Computer Issues..

Alright so.. Before i explain the problems, i split water on my laptop keyboard a month and a half ago, i haven't had ANY connection issues with my laptop, until the start of last week.. So i highly doubt it's just now effecting my chips inside (Though my keyboard is messed up, had to buy a new one)

Anyways, I've got Comcast and my DL Speed is usually in the 20mb/s, i have two laptops, both return the same download speed, except this one now returns a PING in the 200-300s (used to be 20-40s) I'm not quite sure what the problem is, i can't find any viruses or whatnot.. I've used the following AntiVirus Softwares..

BitDefender Total Security Beta 2011 (Full Product)
ESET Nod32 Smart Security (Full Product)
Norton Security Suite 4 (Full Product & Current Product i'm using)
Malwarebytes' Anti-Malware 1.50 Public Beta

BitDefender found nothing.. ESET found nothing.. Norton found a few Tracking Cookies only..

I've used Microsoft® Windows® Malicious Software Removal Tool as well (Full Scans..)

Malwarebytes Full Scan Results..


Malwarebytes Flash Scan results..


Everytime i download something, the speed hits high 1mbs then goes down to 100kb/s and EVERYTHING else i'm using acts like my internet is disconnecting, pages start to run extremely slow, anything else i'm using starts to freeze..

Honestly, i'm pretty decent with computers, but i can't figure out WHAT exactly is the problem.. All i know is, my ping on this Laptop hits mid 300s on speedtests now, i've tried to do Factory Restore but it's near impossible with my broken keyboard.. In order to restart my computer, everything plugged in has to be unplugged, even the power cord or it makes a really loud alarm-type beeping noise, once the Windows Screen comes up, i can plug things in.. So i can't really press any of the F-Keys..

Any Suggestions on what the problem may be? And how to fix it?

Ok can't edit my first post anymore..

rkill log


MBRCheck Log


Last edited by Echelon on 20th November 2010, 6:11 am; edited 2 times in total (Reason for editing : Updating Information for faster help..)

OTL logfile created on: 11/20/2010 1:05:14 AM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Echelon\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 43.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 60.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140.37 Gb Total Space | 83.27 Gb Free Space | 59.32% Space Free | Partition Type: NTFS
Drive E: | 7.45 Gb Total Space | 6.84 Gb Free Space | 91.82% Space Free | Partition Type: FAT32

Computer Name: ECHELONNETWORK | User Name: Echelon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/20 00:41:45 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Echelon\Desktop\OTL.exe
PRC - [2010/11/10 10:19:18 | 000,363,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/11/10 10:19:16 | 000,443,728 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2010/11/02 10:22:15 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/09/22 23:28:10 | 000,025,456 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2010/07/06 10:03:00 | 000,173,352 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/01 17:11:06 | 001,283,384 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
PRC - [2009/04/01 17:10:58 | 000,062,776 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe
PRC - [2008/07/18 22:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008/04/24 15:03:12 | 000,430,080 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
PRC - [2008/04/17 02:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2008/04/15 19:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/04/15 19:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/04/08 17:14:50 | 006,037,504 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/02/06 15:52:40 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
PRC - [2008/01/20 21:33:00 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/09/11 04:40:32 | 000,218,032 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2006/08/23 18:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe


========== Modules (SafeList) ==========

MOD - [2010/11/20 00:41:45 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Echelon\Desktop\OTL.exe
MOD - [2010/11/16 00:40:33 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcr90.dll
MOD - [2010/11/16 00:40:33 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcp90.dll
MOD - [2010/09/20 14:26:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\4.3.0.5\asoehook.dll
MOD - [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Arrakis3)
SRV - [2010/11/10 10:19:18 | 000,363,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/09/22 16:33:04 | 000,051,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010/07/06 10:03:00 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe -- (N360)
SRV - [2009/09/24 20:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/04/01 17:10:58 | 000,062,776 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2008/07/18 22:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/04/17 02:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/04/15 19:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/02/06 15:52:40 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2008/01/20 21:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/08/23 18:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2005/11/14 03:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Echelon\AppData\Local\Temp\RarSFX0\ThreatScanner\trufos.sys -- (Trufos)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Echelon\AppData\Local\Temp\RarSFX0\ThreatScanner\profos.sys -- (Profos)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2010/11/15 23:56:48 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101119.021\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/11/15 23:56:48 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/11/15 23:56:48 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/11/15 23:56:48 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101119.021\NAVENG.SYS -- (NAVENG)
DRV - [2010/11/15 23:49:12 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/11/10 10:19:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/11/04 15:02:36 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101104.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/10/19 15:36:24 | 000,353,840 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101118.005\IDSvix86.sys -- (IDSVix86)
DRV - [2010/05/05 23:01:59 | 000,339,504 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS -- (SYMTDIv)
DRV - [2010/04/29 00:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/21 22:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMEFA.SYS -- (SymEFA)
DRV - [2010/04/21 21:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\Drivers\N360\0403000.005\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/21 21:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/03/04 12:50:14 | 000,261,152 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2010/02/25 19:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\ccHPx86.sys -- (ccHP)
DRV - [2009/10/14 22:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMDS.SYS -- (SymDS)
DRV - [2009/06/10 04:52:58 | 000,347,648 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8187B.sys -- (RTL8187B)
DRV - [2009/03/11 18:17:20 | 000,063,488 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTSTOR.sys -- (RTSTOR)
DRV - [2008/12/26 11:56:04 | 000,017,792 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM)
DRV - [2008/08/14 09:40:40 | 000,203,312 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2008/07/18 20:52:16 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2008/06/12 20:43:16 | 002,381,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/04/15 19:53:44 | 000,312,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2008/04/09 20:00:04 | 002,095,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/01/20 21:32:53 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 21:32:53 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 21:32:52 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 21:32:52 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 21:32:52 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 21:32:52 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 21:32:51 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 21:32:51 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 21:32:50 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 21:32:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/20 21:32:50 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 21:32:49 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 21:32:49 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 21:32:49 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 21:32:49 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 21:32:49 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 21:32:48 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 21:32:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 21:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 21:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 21:32:46 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 21:32:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 21:32:21 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 21:32:21 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 21:32:21 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/11/09 16:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/04/23 12:50:50 | 000,025,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\System32\drivers\RtlProt.sys -- (RtlProt)
DRV - [2006/11/20 16:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006/11/09 01:32:00 | 000,219,264 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)
DRV - [2006/11/09 01:31:00 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2005/08/17 06:47:48 | 000,073,696 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdserd.sys -- (sscdserd) SAMSUNG CDMA Modem Diagnostic Serial Port (WDM)
DRV - [2005/08/17 06:46:26 | 000,093,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2005/08/17 06:46:20 | 000,008,272 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005/08/17 06:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.xfinity.com/?cid=xfactiv_eg_self_main

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.xfinity.com/?cid=xfactiv_eg_self_main
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Runescape Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2680363&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.Google.com"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: adblockpopups@jessehakanen.net:0.1.9
FF - prefs.js..extensions.enabledItems: TechnicianConsole@logmeinrescue.com:6.2.0.743
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: info@djzig.com:1.2.3
FF - prefs.js..extensions.enabledItems: redshift_V2@shift-themes.com:3.6
FF - prefs.js..extensions.enabledItems: {5b175400-2368-11de-8c30-0800200c9a66}:1.9

FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2010/11/17 02:24:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\ [2010/11/15 23:50:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/02 10:22:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/02 10:22:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2010/11/03 19:05:55 | 000,000,000 | ---D | M] -- C:\Users\Echelon\AppData\Roaming\Mozilla\Extensions
[2010/11/20 00:29:42 | 000,000,000 | ---D | M] -- C:\Users\Echelon\AppData\Roaming\Mozilla\Firefox\Profiles\zoattqlz.default\extensions
[2010/11/16 02:25:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Echelon\AppData\Roaming\Mozilla\Firefox\Profiles\zoattqlz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/11/11 00:01:10 | 000,000,000 | ---D | M] (Firefox Sync) -- C:\Users\Echelon\AppData\Roaming\Mozilla\Firefox\Profiles\zoattqlz.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}(47)
[2010/11/16 02:14:28 | 000,000,000 | ---D | M] (Oskar) -- C:\Users\Echelon\AppData\Roaming\Mozilla\Firefox\Profiles\zoattqlz.default\extensions\{5b175400-2368-11de-8c30-0800200c9a66}
[2010/11/16 20:47:53 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Echelon\AppData\Roaming\Mozilla\Firefox\Profiles\zoattqlz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/11/03 16:05:25 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Echelon\AppData\Roaming\Mozilla\Firefox\Profiles\zoattqlz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(409)
[2010/11/16 20:48:39 | 000,000,000 | ---D | M] -- C:\Users\Echelon\AppData\Roaming\Mozilla\Firefox\Profiles\zoattqlz.default\extensions\adblockpopups@jessehakanen.net
[2010/11/16 20:38:06 | 000,000,000 | ---D | M] -- C:\Users\Echelon\AppData\Roaming\Mozilla\Firefox\Profiles\zoattqlz.default\extensions\info@djzig.com
[2010/11/18 06:58:45 | 000,000,000 | ---D | M] -- C:\Users\Echelon\AppData\Roaming\Mozilla\Firefox\Profiles\zoattqlz.default\extensions\redshift_V2@shift-themes.com
[2010/11/16 02:25:00 | 000,000,000 | ---D | M] -- C:\Users\Echelon\AppData\Roaming\Mozilla\Firefox\Profiles\zoattqlz.default\extensions\TechnicianConsole@logmeinrescue.com
[2010/11/09 19:07:21 | 000,000,000 | ---D | M] -- C:\Users\Echelon\AppData\Roaming\Mozilla\Firefox\Profiles\zoattqlz.default\extensions\zigboom@hotmail(405).com
[2010/08/05 22:19:36 | 000,000,921 | ---- | M] () -- C:\Users\Echelon\AppData\Roaming\Mozilla\Firefox\Profiles\zoattqlz.default\searchplugins\conduit.xml
[2010/11/16 02:08:30 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/04 01:48:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/04 22:11:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/16 02:08:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/11/16 02:08:02 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2008/12/01 11:50:26 | 000,004,946 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\comcast.xml

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKLM..\RunOnce: [InnoSetupRegFile.0000000001] C:\Windows\is-7C4EN.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.74.166 68.87.68.166
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Echelon\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Users\Echelon\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{fa32d147-bfb7-11de-9969-001e33c0e882}\Shell - "" = AutoRun
O33 - MountPoints2\{fa32d147-bfb7-11de-9969-001e33c0e882}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/20 00:41:21 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Echelon\Desktop\OTL.exe
[2010/11/17 02:57:20 | 000,339,504 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\symtdiv.sys
[2010/11/17 02:57:19 | 000,328,752 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\symds.sys
[2010/11/17 02:57:19 | 000,325,680 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\srtsp.sys
[2010/11/17 02:57:19 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\symefa.sys
[2010/11/17 02:57:19 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\srtspx.sys
[2010/11/17 02:57:18 | 000,501,888 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\cchpx86.sys
[2010/11/17 02:57:18 | 000,116,784 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\ironx86.sys
[2010/11/17 02:48:34 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360\0403000.005
[2010/11/17 00:49:38 | 000,000,000 | ---D | C] -- C:\Users\Echelon\AppData\Roaming\Malwarebytes
[2010/11/17 00:49:26 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/11/17 00:49:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/11/17 00:49:20 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/11/17 00:49:20 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/11/16 21:54:03 | 000,000,000 | ---D | C] -- C:\N360_BACKUP
[2010/11/16 02:08:18 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/11/16 02:08:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/11/16 02:08:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/11/16 00:42:41 | 000,000,000 | ---D | C] -- C:\Windows\en
[2010/11/16 00:41:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010/11/16 00:38:03 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2010/11/16 00:38:03 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2010/11/16 00:38:02 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010/11/16 00:32:38 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/11/16 00:28:40 | 011,843,016 | ---- | C] (Microsoft Corporation) -- C:\Users\Echelon\Desktop\Microsoft® Windows® Malicious Software Removal Tool.exe
[2010/11/15 23:49:15 | 000,107,368 | R--- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2010/11/15 23:49:13 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2010/11/15 23:49:12 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/11/15 23:48:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360
[2010/11/15 23:48:44 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Security Suite
[2010/11/15 23:48:37 | 000,000,000 | ---D | C] -- C:\Users\Echelon\Documents\Symantec
[2010/11/15 23:48:37 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2010/11/15 22:27:19 | 000,000,000 | ---D | C] -- C:\ProgramData\TestLogger
[2010/11/15 21:14:51 | 000,000,000 | -H-D | C] -- C:\PEBakcup
[2010/11/08 03:22:46 | 000,000,000 | ---D | C] -- C:\Users\Echelon\AppData\Roaming\Media Player Classic
[2010/11/04 13:53:03 | 000,000,000 | ---D | C] -- C:\PcwBak
[2010/11/03 20:59:12 | 000,000,000 | ---D | C] -- C:\Users\Echelon\Documents\LimeWire
[2010/11/03 19:06:14 | 000,000,000 | ---D | C] -- C:\Users\Echelon\Tracing
[2010/11/03 18:50:35 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010/11/03 18:47:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings(6)
[2010/11/03 16:57:31 | 000,000,000 | ---D | C] -- C:\Program Files\PC Washer
[2010/11/03 02:06:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/11/02 21:14:55 | 000,000,000 | ---D | C] -- C:\ProgramData\bdch
[2010/11/02 19:35:01 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2010/11/02 19:31:49 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010/11/02 16:56:07 | 000,000,000 | ---D | C] -- C:\Users\Echelon\AppData\Local\Windows Live
[2010/11/02 11:14:42 | 000,253,072 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys
[2010/11/02 11:07:25 | 000,000,000 | ---D | C] -- C:\Users\Echelon\AppData\Roaming\BitDefender
[2010/11/02 10:58:47 | 000,000,000 | ---D | C] -- C:\ProgramData\BitDefender
[2010/11/02 10:58:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender
[2010/11/02 10:42:08 | 000,000,000 | ---D | C] -- C:\Program Files\1-Click PC Fix v4
[2010/10/26 15:47:37 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010/10/26 15:47:35 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010/10/26 15:47:34 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll

========== Files - Modified Within 30 Days ==========

[2010/11/20 00:56:40 | 000,080,384 | ---- | M] () -- C:\Users\Echelon\Desktop\MBRCheck.exe
[2010/11/20 00:47:30 | 000,364,032 | ---- | M] () -- C:\Users\Echelon\Desktop\rkill.com
[2010/11/20 00:41:45 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Echelon\Desktop\OTL.exe
[2010/11/20 00:17:26 | 000,000,099 | ---- | M] () -- C:\Users\Echelon\jagex_runescape_preferences2.dat
[2010/11/19 23:38:06 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/19 23:38:06 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/19 22:04:45 | 001,910,568 | ---- | M] () -- C:\Windows\System32\drivers\N360\0403000.005\Cat.DB
[2010/11/19 16:49:49 | 000,000,069 | ---- | M] () -- C:\Users\Echelon\jagex_runescape_preferences.dat
[2010/11/19 00:52:54 | 000,194,560 | ---- | M] () -- C:\Users\Echelon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/19 00:51:29 | 001,296,384 | ---- | M] () -- C:\Windows\is-7C4EN.exe
[2010/11/19 00:51:29 | 000,021,303 | ---- | M] () -- C:\Windows\is-7C4EN.msg
[2010/11/19 00:51:29 | 000,001,637 | ---- | M] () -- C:\Windows\is-7C4EN.lst
[2010/11/17 05:46:44 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/11/17 05:46:44 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/11/17 05:38:00 | 000,000,442 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2010/11/17 05:37:54 | 000,002,221 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Suite.lnk
[2010/11/17 05:37:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/17 00:49:27 | 000,000,877 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/16 22:12:25 | 000,254,880 | ---- | M] () -- C:\Users\Echelon\Desktop\dark_universe-normal.jpg
[2010/11/16 22:05:06 | 000,030,898 | ---- | M] () -- C:\Users\Echelon\Desktop\universe-1.jpg
[2010/11/16 20:44:01 | 111,906,385 | ---- | M] () -- C:\Users\Echelon\Desktop\Flo Rida ft. David Guetta - Club Can't Handle Me.mp4
[2010/11/16 20:42:48 | 020,743,649 | ---- | M] () -- C:\Users\Echelon\Desktop\Taio Cruz - Dynamite.mp4
[2010/11/16 06:08:04 | 018,074,608 | ---- | M] () -- C:\Users\Echelon\Desktop\Let's Get It - Duck, Duck, Grey Goose.mp4
[2010/11/16 05:27:01 | 022,196,616 | ---- | M] () -- C:\Users\Echelon\Desktop\Trey Songz - Bottoms Up ft. Nicki Minaj.mp4
[2010/11/16 02:08:02 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/11/16 02:08:02 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/11/16 02:08:02 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/11/16 02:08:01 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010/11/16 00:28:40 | 011,843,016 | ---- | M] (Microsoft Corporation) -- C:\Users\Echelon\Desktop\Microsoft® Windows® Malicious Software Removal Tool.exe
[2010/11/15 23:49:12 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2010/11/15 23:49:12 | 000,007,443 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2010/11/15 23:49:12 | 000,000,805 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2010/11/15 22:28:01 | 000,000,385 | ---- | M] () -- C:\Windows\System32\user_gensett.xml
[2010/11/10 10:19:20 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/11/10 10:19:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/11/02 21:08:39 | 002,261,736 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/11/02 16:33:38 | 000,004,321 | ---- | M] () -- C:\Windows\IntIgn0xF28456.dat
[2010/11/02 16:33:22 | 000,000,426 | ---- | M] () -- C:\Windows\tasks\1-Click PC Fix Scheduled Scan.job
[2010/11/02 12:20:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\wsbl.dat
[2010/11/02 12:20:12 | 000,000,000 | ---- | M] () -- C:\Windows\System32\phar_unmip.dat
[2010/11/02 12:20:12 | 000,000,000 | ---- | M] () -- C:\Windows\System32\phar_histprot.dat
[2010/11/02 12:20:12 | 000,000,000 | ---- | M] () -- C:\Windows\System32\ph_summ.dat
[2010/11/02 12:20:12 | 000,000,000 | ---- | M] () -- C:\Windows\System32\ph_spoof.sig
[2010/11/02 12:20:12 | 000,000,000 | ---- | M] () -- C:\Windows\System32\ph_sign.slf
[2010/11/02 12:20:12 | 000,000,000 | ---- | M] () -- C:\Windows\System32\ph_fuzzy.sig
[2010/11/02 12:20:11 | 000,000,000 | ---- | M] () -- C:\Windows\System32\ph_white.dat
[2010/11/02 12:20:11 | 000,000,000 | ---- | M] () -- C:\Windows\System32\ph_black.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pcwords2.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pcwords.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_webproxy.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_video.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_tabloids.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_socialnetworks.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_sign.slf
[2010/11/02 12:20:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_searchengines.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_regionaltlds.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_pornography.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlineshop.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinepay.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinedating.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_news.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_im.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_illegal.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_hate.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_games.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_gambling.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_drugs.dat
[2010/11/02 11:14:42 | 000,253,072 | ---- | M] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys

========== Files Created - No Company Name ==========

[2010/11/20 00:56:29 | 000,080,384 | ---- | C] () -- C:\Users\Echelon\Desktop\MBRCheck.exe
[2010/11/20 00:47:12 | 000,364,032 | ---- | C] () -- C:\Users\Echelon\Desktop\rkill.com
[2010/11/19 00:51:29 | 001,296,384 | ---- | C] () -- C:\Windows\is-7C4EN.exe
[2010/11/19 00:51:29 | 000,021,303 | ---- | C] () -- C:\Windows\is-7C4EN.msg
[2010/11/19 00:51:29 | 000,001,637 | ---- | C] () -- C:\Windows\is-7C4EN.lst
[2010/11/17 05:37:17 | 001,910,568 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\Cat.DB
[2010/11/17 02:57:20 | 000,001,473 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symnetv.inf
[2010/11/17 02:57:19 | 000,007,873 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symefa.cat
[2010/11/17 02:57:19 | 000,007,787 | R--- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symnetv.cat
[2010/11/17 02:57:19 | 000,007,442 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\srtspx.cat
[2010/11/17 02:57:19 | 000,007,438 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\srtsp.cat
[2010/11/17 02:57:19 | 000,007,425 | R--- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symds.cat
[2010/11/17 02:57:19 | 000,007,368 | R--- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symnet.cat
[2010/11/17 02:57:19 | 000,003,373 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symefa.inf
[2010/11/17 02:57:19 | 000,002,793 | R--- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symds.inf
[2010/11/17 02:57:19 | 000,001,445 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symnet.inf
[2010/11/17 02:57:19 | 000,001,388 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\srtspx.inf
[2010/11/17 02:57:19 | 000,001,382 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\srtsp.inf
[2010/11/17 02:57:18 | 000,007,438 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\iron.cat
[2010/11/17 02:57:18 | 000,007,396 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\cchpx86.cat
[2010/11/17 02:57:18 | 000,001,754 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\cchpx86.inf
[2010/11/17 02:57:18 | 000,000,741 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\iron.inf
[2010/11/17 02:48:35 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\isolate.ini
[2010/11/17 00:49:27 | 000,000,877 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/16 22:12:21 | 000,254,880 | ---- | C] () -- C:\Users\Echelon\Desktop\dark_universe-normal.jpg
[2010/11/16 22:04:51 | 000,030,898 | ---- | C] () -- C:\Users\Echelon\Desktop\universe-1.jpg
[2010/11/16 20:40:04 | 111,906,385 | ---- | C] () -- C:\Users\Echelon\Desktop\Flo Rida ft. David Guetta - Club Can't Handle Me.mp4
[2010/11/16 20:39:43 | 020,743,649 | ---- | C] () -- C:\Users\Echelon\Desktop\Taio Cruz - Dynamite.mp4
[2010/11/16 06:05:34 | 018,074,608 | ---- | C] () -- C:\Users\Echelon\Desktop\Let's Get It - Duck, Duck, Grey Goose.mp4
[2010/11/16 05:23:16 | 022,196,616 | ---- | C] () -- C:\Users\Echelon\Desktop\Trey Songz - Bottoms Up ft. Nicki Minaj.mp4
[2010/11/15 23:49:13 | 000,007,443 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2010/11/15 23:49:13 | 000,000,805 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2010/11/15 23:49:09 | 000,002,221 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Suite.lnk
[2010/11/15 22:28:01 | 000,000,385 | ---- | C] () -- C:\Windows\System32\user_gensett.xml
[2010/11/02 12:20:13 | 000,000,000 | ---- | C] () -- C:\Windows\System32\wsbl.dat
[2010/11/02 12:20:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_unmip.dat
[2010/11/02 12:20:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_histprot.dat
[2010/11/02 12:20:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_summ.dat
[2010/11/02 12:20:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_spoof.sig
[2010/11/02 12:20:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_sign.slf
[2010/11/02 12:20:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_fuzzy.sig
[2010/11/02 12:20:11 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_white.dat
[2010/11/02 12:20:11 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_black.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pcwords2.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pcwords.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_webproxy.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_video.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_tabloids.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_socialnetworks.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_sign.slf
[2010/11/02 12:20:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_searchengines.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_regionaltlds.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_pornography.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlineshop.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinepay.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinedating.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_news.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_im.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_illegal.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_hate.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_games.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_gambling.dat
[2010/11/02 12:20:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_drugs.dat
[2010/11/02 10:56:53 | 000,004,321 | ---- | C] () -- C:\Windows\IntIgn0xF28456.dat
[2010/11/02 10:42:56 | 000,000,426 | ---- | C] () -- C:\Windows\tasks\1-Click PC Fix Scheduled Scan.job
[2010/07/23 05:24:41 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/07/05 01:00:39 | 000,010,752 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2010/05/05 04:52:30 | 000,024,206 | ---- | C] () -- C:\Users\Echelon\AppData\Roaming\UserTile.png
[2010/04/28 20:03:55 | 000,000,407 | ---- | C] () -- C:\Users\Echelon\AppData\Local\RAExpertHistory.xml
[2010/03/04 12:20:54 | 000,000,398 | ---- | C] () -- C:\Windows\AudioConverter.INI
[2010/01/23 00:46:09 | 000,000,085 | ---- | C] () -- C:\Users\Echelon\AppData\Roaming\RSBot Accounts.ini
[2010/01/22 19:19:01 | 000,000,175 | ---- | C] () -- C:\Users\Echelon\AppData\Local\rahistory.xml
[2010/01/09 13:13:50 | 000,000,234 | ---- | C] () -- C:\Windows\wininit.ini
[2010/01/09 12:12:43 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/01/09 12:12:37 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/01/09 12:12:36 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/01/09 12:12:34 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/01/05 16:03:26 | 000,000,200 | ---- | C] () -- C:\Users\Echelon\AppData\Roaming\wklnhst.dat
[2009/12/03 08:27:28 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009/11/09 22:46:04 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/10/20 03:27:05 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/10/17 10:02:46 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009/10/17 08:44:44 | 000,194,560 | ---- | C] () -- C:\Users\Echelon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/05 20:35:39 | 000,000,004 | RHS- | C] () -- C:\Windows\System32\drivers\taishop.sys
[2009/10/05 17:56:19 | 000,000,016 | RHS- | C] () -- C:\Windows\System32\drivers\fbd.sys
[2009/10/05 17:19:25 | 000,131,072 | ---- | C] () -- C:\Windows\System32\EnumDevLib.dll
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2008/09/30 14:36:25 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/09/30 14:25:14 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008/09/30 14:25:14 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008/09/30 14:25:14 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008/09/30 14:25:14 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008/09/30 14:25:14 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008/09/30 14:25:14 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008/06/12 20:59:22 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1502.dll
[2007/01/31 13:50:32 | 000,913,408 | ---- | C] () -- C:\Windows\System32\xreglib.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 11:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

========== LOP Check ==========

[2010/07/05 01:48:19 | 000,000,000 | ---D | M] -- C:\Users\Echelon\AppData\Roaming\Avnex
[2010/11/02 11:07:25 | 000,000,000 | ---D | M] -- C:\Users\Echelon\AppData\Roaming\BitDefender
[2009/10/05 18:06:56 | 000,000,000 | ---D | M] -- C:\Users\Echelon\AppData\Roaming\CallingID
[2010/01/22 19:48:58 | 000,000,000 | ---D | M] -- C:\Users\Echelon\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/01/22 07:57:32 | 000,000,000 | ---D | M] -- C:\Users\Echelon\AppData\Roaming\ESET
[2010/01/22 20:15:49 | 000,000,000 | ---D | M] -- C:\Users\Echelon\AppData\Roaming\Foxit
[2010/01/05 18:29:27 | 000,000,000 | ---D | M] -- C:\Users\Echelon\AppData\Roaming\Leadertech
[2010/11/01 12:51:49 | 000,000,000 | ---D | M] -- C:\Users\Echelon\AppData\Roaming\LimeWire
[2010/07/05 01:33:53 | 000,000,000 | ---D | M] -- C:\Users\Echelon\AppData\Roaming\Screaming Bee
[2009/10/05 20:58:01 | 000,000,000 | ---D | M] -- C:\Users\Echelon\AppData\Roaming\TeamViewer
[2010/01/05 16:03:29 | 000,000,000 | ---D | M] -- C:\Users\Echelon\AppData\Roaming\Template
[2009/11/15 20:12:37 | 000,000,000 | ---D | M] -- C:\Users\Echelon\AppData\Roaming\Toshiba
[2010/11/17 00:47:50 | 000,000,000 | ---D | M] -- C:\Users\Echelon\AppData\Roaming\uTorrent
[2010/11/02 16:33:22 | 000,000,426 | ---- | M] () -- C:\Windows\Tasks\1-Click PC Fix Scheduled Scan.job
[2010/11/17 05:35:16 | 000,032,546 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8

< End of report >

OTL Extras logfile created on: 11/20/2010 1:05:14 AM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Echelon\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 43.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 60.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140.37 Gb Total Space | 83.27 Gb Free Space | 59.32% Space Free | Partition Type: NTFS
Drive E: | 7.45 Gb Total Space | 6.84 Gb Free Space | 91.82% Space Free | Partition Type: FAT32

Computer Name: ECHELONNETWORK | User Name: Echelon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.js [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
"DoNotAllowExceptions" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
"DoNotAllowExceptions" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{092AEA81-0235-40BE-870A-F2F8857EC553}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{141538E7-2EA9-43C6-A139-A17B33EAD699}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{268BBD6C-A517-4B9C-B88C-2E9FC2B4263E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{31E652B0-9938-4ED2-91E9-A61D378B482B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{53E13186-B7FB-48E6-8DE7-6723DE261628}" = rport=2869 | protocol=6 | dir=out | app=system |
"{55A22C7E-2A36-425B-90BF-E4207C56D89C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5BB2990A-23FD-4901-8AA8-C6145384D54D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{600E1293-33B6-4877-83DA-A401258CFD86}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7A3746D5-8C09-410D-AB4C-4E57E6E596FB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A3E61BDF-636C-4F50-B4AB-DA990276AE1A}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{C8832E96-9587-45A8-9ACF-6A23C1F287F6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D47FBED8-38F4-445F-8761-6280F63AA501}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{143C5DF9-6338-4AAF-8A77-FEE0A70ACDEE}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{228B90D9-C7D8-432D-B839-A45FD229C602}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{3691E3B6-F5B8-4C27-9FE4-3D91E99AC486}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{41451D3C-62B7-4E59-A74F-E32FE6840DEB}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{6141F4D4-4100-43B8-9850-83A10F81D9C6}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{6254408D-B193-4ED9-893E-761749DF7CF5}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{69985966-7F8A-46E2-9A38-61B759708211}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version4\teamviewer.exe |
"{81C44329-436E-409A-AF5D-231DAFBF90E7}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{8E5043FB-1611-4E8B-84A8-B180013927A8}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{910904AD-A0EB-4C48-AA74-29DABA490FB8}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{94DACB6E-E84A-498E-9CA5-D6A7F023B3C5}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{AE65C4BF-78E4-4594-B639-6FDCC9936FA8}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version4\teamviewer.exe |
"{BAD7244A-BD15-45E3-9035-5FE67DD45645}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E53D42FA-857B-4024-8DD0-8C7BE5AA4D04}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{E6ADBE5F-9D0F-45F6-88CA-60A0AD95C2C2}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{F3DA5D22-15FB-40B9-AF5B-E1BE49656374}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{CA16EF15-0C5B-42F9-99A5-58AE22D93503}C:\users\echelon\desktop\stuff\mirc.exe" = protocol=6 | dir=in | app=c:\users\echelon\desktop\stuff\mirc.exe |
"UDP Query User{24C177A7-B8A7-43D0-95EC-6E7F56253E9D}C:\users\echelon\desktop\stuff\mirc.exe" = protocol=17 | dir=in | app=c:\users\echelon\desktop\stuff\mirc.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052B-02A4-4627-81F2-1818DA5D550D}" = Microsoft Visual C++ 2005 Redistributable
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.4
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.6.1 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"N360" = Norton Security Suite
"TeamViewer 5" = TeamViewer 5
"uTorrent" = µTorrent
"WinLiveSuite" = Windows Live Essentials

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/2/2010 11:45:31 AM | Computer Name = EchelonNetwork | Source = VSS | ID = 8194
Description =

Error - 11/2/2010 11:47:27 AM | Computer Name = EchelonNetwork | Source = VSS | ID = 8194
Description =

Error - 11/2/2010 12:48:06 PM | Computer Name = EchelonNetwork | Source = WinMgmt | ID = 10
Description =

Error - 11/2/2010 5:32:33 PM | Computer Name = EchelonNetwork | Source = VSS | ID = 8194
Description =

Error - 11/2/2010 5:57:00 PM | Computer Name = EchelonNetwork | Source = VSS | ID = 8194
Description =

Error - 11/2/2010 8:37:35 PM | Computer Name = EchelonNetwork | Source = Microsoft-Windows-RestartManager | ID = 10006
Description =

Error - 11/2/2010 8:38:08 PM | Computer Name = EchelonNetwork | Source = System Restore | ID = 8193
Description =

Error - 11/2/2010 8:38:28 PM | Computer Name = EchelonNetwork | Source = System Restore | ID = 8193
Description =

Error - 11/2/2010 9:23:52 PM | Computer Name = EchelonNetwork | Source = VSS | ID = 8194
Description =

Error - 11/2/2010 10:09:11 PM | Computer Name = EchelonNetwork | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 3/4/2010 6:02:22 PM | Computer Name = EchelonNetwork | Source = netbt | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the interface
with IP address 192.168.2.103. The computer with the IP address 192.168.2.101 did
not allow the name to be claimed by this computer.

Error - 3/4/2010 6:07:32 PM | Computer Name = EchelonNetwork | Source = netbt | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the interface
with IP address 192.168.2.103. The computer with the IP address 192.168.2.101 did
not allow the name to be claimed by this computer.

Error - 3/4/2010 6:12:43 PM | Computer Name = EchelonNetwork | Source = netbt | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the interface
with IP address 192.168.2.103. The computer with the IP address 192.168.2.101 did
not allow the name to be claimed by this computer.

Error - 3/4/2010 6:17:53 PM | Computer Name = EchelonNetwork | Source = netbt | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the interface
with IP address 192.168.2.103. The computer with the IP address 192.168.2.101 did
not allow the name to be claimed by this computer.

Error - 3/4/2010 6:23:03 PM | Computer Name = EchelonNetwork | Source = netbt | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the interface
with IP address 192.168.2.103. The computer with the IP address 192.168.2.101 did
not allow the name to be claimed by this computer.

Error - 3/6/2010 4:05:28 PM | Computer Name = EchelonNetwork | Source = DCOM | ID = 10010
Description =

Error - 3/6/2010 4:05:28 PM | Computer Name = EchelonNetwork | Source = DCOM | ID = 10010
Description =

Error - 3/6/2010 4:42:22 PM | Computer Name = EchelonNetwork | Source = DCOM | ID = 10005
Description =

Error - 3/6/2010 4:42:22 PM | Computer Name = EchelonNetwork | Source = Service Control Manager | ID = 7009
Description =

Error - 3/6/2010 4:42:22 PM | Computer Name = EchelonNetwork | Source = Service Control Manager | ID = 7000
Description =


< End of report >

Ok now it's getting worse.. My computer can't handle things open now.. and i'm disconnecting just loading a video on Youtube.. never happened before..

Hello.

• Download combofix from here
  Link 1
  

1. If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

2. During the download, rename Combofix to svchost as follows:





3. It is important you rename Combofix during the download, but not after.
4. Please do not rename Combofix to other names, but only to the one indicated.
5. Close any open browsers.
6. We need to disable your local AV (Anti-virus) before running Combofix.

• See HERE for how to disable your AV.
  
• Double click on svchost.exe.
  
• Follow the prompts. NOTE:
  
• Allow combofix to run
  
• Post C:\combofix.txt back here.
  
  Note:
  Do not mouse click combofix's window whilst it's running. That may cause it to stall.
  

ComboFix 10-11-20.04 - Vintage 11/21/2010 1:42.1.1 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.1915.911 [GMT -5:00]
Running from: c:\users\Vintage\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Install.exe

.
((((((((((((((((((((((((( Files Created from 2010-10-21 to 2010-11-21 )))))))))))))))))))))))))))))))
.

2010-11-21 06:49 . 2010-11-21 06:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-11-20 16:25 . 2010-11-20 16:25 -------- d-----w- c:\windows\PCHEALTH
2010-11-20 16:24 . 2010-11-20 16:25 -------- d-----w- c:\program files\Windows Live
2010-11-20 16:22 . 2010-11-21 05:40 -------- d-----w- c:\program files\Microsoft Silverlight
2010-11-20 16:13 . 2010-11-20 16:13 -------- d-----w- c:\program files\Windows Portable Devices
2010-11-20 16:11 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2010-11-20 16:11 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2010-11-20 16:11 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2010-11-20 16:08 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2010-11-20 16:08 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2010-11-20 16:08 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2010-11-20 15:36 . 2010-11-20 15:38 -------- d-----w- c:\windows\system32\ca-ES
2010-11-20 15:36 . 2010-11-20 15:38 -------- d-----w- c:\windows\system32\eu-ES
2010-11-20 15:35 . 2010-11-20 15:37 -------- d-----w- c:\windows\system32\vi-VN
2010-11-20 15:20 . 2010-11-20 15:20 -------- d-----w- c:\windows\system32\EventProviders
2010-11-20 15:17 . 2009-04-11 06:28 747008 ----a-w- c:\windows\system32\WsmSvc.dll
2010-11-20 15:16 . 2009-04-11 06:28 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2010-11-20 15:16 . 2009-04-11 06:28 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2010-11-20 15:16 . 2009-04-11 06:28 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2010-11-20 15:16 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2010-11-20 15:16 . 2009-04-11 06:28 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2010-11-20 15:16 . 2009-04-11 06:28 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2010-11-20 15:16 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2010-11-20 15:16 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2010-11-20 15:16 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2010-11-20 15:16 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2010-11-20 15:16 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2010-11-20 14:37 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
2010-11-20 14:37 . 2010-09-06 16:19 17920 ----a-w- c:\windows\system32\netevent.dll
2010-11-20 14:37 . 2010-09-06 13:45 304128 ----a-w- c:\windows\system32\drivers\srv.sys
2010-11-20 14:37 . 2010-09-06 13:45 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-11-20 14:37 . 2010-09-06 13:45 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-11-20 14:35 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-11-20 14:28 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll
2010-11-20 14:27 . 2010-05-27 20:08 739328 ----a-w- c:\windows\system32\inetcomm.dll
2010-11-20 14:26 . 2009-11-03 19:41 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-11-20 14:26 . 2009-11-03 21:42 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-11-20 14:26 . 2009-11-03 21:43 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-11-20 12:27 . 2010-08-26 04:23 13312 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-11-20 12:17 . 2010-11-20 12:17 -------- d-----w- c:\program files\Microsoft.NET
2010-11-20 12:15 . 2009-11-08 15:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-11-20 12:15 . 2009-11-08 15:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-11-20 12:15 . 2009-11-08 15:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-11-20 12:15 . 2009-11-08 15:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-11-20 12:15 . 2009-11-08 15:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-11-20 11:56 . 2010-11-18 03:21 209920 ----a-w- c:\windows\system32\ssleay32.dll
2010-11-20 11:56 . 2010-11-18 03:21 209920 ----a-w- c:\windows\system32\libssl32.dll
2010-11-20 11:56 . 2010-11-20 11:56 -------- d-----w- C:\OpenSSL
2010-11-20 11:42 . 2010-04-29 20:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-20 11:42 . 2010-11-20 11:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-20 11:42 . 2010-04-29 20:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-20 11:32 . 2010-11-20 11:32 -------- d-----w- c:\program files\mIRC
2010-11-20 11:24 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-11-20 11:24 . 2010-08-26 16:33 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-11-20 11:24 . 2010-08-26 14:23 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-11-20 11:22 . 2009-06-15 14:52 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2010-11-20 11:22 . 2009-06-15 23:15 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2010-11-20 11:22 . 2009-06-15 14:54 175104 ----a-w- c:\windows\system32\wdigest.dll
2010-11-20 11:22 . 2009-06-15 14:53 72704 ----a-w- c:\windows\system32\secur32.dll
2010-11-20 11:22 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll
2010-11-20 11:22 . 2009-06-15 12:48 9728 ----a-w- c:\windows\system32\lsass.exe
2010-11-20 11:21 . 2010-09-13 13:56 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2010-11-20 11:21 . 2009-07-15 12:39 107520 ----a-w- c:\program files\Windows Media Player\wmpconfig.exe
2010-11-20 11:21 . 2009-07-15 12:39 4096 ----a-w- c:\windows\system32\msdxm.ocx
2010-11-20 11:21 . 2009-07-15 12:39 4096 ----a-w- c:\windows\system32\dxmasf.dll
2010-11-20 11:21 . 2009-07-15 12:39 7680 ----a-w- c:\windows\system32\spwmp.dll
2010-11-20 11:21 . 2009-07-15 12:39 107520 ----a-w- c:\program files\Windows Media Player\wmpshare.exe
2010-11-20 11:21 . 2010-09-13 13:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-11-20 11:20 . 2009-09-10 16:48 218624 ----a-w- c:\windows\system32\msv1_0.dll
2010-11-20 11:20 . 2009-07-11 19:01 513536 ----a-w- c:\windows\system32\wlansvc.dll
2010-11-20 11:20 . 2009-07-11 19:01 302592 ----a-w- c:\windows\system32\wlansec.dll
2010-11-20 11:20 . 2009-07-11 19:01 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2010-11-20 11:20 . 2009-07-11 17:03 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2010-11-20 11:20 . 2009-04-11 06:28 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2010-11-20 11:20 . 2009-07-11 19:01 65024 ----a-w- c:\windows\system32\wlanapi.dll
2010-11-20 11:20 . 2010-10-07 11:35 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2010-11-20 11:20 . 2010-11-20 11:20 -------- d-----w- C:\DOCS
2010-11-20 11:19 . 2010-02-23 11:10 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-11-20 11:19 . 2010-02-23 11:10 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-11-20 11:19 . 2010-02-23 11:10 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-11-20 11:19 . 2009-04-23 12:14 623616 ----a-w- c:\windows\system32\localspl.dll
2010-11-20 11:19 . 2010-06-22 13:30 2048 ----a-w- c:\windows\system32\tzres.dll
2010-11-20 11:17 . 2010-01-29 15:40 1616384 ----a-w- c:\program files\Windows Mail\msoe.dll
2010-11-20 11:17 . 2009-06-04 12:07 2066432 ----a-w- c:\windows\system32\mstscax.dll
2010-11-20 11:17 . 2009-04-11 06:28 53248 ----a-w- c:\windows\system32\tsgqec.dll
2010-11-20 11:17 . 2009-04-11 06:28 136192 ----a-w- c:\windows\system32\aaclient.dll
2010-11-20 11:17 . 2010-04-16 16:46 502272 ----a-w- c:\windows\system32\usp10.dll
2010-11-20 11:17 . 2009-06-10 11:42 160256 ----a-w- c:\windows\system32\wkssvc.dll
2010-11-20 11:17 . 2010-08-10 15:53 274944 ----a-w- c:\windows\system32\schannel.dll
2010-11-20 11:17 . 2010-04-05 17:01 67072 ----a-w- c:\windows\system32\asycfilt.dll
2010-11-20 11:17 . 2009-07-17 13:54 71680 ----a-w- c:\windows\system32\atl.dll
2010-11-20 11:15 . 2010-06-11 16:15 1248768 ----a-w- c:\windows\system32\msxml3.dll
2010-11-20 11:15 . 2010-06-17 18:08 10926592 ----a-w- c:\program files\Movie Maker\MOVIEMK.dll
2010-11-20 11:15 . 2009-04-11 06:28 195072 ----a-w- c:\program files\Movie Maker\WMM2AE.dll
2010-11-20 11:15 . 2010-06-17 16:16 150016 ----a-w- c:\program files\Movie Maker\MOVIEMK.exe
2010-11-20 11:15 . 2009-04-11 06:28 23040 ----a-w- c:\program files\Movie Maker\WMM2EXT.dll
2010-11-20 11:15 . 2010-06-16 16:04 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-11-20 11:15 . 2009-12-08 17:26 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2010-11-20 11:15 . 2010-04-05 17:02 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2010-11-20 11:15 . 2009-09-04 11:41 60928 ----a-w- c:\windows\system32\msasn1.dll
2010-11-20 11:14 . 2010-06-08 17:35 3600768 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-11-20 11:14 . 2010-06-08 17:35 3548040 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-11-20 11:14 . 2010-08-31 13:27 2038272 ----a-w- c:\windows\system32\win32k.sys
2010-11-20 11:14 . 2010-01-21 15:05 62464 ----a-w- c:\windows\system32\l3codeca.acm
2010-11-20 11:14 . 2009-04-11 06:27 220672 ----a-w- c:\windows\system32\l3codecp.acm
2010-11-20 11:14 . 2010-08-20 16:05 867328 ----a-w- c:\windows\system32\wmpmde.dll
2010-11-20 11:10 . 2010-11-18 03:21 1019904 ----a-w- c:\windows\system32\libeay32.dll
2010-11-20 11:10 . 2008-01-15 18:03 364544 ----a-w- c:\windows\system32\RtlLib.dll
2010-11-20 11:10 . 2007-04-23 18:50 25896 ----a-w- c:\windows\system32\drivers\RtlProt.sys
2010-11-20 11:10 . 2006-10-27 06:30 131072 ----a-w- c:\windows\system32\EnumDevLib.dll
2010-11-20 11:10 . 2003-11-18 18:27 155648 ----a-w- c:\windows\system32\IpLib.dll
2010-11-20 11:09 . 2010-11-20 11:09 -------- d-----w- c:\windows\OPTIONS
2010-11-20 11:09 . 2007-12-26 18:20 290304 ----a-w- c:\windows\system32\drivers\rtl8187B.sys
2010-11-20 11:09 . 2007-12-26 18:20 290304 ----a-w- c:\windows\system\rtl8187B.sys
2010-11-20 11:09 . 2010-11-20 11:09 -------- d-----w- c:\program files\REALTEK RTL8187B Wireless LAN Driver
2010-11-20 11:05 . 2010-11-20 11:05 -------- d-----w- c:\program files\Synaptics
2010-11-20 11:02 . 2010-11-20 11:02 -------- d-----w- c:\windows\system32\ENU
2010-11-20 11:02 . 2008-05-03 01:53 1034776 ----a-w- c:\windows\system32\imsmudlg.exe
2010-11-20 11:02 . 2008-04-16 01:53 312344 ----a-w- c:\windows\system32\drivers\iaStor.sys
2010-11-20 10:57 . 2010-11-20 11:02 -------- d-----w- c:\windows\system32\Lang
2010-11-20 10:57 . 2008-06-25 23:05 920088 ----a-w- c:\windows\system32\igxpun.exe
2010-11-20 10:57 . 2006-11-10 17:25 319456 ----a-w- c:\windows\system32\difxapi.dll
2010-11-20 10:55 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll
2010-11-20 10:55 . 2009-09-10 14:58 1418752 ----a-w- c:\program files\Windows Media Player\setup_wm.exe
2010-11-20 10:55 . 2009-09-10 14:58 310784 ----a-w- c:\windows\system32\unregmp2.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-23 05:47 . 2010-09-23 05:47 49016 ----a-w- c:\windows\system32\sirenacm.dll
2010-08-26 16:33 . 2010-11-20 11:24 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2010-08-26 16:33 . 2010-11-20 11:24 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2010-08-26 16:33 . 2010-11-20 11:24 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2010-08-26 16:33 . 2010-11-20 11:24 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-25 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-25 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-25 145944]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-08 6037504]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-16 178712]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-07 1029416]
"NDSTray.exe"="NDSTray.exe" [BU]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
"Skytel"="Skytel.exe" [2007-11-21 1826816]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-11-10 17:49 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-11-10 17:49 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe

R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0403000.005\SYMDS.SYS [2009-10-15 328752]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0403000.005\SYMEFA.SYS [2010-04-22 173104]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101104.001\BHDrvx86.sys [2010-11-04 691248]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0403000.005\ccHPx86.sys [2010-02-26 501888]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101119.001\IDSvix86.sys [2010-10-19 353840]
S1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;c:\windows\system32\DRIVERS\rtlprot.sys [2007-04-23 25896]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0403000.005\Ironx86.SYS [2010-04-29 116784]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS [2010-05-06 339504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2008-04-17 40960]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464]
S2 N360;Norton Security Suite;c:\program files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe [2010-02-26 126392]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-07-06 173352]
S2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-04 126976]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-04-29 20952]
S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [2007-12-26 290304]


--- Other Services/Drivers In Memory ---

*NewlyCreated* - ERASERUTILDRVI10
*Deregistered* - EraserUtilDrvI10

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
FF - ProfilePath - c:\users\Vintage\AppData\Roaming\Mozilla\Firefox\Profiles\x9cxk796.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.Google.com
FF - prefs.js: network.proxy.type - 0
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-TPwrMain - %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-HSON - %ProgramFiles%\TOSHIBA\TBS\HSON.exe
HKLM-Run-SmoothView - %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-cfFncEnabler.exe - cfFncEnabler.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-21 01:49
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N360]
"ImagePath"=""c:\program files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe" /s "N360" /m "c:\program files\Norton Security Suite\Engine\4.3.0.5\diMaster.dll" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2010-11-21 01:54:28
ComboFix-quarantined-files.txt 2010-11-21 06:54

Pre-Run: 112,047,726,592 bytes free
Post-Run: 112,000,667,648 bytes free

- - End Of File - - 12896C886866274243D5E9CB94A5EB66

Hello.

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /uninstall

This will also reset your restore points.

Run ESET Online Scan
Please do an online scan with ESET Online Scanner. Please use Internet Explorer as it uses ActiveX.

• Check (tick) this box: YES, I accept the Terms of Use.
  
• Click on the Start button next to it.
  
• When prompted to run ActiveX. click Yes.
  
• You will be asked to install an ActiveX. Click Install.
  
• Once installed, the scanner will be initialized.
  
• After the scanner is initialized, click Start.
  
• Check (tick) Remove found threats box.
  
• Check (tick) Scan unwanted applications.
  
• Click on Scan.
  
• It will start scanning. Please be patient.
  
• Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.
  

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=7432d85591fc524ea9d83adfb224b117
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2010-11-21 11:22:25
# local_time=2010-11-21 06:22:25 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=3589 16777213 80 86 0 53652997 0 0
# compatibility_mode=5892 16776574 100 95 0 126982274 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=108552
# found=0
# cleaned=0
# scan_time=7045

Hello.

I see that you are running µTorrent.
P2P(Peer to peer) applications are designed to help you easily share and distribute files between you and a group of people. But they can also be used to distribute malware, and thus are not considered safe.
The removal of these programs is optional, but highly recommended.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

µTorrent
Adobe Reader 9.3.4

Then download and install Adobe Reader 9.4

How is the machine running now?

I have uTorrent because i use it to download movies, faster to download via a Torrent than the original file itself, sadly..

And its still really laggy..

I play a Java-Based game online, everytime i make a call on Windows Live 2011 and i'm on the game, i'll get a Connection lost, msn will sign out and my internet will disconnect itself, completely at random.. NEVER happened before.. It's not related to my ISP in any way because we have another laptop hooked up and it has no problems, it's only here.. And i've never had issues with Malware or Viruses.. All the scans i've done have found nothing at all..

Firefox and IE take quite some time to open up now, so does a few other programs, i'll wait maybe.. 15 seconds before it finally appears, and if i download something on firefox or IE, 90% chance it'll stop responding and either stay like that or fix itself.. If it stays like that i HAVE to restart the computer, Task Manager "End Program" doesn't respond to it..

Can I ask what antivirus your running?

Currently, Norton Security Suite 4.. And Malwarebytes' is on as well..

I've had..
ESET Nod Smart Security
BitDefender Total Security Beta 2011
McAfee.. (Got bluescreen'd because McAfee deleted a System file)

I uninstalled BitDefender for Norton Security Suite 4 because this is a free product from Comcast, so i figured i'd try it this time.

Hello.
Norton is known for being a big resource hog, I would get rid of that and use either Avast/Avira.

This was happening before i had Norton installed, ESET was in first when it happened in the beginning, that's why i switched to various AntiViruses