WiredWX Hobby Weather ToolsLog in

 


Help!!!! MY OTL has been scanning for 2 hours and still going. Is this bad

2 posters

descriptionHelp!!!! MY OTL has been scanning for 2 hours and still going. Is this bad EmptyHelp!!!! MY OTL has been scanning for 2 hours and still going. Is this bad

more_horiz
I have had serious Issues with my computer lately. I am new to this all. A virus popped up last night(Backdoor.Win32.Agent.axjv). My computer is extremely slow all the time and my browser always redirect. But right now I was wondering about the OTL scan. How long should it take and should it be 4 pages?



descriptionHelp!!!! MY OTL has been scanning for 2 hours and still going. Is this bad EmptyRe: Help!!!! MY OTL has been scanning for 2 hours and still going. Is this bad

more_horiz
Hello, and welcome to GeekPolice.

Please note the following information about the malware forum:
  • Only Tech Officers, Global Moderators, Administrators, and Malware Advisors are allowed to give advice on removing malware from your computer.
  • From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by the staff I noted above.
  • Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
  • If you have already asked for help somewhere, please post the link to the topic you were helped.
  • We try our best to reply quickly, but for any reason we do not reply in two days, do one of two things:

    Reply to this topic with the word BUMP, or
    see this topic.

  • Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.





Please download Cheetah-Anti-Rogue, and save to your Desktop.
  • Double-click on Cheetah.exe to start.
  • It will finish quickly and launch a log.
  • Post the contents of it in your next reply.

descriptionHelp!!!! MY OTL has been scanning for 2 hours and still going. Is this bad EmptyRe: Help!!!! MY OTL has been scanning for 2 hours and still going. Is this bad

more_horiz
I have a new issue. I tried to start up my computer to install Cheetah and it's stuck in an infinite loop rebooting. I get the options to start normally (don't work), Last working config (don't work) Safe mode command prompt, Safe mode Networking, and Safe mode ( Blue crash screen). Is it hopeless now or is there still a way to fix it?

descriptionHelp!!!! MY OTL has been scanning for 2 hours and still going. Is this bad EmptyRe: Help!!!! MY OTL has been scanning for 2 hours and still going. Is this bad

more_horiz
Okay got it up and running. Here is the cheetah log.
The OTL finished but is to big to post all at once is there an easy to poat the whole thing? By the way I appreciate the help.


Cheetah-Anti-Rogue v1.5.1
by DragonMaster Jay

Microsoft Windows [Version 6.0.6000]
Date: 07/23/2010 - Time: 18:30:46 - Arch.: x86


-- Malware removal tools check --
CCleaner
Malwarebytes' Anti-Malware
SUPERAntiSpyware


-- Known infection --



Extra message: Detection only.


EOF

descriptionHelp!!!! MY OTL has been scanning for 2 hours and still going. Is this bad EmptyRe: Help!!!! MY OTL has been scanning for 2 hours and still going. Is this bad

more_horiz
OTL logfile created on: 7/22/2010 4:39:26 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\ezlj\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,023.00 Mb Total Physical Memory | 106.00 Mb Available Physical Memory | 10.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 49.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 37.27 Gb Total Space | 4.73 Gb Free Space | 12.69% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 57.27 Gb Total Space | 57.18 Gb Free Space | 99.84% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HEED_BIN_HIDIN
Current User Name: ezlj
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/07/22 16:34:56 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\ezlj\Downloads\OTL.exe
PRC - [2010/07/14 08:05:33 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/03/29 08:53:22 | 000,350,704 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlusPlus_Adobe.exe
PRC - [2009/12/25 11:56:11 | 000,392,520 | ---- | M] (Verizon) -- C:\Program Files\Verizon\Verizon Internet Security Suite\Rps.exe
PRC - [2009/08/26 03:17:05 | 000,175,184 | ---- | M] (Radialpoint SafeCare Inc.) -- C:\Program Files\Verizon\Verizon Internet Security Suite\RpsSecurityAwareR.exe
PRC - [2009/07/06 14:30:18 | 000,557,056 | ---- | M] (Orbitdownloader.com) -- C:\Program Files\Orbitdownloader\orbitnet.exe
PRC - [2009/06/09 09:32:14 | 001,719,496 | ---- | M] (Orbitdownloader.com) -- C:\Program Files\Orbitdownloader\orbitdm.exe
PRC - [2009/04/22 10:37:48 | 000,371,440 | ---- | M] (Verizon) -- C:\Program Files\Verizon\Verizon Internet Security Suite\Fws.exe
PRC - [2009/04/03 14:51:32 | 000,143,360 | ---- | M] (Kaspersky Lab.) -- C:\Program Files\Verizon\Verizon Internet Security Suite\Kav\Bin\ScanningProcess.exe
PRC - [2009/03/12 12:31:56 | 000,308,464 | ---- | M] (Radialpoint Inc.) -- C:\Program Files\Verizon\VSP\VerizonServicepointComHandler.exe
PRC - [2009/03/12 12:31:54 | 002,303,216 | ---- | M] (Verizon) -- C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
PRC - [2008/11/14 18:28:12 | 000,592,408 | ---- | M] (Sana Security) -- C:\Program Files\Verizon\Verizon Internet Security Suite\SafeConnect\bin\SanaMonitor.exe
PRC - [2008/11/14 18:28:10 | 004,937,752 | R--- | M] (Sana Security) -- C:\Program Files\Verizon\Verizon Internet Security Suite\SafeConnect\bin\SanaAgent.exe
PRC - [2008/10/29 01:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/09/22 16:58:48 | 000,910,600 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe
PRC - [2008/09/22 16:58:46 | 000,066,824 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk2008\PD91AgentS1.exe
PRC - [2008/09/22 16:58:44 | 000,693,512 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
PRC - [2008/08/05 22:28:43 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\mcupdate.exe
PRC - [2008/04/05 11:14:49 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/02 04:45:21 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
PRC - [2006/11/02 04:45:21 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe


========== Modules (SafeList) ==========

MOD - [2010/07/22 16:34:56 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\ezlj\Downloads\OTL.exe
MOD - [2006/11/02 04:44:49 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2006/11/02 04:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2010/03/29 08:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Running] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2009/08/26 03:17:05 | 000,175,184 | ---- | M] (Radialpoint SafeCare Inc.) [On_Demand | Running] -- C:\Program Files\Verizon\Verizon Internet Security Suite\RpsSecurityAwareR.exe -- (Radialpoint Security Services)
SRV - [2009/04/22 10:37:48 | 000,371,440 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files\Verizon\Verizon Internet Security Suite\Fws.exe -- (RP_FWS)
SRV - [2008/11/14 18:28:10 | 004,937,752 | R--- | M] (Sana Security) [Auto | Running] -- C:\Program Files\Verizon\Verizon Internet Security Suite\SafeConnect\Bin\SanaAgent.exe -- (RadialpointSafeConnectAgent)
SRV - [2008/09/22 16:58:48 | 000,910,600 | ---- | M] (Raxco Software, Inc.) [On_Demand | Running] -- C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe -- (PD91Engine)
SRV - [2008/09/22 16:58:44 | 000,693,512 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe -- (PD91Agent)
SRV - [2008/04/05 11:14:48 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

descriptionHelp!!!! MY OTL has been scanning for 2 hours and still going. Is this bad EmptyRe: Help!!!! MY OTL has been scanning for 2 hours and still going. Is this bad

more_horiz


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2009/06/10 06:38:16 | 000,335,872 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr61.sys -- (rt61x86)
DRV - [2009/04/03 14:51:34 | 000,120,336 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2008/11/26 15:19:56 | 000,053,192 | ---- | M] (Radialpoint Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rp_skt32.sys -- (RPSKT) Security Services Driver (x86)
DRV - [2008/11/14 18:28:36 | 000,161,304 | R--- | M] (Sana Security, Inc. ) [Kernel | On_Demand | Running] -- C:\Program Files\Verizon\Verizon Internet Security Suite\SafeConnect\Driver\platform_VISTA\SafeConnectDriver.sys -- (RadialpointSafeConnectDriver)
DRV - [2008/11/14 18:28:36 | 000,029,720 | R--- | M] (Sana Security, Inc. ) [Kernel | On_Demand | Running] -- C:\Program Files\Verizon\Verizon Internet Security Suite\SafeConnect\Driver\platform_VISTA\SafeConnectFilter.sys -- (RadialpointSafeConnectFilter)
DRV - [2008/11/14 18:28:36 | 000,029,248 | ---- | M] (Sana Security, Inc. ) [Kernel | On_Demand | Running] -- C:\Program Files\Verizon\Verizon Internet Security Suite\SafeConnect\Driver\platform_VISTA\SafeConnectShim.sys -- (RadialpointSafeConnectShim)
DRV - [2008/09/17 23:55:00 | 007,379,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/08/28 13:16:40 | 000,071,184 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\DefragFS.sys -- (DefragFS)
DRV - [2008/08/01 19:51:14 | 001,052,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 04:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 04:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 04:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 04:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 02:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/01/20 00:10:50 | 000,363,008 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rt61.sys -- (RT61)
DRV - [2005/04/06 05:22:30 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005/01/28 04:48:58 | 002,310,272 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.nascar.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://channelsurfing.net/"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/22 00:04:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/22 16:28:54 | 000,000,000 | ---D | M]

[2010/05/16 13:50:09 | 000,000,000 | ---D | M] -- C:\Users\ezlj\AppData\Roaming\mozilla\Extensions
[2010/07/22 16:28:48 | 000,000,000 | ---D | M] -- C:\Users\ezlj\AppData\Roaming\mozilla\Firefox\Profiles\kasiuv91.default\extensions
[2010/06/26 21:07:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\ezlj\AppData\Roaming\mozilla\Firefox\Profiles\kasiuv91.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}(76)
[2010/05/17 18:49:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ezlj\AppData\Roaming\mozilla\Firefox\Profiles\kasiuv91.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/05/17 18:49:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ezlj\AppData\Roaming\mozilla\Firefox\Profiles\kasiuv91.default\extensions\{69D30031-F4A8-452a-A5B3-5D6787C3C5CF}
[2010/07/22 16:27:47 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\ezlj\AppData\Roaming\mozilla\Firefox\Profiles\kasiuv91.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/05/16 14:24:54 | 000,000,000 | ---D | M] -- C:\Users\ezlj\AppData\Roaming\mozilla\Firefox\Profiles(139)\1mmnrkn8.default\extensions
[2010/05/16 14:24:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\ezlj\AppData\Roaming\mozilla\Firefox\Profiles(139)\1mmnrkn8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/22 16:29:04 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/22 16:29:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (PopKill Class) - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Verizon\Verizon Internet Security Suite\pkR.dll (Verizon)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [VerizonServicepoint.exe] C:\Program Files\Verizon\VSP\VerizonServicepoint.exe (Verizon)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ares] C:\Program Files\Ares\Ares.exe File not found
O4 - HKLM..\RunOnce: [IndexCleaner] C:\Program Files\Verizon\Verizon Internet Security Suite\IdxClnR.exe (Verizon)
O4 - HKCU..\RunOnce: [IndexCleaner] C:\Program Files\Verizon\Verizon Internet Security Suite\IdxClnR.exe (Verizon)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\ezlj\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\ezlj\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{7195fa08-5373-11de-b9a2-f0298d190713}\Shell\AutoRun\command - "" = E:\browser.exe -- File not found
O33 - MountPoints2\{d197aff8-f3d1-11de-9707-94cd415ff965}\Shell\AutoRun\command - "" = WD_Windows_Tools\Setup.exe
O34 - HKLM BootExecute: (PDBoot.exe) - C:\Windows\System32\PDBoot.exe (Raxco Software, Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe File not found
MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - File not found
MsConfig - StartUpReg: NvMediaCenter - hkey= - key= - File not found
MsConfig - StartUpReg: NvSvc - hkey= - key= - File not found
MsConfig - StartUpReg: SoundMan - hkey= - key= - C:\Windows\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

descriptionHelp!!!! MY OTL has been scanning for 2 hours and still going. Is this bad EmptyRe: Help!!!! MY OTL has been scanning for 2 hours and still going. Is this bad

more_horiz
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error.
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 30 Days ==========

[2010/07/22 16:32:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/07/22 16:28:49 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010/07/22 16:28:49 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/07/22 16:28:46 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/07/22 16:28:46 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/07/22 00:09:00 | 000,000,000 | ---D | C] -- C:\Users\ezlj\AppData\Roaming\Malwarebytes
[2010/07/22 00:08:44 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/07/22 00:08:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/07/22 00:08:38 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/07/22 00:08:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/07/20 11:56:43 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/07/20 11:56:43 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/07/20 11:56:43 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/07/20 11:56:42 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/07/20 11:56:42 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/07/20 11:56:42 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/07/20 11:56:41 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/07/20 11:56:41 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/07/20 11:56:41 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/07/20 11:56:40 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/07/20 11:56:40 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/07/20 11:56:40 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/07/20 11:56:40 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/07/20 11:56:40 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/07/20 11:56:39 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/07/20 11:54:48 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2010/07/20 11:54:48 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2010/07/20 11:54:48 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2010/07/20 11:54:47 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2010/07/20 11:54:47 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2010/07/20 11:54:47 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2010/07/20 11:54:47 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2010/07/20 11:54:47 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2010/07/20 11:54:46 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010/07/20 11:54:46 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2010/07/20 11:54:46 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2010/07/20 11:54:46 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010/07/20 11:54:45 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2010/07/20 11:54:45 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2010/07/20 11:54:45 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2010/07/20 11:54:44 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2010/07/20 11:54:43 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010/07/20 11:54:43 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010/07/20 11:54:43 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010/07/20 11:54:43 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2010/07/20 11:54:42 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/07/20 11:54:41 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2010/07/20 11:54:41 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2010/07/20 11:54:41 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2010/07/20 11:54:41 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2010/07/20 11:54:41 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2010/07/20 00:34:32 | 000,000,000 | -H-D | C] -- C:\Users\ezlj\Documents\Runes of Magic
[2010/07/19 23:43:55 | 000,000,000 | ---D | C] -- C:\Program Files\Runes of Magic
[2010/07/18 18:34:12 | 000,000,000 | ---D | C] -- C:\Users\ezlj\AppData\Roaming\FOG Downloader

descriptionHelp!!!! MY OTL has been scanning for 2 hours and still going. Is this bad EmptyRe: Help!!!! MY OTL has been scanning for 2 hours and still going. Is this bad

more_horiz
]========== Files - Modified Within 30 Days ==========

[2010/07/22 17:08:42 | 002,359,296 | -HS- | M] () -- C:\Users\ezlj\NTUSER.DAT
[2010/07/22 16:44:56 | 176,160,800 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox.dat
[2010/07/22 16:31:33 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/22 16:31:04 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/22 16:16:47 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{113E4354-9D93-42A5-8055-ECA7406235C4}.job
[2010/07/22 16:11:17 | 000,001,691 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Orbit.lnk
[2010/07/22 16:11:01 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/07/22 16:11:00 | 000,003,680 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/07/22 16:11:00 | 000,003,680 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/07/22 16:10:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/07/22 00:58:10 | 002,359,628 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox.idx
[2010/07/22 00:56:09 | 000,961,627 | -H-- | M] () -- C:\Users\ezlj\AppData\Local\IconCache.db
[2010/07/22 00:08:50 | 000,000,827 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/22 00:04:32 | 000,001,757 | ---- | M] () -- C:\Users\ezlj\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/07/22 00:04:32 | 000,001,733 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/07/21 21:57:47 | 145,225,517 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/07/20 13:41:39 | 000,150,528 | ---- | M] () -- C:\Users\ezlj\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/20 13:19:34 | 000,716,948 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/07/20 13:19:34 | 000,618,410 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/07/20 13:19:34 | 000,103,818 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/07/20 12:22:01 | 000,000,952 | ---- | M] () -- C:\Users\ezlj\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/07/20 00:30:49 | 000,001,745 | ---- | M] () -- C:\Users\ezlj\Desktop\Runes of Magic.lnk
[2010/07/19 22:16:29 | 000,050,400 | ---- | M] () -- C:\Users\ezlj\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/07/19 21:36:43 | 002,359,296 | -HS- | M] () -- C:\Users\ezlj\ntuser.dat_previous

========== Files Created - No Company Name ==========

[2010/07/22 00:08:50 | 000,000,827 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/22 00:04:32 | 000,001,733 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/07/21 21:26:30 | 145,225,517 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/07/20 12:26:08 | 000,000,420 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{113E4354-9D93-42A5-8055-ECA7406235C4}.job
[2010/07/20 11:56:40 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010/07/20 00:30:53 | 000,001,745 | ---- | C] () -- C:\Users\ezlj\Desktop\Runes of Magic.lnk
[2009/02/24 16:49:29 | 000,056,320 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
[2008/11/21 16:47:52 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/11/21 16:45:16 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008/10/14 16:09:12 | 000,005,504 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen_x86.sys
[2008/04/06 14:23:37 | 000,000,000 | ---- | C] () -- C:\Windows\Irremote.ini
[2008/04/05 11:02:59 | 000,156,672 | ---- | C] () -- C:\Windows\System32\RTLCPAPI.dll
[2008/04/05 10:59:36 | 000,290,918 | ---- | C] () -- C:\Windows\System32\Install7x.dll
[2008/03/04 19:52:34 | 000,286,720 | ---- | C] () -- C:\Windows\System32\libcurl.dll
[2007/10/31 10:39:54 | 000,059,904 | ---- | C] () -- C:\Windows\System32\zlib1.dll
[2007/05/17 14:58:10 | 000,143,360 | ---- | C] () -- C:\Windows\System32\libexpatw.dll
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== Custom Scans ==========


< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2006/11/02 04:47:18 | 000,228,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2008/04/05 11:07:09 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006/11/02 05:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 05:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 05:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 05:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 05:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.sys >
[2006/11/02 02:09:42 | 000,009,029 | ---- | M] () -- C:\Windows\System32\ANSI.SYS
[2008/04/05 11:16:48 | 000,224,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys
[2006/11/02 02:09:45 | 000,027,097 | ---- | M] () -- C:\Windows\System32\country.sys
[2006/11/02 02:09:41 | 000,004,768 | ---- | M] () -- C:\Windows\System32\HIMEM.SYS
[2006/11/02 02:09:44 | 000,042,809 | ---- | M] () -- C:\Windows\System32\KEY01.SYS
[2006/11/02 02:09:44 | 000,042,537 | ---- | M] () -- C:\Windows\System32\KEYBOARD.SYS
[2006/11/02 02:09:29 | 000,027,866 | ---- | M] () -- C:\Windows\System32\NTDOS.SYS
[2006/11/02 02:09:35 | 000,029,146 | ---- | M] () -- C:\Windows\System32\NTDOS404.SYS
[2006/11/02 02:09:38 | 000,029,370 | ---- | M] () -- C:\Windows\System32\NTDOS411.SYS
[2006/11/02 02:09:40 | 000,029,274 | ---- | M] () -- C:\Windows\System32\NTDOS412.SYS
[2006/11/02 02:09:31 | 000,029,146 | ---- | M] () -- C:\Windows\System32\NTDOS804.SYS
[2006/11/02 02:09:20 | 000,033,952 | ---- | M] () -- C:\Windows\System32\NTIO.SYS
[2006/11/02 02:09:23 | 000,034,672 | ---- | M] () -- C:\Windows\System32\NTIO404.SYS
[2006/11/02 02:09:24 | 000,035,776 | ---- | M] () -- C:\Windows\System32\NTIO411.SYS
[2006/11/02 02:09:26 | 000,035,536 | ---- | M] () -- C:\Windows\System32\NTIO412.SYS
[2006/11/02 02:09:22 | 000,034,672 | ---- | M] () -- C:\Windows\System32\NTIO804.SYS
[2009/08/14 09:01:34 | 002,031,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

< %systemroot%\system32\drivers\*.dll >

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >

< %SYSTEMDRIVE%\*.* >
[2006/09/18 16:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2006/11/02 04:53:57 | 000,438,840 | RHS- | M] () -- C:\bootmgr
[2008/03/30 20:24:58 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006/09/18 16:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/05/04 13:56:52 | 000,071,745 | ---- | M] () -- C:\debug.log
[2008/04/06 14:21:46 | 000,000,077 | ---- | M] () -- C:\FilterLog.log
[2009/05/05 11:04:21 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/05/05 11:04:21 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/07/22 16:10:31 | 1387,200,512 | -HS- | M] () -- C:\pagefile.sys
[2009/06/07 19:03:46 | 011,153,593 | ---- | M] () -- C:\Untitled.m4v

< %PROGRAMFILES%\*. >
[2009/02/18 08:53:43 | 000,000,000 | ---D | M] -- C:\Program Files\AC3Filter
[2010/07/19 21:31:12 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/07/20 14:55:56 | 000,000,000 | ---D | M] -- C:\Program Files\Ares
[2010/05/12 18:50:26 | 000,000,000 | ---D | M] -- C:\Program Files\Audacity 1.3 Beta (Unicode)
[2009/06/07 20:15:41 | 000,000,000 | ---D | M] -- C:\Program Files\AVS4YOU
[2010/07/19 21:31:12 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2010/07/20 19:33:17 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2010/07/20 14:56:13 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2010/05/17 21:01:44 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2010/05/17 18:49:55 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/07/20 12:16:46 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/07/22 16:28:09 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2009/02/24 16:49:27 | 000,000,000 | ---D | M] -- C:\Program Files\Ligos
[2010/07/22 00:08:52 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/12/10 18:33:33 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2009/12/15 04:03:22 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2010/05/29 17:26:27 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2010/03/11 04:33:19 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2009/05/25 00:21:29 | 000,000,000 | ---D | M] -- C:\Program Files\Moyea
[2010/07/22 00:04:28 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2008/04/05 10:59:05 | 000,000,000 | ---D | M] -- C:\Program Files\MSI
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2008/04/06 14:20:12 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2009/05/18 20:50:10 | 000,000,000 | ---D | M] -- C:\Program Files\NCH Software
[2009/05/31 15:12:53 | 000,000,000 | ---D | M] -- C:\Program Files\NCH Swift Sound
[2010/07/22 16:28:28 | 000,000,000 | ---D | M] -- C:\Program Files\NOS
[2010/07/22 16:36:38 | 000,000,000 | ---D | M] -- C:\Program Files\Orbitdownloader
[2009/06/02 13:41:52 | 000,000,000 | ---D | M] -- C:\Program Files\Raxco
[2009/05/31 15:09:53 | 000,000,000 | ---D | M] -- C:\Program Files\Record-Anything
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2010/07/21 22:55:49 | 000,000,000 | ---D | M] -- C:\Program Files\Runes of Magic
[2010/07/03 14:55:39 | 000,000,000 | ---D | M] -- C:\Program Files\SUPERAntiSpyware
[2006/11/02 08:01:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2010/04/18 18:07:57 | 000,000,000 | ---D | M] -- C:\Program Files\Veetle
[2009/06/02 13:41:30 | 000,000,000 | ---D | M] -- C:\Program Files\Verizon
[2010/01/05 20:45:17 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2008/04/05 11:40:09 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2006/11/02 07:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2008/04/05 11:40:04 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2006/11/02 07:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2009/12/10 18:33:28 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2009/12/10 18:33:03 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2010/04/17 03:22:35 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2009/10/30 19:43:21 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2006/11/02 07:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2008/04/05 11:39:58 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2009/07/28 18:01:17 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR

< %appdata%\*.* >


< MD5 for: AGP440.SYS >
[2008/01/19 02:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\SoftwareDistribution\Download\1d2965af3b0981ed4711ff27dd3e27c6\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/19 02:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\SoftwareDistribution\Download\b1d48c0a5500e900499764daaa6a0385\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2006/11/02 04:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006/11/02 04:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2008/01/19 02:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\SoftwareDistribution\Download\b1d48c0a5500e900499764daaa6a0385\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 04:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/04/05 11:11:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\drivers\atapi.sys
[2008/04/05 11:11:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008/04/05 11:11:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008/04/05 11:11:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: DISK.SYS >
[2008/01/19 02:42:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\SoftwareDistribution\Download\1d2965af3b0981ed4711ff27dd3e27c6\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
[2008/01/19 02:42:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\SoftwareDistribution\Download\b1d48c0a5500e900499764daaa6a0385\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
[2006/11/02 04:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\drivers\disk.sys
[2006/11/02 04:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys

< MD5 for: IASTORV.SYS >
[2008/01/19 02:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\SoftwareDistribution\Download\1d2965af3b0981ed4711ff27dd3e27c6\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2008/01/19 02:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\SoftwareDistribution\Download\b1d48c0a5500e900499764daaa6a0385\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

descriptionHelp!!!! MY OTL has been scanning for 2 hours and still going. Is this bad EmptyRe: Help!!!! MY OTL has been scanning for 2 hours and still going. Is this bad

more_horiz

< MD5 for: NETLOGON.DLL >
[2006/11/02 04:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll
[2006/11/02 04:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2008/01/19 02:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\SoftwareDistribution\Download\b1d48c0a5500e900499764daaa6a0385\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 02:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\SoftwareDistribution\Download\b1d48c0a5500e900499764daaa6a0385\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/19 02:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\SoftwareDistribution\Download\b1d48c0a5500e900499764daaa6a0385\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 04:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll
[2006/11/02 04:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll

descriptionHelp!!!! MY OTL has been scanning for 2 hours and still going. Is this bad EmptyRe: Help!!!! MY OTL has been scanning for 2 hours and still going. Is this bad

more_horiz
{\rtf1\ansi\ansicpg1252\deff0\deflang1033{\fonttbl{\f0\fnil\fcharset0 Courier New;}{\f1\fswiss\fcharset0 Arial;}}
{\*\generator Msftedit 5.41.21.2507;}\viewkind4\uc1\pard\f0\fs20 \par
< MD5 for: USBSTOR.SYS >\par
[2008/04/05 11:14:18 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7887CE56934E7F104E98C975F47353C5 -- C:\\Windows\\System32\\drivers\\USBSTOR.SYS\par
[2008/04/05 11:14:18 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7887CE56934E7F104E98C975F47353C5 -- C:\\Windows\\System32\\DriverStore\\FileRepository\\usbstor.inf_8416e98e\\USBSTOR.SYS\par
[2008/04/05 11:14:18 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7887CE56934E7F104E98C975F47353C5 -- C:\\Windows\\winsxs\\x86_usbstor.inf_31bf3856ad364e35_6.0.6000.16478_none_465c5f209ade1e53\\USBSTOR.SYS\par
[2008/04/05 11:14:18 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7DA1833F2B2500C755AB6C81C5ABFC88 -- C:\\Windows\\winsxs\\x86_usbstor.inf_31bf3856ad364e35_6.0.6000.20588_none_46db2bffb403da0e\\USBSTOR.SYS\par
[2008/01/19 00:53:22 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=87BA6B83C5D19B69160968D07D6E2982 -- C:\\Windows\\SoftwareDistribution\\Download\\b1d48c0a5500e900499764daaa6a0385\\x86_usbstor.inf_31bf3856ad364e35_6.0.6001.18000_none_48864eb697d31b43\\USBSTOR.SYS\par
[2006/11/02 03:55:05 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=FDBAABF07244C60B0F4E0A6E71A107C6 -- C:\\Windows\\System32\\DriverStore\\FileRepository\\usbstor.inf_bb2778a0\\USBSTOR.SYS\par
\par
< HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WindowsUpdate\\Auto Update\\Results\\Install|LastSuccessTime /rs >\par
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WindowsUpdate\\Auto Update\\Results\\Install\\\\LastSuccessTime: 2010-07-22 22:21:45\par
< End of report >\par
PRC - [2010/07/22 16:34:56 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\\Users\\ezlj\\Downloads\\OTL.exe\par
PRC - [2010/07/14 08:05:33 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\\Program Files\\Mozilla Firefox\\firefox.exe\par
PRC - [2010/03/29 08:53:22 | 000,350,704 | ---- | M] (NOS Microsystems Ltd.) -- C:\\Program Files\\NOS\\bin\\getPlusPlus_Adobe.exe\par
PRC - [2009/12/25 11:56:11 | 000,392,520 | ---- | M] (Verizon) -- C:\\Program Files\\Verizon\\Verizon Internet Security Suite\\Rps.exe\par
PRC - [2009/07/06 14:30:18 | 000,557,056 | ---- | M] (Orbitdownloader.com) -- C:\\Program Files\\Orbitdownloader\\orbitnet.exe\par
PRC - [2009/06/09 09:32:14 | 001,719,496 | ---- | M] (Orbitdownloader.com) -- C:\\Program Files\\Orbitdownloader\\orbitdm.exe\par
PRC - [2009/04/22 10:37:48 | 000,371,440 | ---- | M] (Verizon) -- C:\\Program Files\\Verizon\\Verizon Internet Security Suite\\Fws.exe\par
PRC - [2009/03/12 12:31:56 | 000,308,464 | ---- | M] (Radialpoint Inc.) -- C:\\Program Files\\Verizon\\VSP\\VerizonServicepointComHandler.exe\par
PRC - [2009/03/12 12:31:54 | 002,303,216 | ---- | M] (Verizon) -- C:\\Program Files\\Verizon\\VSP\\VerizonServicepoint.exe\par
PRC - [2008/11/14 18:28:12 | 000,592,408 | ---- | M] (Sana Security) -- C:\\Program Files\\Verizon\\Verizon Internet Security Suite\\SafeConnect\\bin\\SanaMonitor.exe\par
PRC - [2008/10/29 01:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\explorer.exe\par
PRC - [2008/09/22 16:58:46 | 000,066,824 | ---- | M] (Raxco Software, Inc.) -- C:\\Program Files\\Raxco\\PerfectDisk2008\\PD91AgentS1.exe\par
PRC - [2008/04/05 11:14:49 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\\Program Files\\Windows Defender\\MSASCui.exe\par
\par
\par
========== Modules (SafeList) ==========\par
\par
MOD - [2010/07/22 16:34:56 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\\Users\\ezlj\\Downloads\\OTL.exe\par
MOD - [2009/03/08 06:33:04 | 000,420,352 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\System32\\vbscript.dll\par
MOD - [2009/03/02 23:16:12 | 000,614,912 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\System32\\wbem\\fastprox.dll\par
MOD - [2008/04/05 11:20:37 | 000,356,352 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\System32\\wbem\\wbemcomn.dll\par
MOD - [2006/11/02 04:47:18 | 000,228,968 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\System32\\rsaenh.dll\par
MOD - [2006/11/02 04:46:14 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\System32\\wbem\\wmiutils.dll\par
MOD - [2006/11/02 04:46:13 | 000,377,344 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\System32\\sxs.dll\par
MOD - [2006/11/02 04:46:13 | 000,188,416 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\System32\\wbem\\wbemdisp.dll\par
MOD - [2006/11/02 04:46:13 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\System32\\wbem\\wbemsvc.dll\par
MOD - [2006/11/02 04:46:13 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\System32\\wbem\\wbemprox.dll\par
MOD - [2006/11/02 04:44:49 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\System32\\msscript.ocx\par
MOD - [2006/11/02 04:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\winsxs\\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\\comctl32.dll\par
\par
\par
========== Win32 Services (SafeList) ==========\par
\par
SRV - File not found [On_Demand | Stopped] -- C:\\Program Files\\Common Files\\Ahead\\Lib\\NMIndexingService.exe -- (NMIndexingService)\par
SRV - [2010/03/29 08:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Running] -- C:\\Program Files\\NOS\\bin\\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)\par
SRV - [2009/08/26 03:17:05 | 000,175,184 | ---- | M] (Radialpoint SafeCare Inc.) [On_Demand | Running] -- C:\\Program Files\\Verizon\\Verizon Internet Security Suite\\RpsSecurityAwareR.exe -- (Radialpoint Security Services)\par
SRV - [2009/04/22 10:37:48 | 000,371,440 | ---- | M] (Verizon) [Auto | Running] -- C:\\Program Files\\Verizon\\Verizon Internet Security Suite\\Fws.exe -- (RP_FWS)\par
SRV - [2008/11/14 18:28:10 | 004,937,752 | R--- | M] (Sana Security) [Auto | Running] -- C:\\Program Files\\Verizon\\Verizon Internet Security Suite\\SafeConnect\\Bin\\SanaAgent.exe -- (RadialpointSafeConnectAgent)\par
SRV - [2008/09/22 16:58:48 | 000,910,600 | ---- | M] (Raxco Software, Inc.) [On_Demand | Running] -- C:\\Program Files\\Raxco\\PerfectDisk2008\\PD91Engine.exe -- (PD91Engine)\par
SRV - [2008/09/22 16:58:44 | 000,693,512 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\\Program Files\\Raxco\\PerfectDisk2008\\PD91Agent.exe -- (PD91Agent)\par
SRV - [2008/04/05 11:14:48 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\\Program Files\\Windows Defender\\MpSvc.dll -- (WinDefend)\par
\par
\par
========== Driver Services (SafeList) ==========\par
\par
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\DRIVERS\\nwlnkfwd.sys -- (NwlnkFwd)\par
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\DRIVERS\\nwlnkflt.sys -- (NwlnkFlt)\par
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\DRIVERS\\ipinip.sys -- (IpInIp)\par
DRV - File not found [Kernel | Disabled | Stopped] -- C:\\Windows\\System32\\drivers\\blbdrive.sys -- (blbdrive)\par
DRV - [2009/06/10 06:38:16 | 000,335,872 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\netr61.sys -- (rt61x86)\par
DRV - [2009/04/03 14:51:34 | 000,120,336 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\\Windows\\System32\\drivers\\klif.sys -- (KLIF)\par
DRV - [2008/11/26 15:19:56 | 000,053,192 | ---- | M] (Radialpoint Inc.) [Kernel | Auto | Running] -- C:\\Windows\\System32\\drivers\\rp_skt32.sys -- (RPSKT) Security Services Driver (x86)\par
DRV - [2008/11/14 18:28:36 | 000,161,304 | R--- | M] (Sana Security, Inc. ) [Kernel | On_Demand | Running] -- C:\\Program Files\\Verizon\\Verizon Internet Security Suite\\SafeConnect\\Driver\\platform_VISTA\\SafeConnectDriver.sys -- (RadialpointSafeConnectDriver)\par
DRV - [2008/11/14 18:28:36 | 000,029,720 | R--- | M] (Sana Security, Inc. ) [Kernel | On_Demand | Running] -- C:\\Program Files\\Verizon\\Verizon Internet Security Suite\\SafeConnect\\Driver\\platform_VISTA\\SafeConnectFilter.sys -- (RadialpointSafeConnectFilter)\par
DRV - [2008/11/14 18:28:36 | 000,029,248 | ---- | M] (Sana Security, Inc. ) [Kernel | On_Demand | Running] -- C:\\Program Files\\Verizon\\Verizon Internet Security Suite\\SafeConnect\\Driver\\platform_VISTA\\SafeConnectShim.sys -- (RadialpointSafeConnectShim)\par
DRV - [2008/09/17 23:55:00 | 007,379,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\nvlddmkm.sys -- (nvlddmkm)\par
DRV - [2008/08/28 13:16:40 | 000,071,184 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\\Windows\\System32\\drivers\\DefragFS.sys -- (DefragFS)\par
DRV - [2008/08/01 19:51:14 | 001,052,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\nvmfdx32.sys -- (NVENETFD)\par
DRV - [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\ql2300.sys -- (ql2300)\par
DRV - [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\adp94xx.sys -- (adp94xx)\par
DRV - [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\elxstor.sys -- (elxstor)\par
DRV - [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\adpahci.sys -- (adpahci)\par
DRV - [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\uliahci.sys -- (uliahci)\par
DRV - [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\iastorv.sys -- (iaStorV)\par
DRV - [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\adpu320.sys -- (adpu320)\par
DRV - [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\ulsata2.sys -- (ulsata2)\par
DRV - [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\vsmraid.sys -- (vsmraid)\par
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\ql40xx.sys -- (ql40xx)\par
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\ulsata.sys -- (UlSata)\par
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\adpu160m.sys -- (adpu160m)\par
DRV - [2006/11/02 04:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\nvraid.sys -- (nvraid)\par
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\nfrd960.sys -- (nfrd960)\par
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\iirsp.sys -- (iirsp)\par
DRV - [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\sisraid4.sys -- (SiSRaid4)\par
DRV - [2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\nvstor.sys -- (nvstor)\par
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\djsvs.sys -- (aic78xx)\par
DRV - [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\arcsas.sys -- (arcsas)\par
DRV - [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\lsi_scsi.sys -- (LSI_SCSI)\par
DRV - [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\sisraid2.sys -- (SiSRaid2)\par
DRV - [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\hpcisss.sys -- (HpCISSs)\par
DRV - [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\arc.sys -- (arc)\par
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\iteraid.sys -- (iteraid)\par
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\iteatapi.sys -- (iteatapi)\par
DRV - [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\lsi_sas.sys -- (LSI_SAS)\par
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\symc8xx.sys -- (Symc8xx)\par
DRV - [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\lsi_fc.sys -- (LSI_FC)\par
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\sym_u3.sys -- (Sym_u3)\par
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\mraid35x.sys -- (Mraid35x)\par
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\sym_hi.sys -- (Sym_hi)\par
DRV - [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\megasas.sys -- (megasas)\par
DRV - [2006/11/02 04:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\viaide.sys -- (viaide)\par
DRV - [2006/11/02 04:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\cmdide.sys -- (cmdide)\par
DRV - [2006/11/02 04:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\aliide.sys -- (aliide)\par
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)\par
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\system32\\drivers\\brusbser.sys -- (BrUsbSer)\par
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\system32\\drivers\\brfiltup.sys -- (BrFiltUp)\par
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\system32\\drivers\\brfiltlo.sys -- (BrFiltLo)\par
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\brserwdm.sys -- (BrSerWdm)\par
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\brusbmdm.sys -- (BrUsbMdm)\par
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\ntrigdigi.sys -- (ntrigdigi)\par
DRV - [2006/11/02 02:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\E1G60I32.sys -- (E1G60) Intel(R)\par
DRV - [2006/01/20 00:10:50 | 000,363,008 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\rt61.sys -- (RT61)\par
DRV - [2005/04/06 05:22:30 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\nvnetbus.sys -- (nvnetbus)\par
DRV - [2005/01/28 04:48:58 | 002,310,272 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)\par
\par
\par
========== Standard Registry (SafeList) ==========\par
\par
\par
========== Internet Explorer ==========\par
\par
\par
IE - HKCU\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Start Page = http://www.nascar.com/\par
IE - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: "ProxyEnable" = 0\par
\par
========== FireFox ==========\par
\par
FF - prefs.js..browser.startup.homepage: "http://channelsurfing.net/"\par
FF - prefs.js..extensions.enabledItems: \{E2883E8F-472F-4fb0-9522-AC9BF37916A7\}:1.6.2.63\par
\par
\par
FF - HKLM\\software\\mozilla\\Mozilla Firefox 3.6.7\\extensions\\\\Components: C:\\Program Files\\Mozilla Firefox\\components [2010/07/22 00:04:26 | 000,000,000 | ---D | M]\par
FF - HKLM\\software\\mozilla\\Mozilla Firefox 3.6.7\\extensions\\\\Plugins: C:\\Program Files\\Mozilla Firefox\\plugins [2010/07/22 16:28:54 | 000,000,000 | ---D | M]\par
\par
[2010/05/16 13:50:09 | 000,000,000 | ---D | M] -- C:\\Users\\ezlj\\AppData\\Roaming\\mozilla\\Extensions\par
[2010/07/22 16:28:48 | 000,000,000 | ---D | M] -- C:\\Users\\ezlj\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\kasiuv91.default\\extensions\par
[2010/06/26 21:07:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\\Users\\ezlj\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\kasiuv91.default\\extensions\\\{20a82645-c095-46ed-80e3-08825760534b\}(76)\par
[2010/05/17 18:49:59 | 000,000,000 | ---D | M] (No name found) -- C:\\Users\\ezlj\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\kasiuv91.default\\extensions\\\{635abd67-4fe9-1b23-4f01-e679fa7484c1\}\par
[2010/05/17 18:49:59 | 000,000,000 | ---D | M] (No name found) -- C:\\Users\\ezlj\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\kasiuv91.default\\extensions\\\{69D30031-F4A8-452a-A5B3-5D6787C3C5CF\}\par
[2010/07/22 16:27:47 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\\Users\\ezlj\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\kasiuv91.default\\extensions\\\{E2883E8F-472F-4fb0-9522-AC9BF37916A7\}\par
[2010/05/16 14:24:54 | 000,000,000 | ---D | M] -- C:\\Users\\ezlj\\AppData\\Roaming\\mozilla\\Firefox\\Profiles(139)\\1mmnrkn8.default\\extensions\par
[2010/05/16 14:24:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\\Users\\ezlj\\AppData\\Roaming\\mozilla\\Firefox\\Profiles(139)\\1mmnrkn8.default\\extensions\\\{20a82645-c095-46ed-80e3-08825760534b\}\par
[2010/07/22 16:29:04 | 000,000,000 | ---D | M] -- C:\\Program Files\\Mozilla Firefox\\extensions\par
[2010/07/22 16:29:19 | 000,000,000 | ---D | M] (Java Console) -- C:\\Program Files\\Mozilla Firefox\\extensions\\\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA\}\par
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\\Program Files\\Mozilla Firefox\\plugins\\npdeployJava1.dll\par
\par
O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\\Windows\\System32\\drivers\\etc\\hosts\par
O1 - Hosts: 127.0.0.1 localhost\par
O1 - Hosts: ::1 localhost\par
O2 - BHO: (Octh Class) - \{000123B4-9B42-4900-B3F7-F4B073EFC214\} - C:\\Program Files\\Orbitdownloader\\orbitcth.dll (Orbitdownloader.com)\par
O2 - BHO: (PopKill Class) - \{3C060EA2-E6A9-4E49-A530-D4657B8C449A\} - C:\\Program Files\\Verizon\\Verizon Internet Security Suite\\pkR.dll (Verizon)\par
O2 - BHO: (no name) - \{5C255C8A-E604-49b4-9D64-90988571CECB\} - No CLSID value found.\par
O3 - HKLM\\..\\Toolbar: (Grab Pro) - \{C55BBCD6-41AD-48AD-9953-3609C48EACC7\} - C:\\Program Files\\Orbitdownloader\\GrabPro.dll ()\par
O3 - HKCU\\..\\Toolbar\\WebBrowser: (Grab Pro) - \{C55BBCD6-41AD-48AD-9953-3609C48EACC7\} - C:\\Program Files\\Orbitdownloader\\GrabPro.dll ()\par
O4 - HKLM..\\Run: [NvCplDaemon] C:\\Windows\\System32\\NvCpl.DLL (NVIDIA Corporation)\par
O4 - HKLM..\\Run: [NvMediaCenter] C:\\Windows\\System32\\NvMcTray.DLL (NVIDIA Corporation)\par
O4 - HKLM..\\Run: [VerizonServicepoint.exe] C:\\Program Files\\Verizon\\VSP\\VerizonServicepoint.exe (Verizon)\par
O4 - HKLM..\\Run: [Windows Defender] C:\\Program Files\\Windows Defender\\MSASCui.exe (Microsoft Corporation)\par
O4 - HKCU..\\Run: [ares] C:\\Program Files\\Ares\\Ares.exe File not found\par
O4 - HKLM..\\RunOnce: [IndexCleaner] C:\\Program Files\\Verizon\\Verizon Internet Security Suite\\IdxClnR.exe (Verizon)\par
O4 - HKCU..\\RunOnce: [IndexCleaner] C:\\Program Files\\Verizon\\Verizon Internet Security Suite\\IdxClnR.exe (Verizon)\par
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: EnableLUA = 0\par
O7 - HKCU\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoDriveTypeAutoRun = 145\par
O8 - Extra context menu item: &Download by Orbit - C:\\Program Files\\Orbitdownloader\\orbitmxt.dll (Orbitdownloader.com)\par
O8 - Extra context menu item: &Grab video by Orbit - C:\\Program Files\\Orbitdownloader\\orbitmxt.dll (Orbitdownloader.com)\par
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\\Program Files\\Orbitdownloader\\orbitmxt.dll (Orbitdownloader.com)\par
O8 - Extra context menu item: Down&load all by Orbit - C:\\Program Files\\Orbitdownloader\\orbitmxt.dll (Orbitdownloader.com)\par
O13 - gopher Prefix: missing\par
O16 - DPF: \{17492023-C23A-453E-A040-C7C580BBF700\} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)\par
O16 - DPF: \{8AD9C840-044E-11D1-B3E9-00805F499D93\} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)\par
O16 - DPF: \{8FFBE65D-2C9C-4669-84BD-5829DC0B603C\} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)\par
O16 - DPF: \{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA\} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)\par
O16 - DPF: \{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA\} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)\par
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1\par
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\\Windows\\explorer.exe (Microsoft Corporation)\par
O24 - Desktop WallPaper: C:\\Users\\ezlj\\AppData\\Roaming\\Microsoft\\Windows Photo Gallery\\Windows Photo Gallery Wallpaper.jpg\par
O24 - Desktop BackupWallPaper: C:\\Users\\ezlj\\AppData\\Roaming\\Microsoft\\Windows Photo Gallery\\Windows Photo Gallery Wallpaper.jpg\par
O32 - HKLM CDRom: AutoRun - 1\par
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\\autoexec.bat -- [ NTFS ]\par
O33 - MountPoints2\\\{7195fa08-5373-11de-b9a2-f0298d190713\}\\Shell\\AutoRun\\command - "" = E:\\browser.exe -- File not found\par
O33 - MountPoints2\\\{d197aff8-f3d1-11de-9707-94cd415ff965\}\\Shell\\AutoRun\\command - "" = WD_Windows_Tools\\Setup.exe\par
O34 - HKLM BootExecute: (PDBoot.exe) - C:\\Windows\\System32\\PDBoot.exe (Raxco Software, Inc.)\par
O34 - HKLM BootExecute: (autocheck autochk *) - File not found\par
O35 - HKLM\\..comfile [open] -- "%1" %*\par
O35 - HKLM\\..exefile [open] -- "%1" %*\par
O37 - HKLM\\...com [@ = comfile] -- "%1" %*\par
O37 - HKLM\\...exe [@ = exefile] -- "%1" %*\par
\par
========== Files/Folders - Created Within 30 Days ==========\par
\par
[2010/07/22 16:32:15 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Sun\par
[2010/07/22 16:28:49 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\\Windows\\System32\\deployJava1.dll\par
[2010/07/22 16:28:49 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\\Windows\\System32\\javaws.exe\par
[2010/07/22 16:28:46 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\\Windows\\System32\\javaw.exe\par
[2010/07/22 16:28:46 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\\Windows\\System32\\java.exe\par
[2010/07/22 00:09:00 | 000,000,000 | ---D | C] -- C:\\Users\\ezlj\\AppData\\Roaming\\Malwarebytes\par
[2010/07/22 00:08:44 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\\Windows\\System32\\drivers\\mbamswissarmy.sys\par
[2010/07/22 00:08:40 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Malwarebytes\par
[2010/07/22 00:08:38 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\\Windows\\System32\\drivers\\mbam.sys\par
[2010/07/22 00:08:36 | 000,000,000 | ---D | C] -- C:\\Program Files\\Malwarebytes' Anti-Malware\par
[2010/07/20 11:56:43 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\mshtml.tlb\par
[2010/07/20 11:56:43 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\mstime.dll\par
[2010/07/20 11:56:43 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\jsproxy.dll\par
[2010/07/20 11:56:42 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\msfeeds.dll\par
[2010/07/20 11:56:42 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\iepeers.dll\par
[2010/07/20 11:56:42 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\msfeedsbs.dll\par
[2010/07/20 11:56:41 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\ieui.dll\par
[2010/07/20 11:56:41 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\iesetup.dll\par
[2010/07/20 11:56:41 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\iernonce.dll\par
[2010/07/20 11:56:40 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\iedkcs32.dll\par
[2010/07/20 11:56:40 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\ie4uinit.exe\par
[2010/07/20 11:56:40 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\ieUnatt.exe\par
[2010/07/20 11:56:40 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\iesysprep.dll\par
[2010/07/20 11:56:40 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\msfeedssync.exe\par
[2010/07/20 11:56:39 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\inetcpl.cpl\par
[2010/07/20 11:54:48 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\msls31.dll\par
[2010/07/20 11:54:48 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\admparse.dll\par
[2010/07/20 11:54:48 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\mshtmler.dll\par
[2010/07/20 11:54:47 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\dxtmsft.dll\par
[2010/07/20 11:54:47 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\dxtrans.dll\par
[2010/07/20 11:54:47 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\ieakeng.dll\par
[2010/07/20 11:54:47 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\imgutil.dll\par
[2010/07/20 11:54:47 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\corpol.dll\par
[2010/07/20 11:54:46 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\ieaksie.dll\par
[2010/07/20 11:54:46 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\msrating.dll\par
[2010/07/20 11:54:46 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\inseng.dll\par
[2010/07/20 11:54:46 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\licmgr10.dll\par
[2010/07/20 11:54:45 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\WinFXDocObj.exe\par
[2010/07/20 11:54:45 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\ieakui.dll\par
[2010/07/20 11:54:45 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\wextract.exe\par
[2010/07/20 11:54:44 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\pngfilt.dll\par
[2010/07/20 11:54:43 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\jscript.dll\par
[2010/07/20 11:54:43 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\ieapfltr.dll\par
[2010/07/20 11:54:43 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\vbscript.dll\par
[2010/07/20 11:54:43 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\url.dll\par
[2010/07/20 11:54:42 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\html.iec\par
[2010/07/20 11:54:41 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\ieapfltr.dat\par
[2010/07/20 11:54:41 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\iexpress.exe\par
[2010/07/20 11:54:41 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\PDMSetup.exe\par
[2010/07/20 11:54:41 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\RegisterIEPKEYs.exe\par
[2010/07/20 11:54:41 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\SetIEInstalledDate.exe\par
[2010/07/20 00:34:32 | 000,000,000 | -H-D | C] -- C:\\Users\\ezlj\\Documents\\Runes of Magic\par
[2010/07/19 23:43:55 | 000,000,000 | ---D | C] -- C:\\Program Files\\Runes of Magic\par
[2010/07/18 18:34:12 | 000,000,000 | ---D | C] -- C:\\Users\\ezlj\\AppData\\Roaming\\FOG Downloader\par
\par
========== Files - Modified Within 30 Days ==========\par
\par
[2010/07/22 18:31:30 | 000,000,882 | ---- | M] () -- C:\\Windows\\tasks\\GoogleUpdateTaskMachineUA.job\par
[2010/07/22 18:29:05 | 002,359,296 | -HS- | M] () -- C:\\Users\\ezlj\\NTUSER.DAT\par
[2010/07/22 18:23:05 | 177,271,840 | -HS- | M] () -- C:\\Windows\\System32\\drivers\\fidbox.dat\par
[2010/07/22 18:10:58 | 000,003,680 | -H-- | M] () -- C:\\Windows\\System32\\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0\par
[2010/07/22 18:10:58 | 000,003,680 | -H-- | M] () -- C:\\Windows\\System32\\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0\par
[2010/07/22 17:38:05 | 000,000,878 | ---- | M] () -- C:\\Windows\\tasks\\GoogleUpdateTaskMachineCore.job\par
[2010/07/22 17:37:36 | 000,000,006 | -H-- | M] () -- C:\\Windows\\tasks\\SA.DAT\par
[2010/07/22 16:16:47 | 000,000,420 | -H-- | M] () -- C:\\Windows\\tasks\\User_Feed_Synchronization-\{113E4354-9D93-42A5-8055-ECA7406235C4\}.job\par
[2010/07/22 16:11:17 | 000,001,691 | ---- | M] () -- C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Orbit.lnk\par
[2010/07/22 16:10:42 | 000,067,584 | --S- | M] () -- C:\\Windows\\bootstat.dat\par
[2010/07/22 00:58:10 | 002,359,628 | -HS- | M] () -- C:\\Windows\\System32\\drivers\\fidbox.idx\par
[2010/07/22 00:56:09 | 000,961,627 | -H-- | M] () -- C:\\Users\\ezlj\\AppData\\Local\\IconCache.db\par
[2010/07/22 00:08:50 | 000,000,827 | ---- | M] () -- C:\\Users\\Public\\Desktop\\Malwarebytes' Anti-Malware.lnk\par
[2010/07/22 00:04:32 | 000,001,757 | ---- | M] () -- C:\\Users\\ezlj\\Application Data\\Microsoft\\Internet Explorer\\Quick Launch\\Mozilla Firefox.lnk\par
[2010/07/22 00:04:32 | 000,001,733 | ---- | M] () -- C:\\Users\\Public\\Desktop\\Mozilla Firefox.lnk\par
[2010/07/21 21:57:47 | 145,225,517 | ---- | M] () -- C:\\Windows\\MEMORY.DMP\par
[2010/07/20 13:41:39 | 000,150,528 | ---- | M] () -- C:\\Users\\ezlj\\AppData\\Local\\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini\par
[2010/07/20 13:19:34 | 000,716,948 | ---- | M] () -- C:\\Windows\\System32\\PerfStringBackup.INI\par
[2010/07/20 13:19:34 | 000,618,410 | ---- | M] () -- C:\\Windows\\System32\\perfh009.dat\par
[2010/07/20 13:19:34 | 000,103,818 | ---- | M] () -- C:\\Windows\\System32\\perfc009.dat\par
[2010/07/20 12:22:01 | 000,000,952 | ---- | M] () -- C:\\Users\\ezlj\\Application Data\\Microsoft\\Internet Explorer\\Quick Launch\\Launch Internet Explorer Browser.lnk\par
[2010/07/20 00:30:49 | 000,001,745 | ---- | M] () -- C:\\Users\\ezlj\\Desktop\\Runes of Magic.lnk\par
[2010/07/19 22:16:29 | 000,050,400 | ---- | M] () -- C:\\Users\\ezlj\\AppData\\Local\\GDIPFONTCACHEV1.DAT\par
[2010/07/19 21:36:43 | 002,359,296 | -HS- | M] () -- C:\\Users\\ezlj\\ntuser.dat_previous\par
\par
========== Files Created - No Company Name ==========\par
\par
[2010/07/22 00:08:50 | 000,000,827 | ---- | C] () -- C:\\Users\\Public\\Desktop\\Malwarebytes' Anti-Malware.lnk\par
[2010/07/22 00:04:32 | 000,001,733 | ---- | C] () -- C:\\Users\\Public\\Desktop\\Mozilla Firefox.lnk\par
[2010/07/21 21:26:30 | 145,225,517 | ---- | C] () -- C:\\Windows\\MEMORY.DMP\par
[2010/07/20 12:26:08 | 000,000,420 | -H-- | C] () -- C:\\Windows\\tasks\\User_Feed_Synchronization-\{113E4354-9D93-42A5-8055-ECA7406235C4\}.job\par
[2010/07/20 11:56:40 | 000,057,667 | ---- | C] () -- C:\\Windows\\System32\\ieuinit.inf\par
[2010/07/20 00:30:53 | 000,001,745 | ---- | C] () -- C:\\Users\\ezlj\\Desktop\\Runes of Magic.lnk\par
[2009/02/24 16:49:29 | 000,056,320 | ---- | C] () -- C:\\Windows\\System32\\iyvu9_32.dll\par
[2008/11/21 16:47:52 | 003,596,288 | ---- | C] () -- C:\\Windows\\System32\\qt-dx331.dll\par
[2008/11/21 16:45:16 | 000,000,416 | ---- | C] () -- C:\\Windows\\System32\\dtu100.dll.manifest\par
[2008/10/14 16:09:12 | 000,005,504 | ---- | C] () -- C:\\Windows\\System32\\drivers\\StarOpen_x86.sys\par
[2008/04/06 14:23:37 | 000,000,000 | ---- | C] () -- C:\\Windows\\Irremote.ini\par
[2008/04/05 11:02:59 | 000,156,672 | ---- | C] () -- C:\\Windows\\System32\\RTLCPAPI.dll\par
[2008/04/05 10:59:36 | 000,290,918 | ---- | C] () -- C:\\Windows\\System32\\Install7x.dll\par
[2008/03/04 19:52:34 | 000,286,720 | ---- | C] () -- C:\\Windows\\System32\\libcurl.dll\par
[2007/10/31 10:39:54 | 000,059,904 | ---- | C] () -- C:\\Windows\\System32\\zlib1.dll\par
[2007/05/17 14:58:10 | 000,143,360 | ---- | C] () -- C:\\Windows\\System32\\libexpatw.dll\par
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\\Windows\\System32\\sysprepMCE.dll\par
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\\Windows\\System32\\pacerprf.ini\par
\par
========== Custom Scans ==========\par
\par
\par
< %systemroot%\\*. /mp /s >\par
\par
< %systemroot%\\system32\\*.dll /lockedfiles >\par
[2006/11/02 04:47:18 | 000,228,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\\Windows\\System32\\rsaenh.dll\par
[2008/04/05 11:07:09 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\\Windows\\System32\\SLC.dll\par
\par
< %systemroot%\\system32\\*.exe /lockedfiles >\par
\par
< %systemroot%\\Tasks\\*.job /lockedfiles >\par
\par
< %systemroot%\\system32\\drivers\\*.sys /lockedfiles >\par
\par
< %systemroot%\\System32\\config\\*.sav >\par
[2006/11/02 05:34:05 | 000,008,192 | ---- | M] () -- C:\\Windows\\System32\\config\\COMPONENTS.SAV\par
[2006/11/02 05:34:05 | 000,020,480 | ---- | M] () -- C:\\Windows\\System32\\config\\DEFAULT.SAV\par
[2006/11/02 05:34:05 | 000,008,192 | ---- | M] () -- C:\\Windows\\System32\\config\\SECURITY.SAV\par
[2006/11/02 05:34:08 | 010,133,504 | ---- | M] () -- C:\\Windows\\System32\\config\\SOFTWARE.SAV\par
[2006/11/02 05:34:08 | 001,826,816 | ---- | M] () -- C:\\Windows\\System32\\config\\SYSTEM.SAV\par
\par
< %systemroot%\\system32\\*.sys >\par
[2006/11/02 02:09:42 | 000,009,029 | ---- | M] () -- C:\\Windows\\System32\\ANSI.SYS\par
[2008/04/05 11:16:48 | 000,224,824 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\System32\\clfs.sys\par
[2006/11/02 02:09:45 | 000,027,097 | ---- | M] () -- C:\\Windows\\System32\\country.sys\par
[2006/11/02 02:09:41 | 000,004,768 | ---- | M] () -- C:\\Windows\\System32\\HIMEM.SYS\par
[2006/11/02 02:09:44 | 000,042,809 | ---- | M] () -- C:\\Windows\\System32\\KEY01.SYS\par
[2006/11/02 02:09:44 | 000,042,537 | ---- | M] () -- C:\\Windows\\System32\\KEYBOARD.SYS\par
[2006/11/02 02:09:29 | 000,027,866 | ---- | M] () -- C:\\Windows\\System32\\NTDOS.SYS\par
[2006/11/02 02:09:35 | 000,029,146 | ---- | M] () -- C:\\Windows\\System32\\NTDOS404.SYS\par
[2006/11/02 02:09:38 | 000,029,370 | ---- | M] () -- C:\\Windows\\System32\\NTDOS411.SYS\par
[2006/11/02 02:09:40 | 000,029,274 | ---- | M] () -- C:\\Windows\\System32\\NTDOS412.SYS\par
[2006/11/02 02:09:31 | 000,029,146 | ---- | M] () -- C:\\Windows\\System32\\NTDOS804.SYS\par
[2006/11/02 02:09:20 | 000,033,952 | ---- | M] () -- C:\\Windows\\System32\\NTIO.SYS\par
[2006/11/02 02:09:23 | 000,034,672 | ---- | M] () -- C:\\Windows\\System32\\NTIO404.SYS\par
[2006/11/02 02:09:24 | 000,035,776 | ---- | M] () -- C:\\Windows\\System32\\NTIO411.SYS\par
[2006/11/02 02:09:26 | 000,035,536 | ---- | M] () -- C:\\Windows\\System32\\NTIO412.SYS\par
[2006/11/02 02:09:22 | 000,034,672 | ---- | M] () -- C:\\Windows\\System32\\NTIO804.SYS\par
[2009/08/14 09:01:34 | 002,031,104 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\System32\\win32k.sys\par
\par
< %systemroot%\\system32\\drivers\\*.dll >\par
\par
< %systemroot%\\system32\\drivers\\*.ini >\par
\par
< %systemroot%\\system32\\drivers\\*.exe >\par
\par
< %SYSTEMDRIVE%\\*.* >\par
[2006/09/18 16:43:36 | 000,000,024 | ---- | M] () -- C:\\autoexec.bat\par
[2006/11/02 04:53:57 | 000,438,840 | RHS- | M] () -- C:\\bootmgr\par
[2008/03/30 20:24:58 | 000,008,192 | R-S- | M] () -- C:\\BOOTSECT.BAK\par
[2006/09/18 16:43:37 | 000,000,010 | ---- | M] () -- C:\\config.sys\par
[2010/05/04 13:56:52 | 000,071,745 | ---- | M] () -- C:\\debug.log\par
[2008/04/06 14:21:46 | 000,000,077 | ---- | M] () -- C:\\FilterLog.log\par
[2009/05/05 11:04:21 | 000,000,000 | RHS- | M] () -- C:\\IO.SYS\par
[2009/05/05 11:04:21 | 000,000,000 | RHS- | M] () -- C:\\MSDOS.SYS\par
[2010/07/22 16:10:31 | 1387,200,512 | -HS- | M] () -- C:\\pagefile.sys\par
[2009/06/07 19:03:46 | 011,153,593 | ---- | M] () -- C:\\Untitled.m4v\par
\par
< %PROGRAMFILES%\\*. >\par
[2009/02/18 08:53:43 | 000,000,000 | ---D | M] -- C:\\Program Files\\AC3Filter\par
[2010/07/19 21:31:12 | 000,000,000 | ---D | M] -- C:\\Program Files\\Adobe\par
[2010/07/20 14:55:56 | 000,000,000 | ---D | M] -- C:\\Program Files\\Ares\par
[2010/05/12 18:50:26 | 000,000,000 | ---D | M] -- C:\\Program Files\\Audacity 1.3 Beta (Unicode)\par
[2009/06/07 20:15:41 | 000,000,000 | ---D | M] -- C:\\Program Files\\AVS4YOU\par
[2010/07/19 21:31:12 | 000,000,000 | ---D | M] -- C:\\Program Files\\CCleaner\par
[2010/07/20 19:33:17 | 000,000,000 | ---D | M] -- C:\\Program Files\\Common Files\par
[2010/07/20 14:56:13 | 000,000,000 | ---D | M] -- C:\\Program Files\\DivX\par
[2010/05/17 21:01:44 | 000,000,000 | ---D | M] -- C:\\Program Files\\Google\par
[2010/05/17 18:49:55 | 000,000,000 | -H-D | M] -- C:\\Program Files\\InstallShield Installation Information\par
[2010/07/20 12:16:46 | 000,000,000 | ---D | M] -- C:\\Program Files\\Internet Explorer\par
[2010/07/22 16:28:09 | 000,000,000 | ---D | M] -- C:\\Program Files\\Java\par
[2009/02/24 16:49:27 | 000,000,000 | ---D | M] -- C:\\Program Files\\Ligos\par
[2010/07/22 00:08:52 | 000,000,000 | ---D | M] -- C:\\Program Files\\Malwarebytes' Anti-Malware\par
[2009/12/10 18:33:33 | 000,000,000 | ---D | M] -- C:\\Program Files\\Microsoft\par
[2009/12/15 04:03:22 | 000,000,000 | ---D | M] -- C:\\Program Files\\Microsoft CAPICOM 2.1.0.2\par
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\\Program Files\\Microsoft Games\par
[2010/05/29 17:26:27 | 000,000,000 | ---D | M] -- C:\\Program Files\\Microsoft Silverlight\par
[2010/03/11 04:33:19 | 000,000,000 | ---D | M] -- C:\\Program Files\\Movie Maker\par
[2009/05/25 00:21:29 | 000,000,000 | ---D | M] -- C:\\Program Files\\Moyea\par
[2010/07/22 00:04:28 | 000,000,000 | ---D | M] -- C:\\Program Files\\Mozilla Firefox\par
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\\Program Files\\MSBuild\par
[2008/04/05 10:59:05 | 000,000,000 | ---D | M] -- C:\\Program Files\\MSI\par
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\\Program Files\\MSN\par
[2008/04/06 14:20:12 | 000,000,000 | ---D | M] -- C:\\Program Files\\MSXML 4.0\par
[2009/05/18 20:50:10 | 000,000,000 | ---D | M] -- C:\\Program Files\\NCH Software\par
[2009/05/31 15:12:53 | 000,000,000 | ---D | M] -- C:\\Program Files\\NCH Swift Sound\par
[2010/07/22 16:28:28 | 000,000,000 | ---D | M] -- C:\\Program Files\\NOS\par
[2010/07/22 16:36:38 | 000,000,000 | ---D | M] -- C:\\Program Files\\Orbitdownloader\par
[2009/06/02 13:41:52 | 000,000,000 | ---D | M] -- C:\\Program Files\\Raxco\par
[2009/05/31 15:09:53 | 000,000,000 | ---D | M] -- C:\\Program Files\\Record-Anything\par
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\\Program Files\\Reference Assemblies\par
[2010/07/21 22:55:49 | 000,000,000 | ---D | M] -- C:\\Program Files\\Runes of Magic\par
[2010/07/03 14:55:39 | 000,000,000 | ---D | M] -- C:\\Program Files\\SUPERAntiSpyware\par
[2006/11/02 08:01:55 | 000,000,000 | -H-D | M] -- C:\\Program Files\\Uninstall Information\par
[2010/04/18 18:07:57 | 000,000,000 | ---D | M] -- C:\\Program Files\\Veetle\par
[2009/06/02 13:41:30 | 000,000,000 | ---D | M] -- C:\\Program Files\\Verizon\par
[2010/01/05 20:45:17 | 000,000,000 | ---D | M] -- C:\\Program Files\\VideoLAN\par
[2008/04/05 11:40:09 | 000,000,000 | ---D | M] -- C:\\Program Files\\Windows Calendar\par
[2006/11/02 07:42:32 | 000,000,000 | ---D | M] -- C:\\Program Files\\Windows Collaboration\par
[2008/04/05 11:40:04 | 000,000,000 | ---D | M] -- C:\\Program Files\\Windows Defender\par
[2006/11/02 07:42:32 | 000,000,000 | ---D | M] -- C:\\Program Files\\Windows Journal\par
[2009/12/10 18:33:28 | 000,000,000 | ---D | M] -- C:\\Program Files\\Windows Live\par
[2009/12/10 18:33:03 | 000,000,000 | ---D | M] -- C:\\Program Files\\Windows Live SkyDrive\par
[2010/04/17 03:22:35 | 000,000,000 | ---D | M] -- C:\\Program Files\\Windows Mail\par
[2009/10/30 19:43:21 | 000,000,000 | ---D | M] -- C:\\Program Files\\Windows Media Player\par
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\\Program Files\\Windows NT\par
[2006/11/02 07:42:32 | 000,000,000 | ---D | M] -- C:\\Program Files\\Windows Photo Gallery\par
[2008/04/05 11:39:58 | 000,000,000 | ---D | M] -- C:\\Program Files\\Windows Sidebar\par
[2009/07/28 18:01:17 | 000,000,000 | ---D | M] -- C:\\Program Files\\WinRAR\par
\par
< %appdata%\\*.* >\par
\par
\par
< MD5 for: AGP440.SYS >\par
[2008/01/19 02:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\\Windows\\SoftwareDistribution\\Download\\b1d48c0a5500e900499764daaa6a0385\\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\\AGP440.sys\par
[2006/11/02 04:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\\Windows\\System32\\drivers\\AGP440.sys\par
[2006/11/02 04:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\\Windows\\System32\\DriverStore\\FileRepository\\machine.inf_920a2c1f\\AGP440.sys\par
\par
< MD5 for: ATAPI.SYS >\par
[2008/01/19 02:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\\Windows\\SoftwareDistribution\\Download\\b1d48c0a5500e900499764daaa6a0385\\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\\atapi.sys\par
[2006/11/02 04:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\\Windows\\System32\\DriverStore\\FileRepository\\mshdc.inf_c6c2e699\\atapi.sys\par
[2008/04/05 11:11:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\\Windows\\System32\\drivers\\atapi.sys\par
[2008/04/05 11:11:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\\Windows\\System32\\DriverStore\\FileRepository\\mshdc.inf_7de13c21\\atapi.sys\par
[2008/04/05 11:11:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\\Windows\\winsxs\\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\\atapi.sys\par
[2008/04/05 11:11:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\\Windows\\winsxs\\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\\atapi.sys\par
\par
< MD5 for: CNGAUDIT.DLL >\par
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\\Windows\\System32\\cngaudit.dll\par
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\\Windows\\winsxs\\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\\cngaudit.dll\par
\par
< MD5 for: DISK.SYS >\par
[2008/01/19 02:42:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\\Windows\\SoftwareDistribution\\Download\\b1d48c0a5500e900499764daaa6a0385\\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\\disk.sys\par
[2006/11/02 04:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\\Windows\\System32\\drivers\\disk.sys\par
[2006/11/02 04:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\\Windows\\System32\\DriverStore\\FileRepository\\disk.inf_e0b0b355\\disk.sys\par
\par
< MD5 for: IASTORV.SYS >\par
[2008/01/19 02:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\\Windows\\SoftwareDistribution\\Download\\b1d48c0a5500e900499764daaa6a0385\\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\\iaStorV.sys\par
[2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\\Windows\\System32\\drivers\\iaStorV.sys\par
[2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\\Windows\\System32\\DriverStore\\FileRepository\\iastorv.inf_37cdafa4\\iaStorV.sys\par
\par
< MD5 for: NETLOGON.DLL >\par
[2006/11/02 04:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\\Windows\\System32\\netlogon.dll\par
[2006/11/02 04:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\\Windows\\winsxs\\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\\netlogon.dll\par
[2008/01/19 02:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\\Windows\\SoftwareDistribution\\Download\\b1d48c0a5500e900499764daaa6a0385\\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\\netlogon.dll\par
\par
< MD5 for: NVSTOR.SYS >\par
[2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\\Windows\\System32\\drivers\\nvstor.sys\par
[2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\\Windows\\System32\\DriverStore\\FileRepository\\nvraid.inf_733654ff\\nvstor.sys\par
[2008/01/19 02:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\\Windows\\SoftwareDistribution\\Download\\b1d48c0a5500e900499764daaa6a0385\\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\\nvstor.sys\par
\par
< MD5 for: SCECLI.DLL >\par
[2008/01/19 02:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\\Windows\\SoftwareDistribution\\Download\\b1d48c0a5500e900499764daaa6a0385\\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\\scecli.dll\par
[2006/11/02 04:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\\Windows\\System32\\scecli.dll\par
[2006/11/02 04:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\\Windows\\winsxs\\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\\scecli.dll\par
\par
< MD5 for: USBSTOR.SYS >\par
[2008/04/05 11:14:18 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7887CE56934E7F104E98C975F47353C5 -- C:\\Windows\\System32\\drivers\\USBSTOR.SYS\par
[2008/04/05 11:14:18 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7887CE56934E7F104E98C975F47353C5 -- C:\\Windows\\System32\\DriverStore\\FileRepository\\usbstor.inf_8416e98e\\USBSTOR.SYS\par
[2008/04/05 11:14:18 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7887CE56934E7F104E98C975F47353C5 -- C:\\Windows\\winsxs\\x86_usbstor.inf_31bf3856ad364e35_6.0.6000.16478_none_465c5f209ade1e53\\USBSTOR.SYS\par
[2008/04/05 11:14:18 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7DA1833F2B2500C755AB6C81C5ABFC88 -- C:\\Windows\\winsxs\\x86_usbstor.inf_31bf3856ad364e35_6.0.6000.20588_none_46db2bffb403da0e\\USBSTOR.SYS\par
[2008/01/19 00:53:22 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=87BA6B83C5D19B69160968D07D6E2982 -- C:\\Windows\\SoftwareDistribution\\Download\\b1d48c0a5500e900499764daaa6a0385\\x86_usbstor.inf_31bf3856ad364e35_6.0.6001.18000_none_48864eb697d31b43\\USBSTOR.SYS\par
[2006/11/02 03:55:05 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=FDBAABF07244C60B0F4E0A6E71A107C6 -- C:\\Windows\\System32\\DriverStore\\FileRepository\\usbstor.inf_bb2778a0\\USBSTOR.SYS\par
\par
< HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WindowsUpdate\\Auto Update\\Results\\Install|LastSuccessTime /rs >\par
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WindowsUpdate\\Auto Update\\Results\\Install\\\\LastSuccessTime: 2010-07-22 22:21:45\par
\par
< End of report >\par
SRV - File not found [On_Demand | Stopped] -- C:\\Program Files\\Common Files\\Ahead\\Lib\\NMIndexingService.exe -- (NMIndexingService)\par
SRV - [2010/03/29 08:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Running] -- C:\\Program Files\\NOS\\bin\\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)\par
SRV - [2009/08/26 03:17:05 | 000,175,184 | ---- | M] (Radialpoint SafeCare Inc.) [On_Demand | Running] -- C:\\Program Files\\Verizon\\Verizon Internet Security Suite\\RpsSecurityAwareR.exe -- (Radialpoint Security Services)\par
SRV - [2009/04/22 10:37:48 | 000,371,440 | ---- | M] (Verizon) [Auto | Running] -- C:\\Program Files\\Verizon\\Verizon Internet Security Suite\\Fws.exe -- (RP_FWS)\par
SRV - [2008/11/14 18:28:10 | 004,937,752 | R--- | M] (Sana Security) [Auto | Running] -- C:\\Program Files\\Verizon\\Verizon Internet Security Suite\\SafeConnect\\Bin\\SanaAgent.exe -- (RadialpointSafeConnectAgent)\par
SRV - [2008/09/22 16:58:48 | 000,910,600 | ---- | M] (Raxco Software, Inc.) [On_Demand | Running] -- C:\\Program Files\\Raxco\\PerfectDisk2008\\PD91Engine.exe -- (PD91Engine)\par
SRV - [2008/09/22 16:58:44 | 000,693,512 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\\Program Files\\Raxco\\PerfectDisk2008\\PD91Agent.exe -- (PD91Agent)\par
SRV - [2008/04/05 11:14:48 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\\Program Files\\Windows Defender\\MpSvc.dll -- (WinDefend)\par
\par
\par
========== Driver Services (SafeList) ==========\par
\par
C:\\Windows\\winsxs\\x86_usbstor.inf_31bf3856ad364e35_6.0.6000.16478_none_465c5f209ade1e53\\USBSTOR.SYS\par
[2008/04/05 11:14:18 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7DA1833F2B2500C755AB6C81C5ABFC88 -- C:\\Windows\\winsxs\\x86_usbstor.inf_31bf3856ad364e35_6.0.6000.20588_none_46db2bffb403da0e\\USBSTOR.SYS\par
[2008/01/19 00:53:22 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=87BA6B83C5D19B69160968D07D6E2982 -- C:\\Windows\\SoftwareDistribution\\Download\\b1d48c0a5500e900499764daaa6a0385\\x86_usbstor.inf_31bf3856ad364e35_6.0.6001.18000_none_48864eb697d31b43\\USBSTOR.SYS\par
[2006/11/02 03:55:05 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=FDBAABF07244C60B0F4E0A6E71A107C6 -- C:\\Windows\\System32\\DriverStore\\FileRepository\\usbstor.inf_bb2778a0\\USBSTOR.SYS\par
\par
< HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WindowsUpdate\\Auto Update\\Results\\Install|LastSuccessTime /rs >\par
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WindowsUpdate\\Auto Update\\Results\\Install\\\\LastSuccessTime: 2010-07-22 22:21:45\par
\par
< End of report >\par
\par
\f1\par
}

descriptionHelp!!!! MY OTL has been scanning for 2 hours and still going. Is this bad EmptyRe: Help!!!! MY OTL has been scanning for 2 hours and still going. Is this bad

more_horiz

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\DRIVERS\\nwlnkfwd.sys -- (NwlnkFwd)\par
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\DRIVERS\\nwlnkflt.sys -- (NwlnkFlt)\par
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\DRIVERS\\ipinip.sys -- (IpInIp)\par
DRV - File not found [Kernel | Disabled | Stopped] -- C:\\Windows\\System32\\drivers\\blbdrive.sys -- (blbdrive)\par
DRV - [2009/06/10 06:38:16 | 000,335,872 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\netr61.sys -- (rt61x86)\par
DRV - [2009/04/03 14:51:34 | 000,120,336 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\\Windows\\System32\\drivers\\klif.sys -- (KLIF)\par
DRV - [2008/11/26 15:19:56 | 000,053,192 | ---- | M] (Radialpoint Inc.) [Kernel | Auto | Running] -- C:\\Windows\\System32\\drivers\\rp_skt32.sys -- (RPSKT) Security Services Driver (x86)\par
DRV - [2008/11/14 18:28:36 | 000,161,304 | R--- | M] (Sana Security, Inc. ) [Kernel | On_Demand | Running] -- C:\\Program Files\\Verizon\\Verizon Internet Security Suite\\SafeConnect\\Driver\\platform_VISTA\\SafeConnectDriver.sys -- (RadialpointSafeConnectDriver)\par
DRV - [2008/11/14 18:28:36 | 000,029,720 | R--- | M] (Sana Security, Inc. ) [Kernel | On_Demand | Running] -- C:\\Program Files\\Verizon\\Verizon Internet Security Suite\\SafeConnect\\Driver\\platform_VISTA\\SafeConnectFilter.sys -- (RadialpointSafeConnectFilter)\par
DRV - [2008/11/14 18:28:36 | 000,029,248 | ---- | M] (Sana Security, Inc. ) [Kernel | On_Demand | Running] -- C:\\Program Files\\Verizon\\Verizon Internet Security Suite\\SafeConnect\\Driver\\platform_VISTA\\SafeConnectShim.sys -- (RadialpointSafeConnectShim)\par
DRV - [2008/09/17 23:55:00 | 007,379,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\nvlddmkm.sys -- (nvlddmkm)\par
DRV - [2008/08/28 13:16:40 | 000,071,184 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\\Windows\\System32\\drivers\\DefragFS.sys -- (DefragFS)\par
DRV - [2008/08/01 19:51:14 | 001,052,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\nvmfdx32.sys -- (NVENETFD)\par
DRV - [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\ql2300.sys -- (ql2300)\par
DRV - [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\adp94xx.sys -- (adp94xx)\par
DRV - [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\elxstor.sys -- (elxstor)\par
DRV - [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\adpahci.sys -- (adpahci)\par
DRV - [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\uliahci.sys -- (uliahci)\par
DRV - [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\iastorv.sys -- (iaStorV)\par
DRV - [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\adpu320.sys -- (adpu320)\par
DRV - [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\ulsata2.sys -- (ulsata2)\par
DRV - [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\vsmraid.sys -- (vsmraid)\par
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\ql40xx.sys -- (ql40xx)\par
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\ulsata.sys -- (UlSata)\par
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\adpu160m.sys -- (adpu160m)\par
DRV - [2006/11/02 04:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\nvraid.sys -- (nvraid)\par
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\nfrd960.sys -- (nfrd960)\par
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\iirsp.sys -- (iirsp)\par
DRV - [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\sisraid4.sys -- (SiSRaid4)\par
DRV - [2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\nvstor.sys -- (nvstor)\par
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\djsvs.sys -- (aic78xx)\par
DRV - [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\arcsas.sys -- (arcsas)\par
DRV - [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\lsi_scsi.sys -- (LSI_SCSI)\par
DRV - [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\sisraid2.sys -- (SiSRaid2)\par
DRV - [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\hpcisss.sys -- (HpCISSs)\par
DRV - [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\arc.sys -- (arc)\par
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\iteraid.sys -- (iteraid)\par
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\iteatapi.sys -- (iteatapi)\par
DRV - [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\lsi_sas.sys -- (LSI_SAS)\par
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\symc8xx.sys -- (Symc8xx)\par
DRV - [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\lsi_fc.sys -- (LSI_FC)\par
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\sym_u3.sys -- (Sym_u3)\par
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\mraid35x.sys -- (Mraid35x)\par
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\sym_hi.sys -- (Sym_hi)\par
DRV - [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\megasas.sys -- (megasas)\par
DRV - [2006/11/02 04:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\viaide.sys -- (viaide)\par
DRV - [2006/11/02 04:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\cmdide.sys -- (cmdide)\par
DRV - [2006/11/02 04:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\aliide.sys -- (aliide)\par
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)\par
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\system32\\drivers\\brusbser.sys -- (BrUsbSer)\par
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\system32\\drivers\\brfiltup.sys -- (BrFiltUp)\par
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\system32\\drivers\\brfiltlo.sys -- (BrFiltLo)\par
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\brserwdm.sys -- (BrSerWdm)\par
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\brusbmdm.sys -- (BrUsbMdm)\par
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\\Windows\\system32\\drivers\\ntrigdigi.sys -- (ntrigdigi)\par
DRV - [2006/11/02 02:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\E1G60I32.sys -- (E1G60) Intel(R)\par
DRV - [2006/01/20 00:10:50 | 000,363,008 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\rt61.sys -- (RT61)\par
DRV - [2005/04/06 05:22:30 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\System32\\drivers\\nvnetbus.sys -- (nvnetbus)\par
DRV - [2005/01/28 04:48:58 | 002,310,272 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\\Windows\\System32\\drivers\\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)\par
\par
\par
========== Standard Registry (SafeList) ==========\par
\par
\par
========== Internet Explorer ==========\par
\par
\par
IE - HKCU\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Start Page = http://www.nascar.com/\par
IE - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: "ProxyEnable" = 0\par
\par
========== FireFox ==========\par
\par
FF - prefs.js..browser.startup.homepage: "http://channelsurfing.net/"\par
FF - prefs.js..extensions.enabledItems: \{E2883E8F-472F-4fb0-9522-AC9BF37916A7\}:1.6.2.63\par
\par
\par
FF - HKLM\\software\\mozilla\\Mozilla Firefox 3.6.7\\extensions\\\\Components: C:\\Program Files\\Mozilla Firefox\\components [2010/07/22 00:04:26 | 000,000,000 | ---D | M]\par
FF - HKLM\\software\\mozilla\\Mozilla Firefox 3.6.7\\extensions\\\\Plugins: C:\\Program Files\\Mozilla Firefox\\plugins [2010/07/22 16:28:54 | 000,000,000 | ---D | M]\par
\par
[2010/05/16 13:50:09 | 000,000,000 | ---D | M] -- C:\\Users\\ezlj\\AppData\\Roaming\\mozilla\\Extensions\par
[2010/07/22 16:28:48 | 000,000,000 | ---D | M] -- C:\\Users\\ezlj\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\kasiuv91.default\\extensions\par
[2010/06/26 21:07:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\\Users\\ezlj\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\kasiuv91.default\\extensions\\\{20a82645-c095-46ed-80e3-08825760534b\}(76)\par
[2010/05/17 18:49:59 | 000,000,000 | ---D | M] (No name found) -- C:\\Users\\ezlj\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\kasiuv91.default\\extensions\\\{635abd67-4fe9-1b23-4f01-e679fa7484c1\}\par
[2010/05/17 18:49:59 | 000,000,000 | ---D | M] (No name found) -- C:\\Users\\ezlj\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\kasiuv91.default\\extensions\\\{69D30031-F4A8-452a-A5B3-5D6787C3C5CF\}\par
[2010/07/22 16:27:47 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\\Users\\ezlj\\AppData\\Roaming\\mozilla\\Firefox\\Profiles\\kasiuv91.default\\extensions\\\{E2883E8F-472F-4fb0-9522-AC9BF37916A7\}\par
[2010/05/16 14:24:54 | 000,000,000 | ---D | M] -- C:\\Users\\ezlj\\AppData\\Roaming\\mozilla\\Firefox\\Profiles(139)\\1mmnrkn8.default\\extensions\par
[2010/05/16 14:24:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\\Users\\ezlj\\AppData\\Roaming\\mozilla\\Firefox\\Profiles(139)\\1mmnrkn8.default\\extensions\\\{20a82645-c095-46ed-80e3-08825760534b\}\par
[2010/07/22 16:29:04 | 000,000,000 | ---D | M] -- C:\\Program Files\\Mozilla Firefox\\extensions\par
[2010/07/22 16:29:19 | 000,000,000 | ---D | M] (Java Console) -- C:\\Program Files\\Mozilla Firefox\\extensions\\\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA\}\par
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\\Program Files\\Mozilla Firefox\\plugins\\npdeployJava1.dll\par
\par
O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\\Windows\\System32\\drivers\\etc\\hosts\par
O1 - Hosts: 127.0.0.1 localhost\par
O1 - Hosts: ::1 localhost\par
O2 - BHO: (Octh Class) - \{000123B4-9B42-4900-B3F7-F4B073EFC214\} - C:\\Program Files\\Orbitdownloader\\orbitcth.dll (Orbitdownloader.com)\par
O2 - BHO: (PopKill Class) - \{3C060EA2-E6A9-4E49-A530-D4657B8C449A\} - C:\\Program Files\\Verizon\\Verizon Internet Security Suite\\pkR.dll (Verizon)\par
O2 - BHO: (no name) - \{5C255C8A-E604-49b4-9D64-90988571CECB\} - No CLSID value found.\par
O3 - HKLM\\..\\Toolbar: (Grab Pro) - \{C55BBCD6-41AD-48AD-9953-3609C48EACC7\} - C:\\Program Files\\Orbitdownloader\\GrabPro.dll ()\par
O3 - HKCU\\..\\Toolbar\\WebBrowser: (Grab Pro) - \{C55BBCD6-41AD-48AD-9953-3609C48EACC7\} - C:\\Program Files\\Orbitdownloader\\GrabPro.dll ()\par
O4 - HKLM..\\Run: [NvCplDaemon] C:\\Windows\\System32\\NvCpl.DLL (NVIDIA Corporation)\par
O4 - HKLM..\\Run: [NvMediaCenter] C:\\Windows\\System32\\NvMcTray.DLL (NVIDIA Corporation)\par
O4 - HKLM..\\Run: [VerizonServicepoint.exe] C:\\Program Files\\Verizon\\VSP\\VerizonServicepoint.exe (Verizon)\par
O4 - HKLM..\\Run: [Windows Defender] C:\\Program Files\\Windows Defender\\MSASCui.exe (Microsoft Corporation)\par
O4 - HKCU..\\Run: [ares] C:\\Program Files\\Ares\\Ares.exe File not found\par
O4 - HKLM..\\RunOnce: [IndexCleaner] C:\\Program Files\\Verizon\\Verizon Internet Security Suite\\IdxClnR.exe (Verizon)\par
O4 - HKCU..\\RunOnce: [IndexCleaner] C:\\Program Files\\Verizon\\Verizon Internet Security Suite\\IdxClnR.exe (Verizon)\par
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: EnableLUA = 0\par
O7 - HKCU\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoDriveTypeAutoRun = 145\par
O8 - Extra context menu item: &Download by Orbit - C:\\Program Files\\Orbitdownloader\\orbitmxt.dll (Orbitdownloader.com)\par
O8 - Extra context menu item: &Grab video by Orbit - C:\\Program Files\\Orbitdownloader\\orbitmxt.dll (Orbitdownloader.com)\par
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\\Program Files\\Orbitdownloader\\orbitmxt.dll (Orbitdownloader.com)\par
O8 - Extra context menu item: Down&load all by Orbit - C:\\Program Files\\Orbitdownloader\\orbitmxt.dll (Orbitdownloader.com)\par
O13 - gopher Prefix: missing\par
O16 - DPF: \{17492023-C23A-453E-A040-C7C580BBF700\} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)\par
O16 - DPF: \{8AD9C840-044E-11D1-B3E9-00805F499D93\} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)\par
O16 - DPF: \{8FFBE65D-2C9C-4669-84BD-5829DC0B603C\} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)\par
O16 - DPF: \{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA\} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)\par
O16 - DPF: \{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA\} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)\par
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1\par
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\\Windows\\explorer.exe (Microsoft Corporation)\par
O24 - Desktop WallPaper: C:\\Users\\ezlj\\AppData\\Roaming\\Microsoft\\Windows Photo Gallery\\Windows Photo Gallery Wallpaper.jpg\par
O24 - Desktop BackupWallPaper: C:\\Users\\ezlj\\AppData\\Roaming\\Microsoft\\Windows Photo Gallery\\Windows Photo Gallery Wallpaper.jpg\par
O32 - HKLM CDRom: AutoRun - 1\par
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\\autoexec.bat -- [ NTFS ]\par
O33 - MountPoints2\\\{7195fa08-5373-11de-b9a2-f0298d190713\}\\Shell\\AutoRun\\command - "" = E:\\browser.exe -- File not found\par
O33 - MountPoints2\\\{d197aff8-f3d1-11de-9707-94cd415ff965\}\\Shell\\AutoRun\\command - "" = WD_Windows_Tools\\Setup.exe\par
O34 - HKLM BootExecute: (PDBoot.exe) - C:\\Windows\\System32\\PDBoot.exe (Raxco Software, Inc.)\par
O34 - HKLM BootExecute: (autocheck autochk *) - File not found\par
O35 - HKLM\\..comfile [open] -- "%1" %*\par
O35 - HKLM\\..exefile [open] -- "%1" %*\par
O37 - HKLM\\...com [@ = comfile] -- "%1" %*\par
O37 - HKLM\\...exe [@ = exefile] -- "%1" %*\par
\par
========== Files/Folders - Created Within 30 Days ==========\par
\par
[2010/07/22 16:32:15 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Sun\par
[2010/07/22 16:28:49 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\\Windows\\System32\\deployJava1.dll\par
[2010/07/22 16:28:49 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\\Windows\\System32\\javaws.exe\par
[2010/07/22 16:28:46 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\\Windows\\System32\\javaw.exe\par
[2010/07/22 16:28:46 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\\Windows\\System32\\java.exe\par
[2010/07/22 00:09:00 | 000,000,000 | ---D | C] -- C:\\Users\\ezlj\\AppData\\Roaming\\Malwarebytes\par
[2010/07/22 00:08:44 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\\Windows\\System32\\drivers\\mbamswissarmy.sys\par
[2010/07/22 00:08:40 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Malwarebytes\par
[2010/07/22 00:08:38 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\\Windows\\System32\\drivers\\mbam.sys\par
[2010/07/22 00:08:36 | 000,000,000 | ---D | C] -- C:\\Program Files\\Malwarebytes' Anti-Malware\par
[2010/07/20 11:56:43 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\mshtml.tlb\par
[2010/07/20 11:56:43 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\mstime.dll\par
[2010/07/20 11:56:43 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\jsproxy.dll\par
[2010/07/20 11:56:42 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\msfeeds.dll\par
[2010/07/20 11:56:42 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\iepeers.dll\par
[2010/07/20 11:56:42 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\msfeedsbs.dll\par
[2010/07/20 11:56:41 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\ieui.dll\par
[2010/07/20 11:56:41 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\iesetup.dll\par
[2010/07/20 11:56:41 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\iernonce.dll\par
[2010/07/20 11:56:40 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\iedkcs32.dll\par
[2010/07/20 11:56:40 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\ie4uinit.exe\par
[2010/07/20 11:56:40 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\ieUnatt.exe\par
[2010/07/20 11:56:40 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\iesysprep.dll\par
[2010/07/20 11:56:40 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\msfeedssync.exe\par
[2010/07/20 11:56:39 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\inetcpl.cpl\par
[2010/07/20 11:54:48 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\msls31.dll\par
[2010/07/20 11:54:48 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\admparse.dll\par
[2010/07/20 11:54:48 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\mshtmler.dll\par
[2010/07/20 11:54:47 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\dxtmsft.dll\par
[2010/07/20 11:54:47 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\dxtrans.dll\par
[2010/07/20 11:54:47 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\ieakeng.dll\par
[2010/07/20 11:54:47 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\imgutil.dll\par
[2010/07/20 11:54:47 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\corpol.dll\par
[2010/07/20 11:54:46 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\ieaksie.dll\par
[2010/07/20 11:54:46 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\msrating.dll\par
[2010/07/20 11:54:46 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\inseng.dll\par
[2010/07/20 11:54:46 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\licmgr10.dll\par
[2010/07/20 11:54:45 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\WinFXDocObj.exe\par
[2010/07/20 11:54:45 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\ieakui.dll\par
[2010/07/20 11:54:45 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\wextract.exe\par
[2010/07/20 11:54:44 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\pngfilt.dll\par
[2010/07/20 11:54:43 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\jscript.dll\par
[2010/07/20 11:54:43 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\ieapfltr.dll\par
[2010/07/20 11:54:43 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\vbscript.dll\par
[2010/07/20 11:54:43 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\url.dll\par
[2010/07/20 11:54:42 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\html.iec\par
[2010/07/20 11:54:41 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\ieapfltr.dat\par
[2010/07/20 11:54:41 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\iexpress.exe\par
[2010/07/20 11:54:41 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\PDMSetup.exe\par
[2010/07/20 11:54:41 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\RegisterIEPKEYs.exe\par
[2010/07/20 11:54:41 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\System32\\SetIEInstalledDate.exe\par
[2010/07/20 00:34:32 | 000,000,000 | -H-D | C] -- C:\\Users\\ezlj\\Documents\\Runes of Magic\par
[2010/07/19 23:43:55 | 000,000,000 | ---D | C] -- C:\\Program Files\\Runes of Magic\par
[2010/07/18 18:34:12 | 000,000,000 | ---D | C] -- C:\\Users\\ezlj\\AppData\\Roaming\\FOG Downloader\par
\par
========== Files - Modified Within 30 Days ==========\par
\par
[2010/07/22 19:00:09 | 177,304,096 | -HS- | M] () -- C:\\Windows\\System32\\drivers\\fidbox.dat\par
[2010/07/22 19:00:00 | 002,359,296 | -HS- | M] () -- C:\\Users\\ezlj\\NTUSER.DAT\par
[2010/07/22 18:31:30 | 000,000,882 | ---- | M] () -- C:\\Windows\\tasks\\GoogleUpdateTaskMachineUA.job\par
[2010/07/22 18:10:58 | 000,003,680 | -H-- | M] () -- C:\\Windows\\System32\\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0\par
[2010/07/22 18:10:58 | 000,003,680 | -H-- | M] () -- C:\\Windows\\System32\\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0\par
[2010/07/22 17:38:05 | 000,000,878 | ---- | M] () -- C:\\Windows\\tasks\\GoogleUpdateTaskMachineCore.job\par
[2010/07/22 17:37:36 | 000,000,006 | -H-- | M] () -- C:\\Windows\\tasks\\SA.DAT\par
[2010/07/22 16:16:47 | 000,000,420 | -H-- | M] () -- C:\\Windows\\tasks\\User_Feed_Synchronization-\{113E4354-9D93-42A5-8055-ECA7406235C4\}.job\par
[2010/07/22 16:11:17 | 000,001,691 | ---- | M] () -- C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Orbit.lnk\par
[2010/07/22 16:10:42 | 000,067,584 | --S- | M] () -- C:\\Windows\\bootstat.dat\par
[2010/07/22 00:58:10 | 002,359,628 | -HS- | M] () -- C:\\Windows\\System32\\drivers\\fidbox.idx\par
[2010/07/22 00:56:09 | 000,961,627 | -H-- | M] () -- C:\\Users\\ezlj\\AppData\\Local\\IconCache.db\par
[2010/07/22 00:08:50 | 000,000,827 | ---- | M] () -- C:\\Users\\Public\\Desktop\\Malwarebytes' Anti-Malware.lnk\par
[2010/07/22 00:04:32 | 000,001,757 | ---- | M] () -- C:\\Users\\ezlj\\Application Data\\Microsoft\\Internet Explorer\\Quick Launch\\Mozilla Firefox.lnk\par
[2010/07/22 00:04:32 | 000,001,733 | ---- | M] () -- C:\\Users\\Public\\Desktop\\Mozilla Firefox.lnk\par
[2010/07/21 21:57:47 | 145,225,517 | ---- | M] () -- C:\\Windows\\MEMORY.DMP\par
[2010/07/20 13:41:39 | 000,150,528 | ---- | M] () -- C:\\Users\\ezlj\\AppData\\Local\\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini\par
[2010/07/20 13:19:34 | 000,716,948 | ---- | M] () -- C:\\Windows\\System32\\PerfStringBackup.INI\par
[2010/07/20 13:19:34 | 000,618,410 | ---- | M] () -- C:\\Windows\\System32\\perfh009.dat\par
[2010/07/20 13:19:34 | 000,103,818 | ---- | M] () -- C:\\Windows\\System32\\perfc009.dat\par
[2010/07/20 12:22:01 | 000,000,952 | ---- | M] () -- C:\\Users\\ezlj\\Application Data\\Microsoft\\Internet Explorer\\Quick Launch\\Launch Internet Explorer Browser.lnk\par
[2010/07/20 00:30:49 | 000,001,745 | ---- | M] () -- C:\\Users\\ezlj\\Desktop\\Runes of Magic.lnk\par
[2010/07/19 22:16:29 | 000,050,400 | ---- | M] () -- C:\\Users\\ezlj\\AppData\\Local\\GDIPFONTCACHEV1.DAT\par
[2010/07/19 21:36:43 | 002,359,296 | -HS- | M] () -- C:\\Users\\ezlj\\ntuser.dat_previous\par
\par
========== Files Created - No Company Name ==========\par
\par
[2010/07/22 00:08:50 | 000,000,827 | ---- | C] () -- C:\\Users\\Public\\Desktop\\Malwarebytes' Anti-Malware.lnk\par
[2010/07/22 00:04:32 | 000,001,733 | ---- | C] () -- C:\\Users\\Public\\Desktop\\Mozilla Firefox.lnk\par
[2010/07/21 21:26:30 | 145,225,517 | ---- | C] () -- C:\\Windows\\MEMORY.DMP\par
[2010/07/20 12:26:08 | 000,000,420 | -H-- | C] () -- C:\\Windows\\tasks\\User_Feed_Synchronization-\{113E4354-9D93-42A5-8055-ECA7406235C4\}.job\par
[2010/07/20 11:56:40 | 000,057,667 | ---- | C] () -- C:\\Windows\\System32\\ieuinit.inf\par
[2010/07/20 00:30:53 | 000,001,745 | ---- | C] () -- C:\\Users\\ezlj\\Desktop\\Runes of Magic.lnk\par
[2009/02/24 16:49:29 | 000,056,320 | ---- | C] () -- C:\\Windows\\System32\\iyvu9_32.dll\par
[2008/11/21 16:47:52 | 003,596,288 | ---- | C] () -- C:\\Windows\\System32\\qt-dx331.dll\par
[2008/11/21 16:45:16 | 000,000,416 | ---- | C] () -- C:\\Windows\\System32\\dtu100.dll.manifest\par
[2008/10/14 16:09:12 | 000,005,504 | ---- | C] () -- C:\\Windows\\System32\\drivers\\StarOpen_x86.sys\par
[2008/04/06 14:23:37 | 000,000,000 | ---- | C] () -- C:\\Windows\\Irremote.ini\par
[2008/04/05 11:02:59 | 000,156,672 | ---- | C] () -- C:\\Windows\\System32\\RTLCPAPI.dll\par
[2008/04/05 10:59:36 | 000,290,918 | ---- | C] () -- C:\\Windows\\System32\\Install7x.dll\par
[2008/03/04 19:52:34 | 000,286,720 | ---- | C] () -- C:\\Windows\\System32\\libcurl.dll\par
[2007/10/31 10:39:54 | 000,059,904 | ---- | C] () -- C:\\Windows\\System32\\zlib1.dll\par
[2007/05/17 14:58:10 | 000,143,360 | ---- | C] () -- C:\\Windows\\System32\\libexpatw.dll\par
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\\Windows\\System32\\sysprepMCE.dll\par
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\\Windows\\System32\\pacerprf.ini\par
\par
========== Custom Scans ==========\par
\par
\par
< %systemroot%\\*. /mp /s >\par
\par
< %systemroot%\\system32\\*.dll /lockedfiles >\par
[2006/11/02 04:47:18 | 000,228,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\\Windows\\System32\\rsaenh.dll\par
[2008/04/05 11:07:09 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\\Windows\\System32\\SLC.dll\par
\par
< %systemroot%\\system32\\*.exe /lockedfiles >\par
\par
< %systemroot%\\Tasks\\*.job /lockedfiles >\par
\par
< %systemroot%\\system32\\drivers\\*.sys /lockedfiles >\par
\par
< %systemroot%\\System32\\config\\*.sav >\par
[2006/11/02 05:34:05 | 000,008,192 | ---- | M] () -- C:\\Windows\\System32\\config\\COMPONENTS.SAV\par
[2006/11/02 05:34:05 | 000,020,480 | ---- | M] () -- C:\\Windows\\System32\\config\\DEFAULT.SAV\par
[2006/11/02 05:34:05 | 000,008,192 | ---- | M] () -- C:\\Windows\\System32\\config\\SECURITY.SAV\par
[2006/11/02 05:34:08 | 010,133,504 | ---- | M] () -- C:\\Windows\\System32\\config\\SOFTWARE.SAV\par
[2006/11/02 05:34:08 | 001,826,816 | ---- | M] () -- C:\\Windows\\System32\\config\\SYSTEM.SAV\par
\par
< %systemroot%\\system32\\*.sys >\par
[2006/11/02 02:09:42 | 000,009,029 | ---- | M] () -- C:\\Windows\\System32\\ANSI.SYS\par
[2008/04/05 11:16:48 | 000,224,824 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\System32\\clfs.sys\par
[2006/11/02 02:09:45 | 000,027,097 | ---- | M] () -- C:\\Windows\\System32\\country.sys\par
[2006/11/02 02:09:41 | 000,004,768 | ---- | M] () -- C:\\Windows\\System32\\HIMEM.SYS\par
[2006/11/02 02:09:44 | 000,042,809 | ---- | M] () -- C:\\Windows\\System32\\KEY01.SYS\par
[2006/11/02 02:09:44 | 000,042,537 | ---- | M] () -- C:\\Windows\\System32\\KEYBOARD.SYS\par
[2006/11/02 02:09:29 | 000,027,866 | ---- | M] () -- C:\\Windows\\System32\\NTDOS.SYS\par
[2006/11/02 02:09:35 | 000,029,146 | ---- | M] () -- C:\\Windows\\System32\\NTDOS404.SYS\par
[2006/11/02 02:09:38 | 000,029,370 | ---- | M] () -- C:\\Windows\\System32\\NTDOS411.SYS\par
[2006/11/02 02:09:40 | 000,029,274 | ---- | M] () -- C:\\Windows\\System32\\NTDOS412.SYS\par
[2006/11/02 02:09:31 | 000,029,146 | ---- | M] () -- C:\\Windows\\System32\\NTDOS804.SYS\par
[2006/11/02 02:09:20 | 000,033,952 | ---- | M] () -- C:\\Windows\\System32\\NTIO.SYS\par
[2006/11/02 02:09:23 | 000,034,672 | ---- | M] () -- C:\\Windows\\System32\\NTIO404.SYS\par
[2006/11/02 02:09:24 | 000,035,776 | ---- | M] () -- C:\\Windows\\System32\\NTIO411.SYS\par
[2006/11/02 02:09:26 | 000,035,536 | ---- | M] () -- C:\\Windows\\System32\\NTIO412.SYS\par
[2006/11/02 02:09:22 | 000,034,672 | ---- | M] () -- C:\\Windows\\System32\\NTIO804.SYS\par
[2009/08/14 09:01:34 | 002,031,104 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\System32\\win32k.sys\par
\par
< %systemroot%\\system32\\drivers\\*.dll >\par
\par
< %systemroot%\\system32\\drivers\\*.ini >\par
\par
< %systemroot%\\system32\\drivers\\*.exe >\par
\par
< %SYSTEMDRIVE%\\*.* >\par
[2006/09/18 16:43:36 | 000,000,024 | ---- | M] () -- C:\\autoexec.bat\par
[2006/11/02 04:53:57 | 000,438,840 | RHS- | M] () -- C:\\bootmgr\par
[2008/03/30 20:24:58 | 000,008,192 | R-S- | M] () -- C:\\BOOTSECT.BAK\par
[2006/09/18 16:43:37 | 000,000,010 | ---- | M] () -- C:\\config.sys\par
[2010/05/04 13:56:52 | 000,071,745 | ---- | M] () -- C:\\debug.log\par
[2008/04/06 14:21:46 | 000,000,077 | ---- | M] () -- C:\\FilterLog.log\par
[2009/05/05 11:04:21 | 000,000,000 | RHS- | M] () -- C:\\IO.SYS\par
[2009/05/05 11:04:21 | 000,000,000 | RHS- | M] () -- C:\\MSDOS.SYS\par
[2010/07/22 16:10:31 | 1387,200,512 | -HS- | M] () -- C:\\pagefile.sys\par
[2009/06/07 19:03:46 | 011,153,593 | ---- | M] () -- C:\\Untitled.m4v\par
\par
< %PROGRAMFILES%\\*. >\par
[2009/02/18 08:53:43 | 000,000,000 | ---D | M] -- C:\\Program Files\\AC3Filter\par
[2010/07/19 21:31:12 | 000,000,000 | ---D | M] -- C:\\Program Files\\Adobe\par
[2010/07/20 14:55:56 | 000,000,000 | ---D | M] -- C:\\Program Files\\Ares\par
[2010/05/12 18:50:26 | 000,000,000 | ---D | M] -- C:\\Program Files\\Audacity 1.3 Beta (Unicode)\par
[2009/06/07 20:15:41 | 000,000,000 | ---D | M] -- C:\\Program Files\\AVS4YOU\par
[2010/07/19 21:31:12 | 000,000,000 | ---D | M] -- C:\\Program Files\\CCleaner\par
[2010/07/20 19:33:17 | 000,000,000 | ---D | M] -- C:\\Program Files\\Common Files\par
[2010/07/20 14:56:13 | 000,000,000 | ---D | M] -- C:\\Program Files\\DivX\par
[2010/05/17 21:01:44 | 000,000,000 | ---D | M] -- C:\\Program Files\\Google\par
[2010/05/17 18:49:55 | 000,000,000 | -H-D | M] -- C:\\Program Files\\InstallShield Installation Information\par
[2010/07/20 12:16:46 | 000,000,000 | ---D | M] -- C:\\Program Files\\Internet Explorer\par
[2010/07/22 16:28:09 | 000,000,000 | ---D | M] -- C:\\Program Files\\Java\par
[2009/02/24 16:49:27 | 000,000,000 | ---D | M] -- C:\\Program Files\\Ligos\par
[2010/07/22 00:08:52 | 000,000,000 | ---D | M] -- C:\\Program Files\\Malwarebytes' Anti-Malware\par
[2009/12/10 18:33:33 | 000,000,000 | ---D | M] -- C:\\Program Files\\Microsoft\par
[2009/12/15 04:03:22 | 000,000,000 | ---D | M] -- C:\\Program Files\\Microsoft CAPICOM 2.1.0.2\par
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\\Program Files\\Microsoft Games\par
[2010/05/29 17:26:27 | 000,000,000 | ---D | M] -- C:\\Program Files\\Microsoft Silverlight\par
[2010/03/11 04:33:19 | 000,000,000 | ---D | M] -- C:\\Program Files\\Movie Maker\par
[2009/05/25 00:21:29 | 000,000,000 | ---D | M] -- C:\\Program Files\\Moyea\par
[2010/07/22 00:04:28 | 000,000,000 | ---D | M] -- C:\\Program Files\\Mozilla Firefox\par
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\\Program Files\\MSBuild\par
[2008/04/05 10:59:05 | 000,000,000 | ---D | M] -- C:\\Program Files\\MSI\par
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\\Program Files\\MSN\par
[2008/04/06 14:20:12 | 000,000,000 | ---D | M] -- C:\\Program Files\\MSXML 4.0\par
[2009/05/18 20:50:10 | 000,000,000 | ---D | M] -- C:\\Program Files\\NCH Software\par
[2009/05/31 15:12:53 | 000,000,000 | ---D | M] -- C:\\Program Files\\NCH Swift Sound\par
[2010/07/22 16:28:28 | 000,000,000 | ---D | M] -- C:\\Program Files\\NOS\par
[2010/07/22 16:36:38 | 000,000,000 | ---D | M] -- C:\\Program Files\\Orbitdownloader\par
[2009/06/02 13:41:52 | 000,000,000 | ---D | M] -- C:\\Program Files\\Raxco\par
[2009/05/31 15:09:53 | 000,000,000 | ---D | M] -- C:\\Program Files\\Record-Anything\par
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\\Program Files\\Reference Assemblies\par
[2010/07/21 22:55:49 | 000,000,000 | ---D | M] -- C:\\Program Files\\Runes of Magic\par
[2010/07/03 14:55:39 | 000,000,000 | ---D | M] -- C:\\Program Files\\SUPERAntiSpyware\par
[2006/11/02 08:01:55 | 000,000,000 | -H-D | M] -- C:\\Program Files\\Uninstall Information\par
[2010/04/18 18:07:57 | 000,000,000 | ---D | M] -- C:\\Program Files\\Veetle\par
[2009/06/02 13:41:30 | 000,000,000 | ---D | M] -- C:\\Program Files\\Verizon\par
[2010/01/05 20:45:17 | 000,000,000 | ---D | M] -- C:\\Program Files\\VideoLAN\par
[2008/04/05 11:40:09 | 000,000,000 | ---D | M] -- C:\\Program Files\\Windows Calendar\par
[2006/11/02 07:42:32 | 000,000,000 | ---D | M] -- C:\\Program Files\\Windows Collaboration\par
[2008/04/05 11:40:04 | 000,000,000 | ---D | M] -- C:\\Program Files\\Windows Defender\par
[2006/11/02 07:42:32 | 000,000,000 | ---D | M] -- C:\\Program Files\\Windows Journal\par
[2009/12/10 18:33:28 | 000,000,000 | ---D | M] -- C:\\Program Files\\Windows Live\par
[2009/12/10 18:33:03 | 000,000,000 | ---D | M] -- C:\\Program Files\\Windows Live SkyDrive\par
[2010/04/17 03:22:35 | 000,000,000 | ---D | M] -- C:\\Program Files\\Windows Mail\par
[2009/10/30 19:43:21 | 000,000,000 | ---D | M] -- C:\\Program Files\\Windows Media Player\par
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\\Program Files\\Windows NT\par
[2006/11/02 07:42:32 | 000,000,000 | ---D | M] -- C:\\Program Files\\Windows Photo Gallery\par
[2008/04/05 11:39:58 | 000,000,000 | ---D | M] -- C:\\Program Files\\Windows Sidebar\par
[2009/07/28 18:01:17 | 000,000,000 | ---D | M] -- C:\\Program Files\\WinRAR\par
\par
< %appdata%\\*.* >\par
\par
\par
< MD5 for: AGP440.SYS >\par
[2008/01/19 02:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\\Windows\\SoftwareDistribution\\Download\\b1d48c0a5500e900499764daaa6a0385\\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\\AGP440.sys\par
[2006/11/02 04:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\\Windows\\System32\\drivers\\AGP440.sys\par
[2006/11/02 04:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\\Windows\\System32\\DriverStore\\FileRepository\\machine.inf_920a2c1f\\AGP440.sys\par
\par
< MD5 for: ATAPI.SYS >\par
[2008/01/19 02:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\\Windows\\SoftwareDistribution\\Download\\b1d48c0a5500e900499764daaa6a0385\\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\\atapi.sys\par
[2006/11/02 04:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\\Windows\\System32\\DriverStore\\FileRepository\\mshdc.inf_c6c2e699\\atapi.sys\par
[2008/04/05 11:11:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\\Windows\\System32\\drivers\\atapi.sys\par
[2008/04/05 11:11:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\\Windows\\System32\\DriverStore\\FileRepository\\mshdc.inf_7de13c21\\atapi.sys\par
[2008/04/05 11:11:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\\Windows\\winsxs\\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\\atapi.sys\par
[2008/04/05 11:11:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\\Windows\\winsxs\\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\\atapi.sys\par
\par
< MD5 for: CNGAUDIT.DLL >\par
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\\Windows\\System32\\cngaudit.dll\par
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\\Windows\\winsxs\\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\\cngaudit.dll\par
\par
< MD5 for: DISK.SYS >\par
[2008/01/19 02:42:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\\Windows\\SoftwareDistribution\\Download\\b1d48c0a5500e900499764daaa6a0385\\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\\disk.sys\par
[2006/11/02 04:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\\Windows\\System32\\drivers\\disk.sys\par
[2006/11/02 04:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\\Windows\\System32\\DriverStore\\FileRepository\\disk.inf_e0b0b355\\disk.sys\par
\par
< MD5 for: IASTORV.SYS >\par
[2008/01/19 02:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\\Windows\\SoftwareDistribution\\Download\\b1d48c0a5500e900499764daaa6a0385\\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\\iaStorV.sys\par
[2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\\Windows\\System32\\drivers\\iaStorV.sys\par
[2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\\Windows\\System32\\DriverStore\\FileRepository\\iastorv.inf_37cdafa4\\iaStorV.sys\par
\par
< MD5 for: NETLOGON.DLL >\par
[2006/11/02 04:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\\Windows\\System32\\netlogon.dll\par
[2006/11/02 04:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\\Windows\\winsxs\\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\\netlogon.dll\par
[2008/01/19 02:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\\Windows\\SoftwareDistribution\\Download\\b1d48c0a5500e900499764daaa6a0385\\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\\netlogon.dll\par
\par
< MD5 for: NVSTOR.SYS >\par
[2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\\Windows\\System32\\drivers\\nvstor.sys\par
[2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\\Windows\\System32\\DriverStore\\FileRepository\\nvraid.inf_733654ff\\nvstor.sys\par
[2008/01/19 02:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\\Windows\\SoftwareDistribution\\Download\\b1d48c0a5500e900499764daaa6a0385\\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\\nvstor.sys\par
\par
< MD5 for: SCECLI.DLL >\par
[2008/01/19 02:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\\Windows\\SoftwareDistribution\\Download\\b1d48c0a5500e900499764daaa6a0385\\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\\scecli.dll\par
[2006/11/02 04:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\\Windows\\System32\\scecli.dll\par
[2006/11/02 04:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\\Windows\\winsxs\\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\\scecli.dll\par
\par
< MD5 for: USBSTOR.SYS >\par
[2008/04/05 11:14:18 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7887CE56934E7F104E98C975F47353C5 -- C:\\Windows\\System32\\drivers\\USBSTOR.SYS\par
[2008/04/05 11:14:18 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7887CE56934E7F104E98C975F47353C5 -- C:\\Windows\\System32\\DriverStore\\FileRepository\\usbstor.inf_8416e98e\\USBSTOR.SYS\par
[2008/04/05 11:14:18 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=7887CE56934E7F104E98C975F47353C5 --

descriptionHelp!!!! MY OTL has been scanning for 2 hours and still going. Is this bad EmptyRe: Help!!!! MY OTL has been scanning for 2 hours and still going. Is this bad

more_horiz
Help!!!! MY OTL has been scanning for 2 hours and still going. Is this bad Bf_new Please download Malwarebytes Anti-Malware from Malwarebytes.org.
Alternate link: BleepingComputer.com.
(Note: if you already have the program installed, just follow the directions. No need to re-download or re-install!)

Double Click mbam-setup.exe to install the application.

(Note: if you already have the program installed, open Malwarebytes from the Start Menu or Desktop shortcut, click the Update tab, and click Check for Updates, before doing the scan as instructed below!)

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If you are prompted to restart, please allow it to restart your computer. Failure to do this, will cause the infection to still be active on the computer.
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • The log can also be found at C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Copy and paste the entire report in your next reply.

descriptionHelp!!!! MY OTL has been scanning for 2 hours and still going. Is this bad EmptyRe: Help!!!! MY OTL has been scanning for 2 hours and still going. Is this bad

more_horiz
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4344

Windows 6.0.6000
Internet Explorer 7.0.6000.17037

7/24/2010 2:05:46 PM
mbam-log-2010-07-24 (14-05-46).txt

Scan type: Quick scan
Objects scanned: 125693
Time elapsed: 11 minute(s), 1 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

descriptionHelp!!!! MY OTL has been scanning for 2 hours and still going. Is this bad EmptyRe: Help!!!! MY OTL has been scanning for 2 hours and still going. Is this bad

more_horiz
This is the log that was ran the first time. It was ran before talking to you. I don't know if it will help.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4337

Windows 6.0.6000
Internet Explorer 8.0.6001.18904

7/22/2010 12:36:22 AM
mbam-log-2010-07-22 (00-36-22).txt

Scan type: Quick scan
Objects scanned: 124771
Time elapsed: 25 minute(s), 6 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 8
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 13
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\AppID\{38061edc-40bb-4618-a8da-e56353347e6d} (Adware.EZlife) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{a9722a0d-365f-47d2-b70b-37d046316d99} (Adware.EZlife) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ezLife (Adware.EZlife) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Smart-Ads-Solutions (Adware.SmartAds) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\UNICCodec (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\UNICCodecSoft (Trojan.DNSChanger) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Windows\System32\config\systemprofile\AppData\Roaming\ATManager (Rogue.ATManager) -> Quarantined and deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\Roaming\ATManager\metafiles (Rogue.ATManager) -> Quarantined and deleted successfully.
C:\Program Files\$NtUninstallWTF1012$ (Adware.EZLife) -> Quarantined and deleted successfully.
C:\Program Files\ezLife (Adware.EzLife) -> Quarantined and deleted successfully.
C:\Program Files\ezLife\ezLife (Adware.EzLife) -> Quarantined and deleted successfully.
C:\Program Files\ezLife\ezLife\1.5.5.0 (Adware.EzLife) -> Quarantined and deleted successfully.
C:\Program Files\Smart-Ads-Solutions (Adware.SmartAds) -> Quarantined and deleted successfully.
C:\Program Files\Smart-Ads-Solutions\SmartAds (Adware.SmartAds) -> Quarantined and deleted successfully.
C:\Program Files\Smart-Ads-Solutions\SmartAds\1.5.5.0 (Adware.SmartAds) -> Quarantined and deleted successfully.
C:\Program Files\UNICCodec (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UNICCodec (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Users\ezlj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UNICCodec (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Windows\$NtUninstallMTF1011$ (Adware.Adrotator) -> Quarantined and deleted successfully.

Files Infected:
C:\Windows\System32\config\systemprofile\AppData\Roaming\ATManager\metafiles\e7e2135bcdfc87179deacdb1cdac8b7a.torrent (Rogue.ATManager) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UNICCodec\Uninstall.lnk (Trojan.DNSChanger) -> Quarantined and deleted successfully.

descriptionHelp!!!! MY OTL has been scanning for 2 hours and still going. Is this bad EmptyRe: Help!!!! MY OTL has been scanning for 2 hours and still going. Is this bad

more_horiz
Please download OTL to your Desktop. (If you already have it downloaded, then just follow the instructions below).
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in

    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\system32\*.exe /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\*.sys
    %systemroot%\system32\drivers\*.dll
    %systemroot%\system32\drivers\*.ini
    %systemroot%\system32\drivers\*.exe
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll
    %SYSTEMDRIVE%\*.*
    %PROGRAMFILES%\*.
    %appdata%\*.*
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    disk.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    symmpi.sys
    adp3132.sys
    mv61xx.sys
    usbstor.sys
    /md5stop
    CREATERESTOREPOINT
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs


  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) and paste (Edit->Paste) the contents of these files, one at a time


Note: in the event that OTL fails to run, please use alternate download links to try again:

http://oldtimer.geekstogo.com/OTL.com
http://oldtimer.geekstogo.com/OTL.scr

descriptionHelp!!!! MY OTL has been scanning for 2 hours and still going. Is this bad EmptyRe: Help!!!! MY OTL has been scanning for 2 hours and still going. Is this bad

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum