My other thread is broken...

**up2ng** · 10-09-2010

Please help. I just finished responding to some more instructions from Broni, who has been a great help so far. But, I think I might have crashed that thread. Here it is:

http://www.d-a-l.com/help/spyware-ad...reezes-up.html

Please tell me how to proceed!

**D-A-L** · 10-09-2010

Apologies, I will see if I can find out what happened, for now can you continue your thread here please, feel free to email any large attachment to admin [at] d-a-l.com and I will forward to the appropriate moderator.

**up2ng** · 10-09-2010

Thanks for your help D-A-L.

I'm getting pretty frustrated with this. I just tried to post the log file in this new thread and I'm having the same problems -- the thread does not seem to be able to handle it. In this case, it looks like it wasn't actually posted and so the thread has not broken, but if I continue to try I'm afraid that the post will eventually go through but it will break this thread also.

If it helps, I get an error when posting:

Fatal error: Allowed memory size of 16777216 bytes exhausted (tried to allocate 681987 bytes) in /home/7068/daldafor/www.d-a-l.com/public_html/help/includes/functions_newpost.php on line 205

I will try your suggestion of emailing the file. I hope that you can forward it on to Broni. Thank you!

**up2ng** · 10-09-2010

Hello,

I just realized that there is an option to attach files as attachments to these posts

This is probably why I crashed the other thread -- I assumed from the instructions that we were supposed to paste the contents of the various logs directly into the message. Using attachments should work better since some of these logs are LONG! (at least in my case)

Many of the log files so far are actually too large for your attachment manager. However, I saw that the manager supports zip files, so I have put all of the requested logs, including the combofix log, into a zip file and I'm including that zip file as an attachment to this post. I hope that is ok.

By the way, my mouse performance is already improved somewhat with the few steps we've taken so far. I'm still having occasional skips and jumps with the cursor today, but at least it has not completely frozen to the point of needing a reboot in a while. That's a big improvement. I hope we can continue the process from here and get rid of this annoying mouse issue once and for all!

Thanks,
Dean

**D-A-L** · 10-09-2010

Ah OK just saw this, I also forwarded your email to Broni but you are correct it needs to be an attachment.

**broni** · 10-09-2010

Let's see...

Malwarebytes' Anti-Malware 1.46
Malwarebytes

Database version: 4585

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

9/9/2010 9:40:34 PM
mbam-log-2010-09-09 (21-40-34).txt

Scan type: Quick scan
Objects scanned: 153582
Time elapsed: 6 minute(s), 3 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\mywaysearchassistantde.auxiliary (Adware.MyWaySearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywaysearchassistantde.auxiliary .1 (Adware.MyWaySearch) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

**broni** · 10-09-2010

GMER 1.0.15.15281 - GMER - Rootkit Detector and Remover
Rootkit scan 2010-09-10 00:12:53
Windows 5.1.2600 Service Pack 3
Running: u4rmofup.exe; Driver: C:\DOCUME~1\DEANSA~1\LOCALS~1\Temp\pxtdapog.sys

---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwClose [0xEE8C7CF0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateKey [0xEE8C7BAC]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteKey [0xEE8C8160]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteValueKey [0xEE8C808A]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDuplicateObject [0xEE8C7782]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenKey [0xEE8C7C86]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenProcess [0xEE8C76C2]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenThread [0xEE8C7726]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwQueryValueKey [0xEE8C7DA6]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRenameKey [0xEE8C822E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRestoreKey [0xEE8C7D66]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwSetValueKey [0xEE8C7EE6]

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xEE8D4BAE]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0xEE8D49D2]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0xEE8D4B0C]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Kernel code sections - GMER 1.0.15 ----

PAGE ntoskrnl.exe!ObInsertObject 8056DA64 5 Bytes JMP EE8D1FFA \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntoskrnl.exe!NtCreateSection 8056DB66 7 Bytes JMP EE8D49D6 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntoskrnl.exe!ZwCreateProcessEx 8059056D 7 Bytes JMP EE8D4BB2 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntoskrnl.exe!ZwLoadDriver 805AEDE2 7 Bytes JMP EE8D4B10 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntoskrnl.exe!ObMakeTemporaryObject 805E74E6 5 Bytes JMP EE8D05D4 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1436] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\system32\services.exe[736] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00380002
IAT C:\WINDOWS\system32\services.exe[736] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 00380000

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdePort0 atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdePort1 atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation)

AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \FileSystem\Fastfat \Fat EC80CD20

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)

Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Cdfs \Cdfs tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

---- EOF - GMER 1.0.15 ----

**broni** · 10-09-2010

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000000d

Kernel Drivers (total 152):
0x804D7000 \WINDOWS\system32\ntoskrnl.exe
0x806FF000 \WINDOWS\system32\hal.dll
0xF7CE5000 \WINDOWS\system32\KDCOM.DLL
0xF7BF5000 \WINDOWS\system32\BOOTVID.dll
0xF7796000 ACPI.sys
0xF7CE7000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF7785000 pci.sys
0xF77E5000 isapnp.sys
0xF7DAD000 pciide.sys
0xF7A65000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF7CE9000 aliide.sys
0xF7CEB000 cmdide.sys
0xF7CED000 toside.sys
0xF7CEF000 viaide.sys
0xF7CF1000 intelide.sys
0xF77F5000 MountMgr.sys
0xF7766000 ftdisk.sys
0xF7CF3000 dmload.sys
0xF7740000 dmio.sys
0xF7A6D000 PartMgr.sys
0xF7805000 VolSnap.sys
0xF7728000 atapi.sys
0xF7815000 disk.sys
0xF7825000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF7708000 fltmgr.sys
0xF76F6000 sr.sys
0xF76E1000 drvmcdb.sys
0xF7A75000 PxHelp20.sys
0xF76CA000 KSecDD.sys
0xF763D000 Ntfs.sys
0xF7610000 NDIS.sys
0xF7835000 sisagp.sys
0xF7845000 viaagp.sys
0xF7855000 ohci1394.sys
0xF7865000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
0xF75F6000 Mup.sys
0xF7875000 agp440.sys
0xF7885000 alim1541.sys
0xF7895000 amdagp.sys
0xF78A5000 agpCPQ.sys
0xF7925000 \SystemRoot\system32\DRIVERS\nic1394.sys
0xF710B000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF6FD0000 \SystemRoot\system32\DRIVERS\ati2mtag.sys
0xF6FBC000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF7B5D000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xF6F98000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF7B65000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF6F3E000 \SystemRoot\system32\drivers\ctaud2k.sys
0xF6F1A000 \SystemRoot\system32\drivers\portcls.sys
0xF70FB000 \SystemRoot\system32\drivers\drmk.sys
0xF6EF7000 \SystemRoot\system32\drivers\ks.sys
0xF6ECB000 \SystemRoot\system32\drivers\ctoss2k.sys
0xF7D17000 \SystemRoot\System32\drivers\ctprxy2k.sys
0xF7CBD000 \SystemRoot\system32\DRIVERS\gameenum.sys
0xF6EA5000 \SystemRoot\system32\DRIVERS\e100b325.sys
0xF7B6D000 \SystemRoot\system32\DRIVERS\fdc.sys
0xF70EB000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF7B75000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF7B7D000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF6E91000 \SystemRoot\system32\DRIVERS\parport.sys
0xF70DB000 \SystemRoot\system32\DRIVERS\serial.sys
0xF7CC1000 \SystemRoot\system32\DRIVERS\serenum.sys
0xF70CB000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF7D19000 \SystemRoot\system32\drivers\sscdbhk5.sys
0xF70BB000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF70AB000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF7CC5000 \SystemRoot\System32\Drivers\GEARAspiWDM.sys
0xF7E38000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF78C5000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF7CCD000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF6E7A000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF78D5000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF78E5000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF7B85000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF6E41000 \SystemRoot\system32\DRIVERS\psched.sys
0xF78F5000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF7B8D000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF7B95000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF6E11000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xF7905000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF7D1B000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF6DB3000 \SystemRoot\system32\DRIVERS\update.sys
0xF75C1000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF7B9D000 \SystemRoot\system32\DRIVERS\omci.sys
0xF7945000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF7965000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF7D1F000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xEEC62000 \SystemRoot\System32\drivers\hap16v2k.sys
0xEEB85000 \SystemRoot\System32\drivers\ha10kx2k.sys
0xEEB63000 \SystemRoot\System32\drivers\emupia2k.sys
0xEEB43000 \SystemRoot\System32\drivers\ctsfm2k.sys
0xEEAA5000 \SystemRoot\System32\drivers\ctac32k.sys
0xF7BB5000 \SystemRoot\system32\DRIVERS\flpydisk.sys
0xF7C91000 \SystemRoot\System32\Drivers\i2omgmt.SYS
0xF7D27000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7E47000 \SystemRoot\System32\Drivers\Null.SYS
0xF7D29000 \SystemRoot\System32\Drivers\Beep.SYS
0xF7BC5000 \SystemRoot\system32\drivers\ssrtln.sys
0xF7BCD000 \SystemRoot\System32\drivers\vga.sys
0xF7D2B000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF7D2D000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF7BD5000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF7BDD000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF7C99000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xEEA4A000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xEE9F1000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xF7995000 \SystemRoot\System32\Drivers\aswTdi.SYS
0xEE9CB000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xEE9A3000 \SystemRoot\system32\DRIVERS\netbt.sys
0xF79A5000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xEE981000 \SystemRoot\System32\drivers\afd.sys
0xF79B5000 \SystemRoot\system32\DRIVERS\netbios.sys
0xF79C5000 \SystemRoot\system32\DRIVERS\arp1394.sys
0xEE956000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xEE8E6000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF79D5000 \SystemRoot\System32\Drivers\Fips.SYS
0xEE8BF000 \SystemRoot\System32\Drivers\aswSP.SYS
0xF7BED000 \SystemRoot\System32\Drivers\Aavmker4.SYS
0xF7A35000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xEE87F000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF7D3D000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xEED2B000 \SystemRoot\System32\drivers\Dxapi.sys
0xF7AA5000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7ED4000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\ati2dvag.dll
0xBF04A000 \SystemRoot\System32\ati2cqag.dll
0xBF084000 \SystemRoot\System32\ati3duag.dll
0xBF2A7000 \SystemRoot\System32\ativvaxx.dll
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xED7BF000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0xF7A05000 \SystemRoot\system32\drivers\drvnddm.sys
0xF7E3F000 \SystemRoot\system32\dla\tfsndres.sys
0xED729000 \SystemRoot\system32\dla\tfsnifs.sys
0xEE8B7000 \SystemRoot\system32\dla\tfsnopio.sys
0xF7D77000 \SystemRoot\system32\dla\tfsnpool.sys
0xF7AD5000 \SystemRoot\system32\dla\tfsnboio.sys
0xF7A25000 \SystemRoot\system32\dla\tfsncofs.sys
0xF7E43000 \SystemRoot\system32\dla\tfsndrct.sys
0xED710000 \SystemRoot\system32\dla\tfsnudf.sys
0xED6F7000 \SystemRoot\system32\dla\tfsnudfa.sys
0xED500000 \SystemRoot\System32\Drivers\aswMon2.SYS
0xED293000 \SystemRoot\system32\drivers\wdmaud.sys
0xED428000 \SystemRoot\system32\drivers\sysaudio.sys
0xED058000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xECEE9000 \SystemRoot\system32\DRIVERS\srv.sys
0xF7ACD000 \SystemRoot\System32\Drivers\aswRdr.SYS
0xECA70000 \SystemRoot\System32\Drivers\HTTP.sys
0xEC829000 \??\C:\DOCUME~1\DEANSA~1\LOCALS~1\Temp\pxtdapog.sy s
0xEC805000 \SystemRoot\System32\Drivers\Fastfat.SYS
0x7C900000 \WINDOWS\SYSTEM32\ntdll.dll

Processes (total 43):
0 System Idle Process
4 System
616 C:\WINDOWS\SYSTEM32\smss.exe
664 csrss.exe
688 C:\WINDOWS\SYSTEM32\winlogon.exe
736 C:\WINDOWS\SYSTEM32\services.exe
748 C:\WINDOWS\SYSTEM32\lsass.exe
948 C:\WINDOWS\SYSTEM32\ati2evxx.exe
964 C:\WINDOWS\SYSTEM32\svchost.exe
1036 svchost.exe
1132 C:\WINDOWS\SYSTEM32\svchost.exe
1192 svchost.exe
1368 svchost.exe
1436 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
1716 C:\WINDOWS\SYSTEM32\spoolsv.exe
396 C:\WINDOWS\explorer.exe
1000 svchost.exe
1096 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
1108 C:\Program Files\Bonjour\mDNSResponder.exe
1160 C:\WINDOWS\SYSTEM32\CTSVCCDA.EXE
1208 C:\Program Files\GE Security Supra\SyncService.exe
1672 C:\WINDOWS\SYSTEM32\dlbxcoms.exe
1800 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
1912 C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
1932 C:\Program Files\GE Security Supra\ProxyDaemon.exe
1984 C:\SSL\stunnel-4.10.exe
208 C:\WINDOWS\SYSTEM32\svchost.exe
2384 alg.exe
2664 C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
2816 C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
2916 C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.exe
2952 C:\WINDOWS\SYSTEM32\CTHELPER.EXE
2992 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
3052 C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
3080 C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe
3108 C:\WINDOWS\SYSTEM32\dla\tfswctrl.exe
3156 C:\Program Files\iTunes\iTunesHelper.exe
3196 C:\PROGRA~1\ALWILS~1\Avast5\AvastUI.exe
3224 C:\Program Files\Dell Support\DSAgnt.exe
3240 C:\WINDOWS\SYSTEM32\ctfmon.exe
3464 C:\Program Files\iPod\bin\iPodService.exe
3728 C:\WINDOWS\SYSTEM32\wuauclt.exe
3936 C:\Documents and Settings\Dean Saglio\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`04699200 (NTFS)

PhysicalDrive0 Model Number: ST3160023AS, Rev: 8.12

Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 Dell MBR code detected
SHA1: 84B95CE8A54B7C5C3AAF149934FC46FB70FF8365

Done!

**broni** · 10-09-2010

ComboFix 10-09-09.03 - Dean Saglio 09/10/2010 1:48.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.564 [GMT -4:00]
Running from: c:\documents and settings\Dean Saglio\Desktop\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((( Files Created from 2010-08-10 to 2010-09-10 )))))))))))))))))))))))))))))))
.

2010-09-10 01:27 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-10 01:27 . 2010-09-10 01:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-10 01:27 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-09 06:53 . 2010-09-09 06:53 -------- d-----w- c:\documents and settings\Dean Saglio\Application Data\Uniblue
2010-09-09 03:49 . 2010-09-09 03:49 -------- d-----w- c:\windows\system32\scripting
2010-09-09 03:49 . 2010-09-09 03:49 -------- d-----w- c:\windows\l2schemas
2010-09-09 03:49 . 2010-09-09 03:49 -------- d-----w- c:\windows\system32\en
2010-09-09 03:49 . 2010-09-09 03:49 -------- d-----w- c:\windows\system32\bits
2010-09-08 20:41 . 2010-06-14 14:31 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe
2010-09-08 20:26 . 2010-09-07 14:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-08 20:26 . 2010-09-07 14:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-09-08 20:26 . 2010-09-07 14:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-08 20:26 . 2010-09-07 14:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-08 20:26 . 2010-09-07 14:47 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-09-08 20:26 . 2010-09-07 14:47 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-09-08 20:26 . 2010-09-07 14:46 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-09-08 20:26 . 2010-09-07 15:12 38848 ----a-w- c:\windows\avastSS.scr
2010-09-08 20:26 . 2010-09-07 15:11 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-08 20:26 . 2010-09-08 20:26 -------- d-----w- c:\program files\Alwil Software
2010-09-08 20:26 . 2010-09-08 20:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-08-12 03:53 . 2010-08-12 03:53 -------- d-----w- c:\documents and settings\Dean Saglio\Local Settings\Application Data\WinZip

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2010-09-10 01:41 . 2009-08-12 16:16 384 ----a-w- c:\windows\system32\DVCStateBkp-{00000003-00000000-00000000-00001102-00000004-20061102}.dat
2010-09-10 01:41 . 2009-08-12 16:16 384 ----a-w- c:\windows\system32\DVCState-{00000003-00000000-00000000-00001102-00000004-20061102}.dat
2010-09-09 07:09 . 2007-02-03 22:45 75424 ----a-w- c:\documents and settings\Dean Saglio\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-09-09 03:51 . 2004-08-11 23:25 87851 ----a-w- c:\windows\PCHEALTH\HELPCTR\OfflineCache\index.dat
2010-09-08 09:40 . 2008-09-24 04:21 -------- d-----w- c:\program files\PokerStars
2010-08-30 21:05 . 2007-03-26 14:55 -------- d-----w- c:\program files\dl_Cats
2010-08-12 03:53 . 2009-01-30 15:07 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2010-06-14 14:31 . 2004-08-04 11:00 744448 ----a-w- c:\windows\PCHEALTH\HELPCTR\BINARIES\helpsvc.exe
.

((((((((((((((((((((((((((((( SnapShot@2010-03-17_05.46.27 )))))))))))))))))))))))))))))))))))))))))
.
[omitted]
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"DellSupport"="c:\program files\Dell Support\DSAgnt.exe" [2004-07-19 306688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\j2re1.4.2_03\bin\jusched.exe" [2003-11-19 32881]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 339968]
"CTSysVol"="c:\program files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"CTDVDDET"="c:\program files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE" [2003-06-18 45056]
"CTHelper"="CTHELPER.EXE" [2004-03-11 28672]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-10-12 57344]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2004-01-07 110592]
"MMTray"="c:\program files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" [2004-09-14 131072]
"mmtask"="c:\program files\Musicmatch\Musicmatch Jukebox\mmtask.exe" [2004-09-14 53248]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"DLBXCATS"="c:\windows\System32\spool\DRIVERS\W32X 86\3\DLBXtime.dll" [2007-02-12 73728]
"dlbxmon.exe"="c:\program files\Dell Photo AIO Printer 962\dlbxmon.exe" [2004-08-27 417792]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI. exe" [2010-09-07 2838912]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2004-11-11 806912]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\SYSTEM32\\dlbxcoms.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\SYSTEM32\\DPVSETUP.EXE"=

R1 aswSP;aswSP;c:\windows\SYSTEM32\DRIVERS\aswSP.sys [9/8/2010 4:26 PM 165584]
R2 aswFsBlk;aswFsBlk;c:\windows\SYSTEM32\DRIVERS\aswF sBlk.sys [9/8/2010 4:26 PM 17744]
.
Contents of the 'Scheduled Tasks' folder

2010-09-07 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

2010-09-10 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-05-06 02:18]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*Yahoo! SearchBar Home Page
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: turbotax.com
DPF: {4989312D-58CF-11D5-A7D7-00E02911103E} - hxxp://ctmls.mlxchange.com/Control/MultiSelectComboBox.cab
DPF: {63F5866B-A7C5-40B4-9A89-0CCA99726C8D} - hxxps://secure.logmeinrescue.com/Customer/x86/RescueDownloader.cab
DPF: {6FD482A3-7B57-438B-B040-52CAA30147EE} - hxxp://ctmls.mlxchange.com/Control/MLXClientUtils.cab
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-RegistryBooster - c:\program files\Uniblue\RegistryBooster\launcher.exe
SafeBoot-MCODS
MSConfigStartUp-mcagent_exe - c:\program files\McAfee.com\Agent\mcagent.exe

************************************************** ************************
scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLBXCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLBXtim e.dll,_RunDLLEntry@16????????????????????????????? ?????????????????????????????????????????????????? ?????????????????????????????????????????????????? ??????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files:

************************************************** ************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\a bp480n5]
"ImagePath"="System32\Drivers\ABP480N5.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\a dpu160m]
"ImagePath"="System32\Drivers\ADPU160M.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\A ha154x]
"ImagePath"="System32\Drivers\AHA154X.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\a ic78u2]
"ImagePath"="System32\Drivers\AIC78U2.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\a ic78xx]
"ImagePath"="System32\Drivers\AIC78XX.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\a msint]
"ImagePath"="System32\Drivers\AMSINT.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\a sc]
"ImagePath"="System32\Drivers\ASC.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\a sc3350p]
"ImagePath"="System32\Drivers\ASC3350P.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\a sc3550]
"ImagePath"="System32\Drivers\ASC3550.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\c bidf]
"ImagePath"="System32\Drivers\CBIDF2K.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\c d20xrnt]
"ImagePath"="System32\Drivers\CD20XRNT.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\C pqarray]
"ImagePath"="System32\Drivers\CPQARRAY.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\d ac2w2k]
"ImagePath"="System32\Drivers\DAC2W2K.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\d ac960nt]
"ImagePath"="System32\Drivers\DAC960NT.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\d pti2o]
"ImagePath"="System32\Drivers\DPTI2O.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\h pn]
"ImagePath"="System32\Drivers\HPN.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\i 2omp]
"ImagePath"="System32\Drivers\I2OMP.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\i ni910u]
"ImagePath"="System32\Drivers\INI910U.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\m raid35x]
"ImagePath"="System32\Drivers\MRAID35X.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\p erc2]
"ImagePath"="System32\Drivers\PERC2.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\p erc2hib]
"ImagePath"="System32\Drivers\PERC2HIB.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\q l1080]
"ImagePath"="System32\Drivers\QL1080.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Q l10wnt]
"ImagePath"="System32\Drivers\QL10WNT.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\q l12160]
"ImagePath"="System32\Drivers\QL12160.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\q l1240]
"ImagePath"="System32\Drivers\QL1240.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\q l1280]
"ImagePath"="System32\Drivers\QL1280.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S parrow]
"ImagePath"="System32\Drivers\SPARROW.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\s ymc810]
"ImagePath"="System32\Drivers\SYMC810.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\s ymc8xx]
"ImagePath"="System32\Drivers\SYMC8XX.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\s ym_hi]
"ImagePath"="System32\Drivers\SYM_HI.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\s ym_u3]
"ImagePath"="System32\Drivers\SYM_U3.svs"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\u ltra]
"ImagePath"="System32\Drivers\ULTRA.svs"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1952)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2010-09-10 01:54:56
ComboFix-quarantined-files.txt 2010-09-10 05:54
ComboFix2.txt 2010-03-17 05:53

Pre-Run: 126,434,299,904 bytes free
Post-Run: 126,394,773,504 bytes free

- - End Of File - - F279F8E605A278970BE14F9BB8FB7CC1

**broni** · 10-09-2010

OTL logfile created on: 9/10/2010 12:42:11 AM - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Dean Saglio\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 600.00 Mb Available Physical Memory | 59.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 89.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.33 Gb Total Space | 117.81 Gb Free Space | 81.06% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DEAN
Current User Name: Dean Saglio
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/09/10 00:36:31 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dean Saglio\Desktop\OTL.exe
PRC - [2010/09/07 11:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/02/28 18:43:30 | 000,538,096 | ---- | M] ( ) -- C:\WINDOWS\SYSTEM32\dlbxcoms.exe
PRC - [2005/09/15 16:41:38 | 000,053,248 | ---- | M] (GE Security Supra) -- c:\Program Files\GE Security Supra\SyncService.exe
PRC - [2005/09/15 16:41:38 | 000,011,776 | ---- | M] (GE Security Supra) -- C:\Program Files\GE Security Supra\ProxyDaemon.exe
PRC - [2005/05/18 09:32:22 | 000,073,216 | ---- | M] () -- C:\SSL\stunnel-4.10.exe
PRC - [2004/09/14 10:50:48 | 000,131,072 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
PRC - [2004/07/19 09:51:24 | 000,306,688 | ---- | M] (Gteko Ltd.) -- C:\Program Files\Dell Support\DSAgnt.exe
PRC - [2004/03/11 11:50:52 | 000,028,672 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\CTHELPER.EXE
PRC - [2003/11/19 19:48:14 | 000,032,881 | ---- | M] () -- C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
PRC - [2003/09/17 12:43:36 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
PRC - [2003/06/18 03:00:00 | 000,045,056 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.exe

========== Modules (SafeList) ==========

MOD - [2010/09/10 00:36:31 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dean Saglio\Desktop\OTL.exe
MOD - [2008/04/13 20:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\msscript.ocx
MOD - [2003/11/13 20:19:06 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\CTAGENT.DLL

========== Win32 Services (SafeList) ==========

SRV - [2010/09/07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2007/02/28 18:43:30 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\dlbxcoms.exe -- (dlbx_device)
SRV - [2005/09/15 16:41:38 | 000,053,248 | ---- | M] (GE Security Supra) [Auto | Running] -- c:\Program Files\GE Security Supra\SyncService.exe -- (DkeySync)
SRV - [2002/12/17 21:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlagent.EXE -- (SQLAgent$MICROSOFTBCM)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\ULTRA.svs -- (ultra)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\SYMC8XX.svs -- (symc8xx)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\SYMC810.svs -- (symc810)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\SYM_U3.svs -- (sym_u3)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\SYM_HI.svs -- (sym_hi)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\SPARROW.svs -- (Sparrow)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\QL1280.svs -- (ql1280)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\QL1240.svs -- (ql1240)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\QL12160.svs -- (ql12160)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\QL10WNT.svs -- (Ql10wnt)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\QL1080.svs -- (ql1080)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\PERC2HIB.svs -- (perc2hib)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\PERC2.svs -- (perc2)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\MRAID35X.svs -- (mraid35x)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\INI910U.svs -- (ini910u)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\I2OMP.svs -- (i2omp)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\HPN.svs -- (hpn)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\DPTI2O.svs -- (dpti2o)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\DAC960NT.svs -- (dac960nt)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\DAC2W2K.svs -- (dac2w2k)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\CPQARRAY.svs -- (Cpqarray)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\CD20XRNT.svs -- (cd20xrnt)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\CBIDF2K.svs -- (cbidf)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTAL~E\Core\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\ASC3550.svs -- (asc3550)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\ASC3350P.svs -- (asc3350p)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\ASC.svs -- (asc)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\AMSINT.svs -- (amsint)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\AIC78XX.svs -- (aic78xx)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\AIC78U2.svs -- (aic78u2)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\AHA154X.svs -- (Aha154x)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\ADPU160M.svs -- (adpu160m)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\ABP480N5.svs -- (abp480n5)
DRV - [2010/09/07 10:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/07 10:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/07 10:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/07 10:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/09/07 10:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/09/07 10:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008/04/13 14:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys -- (gameenum)
DRV - [2008/04/13 14:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 14:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2005/08/08 14:37:12 | 000,089,808 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\slabser.sys -- (slabser)
DRV - [2005/08/08 14:37:12 | 000,055,312 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\slabbus.sys -- (slabbus) DisplayKEY USB Cradle driver (WDM)
DRV - [2004/12/06 03:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/12/06 03:05:00 | 000,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/12/06 03:05:00 | 000,086,586 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/12/06 03:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/12/06 03:05:00 | 000,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/12/06 03:05:00 | 000,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/12/06 03:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/12/06 03:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/12/06 03:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/12/01 05:22:00 | 000,087,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/11/23 04

00 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\drvnddm.sys -- (drvnddm)
DRV - [2004/08/25 15:28:46 | 000,787,456 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV - [2004/08/12 17:40:50 | 000,904,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ha10kx2k.sys -- (ha10kx2k)
DRV - [2004/08/06 12:43:26 | 000,366,384 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2004/08/04 00:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS -- (nv)
DRV - [2004/07/14 13:29:04 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/07/14 13:28:50 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssrtln.sys -- (ssrtln)
DRV - [2004/07/13 12:15:48 | 000,148,432 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\haP16v2k.sys -- (hap16v2k)
DRV - [2004/07/13 12:13:14 | 000,145,488 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\emupia2k.sys -- (emupia)
DRV - [2004/07/13 12:12:36 | 000,130,288 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctsfm2k.sys -- (ctsfm2k)
DRV - [2004/07/13 12:11:58 | 000,006,096 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctprxy2k.sys -- (ctprxy2k)
DRV - [2004/07/13 12:11:28 | 000,178,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctoss2k.sys -- (ossrv)
DRV - [2004/07/13 12:09:32 | 000,645,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctac32k.sys -- (ctac32k)
DRV - [2003/11/12 22:11:54 | 000,333,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctdvda2k.sys -- (ctdvda2k)
DRV - [2002/11/08 15:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2001/08/17 15:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 15:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = The top news headlines on current events from Yahoo! News - Yahoo! News [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = The top news headlines on current events from Yahoo! News - Yahoo! News [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo! UK & Ireland
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = Yahoo! SearchBar Home Page

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo! UK & Ireland
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyOverride" = *.local

O1 HOSTS File: ([2010/03/17 01:45:29 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DLBXCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBXtim e.DLL ()
O4 - HKLM..\Run: [dlbxmon.exe] C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe (Dell)
O4 - HKLM..\Run: [MMTray] C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe ()
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: Interealty.com ([]* is out of zone range - 5)
O15 - HKCU\..Trusted Domains: MLXchange.com ([]* is out of zone range - 5)
O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/downlo...OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} Page not found | Facebook (Facebook Photo Uploader 5 Control)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/download/ipixx.cab (iPIX ActiveX Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/s...irector/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {4989312D-58CF-11D5-A7D7-00E02911103E} http://ctmls.mlxchange.com/Control/M...ctComboBox.cab (Interealty MultiSelect)
O16 - DPF: {63F5866B-A7C5-40B4-9A89-0CCA99726C8D} https://secure.logmeinrescue.com/Cus...Downloader.cab (LogMeIn Rescue Applet Downloader)
O16 - DPF: {6FD482A3-7B57-438B-B040-52CAA30147EE} http://ctmls.mlxchange.com/Control/MLXClientUtils.cab (MLXchange Client Utils)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} Java Plug-in Technology (Java Plug-in 1.4.2_03)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} http://web1.shutterfly.com/downloads/Uploader.cab (Shutterfly Picture Upload Plugin)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} Java Plug-in Technology (Java Plug-in 1.4.2_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get...sh/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\DELL.BMP
O24 - Desktop BackupWallPaper: C:\WINDOWS\DELL.BMP
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 19:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\SYSTEM32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\SYSTEM32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\TSSOFT32.ACM (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\IR32_32.DLL ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\IR32_32.DLL ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 90 Days ==========

[2010/09/10 00:36:30 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dean Saglio\Desktop\OTL.exe
[2010/09/09 21:27:53 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/09/09 21:27:52 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/09/09 21:27:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/09/09 21:13:44 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Dean Saglio\Desktop\mbam-setup-1.46.exe
[2010/09/09 02:53:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dean Saglio\Application Data\Uniblue
[2010/09/09 02:50:51 | 005,272,456 | ---- | C] (Uniblue Systems Ltd ) -- C:\Documents and Settings\Dean Saglio\Desktop\registrybooster.exe
[2010/09/09 02:19:24 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dean Saglio\Desktop\TFC.exe
[2010/09/09 00:10:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/09/08 23:49:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/09/08 23:49:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010/09/08 23:49:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/09/08 23:49:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010/09/08 23:38:51 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010/09/08 23:06:31 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/09/08 16:26:26 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/09/08 16:26:26 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/09/08 16:26:25 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/09/08 16:26:23 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/09/08 16:26:22 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/09/08 16:26:22 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/09/08 16:26:21 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/09/08 16:26:11 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/09/08 16:26:11 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010/09/08 16:26:06 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/09/08 16:26:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/08/16 01:42:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dean Saglio\My Documents\dawn
[2010/08/11 23:53:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dean Saglio\Local Settings\Application Data\WinZip
[2010/08/11 23:52:47 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2010/06/17 12:38:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/06/17 12:38:40 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/06/17 12:38:31 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/06/17 12:37:56 | 000,000,000 | ---D | C] -- C:\baa87da870458f9195a976
[2010/06/17 12:34:57 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2007/01/30 09:47:52 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\dlbxpmui.dll
[2007/01/30 09:46:00 | 001,224,704 | ---- | C] ( ) -- C:\WINDOWS\System32\dlbxserv.dll
[2007/01/30 09:38:18 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\dlbxcomm.dll
[2007/01/30 09:36:30 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\dlbxlmpm.dll
[2007/01/30 09:35:00 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\dlbxiesc.dll
[2007/01/30 09:32:06 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\dlbxpplc.dll
[2007/01/30 09:31:08 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\dlbxcomc.dll
[2007/01/30 09:30:30 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\dlbxprox.dll
[2007/01/30 09:22:32 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\dlbxinpa.dll
[2007/01/30 09

46 | 000,995,328 | ---- | C] ( ) -- C:\WINDOWS\System32\dlbxusb1.dll
[2007/01/30 09:17:02 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\dlbxhbn3.dll
[2005/03/14 15:47:01 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[1980/01/01 02:00:00 | 000,151,552 | ---- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll

========== Files - Modified Within 90 Days ==========

[2010/09/10 00:36:31 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dean Saglio\Desktop\OTL.exe
[2010/09/10 00:16:45 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Dean Saglio\Desktop\MBRCheck.exe
[2010/09/09 22:54:38 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2010/09/09 22:52:16 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2010/09/09 22:51:47 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/09 22:51:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2010/09/09 22:51:35 | 1071,796,224 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/09 21:51:43 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\Dean Saglio\Desktop\u4rmofup.exe
[2010/09/09 21:41:37 | 000,031,056 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000003-00000000-00000000-00001102-00000004-20061102}.rfx
[2010/09/09 21:41:37 | 000,031,056 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000003-00000000-00000000-00001102-00000004-20061102}.rfx
[2010/09/09 21:41:37 | 000,030,528 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000003-00000000-00000000-00001102-00000004-20061102}.rfx
[2010/09/09 21:41:37 | 000,030,528 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000003-00000000-00000000-00001102-00000004-20061102}.rfx
[2010/09/09 21:41:37 | 000,002,064 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2010/09/09 21:41:37 | 000,002,064 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2010/09/09 21:41:37 | 000,000,384 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000003-00000000-00000000-00001102-00000004-20061102}.dat
[2010/09/09 21:41:37 | 000,000,384 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000003-00000000-00000000-00001102-00000004-20061102}.dat
[2010/09/09 21:41:14 | 004,194,304 | -H-- | M] () -- C:\Documents and Settings\Dean Saglio\NTUSER.DAT
[2010/09/09 21:41:14 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Dean Saglio\NTUSER.INI
[2010/09/09 21:27:56 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/09/09 21:13:52 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Dean Saglio\Desktop\mbam-setup-1.46.exe
[2010/09/09 03:09:35 | 000,075,424 | ---- | M] () -- C:\Documents and Settings\Dean Saglio\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/09/09 02:50:57 | 005,272,456 | ---- | M] (Uniblue Systems Ltd ) -- C:\Documents and Settings\Dean Saglio\Desktop\registrybooster.exe
[2010/09/09 02:19:25 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dean Saglio\Desktop\TFC.exe
[2010/09/09 00:13:12 | 000,463,200 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2010/09/09 00:13:12 | 000,080,226 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2010/09/09 00:13:11 | 000,554,258 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/09/09 00:09:04 | 000,275,760 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/09 00:07:55 | 004,314,976 | -H-- | M] () -- C:\Documents and Settings\Dean Saglio\Local Settings\Application Data\IconCache.db
[2010/09/08 23:44:58 | 000,250,048 | RHS- | M] () -- C:\NTLDR
[2010/09/08 16:31:59 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/09/08 16:26:26 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/09/08 16:17:39 | 054,835,272 | ---- | M] () -- C:\Documents and Settings\Dean Saglio\Desktop\setup_av_free.exe
[2010/09/08 15:33:49 | 001,373,616 | ---- | M] () -- C:\Documents and Settings\Dean Saglio\Desktop\MCPR.exe
[2010/09/07 13:37:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/09/07 11:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010/09/07 11:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/09/07 10:52:25 | 000,046,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/09/07 10:52:03 | 000,165,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/09/07 10:47:46 | 000,023,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/09/07 10:47:19 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/09/07 10:47:16 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/09/07 10:47:07 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/09/07 10:46:51 | 000,028,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/09/04 03:44:03 | 000,000,594 | ---- | M] () -- C:\WINDOWS\WIN.INI
[2010/08/28 14:35:06 | 000,125,472 | ---- | M] () -- C:\Documents and Settings\Dean Saglio\Desktop\dkongfull.asm-new.zip
[2010/08/28 13:31:09 | 000,368,448 | ---- | M] () -- C:\Documents and Settings\Dean Saglio\Desktop\DK_Articles.zip
[2010/08/11 23:53:05 | 000,001,732 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\WinZip.lnk
[2010/08/11 22:55:56 | 014,501,192 | ---- | M] () -- C:\Documents and Settings\Dean Saglio\Desktop\winzip145.exe

========== Files Created - No Company Name ==========

[2010/09/10 00:16:45 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Dean Saglio\Desktop\MBRCheck.exe
[2010/09/09 21:51:42 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Dean Saglio\Desktop\u4rmofup.exe
[2010/09/09 21:27:56 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/09/08 16:26:26 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/09/08 16:17:23 | 054,835,272 | ---- | C] () -- C:\Documents and Settings\Dean Saglio\Desktop\setup_av_free.exe
[2010/09/08 15:33:49 | 001,373,616 | ---- | C] () -- C:\Documents and Settings\Dean Saglio\Desktop\MCPR.exe
[2010/08/28 14:35:05 | 000,125,472 | ---- | C] () -- C:\Documents and Settings\Dean Saglio\Desktop\dkongfull.asm-new.zip
[2010/08/28 13:31:05 | 000,368,448 | ---- | C] () -- C:\Documents and Settings\Dean Saglio\Desktop\DK_Articles.zip
[2010/08/11 23:53:05 | 000,001,732 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\WinZip.lnk
[2010/04/27 19:30:53 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Dean Saglio\Local Settings\Application Data\fusioncache.dat
[2010/03/08 23:27:47 | 000,012,078 | -HS- | C] () -- C:\Documents and Settings\Dean Saglio\Local Settings\Application Data\o7yIC10ETb
[2008/11/11 04:27:43 | 000,000,316 | ---- | C] () -- C:\WINDOWS\WPente.INI
[2008/02/04 18:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/12/13 22:50:20 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini
[2007/11/13 14:08:58 | 000,000,020 | ---- | C] () -- C:\WINDOWS\SpaceTaxiDemo.INI
[2007/06/14 18:12:23 | 000,001,748 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/06/09 18:52:02 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\libssl32.dll
[2007/03/19 16:11:37 | 000,069,856 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrSge10d.sys
[2007/02/19 02:26:42 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dlbxinsr.dll
[2007/02/19 02:26:36 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dlbxcur.dll
[2007/02/19 02:26:16 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\dlbxjswr.dll
[2007/02/19 02:23:24 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlbxinsb.dll
[2007/02/19 02:23:18 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dlbxcub.dll
[2007/02/19 02:23:10 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\dlbxcu.dll
[2007/02/19 02:23:08 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\dlbxins.dll
[2007/02/19 02

58 | 000,434,176 | ---- | C] () -- C:\WINDOWS\System32\dlbxutil.dll
[2007/02/07 12:57:16 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\dlbxcoin.dll
[2007/01/22 02:18:02 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dlbxcfg.dll
[2005/08/18 06:26:46 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbxvs.dll
[2005/03/29 00:58:20 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005/03/29 00:58:10 | 000,847,872 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/03/14 16:05:19 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/03/14 16:03:00 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/03/14 15:50:44 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/03/14 15:47:25 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2005/03/14 15:47:03 | 000,014,424 | ---- | C] () -- C:\WINDOWS\System32\Aud2_Del.ini
[2005/03/14 15:47:03 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2005/03/14 15:47:02 | 000,000,194 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2005/03/14 15:46:38 | 000,000,136 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2005/03/14 15:17:52 | 000,000,370 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/02/24 16:23:46 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\dlbxcnv4.dll
[2004/09/16 00:03:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/11 19:25:56 | 000,000,791 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/08/04 07:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI
[2003/01/07 17:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1980/01/01 02:00:00 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[1980/01/01 02:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

========== LOP Check ==========

[2010/09/08 16:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009/01/08 03:42:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gogii Games
[2007/04/15 13:45:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TurboTax 2006
[2010/08/11 23:53:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/02/04 21:45:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2007/11/13 14:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{A047F26D-4602-4aaf-ACE7-F6F2ECEC34F9}
[2009/01/08 03:42:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dean Saglio\Application Data\Gogii Games
[2009/03/11 03:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dean Saglio\Application Data\Leadertech
[2007/11/13 14:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dean Saglio\Application Data\Twilight Games
[2010/09/09 02:53:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dean Saglio\Application Data\Uniblue
[2010/04/27 22:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dean Saglio\Application Data\Wizards of the Coast
[2010/09/09 22:54:38 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2004/08/11 19:15:00 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/03/16 22:15:08 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/03/17 01:20:36 | 000,000,281 | RHS- | M] () -- C:\BOOT.INI
[2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
[2010/03/17 01:53:01 | 000,119,805 | ---- | M] () -- C:\ComboFix.txt
[2004/08/11 19:15:00 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2005/03/14 15

52 | 000,004,920 | RH-- | M] () -- C:\DELL.SDR
[2010/09/09 22:52:21 | 000,015,750 | ---- | M] () -- C:\dlbxscan.log
[2010/09/09 22:51:35 | 1071,796,224 | -HS- | M] () -- C:\hiberfil.sys
[2004/08/11 19:27:32 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2004/08/11 19:15:00 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
[2004/08/11 19:15:00 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2004/08/04 07:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010/09/08 23:44:58 | 000,250,048 | RHS- | M] () -- C:\NTLDR
[2010/09/09 22:51:34 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys
[2007/11/11 18:14:24 | 000,000,000 | ---- | M] () -- C:\wizard.txt
[2007/12/26 02:37:58 | 000,000,162 | ---- | M] () -- C:\YServer.txt

< %systemroot%\Fonts\*.com >

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2004/08/11 19:14:22 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\DESKTOP.INI

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2007/01/30 05:03:04 | 000,118,272 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\dlbxPP5C .DLL
[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\filterpi pelineprintproc.dll
[2003/06/18 19:31:48 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\mdippr.d ll
[2008/07/06 06:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\printfil terpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2010/09/07 11:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2004/08/11 19:06:14 | 000,094,208 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.SAV
[2004/08/11 19:06:14 | 000,659,456 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.SAV
[2004/08/11 19:06:14 | 000,876,544 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.SAV

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2010/09/08 23:49:58 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\DESKTOP.INI

< %systemroot%\system32\config\systemprofile\*.dat /x >
[2005/03/14 15:43:24 | 000,000,310 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\convert.l og

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2005/05/15 23:45:37 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Dean Saglio\Application Data\Microsoft\Internet Explorer\Quick Launch\DESKTOP.INI
[2004/08/11 19:20:42 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Dean Saglio\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >
[2010/03/17 01:11:07 | 003,892,956 | R--- | M] () -- C:\Documents and Settings\Dean Saglio\Desktop\ComboFix.exe
[2010/04/27 22:25:29 | 023,510,720 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Dean Saglio\Desktop\dotnetfx.exe
[2010/09/09 21:13:52 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Dean Saglio\Desktop\mbam-setup-1.46.exe
[2010/09/10 00:16:45 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Dean Saglio\Desktop\MBRCheck.exe
[2010/09/08 15:33:49 | 001,373,616 | ---- | M] () -- C:\Documents and Settings\Dean Saglio\Desktop\MCPR.exe
[2010/09/10 00:36:31 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dean Saglio\Desktop\OTL.exe
[2010/09/09 02:50:57 | 005,272,456 | ---- | M] (Uniblue Systems Ltd ) -- C:\Documents and Settings\Dean Saglio\Desktop\registrybooster.exe
[2010/09/08 16:17:39 | 054,835,272 | ---- | M] () -- C:\Documents and Settings\Dean Saglio\Desktop\setup_av_free.exe
[2007/11/13 14:05:25 | 012,337,999 | ---- | M] ( ) -- C:\Documents and Settings\Dean Saglio\Desktop\spacetaxi10.exe
[2009/05/26 23:25:26 | 000,535,552 | ---- | M] (TeamSpeak Systems) -- C:\Documents and Settings\Dean Saglio\Desktop\TeamSpeak.exe
[2010/09/09 02:19:25 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dean Saglio\Desktop\TFC.exe
[2009/05/26 23:33:32 | 005,862,994 | ---- | M] () -- C:\Documents and Settings\Dean Saglio\Desktop\ts2_client_rc2_2032.exe
[2010/09/09 21:51:43 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\Dean Saglio\Desktop\u4rmofup.exe
[2009/04/02 13:50:02 | 004,939,045 | ---- | M] (Hmelyoff Labs ) -- C:\Documents and Settings\Dean Saglio\Desktop\VHSC_inst.exe
[2009/05/06 02:16:02 | 013,194,592 | ---- | M] () -- C:\Documents and Settings\Dean Saglio\Desktop\winzip120.exe
[2009/09/08 17:36:49 | 013,727,048 | ---- | M] () -- C:\Documents and Settings\Dean Saglio\Desktop\winzip121.exe
[2010/08/11 22:55:56 | 014,501,192 | ---- | M] () -- C:\Documents and Settings\Dean Saglio\Desktop\winzip145.exe
[2009/04/03 02:00:03 | 001,234,120 | ---- | M] () -- C:\Documents and Settings\Dean Saglio\Desktop\wrar380.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2004/08/04 07:00:00 | 000,000,791 | ---- | M] () -- C:\WINDOWS\ADDINS\FXSEXT.ECF

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2005/05/15 23:45:36 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Dean Saglio\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2008/07/09 10:50:06 | 000,000,448 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2009/04/20 12:19:06 | 000,000,067 | -HS- | M] () -- C:\Documents and Settings\Dean Saglio\Cookies\desktop.ini
[2010/09/10 00:37:10 | 000,344,064 | ---- | M] () -- C:\Documents and Settings\Dean Saglio\Cookies\INDEX.DAT

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2007/06/26 22:10:26 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\INF\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2008/04/13 20:11:51 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2004/08/04 03:06:34 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\LOGOWIN.GIF
[2004/08/04 03:06:34 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\LVBACK.GIF
[2008/05/02 10:01:49 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2008/04/13 13:30:28 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008/04/13 20:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2004/08/04 03:06:36 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\NEWALERT.WAV
[2004/08/04 03:06:36 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\NEWEMAIL.WAV
[2004/08/04 03:06:36 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\ONLINE.WAV
[2004/08/04 03:06:36 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\TYPE.WAV
[2004/08/04 03:06:36 | 000,115,981 | ---- | M] () -- C:\Program Files\Messenger\XPMSGR.CHM

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< End of report >

My other thread is broken...

My other thread is broken...

Similar Threads

Xbox360 broken

MSN broken down

broken fan??

Is my monitor broken??

My PC is broken