Anti Spyware Ads

hi there, am currently infected with some nasty anti spyware ads which are hindering performance. have included the relevant logs, thanks

OTListIt logfile created on: 4/16/2009 11:41:17 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\Merk_2\My Documents
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.42 Mb Total Physical Memory | 216.12 Mb Available Physical Memory | 42.34% Memory free
1.22 Gb Paging File | 0.83 Gb Available in Paging File | 67.75% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 27.93 Gb Total Space | 5.19 Gb Free Space | 18.60% Space Free | Partition Type: FAT32
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ME-E4DE770B88C2
Current User Name: Merk_2
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe ()
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\internet explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\Merk_2\My Documents\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (gusvc [Auto | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (Irmon [Auto | Running]) -- C:\WINDOWS\System32\irmon.dll (Microsoft Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (StyleXPService [Auto | Running]) -- C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe ()
SRV - (Viewpoint Manager Service [Auto | Running]) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (ac97intc [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ac97intc.sys (Intel Corporation)
DRV - (AIRPLUS [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\airplus.sys (D-Link)
DRV - (E100B [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (RT73 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\rt73.sys (Ralink Technology, Corp.)
DRV - (S3SSavage [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\s3ssavm.sys (S3 Graphics, Inc.)
DRV - (Secdrv [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SMCIRDA [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\smcirda.sys (SMC)
DRV - (StyleXPHelper [System | Running]) -- C:\Program Files\TGTSoft\StyleXP\StyleXPHelper.exe (Windows ® 2000 DDK provider)
DRV - (usbaudio [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (restore [On_Demand | Stopped]) -- C:\WINDOWS\System32\Restore [2007/08/03 01:08:38 | 00,000,000 | ---D | M]

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...ER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://kittenwar.com/kittens/138327/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://kittenwar.com...ittens/138327/"
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.8

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/16 21:10:42 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/16 21:10:42 | 00,000,000 | ---D | M]

[2009/04/16 21:11:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Merk_2\Application Data\mozilla\Extensions
[2009/04/16 21:11:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Merk_2\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/16 21:11:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Merk_2\Application Data\mozilla\Firefox\Profiles\tc92z0gb.default\extensions
[2009/04/16 21:10:42 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/16 21:10:46 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/26 20:11:22 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/03/26 20:11:24 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/03/26 19:56:22 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/03/26 19:56:22 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/03/26 19:56:22 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/03/26 19:56:22 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/03/26 19:56:22 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/03/26 19:56:22 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/03/26 19:56:22 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {E2BA40A2-74F3-42BD-F434-2604812C8953} - Reg Error: Key error. File not found
O2 - BHO: (MS extension) - {e7c7ad3e-e0b2-4994-b338-f89d02aa316d} - C:\WINDOWS\system32\infow32.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\D-Link AirPlus.lnk = C:\Program Files\D-Link AirPlus\AirPlus.exe (D-Link)
O4 - Startup: C:\Documents and Settings\Merk_2\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html ()
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm File not found
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm File not found
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm File not found
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm File not found
O9 - Extra Button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} http://webeffective....torLauncher.cab (Keynote Connector Launcher 2)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (WIKI.DLL) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ FAT32 ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[4 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009/04/16 23:40:28 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\DOCUME~1\MERK_2\My Documents\OTListIt2.exe
[2009/04/16 23:38:30 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/04/16 23:38:26 | 00,267,612 | ---- | C] () -- C:\DOCUME~1\MERK_2\My Documents\Rooter.exe
[2009/04/16 23:13:14 | 00,000,600 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/04/16 23:13:13 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/16 23:13:09 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/16 23:13:07 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/04/16 23:12:41 | 02,967,800 | ---- | C] (Malwarebytes Corporation ) -- C:\DOCUME~1\MERK_2\Desktop\mbam-setup.exe
[2009/04/16 21:10:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Merk_2\Local Settings\Application Data\Mozilla
[2009/04/16 21:10:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Merk_2\Application Data\Mozilla
[2009/04/16 21:10:49 | 00,001,506 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Mozilla Firefox.lnk
[2009/04/16 21:10:41 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/04/16 20:52:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avg7
[2009/04/16 09:58:05 | 01,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71.dll
[2009/04/16 09:57:58 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/04/16 09:55:56 | 00,308,160 | ---- | C] (ALWIL Software) -- C:\DOCUME~1\MERK_2\My Documents\avast_home_setup.exe
[2009/04/16 09:21:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Merk_2\Application Data\Malwarebytes
[2009/04/16 09:20:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/04/16 09:19:38 | 02,967,800 | ---- | C] (Malwarebytes Corporation ) -- C:\DOCUME~1\MERK_2\My Documents\mbam-setup.exe
[2009/04/16 09:15:45 | 00,000,671 | ---- | C] () -- C:\Documents and Settings\Merk_2\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/04/16 09:15:34 | 00,000,515 | ---- | C] () -- C:\DOCUME~1\MERK_2\Desktop\NTREGOPT.lnk
[2009/04/16 09:15:34 | 00,000,496 | ---- | C] () -- C:\DOCUME~1\MERK_2\Desktop\ERUNT.lnk
[2009/04/16 09:15:33 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/04/16 09:15:13 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\DOCUME~1\MERK_2\My Documents\erunt_setup.exe
[2009/04/16 09:11:21 | 00,021,504 | ---- | C] (Doug Knox) -- C:\DOCUME~1\MERK_2\My Documents\SysRestorePoint.exe
[2009/04/16 08:56:38 | 00,000,000 | -HSD | C] -- C:\FOUND.020
[2009/04/16 02:10:21 | 00,006,736 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\drivers\PROCEXP90.SYS
[2009/04/16 02:09:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp
[2009/04/16 01:12:34 | 00,000,211 | ---- | C] () -- C:\Boot.bak
[2009/04/16 01:12:26 | 00,260,272 | ---- | C] () -- C:\cmldr
[2009/04/16 01:12:16 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/04/16 00:59:34 | 00,259,072 | ---- | C] () -- C:\WINDOWS\vFind.exe
[2009/04/16 00:59:34 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/04/16 00:59:34 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/04/16 00:59:34 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/04/16 00:59:34 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/04/16 00:59:34 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/04/16 00:59:34 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/04/16 00:59:34 | 00,029,696 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/04/16 00:58:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/04/16 00:58:07 | 00,000,000 | ---D | C] -- C:\ComboFix
[2009/04/16 00:57:38 | 00,388,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF13576.exe
[2009/04/16 00:55:51 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/04/15 22:35:33 | 00,059,904 | ---- | C] () -- C:\WINDOWS\System32\inform.dat
[2009/04/15 22:35:33 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\infow32.dll
[2009/04/15 22:35:33 | 00,014,119 | ---- | C] () -- C:\WINDOWS\System32\xma
[2009/04/15 22:09:20 | 00,022,528 | ---- | C] () -- C:\ycdothg.exe
[2009/04/15 22:08:49 | 00,000,002 | ---- | C] () -- C:\-1610307958
[2009/04/15 22:08:33 | 00,020,480 | ---- | C] () -- C:\pvlrqtm.ex_
[2009/04/15 21:43:52 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2009/04/15 21:43:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/04/15 21:43:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2009/04/15 21:43:22 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/04/15 21:41:59 | 00,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll
[2009/04/15 21:36:34 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2009/04/15 17:39:06 | 00,000,000 | -HSD | C] -- C:\FOUND.019
[2009/04/12 02:39:58 | 00,000,000 | -HSD | C] -- C:\FOUND.018
[2009/04/11 11:48:18 | 00,000,000 | -HSD | C] -- C:\FOUND.017
[2009/04/06 17:43:12 | 00,000,000 | -HSD | C] -- C:\FOUND.016
[2009/04/05 13:16:08 | 00,000,000 | -HSD | C] -- C:\FOUND.015
[2009/03/30 23:13:27 | 00,090,112 | ---- | C] (Software Design) -- C:\WINDOWS\SDUnInst.exe
[2009/03/30 23:13:26 | 00,000,000 | ---D | C] -- C:\Program Files\Software by Design
[2009/03/30 23:03:25 | 00,000,000 | ---D | C] -- C:\EuroSoft
[2009/03/30 22:33:58 | 00,000,586 | ---- | C] () -- C:\WINDOWS\Calendar.INI
[2009/03/30 22:30:53 | 00,016,847 | ---- | C] () -- C:\DOCUME~1\MERK_2\My Documents\US Holidays.ics
[2009/03/30 22:30:53 | 00,000,264 | ---- | C] () -- C:\DOCUME~1\MERK_2\My Documents\default.ics
[2009/03/30 22:30:52 | 00,000,000 | ---D | C] -- C:\Program Files\Desksware
[2009/03/30 22:30:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Merk_2\Application Data\desksware
[2009/03/30 22:24:46 | 00,000,000 | ---D | C] -- C:\Program Files\Tulipsoft
[2009/03/28 19:37:46 | 00,000,000 | -HSD | C] -- C:\FOUND.014
[2009/03/25 20:06:14 | 00,000,000 | -HSD | C] -- C:\FOUND.013
[2009/03/23 22:29:00 | 00,000,868 | ---- | C] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/03/19 00:22:42 | 00,000,000 | -HSD | C] -- C:\FOUND.012
[2008/09/16 00:14:24 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/09/16 00:12:02 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/09/16 00:12:02 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/09/16 00:11:10 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/03/14 09:26:04 | 00,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/01/15 14:22:29 | 00,000,141 | ---- | C] () -- C:\WINDOWS\disney.ini
[2008/01/15 13:25:59 | 00,000,177 | ---- | C] () -- C:\WINDOWS\disneysy.ini
[2008/01/08 23:53:49 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\CSDLGE1LIB.dll
[2008/01/04 23:26:45 | 00,000,525 | ---- | C] () -- C:\WINDOWS\System32\ucuiinfo.ini
[2007/10/13 12:35:41 | 00,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2007/10/13 12:35:41 | 00,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2007/10/13 12:35:41 | 00,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2007/08/23 13:13:31 | 00,163,840 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2007/08/23 13:13:30 | 00,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/08/07 22:06:19 | 00,006,048 | ---- | C] () -- C:\WINDOWS\System32\mcc16.dll
[2004/08/04 12:00:00 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/08/04 12:00:00 | 00,000,633 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/04 12:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini

========== Files - Modified Within 30 Days ==========

[4 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009/04/16 23:40:32 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\DOCUME~1\MERK_2\My Documents\OTListIt2.exe
[2009/04/16 23:38:28 | 00,267,612 | ---- | M] () -- C:\DOCUME~1\MERK_2\My Documents\Rooter.exe
[2009/04/16 23:26:08 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/04/16 23:25:34 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/16 23:25:16 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/04/16 23:13:16 | 00,000,600 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/04/16 23:12:50 | 02,967,800 | ---- | M] (Malwarebytes Corporation ) -- C:\DOCUME~1\MERK_2\Desktop\mbam-setup.exe
[2009/04/16 22:36:24 | 00,000,633 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/04/16 21:10:50 | 00,001,506 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Mozilla Firefox.lnk
[2009/04/16 20:50:30 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/04/16 09:55:58 | 00,308,160 | ---- | M] (ALWIL Software) -- C:\DOCUME~1\MERK_2\My Documents\avast_home_setup.exe
[2009/04/16 09:19:56 | 02,967,800 | ---- | M] (Malwarebytes Corporation ) -- C:\DOCUME~1\MERK_2\My Documents\mbam-setup.exe
[2009/04/16 09:15:46 | 00,000,671 | ---- | M] () -- C:\Documents and Settings\Merk_2\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/04/16 09:15:36 | 00,000,515 | ---- | M] () -- C:\DOCUME~1\MERK_2\Desktop\NTREGOPT.lnk
[2009/04/16 09:15:36 | 00,000,496 | ---- | M] () -- C:\DOCUME~1\MERK_2\Desktop\ERUNT.lnk
[2009/04/16 09:15:18 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\DOCUME~1\MERK_2\My Documents\erunt_setup.exe
[2009/04/16 09:11:22 | 00,021,504 | ---- | M] (Doug Knox) -- C:\DOCUME~1\MERK_2\My Documents\SysRestorePoint.exe
[2009/04/16 02:10:22 | 00,006,736 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\drivers\PROCEXP90.SYS
[2009/04/16 01:56:24 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/04/16 01:12:36 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009/04/16 00:55:12 | 00,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF13576.exe
[2009/04/15 22:35:34 | 00,059,904 | ---- | M] () -- C:\WINDOWS\System32\inform.dat
[2009/04/15 22:35:34 | 00,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\infow32.dll
[2009/04/15 22:35:34 | 00,014,119 | ---- | M] () -- C:\WINDOWS\System32\xma
[2009/04/15 22:19:42 | 00,113,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/04/15 22:10:46 | 00,182,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndis.sys
[2009/04/15 22:10:46 | 00,182,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndis.sys
[2009/04/15 22:09:40 | 00,022,528 | ---- | M] () -- C:\ycdothg.exe
[2009/04/15 22:09:20 | 00,000,002 | ---- | M] () -- C:\-1610307958
[2009/04/15 22:08:36 | 00,020,480 | ---- | M] () -- C:\pvlrqtm.ex_
[2009/04/15 22:08:04 | 00,021,048 | ---- | M] () -- C:\Documents and Settings\Merk_2\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/04/15 21:45:24 | 00,520,888 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/15 21:45:24 | 00,442,192 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/15 21:45:24 | 00,071,710 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/15 21:24:28 | 00,000,045 | ---- | M] () -- C:\TEST.XML
[2009/04/09 00:18:32 | 00,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/05 22:12:30 | 00,046,592 | ---- | M] () -- C:\Documents and Settings\Merk_2\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/30 23:21:10 | 00,000,586 | ---- | M] () -- C:\WINDOWS\Calendar.INI
[2009/03/21 00:06:02 | 01,582,262 | -H-- | M] () -- C:\Documents and Settings\Merk_2\Local Settings\Application Data\IconCache.db
< End of report >

rest of logs attached

thanks

Attached Files

Extras.Txt 34.58KB 595 downloads
mbam_log_2009_04_16__09_36_42_.txt 25.2KB 88 downloads
mbam_log_2009_04_16__23_23_41_.txt 1.82KB 81 downloads
OTListIt.Txt 54.55KB 72 downloads
Rooter.txt 5.99KB 286 downloads

#1
Spacelord11011

Posted 16 April 2009 - 04:50 PM

Attached Files

Advertisements

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Anti Spyware Ads

#1 Spacelord11011 Posted 16 April 2009 - 04:50 PM

Attached Files

Advertisements

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Sign In

#1
Spacelord11011

Posted 16 April 2009 - 04:50 PM