Step Six:
+Renamed the .exe file, then ran it.
OTListIt:
OTListIt logfile created on: 4/15/2009 7:01:49 AM - Run 2
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\Alex\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.28 Gb Available Physical Memory | 64.11% Memory free
3.84 Gb Paging File | 3.24 Gb Available in Paging File | 84.30% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.54 Gb Total Space | 3.25 Gb Free Space | 2.92% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ========== PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe (Seagate Technology LLC)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\WINDOWS\eHome\ehRecvr.exe (Microsoft Corporation)
PRC - C:\WINDOWS\eHome\ehSched.exe (Microsoft Corporation)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
PRC - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\Pen_Tablet.exe (Wacom Technology, Corp.)
PRC - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe (TOSHIBA Corp.)
PRC - C:\Program Files\VentSrv\ventrilo_svc.exe ()
PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
PRC - C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe (Wacom Technology, Corp.)
PRC - C:\WINDOWS\system32\Pen_Tablet.exe (Wacom Technology, Corp.)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
PRC - C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe (TOSHIBA Corporation)
PRC - C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
PRC - C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe (TOSHIBA)
PRC - C:\WINDOWS\eHome\ehmsas.exe (Microsoft Corporation)
PRC - C:\Program Files\Protector Suite QL\psqltray.exe (UPEK Inc.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
PRC - C:\WINDOWS\AGRSMMSG.exe (Agere Systems)
PRC - C:\Program Files\Toshiba\Tvs\TvsTray.exe (TOSHIBA Corporation)
PRC - C:\WINDOWS\system32\dla\DLACTRLW.exe (Sonic Solutions)
PRC - C:\Program Files\Synaptics\SynTP\Toshiba.exe (Synaptics, Inc.)
PRC - C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
PRC - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (Intel Corporation)
PRC - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
PRC - C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
PRC - C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe (Maxtor Corporation)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Sharp\Sharpdesk\SharpTray.exe ()
PRC - C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
PRC - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (Microsoft Corporation)
PRC - C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
PRC - C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe (Logitech Inc.)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Documents and Settings\Alex\Desktop\OTListIt2a.exe (OldTimer Tools)
PRC - C:\Program Files\Alwil Software\Avast4\setup\avast.setup ()
========== Win32 Services (SafeList) ========== SRV - (Adobe LM Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (AOL TopSpeedMonitor [Disabled | Stopped]) -- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe (America Online, Inc)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (Basics Service [Auto | Running]) -- C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe (Seagate Technology LLC)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (CFSvcs [Disabled | Stopped]) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (DVD-RAM_Service [Auto | Stopped]) -- File not found
SRV - (ehRecvr [Auto | Running]) -- C:\WINDOWS\eHome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [Auto | Running]) -- C:\WINDOWS\eHome\ehSched.exe (Microsoft Corporation)
SRV - (EvtEng [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Macrovision Europe Ltd.)
SRV - (GoogleDesktopManager-090808-172447 [On_Demand | Stopped]) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (javaquickstarterservice [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (LVCOMSer [Auto | Running]) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
SRV - (LVPrcSrv [Auto | Running]) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (McDetect.exe [Disabled | Stopped]) -- c:\program files\mcafee.com\agent\mcdetect.exe (McAfee, Inc)
SRV - (McrdSvc [Disabled | Stopped]) -- C:\WINDOWS\ehome\mcrdsvc.exe (Microsoft Corporation)
SRV - (McShield [On_Demand | Stopped]) -- c:\Program Files\McAfee.com\VSO\McShield.exe (McAfee Inc.)
SRV - (MHN [On_Demand | Stopped]) -- C:\WINDOWS\System32\mhn.dll (Microsoft Corporation)
SRV - (Microsoft Office Groove Audit Service [On_Demand | Stopped]) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft
Corporation)
SRV - (MSSQL$SONY_MEDIAMGR [Auto | Running]) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft
Corporation)
SRV - (MSSQLServerADHelper [On_Demand | Stopped]) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (Microsoft Corporation)
SRV - (NMSAccessU [Auto | Running]) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (OpenCASE Media Agent [Auto | Stopped]) -- C:\Program Files\OpenCASE\OpenCASE Media Agent\MediaAgent.exe (ExtendMedia Inc.)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (Pml Driver HPZ12 [Unknown | Stopped]) -- File not found
SRV - (RegSrvc [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
SRV - (rpcapd [On_Demand | Stopped]) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies)
SRV - (S24EventMonitor [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
SRV - (SQLAgent$SONY_MEDIAMGR [On_Demand | Stopped]) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (Microsoft
Corporation)
SRV - (Swupdtmr [Auto | Stopped]) -- File not found
SRV - (TabletServicePen [Auto | Running]) -- C:\WINDOWS\system32\Pen_Tablet.exe (Wacom Technology, Corp.)
SRV - (TAPPSRV [Auto | Running]) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe (TOSHIBA Corp.)
SRV - (uploadmgr [Auto | Stopped]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (Ventrilo [Auto | Running]) -- C:\Program Files\VentSrv\ventrilo_svc.exe ()
SRV - (Viewpoint Manager Service [Auto | Running]) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
========== Driver Services (SafeList) ========== DRV - (Aavmker4 [System | Running]) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (AegisP [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\AegisP.sys (Meetinghouse Data Communications)
DRV - (AgereSoftModem [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\AGRSM.sys (Agere Systems)
DRV - (aswFsBlk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys (ALWIL Software)
DRV - (aswMon2 [Auto | Running]) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswRdr [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswSP [System | Running]) -- C:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswTdi [System | Running]) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (DLABOIOM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLABOIOM.SYS (Sonic Solutions)
DRV - (DLACDBHM [System | Running]) -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS (Sonic Solutions)
DRV - (DLADResN [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLADResN.SYS (Sonic Solutions)
DRV - (DLAIFS_M [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAIFS_M.SYS (Sonic Solutions)
DRV - (DLAOPIOM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAOPIOM.SYS (Sonic Solutions)
DRV - (DLAPoolM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAPoolM.SYS (Sonic Solutions)
DRV - (DLARTL_N [System | Running]) -- C:\WINDOWS\System32\Drivers\DLARTL_N.SYS (Sonic Solutions)
DRV - (DLAUDFAM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAUDFAM.SYS (Sonic Solutions)
DRV - (DLAUDF_M [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAUDF_M.SYS (Sonic Solutions)
DRV - (DRVMCDB [Boot | Running]) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)
DRV - (DRVNDDM [Auto | Running]) -- C:\WINDOWS\System32\Drivers\DRVNDDM.SYS (Sonic Solutions)
DRV - (dtscsi [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\dtscsi.sys ()
DRV - (e1express [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\e1e5132.sys (Intel Corporation)
DRV - (FdRedir [Auto | Running]) -- C:\Program Files\Common Files\Protector Suite QL\Drivers\FdRedir.sys (UPEK Inc.)
DRV - (FileDisk2 [Auto | Running]) -- C:\Program Files\Common Files\Protector Suite QL\Drivers\filedisk.sys (UPEK Inc.)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (hamachi [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\hamachi.sys (LogMeIn, Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (HPZid412 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys (HP)
DRV - (HPZipr12 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys (HP)
DRV - (HPZius12 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys (HP)
DRV - (ialm [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ialmnt5.sys (Intel Corporation)
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (Iviaspi [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\iviaspi.sys (InterVideo, Inc.)
DRV - (KR10N [Boot | Stopped]) -- C:\WINDOWS\system32\drivers\KR10N.sys (TOSHIBA CORPORATION)
DRV - (LVPr2Mon [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys ()
DRV - (LVUSBSta [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (mcdbus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\mcdbus.sys (MagicISO, Inc.)
DRV - (MDC8021X [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\mdc8021x.sys (Meetinghouse Data Communications)
DRV - (meiudf [System | Running]) -- C:\WINDOWS\System32\Drivers\meiudf.sys (Matsushita Electric Industrial Co.,Ltd.)
DRV - (MPE [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\MPE.sys (Microsoft Corporation)
DRV - (NaiAvFilter1 [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\naiavf5x.sys (McAfee Inc.)
DRV - (Netdevio [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\netdevio.sys (TOSHIBA Corporation.)
DRV - (nm [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\NMnt.sys (Microsoft Corporation)
DRV - (NPF [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\npf.sys (CACE Technologies)
DRV - (Pfc [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (PID_PEPI [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\LV302V32.SYS (Logitech Inc.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (s24trans [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\s24trans.sys (Intel Corporation)
DRV - (SASDIFSV [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM [On_Demand | Stopped]) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SCDEmu [System | Running]) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (Secdrv [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and
Asia K.K.)
DRV - (smihlp [Auto | Running]) -- C:\Program Files\Protector Suite QL\smihlp.sys (UPEK Inc.)
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (SynTP [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV - (tbiosdrv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\tbiosdrv.sys ()
DRV - (TcUsb [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\tcusb.sys (UPEK Inc.)
DRV - (tifm21 [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments)
DRV - (tosrfec [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\tosrfec.sys (TOSHIBA Corporation)
DRV - (TVALD [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\NBSMI.sys (Toshiba Corporation)
DRV - (Tvs [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\Tvs.sys (TOSHIBA Corporation)
DRV - (USB28xxBGA [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\emBDA.sys (eMPIA Technology, Inc.)
DRV - (USB28xxOEM [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\emOEM.sys (eMPIA Technology, Inc.)
DRV - (usbaudio [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (w39n51 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\w39n51.sys (Intel® Corporation)
DRV - (wacmoumonitor [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\wacmoumonitor.sys (Wacom Technology)
DRV - (wacommousefilter [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys (Wacom Technology)
DRV - (wacomvhid [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\wacomvhid.sys (Wacom Technology)
DRV - (WacomVKHid [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\WacomVKHid.sys (Wacom Technology)
DRV - (wanatw [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\wanatw4.sys (America Online, Inc.)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.microsoft...p...&ar=msnhomeIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.microsoft...amp;ar=iesearchIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft...amp;ar=iesearchIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.microsoft...pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn...st/srchcust.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.microsoft...amp;ar=iesearchIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.microsoft...amp;ar=iesearchIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "
http://slirsredirect...fftrie7&query="FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "
http://www.ninja.com/"FF - prefs.js..extensions.enabledItems: {B9C8BE50-7105-4ec6-8FB4-4935C0671648}:0.5.98
FF - prefs.js..extensions.enabledItems: {3112ca9c-de6d-4884-a869-9855de68056c}:3.1.20090119W
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090123.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0.0.071303000006
FF - prefs.js..extensions.enabledItems: {53A03D43-5363-4669-8190-99061B2DEBA5}:1.3.3.9
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0.4.4
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.6
FF - prefs.js..extensions.enabledItems: {8F527F9E-4A45-4054-98F1-54A8F3E08959}:1.0
FF - prefs.js..extensions.enabledItems: {5A51FE0A-D958-4378-8230-BC4AFCEB2C74}:1.0
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0.2
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.8
FF - prefs.js..keyword.URL: "
http://slirsredirect...0fftrab&query=" FF - HKLM\software\mozilla\Firefox\Extensions\\{8F527F9E-4A45-4054-98F1-54A8F3E08959}: C:\DOCUMENTS AND SETTINGS\ALEX\LOCAL SETTINGS\APPLICATION
DATA\{8F527F9E-4A45-4054-98F1-54A8F3E08959} [2009/04/15 04:02:03 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{5A51FE0A-D958-4378-8230-BC4AFCEB2C74}: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION
DATA\{5A51FE0A-D958-4378-8230-BC4AFCEB2C74}\ [2009/04/14 20:03:33 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\
[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/04/15 00:27:51 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/03/29 12:06:38 | 00,000,000 | ---D
| M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/15 00:57:40 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.8\extensions\\Components: C:\PROGRAM FILES\MOZILLA SUNBIRD\COMPONENTS [2009/02/09 08:30:11 | 00,000,000 | ---D |
M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.8\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA SUNBIRD\PLUGINS [2009/02/09 08:30:11 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.19\extensions\\Components: C:\PROGRAM FILES\MOZILLA THUNDERBIRD\COMPONENTS [2009/02/15 21:43:59 |
00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.19\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA THUNDERBIRD\PLUGINS
[2008/06/19 14:45:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\mozilla\Extensions
[2008/06/19 14:45:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/15 02:01:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\mozilla\Firefox\Profiles\b2ti9ecf.default\extensions
[2009/03/26 18:41:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application
Data\mozilla\Firefox\Profiles\b2ti9ecf.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2008/11/30 01:21:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application
Data\mozilla\Firefox\Profiles\b2ti9ecf.default\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}
[2009/01/29 22:09:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application
Data\mozilla\Firefox\Profiles\b2ti9ecf.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2008/12/24 02:31:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application
Data\mozilla\Firefox\Profiles\b2ti9ecf.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2009/01/29 22:09:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application
Data\mozilla\Firefox\Profiles\b2ti9ecf.default\extensions\{B9C8BE50-7105-4ec6-8FB4-4935C0671648}
[2008/06/19 17:15:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application
Data\mozilla\Firefox\Profiles\b2ti9ecf.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2009/02/23 20:29:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application
Data\mozilla\Firefox\Profiles\b2ti9ecf.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009/02/23 20:29:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application
Data\mozilla\Firefox\Profiles\b2ti9ecf.default\extensions\
[email protected][2009/03/30 08:33:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application
Data\mozilla\Firefox\Profiles\b2ti9ecf.default\extensions\
[email protected][2008/01/27 03:39:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application
Data\mozilla\Firefox\Profiles\b2ti9ecf.default\extensions\
[email protected][2009/02/28 16:28:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application
Data\mozilla\Firefox\Profiles\b2ti9ecf.default\extensions\
[email protected][2008/12/15 17:53:03 | 00,001,739 | ---- | M] () -- C:\Documents and Settings\Alex\Application
Data\Mozilla\FireFox\Profiles\b2ti9ecf.default\searchplugins\aim-search.xml
[2008/02/24 14:27:30 | 00,001,877 | ---- | M] () -- C:\Documents and Settings\Alex\Application
Data\Mozilla\FireFox\Profiles\b2ti9ecf.default\searchplugins\aolsearch.xml
[2009/04/15 06:44:04 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2007/02/16 02:22:50 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/03/27 23:49:39 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/01 21:31:01 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2009/04/15 00:28:15 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/03/27 23:49:32 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/03/27 23:49:32 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008/11/13 04:25:49 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2008/11/13 04:25:49 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2008/11/13 04:25:49 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2008/11/13 04:25:49 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2008/11/13 04:25:49 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/11/13 04:25:49 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2008/11/13 04:25:49 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (24 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 jL.chura.pl
O2 - BHO: (no name) - {e2ba40a2-74f3-42bd-f434-2604812c8953} - Reg Error: Key error. File not found
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh
Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (McAfee VirusScan) - {BA52B914-B692-46c4-B683-905236F6F655} - c:\Program Files\McAfee.com\VSO\mcvsshl.dll (McAfee, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AGRSMMSG] AGRSMMSG.exe (Agere Systems)
O4 - HKLM..\Run: [Alcmtr] ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" (Maxtor Corporation)
O4 - HKLM..\Run: [BrStsWnd] C:\Program Files\Brownie\BrstsWnd.exe Autorun File not found
O4 - HKLM..\Run: [CFSServ.exe] CFSServ.exe -NoClient File not found
O4 - HKLM..\Run: [dla] C:\WINDOWS\system32\dla\DLACTRLW.exe (Sonic Solutions)
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" (Microsoft Corporation)
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 (Microsoft Corporation)
O4 - HKLM..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide ()
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC (Microsoft Corporation)
O4 - HKLM..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run (TOSHIBA Corporation)
O4 - HKLM..\Run: [PRISMSVR.EXE] "C:\WINDOWS\system32\PRISMSVR.EXE" /APPLY File not found
O4 - HKLM..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup (UPEK Inc.)
O4 - HKLM..\Run: [QuickTime Task] "C:\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TDispVol] TDispVol.exe File not found
O4 - HKLM..\Run: [TFncKy] TFncKy.exe File not found
O4 - HKLM..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe (TOSHIBA)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKLM..\Run: [TPSMain] TPSMain.exe File not found
O4 - HKLM..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [UDC Integration] File not found
O4 - HKCU..\Run: [] C:\WINDOWS\TEMP\sdmgos.exe File not found
O4 - HKCU..\Run: [Aim6] File not found
O4 - HKCU..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" (BitTorrent, Inc.)
O4 - HKCU..\Run: [SharpTray] "C:\Program Files\Sharp\Sharpdesk\SharpTray.exe" ()
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe File not found
O4 - HKCU..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe" File not found
O4 - Startup: C:\Documents and Settings\Alex\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80
\Tools\Binn\sqlmangr.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: &AIM Toolbar Search - C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-
US\local\search.html ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra Button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft
Corporation)
O9 - Extra Button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer
Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft
Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {37A273C2-5129-11D5-BF37-00A0CCE8754B}
http://asp.mathxl.co...GenXInstall.cab (TTestGenXInstallObject)
O16 - DPF: {4FE89055-5300-469E-AFAD-DEB3181EDE76}
http://asp.mathxl.co...InstallAsst.cab (PearsonAsstX Control)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B}
http://www.eset.eu/b...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8ad9c840-044e-11d1-b3e9-00805f499d93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {95D88B35-A521-472B-A182-BB1A98356421}
http://asp.mathxl.co...nstallAsst2.cab (Pearson Installation Assistant 2)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_04)
O16 - DPF: {cafeefac-0016-0000-0013-abcdeffedcba}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {cafeefac-ffff-ffff-ffff-abcdeffedcba}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548}
http://gamedownload....GPlugin9USA.cab (Reg Error: Key error.)
O16 - DPF: {E6D23284-0E9B-417D-A782-03E4487FC947}
http://asp.mathxl.co.../MathPlayer.cab (Pearson MathXL Player)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft
Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft
Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft
Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft
Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft
Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
(Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (cfljna.dll) - File not found
O20 - AppInit_DLLs: (xmvnjf.dll) - File not found
O20 - AppInit_DLLs: (c:\windows\system32\jisufumi.dll) - c:\windows\system32\jisufumi.dll File not found
O20 - AppInit_DLLs: (c:\windows\system32\hukawebo.dll) - c:\windows\system32\hukawebo.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
(SUPERAntiSpyware.com)
O20 - Winlogon\Notify\dimsntfy: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ocmerg: DllName - C:\Program Files\Windows Media Player\Network Sharing\ocmerg.dll - C:\Program Files\Windows Media Player\Network
Sharing\ocmerg.dll File not found
O20 - Winlogon\Notify\psfus: DllName - psqlpwd.dll - C:\WINDOWS\system32\psqlpwd.dll (UPEK Inc.)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft
Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
========== Files/Folders - Created Within 30 Days ========== [2 C:\WINDOWS\*.tmp files]
[1 C:\DOCUME~1\Alex\My Documents\*.tmp files]
[2009/04/15 06:55:37 | 00,000,000 | ---- | C] () -- C:\DOCUME~1\Alex\Desktop\ml50setup(2).zip
[2009/04/15 06:55:35 | 60,907,757 | ---- | C] () -- C:\DOCUME~1\Alex\Desktop\ml50setup(2).zip.part
[2009/04/15 06:42:07 | 00,000,000 | R-SD | C] -- C:\DOCUME~1\Alex\My Documents\My Safe
[2009/04/15 06:32:42 | 00,521,728 | ---- | C] (OldTimer Tools) -- C:\DOCUME~1\Alex\Desktop\OTListIt2a.exe
[2009/04/15 06:30:43 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/04/15 06:30:21 | 00,267,612 | ---- | C] () -- C:\DOCUME~1\Alex\Desktop\Rooterr.exe
[2009/04/15 06:21:30 | 00,225,104 | ---- | C] () -- C:\DOCUME~1\Alex\Desktop\112-20062-MT2.pdf
[2009/04/15 06:06:59 | 00,041,472 | ---- | C] (Doug Knox) -- C:\DOCUME~1\Alex\Desktop\SysRestorePoint.exe
[2009/04/15 06:00:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/04/15 05:57:46 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\DOCUME~1\Alex\Desktop\erunt_setup.exe
[2009/04/15 05:54:15 | 00,000,000 | ---D | C] -- C:\Program Files\Copy of Malwarebytes' Anti-Malware
[2009/04/15 05:45:49 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/04/15 04:02:02 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Alex\Local Settings\Application Data\{8F527F9E-4A45-4054-98F1-54A8F3E08959}
[2009/04/15 03:51:18 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Alex\My Documents\AFTERWARDSSSSSSSSSSSSSSS
[2009/04/15 02:43:55 | 00,000,000 | ---D | C] -- C:\Program Files\MStudio
[2009/04/15 02:34:15 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Alex\Desktop\ml50setup
[2009/04/15 01:16:02 | 87,280,281 | ---- | C] () -- C:\DOCUME~1\Alex\Desktop\ml50setup.zip
[2009/04/15 00:41:38 | 00,001,745 | ---- | C] () -- C:\DOCUME~1\Alex\Desktop\HijackThis.lnk
[2009/04/15 00:40:38 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/04/15 00:15:00 | 00,215,203 | ---- | C] () -- C:\DOCUME~1\Alex\My Documents\WWWWWWWWWWWWWINDOWS PROGRAMSSSSSSSSSSSSSSSS.docx
[2009/04/15 00:03:56 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Alex\Desktop\firefox
[2009/04/14 23:13:42 | 00,000,016 | ---- | C] () -- C:\WINDOWS\Bcune.bin
[2009/04/14 23:13:29 | 00,001,420 | ---- | C] () -- C:\WINDOWS\Tbepujumuqoboxe.dat
[2009/04/14 23:11:20 | 21,370,51136 | -HS- | C] () -- C:\hiberfil.sys
[2009/04/14 14:56:37 | 00,001,747 | ---- | C] () -- C:\DOCUME~1\Alex\Desktop\SUPERAntiSpyware Free Edition (2).lnk
[2009/04/14 14:49:21 | 00,088,558 | ---- | C] () -- C:\WINDOWS\System32\drivers\7b7ed347.sys
[2009/04/14 14:49:01 | 00,055,296 | ---- | C] () -- C:\rnvx.exe
[2009/04/14 14:48:52 | 00,000,002 | ---- | C] () -- C:\2981779
[2009/04/14 01:06:50 | 01,404,795 | -HS- | C] () -- C:\WINDOWS\System32\anoduyim.ini
[2009/04/13 05:07:14 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Alex\My Documents\l5r
[2009/04/12 01:03:38 | 00,550,560 | ---- | C] (CACE Technologies) -- C:\DOCUME~1\Alex\Desktop\WinPcap_4_0_2.exe
[2009/04/12 01:03:19 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Alex\Desktop\listchecker
[2009/04/09 11:17:29 | 00,244,224 | ---- | C] () -- C:\DOCUME~1\Alex\Desktop\P780_L6_sp03.ppt
[2009/04/05 23:33:14 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/04/05 23:32:55 | 00,000,000 | ---D | C] -- C:\DOCUME~1\ALLUSE~1\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009/04/05 21:04:17 | 00,000,434 | ---- | C] () -- C:\DOCUME~1\Alex\My Documents\UDC Output Files.lnk
[2009/04/05 21:03:59 | 00,005,632 | ---- | C] (fCoder Group, Inc.) -- C:\WINDOWS\System32\udcpm.dll
[2009/04/05 21:03:53 | 00,000,000 | R--D | C] -- C:\UDC Output Files
[2009/04/05 21:03:53 | 00,000,000 | ---D | C] -- C:\Program Files\Universal Document Converter
[2009/04/05 15:46:42 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Alex\Application Data\Brother
[2009/04/04 20:13:48 | 00,000,426 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009/04/04 20:13:47 | 00,000,034 | ---- | C] () -- C:\WINDOWS\System32\BD2140.DAT
[2009/04/04 20:10:25 | 00,000,145 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2009/04/04 20:10:25 | 00,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2009/04/04 20:09:48 | 00,077,824 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\brlmw03a.dll
[2009/04/04 20:09:48 | 00,000,114 | ---- | C] () -- C:\WINDOWS\System32\brlmw03a.ini
[2009/04/04 20:09:47 | 00,009,853 | ---- | C] () -- C:\WINDOWS\HL-2140.INI
[2009/04/04 20:09:47 | 00,000,000 | ---D | C] -- C:\Program Files\Brownie
[2009/04/04 20:06:42 | 00,114,688 | ---- | C] (Brother Industries Ltd) -- C:\WINDOWS\System32\BRRBTOOL.EXE
[2009/04/04 20:06:41 | 00,176,128 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BROSNMP.DLL
[2009/04/04 20:06:41 | 00,024,223 | ---- | C] (brother Industries Ltd) -- C:\WINDOWS\System32\BRLM03A.DLL
[2009/04/04 20:06:40 | 00,192,512 | ---- | C] (brother) -- C:\WINDOWS\System32\Pdrvinst.dll
[2009/04/04 20:06:40 | 00,000,000 | ---D | C] -- C:\Program Files\Brother
[2009/04/04 20:06:13 | 00,000,232 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2009/04/02 20:17:42 | 00,000,162 | -H-- | C] () -- C:\DOCUME~1\Alex\My Documents\~$aty3;'.docx
[2009/04/02 20:16:28 | 20,719,2886 | ---- | C] () -- C:\DOCUME~1\Alex\My Documents\whaty3;.docx
[2009/04/02 17:35:38 | 00,000,162 | -H-- | C] () -- C:\DOCUME~1\Alex\My Documents\~$py of whaty3.docx
[2009/03/31 21:17:49 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Alex\Desktop\PHY 129A
[2009/03/30 20:04:16 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Alex\Desktop\CHE 110C
[2009/03/30 20:04:07 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Alex\Desktop\PHY 110B
[2009/03/29 20:49:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Alex\Application Data\WinRAR
[2009/03/24 02:59:54 | 41,689,899 | ---- | C] () -- C:\DOCUME~1\Alex\My Documents\whaty4.docx
[2009/03/22 19:43:34 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Alex\Desktop\PHY 115A
[2009/03/19 11:49:55 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Alex\My Documents\crayon
[2009/03/17 22:49:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Alex\Application Data\Sonic
[2009/03/16 20:13:13 | 00,000,000 | ---D | C] -- C:\WTablet
[2008/10/10 19:45:59 | 00,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2008/09/19 14:57:34 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/09/19 14:55:10 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/09/19 14:55:10 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/09/19 14:54:18 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/07/26 08:25:02 | 00,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2008/03/04 03:23:56 | 00,958,464 | ---- | C] () -- C:\WINDOWS\System32\VSFilter.dll
[2008/02/11 10:39:26 | 00,253,952 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerDLLA.dll
[2008/02/11 10:39:18 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerDLLW.dll
[2008/02/08 14:53:46 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\OnlineScannerLang.dll
[2007/10/12 01:11:58 | 00,066,482 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2007/10/08 20:01:09 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2007/08/24 06:52:53 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2007/07/27 15:49:02 | 00,225,355 | ---- | C] () -- C:\WINDOWS\System32\lnod32apiW.dll
[2007/07/27 15:49:02 | 00,196,683 | ---- | C] () -- C:\WINDOWS\System32\lnod32apiA.dll
[2007/04/05 00:28:43 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007/04/04 12:44:55 | 00,000,067 | ---- | C] () -- C:\WINDOWS\swupdate.INI
[2007/01/18 13:15:23 | 00,000,145 | ---- | C] () -- C:\WINDOWS\StarryNight.ini
[2007/01/16 10:24:32 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2007/01/16 10:23:45 | 00,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2007/01/16 10:23:45 | 00,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2007/01/16 10:23:44 | 00,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2007/01/01 14:57:06 | 00,029,696 | ---- | C] () -- C:\WINDOWS\System32\asutl8.dll
[2006/12/21 12:20:04 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\ZLIB.DLL
[2006/12/21 00:39:18 | 00,049,152 | ---- | C] () -- C:\WINDOWS\SDConfig.dll
[2006/12/21 00:37:56 | 00,159,744 | ---- | C] () -- C:\WINDOWS\_isusr32.dll
[2006/12/21 00:33:40 | 00,122,880 | ---- | C] () -- C:\WINDOWS\System32\usc1.dll
[2006/12/21 00:33:40 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\_isusr2k.dll
[2006/10/30 17:16:20 | 00,004,246 | ---- | C] () -- C:\WINDOWS\TVEpaDrv.ini
[2006/09/06 20:45:03 | 00,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/09/06 11:59:42 | 00,000,047 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/09/05 14:32:33 | 00,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2006/09/05 12:55:36 | 00,223,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2006/09/04 22:56:07 | 00,643,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2006/09/04 22:56:07 | 00,096,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd3677.sys
[2006/09/04 16:08:24 | 00,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/09/04 16:08:24 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/05/28 18:14:43 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/02/24 21:28:54 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\TDispVol.dll
[2006/02/16 08:07:58 | 00,000,012 | ---- | C] () -- C:\WINDOWS\dirsaver.ini
[2006/02/16 02:50:52 | 00,000,222 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/02/16 02:25:21 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/02/16 02:25:21 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/02/16 02:25:21 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/02/16 02:25:21 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/02/16 02:25:21 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/02/16 02:25:21 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/02/15 09:41:53 | 00,036,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\CSIIDecoder_kern_i386.sys
[2006/02/15 09:41:53 | 00,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys
[2006/02/15 09:40:07 | 00,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2006/02/15 09:28:50 | 00,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2006/02/15 09:28:50 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2006/02/15 09:28:50 | 00,010,165 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2006/02/15 09:28:50 | 00,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2006/02/15 09:25:00 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
[2006/02/15 09:25:00 | 00,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll
[2006/02/15 08:44:19 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/02/15 08:34:07 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/02/15 07:09:00 | 00,000,341 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/02/15 07:04:21 | 00,000,911 | ---- | C] () -- C:\WINDOWS\win.ini
[2006/02/15 07:04:12 | 00,044,544 | ---- | C] () -- C:\WINDOWS\Waumni.dll
[2006/02/15 07:04:05 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2006/02/15 07:03:57 | 00,022,040 | ---- | C] () -- C:\WINDOWS\System32\_004867_.tmp.dll
[2006/02/15 07:02:59 | 00,249,270 | ---- | C] () -- C:\WINDOWS\System32\_004899_.tmp.dll
[2005/12/05 20:25:22 | 00,139,264 | ---- | C] () -- C:\WINDOWS\System32\lnod32umc.dll
[2005/12/05 13:37:10 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\lnod32upd.dll
[2005/11/28 21:33:56 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/09/02 15:44:08 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005/08/24 16:20:28 | 00,009,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\tbiosdrv.sys
[2005/08/05 15:01:54 | 00,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/08/02 14:24:01 | 00,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2005/07/22 22:30:20 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004/07/20 18:04:02 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/01/15 15:43:28 | 00,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[1997/06/13 17:56:08 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
========== Files - Modified Within 30 Days ========== [273 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[1 C:\DOCUME~1\Alex\My Documents\*.tmp files]
[2009/04/15 07:03:17 | 00,088,558 | ---- | M] () -- C:\WINDOWS\System32\drivers\7b7ed347.sys
[2009/04/15 07:00:00 | 00,000,292 | ---- | M] () -- C:\WINDOWS\tasks\ziiuxkdd.job
[2009/04/15 06:55:37 | 61,137,133 | ---- | M] () -- C:\DOCUME~1\Alex\Desktop\ml50setup(2).zip.part
[2009/04/15 06:55:37 | 00,000,000 | ---- | M] () -- C:\DOCUME~1\Alex\Desktop\ml50setup(2).zip
[2009/04/15 06:42:05 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/04/15 06:40:41 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/15 06:40:16 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/04/15 06:40:09 | 21,370,51136 | -HS- | M] () -- C:\hiberfil.sys
[2009/04/15 06:39:07 | 00,011,168 | -H-- | M] () -- C:\WINDOWS\System32\jinowavu
[2009/04/15 06:32:42 | 00,521,728 | ---- | M] (OldTimer Tools) -- C:\DOCUME~1\Alex\Desktop\OTListIt2a.exe
[2009/04/15 06:30:22 | 00,267,612 | ---- | M] () -- C:\DOCUME~1\Alex\Desktop\Rooterr.exe
[2009/04/15 06:21:51 | 00,225,104 | ---- | M] () -- C:\DOCUME~1\Alex\Desktop\112-20062-MT2.pdf
[2009/04/15 06:06:59 | 00,041,472 | ---- | M] (Doug Knox) -- C:\DOCUME~1\Alex\Desktop\SysRestorePoint.exe
[2009/04/15 05:57:51 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\DOCUME~1\Alex\Desktop\erunt_setup.exe
[2009/04/15 05:28:02 | 00,001,420 | ---- | M] () -- C:\WINDOWS\Tbepujumuqoboxe.dat
[2009/04/15 01:38:23 | 00,000,016 | ---- | M] () -- C:\WINDOWS\Bcune.bin
[2009/04/15 01:29:50 | 87,280,281 | ---- | M] () -- C:\DOCUME~1\Alex\Desktop\ml50setup.zip
[2009/04/15 00:41:38 | 00,001,745 | ---- | M] () -- C:\DOCUME~1\Alex\Desktop\HijackThis.lnk
[2009/04/15 00:15:00 | 00,215,203 | ---- | M] () -- C:\DOCUME~1\Alex\My Documents\WWWWWWWWWWWWWINDOWS PROGRAMSSSSSSSSSSSSSSSS.docx
[2009/04/14 14:56:37 | 00,001,747 | ---- | M] () -- C:\DOCUME~1\Alex\Desktop\SUPERAntiSpyware Free Edition (2).lnk
[2009/04/14 14:49:03 | 00,055,296 | ---- | M] () -- C:\rnvx.exe
[2009/04/14 14:48:55 | 00,000,002 | ---- | M] () -- C:\2981779
[2009/04/14 05:56:24 | 00,000,426 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2009/04/14 01:32:29 | 01,404,795 | -HS- | M] () -- C:\WINDOWS\System32\anoduyim.ini
[2009/04/13 16:13:35 | 00,121,344 | ---- | M] () -- C:\DOCUME~1\Alex\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/12 01:04:55 | 00,010,330 | ---- | M] () -- C:\Documents and Settings\Alex\Application Data\wklnhst.dat
[2009/04/12 01:03:40 | 00,550,560 | ---- | M] (CACE Technologies) -- C:\DOCUME~1\Alex\Desktop\WinPcap_4_0_2.exe
[2009/04/10 03:45:22 | 20,719,2886 | ---- | M] () -- C:\DOCUME~1\Alex\My Documents\whaty3;.docx
[2009/04/10 03:16:35 | 41,689,899 | ---- | M] () -- C:\DOCUME~1\Alex\My Documents\whaty4.docx
[2009/04/09 11:17:29 | 00,244,224 | ---- | M] () -- C:\DOCUME~1\Alex\Desktop\P780_L6_sp03.ppt
[2009/04/07 16:13:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/04/05 21:04:17 | 00,000,434 | ---- | M] () -- C:\DOCUME~1\Alex\My Documents\UDC Output Files.lnk
[2009/04/05 15:38:22 | 00,000,232 | ---- | M] () -- C:\WINDOWS\Brownie.ini
[2009/04/04 20:13:47 | 00,000,034 | ---- | M] () -- C:\WINDOWS\System32\BD2140.DAT
[2009/04/04 20:10:25 | 00,009,853 | ---- | M] () -- C:\WINDOWS\HL-2140.INI
[2009/04/04 20:10:25 | 00,000,145 | ---- | M] () -- C:\WINDOWS\BRVIDEO.INI
[2009/04/04 20:10:25 | 00,000,000 | ---- | M] () -- C:\WINDOWS\brmx2001.ini
[2009/04/02 20:17:42 | 00,000,162 | -H-- | M] () -- C:\DOCUME~1\Alex\My Documents\~$aty3;'.docx
[2009/04/02 17:35:38 | 00,000,162 | -H-- | M] () -- C:\DOCUME~1\Alex\My Documents\~$py of whaty3.docx
[2009/03/29 04:44:00 | 00,000,719 | ---- | M] () -- C:\DOCUME~1\Alex\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/03/26 16:49:56 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/03/26 16:49:50 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/03/19 17:13:35 | 00,077,273 | ---- | M] () -- C:\WINDOWS\War3Unin.dat
========== Alternate Data Streams ========== @Alternate Data Stream - 110 bytes -> C:\DOCUME~1\ALLUSE~1\Application Data\TEMP:DFC5A2B2
< End of report >
Actually to be honest, everything SEEMS to work fine at this point, after the Malwarebytes' scan, deletion, and reboot (except Windows Update pages still give an error, and Malwarebytes' and Superantispyware aren't allowed to update). But seeming fine has happened before, only the virus would spring up again later. I'm not adept enough at analyzing my computer to be certain.
At any rate, thanks for any help!
Edit: Nevermind, avast picked up more viruses from .exe files upon running a Superantispyware scan (though is it possible they were residual?...)
Edit 2: Some websites I click on bring me to a "Bizrate" website.
Edited by lex1245, 15 April 2009 - 09:44 AM.