes 12/13/2010 13:39:51
AESCRIPT.DLL : 8.1.3.52 1282426 Bytes 1/15/2011 15:39:52
AESCN.DLL : 8.1.7.2 127349 Bytes 12/13/2010 13:39:50
AESBX.DLL : 8.1.3.2 254324 Bytes 12/13/2010 13:39:50
AERDL.DLL : 8.1.9.2 635252 Bytes 12/13/2010 13:39:50
AEPACK.DLL : 8.2.4.7 512375 Bytes 1/15/2011 15:39:46
AEOFFICE.DLL : 8.1.1.10 201084 Bytes 12/13/2010 13:39:49
AEHEUR.DLL : 8.1.2.64 3154294 Bytes 1/15/2011 15:39:40
AEHELP.DLL : 8.1.16.0 246136 Bytes 12/13/2010 13:39:42
AEGEN.DLL : 8.1.5.1 397683 Bytes 1/15/2011 15:39:13
AEEMU.DLL : 8.1.3.0 393589 Bytes 12/13/2010 13:39:42
AECORE.DLL : 8.1.19.0 196984 Bytes 12/13/2010 13:39:41
AEBB.DLL : 8.1.1.0 53618 Bytes 12/13/2010 13:39:41
AVWINLL.DLL : 10.0.0.0 19304 Bytes 12/13/2010 13:39:56
AVPREF.DLL : 10.0.0.0 44904 Bytes 12/13/2010 13:39:54
AVREP.DLL : 10.0.0.8 62209 Bytes 6/17/2010 19:27:13
AVREG.DLL : 10.0.3.2 53096 Bytes 12/13/2010 13:39:54
AVSCPLR.DLL : 10.0.3.2 84328 Bytes 12/13/2010 13:39:56
AVARKT.DLL : 10.0.22.6 231784 Bytes 12/13/2010 13:39:52
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 12/13/2010 13:39:53
SQLITE3.DLL : 3.6.19.0 355688 Bytes 6/17/2010 19:27:22
AVSMTP.DLL : 10.0.0.17 63848 Bytes 12/13/2010 13:39:56
NETNT.DLL : 10.0.0.0 11624 Bytes 6/17/2010 19:27:21
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1/28/2010 18:10:20
RCTEXT.DLL : 10.0.58.0 97128 Bytes 12/13/2010 13:40:20

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\ProgramData\Avira\AntiVir Desktop\PROFILES\AVSCAN-20110115-104758-801E0C06.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: Saturday, January 15, 2011 10:54

Starting search for hidden objects.
c:\program files\common files\apple\apple application support\distnoted.exe
c:\program files\common files\apple\apple application support\distnoted.exe
[NOTE] The process is not visible.

The scan of running processes will be started
Scan process 'SearchFilterHost.exe' - '32' Module(s) have been scanned
Scan process 'distnoted.exe' - '29' Module(s) have been scanned
Scan process 'AppleMobileDeviceHelper.exe' - '58' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '51' Module(s) have been scanned
Scan process 'taskeng.exe' - '24' Module(s) have been scanned
Scan process 'iTunes.exe' - '154' Module(s) have been scanned
Scan process 'TrustedInstaller.exe' - '56' Module(s) have been scanned
Scan process 'wuauclt.exe' - '34' Module(s) have been scanned
Scan process 'svchost.exe' - '30' Module(s) have been scanned
Scan process 'vssvc.exe' - '49' Module(s) have been scanned
Scan process 'iPodService.exe' - '30' Module(s) have been scanned
Scan process 'avscan.exe' - '81' Module(s) have been scanned
Scan process 'GoogleDesktop.exe' - '48' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '95' Module(s) have been scanned
Scan process 'dpupdchk.exe' - '30' Module(s) have been scanned
Scan process 'unsecapp.exe' - '28' Module(s) have been scanned
Scan process 'iTouch-Server-Win.exe' - '44' Module(s) have been scanned
Scan process 'svchost.exe' - '64' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '35' Module(s) have been scanned
Scan process 'DLG.exe' - '22' Module(s) have been scanned
Scan process 'wmpnscfg.exe' - '29' Module(s) have been scanned
Scan process 'DSAgnt.exe' - '84' Module(s) have been scanned
Scan process 'avgnt.exe' - '49' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '78' Module(s) have been scanned
Scan process 'jusched.exe' - '22' Module(s) have been scanned
Scan process 'wmdSync.exe' - '33' Module(s) have been scanned
Scan process 'wpcumi.exe' - '42' Module(s) have been scanned
Scan process 'DivXUpdate.exe' - '64' Module(s) have been scanned
Scan process 'PDVDDXSrv.exe' - '41' Module(s) have been scanned
Scan process 'ipoint.exe' - '54' Module(s) have been scanned
Scan process 'igfxpers.exe' - '20' Module(s) have been scanned
Scan process 'hkcmd.exe' - '23' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '25' Module(s) have been scanned
Scan process 'RoxMediaDB9.exe' - '39' Module(s) have been scanned
Scan process 'GoogleDesktop.exe' - '86' Module(s) have been scanned
Scan process 'issch.exe' - '12' Module(s) have been scanned
Scan process 'RtHDVCpl.exe' - '50' Module(s) have been scanned
Scan process 'MSASCui.exe' - '39' Module(s) have been scanned
Scan process 'taskeng.exe' - '62' Module(s) have been scanned
Scan process 'Explorer.EXE' - '135' Module(s) have been scanned
Scan process 'Dwm.exe' - '31' Module(s) have been scanned
Scan process 'WLIDSvcM.exe' - '16' Module(s) have been scanned
Scan process 'xaudio.exe' - '14' Module(s) have been scanned
Scan process 'WifiSvc.exe' - '61' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '62' Module(s) have been scanned
Scan process 'WLIDSVC.EXE' - '52' Module(s) have been scanned
Scan process 'svchost.exe' - '9' Module(s) have been scanned
Scan process 'ViewpointService.exe' - '32' Module(s) have been scanned
Scan process 'svchost.exe' - '44' Module(s) have been scanned
Scan process 'SeaPort.exe' - '57' Module(s) have been scanned
Scan process 'avshadow.exe' - '33' Module(s) have been scanned
Scan process 'RoxWatch9.exe' - '58' Module(s) have been scanned
Scan process 'svchost.exe' - '44' Module(s) have been scanned
Scan process 'NIHardwareService.exe' - '26' Module(s) have been scanned
Scan process 'dlbccoms.exe' - '42' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '34' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '49' Module(s) have been scanned
Scan process 'avguard.exe' - '77' Module(s) have been scanned
Scan process 'AERTSrv.exe' - '5' Module(s) have been scanned
Scan process 'svchost.exe' - '62' Module(s) have been scanned
Scan process 'sched.exe' - '56' Module(s) have been scanned
Scan process 'WLANExt.exe' - '44' Module(s) have been scanned
Scan process 'LEXPPS.EXE' - '27' Module(s) have been scanned
Scan process 'spoolsv.exe' - '95' Module(s) have been scanned
Scan process 'LEXBCES.EXE' - '28' Module(s) have been scanned
Scan process 'svchost.exe' - '88' Module(s) have been scanned
Scan process 'svchost.exe' - '83' Module(s) have been scanned
Scan process 'SLsvc.exe' - '23' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'svchost.exe' - '151' Module(s) have been scanned
Scan process 'svchost.exe' - '115' Module(s) have been scanned
Scan process 'svchost.exe' - '87' Module(s) have been scanned
Scan process 'svchost.exe' - '52' Module(s) have been scanned
Scan process 'svchost.exe' - '45' Module(s) have been scanned
Scan process 'svchost.exe' - '44' Module(s) have been scanned
Scan process 'winlogon.exe' - '30' Module(s) have been scanned
Scan process 'lsm.exe' - '32' Module(s) have been scanned
Scan process 'lsass.exe' - '60' Module(s) have been scanned
Scan process 'services.exe' - '37' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '1788' files ).


Starting the file scan:

Begin scan in 'C:\' <OS>
C:\qoobox\Quarantine\C\Windows\kthemup.exe.vir
[DETECTION] Contains recognition pattern of the ADSPY/AdSpy.Gen2 adware or spyware
C:\Users\Eric\AppData\Local\Temp\5.040976253333058E8.exe
[DETECTION] Is the TR/FakeAV.29081 Trojan
C:\Users\Eric\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\37fde905-3d10c7f2
[0] Archive type: ZIP
[DETECTION] Contains recognition pattern of the EXP/Java.CVE-2009-3867.8861 exploit
--> dev/s/AdgredY.class
[DETECTION] Contains recognition pattern of the EXP/Java.CVE-2009-3867.8861 exploit
--> dev/s/DyesyasZ.class
[DETECTION] Contains recognition pattern of the JAVA/ClassLoader.BA Java virus
--> dev/s/LoaderX.class
[DETECTION] Contains recognition pattern of the JAVA/ClassLoader.AB Java virus
C:\Users\Eric\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\5a4f6089-3da006b3
[0] Archive type: ZIP
[DETECTION] Contains recognition pattern of the JAVA/Dldr.Agent.D Java virus
--> Inicio.class
[DETECTION] Contains recognition pattern of the JAVA/Dldr.Agent.D Java virus
C:\Users\Jason\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\39b14411-68ae29df
[DETECTION] Contains recognition pattern of the JAVA/Applet.D Java virus
C:\Users\Kyle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FVBIF7WN\defender_2042-6_gnu8[1].exe
[DETECTION] Is the TR/Fake.xpa.277 Trojan
C:\Users\Kyle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FVBIF7WN\f_7[1].js
[DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus
C:\Users\Kyle\AppData\Local\Temp\Llj.exe
[DETECTION] Is the TR/FraudPack.cmum Trojan
C:\Users\Kyle\AppData\Local\Temp\Llk.exe
[DETECTION] Is the TR/Kazy.80393.2 Trojan
C:\Users\Kyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\50c2ce60-47f0d36f
[0] Archive type: ZIP
[DETECTION] Contains recognition pattern of the JAVA/Exploit.Bytverify.5 Java virus
--> Dnnny.class
[DETECTION] Contains recognition pattern of the JAVA/Exploit.Bytverify.5 Java virus
--> Den.class
[DETECTION] Is the TR/Exploit.Bytverify Trojan
C:\Users\Kyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\e6be6f2-610b5aba
[0] Archive type: ZIP
[DETECTION] Contains recognition pattern of the JAVA/Rowindal.A Java virus
--> C_L3SqduSm_.class
[DETECTION] Contains recognition pattern of the JAVA/Rowindal.A Java virus
--> f_G_ZE.class
[DETECTION] Contains recognition pattern of the JAVA/Remote.B Java virus
--> vJ_bnF.class
[DETECTION] Contains recognition pattern of the JAVA/Agent.abj Java virus
C:\Users\Kyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\2f1849c6-467df7c9
[0] Archive type: ZIP
[DETECTION] Contains recognition pattern of the EXP/Java.CVE-2009-3867.8861 exploit
--> dev/s/AdgredY.class
[DETECTION] Contains recognition pattern of the EXP/Java.CVE-2009-3867.8861 exploit
--> dev/s/DyesyasZ.class
[DETECTION] Contains recognition pattern of the JAVA/ClassLoader.BA Java virus
--> dev/s/LoaderX.class
[DETECTION] Contains recognition pattern of the JAVA/ClassLoader.AB Java virus
Begin scan in 'D:\' <RECOVERY>

Beginning disinfection:
C:\Users\Kyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\2f1849c6-467df7c9
[DETECTION] Contains recognition pattern of the JAVA/ClassLoader.AB Java virus
[NOTE] The file was moved to the quarantine directory under the name '48277a6d.qua'.
C:\Users\Kyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\e6be6f2-610b5aba
[DETECTION] Contains recognition pattern of the JAVA/Agent.abj Java virus
[NOTE] The file was moved to the quarantine directory under the name '5041559a.qua'.
C:\Users\Kyle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\50c2ce60-47f0d36f
[DETECTION] Is the TR/Exploit.Bytverify Trojan
[NOTE] The file was moved to the quarantine directory under the name '02190f74.qua'.
C:\Users\Kyle\AppData\Local\Temp\Llk.exe
[DETECTION] Is the TR/Kazy.80393.2 Trojan
[NOTE] The file was moved to the quarantine directory under the name '642640ea.qua'.
C:\Users\Kyle\AppData\Local\Temp\Llj.exe
[DETECTION] Is the TR/FraudPack.cmum Trojan
[NOTE] The file was moved to the quarantine directory under the name '21a56dd4.qua'.
C:\Users\Kyle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FVBIF7WN\f_7[1].js
[DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus
[NOTE] The file was moved to the quarantine directory under the name '5e4d5fc6.qua'.
C:\Users\Kyle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FVBIF7WN\defender_2042-6_gnu8[1].exe
[DETECTION] Is the TR/Fake.xpa.277 Trojan
[NOTE] The file was moved to the quarantine directory under the name '120a73f6.qua'.
C:\Users\Jason\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\39b14411-68ae29df
[DETECTION] Contains recognition pattern of the JAVA/Applet.D Java virus
[NOTE] The file was moved to the quarantine directory under the name '6e1633f9.qua'.
C:\Users\Eric\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\5a4f6089-3da006b3
[DETECTION] Contains recognition pattern of the JAVA/Dldr.Agent.D Java virus
[NOTE] The file was moved to the quarantine directory under the name '43ba1cec.qua'.
C:\Users\Eric\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\37fde905-3d10c7f2
[DETECTION] Contains recognition pattern of the JAVA/ClassLoader.AB Java virus
[NOTE] The file was moved to the quarantine directory under the name '5a20272c.qua'.
C:\Users\Eric\AppData\Local\Temp\5.040976253333058E8.exe
[DETECTION] Is the TR/FakeAV.29081 Trojan
[NOTE] The file was moved to the quarantine directory under the name '368a0b0b.qua'.
C:\qoobox\Quarantine\C\Windows\kthemup.exe.vir
[DETECTION] Contains recognition pattern of the ADSPY/AdSpy.Gen2 adware or spyware
[NOTE] The file was moved to the quarantine directory under the name '47cb32c4.qua'.


End of the scan: Saturday, January 15, 2011 12:50
Used time: 1:53:31 Hour(s)

The scan has been done completely.

37791 Scanned directories
596420 Files were scanned
19 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
12 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
596401 Files not concerned
2441 Archives were scanned
0 Warnings
12 Notes
619926 Objects were scanned with rootkit scan
1 Hidden objects were found
Imaboss12
Active Member
 
Posts: 7
Joined: January 13th, 2011, 4:16 pm

Re: Help Please

Unread postby Imaboss12 » January 15th, 2011, 2:00 pm

Adobe Acrobat 5.0
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 7.0.8
Adobe Shockwave Player
AIM Toolbar
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AudibleManager
Avira AntiVir Personal - Free Antivirus
AviSynth 2.5
Bonjour
Canon MX860 series MP Drivers
Carbonite Online Backup Setup
CCleaner (remove only)
Conexant D850 PCI V.92 Modem
Dell DataSafe Online
Dell Support Center
Dell System Customization Wizard
DellSupport
Digital Line Detect
DivX Setup
Download Updater (AOL LLC)
Games, Music, & Photos Launcher
Google Chrome
Google Desktop
Google Toolbar for Firefox
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections 12.1.11.0
Intel(R) PRO Network Connections 12.1.11.0
Internet Service Offers Launcher
iPhone Configuration Utility
iTunes
Java(TM) 6 Update 23
Junk Mail filter update
LiveUpdate Notice (Symantec Corporation)
Logitech Touch Mouse Server 1.0
McAfee Security Scan Plus
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft Choice Guard
Microsoft Office Live Add-in 1.5
Microsoft Office Outlook Connector
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
Modem Diagnostic Tool
Mozilla Firefox (3.6.13)
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Native Instruments Controller Editor
Native Instruments Controller Editor
Native Instruments Service Center
Native Instruments Service Center
Native Instruments Traktor
Native Instruments Traktor
NETGEAR WNA3100 wireless USB 2.0 adapter
OGA Notifier 2.0.0048.0
PoiZone
PowerDVD
Product Documentation Launcher
QuickTime
RealPlayer
Realtek High Definition Audio Driver
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler
Roxio MyDVD DE
Roxio Update Manager
Safari
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Sonic Activation Module
Toxic Biohazard
UltraMixer 2.4.3
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
URL Assistant
User's Guides
VC80CRTRedist - 8.0.50727.4053
Viewpoint Media Player
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Media Player Firefox Plugin
WinRAR archiver
Imaboss12
Active Member
 
Posts: 7
Joined: January 13th, 2011, 4:16 pm

Re: Help Please

Unread postby askey127 » January 15th, 2011, 3:06 pm

Imaboss12,
----------------------------- -------------------
Issues with Older Adobe Acrobat Programs
It's possible that PC slowdowns can be caused by one of your older Adobe Acrobat versions trying to update itself.
That program (esp Acrobat 4/5/6) has a buggy updater which can hang at bootup. It can phone home interminably and slow your PC to a crawl.
Anytime after your machine boots and you notice a slowdown, use Ctrl-Alt-Del to bring up task manager.
Click on the Processes tab, and note the names of the process files which are using most of the CPU resources. May be something like Adobeupd.exe
In any case, you should install and use the latest version of the free Acrobat reader to look at web-based PDF files, even if you keep an older Acrobat version for editing.
This will prevent PC infection due to opening a malicious web-based PDF with one of the older, vulnerable, applications.

If you don't use Acrobat 5 for editing or creating pdf files, I would suggest you Uninstall it.

------------------------------------------------
Remove Programs Using Control Panel
From Start, Control Panel, click on Uninstall a program under the Programs heading.
Right click each Entry, as follows, one by one, if it exists, choose Uninstall/Change, and give permission to Continue:
Adobe Reader 7.0.8
Take extra care in answering questions posed by any Uninstaller.
--------------------------------------------------------
Download and Install the newest version of Adobe Reader for reading pdf files, due to the vulnerabilities in earlier versions.
All versions numbered lower than 10.0 are vulnerable.
Go HERE and click on AdbeRdr1000_en_US.exe to download the latest version of Adobe Acrobat Reader.
Save this file to your desktop and run it to install the latest version of Adobe Reader.

After the new Reader is installed, Open Adobe Reader X. (Right click and Run as administrator in Vista/Win7)
OK the license.
Click on Edit and select Preferences.
On the Left, click on the Javascript category and Uncheck Enable Acrobat Javascript.
Click on the Security (Enhanced) category and Uncheck Automatically trust sites from my Win OS security zones.
Click on the Trust Manager category and Uncheck Allow opening of non-PDF file attachments with external applications.
Click the OK button
---------------------------------------------
Run a Scan with OTL
  1. Please download OTL.exe by OldTimer and save it to your desktop.
  2. Right click on OTL.exe and select Run As Administrator to run it. If Windows UAC prompts you, please allow it.
  3. Click on the Run Scan button at the top left hand corner.
  4. OTL will start running. When done, 2 Notepad files will open; OTL.txt and Extras.txt.
    They will be saved on your desktop.
    Please post the contents of these files.
    You may use separate replies if you wish.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Help Please

Unread postby Imaboss12 » January 15th, 2011, 3:57 pm

OTL logfile created on: 1/15/2011 2:43:24 PM - Run 1
OTL by OldTimer - Version 3.2.20.2 Folder = C:\Users\Kyle\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,012.00 Mb Total Physical Memory | 186.00 Mb Available Physical Memory | 18.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 37.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.96 Gb Total Space | 45.50 Gb Free Space | 32.75% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.76 Gb Free Space | 67.60% Space Free | Partition Type: NTFS

Computer Name: KYLES-PC | User Name: Kyle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/01/15 14:32:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kyle\Downloads\OTL.exe
PRC - [2010/12/13 17:16:14 | 009,777,448 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe
PRC - [2010/12/13 08:40:07 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/12/13 08:39:54 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/12/13 08:39:54 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/12/12 14:30:44 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/10/16 00:57:30 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/08/09 23:00:42 | 000,013,088 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
PRC - [2010/07/19 13:56:35 | 000,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2010/03/25 12:22:06 | 003,622,912 | ---- | M] (Native Instruments GmbH) -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
PRC - [2010/03/05 10:32:28 | 001,135,912 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2010/01/12 11:11:24 | 000,278,528 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
PRC - [2009/10/23 16:59:56 | 000,228,352 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe
PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/19 02:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/17 06:22:20 | 004,907,008 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/12/05 05:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTSrv.exe
PRC - [2007/06/08 18:40:58 | 000,128,560 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2007/03/15 12:09:36 | 000,460,784 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\DSAgnt.exe
PRC - [2007/02/07 16:26:52 | 000,538,096 | ---- | M] ( ) -- C:\Windows\System32\dlbccoms.exe
PRC - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/11/03 18:02:14 | 000,050,688 | ---- | M] (Avanquest Software ) -- C:\Program Files\Digital Line Detect\DLG.exe
PRC - [2006/11/02 07:34:44 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe
PRC - [2006/11/02 04:45:59 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe
PRC - [2006/10/03 11:37:04 | 000,081,920 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe


========== Modules (SafeList) ==========

MOD - [2011/01/15 14:32:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kyle\Downloads\OTL.exe
MOD - [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/12/13 08:40:07 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/12/13 08:39:54 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/07/19 13:56:35 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
SRV - [2010/03/25 12:22:06 | 003,622,912 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/01/12 11:11:24 | 000,278,528 | ---- | M] () [Auto | Running] -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe -- (WSWNA3100)
SRV - [2009/09/24 20:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/08/05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/01/19 14:25:53 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/19 02:36:49 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/19 02:36:15 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/12/05 05:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters)
SRV - [2007/03/19 12:44:44 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/02/07 16:26:52 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlbccoms.exe -- (dlbc_device)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)


========== Driver Services (SafeList) ==========

DRV - [2010/12/13 08:40:21 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/12/13 08:40:21 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/06/17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/11/06 08:37:20 | 000,699,896 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcmwlhigh6.sys -- (BCMH43XX)
DRV - [2009/10/20 10:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2009/08/05 22:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2009/04/10 23:46:08 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2009/01/15 09:15:26 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d) USBCCGP filter driver (dc3d)
DRV - [2008/02/11 18:36:10 | 002,302,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/01/24 10:06:40 | 002,054,872 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/08/21 03:13:03 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\point32k.sys -- (Point32)
DRV - [2007/08/16 18:32:35 | 000,020,152 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2007/08/16 18:32:35 | 000,019,128 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2007/08/16 18:32:35 | 000,017,592 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/04/29 03:42:24 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2007/04/26 05:41:38 | 000,304,920 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2007/01/19 18:20:54 | 000,021,728 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\scmndisp.sys -- (SCMNdisP)
DRV - [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 04:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 02:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/10/18 13:09:26 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/10/18 13:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/10/18 13:08:04 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/10/05 17:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/04 19:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/07/07 15:41:44 | 000,013,824 | ---- | M] (Webroot Software Inc (www.webroot.com)) [Kernel | Boot | Running] -- C:\Windows\SYSTEM32\Drivers\SSFS041A.SYS -- (SSFS041A)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 30 0A D1 07 9F 86 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Qbyrd"
FF - prefs.js..browser.search.defaultenginename: "AOL Search"
FF - prefs.js..browser.search.defaulturl: "http://aim.search.aol.com/aol/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us&tb_uuid=20100816185430894&tb_oid=12-07-2009&tb_mrud=16-08-2010"
FF - prefs.js..browser.search.order.1: "Qbyrd"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.facebook.com/?ref=hp"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000006
FF - prefs.js..extensions.enabledItems: noia2_option@kk.noia:3.76
FF - prefs.js..extensions.enabledItems: {29c4afe1-db19-4298-8785-fcc94d1d6c1d}:0.6.2009110501
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&invocationType=tb50-ff-aim-ab-en-us&tb_uuid=20100816185430894&tb_oid=12-07-2009&tb_mrud=16-08-2010&query="


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/10 18:10:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/15 14:39:10 | 000,000,000 | ---D | M]

[2009/02/06 10:52:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kyle\AppData\Roaming\Mozilla\Extensions
[2011/01/15 11:11:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kyle\AppData\Roaming\Mozilla\Firefox\Profiles\ugzkfgjg.default\extensions
[2010/07/06 13:53:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Kyle\AppData\Roaming\Mozilla\Firefox\Profiles\ugzkfgjg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/14 10:07:36 | 000,000,000 | ---D | M] ("Split Browser") -- C:\Users\Kyle\AppData\Roaming\Mozilla\Firefox\Profiles\ugzkfgjg.default\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d}
[2011/01/03 13:32:25 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Kyle\AppData\Roaming\Mozilla\Firefox\Profiles\ugzkfgjg.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/07/06 13:53:52 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Kyle\AppData\Roaming\Mozilla\Firefox\Profiles\ugzkfgjg.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/03/14 07:23:50 | 000,000,000 | ---D | M] (Noia 2.0 (eXtreme)) -- C:\Users\Kyle\AppData\Roaming\Mozilla\Firefox\Profiles\ugzkfgjg.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2011/01/03 13:32:35 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Kyle\AppData\Roaming\Mozilla\Firefox\Profiles\ugzkfgjg.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/04/08 17:14:56 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Kyle\AppData\Roaming\Mozilla\Firefox\Profiles\ugzkfgjg.default\extensions\moveplayer@movenetworks.com
[2010/03/14 07:24:34 | 000,000,000 | ---D | M] (Noia 2.0 eXtreme OPT) -- C:\Users\Kyle\AppData\Roaming\Mozilla\Firefox\Profiles\ugzkfgjg.default\extensions\noia2_option@kk.noia
[2009/07/12 10:18:59 | 000,004,212 | ---- | M] () -- C:\Users\Kyle\AppData\Roaming\Mozilla\Firefox\Profiles\ugzkfgjg.default\searchplugins\aim-search.xml
[2010/08/16 13:54:34 | 000,002,342 | ---- | M] () -- C:\Users\Kyle\AppData\Roaming\Mozilla\Firefox\Profiles\ugzkfgjg.default\searchplugins\aol-search.xml
[2008/11/15 00:33:05 | 000,000,682 | ---- | M] () -- C:\Users\Kyle\AppData\Roaming\Mozilla\Firefox\Profiles\ugzkfgjg.default\searchplugins\ask.xml
[2009/11/27 05:59:47 | 000,002,171 | ---- | M] () -- C:\Users\Kyle\AppData\Roaming\Mozilla\Firefox\Profiles\ugzkfgjg.default\searchplugins\bing.xml
[2010/05/03 15:49:41 | 000,008,818 | ---- | M] () -- C:\Users\Kyle\AppData\Roaming\Mozilla\Firefox\Profiles\ugzkfgjg.default\searchplugins\qbyrd.xml
[2011/01/12 13:59:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2007/09/26 20:29:38 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/05/28 16:08:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/05 15:34:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/22 16:11:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/12 13:59:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2007/09/26 20:29:00 | 000,000,000 | ---D | M] (Mozilla Firefox distributed by RealNetworks) -- C:\Program Files\Mozilla Firefox\extensions\realplayer@partners.mozilla.com
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2008/06/30 22:02:00 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
[2007/07/18 12:19:40 | 002,998,784 | ---- | M] (Tamarack Software, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nptgeqplugin.dll
[2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll

O1 HOSTS File: ([2007/12/01 17:28:33 | 000,000,002 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CarboniteSetupLite] C:\Program Files\Carbonite\CarbonitePreinstaller.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ECenter] c:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - Startup: C:\Users\Kyle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Touch Mouse Server.lnk = C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: &AIM Toolbar Search - C:\ProgramData\AIM Toolbar\ieToolbar\resources\en-US\local\search.html ()
O9 - Extra Button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aol.com ([free] http in Local intranet)
O15 - HKCU\..Trusted Domains: localhost ([]http in Computer)
O15 - HKCU\..Trusted Ranges: GD ([http] in Computer)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Kyle\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Kyle\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{11249955-dba6-11dd-89fe-001c106e4376}\Shell\AutoRun\command - "" = F:\setupSNK.exe
O33 - MountPoints2\{3b9cd93e-4442-11dd-8ec6-001c106e4376}\Shell - "" = AutoRun
O33 - MountPoints2\{3b9cd93e-4442-11dd-8ec6-001c106e4376}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{45b7dcb3-40d3-11de-a7aa-001c106e4376}\Shell - "" = AutoRun
O33 - MountPoints2\{45b7dcb3-40d3-11de-a7aa-001c106e4376}\Shell\AutoRun\command - "" = F:\USBAutoRun.exe
O33 - MountPoints2\{a56cee3b-4c0e-11dc-982b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a56cee3b-4c0e-11dc-982b-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\{b4827945-d5c2-11dd-a199-001c106e4376}\Shell - "" = AutoRun
O33 - MountPoints2\{b4827945-d5c2-11dd-a199-001c106e4376}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{fdb425d6-fc5b-11dd-a7ff-001c106e4376}\Shell - "" = AutoRun
O33 - MountPoints2\{fdb425d6-fc5b-11dd-a7ff-001c106e4376}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/15 14:35:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011/01/15 12:54:13 | 000,000,000 | ---D | C] -- C:\Users\Kyle\AppData\Roaming\Avira
[2011/01/15 10:31:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011/01/15 10:31:03 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011/01/15 10:30:59 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011/01/15 10:30:59 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011/01/15 10:30:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011/01/15 10:30:43 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/01/13 15:11:38 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011/01/12 13:59:16 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/01/12 13:59:16 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/01/12 13:59:16 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/01/11 15:52:03 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011/01/11 15:51:58 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2011/01/10 18:14:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/01/10 18:13:49 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/01/10 18:13:39 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/01/10 18:09:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/01/10 18:09:38 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2007/11/06 13:41:19 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlbcinpa.dll
[2007/11/06 13:41:19 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlbciesc.dll
[2007/11/06 13:41:19 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\DLBChcp.dll
[2007/11/06 13:41:18 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlbcserv.dll
[2007/11/06 13:41:18 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\dlbcusb1.dll
[2007/11/06 13:41:18 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlbcpmui.dll
[2007/11/06 13:41:18 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlbcprox.dll
[2007/11/06 13:41:18 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlbcpplc.dll
[2007/11/06 13:41:17 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlbchbn3.dll
[2007/11/06 13:41:17 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlbclmpm.dll
[2007/11/06 13:41:17 | 000,483,328 | ---- | C] ( ) -- C:\Windows\System32\dlbcjswr.dll
[2007/11/06 13:41:16 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlbccomc.dll
[2007/11/06 13:41:16 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlbccomm.dll
[2007/11/06 13:41:16 | 000,073,728 | ---- | C] ( ) -- C:\Windows\System32\dlbccu.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/01/15 14:39:11 | 000,001,894 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/01/15 14:15:02 | 000,000,244 | -H-- | M] () -- C:\Windows\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2011/01/15 13:53:03 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/15 13:51:02 | 000,000,282 | -H-- | M] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2011/01/15 12:51:29 | 000,003,680 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/01/15 12:51:29 | 000,003,680 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/01/15 10:51:24 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/15 10:50:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/01/15 10:31:48 | 000,001,849 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011/01/15 10:11:09 | 000,000,282 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011/01/13 13:55:44 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/01/10 18:14:39 | 000,001,666 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/01/10 17:46:05 | 000,000,629 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2011/01/03 15:45:04 | 000,110,592 | ---- | M] () -- C:\Users\Kyle\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/28 10:55:03 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/15 14:39:11 | 000,001,894 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/01/15 10:31:48 | 000,001,849 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011/01/13 13:32:55 | 000,000,282 | -H-- | C] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2011/01/13 13:32:51 | 000,000,282 | -H-- | C] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011/01/13 13:32:48 | 000,000,244 | -H-- | C] () -- C:\Windows\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2011/01/10 18:14:39 | 000,001,666 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/01/10 17:46:05 | 000,000,629 | ---- | C] () -- C:\Windows\System32\mapisvc.inf
[2010/12/06 21:47:41 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2009/08/07 16:49:51 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/06/23 15:46:28 | 000,000,008 | -H-- | C] () -- C:\Users\Kyle\AppData\Local\L8457789100
[2008/12/18 15:29:46 | 000,005,115 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini
[2008/05/30 08:02:29 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008/05/30 08:02:29 | 000,383,238 | ---- | C] () -- C:\Windows\System32\libmp3lame-0.dll
[2008/02/11 18:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2008/01/02 16:57:36 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/01/02 16:47:22 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/01/02 16:47:22 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/01/02 10:23:56 | 000,000,021 | ---- | C] () -- C:\Windows\atid.ini
[2007/11/14 18:59:33 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2007/11/06 13:41:20 | 000,274,432 | ---- | C] () -- C:\Windows\System32\DLBCinst.dll
[2007/11/06 13:41:19 | 000,413,696 | ---- | C] () -- C:\Windows\System32\dlbcutil.dll
[2007/11/06 13:41:17 | 000,155,648 | ---- | C] () -- C:\Windows\System32\dlbcinsb.dll
[2007/11/06 13:41:16 | 000,090,112 | ---- | C] () -- C:\Windows\System32\dlbccur.dll
[2007/11/01 14:13:25 | 000,684,032 | ---- | C] () -- C:\Windows\libeay32.dll
[2007/11/01 14:13:25 | 000,155,648 | ---- | C] () -- C:\Windows\ssleay32.dll
[2007/10/18 09:12:20 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1350.dll
[2007/10/17 10:56:15 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlbcvs.dll
[2007/10/17 10:56:15 | 000,000,373 | ---- | C] () -- C:\Windows\System32\dlbccoin.ini
[2007/10/08 15:04:24 | 000,000,278 | ---- | C] () -- C:\Windows\dellstat.ini
[2007/09/05 19:17:59 | 000,005,216 | ---- | C] () -- C:\Users\Kyle\AppData\Local\d3d9caps.dat
[2007/08/24 19:46:48 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1322.dll
[2007/08/24 19:38:54 | 001,238,832 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/08/24 19:38:54 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2007/08/21 15:26:16 | 000,007,950 | ---- | C] () -- C:\Users\Kyle\AppData\Roaming\wklnhst.dat
[2007/08/21 11:43:11 | 000,110,592 | ---- | C] () -- C:\Users\Kyle\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/08/16 18:35:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1255.dll
[2007/01/22 08:49:34 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlbccoin.dll
[2006/11/07 14:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 05:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/09/16 23:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/16 23:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2004/01/30 09:37:50 | 000,000,092 | R--- | C] () -- C:\Windows\System32\FTDIUN2K.INI
[2004/01/30 09:37:50 | 000,000,091 | R--- | C] () -- C:\Windows\System32\FTDIUNIN.INI
[2002/03/01 14:43:34 | 000,028,008 | ---- | C] () -- C:\Windows\System32\SUSUSB.SYS

< End of report >




OTL Extras logfile created on: 1/15/2011 2:43:24 PM - Run 1
OTL by OldTimer - Version 3.2.20.2 Folder = C:\Users\Kyle\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,012.00 Mb Total Physical Memory | 186.00 Mb Available Physical Memory | 18.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 37.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.96 Gb Total Space | 45.50 Gb Free Space | 32.75% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.76 Gb Free Space | 67.60% Space Free | Partition Type: NTFS

Computer Name: KYLES-PC | User Name: Kyle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
"AntiVirusDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A61EE19-E560-4BE6-9A25-54A40C5C4799}" = rport=137 | protocol=17 | dir=out | app=system |
"{13D92D8E-CD32-45C3-8EBA-923BE9DAC4F5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{15191DFC-925F-4C3F-AF77-08A585DBDE25}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{168E5BDE-690F-4534-861B-0B68A5A102F5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{1B31BE8B-EDCE-4E9B-9DC7-C533236165D6}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1B337EA4-07DF-407A-9123-ED4490A7E709}" = lport=445 | protocol=6 | dir=in | app=system |
"{1BDD6388-BEAD-4D8C-90E6-60F372F08E50}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1F0F11AD-12E5-417D-9B6B-84861CE4F7CD}" = lport=138 | protocol=17 | dir=in | app=system |
"{2AA8F6D7-2155-41EB-99C7-DE8DD4FEB116}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{32372892-E60F-4E88-9739-7FFCEE8F708B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3D987CA9-2B80-4F95-ADB7-37DD6A0A78CD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4310988A-7854-4285-B987-92794F49EF9A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{45BDA922-874A-426E-A85D-E20578F480E6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{46F1D765-1024-43B1-BCCD-2AD4ED0811CC}" = rport=139 | protocol=6 | dir=out | app=system |
"{5574E134-84FE-4D4A-8CAB-1312C8C58A5F}" = lport=445 | protocol=6 | dir=in | app=system |
"{6286A622-1000-4260-B626-4962C716A444}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{69E7EEB5-12C1-4C29-A2E0-8022EF5B17DA}" = lport=139 | protocol=6 | dir=in | app=system |
"{6BF4819E-7FD9-4D82-B11F-114EB0A6842C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{751F6960-E3EE-474D-AA96-746F42075040}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7922F35C-6F19-43FC-BBC9-1E356F60861D}" = lport=rpc | protocol=6 | dir=in | svc=* | app=c:\windows\system32\svchost.exe |
"{8130EF5D-BEAA-4FC5-A40F-07BC8C91ACDB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{81B16F8A-1205-4BA6-938A-3D36CF0FB358}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{8370842B-E8A5-4A6C-B8FB-7E0A2A9918AA}" = rport=1701 | protocol=17 | dir=out | app=system |
"{8C5198BF-2724-462F-8F75-0B9F977935D5}" = lport=1723 | protocol=6 | dir=in | app=system |
"{90A90852-911E-489D-9F7F-6E326843A924}" = lport=445 | protocol=6 | dir=in | app=system |
"{917027AC-D052-4A46-B570-BDAFDC7CA7D0}" = lport=137 | protocol=17 | dir=in | app=system |
"{9B36F843-D8AF-4ED3-985E-28A7305E6E71}" = lport=rpc | protocol=6 | dir=in | svc=schedule | app=c:\windows\system32\svchost.exe |
"{A1392373-A505-4F69-871B-42C66071F2A0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{A4DA7C01-E871-4BF7-9643-78899A2B1331}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A7EB7440-BFAA-4BFC-A88D-BD5FC8327C5F}" = lport=1701 | protocol=17 | dir=in | app=system |
"{AD22A691-2764-41CF-95FE-FB2D559282C1}" = lport=rpc | protocol=6 | dir=in | svc=vds | app=c:\windows\system32\vds.exe |
"{AD57832E-CF01-4578-9B18-E2919184ED8D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{B3F1083E-ACB8-46C2-9BD9-BEC718048830}" = lport=rpc | protocol=6 | dir=in | app=c:\windows\system32\services.exe |
"{BB860B51-07DC-4E21-B388-75A7ECBA0CA5}" = rport=445 | protocol=6 | dir=out | app=system |
"{C0F231B3-3B98-43D4-9A55-929450985803}" = rport=138 | protocol=17 | dir=out | app=system |
"{C1831FB0-56EF-4722-9D07-C4FC94A9638B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{C629AC6B-FB67-4568-AABD-3580BE210525}" = rport=1723 | protocol=6 | dir=out | app=system |
"{CF045311-7157-445A-B3FC-41CE483A4218}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D1A387FA-09CB-4F3B-AEC3-0280FE391FEA}" = lport=rpc | protocol=6 | dir=in | svc=eventlog | app=c:\windows\system32\svchost.exe |
"{DB8CE048-68C8-4DFD-8837-F5D7937780BA}" = lport=445 | protocol=6 | dir=in | app=system |
"{E0F1EA59-AA4A-44E6-BBD8-EF61EA13151D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{E44D2666-6EA9-4948-9A6F-B2C5984DA942}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{E83A102E-355D-4299-99F2-F9BE63993DB2}" = lport=rpc | protocol=6 | dir=in | app=c:\windows\system32\vdsldr.exe |
"{E84395ED-7427-4FF1-BAF4-ECAC65B833E9}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08D61C40-06A3-4AA5-A500-98D41F49424A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0A2C62D0-A225-45E1-9E22-DB3B51599A89}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1123C871-144E-4472-8D50-E9754315EC81}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1A83A577-D080-4701-B165-9BAA0DCB1545}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1EC07E48-BF57-4F91-9525-C5203B31C4A1}" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"{20A7C4A6-8343-4152-BF6A-E559EE31EB36}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{22CF53F4-913A-41AD-8B3D-46D29E212CFA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{285EF236-F3DF-4113-A9ED-973C6D650652}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{2873D74B-349A-4AC4-9C9C-9D2D6948F4F1}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{292EA6C0-1C50-45D6-A9E5-5A619430F340}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{29FCD6EC-BE41-47BB-95C2-60FCAA4CD0F6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2C1E6DCF-959D-4EE7-ABBD-451987E010A6}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{2F56C2A3-25BB-47E4-A431-2C9C0A08C022}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{30CB0297-901C-46DF-8FBF-9856F2B15843}" = protocol=6 | dir=in | app=c:\program files\logitech touch mouse server\itouch-server-win.exe |
"{342EC33C-1962-49E4-9EE7-0F4806F05719}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{35ADF5DC-6826-4FD7-B256-A19EB006047D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{39136027-8BBB-461D-99DE-BF3EE72E1B3A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4D2EEE40-3526-4574-8061-A2B85056C894}" = protocol=6 | dir=out | app=system |
"{4DA15D53-232D-4A37-9FCA-9F896BABFA86}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{4F7B3E78-F6BD-47FC-A7C0-0E2C1F06C342}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{5522F249-F923-4221-9083-B9D4FB8D90F6}" = protocol=6 | dir=in | app=c:\windows\system32\dlbccoms.exe |
"{59C5CA13-2DC5-4764-95E5-15AAB9C8172B}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{5B84A1E9-050D-4397-92EC-30E723D810B9}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{5B9BAC65-43BF-41EC-8967-4748ED231511}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{6655B4E2-EBA4-40AF-BE08-41AC18EDB1E8}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{6A8750B5-B76A-41D0-95F1-BE7CE212AEEE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7B672930-CD4C-4810-8500-BEC12C85866B}" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"{805C5833-A7F3-4BB1-86B9-D830E124C5E7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{85CD4261-4B9A-4A8B-96DF-1EF29D085C7D}" = protocol=17 | dir=in | app=d:\tubehunter\tubehunter.exe |
"{908FEF41-D8F0-4901-A67F-AA8E42E84442}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{91D60BD9-B79F-48F4-BD38-21D9BF48DB4C}" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"{9B91A313-89D5-4EA1-A6A8-EB51E52FA4EA}" = protocol=6 | dir=out | app=system |
"{9CDA3D05-6CF8-4E11-9F2D-D650E5E1A122}" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"{9FB4B95C-C5E0-4790-92B9-697319AE4AAF}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{A16157B3-AB02-426B-9AE6-B497993945A3}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{A99CB4A4-A0E5-4F3E-ACF1-9C1AA3904F1F}" = protocol=6 | dir=in | app=d:\tubehunter\tubehunter.exe |
"{B126F5CF-E6AA-40E4-A407-96E5327E459B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B9F58095-5B71-4D0C-AB10-46567863E26E}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{BC58FE35-A163-4242-85DF-8B11AA099BC1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C7FCA2D0-213C-4171-8D52-71464B0EC6B6}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{C85E8D6E-E8BF-4F9D-B87E-83E6BA2A9B48}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dlbcpswx.exe |
"{CE63B306-A9B1-4EBD-BFD7-806935FF1D3B}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{DA9AAF0F-CEB4-4572-8B42-1EEE3D5BEC93}" = protocol=17 | dir=in | app=c:\windows\system32\dlbccoms.exe |
"{DAE9BC13-4EE5-4650-B703-819F1819DC3F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DC317C2C-4619-49C6-AC7D-5BB9AA07BCDB}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{ECF71834-9754-462D-927E-48CCE8FDC307}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dlbcpswx.exe |
"{EF31C9B6-9E89-4A19-9D45-CF0736F46A8B}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{F768E273-C6F3-456D-911D-87F338F90EC4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F84338E2-7AD0-43EE-8130-7CD258459B03}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FA0F986C-6BE8-4021-97F4-D4DFEF0AF8D3}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{FB638C4B-4CC6-4FCD-8E11-365A194D9B24}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{FC40CD6D-9E30-4CF6-BB85-E39DF9645FDB}" = protocol=17 | dir=in | app=c:\program files\logitech touch mouse server\itouch-server-win.exe |
"TCP Query User{12CF4A93-A53D-42E9-B297-318758C75EF6}C:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{1BA26B4D-A7D9-404A-A2A2-EBC8DBE4BF43}C:\programdata\406c0af\wp406c.exe" = protocol=6 | dir=in | app=c:\programdata\406c0af\wp406c.exe |
"TCP Query User{55BADE38-31FD-4CDB-A46D-2BB93A756B40}C:\program files\logitech touch mouse server\itouch-server-win.exe" = protocol=6 | dir=in | app=c:\program files\logitech touch mouse server\itouch-server-win.exe |
"TCP Query User{6B8934F7-B848-4ACE-8EFA-EF75952BB1FE}C:\program files\ultramixer\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\ultramixer\jre\bin\javaw.exe |
"TCP Query User{FCF79B6F-3AA6-49BA-9E53-4B9B29349BB9}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{21181BC8-F37E-493D-A565-69626286389D}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{2755F4A1-1861-4500-A2CC-B9FB4007F648}C:\program files\logitech touch mouse server\itouch-server-win.exe" = protocol=17 | dir=in | app=c:\program files\logitech touch mouse server\itouch-server-win.exe |
"UDP Query User{3BB308EC-A17D-4E50-BD86-9472CAD043E9}C:\programdata\406c0af\wp406c.exe" = protocol=17 | dir=in | app=c:\programdata\406c0af\wp406c.exe |
"UDP Query User{E45C1605-0ADF-4D7C-B2A8-175D7A956F0A}C:\program files\ultramixer\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\ultramixer\jre\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX860_series" = Canon MX860 series MP Drivers
"{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety
"{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}" = Dell System Customization Wizard
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43}" = Safari
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 23
"{2AAC4085-DCBF-417B-AEBD-182197839240}" = Native Instruments Traktor
"{2C6C74C2-042F-4D36-B7B0-0C538FCF01AB}" = Dell DataSafe Online
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{32E2F180-247C-4077-B06A-20F9868568E0}_is1" = UltraMixer 2.4.3
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3E25E350-949F-4DB7-8288-2A60E018B4C1}" = Games, Music, & Photos Launcher
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel(R) PRO Network Connections 12.1.11.0
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C5FAD77-F678-4758-A296-C12F08D179E0}" = Microsoft IntelliPoint 6.2
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{96F5D143-C950-465D-A8BE-C3D4D9CB3C1F}" = FileMaker Pro 10
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B8C54AB1-7E1A-40E8-B794-EDB6E8921F3A}" = Dell Support Center
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C2425F91-1F7B-4037-9A05-9F290184798D}" = NETGEAR WNA3100 wireless USB 2.0 adapter
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CCFF1E13-77A2-4032-8B12-7566982A27DF}" = Internet Service Offers Launcher
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AIM Toolbar" = AIM Toolbar
"AudibleManager" = AudibleManager
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"Carbonite Setup Lite" = Carbonite Online Backup Setup
"CCleaner" = CCleaner (remove only)
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 PCI V.92 Modem
"DivX Setup.divx.com" = DivX Setup
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Logitech Touch Mouse Server" = Logitech Touch Mouse Server 1.0
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Traktor" = Native Instruments Traktor
"PoiZone" = PoiZone
"PROSetDX" = Intel(R) PRO Network Connections 12.1.11.0
"RealPlayer 6.0" = RealPlayer
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Toxic Biohazard" = Toxic Biohazard
"ViewpointMediaPlayer" = Viewpoint Media Player
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/11/2011 5:26:04 PM | Computer Name = Kyles-PC | Source = Bonjour Service | ID = 100
Description = 388: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 1/12/2011 3:54:30 PM | Computer Name = Kyles-PC | Source = Bonjour Service | ID = 100
Description = 388: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 1/13/2011 4:26:50 PM | Computer Name = Kyles-PC | Source = Bonjour Service | ID = 100
Description = 408: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 1/13/2011 4:27:08 PM | Computer Name = Kyles-PC | Source = Bonjour Service | ID = 100
Description = 384: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 1/15/2011 10:59:05 AM | Computer Name = Kyles-PC | Source = Bonjour Service | ID = 100
Description = 388: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 1/15/2011 11:23:29 AM | Computer Name = Kyles-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Users\Kyle\AppData\Local\Temp\RarSFX0\redist.dll".
Dependent
Assembly Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 1/15/2011 11:48:27 AM | Computer Name = Kyles-PC | Source = Bonjour Service | ID = 100
Description = 392: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 1/15/2011 12:57:08 PM | Computer Name = Kyles-PC | Source = Bonjour Service | ID = 100
Description = 412: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 1/15/2011 12:57:09 PM | Computer Name = Kyles-PC | Source = Bonjour Service | ID = 100
Description = 416: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 1/15/2011 12:57:09 PM | Computer Name = Kyles-PC | Source = Bonjour Service | ID = 100
Description = 420: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

[ System Events ]
Error - 1/15/2011 11:49:10 AM | Computer Name = Kyles-PC | Source = DCOM | ID = 10010
Description =

Error - 1/15/2011 11:51:32 AM | Computer Name = Kyles-PC | Source = LSM | ID = 1048
Description =

Error - 1/15/2011 11:54:03 AM | Computer Name = Kyles-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 1/15/2011 11:59:12 AM | Computer Name = Kyles-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 1/15/2011 3:38:42 PM | Computer Name = Kyles-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 1/15/2011 3:38:42 PM | Computer Name = Kyles-PC | Source = DCOM | ID = 10005
Description =

Error - 1/15/2011 3:38:44 PM | Computer Name = Kyles-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/15/2011 3:39:30 PM | Computer Name = Kyles-PC | Source = LSM | ID = 1048
Description =

Error - 1/15/2011 3:39:35 PM | Computer Name = Kyles-PC | Source = LSM | ID = 1048
Description =

Error - 1/15/2011 3:39:41 PM | Computer Name = Kyles-PC | Source = LSM | ID = 1048
Description =


< End of report >
Imaboss12
Active Member
 
Posts: 7
Joined: January 13th, 2011, 4:16 pm

Re: Help Please

Unread postby askey127 » January 16th, 2011, 8:29 am

Imaboss12,
------------------------------------------------
Remove Programs Using Control Panel
From Start, Control Panel, click on Uninstall a program under the Programs heading.
Right click each Entry, as follows, one by one, if it exists, choose Uninstall/Change, and give permission to Continue:

McAfee Security Scan Plus
LiveUpdate Notice (Symantec Corporation)

Take extra care in answering questions posed by any Uninstaller.
----------------------------------------------------------------------------------
Download and Run MalwareBytes' Anti-Malware It is free for non-business use.
Please go here to the Download Location, click on Download.
  • After clicking on the download and choosing Save, the "Save to location" dialog will come up.
  • Click the browse folders button, then click on Desktop on the left as the location for the installer and click Save again. Close the dialog when the download is complete.
  • You should now have a desktop icon named mbam-setup.exe.
  • Right click it, choose Run as administrator and Continue
  • Let it install where it wants to, with the default settings, and click Finish.
  • If an update is found, it will download and install the latest version. A shield symbol will show on the desktop icon while it is updating, and will disappear when it's done.
  • If necessary, start Malwarebytes Anti-Malware again.
  • Once the program has started up, select Perform Quick Scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • If it found any malware items, check all items except items in the C:\System Volume Information folder... and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location, and post the contents in your reply.
  • The log can also be found using the "Logs" tab in the program. You can click any "Scan" log listed to open its contents. The logs are listed and named by time/date stamp.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Help Please

Unread postby Imaboss12 » January 18th, 2011, 5:34 pm

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5549

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

1/18/2011 4:32:00 PM
mbam-log-2011-01-18 (16-31-59).txt

Scan type: Quick scan
Objects scanned: 197090
Time elapsed: 15 minute(s), 36 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 16
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 1
Files Infected: 7

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64DE95E5-0A25-4DD9-A472-97BC1D419101} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HBMain.CommBand (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HBMain.CommBand.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.HbMain (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.HbMain.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HostIE.Bho (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HostIE.Bho.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\nssfrch.StockBar (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\nssfrch.ToolBar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\JP595IR86O (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MFJJEC0A1L (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Folders Infected:
c:\Users\Jason\AppData\Roaming\windows pc defender (Rogue.WindowsPCDefender) -> Quarantined and deleted successfully.

Files Infected:
c:\Users\Jason\AppData\Local\Temp\xrbf.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
c:\Users\Jason\local settings\temporary internet files\Content.IE5\CI5ZFMJJ\n008106201304r0409j12000601rc05819bcw7dd68fffx9a0ac795yd1fcb752z0100f0800[1] (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{62c40aa6-4406-467a-a5a5-dfdf1b559b7a}.job (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{bbaeaeaf-1275-40e2-bd6c-bc8f88bd114a}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\Jason\AppData\Roaming\windows pc defender\cookies.sqlite (Rogue.WindowsPCDefender) -> Quarantined and deleted successfully.
c:\Users\Jason\AppData\Roaming\windows pc defender\instructions.ini (Rogue.WindowsPCDefender) -> Quarantined and deleted successfully.
Imaboss12
Active Member
 
Posts: 7
Joined: January 13th, 2011, 4:16 pm

Re: Help Please

Unread postby askey127 » January 18th, 2011, 6:05 pm

Imaboss12,
--------------------------------------------
TDSSKiller - Rootkit Removal Tool
Please download the TDSSKiller.exe by Kaspersky... save it to your Desktop. <-Important!!!
  1. Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista - W7 users: Right-click and select "Run As Administrator".
    If TDSSKiller does not run... rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. ektfhtw.com).
    If you don't see file extensions, please see: How to change the file extension.
  2. Click the Start Scan button. Do not use the computer during the scan!
  3. If the scan completes with nothing found, click Close to exit.
  4. If malicious objects are found, they will show in the "Scan results - Select action for found objects" and offer 3 options.
    • Ensure Cure (default) is selected... then click Continue > Reboot now to finish the cleaning process.
    • If Cure is not offered as an option, choose Skip.
  5. A log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt will be created and saved to the root directory. (usually Local Disk C:).
  6. Copy and paste the contents of that file in your next reply.
If, for some reason,you can't locate the text file to paste into your reply, just tell me, but DO NOT run the program a second time.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Help Please

Unread postby Imaboss12 » January 18th, 2011, 7:00 pm

Okay I ran TDSSKiller and it said that nothing was found.
Imaboss12
Active Member
 
Posts: 7
Joined: January 13th, 2011, 4:16 pm

Re: Help Please

Unread postby askey127 » January 18th, 2011, 8:16 pm

Would you mind posting the log?
I find it helpful, if you were able to follow the directions.
Thanks.
If it made a file, it's in the main folder of the C: drive, like ===> C:\TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Help Please

Unread postby Imaboss12 » January 19th, 2011, 4:57 pm

2011/01/18 17:55:39.0101 TDSS rootkit removing tool 2.4.14.0 Jan 18 2011 09:33:51
2011/01/18 17:55:39.0101 ================================================================================
2011/01/18 17:55:39.0101 SystemInfo:
2011/01/18 17:55:39.0101
2011/01/18 17:55:39.0101 OS Version: 6.0.6002 ServicePack: 2.0
2011/01/18 17:55:39.0101 Product type: Workstation
2011/01/18 17:55:39.0101 ComputerName: KYLES-PC
2011/01/18 17:55:39.0102 UserName: Kyle
2011/01/18 17:55:39.0102 Windows directory: C:\Windows
2011/01/18 17:55:39.0102 System windows directory: C:\Windows
2011/01/18 17:55:39.0102 Processor architecture: Intel x86
2011/01/18 17:55:39.0102 Number of processors: 2
2011/01/18 17:55:39.0102 Page size: 0x1000
2011/01/18 17:55:39.0102 Boot type: Normal boot
2011/01/18 17:55:39.0102 ================================================================================
2011/01/18 17:55:41.0213 Initialize success
2011/01/18 17:56:53.0565 ================================================================================
2011/01/18 17:56:53.0565 Scan started
2011/01/18 17:56:53.0565 Mode: Manual;
2011/01/18 17:56:53.0565 ================================================================================
2011/01/18 17:56:54.0757 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/01/18 17:56:54.0821 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/01/18 17:56:54.0896 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/01/18 17:56:54.0961 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/01/18 17:56:55.0027 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/01/18 17:56:55.0158 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2011/01/18 17:56:55.0244 agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys
2011/01/18 17:56:55.0310 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/01/18 17:56:55.0379 aliide (5c42a992e68724d2cd3ddb4fc3b0409f) C:\Windows\system32\drivers\aliide.sys
2011/01/18 17:56:55.0453 amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys
2011/01/18 17:56:55.0505 amdide (849dfacdde533da5d1810f0caf84eb19) C:\Windows\system32\drivers\amdide.sys
2011/01/18 17:56:55.0571 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/01/18 17:56:55.0668 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/01/18 17:56:55.0847 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/01/18 17:56:55.0934 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/01/18 17:56:56.0013 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/01/18 17:56:56.0070 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/01/18 17:56:56.0141 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/01/18 17:56:56.0200 avipbb (da39805e2bad99d37fce9477dd94e7f2) C:\Windows\system32\DRIVERS\avipbb.sys
2011/01/18 17:56:56.0363 BCMH43XX (601259276b934f0c938bff4f558c5691) C:\Windows\system32\DRIVERS\bcmwlhigh6.sys
2011/01/18 17:56:56.0459 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/01/18 17:56:56.0626 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2011/01/18 17:56:56.0696 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/01/18 17:56:56.0750 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/01/18 17:56:56.0821 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/01/18 17:56:56.0884 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/01/18 17:56:56.0945 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/01/18 17:56:57.0007 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/01/18 17:56:57.0058 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/01/18 17:56:57.0296 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/01/18 17:56:57.0404 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/01/18 17:56:57.0463 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/01/18 17:56:57.0550 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/01/18 17:56:57.0654 cmdide (de11a06e187756ecb86cfa82dac40ff7) C:\Windows\system32\drivers\cmdide.sys
2011/01/18 17:56:57.0693 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
2011/01/18 17:56:57.0753 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/01/18 17:56:57.0830 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/01/18 17:56:57.0918 dc3d (6b62f5f9a987d08f67fc1302e4b67aed) C:\Windows\system32\DRIVERS\dc3d.sys
2011/01/18 17:56:58.0015 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2011/01/18 17:56:58.0124 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/01/18 17:56:58.0258 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/01/18 17:56:58.0332 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
2011/01/18 17:56:58.0418 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\Windows\system32\DRIVERS\dsunidrv.sys
2011/01/18 17:56:58.0489 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
2011/01/18 17:56:58.0569 e1express (04944f4fc4f0477185f5d26ae0ddb90e) C:\Windows\system32\DRIVERS\e1e6032.sys
2011/01/18 17:56:58.0671 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/01/18 17:56:58.0759 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/01/18 17:56:58.0878 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/01/18 17:56:59.0002 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/01/18 17:56:59.0078 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/01/18 17:56:59.0167 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/01/18 17:56:59.0286 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/01/18 17:56:59.0357 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/01/18 17:56:59.0432 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/01/18 17:56:59.0526 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/01/18 17:56:59.0667 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\Windows\system32\DRIVERS\fssfltr.sys
2011/01/18 17:56:59.0779 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/01/18 17:56:59.0864 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/01/18 17:56:59.0957 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2011/01/18 17:57:00.0085 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/01/18 17:57:00.0124 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/01/18 17:57:00.0158 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/01/18 17:57:00.0235 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2011/01/18 17:57:00.0322 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/01/18 17:57:00.0408 HSF_DPV (53229dcf431d76434816cd29251168a0) C:\Windows\system32\DRIVERS\HSX_DPV.sys
2011/01/18 17:57:00.0513 HSXHWBS2 (ed98350ecd4a5a9c9f1e641c09872bb2) C:\Windows\system32\DRIVERS\HSXHWBS2.sys
2011/01/18 17:57:00.0591 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
2011/01/18 17:57:00.0683 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/01/18 17:57:00.0767 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/01/18 17:57:00.0854 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
2011/01/18 17:57:00.0915 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/01/18 17:57:01.0054 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
2011/01/18 17:57:01.0193 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/01/18 17:57:01.0320 IntcAzAudAddService (f8f53c5449f15b23d4c61d51d2701da8) C:\Windows\system32\drivers\RTKVHDA.sys
2011/01/18 17:57:01.0510 intelide (1b16626beae3a52e611fc681cd796f86) C:\Windows\system32\DRIVERS\intelide.sys
2011/01/18 17:57:01.0571 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/01/18 17:57:01.0660 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/01/18 17:57:01.0738 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/01/18 17:57:01.0809 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/01/18 17:57:01.0933 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/01/18 17:57:01.0979 isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys
2011/01/18 17:57:02.0069 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/01/18 17:57:02.0115 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/01/18 17:57:02.0348 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/01/18 17:57:02.0482 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/01/18 17:57:02.0599 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/01/18 17:57:02.0682 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/01/18 17:57:02.0851 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/01/18 17:57:02.0933 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/01/18 17:57:02.0970 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/01/18 17:57:03.0069 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/01/18 17:57:03.0139 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/01/18 17:57:03.0219 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
2011/01/18 17:57:03.0288 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/01/18 17:57:03.0359 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/01/18 17:57:03.0433 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/01/18 17:57:03.0495 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/01/18 17:57:03.0542 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/01/18 17:57:03.0626 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/01/18 17:57:03.0686 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/01/18 17:57:03.0790 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/01/18 17:57:03.0870 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/01/18 17:57:03.0940 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/01/18 17:57:04.0001 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/01/18 17:57:04.0075 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/01/18 17:57:04.0158 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/01/18 17:57:04.0220 msahci (0d1c042188ffe61a702a9df5944de5ba) C:\Windows\system32\drivers\msahci.sys
2011/01/18 17:57:04.0296 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/01/18 17:57:04.0401 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/01/18 17:57:04.0458 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/01/18 17:57:04.0559 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/01/18 17:57:04.0610 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/01/18 17:57:04.0650 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/01/18 17:57:04.0711 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/01/18 17:57:04.0796 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/01/18 17:57:04.0845 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/01/18 17:57:04.0928 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/01/18 17:57:05.0039 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/01/18 17:57:05.0178 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/01/18 17:57:05.0243 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/01/18 17:57:05.0336 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/01/18 17:57:05.0421 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/01/18 17:57:05.0500 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/01/18 17:57:05.0580 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/01/18 17:57:05.0639 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/01/18 17:57:05.0730 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/01/18 17:57:05.0845 NPF (b9730495e0cf674680121e34bd95a73b) C:\Windows\system32\DRIVERS\npf.sys
2011/01/18 17:57:05.0929 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/01/18 17:57:06.0047 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/01/18 17:57:06.0127 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/01/18 17:57:06.0252 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/01/18 17:57:06.0332 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
2011/01/18 17:57:06.0411 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/01/18 17:57:06.0478 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/01/18 17:57:06.0526 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/01/18 17:57:06.0565 nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys
2011/01/18 17:57:06.0726 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
2011/01/18 17:57:06.0788 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/01/18 17:57:06.0872 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/01/18 17:57:06.0956 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/01/18 17:57:07.0045 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/01/18 17:57:07.0095 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
2011/01/18 17:57:07.0171 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/01/18 17:57:07.0263 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/01/18 17:57:07.0474 Point32 (437827d69040c0c2565d47b024ed5372) C:\Windows\system32\DRIVERS\point32k.sys
2011/01/18 17:57:07.0552 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/01/18 17:57:07.0615 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/01/18 17:57:07.0711 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/01/18 17:57:07.0764 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\Windows\system32\Drivers\PxHelp20.sys
2011/01/18 17:57:07.0834 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/01/18 17:57:07.0924 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/01/18 17:57:07.0998 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/01/18 17:57:08.0091 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/01/18 17:57:08.0250 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/01/18 17:57:08.0318 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/01/18 17:57:08.0389 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/01/18 17:57:08.0464 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/01/18 17:57:08.0556 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/01/18 17:57:08.0646 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/01/18 17:57:08.0710 rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys
2011/01/18 17:57:08.0788 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/01/18 17:57:08.0867 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/01/18 17:57:09.0033 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/01/18 17:57:09.0117 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/01/18 17:57:09.0258 SCMNdisP (3b68015683c27cb00c7a6b60a37cbcfd) C:\Windows\system32\DRIVERS\scmndisp.sys
2011/01/18 17:57:09.0341 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/01/18 17:57:09.0422 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/01/18 17:57:09.0466 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/01/18 17:57:09.0525 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/01/18 17:57:09.0638 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
2011/01/18 17:57:09.0693 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2011/01/18 17:57:09.0740 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
2011/01/18 17:57:09.0797 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/01/18 17:57:09.0864 sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys
2011/01/18 17:57:09.0928 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/01/18 17:57:09.0991 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/01/18 17:57:10.0083 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/01/18 17:57:10.0160 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/01/18 17:57:10.0256 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys
2011/01/18 17:57:10.0340 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys
2011/01/18 17:57:10.0379 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys
2011/01/18 17:57:10.0470 SSFS041A (e85ddadd0c8e1b0191c3f5370bbcf2cb) C:\Windows\system32\Drivers\SSFS041A.SYS
2011/01/18 17:57:10.0535 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/01/18 17:57:10.0611 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
2011/01/18 17:57:10.0736 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/01/18 17:57:10.0815 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/01/18 17:57:10.0882 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/01/18 17:57:10.0941 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/01/18 17:57:11.0056 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2011/01/18 17:57:11.0198 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2011/01/18 17:57:11.0261 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2011/01/18 17:57:11.0344 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/01/18 17:57:11.0386 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/01/18 17:57:11.0468 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/01/18 17:57:11.0544 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/01/18 17:57:11.0668 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/01/18 17:57:11.0741 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/01/18 17:57:11.0799 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/01/18 17:57:11.0861 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/01/18 17:57:11.0951 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/01/18 17:57:12.0050 uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys
2011/01/18 17:57:12.0114 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/01/18 17:57:12.0189 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/01/18 17:57:12.0255 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/01/18 17:57:12.0326 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/01/18 17:57:12.0527 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys
2011/01/18 17:57:12.0738 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/01/18 17:57:12.0795 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/01/18 17:57:12.0914 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/01/18 17:57:13.0009 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/01/18 17:57:13.0129 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/01/18 17:57:13.0185 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/01/18 17:57:13.0291 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/01/18 17:57:13.0358 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/01/18 17:57:13.0427 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/01/18 17:57:13.0548 USB_RNDIS (830d5d8456b822c1247c1e59b4c464fa) C:\Windows\system32\DRIVERS\usb8023.sys
2011/01/18 17:57:13.0634 usb_rndisx (35c9095fa7076466afbfc5b9ec4b779e) C:\Windows\system32\DRIVERS\usb8023x.sys
2011/01/18 17:57:13.0701 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/01/18 17:57:13.0788 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/01/18 17:57:13.0838 viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys
2011/01/18 17:57:13.0876 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/01/18 17:57:13.0976 viaide (c0ace9d0f5a5ee0b00f58345947a57fc) C:\Windows\system32\drivers\viaide.sys
2011/01/18 17:57:14.0042 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/01/18 17:57:14.0101 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/01/18 17:57:14.0211 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/01/18 17:57:14.0273 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/01/18 17:57:14.0352 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/01/18 17:57:14.0435 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/01/18 17:57:14.0470 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/01/18 17:57:14.0573 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/01/18 17:57:14.0666 Wdf01000 (6d77ff2224d2d3984760acbdf4024a7b) C:\Windows\system32\drivers\Wdf01000.sys
2011/01/18 17:57:14.0848 winachsf (6d2350bb6e77e800fc4be4e5b7a2e89a) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
2011/01/18 17:57:15.0036 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
2011/01/18 17:57:15.0152 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/01/18 17:57:15.0223 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/01/18 17:57:15.0373 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/01/18 17:57:15.0430 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys
2011/01/18 17:57:15.0540 ================================================================================
2011/01/18 17:57:15.0540 Scan finished
2011/01/18 17:57:15.0540 ================================================================================
2011/01/18 18:08:34.0592 Deinitialize success
Imaboss12
Active Member
 
Posts: 7
Joined: January 13th, 2011, 4:16 pm

Re: Help Please

Unread postby askey127 » January 19th, 2011, 7:33 pm

Imaboss12,
The malware situation looks pretty good to me.
How is the machine running?

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Help Please

Unread postby askey127 » January 22nd, 2011, 7:32 pm

this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 60 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware