Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Hijack and malware byte log-not sure what virus i have [Solved]

Started by Jessieboogie , Jan 27 2009 08:14 PM

  • This topic is locked This topic is locked

#1
Jessieboogie
Posted 27 January 2009 - 08:14 PM

Jessieboogie

    Member

  • Member
  • PipPipPip
  • 105 posts
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:15:03 PM, on 1/27/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\msiexec.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...a...&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://cm.my.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.h...a...&pf=desktop
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebo...toUploader5.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoft...s/as2stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} (Disney Online Games ActiveX Control) - http://disney.go.com...OnlineGames.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi...b?1201993462062
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.h...ctDetection.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2....re/HPDEXAXO.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://games.myspace...ronGameHost.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 10805 bytes





Malwarebytes' Anti-Malware 1.33
Database version: 1701
Windows 5.1.2600 Service Pack 3

1/27/2009 8:42:06 PM
mbam-log-2009-01-27 (20-42-06).txt

Scan type: Quick Scan
Objects scanned: 55594
Time elapsed: 5 minute(s), 56 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 45

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\dmdskmgr32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\DHCPMON32.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dmutil32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dfrgsnap32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\d3dx9_3132.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\d3dx10_3832.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dot3api32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\COMSNAP32.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\BROWSELC32.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\CABVIEW32.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\CERTCLI32.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\CLBCATEX32.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\CLICONFG32.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\CNBJMON32.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\COMPATUI32.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\COMPSTUI32.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\comuid32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\CONSOLE32.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\CRYPT3232.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\D3D8THK32.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\D3DRAMP32.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\DATACLEN32.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\DBGHELP32.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\DDRAWEX32.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\DESKMON32.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\DFRGRES32.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dfrgui32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\DFRGUI3232.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\DHCPCSVC32.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\digest32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dmime32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\DMLOADER32.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\DMSCRIPT32.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\DMSYNTH32.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dplay32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\DPMODEMX32.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dpvacm32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dpvvox32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\DPWSOCKX32.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ds16gt32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\DSOUND3D32.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\DSPRPRES32.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dssenh32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\DINPUT832.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dnsrslvr32.dll (Worm.P2P) -> Quarantined and deleted successfully.
  • 0

Advertisements

#2
heir
Posted 03 February 2009 - 11:17 AM

heir

    Trusted Helper

  • Malware Removal
  • 5,427 posts
Hello Jessieboogie !

My nickname is heir and I'll be helping clean up your computer. :)

Before we proceed to clean your computer from malware, let's go over some points that will help both me and you, and prevent causing damage to your computer:
  • To make sure that you receive an email when I reply to this topic, please click here and check that this topic is listed under Malware Removal - HijackThis™ Logs Go Here.
  • Please don't be afraid to ask questions! No question is considered dumb here. It's better to be safe than sorry!
  • When posting logs, please ensure Wordwrap is turned off in Notepad (to check, open Notepad in the menubar click on Format and make sure that Word Wrap is unchecked)
  • Please follow the steps exactly in the same order posted. If you can't perform a certain step, or you're unsure on what to do, please stop and let me know.
  • NEVER fix anything in HijackThis or other programs on your own! This can be very dangerous and cause harm to your system. If you see a certain entry or program you're unsure about, please don't hesitate to ask!
  • Make sure you reply to this thread using the Add Reply button: Posted Image

Please read my posts completely before following the instructions.
It may be easier for you if you copy and paste a post to a new text document or print it for reference later.
This is required when you won't have access to Internet.

First of we need to take a deeper look.

Step 1.
Scan your computer with OTlistIt2:

Download OTListIt2 to your desktop.
  • Close all windows and open it
  • Under File Age: change the dropdownbox to 90 days and put a checkmark in the box beside LOP Check and Purity Check
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up called OTListIt.txt, the other will be saved on your desktop and called Extras.txt. Post both those logs here.

  • 0

#3
Jessieboogie
Posted 04 February 2009 - 12:01 PM

Jessieboogie

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 105 posts
Hey Heir!! Thanks for the help!!


OTListIt Extras logfile created on: 2/4/2009 12:57:29 PM - Run
OTListIt2 by OldTimer - Version 1.0.4.1 Folder = C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\A0QE4ON3
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

447.48 Mb Total Physical Memory | 201.38 Mb Available Physical Memory | 45.00% Memory free
1.03 Gb Paging File | 0.50 Gb Available in Paging File | 48.11% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 108.95 Gb Free Space | 73.10% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-22CA86D5C4
Current User Name: Compaq_Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 90 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2008/04/13 13:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
File not found -- C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe:*:Enabled:BackWeb for Presario
File not found -- C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink
[2005/05/11 23:23:26 | 00,282,624 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe
[2005/05/12 00:40:38 | 00,204,800 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe
[2005/05/24 02:17:46 | 00,225,280 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe
[2005/05/24 02:18:00 | 00,040,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe
[2005/05/24 02:13:32 | 00,081,920 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe
[2005/05/12 10:06:08 | 00,200,704 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe
[2005/05/12 07:28:02 | 01,081,344 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe
[2005/05/24 02:42:00 | 00,172,032 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe
[2005/05/12 08:34:58 | 00,151,635 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe
[2005/05/24 02:18:52 | 00,458,752 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe
[2005/03/15 15:12:10 | 00,417,792 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe
[2005/03/15 15:17:50 | 00,704,512 | ---- | M] ( ) -- C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe
[2005/05/24 02:34:36 | 00,057,344 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe
[2007/08/30 17:43:18 | 04,670,704 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
[2007/08/30 17:43:18 | 00,091,376 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
[2008/08/31 07:06:14 | 00,342,848 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\DNA\btdna.exe:*:Enabled:DNA
[2008/06/05 20:55:16 | 00,587,568 | ---- | M] () -- C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
[2008/09/18 13:50:21 | 00,147,456 | ---- | M] (Lime Wire, LLC) -- C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
[2008/01/25 00:38:12 | 02,458,128 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent
[2008/04/13 13:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0004D4C8-7F6C-BA20-32B2-5C861FA340CB}" = Catalyst Control Center Graphics Full Existing
"{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}" = Medieval II Total War : Kingdoms : Crusades
"{02EBDBB9-4600-41D3-B566-40CB861511D2}" = World of Warcraft FREE Trial
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{10053F59-0765-163D-F759-155E6DA35AB6}" = CCC Help English
"{101E4225-8983-7850-3E8C-00C5E0A13B40}" = ccc-core-static
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{193DB24F-9A66-4896-8404-22D53EA89075}" = 1400_Help
"{1A103D70-5C9B-4E1A-B306-5106C68F9914}" = Microsoft Plus! Dancer LE
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1B15D991-5619-4BC1-B71E-3DE793B792FC}" = ArcSoft MediaConverter 2
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{266959FA-0AEE-41D0-A88E-F1EAC10A7C14}" = 1400
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 11
"{2A38B5AA-EA84-4F87-9937-2FB23982243A}" = Sonic Foundry ACID 4.0
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java™ 6 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{32A3A4F4-B792-11D6-A78A-00B0D0160100}" = Java™ SE Development Kit 6 Update 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35AFD495-EC2E-4B2B-B9DB-30EEBC74049D}" = iTunes
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3F555374-449A-0734-73EA-5FF6207FA30F}" = Skins
"{5141D667-6FE0-DFD6-FDC8-C981DC06520C}" = Catalyst Control Center Graphics Full New
"{51C9B6D6-BF0F-3BA5-1EA4-17C6190DBE07}" = ccc-core-preinstall
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{5B622B7A-60FB-4630-B11D-F121D20BCCD6}" = MarketResearch
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{75983B66-804C-40D1-BA13-64DAF652A6F1}" = Medieval II Total War : Kingdoms : Americas
"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}" = Medieval II Total War : Kingdoms : Teutonic
"{7C9B95B7-B598-4398-B30F-7F6827192E6C}" = ProductContext
"{86F68693-A637-1F4D-5D4F-4D58486A4601}" = ccc-utility
"{8CC42289-E228-4A35-B8A9-015242283BB2}" = SPORE™ Creature Creator
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD Player
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{996F1BF8-D7BB-40A1-80E3-13DF6C2866F0}" = American Civil War Gettysburg
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A2104078-AAA5-449E-95DD-55C9443A1033}" = Nero 7 Essentials
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{AE888E0F-6727-0045-A966-CFB975AC15BA}" = Catalyst Control Center Graphics Previews Common
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{C510CA36-98D6-4F07-8AFF-81E7399A075B}" = 1400Trb
"{C952BD03-9AC6-F898-B17F-9352638EC93C}" = Catalyst Control Center Core Implementation
"{CADF1911-C4FB-8651-36E0-FF06DAA75F28}" = Catalyst Control Center Graphics Light
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD49361E-3FE6-457E-90A1-9C59E29B5D02}" = Java DB 10.3.1.4
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}" = Medieval II Total War : Kingdoms : Britannia
"{D9B4D7EE-481C-4C36-86AB-A8F7417725FF}" = LightScribe 1.6.43.1
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{FA3A247D-437A-455E-A88F-7EB6E5F9E799}" = Catalyst Control Center - Branding
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FE64AE29-0883-4C70-8388-DC026019C900}" = HP Image Zone Express
"Action Replay Code Manager_is1" = Action Replay Code Manager
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Agere Systems Soft Modem" = Agere Systems PCI Soft Modem
"All ATI Software" = ATI - Software Uninstall Utility
"Ashtons Family Resort_is1" = Ashtons Family Resort
"ATI Display Driver" = ATI Display Driver
"AudibleManager" = AudibleManager
"Aveyond 2_is1" = Aveyond 2
"Bejeweled 2 Deluxe_is1" = Bejeweled 2 Deluxe
"CleanUp!" = CleanUp!
"Daycare Nightmare Mini Monsters_is1" = Daycare Nightmare Mini Monsters
"Elf Bowling The Last Insult_is1" = Elf Bowling The Last Insult
"ERUNT_is1" = ERUNT 1.1j
"FavOrg" = FavOrg
"GameHouse" = GameHouse
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 5.3
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"HPExtendedCapabilities" = HP Extended Capabilities 5.3
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{35AFD495-EC2E-4B2B-B9DB-30EEBC74049D}" = iTunes
"Kaspersky Online Scanner" = Kaspersky Online Scanner
"Kudos 2_is1" = Kudos 2
"LimeWire" = LimeWire 4.18.8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (2.0.0.7)" = Mozilla Firefox (2.0.0.7)
"MSC" = McAfee SecurityCenter
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PokerStars" = PokerStars
"PS2" = PS2
"Python 2.2 combined Win32 extensions" = Python 2.2 combined Win32 extensions
"Python 2.2.1" = Python 2.2.1
"QuickTime" = QuickTime
"S3" = VIA/S3G Display Driver
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast Ethernet Adapter
"VTDisplay" = S3 S3Display
"VTGamma2" = S3 S3Gamma2
"VTInfo2" = S3 S3Info2
"VTOverlay" = S3 S3Overlay
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Extras" = Yahoo! Browser Services
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Toolbar" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/20/2009 11:01:55 AM | Computer Name = YOUR-22CA86D5C4 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.16762, faulting
module flash10a.ocx, version 10.0.12.36, fault address 0x0009f685.

Error - 1/21/2009 6:45:41 PM | Computer Name = YOUR-22CA86D5C4 | Source = Application Hang | ID = 1002
Description = Hanging application Ashtons Family Resort.exe, version 0.0.0.0, hang
module hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 1/23/2009 8:46:04 PM | Computer Name = YOUR-22CA86D5C4 | Source = Application Error | ID = 1000
Description = Faulting application quicktimeplayer.exe, version 6.5.1.17, faulting
module quicktimempeg4.qtx, version 6.5.1.17, fault address 0x0000f968.

Error - 1/23/2009 8:46:04 PM | Computer Name = YOUR-22CA86D5C4 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16762, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 1/26/2009 8:14:57 PM | Computer Name = YOUR-22CA86D5C4 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16762, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 1/27/2009 10:03:07 PM | Computer Name = YOUR-22CA86D5C4 | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb958481,
P2 1033, P3 1603, P4 msi, P5 f, P6 9.0.31211.0, P7 install, P8 x86, P9 xp, P10
0.

Error - 1/27/2009 10:41:52 PM | Computer Name = YOUR-22CA86D5C4 | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 11.0.5721.5145, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 1/27/2009 10:42:15 PM | Computer Name = YOUR-22CA86D5C4 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16762, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 2/2/2009 7:19:51 PM | Computer Name = YOUR-22CA86D5C4 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16762, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 2/3/2009 2:18:38 PM | Computer Name = YOUR-22CA86D5C4 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16762, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 2/4/2009 12:09:57 AM | Computer Name = YOUR-22CA86D5C4 | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last
Error was The referenced assembly is not installed on your system.

Error - 2/4/2009 12:09:57 AM | Computer Name = YOUR-22CA86D5C4 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference
error message: The referenced assembly is not installed on your system. .

Error - 2/4/2009 12:09:57 AM | Computer Name = YOUR-22CA86D5C4 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_decbdf0c\MFC80.DLL.
Reference
error message: The operation completed successfully. .


< End of report >


OTListIt logfile created on: 2/4/2009 12:57:28 PM - Run
OTListIt2 by OldTimer - Version 1.0.4.1 Folder = C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\A0QE4ON3
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

447.48 Mb Total Physical Memory | 201.38 Mb Available Physical Memory | 45.00% Memory free
1.03 Gb Paging File | 0.50 Gb Available in Paging File | 48.11% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 108.95 Gb Free Space | 73.10% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-22CA86D5C4
Current User Name: Compaq_Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 90 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

[2008/07/03 22:12:02 | 00,561,152 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
[2008/07/03 22:12:02 | 00,561,152 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
[1998/05/07 18:04:38 | 00,052,736 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\system\hpsysdrv.exe
[2005/03/08 04:33:28 | 00,053,248 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe
[2004/06/29 19:06:38 | 00,088,363 | ---- | M] (Agere Systems) -- C:\WINDOWS\AGRSMMSG.exe
[2003/09/12 22:13:20 | 00,098,304 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\system32\ps2.EXE
[2004/09/07 13:47:52 | 00,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCXMNTR.EXE
[2007/05/08 16:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
[2007/05/15 14:55:46 | 01,628,208 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
[2007/05/15 14:55:26 | 01,057,328 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCD.exe
[2008/12/05 12:06:46 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
[2007/11/01 18:12:38 | 00,582,992 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
[2007/07/17 10:13:56 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
[2008/02/05 19:57:33 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[2007/08/30 17:43:18 | 04,670,704 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
[2009/01/18 11:58:37 | 01,830,128 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
[2007/04/19 12:26:52 | 00,484,904 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
[2005/05/11 23:23:26 | 00,282,624 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[2005/05/12 00:40:38 | 00,204,800 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
[2007/07/17 10:13:34 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
[2007/05/15 14:55:46 | 01,550,896 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
[2008/12/05 12:06:46 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
[2007/04/19 12:35:46 | 00,075,304 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
[2008/01/09 15:50:22 | 00,767,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
[2008/01/25 00:38:12 | 02,458,128 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
[2007/08/15 11:36:04 | 00,359,248 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
[2007/07/24 11:02:14 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
[2003/06/20 08:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
[2007/07/18 14:54:42 | 00,856,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
[2007/12/05 09:04:10 | 00,695,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
[2007/05/11 03:06:38 | 00,341,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
[2009/02/04 12:56:47 | 00,419,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\A0QE4ON3\OTListIt2[1].exe

========== (O23) Win32 Services (SafeList) ==========

[2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2008/07/03 22:12:02 | 00,561,152 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
[2008/07/03 20:05:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
[2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
[2008/10/15 07:11:57 | 00,168,432 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Stopped])
[2008/04/13 19:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc [Auto | Running])
[2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
[2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
[2007/05/15 14:55:46 | 01,550,896 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv [Auto | Running])
[2004/04/21 20:28:04 | 00,401,408 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPodService [On_Demand | Stopped])
[2008/12/05 12:06:46 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
[2007/04/19 12:35:46 | 00,075,304 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
[2008/01/09 15:50:22 | 00,767,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc [Auto | Running])
[2008/01/25 00:38:12 | 02,458,128 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc [Auto | Running])
[2007/11/07 08:35:40 | 00,378,184 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS [On_Demand | Stopped])
[2007/08/15 11:36:04 | 00,359,248 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy [Auto | Running])
[2007/07/24 11:02:14 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield [Unknown | Running])
[2007/12/05 09:04:10 | 00,695,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon [On_Demand | Running])
[2003/06/20 08:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])
[2007/07/18 14:54:42 | 00,856,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe -- (MpfService [Auto | Running])
[2007/04/13 20:09:56 | 00,792,112 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped])
[2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
[2007/05/08 18:47:22 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Stopped])
[2007/08/09 02:27:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12 [Auto | Stopped])
[2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
[2006/09/28 18:56:14 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WudfSvc.dll -- (WudfSvc [Auto | Running])

========== Driver Services (SafeList) ==========

[2004/06/29 19:07:18 | 01,268,204 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem [On_Demand | Stopped])
[2003/12/11 17:54:14 | 00,391,424 | ---- | M] (Sensaura Ltd) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS [On_Demand | Stopped])
[2004/10/01 10:24:02 | 02,279,424 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
[2008/04/13 13:31:33 | 00,037,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\amdk7.sys -- (AmdK7 [System | Running])
[2008/07/04 05:33:34 | 03,230,720 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag [On_Demand | Stopped])
[2001/08/17 11:49:00 | 00,075,136 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atimpae.sys -- (atirage3 [On_Demand | Stopped])
[2004/12/16 13:36:30 | 00,042,496 | ---- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\system32\drivers\fetnd5bv.sys -- (FET5X86V [On_Demand | Stopped])
[2004/12/16 13:36:30 | 00,042,496 | ---- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\system32\drivers\fetnd5bv.sys -- (FETND5BV [On_Demand | Running])
[2001/08/17 21:13:08 | 00,027,165 | ---- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\system32\drivers\fetnd5.sys -- (FETNDIS [On_Demand | Stopped])
[2003/11/12 10:41:08 | 00,041,984 | R--- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\system32\drivers\fetnd5b.sys -- (FETNDISB [On_Demand | Stopped])
[2004/04/06 02:42:36 | 00,013,872 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
[2005/03/07 23:43:25 | 00,051,120 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
[2005/03/07 23:43:26 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
[2005/03/07 23:43:27 | 00,021,744 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
[2007/05/15 14:55:36 | 00,118,576 | ---- | M] (Nero AG) -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs [Disabled | Running])
[2007/05/15 14:55:36 | 00,037,040 | ---- | M] (Nero AG) -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass [System | Running])
[2007/05/15 14:55:36 | 00,038,576 | ---- | M] (Nero AG) -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm [System | Running])
[2008/05/10 18:55:35 | 00,008,413 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\system32\drivers\mcstrm.sys -- (MCSTRM [Auto | Running])
[2007/11/22 05:44:08 | 00,079,304 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk [On_Demand | Running])
[2007/11/22 05:44:08 | 00,035,240 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk [On_Demand | Running])
[2007/11/22 05:44:08 | 00,201,320 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk [System | Running])
[2007/11/22 05:44:04 | 00,033,832 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk [On_Demand | Running])
[2007/12/02 11:51:42 | 00,040,488 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk [On_Demand | Running])
[2007/07/13 05:20:24 | 00,113,952 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\Mpfp.sys -- (MPFP [System | Running])
[2002/07/30 00:43:50 | 00,023,808 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2 [On_Demand | Running])
[2004/08/04 07:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2004/04/22 11:02:00 | 00,020,368 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2004/08/04 00:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139 [On_Demand | Running])
[2008/05/27 10:38:54 | 00,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Running])
[2006/02/16 16:51:08 | 00,004,096 | R--- | M] (SuperAdBlocker, Inc.) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Running])
[2008/05/27 10:38:54 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL [System | Running])
[2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2008/04/13 13:36:40 | 00,044,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\uagp35.sys -- (uagp35 [Boot | Running])
[2008/04/13 13:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])
[2001/05/07 05:56:02 | 00,019,805 | R--- | M] (Thesycon GmbH, Germany) -- C:\WINDOWS\system32\drivers\usbio.sys -- (USBIO [On_Demand | Stopped])
[2003/07/03 03:42:00 | 00,027,904 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1 [Boot | Running])
[2005/03/08 11:50:16 | 00,172,544 | ---- | M] (Copyright © VIA/S3 Graphics Co, Ltd.) -- C:\WINDOWS\system32\drivers\vtmini.sys -- (viagfx [On_Demand | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...&pf=desktop
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...a...&pf=desktop
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions =
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://cm.my.yahoo.com/
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKCU\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AGRSMMSG] AGRSMMSG.exe (Agere Systems)
O4 - HKLM..\Run: [AlcxMonitor] ALCXMNTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey (McAfee, Inc.)
O4 - HKLM..\Run: [PS2] C:\WINDOWS\system32\ps2.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE ()
O4 - HKLM..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe (Nero AG)
O4 - HKLM..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [VTTimer] VTTimer.exe (S3 Graphics, Inc.)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (Hewlett-Packard Company)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 File not found
O4 - HKCU..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Sites: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://www.kaspersky...can_unicode.cab (CKAVWebScan Object)
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} http://disney.go.com...OnlineGames.cab (Disney Online Games ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1201993462062 (WUWebControl Class)
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} http://h20270.www2.h...ctDetection.cab (HpProductDetection Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://games.myspace...ronGameHost.cab (Oberon Flash Game Host)
O18 - Protocol\Handler: - ipp - No CLSID value found
O18 - Protocol\Handler: - ipp\0x00000001 - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp - No CLSID value found
O18 - Protocol\Handler: - msdaipp\0x00000001 - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp\oledb - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - See sections below for AppInitDlls and Winlogon settings

========== Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
!SASWinLogon: "DllName" = C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL -- C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
AtiExtEvent: "DllName" = Ati2evxx.dll -- C:\WINDOWS\system32\ati2evxx.dll (ATI Technologies Inc.)

========== Shell Execute Hooks ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" (HKLM) -- C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

========== Safeboot Options ==========

"AlternateShell" = cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[2004/08/09 00:45:44 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

========== Files/Folders - Created Within 90 Days ==========

[5 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/01/27 21:09:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\PCHealth
[2009/01/27 20:56:55 | 00,000,000 | ---D | C] -- C:\ada4dbf90f55b919d668b52341bd
[2009/01/27 20:54:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/01/27 20:54:10 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2009/01/27 20:54:00 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/01/27 20:52:52 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2009/01/27 20:52:51 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2009/01/27 20:52:51 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsshhdr.dll
[2009/01/27 20:52:51 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2009/01/27 20:52:51 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2009/01/27 20:52:50 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2009/01/27 20:52:50 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2009/01/27 20:52:49 | 00,000,000 | ---D | C] -- C:\bb4e114d14ba5547c810ee25
[2009/01/27 20:45:14 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/01/27 20:26:04 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/01/26 11:10:29 | 00,001,369 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Limewire Downloads.lnk
[2009/01/23 19:43:45 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2009/01/23 19:43:45 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2009/01/18 04:30:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dfshim323232.dll
[2009/01/18 04:28:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dfrgsnap3232.dll
[2009/01/18 04:22:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\ddeml3232.dll
[2009/01/18 04:21:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dbnmpntw3232.dll
[2009/01/18 04:20:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dbnetlib32.dll
[2009/01/18 04:18:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\davclnt3232.dll
[2009/01/18 04:16:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\d3dxof3232.dll
[2009/01/18 04:15:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\D3DX9_3832.dll
[2009/01/18 04:14:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\d3dx9_363232.dll
[2009/01/18 04:12:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\d3dx9_323232.dll
[2009/01/18 04:10:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\d3dx9_2932.dll
[2009/01/18 04:00:55 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\cscdll3232.dll
[2009/01/18 04:00:54 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\cryptsvc3232.dll
[2009/01/18 04:00:53 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\cryptnet32.dll
[2009/01/18 04:00:51 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\crypt323232.dll
[2009/01/18 04:00:50 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\credui3232.dll
[2009/01/18 04:00:49 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\credssp32.dll
[2009/01/18 04:00:47 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\comuid3232.dll
[2009/01/18 04:00:45 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\comrepl3232.dll
[2009/01/18 04:00:43 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\compatui3232.dll
[2009/01/18 04:00:37 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\cmpbk323232.dll
[2009/01/18 04:00:36 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt32.dll
[2009/01/18 04:00:35 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\cmcfg3232.dll
[2009/01/18 04:00:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\catsrvps3232.dll
[2009/01/18 04:00:24 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\cards3232.dll
[2009/01/18 04:00:23 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\capesnpn32.dll
[2009/01/18 04:00:21 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\btpanui3232.dll
[2009/01/18 04:00:19 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\browseui32.dll
[2009/01/18 04:00:17 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\bootvid32.dll
[2009/01/18 04:00:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\bitsprx332.dll
[2009/01/18 04:00:15 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\bidispl32.dll
[2009/01/18 04:00:14 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\bfc4232.dll
[2009/01/18 04:00:13 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\batt32.dll
[2009/01/18 04:00:12 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\azroles32.dll
[2009/01/18 04:00:11 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\avtapi32.dll
[2009/01/18 04:00:10 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\avifile32.dll
[2009/01/18 04:00:08 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\audiosrv32.dll
[2009/01/18 04:00:07 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\Audio3D32.dll
[2009/01/18 04:00:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\atmpvcno32.dll
[2009/01/18 04:00:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\atl
  • 0

#4
heir
Posted 04 February 2009 - 01:29 PM

heir

    Trusted Helper

  • Malware Removal
  • 5,427 posts
Your OTListIt.txt got cut off. Not your fault.

Please post the content of that log again
  • 0

#5
Jessieboogie
Posted 04 February 2009 - 02:15 PM

Jessieboogie

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 105 posts
OTListIt logfile created on: 2/4/2009 3:15:42 PM - Run 2
OTListIt2 by OldTimer - Version 1.0.4.1 Folder = C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\A0QE4ON3
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

447.48 Mb Total Physical Memory | 95.40 Mb Available Physical Memory | 21.32% Memory free
1.03 Gb Paging File | 0.44 Gb Available in Paging File | 42.31% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 108.94 Gb Free Space | 73.10% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-22CA86D5C4
Current User Name: Compaq_Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 90 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

[2008/07/03 22:12:02 | 00,561,152 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
[2008/07/03 22:12:02 | 00,561,152 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
[1998/05/07 18:04:38 | 00,052,736 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\system\hpsysdrv.exe
[2005/03/08 04:33:28 | 00,053,248 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe
[2004/06/29 19:06:38 | 00,088,363 | ---- | M] (Agere Systems) -- C:\WINDOWS\AGRSMMSG.exe
[2003/09/12 22:13:20 | 00,098,304 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\system32\ps2.EXE
[2004/09/07 13:47:52 | 00,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCXMNTR.EXE
[2007/05/08 16:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
[2007/05/15 14:55:46 | 01,628,208 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
[2007/05/15 14:55:26 | 01,057,328 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCD.exe
[2008/12/05 12:06:46 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
[2007/11/01 18:12:38 | 00,582,992 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
[2007/07/17 10:13:56 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
[2008/02/05 19:57:33 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[2007/08/30 17:43:18 | 04,670,704 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
[2009/01/18 11:58:37 | 01,830,128 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
[2007/04/19 12:26:52 | 00,484,904 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
[2005/05/11 23:23:26 | 00,282,624 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[2005/05/12 00:40:38 | 00,204,800 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
[2007/07/17 10:13:34 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
[2007/05/15 14:55:46 | 01,550,896 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
[2008/12/05 12:06:46 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
[2007/04/19 12:35:46 | 00,075,304 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
[2008/01/09 15:50:22 | 00,767,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
[2008/01/25 00:38:12 | 02,458,128 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
[2007/08/15 11:36:04 | 00,359,248 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
[2007/07/24 11:02:14 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
[2003/06/20 08:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
[2007/07/18 14:54:42 | 00,856,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
[2007/12/05 09:04:10 | 00,695,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
[2007/05/11 03:06:38 | 00,341,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
[2008/10/15 02:06:26 | 00,633,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
[2009/02/04 15:15:36 | 00,419,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\A0QE4ON3\OTListIt2[1].exe

========== (O23) Win32 Services (SafeList) ==========

[2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2008/07/03 22:12:02 | 00,561,152 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
[2008/07/03 20:05:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
[2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
[2008/10/15 07:11:57 | 00,168,432 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Stopped])
[2008/04/13 19:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc [Auto | Running])
[2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
[2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
[2007/05/15 14:55:46 | 01,550,896 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv [Auto | Running])
[2004/04/21 20:28:04 | 00,401,408 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPodService [On_Demand | Stopped])
[2008/12/05 12:06:46 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
[2007/04/19 12:35:46 | 00,075,304 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
[2008/01/09 15:50:22 | 00,767,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc [Auto | Running])
[2008/01/25 00:38:12 | 02,458,128 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc [Auto | Running])
[2007/11/07 08:35:40 | 00,378,184 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS [On_Demand | Stopped])
[2007/08/15 11:36:04 | 00,359,248 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy [Auto | Running])
[2007/07/24 11:02:14 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield [Unknown | Running])
[2007/12/05 09:04:10 | 00,695,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon [On_Demand | Running])
[2003/06/20 08:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])
[2007/07/18 14:54:42 | 00,856,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe -- (MpfService [Auto | Running])
[2007/04/13 20:09:56 | 00,792,112 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped])
[2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
[2007/05/08 18:47:22 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Stopped])
[2007/08/09 02:27:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12 [Auto | Stopped])
[2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
[2006/09/28 18:56:14 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WudfSvc.dll -- (WudfSvc [Auto | Running])

========== Driver Services (SafeList) ==========

[2004/06/29 19:07:18 | 01,268,204 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem [On_Demand | Stopped])
[2003/12/11 17:54:14 | 00,391,424 | ---- | M] (Sensaura Ltd) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS [On_Demand | Stopped])
[2004/10/01 10:24:02 | 02,279,424 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
[2008/04/13 13:31:33 | 00,037,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\amdk7.sys -- (AmdK7 [System | Running])
[2008/07/04 05:33:34 | 03,230,720 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag [On_Demand | Stopped])
[2001/08/17 11:49:00 | 00,075,136 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atimpae.sys -- (atirage3 [On_Demand | Stopped])
[2004/12/16 13:36:30 | 00,042,496 | ---- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\system32\drivers\fetnd5bv.sys -- (FET5X86V [On_Demand | Stopped])
[2004/12/16 13:36:30 | 00,042,496 | ---- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\system32\drivers\fetnd5bv.sys -- (FETND5BV [On_Demand | Running])
[2001/08/17 21:13:08 | 00,027,165 | ---- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\system32\drivers\fetnd5.sys -- (FETNDIS [On_Demand | Stopped])
[2003/11/12 10:41:08 | 00,041,984 | R--- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\system32\drivers\fetnd5b.sys -- (FETNDISB [On_Demand | Stopped])
[2004/04/06 02:42:36 | 00,013,872 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
[2005/03/07 23:43:25 | 00,051,120 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
[2005/03/07 23:43:26 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
[2005/03/07 23:43:27 | 00,021,744 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
[2007/05/15 14:55:36 | 00,118,576 | ---- | M] (Nero AG) -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs [Disabled | Running])
[2007/05/15 14:55:36 | 00,037,040 | ---- | M] (Nero AG) -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass [System | Running])
[2007/05/15 14:55:36 | 00,038,576 | ---- | M] (Nero AG) -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm [System | Running])
[2008/05/10 18:55:35 | 00,008,413 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\system32\drivers\mcstrm.sys -- (MCSTRM [Auto | Running])
[2007/11/22 05:44:08 | 00,079,304 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk [On_Demand | Running])
[2007/11/22 05:44:08 | 00,035,240 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk [On_Demand | Running])
[2007/11/22 05:44:08 | 00,201,320 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk [System | Running])
[2007/11/22 05:44:04 | 00,033,832 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk [On_Demand | Running])
[2007/12/02 11:51:42 | 00,040,488 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk [On_Demand | Running])
[2007/07/13 05:20:24 | 00,113,952 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\Mpfp.sys -- (MPFP [System | Running])
[2002/07/30 00:43:50 | 00,023,808 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2 [On_Demand | Running])
[2004/08/04 07:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2004/04/22 11:02:00 | 00,020,368 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2004/08/04 00:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139 [On_Demand | Running])
[2008/05/27 10:38:54 | 00,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Running])
[2006/02/16 16:51:08 | 00,004,096 | R--- | M] (SuperAdBlocker, Inc.) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Running])
[2008/05/27 10:38:54 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL [System | Running])
[2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2008/04/13 13:36:40 | 00,044,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\uagp35.sys -- (uagp35 [Boot | Running])
[2008/04/13 13:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])
[2001/05/07 05:56:02 | 00,019,805 | R--- | M] (Thesycon GmbH, Germany) -- C:\WINDOWS\system32\drivers\usbio.sys -- (USBIO [On_Demand | Stopped])
[2003/07/03 03:42:00 | 00,027,904 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1 [Boot | Running])
[2005/03/08 11:50:16 | 00,172,544 | ---- | M] (Copyright © VIA/S3 Graphics Co, Ltd.) -- C:\WINDOWS\system32\drivers\vtmini.sys -- (viagfx [On_Demand | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...&pf=desktop
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...a...&pf=desktop
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions =
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://cm.my.yahoo.com/
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKCU\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AGRSMMSG] AGRSMMSG.exe (Agere Systems)
O4 - HKLM..\Run: [AlcxMonitor] ALCXMNTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey (McAfee, Inc.)
O4 - HKLM..\Run: [PS2] C:\WINDOWS\system32\ps2.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE ()
O4 - HKLM..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe (Nero AG)
O4 - HKLM..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [VTTimer] VTTimer.exe (S3 Graphics, Inc.)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (Hewlett-Packard Company)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 File not found
O4 - HKCU..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Sites: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://www.kaspersky...can_unicode.cab (CKAVWebScan Object)
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} http://disney.go.com...OnlineGames.cab (Disney Online Games ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1201993462062 (WUWebControl Class)
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} http://h20270.www2.h...ctDetection.cab (HpProductDetection Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://games.myspace...ronGameHost.cab (Oberon Flash Game Host)
O18 - Protocol\Handler: - ipp - No CLSID value found
O18 - Protocol\Handler: - ipp\0x00000001 - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp - No CLSID value found
O18 - Protocol\Handler: - msdaipp\0x00000001 - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp\oledb - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - See sections below for AppInitDlls and Winlogon settings

========== Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
!SASWinLogon: "DllName" = C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL -- C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
AtiExtEvent: "DllName" = Ati2evxx.dll -- C:\WINDOWS\system32\ati2evxx.dll (ATI Technologies Inc.)

========== Shell Execute Hooks ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" (HKLM) -- C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

========== Safeboot Options ==========

"AlternateShell" = cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[2004/08/09 00:45:44 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

========== Files/Folders - Created Within 90 Days ==========

[5 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/01/27 21:09:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\PCHealth
[2009/01/27 20:56:55 | 00,000,000 | ---D | C] -- C:\ada4dbf90f55b919d668b52341bd
[2009/01/27 20:54:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/01/27 20:54:10 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2009/01/27 20:54:00 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/01/27 20:52:52 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2009/01/27 20:52:51 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2009/01/27 20:52:51 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsshhdr.dll
[2009/01/27 20:52:51 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2009/01/27 20:52:51 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2009/01/27 20:52:50 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2009/01/27 20:52:50 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2009/01/27 20:52:49 | 00,000,000 | ---D | C] -- C:\bb4e114d14ba5547c810ee25
[2009/01/27 20:45:14 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/01/27 20:26:04 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/01/26 11:10:29 | 00,001,369 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Limewire Downloads.lnk
[2009/01/23 19:43:45 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2009/01/23 19:43:45 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2009/01/18 04:30:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dfshim323232.dll
[2009/01/18 04:28:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dfrgsnap3232.dll
[2009/01/18 04:22:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\ddeml3232.dll
[2009/01/18 04:21:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dbnmpntw3232.dll
[2009/01/18 04:20:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dbnetlib32.dll
[2009/01/18 04:18:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\davclnt3232.dll
[2009/01/18 04:16:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\d3dxof3232.dll
[2009/01/18 04:15:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\D3DX9_3832.dll
[2009/01/18 04:14:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\d3dx9_363232.dll
[2009/01/18 04:12:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\d3dx9_323232.dll
[2009/01/18 04:10:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\d3dx9_2932.dll
[2009/01/18 04:00:55 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\cscdll3232.dll
[2009/01/18 04:00:54 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\cryptsvc3232.dll
[2009/01/18 04:00:53 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\cryptnet32.dll
[2009/01/18 04:00:51 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\crypt323232.dll
[2009/01/18 04:00:50 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\credui3232.dll
[2009/01/18 04:00:49 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\credssp32.dll
[2009/01/18 04:00:47 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\comuid3232.dll
[2009/01/18 04:00:45 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\comrepl3232.dll
[2009/01/18 04:00:43 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\compatui3232.dll
[2009/01/18 04:00:37 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\cmpbk323232.dll
[2009/01/18 04:00:36 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt32.dll
[2009/01/18 04:00:35 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\cmcfg3232.dll
[2009/01/18 04:00:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\catsrvps3232.dll
[2009/01/18 04:00:24 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\cards3232.dll
[2009/01/18 04:00:23 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\capesnpn32.dll
[2009/01/18 04:00:21 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\btpanui3232.dll
[2009/01/18 04:00:19 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\browseui32.dll
[2009/01/18 04:00:17 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\bootvid32.dll
[2009/01/18 04:00:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\bitsprx332.dll
[2009/01/18 04:00:15 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\bidispl32.dll
[2009/01/18 04:00:14 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\bfc4232.dll
[2009/01/18 04:00:13 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\batt32.dll
[2009/01/18 04:00:12 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\azroles32.dll
[2009/01/18 04:00:11 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\avtapi32.dll
[2009/01/18 04:00:10 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\avifile32.dll
[2009/01/18 04:00:08 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\audiosrv32.dll
[2009/01/18 04:00:07 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\Audio3D32.dll
[2009/01/18 04:00:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\atmpvcno32.dll
[2009/01/18 04:00:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\atl7132.dll
[2009/01/18 04:00:04 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\atl32.dll
[2009/01/18 04:00:03 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx32.dll
[2009/01/18 04:00:02 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\ativcoxx32.dll
[2009/01/18 04:00:01 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\atiok3x232.dll
[2009/01/18 04:00:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\atioglx232.dll
[2009/01/18 03:59:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\eapphost32.dll
[2009/01/18 03:58:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\eappcfg32.dll
[2009/01/18 03:57:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\eapolqec32.dll
[2009/01/18 03:56:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dxtmsft32.dll
[2009/01/18 03:55:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dx8vb32.dll
[2009/01/18 03:54:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\duser32.dll
[2009/01/18 03:53:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dswave32.dll
[2009/01/18 03:49:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dskquoui32.dll
[2009/01/18 03:48:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dsetup32.dll
[2009/01/18 03:47:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dsauth32.dll
[2009/01/18 03:45:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\drmv2clt32.dll
[2009/01/18 03:41:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dpnwsock32.dll
[2009/01/18 03:40:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dpnhupnp32.dll
[2009/01/18 03:39:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dpnet32.dll
[2009/01/18 03:36:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dot3svc32.dll
[2009/01/18 03:34:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dot3cfg3232.dll
[2009/01/18 03:19:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dhcpqec3232.dll
[2009/01/18 03:15:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dfshim3232.dll
[2009/01/18 03:14:56 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\deskmon3232.dll
[2009/01/18 03:14:53 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\ddeml32.dll
[2009/01/18 03:14:52 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dbnmpntw32.dll
[2009/01/18 03:14:50 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\davclnt32.dll
[2009/01/18 03:14:48 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\d3dxof32.dll
[2009/01/18 03:14:47 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\d3dx9_3632.dll
[2009/01/18 03:14:46 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\d3dx9_3432.dll
[2009/01/18 03:14:45 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\d3dx9_3232.dll
[2009/01/18 03:14:44 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\d3dx9_3032.dll
[2009/01/18 03:14:43 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\d3dx9_2732.dll
[2009/01/18 03:14:42 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\d3dx9_2532.dll
[2009/01/18 03:14:40 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\d3dx10_3532.dll
[2009/01/18 03:14:39 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\d3dx10_3332.dll
[2009/01/18 03:14:37 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\d3dim70032.dll
[2009/01/18 03:14:36 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\D3DCompiler_3732.dll
[2009/01/18 03:14:35 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\D3DCompiler_3532.dll
[2009/01/18 03:14:34 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\D3DCompiler_3332.dll
[2009/01/18 03:14:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\ctl3d3232.dll
[2009/01/18 03:14:31 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\csrsrv32.dll
[2009/01/18 03:14:30 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\cscdll32.dll
[2009/01/18 03:14:29 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\cryptsvc32.dll
[2009/01/18 03:14:28 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\cryptdll32.dll
[2009/01/18 03:14:26 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\credui32.dll
[2009/01/18 03:14:22 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\comrepl32.dll
[2009/01/18 03:14:20 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\comdlg3232.dll
[2009/01/18 03:14:19 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\comcat32.dll
[2009/01/18 03:14:18 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\colbact32.dll
[2009/01/18 03:14:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\cmsetacl32.dll
[2009/01/18 03:14:15 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\cmpbk3232.dll
[2009/01/18 03:14:14 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\cmdial3232.dll
[2009/01/18 03:14:11 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\ciodm32.dll
[2009/01/18 03:14:10 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\cfgmgr3232.dll
[2009/01/18 03:14:09 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\cewmdm32.dll
[2009/01/18 03:14:07 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\cdmodem32.dll
[2009/01/18 03:14:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\ccfgnt32.dll
[2009/01/18 03:14:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\cc325032.dll
[2009/01/18 03:14:04 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\catsrvps32.dll
[2009/01/18 03:14:03 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\cards32.dll
[2009/01/18 03:14:01 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\btpanui32.dll
[2009/01/18 03:14:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\bthci32.dll
[2009/01/18 03:13:52 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dmcompos32.dll
[2009/01/18 03:13:51 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dispex32.dll
[2009/01/18 03:13:49 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dimsroam32.dll
[2009/01/18 03:13:47 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\diactfrm32.dll
[2009/01/18 03:13:46 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dhcpqec32.dll
[2009/01/18 03:13:44 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dgnet32.dll
[2009/01/18 03:13:43 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dfshim32.dll
[2009/01/18 03:13:41 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\devenum32.dll
[2009/01/18 03:13:39 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\deploytk32.dll
[2009/01/18 03:12:55 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\dot3cfg32.dll
[2009/01/17 19:57:12 | 00,000,000 | ---D | C] -- C:\Program Files\Westward III Gold Rush
[2009/01/17 12:37:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2009/01/17 12:34:10 | 00,000,000 | ---D | C] -- C:\GameHouse Games
[2009/01/17 12:34:01 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/01/17 12:33:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2009/01/17 12:32:51 | 00,000,000 | ---D | C] -- C:\Program Files\RealArcade
[2009/01/16 10:58:45 | 00,000,482 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\ornament club.rtf
[2009/01/05 11:41:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Reflexive Ashtons Family Resort
[2009/01/05 11:41:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Reflexive Ashtons Family Resort
[2009/01/05 11:40:54 | 00,000,846 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Ashtons Family Resort.lnk
[2009/01/05 11:40:27 | 00,000,000 | ---D | C] -- C:\Program Files\Ashtons Family Resort
[2009/01/01 22:52:40 | 00,000,000 | ---D | C] -- C:\Program Files\Mushroom Age
[2008/12/31 13:12:36 | 00,000,000 | ---D | C] -- C:\Program Files\Kivis Underworld
[2008/12/27 19:57:28 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2008/12/26 21:05:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\My Spore Creations
[2008/12/26 21:05:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\SPORE Creature Creator
[2008/12/26 21:04:21 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\SecuROM
[2008/12/26 21:03:48 | 00,000,000 | ---D | C] -- C:\ProgramData
[2008/12/26 21:03:37 | 00,002,536 | ---- | C] () -- C:\WINDOWS\System32\ealregsnapshot1.reg
[2008/12/26 21:03:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Downloaded Installations
[2008/12/26 21:01:59 | 00,001,926 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SPORE™ Creature Creator.lnk
[2008/12/26 20:56:41 | 00,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2008/12/06 12:48:42 | 00,000,671 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Kudos 2.lnk
[2008/12/06 12:47:48 | 00,000,000 | ---D | C] -- C:\Program Files\Kudos 2
[2008/12/02 18:46:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
[2008/12/02 14:03:24 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2008/12/02 14:02:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2008/12/02 14:01:25 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2008/12/02 14:01:05 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2008/12/02 14:00:28 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[2008/12/02 13:57:56 | 00,459,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2008/12/02 13:57:56 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2008/12/02 13:57:55 | 00,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2008/12/02 13:57:54 | 00,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2008/12/02 13:57:54 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2008/12/02 13:57:54 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2008/12/02 13:57:53 | 02,455,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2008/12/02 13:57:52 | 00,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2008/12/02 13:57:50 | 06,066,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2008/11/30 09:33:13 | 00,000,000 | ---D | C] -- C:\Program Files\My Tribe
[2008/11/27 09:12:51 | 00,001,588 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\LimeWire 4.18.8.lnk
[2008/11/25 13:17:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\Floodgate
[2008/11/25 13:16:58 | 00,000,896 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Daycare Nightmare Mini Monsters.lnk
[2008/11/25 13:16:48 | 00,000,000 | ---D | C] -- C:\Program Files\Daycare Nightmare Mini Monsters
[2008/11/20 11:22:05 | 00,000,000 | ---D | C] -- C:\Program Files\Detective Stories Hollywood
[2008/11/17 20:50:49 | 00,000,000 | ---D | C] -- C:\Program Files\BC Kings
[2008/11/14 12:40:59 | 00,000,000 | ---D | C] -- C:\Program Files\National Geographic Games Herods Lost Tomb
[2008/11/12 17:56:02 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2008/11/12 17:55:44 | 01,106,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2008/11/10 18:38:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2008/11/06 15:38:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Gogii

========== Files - Modified Within 90 Days ==========

[5 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/02/01 01:00:18 | 00,000,346 | ---- | M] () -- C:\WINDOWS\tasks\McQcTask.job
[2009/01/30 17:45:59 | 00,019,668 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2009/01/27 21:05:31 | 00,028,824 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/01/27 21:04:54 | 00,000,186 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2009/01/27 21:04:51 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/01/27 21:04:41 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/01/27 21:04:37 | 00,144,424 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/01/27 20:55:40 | 00,521,474 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/01/27 20:55:40 | 00,442,466 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/01/27 20:55:40 | 00,071,732 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/01/27 20:54:53 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/01/26 11:12:08 | 00,001,369 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Limewire Downloads.lnk
[2009/01/23 19:43:45 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/01/23 19:43:45 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009/01/22 00:06:01 | 00,040,448 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/18 04:30:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\dfshim323232.dll
[2009/01/18 04:28:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\dfrgsnap3232.dll
[2009/01/18 04:22:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\ddeml3232.dll
[2009/01/18 04:21:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\dbnmpntw3232.dll
[2009/01/18 04:20:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\dbnetlib32.dll
[2009/01/18 04:18:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\davclnt3232.dll
[2009/01/18 04:16:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\d3dxof3232.dll
[2009/01/18 04:15:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\D3DX9_3832.dll
[2009/01/18 04:14:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\d3dx9_363232.dll
[2009/01/18 04:12:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\d3dx9_323232.dll
[2009/01/18 04:10:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\d3dx9_2932.dll
[2009/01/18 04:00:55 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\cscdll3232.dll
[2009/01/18 04:00:54 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\cryptsvc3232.dll
[2009/01/18 04:00:53 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\cryptnet32.dll
[2009/01/18 04:00:51 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\crypt323232.dll
[2009/01/18 04:00:50 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\credui3232.dll
[2009/01/18 04:00:49 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\credssp32.dll
[2009/01/18 04:00:47 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\comuid3232.dll
[2009/01/18 04:00:45 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\comrepl3232.dll
[2009/01/18 04:00:43 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\compatui3232.dll
[2009/01/18 04:00:37 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\cmpbk323232.dll
[2009/01/18 04:00:36 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\CmdLineExt32.dll
[2009/01/18 04:00:35 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\cmcfg3232.dll
[2009/01/18 04:00:25 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\catsrvps3232.dll
[2009/01/18 04:00:24 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\cards3232.dll
[2009/01/18 04:00:23 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\capesnpn32.dll
[2009/01/18 04:00:21 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\btpanui3232.dll
[2009/01/18 04:00:19 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\browseui32.dll
[2009/01/18 04:00:17 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\bootvid32.dll
[2009/01/18 04:00:16 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\bitsprx332.dll
[2009/01/18 04:00:15 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\bidispl32.dll
[2009/01/18 04:00:14 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\bfc4232.dll
[2009/01/18 04:00:13 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\batt32.dll
[2009/01/18 04:00:12 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\azroles32.dll
[2009/01/18 04:00:11 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\avtapi32.dll
[2009/01/18 04:00:10 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\avifile32.dll
[2009/01/18 04:00:08 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\audiosrv32.dll
[2009/01/18 04:00:07 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\Audio3D32.dll
[2009/01/18 04:00:06 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\atmpvcno32.dll
[2009/01/18 04:00:05 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\atl7132.dll
[2009/01/18 04:00:04 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\atl32.dll
[2009/01/18 04:00:03 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx32.dll
[2009/01/18 04:00:02 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\ativcoxx32.dll
[2009/01/18 04:00:01 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\atiok3x232.dll
[2009/01/18 04:00:00 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\atioglx232.dll
[2009/01/18 03:59:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\eapphost32.dll
[2009/01/18 03:58:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\eappcfg32.dll
[2009/01/18 03:57:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\eapolqec32.dll
[2009/01/18 03:56:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\dxtmsft32.dll
[2009/01/18 03:55:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\dx8vb32.dll
[2009/01/18 03:54:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\duser32.dll
[2009/01/18 03:53:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\dswave32.dll
[2009/01/18 03:49:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\dskquoui32.dll
[2009/01/18 03:48:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\dsetup32.dll
[2009/01/18 03:47:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\dsauth32.dll
[2009/01/18 03:45:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\drmv2clt32.dll
[2009/01/18 03:41:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\dpnwsock32.dll
[2009/01/18 03:40:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\dpnhupnp32.dll
[2009/01/18 03:39:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\dpnet32.dll
[2009/01/18 03:36:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\dot3svc32.dll
[2009/01/18 03:34:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\dot3cfg3232.dll
[2009/01/18 03:19:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\dhcpqec3232.dll
[2009/01/18 03:15:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\dfshim3232.dll
[2009/01/18 03:14:56 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\deskmon3232.dll
[2009/01/18 03:14:53 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\ddeml32.dll
[2009/01/18 03:14:52 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\dbnmpntw32.dll
[2009/01/18 03:14:50 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\davclnt32.dll
[2009/01/18 03:14:48 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\d3dxof32.dll
[2009/01/18 03:14:47 | 00,000,000 | ----
  • 0

#6
Jessieboogie
Posted 04 February 2009 - 02:20 PM

Jessieboogie

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 105 posts
It keeps cutting off........when I paste its all there but when I click to add reply it cuts off......now what :)
  • 0

#7
heir
Posted 05 February 2009 - 01:26 AM

heir

    Trusted Helper

  • Malware Removal
  • 5,427 posts
Ah I see the log is to long.

Post the content of the log below this line

========== Files - Modified Within 90 Days ==========

In you next reply.
And we'll see if it fits in to your post.

If not, attach the log instead
  • 0

#8
Jessieboogie
Posted 06 February 2009 - 09:06 AM

Jessieboogie

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 105 posts
Attached File  OTListIt.Txt   137.79KB   267 downloads
  • 0

#9
heir
Posted 06 February 2009 - 10:51 AM

heir

    Trusted Helper

  • Malware Removal
  • 5,427 posts
Step 1.
Uninstall unwanted software:

Please go to Start > Control Panel > Add/Remove Programs and remove the following (if present):

BitTorrent
DNA
Java™ 6 Update 4
Java™ 6 Update 5
Java™ 6 Update 7
LimeWire 4.18.8


Optional removals
Limewire, BitTorrent, DNA and P2P programs in general are legal themselves, but much of the content downloaded with them is downloaded illegally. They are also a great way to infect yourself with malware.
It's up to you if you want to remove the above programs, however I recommend you do.

Step 2.
OTMoveIt3:

Please download the OTMoveIt3 by OldTimer.
  • Save it to your desktop.
  • Please double-click OTMoveIt3.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    :Processes
explorer.exe
:Files
C:\WINDOWS\System32\dfshim323232.dll
C:\WINDOWS\System32\dfrgsnap3232.dll
C:\WINDOWS\System32\ddeml3232.dll
C:\WINDOWS\System32\dbnmpntw3232.dll
C:\WINDOWS\System32\dbnetlib32.dll
C:\WINDOWS\System32\davclnt3232.dll
C:\WINDOWS\System32\d3dxof3232.dll
C:\WINDOWS\System32\D3DX9_3832.dll
C:\WINDOWS\System32\d3dx9_363232.dll
C:\WINDOWS\System32\d3dx9_323232.dll
C:\WINDOWS\System32\d3dx9_2932.dll
C:\WINDOWS\System32\cscdll3232.dll
C:\WINDOWS\System32\cryptsvc3232.dll
C:\WINDOWS\System32\cryptnet32.dll
C:\WINDOWS\System32\crypt323232.dll
C:\WINDOWS\System32\credui3232.dll
C:\WINDOWS\System32\credssp32.dll
C:\WINDOWS\System32\comuid3232.dll
C:\WINDOWS\System32\comrepl3232.dll
C:\WINDOWS\System32\compatui3232.dll
C:\WINDOWS\System32\cmpbk323232.dll
C:\WINDOWS\System32\CmdLineExt32.dll
C:\WINDOWS\System32\cmcfg3232.dll
C:\WINDOWS\System32\catsrvps3232.dll
C:\WINDOWS\System32\cards3232.dll
C:\WINDOWS\System32\capesnpn32.dll
C:\WINDOWS\System32\btpanui3232.dll
C:\WINDOWS\System32\browseui32.dll
C:\WINDOWS\System32\bootvid32.dll
C:\WINDOWS\System32\bitsprx332.dll
C:\WINDOWS\System32\bidispl32.dll
C:\WINDOWS\System32\bfc4232.dll
C:\WINDOWS\System32\batt32.dll
C:\WINDOWS\System32\azroles32.dll
C:\WINDOWS\System32\avtapi32.dll
C:\WINDOWS\System32\avifile32.dll
C:\WINDOWS\System32\audiosrv32.dll
C:\WINDOWS\System32\Audio3D32.dll
C:\WINDOWS\System32\atmpvcno32.dll
C:\WINDOWS\System32\atl7132.dll
C:\WINDOWS\System32\atl32.dll
C:\WINDOWS\System32\ativvaxx32.dll
C:\WINDOWS\System32\ativcoxx32.dll
C:\WINDOWS\System32\atiok3x232.dll
C:\WINDOWS\System32\atioglx232.dll
C:\WINDOWS\System32\eapphost32.dll
C:\WINDOWS\System32\eappcfg32.dll
C:\WINDOWS\System32\eapolqec32.dll
C:\WINDOWS\System32\dxtmsft32.dll
C:\WINDOWS\System32\dx8vb32.dll
C:\WINDOWS\System32\duser32.dll
C:\WINDOWS\System32\dswave32.dll
C:\WINDOWS\System32\dskquoui32.dll
C:\WINDOWS\System32\dsetup32.dll
C:\WINDOWS\System32\dsauth32.dll
C:\WINDOWS\System32\drmv2clt32.dll
C:\WINDOWS\System32\dpnwsock32.dll
C:\WINDOWS\System32\dpnhupnp32.dll
C:\WINDOWS\System32\dpnet32.dll
C:\WINDOWS\System32\dot3svc32.dll
C:\WINDOWS\System32\dot3cfg3232.dll
C:\WINDOWS\System32\dhcpqec3232.dll
C:\WINDOWS\System32\dfshim3232.dll
C:\WINDOWS\System32\deskmon3232.dll
C:\WINDOWS\System32\ddeml32.dll
C:\WINDOWS\System32\dbnmpntw32.dll
C:\WINDOWS\System32\davclnt32.dll
C:\WINDOWS\System32\d3dxof32.dll
C:\WINDOWS\System32\d3dx9_3632.dll
C:\WINDOWS\System32\d3dx9_3432.dll
C:\WINDOWS\System32\d3dx9_3232.dll
C:\WINDOWS\System32\d3dx9_3032.dll
C:\WINDOWS\System32\d3dx9_2732.dll
C:\WINDOWS\System32\d3dx9_2532.dll
C:\WINDOWS\System32\d3dx10_3532.dll
C:\WINDOWS\System32\d3dx10_3332.dll
C:\WINDOWS\System32\d3dim70032.dll
C:\WINDOWS\System32\D3DCompiler_3732.dll
C:\WINDOWS\System32\D3DCompiler_3532.dll
C:\WINDOWS\System32\D3DCompiler_3332.dll
C:\WINDOWS\System32\ctl3d3232.dll
C:\WINDOWS\System32\csrsrv32.dll
C:\WINDOWS\System32\cscdll32.dll
C:\WINDOWS\System32\cryptsvc32.dll
C:\WINDOWS\System32\cryptdll32.dll
C:\WINDOWS\System32\credui32.dll
C:\WINDOWS\System32\comrepl32.dll
C:\WINDOWS\System32\comdlg3232.dll
C:\WINDOWS\System32\comcat32.dll
C:\WINDOWS\System32\colbact32.dll
C:\WINDOWS\System32\cmsetacl32.dll
C:\WINDOWS\System32\cmpbk3232.dll
C:\WINDOWS\System32\cmdial3232.dll
C:\WINDOWS\System32\ciodm32.dll
C:\WINDOWS\System32\cfgmgr3232.dll
C:\WINDOWS\System32\cewmdm32.dll
C:\WINDOWS\System32\cdmodem32.dll
C:\WINDOWS\System32\ccfgnt32.dll
C:\WINDOWS\System32\cc325032.dll
C:\WINDOWS\System32\catsrvps32.dll
C:\WINDOWS\System32\cards32.dll
C:\WINDOWS\System32\btpanui32.dll
C:\WINDOWS\System32\bthci32.dll
C:\WINDOWS\System32\dmcompos32.dll
C:\WINDOWS\System32\dispex32.dll
C:\WINDOWS\System32\dimsroam32.dll
C:\WINDOWS\System32\diactfrm32.dll
C:\WINDOWS\System32\dhcpqec32.dll
C:\WINDOWS\System32\dgnet32.dll
C:\WINDOWS\System32\dfshim32.dll
C:\WINDOWS\System32\devenum32.dll
C:\WINDOWS\System32\deploytk32.dll
C:\WINDOWS\System32\dot3cfg32.dll
:Reg
:Services
:Commands
[purity]
[emptytemp]
[start explorer]
[reboot]
  • Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt3
Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.


Step 3.
OTListIt2:

  • Close all windows and open OTListIt2.
  • Under File Age: change the dropdownbox to 30 days
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up called OTListIt.txt, the other will be saved on your desktop and called Extras. Post both those logs here.


Step 4.
Lop S&D:

Disable resident protections (Antivirus...); you'll re-enable them after the scan

Download Lop S&D < here and save it to the desktop

Double-click Lop S&D.exe
Choose the language, then choose Option 1 (Search)
Wait till the end of the scan
Post the log which is created: (%SystemDrive%\lopR.txt)

Step 5.
Things I would like to see in your reply:

  • Which softwares that was uninstalled in step 1.
  • The content of the result window in OTMoveIt3 from step 2.
  • The content of OTListIt.txt on your desktop from step 3.
  • The content of C:\lopR.txt from step 4.

  • 0

#10
Jessieboogie
Posted 09 February 2009 - 11:24 AM

Jessieboogie

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 105 posts
nothing removed from add remove recomendation

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
LoadLibrary failed for C:\WINDOWS\System32\dfshim323232.dll
C:\WINDOWS\System32\dfshim323232.dll NOT unregistered.
C:\WINDOWS\System32\dfshim323232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\dfrgsnap3232.dll
C:\WINDOWS\System32\dfrgsnap3232.dll NOT unregistered.
C:\WINDOWS\System32\dfrgsnap3232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\ddeml3232.dll
C:\WINDOWS\System32\ddeml3232.dll NOT unregistered.
C:\WINDOWS\System32\ddeml3232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\dbnmpntw3232.dll
C:\WINDOWS\System32\dbnmpntw3232.dll NOT unregistered.
C:\WINDOWS\System32\dbnmpntw3232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\dbnetlib32.dll
C:\WINDOWS\System32\dbnetlib32.dll NOT unregistered.
C:\WINDOWS\System32\dbnetlib32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\davclnt3232.dll
C:\WINDOWS\System32\davclnt3232.dll NOT unregistered.
C:\WINDOWS\System32\davclnt3232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\d3dxof3232.dll
C:\WINDOWS\System32\d3dxof3232.dll NOT unregistered.
C:\WINDOWS\System32\d3dxof3232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\D3DX9_3832.dll
C:\WINDOWS\System32\D3DX9_3832.dll NOT unregistered.
C:\WINDOWS\System32\D3DX9_3832.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\d3dx9_363232.dll
C:\WINDOWS\System32\d3dx9_363232.dll NOT unregistered.
C:\WINDOWS\System32\d3dx9_363232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\d3dx9_323232.dll
C:\WINDOWS\System32\d3dx9_323232.dll NOT unregistered.
C:\WINDOWS\System32\d3dx9_323232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\d3dx9_2932.dll
C:\WINDOWS\System32\d3dx9_2932.dll NOT unregistered.
C:\WINDOWS\System32\d3dx9_2932.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\cscdll3232.dll
C:\WINDOWS\System32\cscdll3232.dll NOT unregistered.
C:\WINDOWS\System32\cscdll3232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\cryptsvc3232.dll
C:\WINDOWS\System32\cryptsvc3232.dll NOT unregistered.
C:\WINDOWS\System32\cryptsvc3232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\cryptnet32.dll
C:\WINDOWS\System32\cryptnet32.dll NOT unregistered.
C:\WINDOWS\System32\cryptnet32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\crypt323232.dll
C:\WINDOWS\System32\crypt323232.dll NOT unregistered.
C:\WINDOWS\System32\crypt323232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\credui3232.dll
C:\WINDOWS\System32\credui3232.dll NOT unregistered.
C:\WINDOWS\System32\credui3232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\credssp32.dll
C:\WINDOWS\System32\credssp32.dll NOT unregistered.
C:\WINDOWS\System32\credssp32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\comuid3232.dll
C:\WINDOWS\System32\comuid3232.dll NOT unregistered.
C:\WINDOWS\System32\comuid3232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\comrepl3232.dll
C:\WINDOWS\System32\comrepl3232.dll NOT unregistered.
C:\WINDOWS\System32\comrepl3232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\compatui3232.dll
C:\WINDOWS\System32\compatui3232.dll NOT unregistered.
C:\WINDOWS\System32\compatui3232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\cmpbk323232.dll
C:\WINDOWS\System32\cmpbk323232.dll NOT unregistered.
C:\WINDOWS\System32\cmpbk323232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\CmdLineExt32.dll
C:\WINDOWS\System32\CmdLineExt32.dll NOT unregistered.
C:\WINDOWS\System32\CmdLineExt32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\cmcfg3232.dll
C:\WINDOWS\System32\cmcfg3232.dll NOT unregistered.
C:\WINDOWS\System32\cmcfg3232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\catsrvps3232.dll
C:\WINDOWS\System32\catsrvps3232.dll NOT unregistered.
C:\WINDOWS\System32\catsrvps3232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\cards3232.dll
C:\WINDOWS\System32\cards3232.dll NOT unregistered.
C:\WINDOWS\System32\cards3232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\capesnpn32.dll
C:\WINDOWS\System32\capesnpn32.dll NOT unregistered.
C:\WINDOWS\System32\capesnpn32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\btpanui3232.dll
C:\WINDOWS\System32\btpanui3232.dll NOT unregistered.
C:\WINDOWS\System32\btpanui3232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\browseui32.dll
C:\WINDOWS\System32\browseui32.dll NOT unregistered.
C:\WINDOWS\System32\browseui32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\bootvid32.dll
C:\WINDOWS\System32\bootvid32.dll NOT unregistered.
C:\WINDOWS\System32\bootvid32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\bitsprx332.dll
C:\WINDOWS\System32\bitsprx332.dll NOT unregistered.
C:\WINDOWS\System32\bitsprx332.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\bidispl32.dll
C:\WINDOWS\System32\bidispl32.dll NOT unregistered.
C:\WINDOWS\System32\bidispl32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\bfc4232.dll
C:\WINDOWS\System32\bfc4232.dll NOT unregistered.
C:\WINDOWS\System32\bfc4232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\batt32.dll
C:\WINDOWS\System32\batt32.dll NOT unregistered.
C:\WINDOWS\System32\batt32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\azroles32.dll
C:\WINDOWS\System32\azroles32.dll NOT unregistered.
C:\WINDOWS\System32\azroles32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\avtapi32.dll
C:\WINDOWS\System32\avtapi32.dll NOT unregistered.
C:\WINDOWS\System32\avtapi32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\avifile32.dll
C:\WINDOWS\System32\avifile32.dll NOT unregistered.
C:\WINDOWS\System32\avifile32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\audiosrv32.dll
C:\WINDOWS\System32\audiosrv32.dll NOT unregistered.
C:\WINDOWS\System32\audiosrv32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\Audio3D32.dll
C:\WINDOWS\System32\Audio3D32.dll NOT unregistered.
C:\WINDOWS\System32\Audio3D32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\atmpvcno32.dll
C:\WINDOWS\System32\atmpvcno32.dll NOT unregistered.
C:\WINDOWS\System32\atmpvcno32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\atl7132.dll
C:\WINDOWS\System32\atl7132.dll NOT unregistered.
C:\WINDOWS\System32\atl7132.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\atl32.dll
C:\WINDOWS\System32\atl32.dll NOT unregistered.
C:\WINDOWS\System32\atl32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\ativvaxx32.dll
C:\WINDOWS\System32\ativvaxx32.dll NOT unregistered.
C:\WINDOWS\System32\ativvaxx32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\ativcoxx32.dll
C:\WINDOWS\System32\ativcoxx32.dll NOT unregistered.
C:\WINDOWS\System32\ativcoxx32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\atiok3x232.dll
C:\WINDOWS\System32\atiok3x232.dll NOT unregistered.
C:\WINDOWS\System32\atiok3x232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\atioglx232.dll
C:\WINDOWS\System32\atioglx232.dll NOT unregistered.
C:\WINDOWS\System32\atioglx232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\eapphost32.dll
C:\WINDOWS\System32\eapphost32.dll NOT unregistered.
C:\WINDOWS\System32\eapphost32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\eappcfg32.dll
C:\WINDOWS\System32\eappcfg32.dll NOT unregistered.
C:\WINDOWS\System32\eappcfg32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\eapolqec32.dll
C:\WINDOWS\System32\eapolqec32.dll NOT unregistered.
C:\WINDOWS\System32\eapolqec32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\dxtmsft32.dll
C:\WINDOWS\System32\dxtmsft32.dll NOT unregistered.
C:\WINDOWS\System32\dxtmsft32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\dx8vb32.dll
C:\WINDOWS\System32\dx8vb32.dll NOT unregistered.
C:\WINDOWS\System32\dx8vb32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\duser32.dll
C:\WINDOWS\System32\duser32.dll NOT unregistered.
C:\WINDOWS\System32\duser32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\dswave32.dll
C:\WINDOWS\System32\dswave32.dll NOT unregistered.
C:\WINDOWS\System32\dswave32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\dskquoui32.dll
C:\WINDOWS\System32\dskquoui32.dll NOT unregistered.
C:\WINDOWS\System32\dskquoui32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\dsetup32.dll
C:\WINDOWS\System32\dsetup32.dll NOT unregistered.
C:\WINDOWS\System32\dsetup32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\dsauth32.dll
C:\WINDOWS\System32\dsauth32.dll NOT unregistered.
C:\WINDOWS\System32\dsauth32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\drmv2clt32.dll
C:\WINDOWS\System32\drmv2clt32.dll NOT unregistered.
C:\WINDOWS\System32\drmv2clt32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\dpnwsock32.dll
C:\WINDOWS\System32\dpnwsock32.dll NOT unregistered.
C:\WINDOWS\System32\dpnwsock32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\dpnhupnp32.dll
C:\WINDOWS\System32\dpnhupnp32.dll NOT unregistered.
C:\WINDOWS\System32\dpnhupnp32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\dpnet32.dll
C:\WINDOWS\System32\dpnet32.dll NOT unregistered.
C:\WINDOWS\System32\dpnet32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\dot3svc32.dll
C:\WINDOWS\System32\dot3svc32.dll NOT unregistered.
C:\WINDOWS\System32\dot3svc32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\dot3cfg3232.dll
C:\WINDOWS\System32\dot3cfg3232.dll NOT unregistered.
C:\WINDOWS\System32\dot3cfg3232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\dhcpqec3232.dll
C:\WINDOWS\System32\dhcpqec3232.dll NOT unregistered.
C:\WINDOWS\System32\dhcpqec3232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\dfshim3232.dll
C:\WINDOWS\System32\dfshim3232.dll NOT unregistered.
C:\WINDOWS\System32\dfshim3232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\deskmon3232.dll
C:\WINDOWS\System32\deskmon3232.dll NOT unregistered.
C:\WINDOWS\System32\deskmon3232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\ddeml32.dll
C:\WINDOWS\System32\ddeml32.dll NOT unregistered.
C:\WINDOWS\System32\ddeml32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\dbnmpntw32.dll
C:\WINDOWS\System32\dbnmpntw32.dll NOT unregistered.
C:\WINDOWS\System32\dbnmpntw32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\davclnt32.dll
C:\WINDOWS\System32\davclnt32.dll NOT unregistered.
C:\WINDOWS\System32\davclnt32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\d3dxof32.dll
C:\WINDOWS\System32\d3dxof32.dll NOT unregistered.
C:\WINDOWS\System32\d3dxof32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\d3dx9_3632.dll
C:\WINDOWS\System32\d3dx9_3632.dll NOT unregistered.
C:\WINDOWS\System32\d3dx9_3632.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\d3dx9_3432.dll
C:\WINDOWS\System32\d3dx9_3432.dll NOT unregistered.
C:\WINDOWS\System32\d3dx9_3432.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\d3dx9_3232.dll
C:\WINDOWS\System32\d3dx9_3232.dll NOT unregistered.
C:\WINDOWS\System32\d3dx9_3232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\d3dx9_3032.dll
C:\WINDOWS\System32\d3dx9_3032.dll NOT unregistered.
C:\WINDOWS\System32\d3dx9_3032.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\d3dx9_2732.dll
C:\WINDOWS\System32\d3dx9_2732.dll NOT unregistered.
C:\WINDOWS\System32\d3dx9_2732.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\d3dx9_2532.dll
C:\WINDOWS\System32\d3dx9_2532.dll NOT unregistered.
C:\WINDOWS\System32\d3dx9_2532.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\d3dx10_3532.dll
C:\WINDOWS\System32\d3dx10_3532.dll NOT unregistered.
C:\WINDOWS\System32\d3dx10_3532.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\d3dx10_3332.dll
C:\WINDOWS\System32\d3dx10_3332.dll NOT unregistered.
C:\WINDOWS\System32\d3dx10_3332.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\d3dim70032.dll
C:\WINDOWS\System32\d3dim70032.dll NOT unregistered.
C:\WINDOWS\System32\d3dim70032.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\D3DCompiler_3732.dll
C:\WINDOWS\System32\D3DCompiler_3732.dll NOT unregistered.
C:\WINDOWS\System32\D3DCompiler_3732.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\D3DCompiler_3532.dll
C:\WINDOWS\System32\D3DCompiler_3532.dll NOT unregistered.
C:\WINDOWS\System32\D3DCompiler_3532.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\D3DCompiler_3332.dll
C:\WINDOWS\System32\D3DCompiler_3332.dll NOT unregistered.
C:\WINDOWS\System32\D3DCompiler_3332.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\ctl3d3232.dll
C:\WINDOWS\System32\ctl3d3232.dll NOT unregistered.
C:\WINDOWS\System32\ctl3d3232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\csrsrv32.dll
C:\WINDOWS\System32\csrsrv32.dll NOT unregistered.
C:\WINDOWS\System32\csrsrv32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\cscdll32.dll
C:\WINDOWS\System32\cscdll32.dll NOT unregistered.
C:\WINDOWS\System32\cscdll32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\cryptsvc32.dll
C:\WINDOWS\System32\cryptsvc32.dll NOT unregistered.
C:\WINDOWS\System32\cryptsvc32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\cryptdll32.dll
C:\WINDOWS\System32\cryptdll32.dll NOT unregistered.
C:\WINDOWS\System32\cryptdll32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\credui32.dll
C:\WINDOWS\System32\credui32.dll NOT unregistered.
C:\WINDOWS\System32\credui32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\comrepl32.dll
C:\WINDOWS\System32\comrepl32.dll NOT unregistered.
C:\WINDOWS\System32\comrepl32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\comdlg3232.dll
C:\WINDOWS\System32\comdlg3232.dll NOT unregistered.
C:\WINDOWS\System32\comdlg3232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\comcat32.dll
C:\WINDOWS\System32\comcat32.dll NOT unregistered.
C:\WINDOWS\System32\comcat32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\colbact32.dll
C:\WINDOWS\System32\colbact32.dll NOT unregistered.
C:\WINDOWS\System32\colbact32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\cmsetacl32.dll
C:\WINDOWS\System32\cmsetacl32.dll NOT unregistered.
C:\WINDOWS\System32\cmsetacl32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\cmpbk3232.dll
C:\WINDOWS\System32\cmpbk3232.dll NOT unregistered.
C:\WINDOWS\System32\cmpbk3232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\cmdial3232.dll
C:\WINDOWS\System32\cmdial3232.dll NOT unregistered.
C:\WINDOWS\System32\cmdial3232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\ciodm32.dll
C:\WINDOWS\System32\ciodm32.dll NOT unregistered.
C:\WINDOWS\System32\ciodm32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\cfgmgr3232.dll
C:\WINDOWS\System32\cfgmgr3232.dll NOT unregistered.
C:\WINDOWS\System32\cfgmgr3232.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\cewmdm32.dll
C:\WINDOWS\System32\cewmdm32.dll NOT unregistered.
C:\WINDOWS\System32\cewmdm32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\cdmodem32.dll
C:\WINDOWS\System32\cdmodem32.dll NOT unregistered.
C:\WINDOWS\System32\cdmodem32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\ccfgnt32.dll
C:\WINDOWS\System32\ccfgnt32.dll NOT unregistered.
C:\WINDOWS\System32\ccfgnt32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\cc325032.dll
C:\WINDOWS\System32\cc325032.dll NOT unregistered.
C:\WINDOWS\System32\cc325032.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\catsrvps32.dll
C:\WINDOWS\System32\catsrvps32.dll NOT unregistered.
C:\WINDOWS\System32\catsrvps32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\cards32.dll
C:\WINDOWS\System32\cards32.dll NOT unregistered.
C:\WINDOWS\System32\cards32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\btpanui32.dll
C:\WINDOWS\System32\btpanui32.dll NOT unregistered.
C:\WINDOWS\System32\btpanui32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\bthci32.dll
C:\WINDOWS\System32\bthci32.dll NOT unregistered.
C:\WINDOWS\System32\bthci32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\dmcompos32.dll
C:\WINDOWS\System32\dmcompos32.dll NOT unregistered.
C:\WINDOWS\System32\dmcompos32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\dispex32.dll
C:\WINDOWS\System32\dispex32.dll NOT unregistered.
C:\WINDOWS\System32\dispex32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\dimsroam32.dll
C:\WINDOWS\System32\dimsroam32.dll NOT unregistered.
C:\WINDOWS\System32\dimsroam32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\diactfrm32.dll
C:\WINDOWS\System32\diactfrm32.dll NOT unregistered.
C:\WINDOWS\System32\diactfrm32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\dhcpqec32.dll
C:\WINDOWS\System32\dhcpqec32.dll NOT unregistered.
C:\WINDOWS\System32\dhcpqec32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\dgnet32.dll
C:\WINDOWS\System32\dgnet32.dll NOT unregistered.
C:\WINDOWS\System32\dgnet32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\dfshim32.dll
C:\WINDOWS\System32\dfshim32.dll NOT unregistered.
C:\WINDOWS\System32\dfshim32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\devenum32.dll
C:\WINDOWS\System32\devenum32.dll NOT unregistered.
C:\WINDOWS\System32\devenum32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\deploytk32.dll
C:\WINDOWS\System32\deploytk32.dll NOT unregistered.
C:\WINDOWS\System32\deploytk32.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\dot3cfg32.dll
C:\WINDOWS\System32\dot3cfg32.dll NOT unregistered.
C:\WINDOWS\System32\dot3cfg32.dll moved successfully.
========== REGISTRY ==========
========== SERVICES/DRIVERS ==========
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\hpodvd09.log scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\Perflib_Perfdata_4a4.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\~DF11E4.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\~DF11F5.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\~DF193F.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\mcafee_cp1c1zpcdNGRSi6 scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mcmsc_03S5wlx5HrTO9ir scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mcmsc_cli3c3gjsDdDfoc scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mcmsc_HN5LIbGNOngFLgd scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mcmsc_Lrzl5y39IlHkyKx scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mcmsc_qb6NnXvCkmZSeiJ scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mcmsc_WfmcJseZgXIXYg2 scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_4e0.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\WFV155A.tmp scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02092009_113941

Files moved on Reboot...
C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\hpodvd09.log moved successfully.
File C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\Perflib_Perfdata_4a4.dat not found!
File C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\~DF11E4.tmp not found!
File C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\~DF11F5.tmp not found!
File C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\~DF193F.tmp not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be moved on reboot.
C:\WINDOWS\temp\mcafee_cp1c1zpcdNGRSi6 moved successfully.
File C:\WINDOWS\temp\mcmsc_03S5wlx5HrTO9ir not found!
File C:\WINDOWS\temp\mcmsc_cli3c3gjsDdDfoc not found!
File C:\WINDOWS\temp\mcmsc_HN5LIbGNOngFLgd not found!
File C:\WINDOWS\temp\mcmsc_Lrzl5y39IlHkyKx not found!
File C:\WINDOWS\temp\mcmsc_qb6NnXvCkmZSeiJ not found!
C:\WINDOWS\temp\mcmsc_WfmcJseZgXIXYg2 moved successfully.
File C:\WINDOWS\temp\Perflib_Perfdata_4e0.dat not found!
File C:\WINDOWS\temp\WFV155A.tmp not found!


OTListIt logfile created on: 2/9/2009 12:21:37 PM - Run 4
OTListIt2 by OldTimer - Version 1.0.4.1 Folder = C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\GVJG9RJZ
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

447.48 Mb Total Physical Memory | 123.35 Mb Available Physical Memory | 27.56% Memory free
1.03 Gb Paging File | 0.56 Gb Available in Paging File | 54.67% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 109.67 Gb Free Space | 73.59% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-22CA86D5C4
Current User Name: Compaq_Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

[2008/07/03 22:12:02 | 00,561,152 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
[2008/07/03 22:12:02 | 00,561,152 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
[2007/05/15 14:55:46 | 01,550,896 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
[2008/12/05 12:06:46 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
[2007/04/19 12:35:46 | 00,075,304 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
[2008/01/09 15:50:22 | 00,767,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
[2008/01/25 00:38:12 | 02,458,128 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
[2007/08/15 11:36:04 | 00,359,248 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
[2007/07/24 11:02:14 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
[2003/06/20 08:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
[2007/07/18 14:54:42 | 00,856,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
[2007/11/01 18:12:38 | 00,582,992 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
[2008/04/13 19:12:29 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe
[1998/05/07 18:04:38 | 00,052,736 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\system\hpsysdrv.exe
[2005/03/08 04:33:28 | 00,053,248 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe
[2004/06/29 19:06:38 | 00,088,363 | ---- | M] (Agere Systems) -- C:\WINDOWS\AGRSMMSG.exe
[2003/09/12 22:13:20 | 00,098,304 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\system32\ps2.EXE
[2004/09/07 13:47:52 | 00,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCXMNTR.EXE
[2007/05/08 16:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
[2007/05/15 14:55:46 | 01,628,208 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
[2007/05/15 14:55:26 | 01,057,328 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCD.exe
[2008/12/05 12:06:46 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
[2007/07/17 10:13:56 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
[2008/02/05 19:57:33 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[2007/08/30 17:43:18 | 04,670,704 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
[2007/04/19 12:26:52 | 00,484,904 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
[2005/05/11 23:23:26 | 00,282,624 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[2005/05/12 00:40:38 | 00,204,800 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
[2007/12/05 09:04:10 | 00,695,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
[2007/07/17 10:13:34 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
[2009/02/09 12:03:23 | 01,830,128 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
[2008/10/15 02:06:26 | 00,633,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
[2009/02/09 12:07:05 | 00,419,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\GVJG9RJZ\OTListIt2[1].exe
[2007/11/01 18:12:38 | 00,265,040 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\MSC\mcuimgr.exe
[2008/04/13 19:12:14 | 00,389,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmd.exe
[2008/04/13 19:12:29 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\notepad.exe

========== (O23) Win32 Services (SafeList) ==========

[2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2008/07/03 22:12:02 | 00,561,152 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
[2008/07/03 20:05:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
[2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
[2008/10/15 07:11:57 | 00,168,432 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Stopped])
[2008/04/13 19:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc [Auto | Running])
[2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
[2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
[2007/05/15 14:55:46 | 01,550,896 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv [Auto | Running])
[2004/04/21 20:28:04 | 00,401,408 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPodService [On_Demand | Stopped])
[2008/12/05 12:06:46 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
[2007/04/19 12:35:46 | 00,075,304 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
[2008/01/09 15:50:22 | 00,767,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc [Auto | Running])
[2008/01/25 00:38:12 | 02,458,128 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc [Auto | Running])
[2007/11/07 08:35:40 | 00,378,184 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS [On_Demand | Stopped])
[2007/08/15 11:36:04 | 00,359,248 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy [Auto | Running])
[2007/07/24 11:02:14 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield [Unknown | Running])
[2007/12/05 09:04:10 | 00,695,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon [On_Demand | Running])
[2003/06/20 08:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])
[2007/07/18 14:54:42 | 00,856,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe -- (MpfService [Auto | Running])
[2007/04/13 20:09:56 | 00,792,112 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped])
[2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
[2007/05/08 18:47:22 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Stopped])
[2007/08/09 02:27:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12 [Auto | Stopped])
[2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
[2006/09/28 18:56:14 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WudfSvc.dll -- (WudfSvc [Auto | Running])

========== Driver Services (SafeList) ==========

[2004/06/29 19:07:18 | 01,268,204 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem [On_Demand | Stopped])
[2003/12/11 17:54:14 | 00,391,424 | ---- | M] (Sensaura Ltd) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS [On_Demand | Stopped])
[2004/10/01 10:24:02 | 02,279,424 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
[2008/04/13 13:31:33 | 00,037,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\amdk7.sys -- (AmdK7 [System | Running])
[2008/07/04 05:33:34 | 03,230,720 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag [On_Demand | Stopped])
[2001/08/17 11:49:00 | 00,075,136 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atimpae.sys -- (atirage3 [On_Demand | Stopped])
[2004/12/16 13:36:30 | 00,042,496 | ---- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\system32\drivers\fetnd5bv.sys -- (FET5X86V [On_Demand | Stopped])
[2004/12/16 13:36:30 | 00,042,496 | ---- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\system32\drivers\fetnd5bv.sys -- (FETND5BV [On_Demand | Running])
[2001/08/17 21:13:08 | 00,027,165 | ---- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\system32\drivers\fetnd5.sys -- (FETNDIS [On_Demand | Stopped])
[2003/11/12 10:41:08 | 00,041,984 | R--- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\system32\drivers\fetnd5b.sys -- (FETNDISB [On_Demand | Stopped])
[2004/04/06 02:42:36 | 00,013,872 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
[2005/03/07 23:43:25 | 00,051,120 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
[2005/03/07 23:43:26 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
[2005/03/07 23:43:27 | 00,021,744 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
[2007/05/15 14:55:36 | 00,118,576 | ---- | M] (Nero AG) -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs [Disabled | Running])
[2007/05/15 14:55:36 | 00,037,040 | ---- | M] (Nero AG) -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass [System | Running])
[2007/05/15 14:55:36 | 00,038,576 | ---- | M] (Nero AG) -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm [System | Running])
[2008/05/10 18:55:35 | 00,008,413 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\system32\drivers\mcstrm.sys -- (MCSTRM [Auto | Running])
[2007/11/22 05:44:08 | 00,079,304 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk [On_Demand | Running])
[2007/11/22 05:44:08 | 00,035,240 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk [On_Demand | Running])
[2007/11/22 05:44:08 | 00,201,320 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk [System | Running])
[2007/11/22 05:44:04 | 00,033,832 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk [On_Demand | Stopped])
[2007/12/02 11:51:42 | 00,040,488 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk [On_Demand | Running])
[2007/07/13 05:20:24 | 00,113,952 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\Mpfp.sys -- (MPFP [System | Running])
[2002/07/30 00:43:50 | 00,023,808 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2 [On_Demand | Running])
[2004/08/04 07:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2004/04/22 11:02:00 | 00,020,368 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2004/08/04 00:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139 [On_Demand | Running])
[2006/02/16 16:51:08 | 00,004,096 | R--- | M] (SuperAdBlocker, Inc.) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Running])
[2008/05/27 10:38:54 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL [System | Running])
[2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2008/04/13 13:36:40 | 00,044,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\uagp35.sys -- (uagp35 [Boot | Running])
[2008/04/13 13:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])
[2001/05/07 05:56:02 | 00,019,805 | R--- | M] (Thesycon GmbH, Germany) -- C:\WINDOWS\system32\drivers\usbio.sys -- (USBIO [On_Demand | Stopped])
[2003/07/03 03:42:00 | 00,027,904 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1 [Boot | Running])
[2005/03/08 11:50:16 | 00,172,544 | ---- | M] (Copyright © VIA/S3 Graphics Co, Ltd.) -- C:\WINDOWS\system32\drivers\vtmini.sys -- (viagfx [On_Demand | Running])
[2008/05/27 10:38:54 | 00,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...&pf=desktop
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...a...&pf=desktop
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions =
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://cm.my.yahoo.com/
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKCU\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AGRSMMSG] AGRSMMSG.exe (Agere Systems)
O4 - HKLM..\Run: [AlcxMonitor] ALCXMNTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey (McAfee, Inc.)
O4 - HKLM..\Run: [PS2] C:\WINDOWS\system32\ps2.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE ()
O4 - HKLM..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe (Nero AG)
O4 - HKLM..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [VTTimer] VTTimer.exe (S3 Graphics, Inc.)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (Hewlett-Packard Company)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 File not found
O4 - HKCU..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Sites: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://www.kaspersky...can_unicode.cab (CKAVWebScan Object)
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} http://disney.go.com...OnlineGames.cab (Disney Online Games ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1201993462062 (WUWebControl Class)
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} http://h20270.www2.h...ctDetection.cab (HpProductDetection Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://games.myspace...ronGameHost.cab (Oberon Flash Game Host)
O18 - Protocol\Handler: - ipp - No CLSID value found
O18 - Protocol\Handler: - ipp\0x00000001 - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp - No CLSID value found
O18 - Protocol\Handler: - msdaipp\0x00000001 - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp\oledb - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - See sections below for AppInitDlls and Winlogon settings

========== Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
!SASWinLogon: "DllName" = C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL -- C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
AtiExtEvent: "DllName" = Ati2evxx.dll -- C:\WINDOWS\system32\ati2evxx.dll (ATI Technologies Inc.)

========== Shell Execute Hooks ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" (HKLM) -- C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

========== Safeboot Options ==========

"AlternateS
  • 0

Advertisements

#11
heir
Posted 09 February 2009 - 03:04 PM

heir

    Trusted Helper

  • Malware Removal
  • 5,427 posts
The content from OTListIt.txt got cut off. Not your fault.

Please post the content from OTListIt.txt again and also the content of C:\lopR.txt.
  • 0

#12
Jessieboogie
Posted 09 February 2009 - 07:02 PM

Jessieboogie

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 105 posts
Attached File  OTListIt.Txt   63.39KB   111 downloads
Attached File  lopR.txt   18.94KB   168 downloads

Edit: Pasted OTLI-log

OTListIt logfile created on: 2/9/2009 7:51:42 PM - Run 5
OTListIt2 by OldTimer - Version 2.0.0.10 Folder = C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\WEG7NNY9
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

447.48 Mb Total Physical Memory | 184.50 Mb Available Physical Memory | 41.23% Memory free
1.03 Gb Paging File | 0.47 Gb Available in Paging File | 45.22% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 109.59 Gb Free Space | 73.53% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-22CA86D5C4
Current User Name: Compaq_Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2008/07/03 22:12:02 | 00,561,152 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2008/07/03 22:12:02 | 00,561,152 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/15 14:55:46 | 01,550,896 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
PRC - [2008/12/05 12:06:46 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2007/04/19 12:35:46 | 00,075,304 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2008/01/09 15:50:22 | 00,767,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2008/01/25 00:38:12 | 02,458,128 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2007/08/15 11:36:04 | 00,359,248 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2007/07/24 11:02:14 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2003/06/20 08:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2007/07/18 14:54:42 | 00,856,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2007/11/01 18:12:38 | 00,582,992 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [1998/05/07 18:04:38 | 00,052,736 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\system\hpsysdrv.exe
PRC - [2005/03/08 04:33:28 | 00,053,248 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe
PRC - [2004/06/29 19:06:38 | 00,088,363 | ---- | M] (Agere Systems) -- C:\WINDOWS\AGRSMMSG.exe
PRC - [2003/09/12 22:13:20 | 00,098,304 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\system32\ps2.EXE
PRC - [2004/09/07 13:47:52 | 00,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCXMNTR.EXE
PRC - [2007/05/08 16:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2007/05/15 14:55:46 | 01,628,208 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
PRC - [2007/05/15 14:55:26 | 01,057,328 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCD.exe
PRC - [2008/12/05 12:06:46 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2007/07/17 10:13:56 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2008/02/05 19:57:33 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2007/08/30 17:43:18 | 04,670,704 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2007/04/19 12:26:52 | 00,484,904 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
PRC - [2005/05/11 23:23:26 | 00,282,624 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2005/05/12 00:40:38 | 00,204,800 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
PRC - [2007/12/05 09:04:10 | 00,695,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2007/07/17 10:13:34 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PRC - [2009/02/09 12:03:23 | 01,830,128 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2007/05/11 03:06:38 | 00,341,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
PRC - [2008/10/15 02:06:26 | 00,633,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/02/09 19:51:38 | 00,488,960 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\WEG7NNY9\OTListIt2[1].exe

========== Win32 Services (SafeList) ==========

SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/07/03 22:12:02 | 00,561,152 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2008/07/03 20:05:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/10/15 07:11:57 | 00,168,432 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Stopped])
SRV - [2008/04/13 19:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2007/05/15 14:55:46 | 01,550,896 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv [Auto | Running])
SRV - [2004/04/21 20:28:04 | 00,401,408 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPodService [On_Demand | Stopped])
SRV - [2008/12/05 12:06:46 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2007/04/19 12:35:46 | 00,075,304 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2008/01/09 15:50:22 | 00,767,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc [Auto | Running])
SRV - [2008/01/25 00:38:12 | 02,458,128 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc [Auto | Running])
SRV - [2007/11/07 08:35:40 | 00,378,184 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS [On_Demand | Stopped])
SRV - [2007/08/15 11:36:04 | 00,359,248 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy [Auto | Running])
SRV - [2007/07/24 11:02:14 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield [Unknown | Running])
SRV - [2007/12/05 09:04:10 | 00,695,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon [On_Demand | Running])
SRV - [2003/06/20 08:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])
SRV - [2007/07/18 14:54:42 | 00,856,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe -- (MpfService [Auto | Running])
SRV - [2007/04/13 20:09:56 | 00,792,112 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped])
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2007/05/08 18:47:22 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Stopped])
SRV - [2007/08/09 02:27:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12 [Auto | Stopped])
SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2006/09/28 18:56:14 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WudfSvc.dll -- (WudfSvc [Auto | Running])

========== Driver Services (SafeList) ==========

DRV - [2004/06/29 19:07:18 | 01,268,204 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem [On_Demand | Stopped])
DRV - [2003/12/11 17:54:14 | 00,391,424 | ---- | M] (Sensaura Ltd) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS [On_Demand | Stopped])
DRV - [2004/10/01 10:24:02 | 02,279,424 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
DRV - [2008/04/13 13:31:33 | 00,037,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\amdk7.sys -- (AmdK7 [System | Running])
DRV - [2008/07/04 05:33:34 | 03,230,720 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag [On_Demand | Stopped])
DRV - [2001/08/17 11:49:00 | 00,075,136 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atimpae.sys -- (atirage3 [On_Demand | Stopped])
DRV - [2004/12/16 13:36:30 | 00,042,496 | ---- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\system32\drivers\fetnd5bv.sys -- (FET5X86V [On_Demand | Stopped])
DRV - [2004/12/16 13:36:30 | 00,042,496 | ---- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\system32\drivers\fetnd5bv.sys -- (FETND5BV [On_Demand | Running])
DRV - [2001/08/17 21:13:08 | 00,027,165 | ---- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\system32\drivers\fetnd5.sys -- (FETNDIS [On_Demand | Stopped])
DRV - [2003/11/12 10:41:08 | 00,041,984 | R--- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\system32\drivers\fetnd5b.sys -- (FETNDISB [On_Demand | Stopped])
DRV - [2004/04/06 02:42:36 | 00,013,872 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2005/03/07 23:43:25 | 00,051,120 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
DRV - [2005/03/07 23:43:26 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
DRV - [2005/03/07 23:43:27 | 00,021,744 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
DRV - [2007/05/15 14:55:36 | 00,118,576 | ---- | M] (Nero AG) -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs [Disabled | Running])
DRV - [2007/05/15 14:55:36 | 00,037,040 | ---- | M] (Nero AG) -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass [System | Running])
DRV - [2007/05/15 14:55:36 | 00,038,576 | ---- | M] (Nero AG) -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm [System | Running])
DRV - [2008/05/10 18:55:35 | 00,008,413 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\system32\drivers\mcstrm.sys -- (MCSTRM [Auto | Running])
DRV - [2007/11/22 05:44:08 | 00,079,304 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk [On_Demand | Running])
DRV - [2007/11/22 05:44:08 | 00,035,240 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk [On_Demand | Running])
DRV - [2007/11/22 05:44:08 | 00,201,320 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk [System | Running])
DRV - [2007/11/22 05:44:04 | 00,033,832 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk [On_Demand | Stopped])
DRV - [2007/12/02 11:51:42 | 00,040,488 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk [On_Demand | Running])
DRV - [2007/07/13 05:20:24 | 00,113,952 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\Mpfp.sys -- (MPFP [System | Running])
DRV - [2002/07/30 00:43:50 | 00,023,808 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2 [On_Demand | Running])
DRV - [2004/08/04 07:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2004/04/22 11:02:00 | 00,020,368 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2004/08/04 00:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139 [On_Demand | Running])
DRV - [2006/02/16 16:51:08 | 00,004,096 | R--- | M] (SuperAdBlocker, Inc.) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Running])
DRV - [2008/05/27 10:38:54 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL [System | Running])
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008/04/13 13:36:40 | 00,044,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\uagp35.sys -- (uagp35 [Boot | Running])
DRV - [2008/04/13 13:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])
DRV - [2001/05/07 05:56:02 | 00,019,805 | R--- | M] (Thesycon GmbH, Germany) -- C:\WINDOWS\system32\drivers\usbio.sys -- (USBIO [On_Demand | Stopped])
DRV - [2003/07/03 03:42:00 | 00,027,904 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1 [Boot | Running])
DRV - [2005/03/08 11:50:16 | 00,172,544 | ---- | M] (Copyright © VIA/S3 Graphics Co, Ltd.) -- C:\WINDOWS\system32\drivers\vtmini.sys -- (viagfx [On_Demand | Running])
DRV - [2008/05/27 10:38:54 | 00,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...a...&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://cm.my.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AGRSMMSG] AGRSMMSG.exe (Agere Systems)
O4 - HKLM..\Run: [AlcxMonitor] ALCXMNTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey (McAfee, Inc.)
O4 - HKLM..\Run: [PS2] C:\WINDOWS\system32\ps2.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE ()
O4 - HKLM..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe (Nero AG)
O4 - HKLM..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [VTTimer] VTTimer.exe (S3 Graphics, Inc.)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (Hewlett-Packard Company)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 File not found
O4 - HKCU..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://www.kaspersky...can_unicode.cab (CKAVWebScan Object)
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} http://disney.go.com...OnlineGames.cab (Disney Online Games ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1201993462062 (WUWebControl Class)
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} http://h20270.www2.h...ctDetection.cab (HpProductDetection Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://games.myspace...ronGameHost.cab (Oberon Flash Game Host)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\system32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/09 00:45:44 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

========== Files/Folders - Created Within 30 Days ==========

[5 C:\WINDOWS\System32\*.tmp files]
[2009/02/09 12:15:28 | 00,000,000 | ---D | C] -- C:\Lop SD
[2009/02/09 11:39:41 | 00,000,000 | ---D | C] -- C:\_OTMoveIt
[2009/01/27 21:09:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\PCHealth
[2009/01/27 20:56:55 | 00,000,000 | ---D | C] -- C:\ada4dbf90f55b919d668b52341bd
[2009/01/27 20:54:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/01/27 20:54:10 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2009/01/27 20:54:00 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/01/27 20:52:52 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2009/01/27 20:52:51 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2009/01/27 20:52:51 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsshhdr.dll
[2009/01/27 20:52:51 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2009/01/27 20:52:51 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2009/01/27 20:52:50 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2009/01/27 20:52:50 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2009/01/27 20:52:49 | 00,000,000 | ---D | C] -- C:\bb4e114d14ba5547c810ee25
[2009/01/27 20:45:14 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/01/27 20:26:04 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/01/26 11:10:29 | 00,001,369 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Limewire Downloads.lnk
[2009/01/17 19:57:12 | 00,000,000 | ---D | C] -- C:\Program Files\Westward III Gold Rush
[2009/01/17 12:37:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2009/01/17 12:34:10 | 00,000,000 | ---D | C] -- C:\GameHouse Games
[2009/01/17 12:34:01 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/01/17 12:33:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2009/01/17 12:32:51 | 00,000,000 | ---D | C] -- C:\Program Files\RealArcade
[2009/01/16 10:58:45 | 00,000,482 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\ornament club.rtf

========== Files - Modified Within 30 Days ==========

[5 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/02/09 11:56:44 | 00,028,824 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/02/09 11:54:38 | 00,000,186 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2009/02/09 11:54:07 | 00,019,668 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2009/02/09 11:52:11 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/02/09 11:52:09 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/02/01 01:00:18 | 00,000,346 | ---- | M] () -- C:\WINDOWS\tasks\McQcTask.job
[2009/01/27 21:04:37 | 00,144,424 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/01/27 20:55:40 | 00,521,474 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/01/27 20:55:40 | 00,442,466 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/01/27 20:55:40 | 00,071,732 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/01/27 20:54:53 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/01/26 11:12:08 | 00,001,369 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Limewire Downloads.lnk
[2009/01/22 00:06:01 | 00,040,448 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/16 10:58:45 | 00,000,482 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\ornament club.rtf
[2009/01/15 01:10:21 | 00,000,354 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job
[2009/01/14 16:11:32 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/01/14 16:11:28 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/01/14 10:33:35 | 00,002,794 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Yarn.rtf
[2009/01/13 11:27:35 | 03,523,036 | -H-- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\IconCache.db
< End of report >

Edited by heir, 15 February 2009 - 03:04 AM.

  • 0

#13
heir
Posted 10 February 2009 - 05:59 AM

heir

    Trusted Helper

  • Malware Removal
  • 5,427 posts
Please download DirLook by jpshortstuff from one of the following mirrors:
Link 1
Link 2
Link 3
  • Double-click DirLook.exe to run it (Vista Users should right-click and select Run As Administrator...).
  • Ensure that Show Hidden Files/Folders and BBCode Ouput are both checked.
  • Copy the content of the following codebox into the main textfield:

    C:\ada4dbf90f55b919d668b52341bd
C:\bb4e114d14ba5547c810ee25
  • Click the DirLook button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply. (Note: The log can also be found at C:\DirLook.txt)
Note: Scanning may take longer for large folders.
  • 0

#14
Jessieboogie
Posted 10 February 2009 - 06:57 AM

Jessieboogie

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 105 posts
Edit: Pasted the log

DirLook.exe v2.0 by jpshortstuff
Log created at 07:58 on 10/02/2009
==================================
Contents of "C:\ada4dbf90f55b919d668b52341bd"

---FOLDERS---

1025 (Created on 28/01/2009 at 01:56) d-----
1028 (Created on 28/01/2009 at 01:56) d-----
1029 (Created on 28/01/2009 at 01:56) d-----
1030 (Created on 28/01/2009 at 01:56) d-----
1031 (Created on 28/01/2009 at 01:56) d-----
1032 (Created on 28/01/2009 at 01:56) d-----
1033 (Created on 28/01/2009 at 01:56) d-----
1035 (Created on 28/01/2009 at 01:56) d-----
1036 (Created on 28/01/2009 at 01:56) d-----
1037 (Created on 28/01/2009 at 01:56) d-----
1038 (Created on 28/01/2009 at 01:56) d-----
1040 (Created on 28/01/2009 at 01:56) d-----
1041 (Created on 28/01/2009 at 01:56) d-----
1042 (Created on 28/01/2009 at 01:56) d-----
1043 (Created on 28/01/2009 at 01:56) d-----
1044 (Created on 28/01/2009 at 01:56) d-----
1045 (Created on 28/01/2009 at 01:56) d-----
1046 (Created on 28/01/2009 at 01:56) d-----
1049 (Created on 28/01/2009 at 01:56) d-----
1053 (Created on 28/01/2009 at 01:56) d-----
1055 (Created on 28/01/2009 at 01:56) d-----
2052 (Created on 28/01/2009 at 01:56) d-----
2070 (Created on 28/01/2009 at 01:56) d-----
3076 (Created on 28/01/2009 at 01:56) d-----
3082 (Created on 28/01/2009 at 01:56) d-----

---FILES---

DHtmlHeader.html (15616 bytes - created on 13/12/2008 at 14:51, modified on 13/12/2008 at 14:51) --a---
header.bmp (7306 bytes - created on 13/12/2008 at 14:51, modified on 13/12/2008 at 14:51) --a---
HotFixInstaller.exe (328024 bytes - created on 13/12/2008 at 14:55, modified on 13/12/2008 at 14:55) --a---
NDP20SP2-KB958481.msp (8397824 bytes - created on 13/12/2008 at 14:57, modified on 13/12/2008 at 14:57) --a---
ParameterInfo.xml (3541 bytes - created on 13/12/2008 at 14:51, modified on 13/12/2008 at 14:51) --a---
watermark.bmp (110348 bytes - created on 13/12/2008 at 14:51, modified on 13/12/2008 at 14:51) --a---

==================================
Contents of "C:\bb4e114d14ba5547c810ee25"

---FOLDERS---

amd64 (Created on 28/01/2009 at 01:53) d-----
i386 (Created on 28/01/2009 at 01:53) d-----

---FILES---

(none found)

==================================
=EOF=

Attached File  DirLook.txt   5.12KB   134 downloads

Edited by heir, 11 February 2009 - 04:58 AM.

  • 0

#15
heir
Posted 11 February 2009 - 05:04 AM

heir

    Trusted Helper

  • Malware Removal
  • 5,427 posts
Please don't attach logs if I don't specifically ask you to. I've pasted the Dirlook for you in the previous post.
If a log gets cut off just split it into more than one post making sure everything gets posted (overlap a couple of lines).

Let's do a couple of scans and we'll see what they find. Kaspersky Online Scanner can take quite a while, A good idea is to let it run overnight and post the log in the morning.

Step 1.
Clean temp locations:

Please download ATF Cleaner by Atribune.
Caution: This program is for Windows 2000, XP and Vista onlyDouble-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

Step 2.
Scan with MABM:

Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.


Step 3.
Scan with Kaspersky Online Scanner:

Please do an online scan with Kaspersky Online Scanner

Kaspersky online scanner uses JAVA tecnology to perform the scan. If you do not have the latest JAVA version, follow the instrutions below under Upgrading Java, to download and install the latest vesion.

  • Read through the requirements and privacy statement and click on Accept button.
  • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  • When the downloads have finished, click on Settings.
  • Make sure the following is checked.
    • Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
      Mail databases
  • Click on My Computer under Scan.
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  • Please post this log in your next reply.

Upgrading Java:
  • Download the latest version of Java Runtime Environment (JRE) 6 Update 11.
  • Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
  • Click the "Download" button to the right.
  • Select your Platform and check the box that says: "I agree to the Java SE Runtime Environment 6 License Agreement.".
  • Click on Continue.
  • Click on the link to download Windows Offline Installation (jre-6u11-windows-i586-p.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on the download to install the newest version.(Vista users, right cklick on the jre-6u11-windows-i586-p.exe and select "Run as an Administrator.")

Step 4.
Things I would like to see in your reply:

  • The content of the report from MBAM from Step 2.
  • The content of the report from Kaspersky Online Scanner from Step 3.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP