Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

BSOD when trying to scan using AVG antivirus..

Started by arf , May 13 2009 07:17 PM

  • Please log in to reply

#1
arf
Posted 13 May 2009 - 07:17 PM

arf

    Member

  • Member
  • PipPip
  • 50 posts
OTLI :

OTListIt logfile created on: 5/13/2009 4:12:43 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.7 Folder = C:\Documents and Settings\Mobile Student.L3T2104\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1006.22 Mb Total Physical Memory | 386.02 Mb Available Physical Memory | 38.36% Memory free
2.36 Gb Paging File | 1.65 Gb Available in Paging File | 69.64% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 93.16 Gb Total Space | 45.46 Gb Free Space | 48.80% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: L3T2104
Current User Name: mobile student
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\system32\ibmpmsvc.exe ()
PRC - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
PRC - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\AskBarDis\bar\bin\AskService.exe ()
PRC - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe ()
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)
PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
PRC - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)
PRC - c:\Program Files\Software Secure, Inc\SSIRuntimeService\SSIRuntimeService.exe ()
PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
PRC - C:\WINDOWS\System32\TPHDEXLG.exe (Lenovo.)
PRC - C:\WINDOWS\system32\TpKmpSVC.exe ()
PRC - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
PRC - C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - C:\WINDOWS\system32\WebUpdateSvc.exe (Data Perceptions / PowerProgrammer)
PRC - C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\system32\WebUpdateSvc4.exe (Data Perceptions / PowerProgrammer)
PRC - c:\program files\lenovo\system update\suservice.exe (Lenovo Group Limited)
PRC - C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
PRC - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\cidaemon.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\cidaemon.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\cidaemon.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\Mobile Student.L3T2104\Desktop\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (ACS [On_Demand | Stopped]) -- C:\WINDOWS\system32\acs.exe ()
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (ASKService [Auto | Running]) -- C:\Program Files\AskBarDis\bar\bin\AskService.exe ()
SRV - (ASKUpgrade [Auto | Running]) -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe ()
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Automatic LiveUpdate Scheduler [Auto | Running]) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
SRV - (avg8wd [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (ccEvtMgr [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)
SRV - (ccSetMgr [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (DefWatch [Auto | Running]) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation)
SRV - (EvtEng [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (helpsvc [Disabled | Stopped]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IBMPMSVC [Auto | Running]) -- C:\WINDOWS\system32\ibmpmsvc.exe ()
SRV - (idsvc [Unknown | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (IviRegMgr [Auto | Running]) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (LiveUpdate [On_Demand | Stopped]) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_1.EXE (Symantec Corporation)
SRV - (Microsoft Office Groove Audit Service [On_Demand | Stopped]) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (Pml Driver HPZ12 [Auto | Running]) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (RegSrvc [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
SRV - (S24EventMonitor [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
SRV - (SavRoam [On_Demand | Stopped]) -- C:\Program Files\Symantec AntiVirus\SavRoam.exe (symantec)
SRV - (SNDSrvc [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (Symantec Corporation)
SRV - (SoundMAX Agent Service (default) [Auto | Running]) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)
SRV - (SPBBCSvc [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation)
SRV - (SSIRuntimeService [Auto | Running]) -- c:\Program Files\Software Secure, Inc\SSIRuntimeService\SSIRuntimeService.exe ()
SRV - (SUService [Auto | Running]) -- c:\program files\lenovo\system update\suservice.exe (Lenovo Group Limited)
SRV - (Symantec AntiVirus [On_Demand | Stopped]) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation)
SRV - (ThinkVantage Registry Monitor Service [Auto | Running]) -- c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
SRV - (TPHDEXLGSVC [Auto | Running]) -- C:\WINDOWS\System32\TPHDEXLG.exe (Lenovo.)
SRV - (TpKmpSVC [Auto | Running]) -- C:\WINDOWS\system32\TpKmpSVC.exe ()
SRV - (TVT Scheduler [Auto | Running]) -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)
SRV - (Viewpoint Manager Service [Auto | Running]) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (WebUpdate [Auto | Running]) -- C:\WINDOWS\system32\WebUpdateSvc.exe (Data Perceptions / PowerProgrammer)
SRV - (WebUpdate4 [Auto | Running]) -- C:\WINDOWS\system32\WebUpdateSvc4.exe (Data Perceptions / PowerProgrammer)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (964f8830 [System | Stopped]) -- C:\WINDOWS\System32\drivers\964f8830.sys ()
DRV - (ADIHdAudAddService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (aeaudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\aeaudio.sys (Andrea Electronics Corporation)
DRV - (AegisP [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\AegisP.sys (Cisco Systems, Inc.)
DRV - (AEIWL [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\AEIWLNDS.sys (Actiontec Electronics, Inc)
DRV - (AgereSoftModem [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\AGRSM.sys (Agere Systems)
DRV - (AliIde [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (amdagp [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (AR5211 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ar5211.sys (Atheros Communications, Inc.)
DRV - (asc [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (atiide [Boot | Running]) -- C:\WINDOWS\System32\Drivers\atiide.sys (ATI Technologies Inc.)
DRV - (atmeltpm [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\atmeltpm.sys (Atmel, Inc.)
DRV - (avgldx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (avgmfx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (b57w2k [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\b57xp32.sys (Broadcom Corporation)
DRV - (BTWUSB [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\btwusb.sys (Broadcom Corporation.)
DRV - (CmdIde [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (dac2w2k [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (E100B [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (e1express [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\e1e5132.sys (Intel Corporation)
DRV - (eectrl [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EGATHDRV [Auto | Running]) -- C:\WINDOWS\system32\EGATHDRV.SYS (IBM Corporation)
DRV - (EraserUtilRebootDrv [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (HPZid412 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys (HP)
DRV - (HPZipr12 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys (HP)
DRV - (HPZius12 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys (HP)
DRV - (HSF_DPV [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\hsx_dpv.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\hsxhwazl.sys (Conexant Systems, Inc.)
DRV - (ialm [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\igxpmp32.sys (Intel Corporation)
DRV - (iaStor [Boot | Running]) -- C:\WINDOWS\System32\Drivers\iaStor.sys (Intel Corporation)
DRV - (IBMPMDRV [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys (IBM Corp.)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (mraid35x [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (NAVENG [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090422.005\NAVENG.SYS (Symantec Corporation)
DRV - (NAVEX15 [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090422.005\NAVEX15.SYS (Symantec Corporation)
DRV - (NETw3x32 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\NETw3x32.sys (Intel® Corporation)
DRV - (NETw4x32 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\NETw4x32.sys (Intel Corporation)
DRV - (NSCIRDA [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\nscirda.sys (National Semiconductor Corporation)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (pavboot [Boot | Running]) -- C:\WINDOWS\system32\drivers\pavboot.sys (Panda Security, S.L.)
DRV - (PMEM [Auto | Running]) -- C:\WINDOWS\system32\drivers\PMEMNT.SYS (Microsoft Corporation)
DRV - (psadd [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\psadd.sys (Lenovo (United States) Inc.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\PxHelp20.sys (Sonic Solutions)
DRV - (ql1080 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql12160 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1280 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (rimmptsk [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\rimmptsk.sys (REDC)
DRV - (rimsptsk [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\rimsptsk.sys (REDC)
DRV - (rismxdp [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\rixdptsk.sys (REDC)
DRV - (s24trans [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\s24trans.sys (Intel Corporation)
DRV - (SAVRT [On_Demand | Stopped]) -- C:\Program Files\Symantec AntiVirus\savrt.sys (Symantec Corporation)
DRV - (SAVRTPEL [System | Running]) -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys (Symantec Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (Shockprf [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\Apsx86.sys (Lenovo.)
DRV - (sisagp [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (Smapint [System | Running]) -- C:\WINDOWS\System32\drivers\Smapint.sys (Microsoft Corporation)
DRV - (smwdm [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\smwdm.sys (Analog Devices, Inc.)
DRV - (Sparrow [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (SPBBCDrv [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (symc810 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (symc8xx [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (SymEvent [On_Demand | Running]) -- C:\Program Files\Symantec\SYMEVENT.SYS (Symantec Corporation)
DRV - (SYMREDRV [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (SYMTDI [System | Running]) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (sym_hi [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (sym_u3 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (SynTP [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV - (TDSMAPI [System | Running]) -- C:\WINDOWS\System32\drivers\TDSMAPI.SYS ()
DRV - (TPDIGIMN [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\ApsHM86.sys (Lenovo.)
DRV - (TPDiskPM [Boot | Running]) -- C:\WINDOWS\System32\drivers\TPDiskPM.sys (Lenovo, Ltd. and IBM Corporation)
DRV - (tpflhlp [On_Demand | Stopped]) -- c:\Program Files\Lenovo\System Update\session\7cuj22us\tpflhlp.sys (Lenovo Group Limited)
DRV - (TPHKDRV [System | Running]) -- C:\WINDOWS\system32\DRIVERS\TPHKDRV.sys (IBM Corporation)
DRV - (TPInput [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\TPInput.sys (Lenovo, Ltd. and IBM Corporation.)
DRV - (TPM [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\tpm.sys ()
DRV - (TPM11 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\nsctpm11.sys ()
DRV - (TPPWRIF [System | Running]) -- C:\WINDOWS\System32\drivers\Tppwrif.sys ()
DRV - (TSMAPIP [System | Running]) -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS ()
DRV - (ultra [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (viamraid [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\viamraid.sys (VIA Technologies inc,.ltd)
DRV - (w22n51 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\w22n51.sys (Intel® Corporation)
DRV - (w29n51 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\w29n51.sys (Intel® Corporation)
DRV - (w39n51 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\w39n51.sys (Intel® Corporation)
DRV - (winachsf [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\hsx_cnxt.sys (Conexant Systems, Inc.)
DRV - (xnacc [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\xnacc.sys (Microsoft Corporation)
DRV - ({6080A529-897E-4629-A488-ABA0C29B635E} [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ialmsbw.sys (Intel Corporation)
DRV - ({D31A0762-0CEB-444e-ACFF-B049A1F6FE91} [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ialmkchw.sys (Intel Corporation)
DRV - ({E2B953A6-195A-44F9-9BA3-3D5F4E32BB55} [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\wA301a.sys (Intel Corporation)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\PROGRAM FILES\AVG\AVG8\FIREFOX [2009/01/30 12:53:04 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\firefox\extensions\\{E2CD71C8-7721-4B9B-8EB9-67C3834C0AFE}: C:\DOCUMENTS AND SETTINGS\MOBILE STUDENT.L3T2104\LOCAL SETTINGS\APPLICATION DATA\{E2CD71C8-7721-4B9B-8EB9-67C3834C0AFE} [2009/05/05 17:06:23 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\mozilla firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/05/06 16:17:54 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\mozilla firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/05/06 16:17:54 | 00,000,000 | ---D | M]

[2009/05/05 17:06:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\mozilla\Extensions
[2009/05/05 17:06:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/11 22:55:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\mozilla\Firefox\Profiles\default.b0h\extensions
[2008/09/11 10:58:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\mozilla\Firefox\Profiles\default.b0h\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
[2009/02/20 03:48:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\mozilla\Firefox\Profiles\default.b0h\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2008/04/28 23:32:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\mozilla\Firefox\Profiles\default.b0h\extensions\[email protected]
[2009/05/11 22:55:11 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/05/06 16:17:48 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/07/18 13:04:24 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[2007/11/05 17:47:22 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2009/05/06 16:17:48 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/05/06 16:17:48 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/03/26 14:56:22 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/03/26 14:56:22 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/03/26 14:56:22 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/03/26 14:56:22 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/03/26 14:56:22 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/03/26 14:56:22 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/03/26 14:56:22 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (31356 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 137.99.107.146 sbvacuum
O1 - Hosts: 127.0.0.1 babe.the-killer.bz
O1 - Hosts: 127.0.0.1 babe.k-lined.com
O1 - Hosts: 127.0.0.1 did.i-used.cc
O1 - Hosts: 127.0.0.1 coolwwwsearch.com
O1 - Hosts: 127.0.0.1 coolwebsearch.com
O1 - Hosts: 127.0.0.1 hi.studioaperto.net
O1 - Hosts: 127.0.0.1 www.webbrowser.tv
O1 - Hosts: 127.0.0.1 www.wazzupnet.com
O1 - Hosts: 127.0.0.1 gueb.com
O1 - Hosts: 127.0.0.1 kabex.com
O1 - Hosts: 127.0.0.1 www.hityou.com
O1 - Hosts: 127.0.0.1 miosearch.com
O1 - Hosts: 127.0.0.1 wazzupnet.com
O1 - Hosts: 127.0.0.1 213.131.225.2
O1 - Hosts: 127.0.0.1 www.blue-elefant.com
O1 - Hosts: 127.0.0.1 babeweb.de
O1 - Hosts: 127.0.0.1 start-seite.com
O1 - Hosts: 127.0.0.1 sexolymp.com
O1 - Hosts: 127.0.0.1 toriii.cc
O1 - Hosts: 127.0.0.1 www.xtipp.de
O1 - Hosts: 127.0.0.1 urawa.cool.ne.jp
O1 - Hosts: 127.0.0.1 777search.com
O1 - Hosts: 127.0.0.1 ace-webmaster.com
O1 - Hosts: 1138 more lines...
O2 - BHO: (no name) - {f6db979b-2636-413d-a4a2-f5c5e57f0dda} - C:\WINDOWS\system32\ligezupo.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [c00b7891] rundll32.exe "C:\WINDOWS\system32\vusiwumi.dll",b ()
O4 - HKLM..\Run: [CPMc3384b0d] Rundll32.exe "c:\windows\system32\hihogufe.dll",a ()
O4 - HKLM..\Run: [Froyehohice] rundll32.exe "C:\WINDOWS\utonokec.dll",e ()
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [prnet] "C:\WINDOWS\system32\prnet.tmp" File not found
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [veduruloni] Rundll32.exe "C:\WINDOWS\system32\ruwetivu.dll",s ()
O4 - HKLM..\Run: [wekewfjo983mkefdd] C:\temp\winlogan.exe File not found
O4 - HKCU..\Run: [] C:\WINDOWS\TEMP\xw4o4j84e.exe File not found
O4 - HKCU..\Run: [12CFG515-K641-55SF-N66P] C:\RECYCLER\S-1-5-21-0243636035-3055115376-381863306-1556\pqlmq.exe File not found
O4 - HKCU..\Run: [12ZFG94-F641-2SF-K31P-5N1ER6H6L2] C:\RECYCLER\S-1-5-21-1070215182-3451044185-586260353-7454\service.exe File not found
O4 - HKCU..\Run: [A00F10F1AA6.exe] c:\temp\_A00F10F1AA6.exe File not found
O4 - HKCU..\Run: [A00F612EE.exe] c:\temp\_A00F612EE.exe File not found
O4 - HKCU..\Run: [A00FB135BCE.exe] C:\WINDOWS\TEMP\_A00FB135BCE.exe File not found
O4 - HKCU..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp (AOL LLC)
O4 - HKCU..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun (DT Soft Ltd)
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTProAgent.exe -autorun (DT Soft Ltd)
O4 - HKCU..\Run: [Diagnostic Manager] c:\temp\3653969772.exe File not found
O4 - HKCU..\Run: [mwkf] C:\PROGRA~1\COMMON~1\mwkf\mwkfm.exe File not found
O4 - HKCU..\Run: [prnet] "C:\WINDOWS\system32\prnet.tmp" File not found
O4 - HKCU..\Run: [reader_s] C:\Documents and Settings\Mobile Student.L3T2104\reader_s.exe File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SYS32DLL] SYS32DLL File not found
O4 - HKCU..\Run: [uidenhiufgsduiazghs] C:\WINDOWS\TEMP\xw4o4j84e.exe File not found
O4 - HKCU..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S File not found
O4 - HKCU..\Run: [wekewfjo983mkefdd] C:\temp\winlogan.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O4 - Startup: C:\Documents and Settings\Mobile Student.L3T2104\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Mobile Student.L3T2104\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk = C:\temp\{2AA2B3F0-0240-44C3-8707-7BCB7DC62BDF}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonType = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: AllowMultipleTSSessions = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingPage = 1
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe ()
O9 - Extra 'Tools' menuitem : Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.micros...cs/i386/fhg.CAB (Reg Error: Key error.)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.micros...ntent/opuc2.cab (Office Update Installation Engine)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1184784460796 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1184784452078 (MUWebControl Class)
O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} http://www-307.ibm.c...rt/IbmEgath.cab (IBM Access Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupd...8188.3206018519 (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\windows\system32\torayiya.dll) - c:\windows\system32\torayiya.dll File not found
O20 - AppInit_DLLs: (c:\windows\system32\zetifaro.dll) - c:\windows\system32\zetifaro.dll ()
O20 - AppInit_DLLs: (C:\WINDOWS\system32\sejoduma.dll) - C:\WINDOWS\system32\sejoduma.dll ()
O20 - AppInit_DLLs: (c:\windows\system32\vimizemu.dll) - c:\windows\system32\vimizemu.dll ()
O20 - AppInit_DLLs: (c:\windows\system32\zenonabi.dll) - c:\windows\system32\zenonabi.dll ()
O20 - AppInit_DLLs: (c:\windows\system32\hihogufe.dll) - c:\windows\system32\hihogufe.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\__c009D1EB: DllName - C:\WINDOWS\system32\__c009D1EB.dat - C:\WINDOWS\system32\__c009D1EB.dat ()
O20 - Winlogon\Notify\AtiExtEvent: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - File not found
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O20 - Winlogon\Notify\tpfnf2: DllName - C:\Program Files\Lenovo\HOTKEY\notifyf2.dll - C:\Program Files\Lenovo\HOTKEY\notifyf2.dll ()
O20 - Winlogon\Notify\tphotkey: DllName - C:\Program Files\Lenovo\HOTKEY\tphklock.dll - C:\Program Files\Lenovo\HOTKEY\tphklock.dll ()
O20 - Winlogon\Notify\urqQhgdB: DllName - urqQhgdB.dll - File not found
O20 - Winlogon\Notify\yayaWNgE: DllName - yayaWNgE.dll - File not found
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\hihogufe.dll ()
O22 - SharedTaskScheduler: {C2BA40A1-74F3-42BD-F434-12345A2C8953} - sdfsefsfdvdubgiungfuyd - C:\WINDOWS\system32\jkshfuiehi.dll File not found
O22 - SharedTaskScheduler: {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - STS - c:\windows\system32\hihogufe.dll ()
O28 - HKLM ShellExecuteHooks: {A8C43087-AC23-4C6D-91E5-D49D744F6E02} - C:\WINDOWS\system32\urqQhgdB.dll File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/07/19 04:14:38 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[4 C:\WINDOWS\System32\*.tmp files]
[2009/05/13 16:10:09 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/13 16:09:30 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\OTListIt2.exe
[2009/05/13 16:09:08 | 00,267,612 | ---- | C] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\Rooter.exe
[2009/05/13 15:56:43 | 01,406,496 | -HS- | C] () -- C:\WINDOWS\System32\imuwisuv.ini
[2009/05/12 17:08:01 | 00,000,000 | ---D | C] -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\SmitfraudFix
[2009/05/11 20:37:22 | 00,000,121 | -HS- | C] () -- C:\WINDOWS\System32\onisijod.ini
[2009/05/10 23:48:38 | 53,878,008 | ---- | C] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\Misty.rar.003
[2009/05/10 23:48:33 | 57,671,680 | ---- | C] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\Misty.rar.002
[2009/05/10 23:29:58 | 01,433,129 | -HS- | C] () -- C:\WINDOWS\System32\izazabun.ini
[2009/05/10 04:12:13 | 01,433,106 | -HS- | C] () -- C:\WINDOWS\System32\izejikuy.ini
[2009/05/10 03:48:26 | 01,883,662 | ---- | C] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\SmitfraudFix.exe
[2009/05/10 03:47:31 | 58,581,564 | ---- | C] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\atfc225.rar
[2009/05/09 23:17:56 | 27,871,550 | ---- | C] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\borok78.part6.rar
[2009/05/09 23:06:06 | 91,136,816 | ---- | C] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\borok78.part2.rar.part
[2009/05/09 23:06:06 | 88,431,436 | ---- | C] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\borok78.part3.rar.part
[2009/05/09 18:48:57 | 00,263,886 | ---- | C] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\Raw Material Viscosity-1.docx
[2009/05/06 22:15:58 | 00,577,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lhabvtwrf
[2009/05/06 22:15:50 | 00,096,892 | ---- | C] () -- C:\WINDOWS\System32\drivers\a46dd317.sys
[2009/05/06 22:15:42 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\__c009439E.dat
[2009/05/06 20:19:45 | 00,087,164 | ---- | C] () -- C:\WINDOWS\System32\drivers\f632c963.sys
[2009/05/06 20:19:36 | 00,577,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sjyllenph
[2009/05/06 20:19:27 | 00,037,376 | ---- | C] () -- C:\vfmf.exe
[2009/05/06 20:18:54 | 00,007,680 | ---- | C] () -- C:\ueksxwdu.exe
[2009/05/06 20:18:49 | 00,113,664 | ---- | C] () -- C:\prylxoqb.exe
[2009/05/06 16:16:43 | 00,000,121 | -HS- | C] () -- C:\WINDOWS\System32\avinajuk.ini
[2009/05/06 05:47:04 | 00,577,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cigd
[2009/05/06 05:44:51 | 00,103,932 | ---- | C] () -- C:\WINDOWS\System32\drivers\44431eca.sys
[2009/05/06 05:44:33 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\__c005047B.dat
[2009/05/06 05:13:59 | 01,406,496 | -HS- | C] () -- C:\WINDOWS\System32\umefakis.ini
[2009/05/06 00:47:58 | 00,101,372 | ---- | C] () -- C:\WINDOWS\System32\drivers\8105a63e.sys
[2009/05/06 00:47:44 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\__c0066B5C.dat
[2009/05/05 17:07:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\796525
[2009/05/05 17:07:09 | 00,000,000 | ---D | C] -- C:\Program Files\MATLAB
[2009/05/05 17:07:09 | 00,000,000 | ---D | C] -- C:\DOCUME~1\ALLUSE~1\Application Data\DAEMON Tools Lite
[2009/05/05 17:06:29 | 00,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Pro
[2009/05/05 17:06:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\DAEMON Tools Pro
[2009/05/05 16:48:37 | 00,111,100 | ---- | C] () -- C:\WINDOWS\System32\drivers\100e38ee.sys
[2009/05/05 16:48:33 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\__c00A30A6.dat
[2009/05/05 16:30:58 | 00,111,100 | ---- | C] () -- C:\WINDOWS\System32\drivers\a7bb0515.sys
[2009/05/05 15:57:33 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Cpexadape.binCpexadape.bin
[2009/05/05 15:51:47 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\__c00B7389.dat
[2009/05/05 15:51:46 | 00,000,157 | ---- | C] () -- C:\xcrashdump.dat
[2009/05/05 15:51:34 | 00,037,376 | ---- | C] () -- C:\tqrsiug.exe
[2009/05/05 15:51:24 | 00,007,168 | ---- | C] () -- C:\poedmta.exe
[2009/05/05 15:51:14 | 00,113,664 | ---- | C] () -- C:\nmutwl.exe
[2009/05/05 15:26:39 | 00,000,001 | ---- | C] () -- C:\WINDOWS\9g2234wesdf3dfgjf23
[2009/05/05 15:24:40 | 00,000,002 | -H-- | C] () -- C:\WINDOWS\t55ft2692f44.dat
[2009/05/05 15:23:42 | 00,111,612 | ---- | C] () -- C:\WINDOWS\System32\drivers\659251c9.sys
[2009/05/05 15:23:37 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\__c009D1EB.dat
[2009/05/05 15:23:35 | 00,037,376 | ---- | C] () -- C:\cuysn.exe
[2009/05/05 15:23:28 | 00,577,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sxhymvb
[2009/05/05 15:23:22 | 00,007,168 | ---- | C] () -- C:\dtmb.exe
[2009/05/05 15:23:19 | 00,113,664 | ---- | C] () -- C:\iriddiia.exe
[2009/05/05 15:23:14 | 00,064,512 | ---- | C] () -- C:\gtybiqd.exe
[2009/05/04 18:18:51 | 01,406,509 | -HS- | C] () -- C:\WINDOWS\System32\ijovuneg.ini
[2009/05/04 06:00:54 | 04,029,895 | ---- | C] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\File0014.PDF
[2009/05/04 05:59:23 | 00,002,713 | -HS- | C] () -- C:\WINDOWS\System32\zofisuvu.exe
[2009/05/03 15:35:29 | 00,000,000 | ---- | C] () -- C:\WINDOWS\mqcd.dbt
[2009/05/03 15:34:32 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\inqby.sr
[2009/05/03 15:34:31 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\ferryl.cbv
[2009/05/03 15:34:30 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\fairy.an
[2009/05/03 15:34:30 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\dolman.zt
[2009/05/03 15:34:29 | 00,079,360 | ---- | C] () -- C:\WINDOWS\System32\ashl.nq
[2009/05/03 15:34:23 | 00,262,144 | ---- | C] () -- C:\WINDOWS\System32\nvrsk.dll
[2009/05/03 15:34:21 | 00,113,664 | ---- | C] () -- C:\WINDOWS\System32\azton.mt
[2009/05/03 15:34:19 | 00,113,664 | ---- | C] () -- C:\kggi.exe
[2009/05/03 15:34:11 | 00,008,704 | ---- | C] () -- C:\WINDOWS\instsp2.exe
[2009/05/03 03:33:45 | 00,002,713 | -HS- | C] () -- C:\WINDOWS\System32\yilejino.exe
[2009/05/02 21:08:25 | 00,000,162 | -H-- | C] () -- C:\DOCUME~1\MOBILE~1.L3T\My Documents\~$fopticsSL&SW.doc
[2009/04/30 23:59:38 | 00,000,165 | -H-- | C] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\~$dymaxpresentation.pptx
[2009/04/30 19:49:05 | 00,013,824 | -HS- | C] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\Thumbs.db
[2009/04/30 19:04:56 | 00,002,713 | -HS- | C] () -- C:\WINDOWS\System32\huyawuma.dll
[2009/04/30 19:04:54 | 00,002,713 | -HS- | C] () -- C:\WINDOWS\System32\lisuzise.exe
[2009/04/28 13:42:47 | 00,058,880 | ---- | C] () -- C:\DOCUME~1\MOBILE~1.L3T\My Documents\sofopticsSL&SW.doc
[2009/04/27 21:45:28 | 00,489,984 | ---- | C] () -- C:\DOCUME~1\MOBILE~1.L3T\My Documents\dymax1poster.doc
[2009/04/27 21:34:22 | 00,010,240 | -HS- | C] () -- C:\DOCUME~1\MOBILE~1.L3T\My Documents\Thumbs.db
[2009/04/27 21:34:07 | 00,017,895 | ---- | C] () -- C:\DOCUME~1\MOBILE~1.L3T\My Documents\Picture1.jpg
[2009/04/24 04:22:03 | 00,002,713 | -HS- | C] () -- C:\WINDOWS\System32\vusirawa.dll
[2009/04/24 04:21:43 | 00,002,713 | -HS- | C] () -- C:\WINDOWS\System32\juwotiko.exe
[2009/04/24 04:21:43 | 00,002,713 | -HS- | C] () -- C:\WINDOWS\System32\hakifufi.dll
[2009/04/24 03:29:19 | 17,022,464 | ---- | C] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\MEM Senior Desgn Brochure_2009.ppt
[2009/04/23 18:10:34 | 00,308,736 | ---- | C] () -- C:\DOCUME~1\MOBILE~1.L3T\My Documents\brochuredymax1.ppt
[2009/04/23 01:34:01 | 00,083,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\bfpmpecyeaycbcqh.sys
[2009/04/22 00:25:27 | 00,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar
[2009/04/22 00:25:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\DAEMON Tools Lite
[2009/04/22 00:19:25 | 00,001,595 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\DAEMON Tools Pro.lnk
[2009/04/22 00:16:20 | 00,000,000 | ---D | C] -- C:\DOCUME~1\ALLUSE~1\Application Data\DAEMON Tools Pro
[2009/04/21 12:27:23 | 00,033,792 | ---- | C] () -- C:\DOCUME~1\MOBILE~1.L3T\My Documents\Bonus Problem 13.doc
[2009/04/16 19:10:02 | 00,141,643 | ---- | C] () -- C:\DOCUME~1\MOBILE~1.L3T\My Documents\corningglassSL&SW.docx
[2009/04/16 02:02:09 | 00,213,918 | ---- | C] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\scan.JPG
[2009/04/15 02:49:38 | 00,141,647 | ---- | C] () -- C:\DOCUME~1\MOBILE~1.L3T\My Documents\Corning Glass WorksSL.docx
[2009/02/13 15:56:22 | 00,087,552 | -HS- | C] () -- C:\WINDOWS\System32\hihogufe.dll
[2009/02/13 15:56:22 | 00,079,872 | -HS- | C] () -- C:\WINDOWS\System32\vusiwumi.dll
[2009/02/12 17:54:13 | 00,088,064 | -HS- | C] () -- C:\WINDOWS\System32\wapifiwa.dll
[2009/02/12 17:54:13 | 00,080,384 | -HS- | C] () -- C:\WINDOWS\System32\hejivego.dll
[2009/02/11 19:57:37 | 00,088,064 | -HS- | C] () -- C:\WINDOWS\System32\zenonabi.dll
[2009/02/11 19:57:37 | 00,080,384 | -HS- | C] () -- C:\WINDOWS\System32\dojisino.dll
[2009/02/10 23:29:53 | 00,088,064 | -HS- | C] () -- C:\WINDOWS\System32\vimizemu.dll
[2009/02/10 23:29:53 | 00,080,384 | -HS- | C] () -- C:\WINDOWS\System32\nubazazi.dll
[2009/02/10 04:12:03 | 00,087,552 | -HS- | C] () -- C:\WINDOWS\System32\lenidure.dll
[2009/02/09 16:13:31 | 00,087,552 | -HS- | C] () -- C:\WINDOWS\System32\buyaneju.dll
[2009/02/06 16:10:46 | 00,049,664 | -HS- | C] () -- C:\WINDOWS\System32\sejoduma.dll
[2009/02/06 16:10:46 | 00,049,664 | -HS- | C] () -- C:\WINDOWS\System32\ruwetivu.dll
[2009/02/06 16:10:46 | 00,049,664 | -HS- | C] () -- C:\WINDOWS\System32\ligezupo.dll
[2009/02/06 16:10:11 | 00,087,552 | -HS- | C] () -- C:\WINDOWS\System32\yofebuwo.dll
[2009/02/06 16:10:11 | 00,049,664 | -HS- | C] () -- C:\WINDOWS\System32\rugedeti.dll
[2009/02/06 03:22:20 | 00,087,040 | -HS- | C] () -- C:\WINDOWS\System32\jogiduji.dll
[2009/02/06 03:22:20 | 00,078,848 | -HS- | C] () -- C:\WINDOWS\System32\sikafemu.dll
[2009/02/05 15:23:06 | 00,079,872 | -HS- | C] () -- C:\WINDOWS\System32\menudowe.dll
[2009/02/05 15:23:04 | 00,088,064 | -HS- | C] () -- C:\WINDOWS\System32\zetifaro.dll
[2009/02/04 18:18:35 | 00,088,576 | -HS- | C] () -- C:\WINDOWS\System32\fuferatu.dll.vir
[2009/02/04 18:18:34 | 00,079,872 | ---- | C] () -- C:\WINDOWS\System32\genuvoji.dll
[2009/02/03 15:34:11 | 00,087,040 | -HS- | C] () -- C:\WINDOWS\System32\waritili.dll
[2009/02/03 15:34:11 | 00,079,872 | -HS- | C] () -- C:\WINDOWS\System32\yamiluyu.dll
[2009/02/03 05:11:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\pusikdod.dll
[2009/02/03 05:11:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\gfvknq.dll
[2009/02/02 05:07:44 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\mgkbaa.dll
[2009/02/01 05:06:14 | 00,329,582 | -HS- | C] () -- C:\WINDOWS\System32\GhjPonmp.ini
[2009/01/30 18:57:07 | 00,002,048 | -HS- | C] () -- C:\WINDOWS\System32\mobesagi.dll
[2009/01/30 18:57:07 | 00,002,048 | -HS- | C] () -- C:\WINDOWS\System32\kodupowe.dll
[2009/01/29 22:48:54 | 00,079,360 | -HS- | C] () -- C:\WINDOWS\System32\mubakopu.dll
[2009/01/29 22:48:52 | 00,087,040 | -HS- | C] () -- C:\WINDOWS\System32\mekawiba.dll
[2009/01/29 10:47:08 | 00,088,576 | -HS- | C] () -- C:\WINDOWS\System32\leroyage.dll
[2009/01/27 19:35:15 | 00,088,064 | -HS- | C] () -- C:\WINDOWS\System32\giletisa.dll
[2009/01/27 19:35:15 | 00,079,872 | ---- | C] () -- C:\WINDOWS\System32\dorulelo.dll
[2009/01/27 05:32:41 | 00,079,872 | ---- | C] () -- C:\WINDOWS\System32\detadihi.dll
[2009/01/27 05:32:40 | 00,087,552 | -HS- | C] () -- C:\WINDOWS\System32\honimava.dll
[2009/01/26 17:32:18 | 00,087,552 | -HS- | C] () -- C:\WINDOWS\System32\piyuzula.dll
[2009/01/26 17:32:17 | 00,079,872 | ---- | C] () -- C:\WINDOWS\System32\jayoniyo.dll
[2009/01/26 05:31:52 | 00,079,872 | ---- | C] () -- C:\WINDOWS\System32\kirekuho.dll
[2009/01/26 05:31:51 | 00,087,552 | -HS- | C] () -- C:\WINDOWS\System32\jafigega.dll
[2009/01/25 17:33:21 | 00,088,576 | -HS- | C] () -- C:\WINDOWS\System32\yururufo.dll
[2009/01/25 17:33:21 | 00,079,360 | ---- | C] () -- C:\WINDOWS\System32\rutadefo.dll
[2009/01/25 01:09:57 | 00,087,040 | -HS- | C] () -- C:\WINDOWS\System32\kulejinu.dll
[2009/01/25 01:09:57 | 00,079,360 | ---- | C] () -- C:\WINDOWS\System32\tulededa.dll
[2009/01/23 16:20:29 | 00,088,576 | -HS- | C] () -- C:\WINDOWS\System32\zoyokuvu.dll
[2009/01/23 16:20:29 | 00,080,896 | ---- | C] () -- C:\WINDOWS\System32\viweyeju.dll
[2009/01/23 16:20:29 | 00,049,152 | -HS- | C] () -- C:\WINDOWS\System32\gadozohu.dll
[2009/01/23 13:13:18 | 00,000,051 | ---- | C] () -- C:\WINDOWS\rocksoft.ini
[2009/01/23 01:24:20 | 00,088,576 | -HS- | C] () -- C:\WINDOWS\System32\zuwupima.dll
[2009/01/23 01:24:20 | 00,079,872 | ---- | C] () -- C:\WINDOWS\System32\jozuwitu.dll
[2008/10/05 20:15:33 | 00,000,031 | ---- | C] () -- C:\WINDOWS\WebUpdateSvc4.INI
[2008/09/11 22:41:47 | 00,000,212 | ---- | C] () -- C:\WINDOWS\imr.ini
[2008/09/11 17:23:32 | 00,000,243 | ---- | C] () -- C:\WINDOWS\ime.ini
[2008/09/11 17:21:34 | 00,000,195 | ---- | C] () -- C:\WINDOWS\imp.ini
[2008/07/30 00:56:55 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2008/07/27 04:29:37 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\964f8830.sys
[2008/01/26 19:14:09 | 00,000,160 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2008/01/21 20:42:02 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/01/08 15:45:40 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4859.dll
[2008/01/08 15:42:43 | 00,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2007/12/11 10:30:18 | 02,115,816 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2007/07/20 10:28:49 | 00,000,153 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2007/02/26 20:34:34 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4785.dll
[2006/12/29 11:53:53 | 00,593,920 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/12/29 11:53:53 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/12/29 11:53:52 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2006/12/29 11:53:50 | 00,010,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2006/12/29 11:53:50 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2006/11/11 14:23:14 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/11/11 14:23:14 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/11/11 14:23:14 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/11/11 14:23:14 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/11/11 14:23:14 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/11/11 14:23:14 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/08/07 16:02:14 | 00,182,656 | ---- | C] () -- C:\WINDOWS\System32\drivers\symndis.sys
[2006/07/27 15:20:43 | 00,000,338 | ---- | C] () -- C:\WINDOWS\WebUpdateSvc.INI
[2006/07/26 11:55:01 | 00,012,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS
[2006/07/25 13:13:57 | 00,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2006/07/18 13:48:03 | 00,004,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\TPPWRIF.SYS
[2005/12/20 15:51:20 | 00,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2005/11/30 20:16:02 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\tphklock.dll
[2005/10/09 21:35:28 | 00,017,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\tpm.sys
[2005/10/09 21:33:02 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\Tddl.dll
[2005/07/05 23:45:08 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\notifyf2.dll
[2005/04/21 16:44:54 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\drivers\nsctpm11.sys
[2004/11/12 12:00:12 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/07/21 19:07:10 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/07/21 13:25:18 | 00,011,270 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2004/07/21 13:04:58 | 00,001,125 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2004/07/21 12:40:20 | 00,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2004/07/20 15:38:44 | 00,000,510 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/07/20 13:29:12 | 00,000,000 | ---- | C] () -- C:\WINDOWS\frontpg.ini
[2004/07/20 12:50:15 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/07/19 21:51:49 | 00,009,343 | ---- | C] () -- C:\WINDOWS\System32\drivers\TDSMAPI.SYS
[2004/07/19 21:04:29 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2004/07/19 20:26:58 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2004/07/19 20:26:43 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\tpinspm.dll
[2003/04/17 12:35:00 | 00,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2003/04/17 12:35:00 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2001/08/23 08:00:00 | 00,156,672 | ---- | C] () -- C:\WINDOWS\utonokec.dll
[2001/08/23 08:00:00 | 00,000,650 | ---- | C] () -- C:\WINDOWS\win.ini
[2001/08/23 08:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini

========== Files - Modified Within 30 Days ==========

[4 C:\WINDOWS\System32\*.tmp files]
[8 C:\WINDOWS\*.tmp files]
[2 C:\DOCUME~1\MOBILE~1.L3T\My Documents\*.tmp files]
[2009/05/13 16:31:53 | 00,011,168 | -H-- | M] () -- C:\WINDOWS\System32\zivovihu
[2009/05/13 16:30:04 | 00,087,164 | ---- | M] () -- C:\WINDOWS\System32\drivers\f632c963.sys
[2009/05/13 16:30:00 | 00,111,612 | ---- | M] () -- C:\WINDOWS\System32\drivers\659251c9.sys
[2009/05/13 16:30:00 | 00,103,932 | ---- | M] () -- C:\WINDOWS\System32\drivers\44431eca.sys
[2009/05/13 16:29:59 | 00,096,892 | ---- | M] () -- C:\WINDOWS\System32\drivers\a46dd317.sys
[2009/05/13 16:18:03 | 01,406,496 | -HS- | M] () -- C:\WINDOWS\System32\imuwisuv.ini
[2009/05/13 16:09:35 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\OTListIt2.exe
[2009/05/13 16:09:10 | 00,267,612 | ---- | M] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\Rooter.exe
[2009/05/13 16:00:05 | 00,526,534 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/05/13 16:00:05 | 00,445,096 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/05/13 16:00:05 | 00,072,554 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/05/13 15:56:47 | 36,044,111 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/05/13 15:56:40 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/13 15:56:26 | 00,027,648 | ---- | M] () -- C:\WINDOWS\System32\__c009D1EB.dat
[2009/05/13 15:56:23 | 00,087,552 | -HS- | M] () -- C:\WINDOWS\System32\hihogufe.dll
[2009/05/13 15:56:23 | 00,079,872 | -HS- | M] () -- C:\WINDOWS\System32\vusiwumi.dll
[2009/05/13 15:54:20 | 00,000,062 | -HS- | M] () -- C:\DOCUME~1\MOBILE~1.L3T\Local Settings\desktop.ini
[2009/05/13 15:54:02 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/12 17:54:13 | 00,088,064 | -HS- | M] () -- C:\WINDOWS\System32\wapifiwa.dll
[2009/05/12 17:12:01 | 00,003,134 | ---- | M] () -- C:\WINDOWS\System32\tmp.reg
[2009/05/12 16:55:47 | 00,053,730 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/05/11 22:55:15 | 00,000,157 | ---- | M] () -- C:\xcrashdump.dat
[2009/05/11 20:37:22 | 00,000,121 | -HS- | M] () -- C:\WINDOWS\System32\onisijod.ini
[2009/05/11 19:57:38 | 00,080,384 | -HS- | M] () -- C:\WINDOWS\System32\dojisino.dll
[2009/05/11 19:57:37 | 00,088,064 | -HS- | M] () -- C:\WINDOWS\System32\zenonabi.dll
[2009/05/11 01:20:10 | 01,433,129 | -HS- | M] () -- C:\WINDOWS\System32\izazabun.ini
[2009/05/10 23:54:26 | 57,671,680 | ---- | M] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\Misty.rar.002
[2009/05/10 23:54:02 | 53,878,008 | ---- | M] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\Misty.rar.003
[2009/05/10 23:29:54 | 00,080,384 | -HS- | M] () -- C:\WINDOWS\System32\nubazazi.dll
[2009/05/10 23:29:53 | 00,088,064 | -HS- | M] () -- C:\WINDOWS\System32\vimizemu.dll
[2009/05/10 04:39:18 | 01,433,106 | -HS- | M] () -- C:\WINDOWS\System32\izejikuy.ini
[2009/05/10 04:12:03 | 00,087,552 | -HS- | M] () -- C:\WINDOWS\System32\lenidure.dll
[2009/05/10 03:48:26 | 01,883,662 | ---- | M] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\SmitfraudFix.exe
[2009/05/10 03:48:17 | 58,581,564 | ---- | M] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\atfc225.rar
[2009/05/10 03:06:14 | 00,000,016 | ---- | M] () -- C:\WINDOWS\Cpexadape.bin
[2009/05/09 23:30:09 | 00,270,192 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/09 23:21:11 | 27,871,550 | ---- | M] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\borok78.part6.rar
[2009/05/09 23:12:52 | 91,136,816 | ---- | M] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\borok78.part2.rar.part
[2009/05/09 23:12:52 | 88,431,436 | ---- | M] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\borok78.part3.rar.part
[2009/05/09 22:54:13 | 00,263,886 | ---- | M] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\Raw Material Viscosity-1.docx
[2009/05/09 19:13:22 | 01,018,285 | ---- | M] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\dymaxpresentation.pptx
[2009/05/09 16:13:32 | 00,087,552 | -HS- | M] () -- C:\WINDOWS\System32\buyaneju.dll
[2009/05/09 15:24:05 | 00,434,673 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/05/08 15:45:02 | 00,028,672 | ---- | M] () -- C:\WINDOWS\System32\inqby.sr
[2009/05/08 15:45:01 | 00,032,768 | ---- | M] () -- C:\WINDOWS\System32\ferryl.cbv
[2009/05/08 15:45:01 | 00,032,768 | ---- | M] () -- C:\WINDOWS\System32\fairy.an
[2009/05/08 15:45:00 | 00,079,360 | ---- | M] () -- C:\WINDOWS\System32\ashl.nq
[2009/05/08 15:45:00 | 00,028,672 | ---- | M] () -- C:\WINDOWS\System32\dolman.zt
[2009/05/06 22:15:40 | 00,037,376 | ---- | M] () -- C:\vfmf.exe
[2009/05/06 22:15:24 | 00,000,002 | ---- | M] () -- C:\-1072990146
[2009/05/06 22:15:21 | 00,007,680 | ---- | M] () -- C:\ueksxwdu.exe
[2009/05/06 22:15:16 | 00,113,664 | ---- | M] () -- C:\WINDOWS\System32\azton.mt
[2009/05/06 22:15:16 | 00,113,664 | ---- | M] () -- C:\prylxoqb.exe
[2009/05/06 16:16:43 | 00,000,121 | -HS- | M] () -- C:\WINDOWS\System32\avinajuk.ini
[2009/05/06 16:10:42 | 00,049,664 | -HS- | M] () -- C:\WINDOWS\System32\rugedeti.dll
[2009/05/06 16:10:12 | 00,087,552 | -HS- | M] () -- C:\WINDOWS\System32\yofebuwo.dll
[2009/05/06 05:44:30 | 00,037,376 | ---- | M] () -- C:\tqrsiug.exe
[2009/05/06 05:44:17 | 00,007,168 | ---- | M] () -- C:\poedmta.exe
[2009/05/06 05:44:10 | 00,113,664 | ---- | M] () -- C:\nmutwl.exe
[2009/05/06 05:35:21 | 01,406,496 | -HS- | M] () -- C:\WINDOWS\System32\umefakis.ini
[2009/05/06 03:22:21 | 00,087,040 | -HS- | M] () -- C:\WINDOWS\System32\jogiduji.dll
[2009/05/06 03:22:21 | 00,078,848 | -HS- | M] () -- C:\WINDOWS\System32\sikafemu.dll
[2009/05/06 00:47:58 | 00,101,372 | ---- | M] () -- C:\WINDOWS\System32\drivers\8105a63e.sys
[2009/05/06 00:16:35 | 01,406,509 | -HS- | M] () -- C:\WINDOWS\System32\ijovuneg.ini
[2009/05/05 16:48:37 | 00,111,100 | ---- | M] () -- C:\WINDOWS\System32\drivers\100e38ee.sys
[2009/05/05 16:30:58 | 00,111,100 | ---- | M] () -- C:\WINDOWS\System32\drivers\a7bb0515.sys
[2009/05/05 15:57:33 | 00,000,000 | ---- | M] () -- C:\WINDOWS\Cpexadape.binCpexadape.bin
[2009/05/05 15:32:14 | 00,182,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndis.sys
[2009/05/05 15:32:14 | 00,182,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndis.sys
[2009/05/05 15:26:39 | 00,000,001 | ---- | M] () -- C:\WINDOWS\9g2234wesdf3dfgjf23
[2009/05/05 15:24:40 | 00,000,002 | -H-- | M] () -- C:\WINDOWS\t55ft2692f44.dat
[2009/05/05 15:23:36 | 00,037,376 | ---- | M] () -- C:\cuysn.exe
[2009/05/05 15:23:22 | 00,007,168 | ---- | M] () -- C:\dtmb.exe
[2009/05/05 15:23:20 | 00,113,664 | ---- | M] () -- C:\iriddiia.exe
[2009/05/05 15:23:15 | 00,064,512 | ---- | M] () -- C:\gtybiqd.exe
[2009/05/05 15:23:07 | 00,079,872 | -HS- | M] () -- C:\WINDOWS\System32\menudowe.dll
[2009/05/05 15:23:07 | 00,008,704 | ---- | M] () -- C:\WINDOWS\instsp2.exe
[2009/05/05 15:23:06 | 00,088,064 | -HS- | M] () -- C:\WINDOWS\System32\zetifaro.dll
[2009/05/05 15:23:06 | 00,051,712 | -HS- | M] () -- C:\WINDOWS\System32\zuwozozo.exe
[2009/05/04 18:18:37 | 00,079,872 | ---- | M] () -- C:\WINDOWS\System32\genuvoji.dll
[2009/05/04 18:18:36 | 00,088,576 | -HS- | M] () -- C:\WINDOWS\System32\fuferatu.dll.vir
[2009/05/04 18:18:35 | 00,051,200 | -HS- | M] () -- C:\WINDOWS\System32\babitote.exe
[2009/05/04 06:00:59 | 04,029,895 | ---- | M] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\File0014.PDF
[2009/05/04 05:59:23 | 00,002,713 | -HS- | M] () -- C:\WINDOWS\System32\zofisuvu.exe
[2009/05/03 15:35:29 | 00,000,000 | ---- | M] () -- C:\WINDOWS\mqcd.dbt
[2009/05/03 15:34:23 | 00,577,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\user32.DLL
[2009/05/03 15:34:23 | 00,577,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sxhymvb
[2009/05/03 15:34:23 | 00,577,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sjyllenph
[2009/05/03 15:34:23 | 00,577,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lhabvtwrf
[2009/05/03 15:34:23 | 00,577,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user32.dll
[2009/05/03 15:34:23 | 00,577,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cigd
[2009/05/03 15:34:23 | 00,262,144 | ---- | M] () -- C:\WINDOWS\System32\nvrsk.dll
[2009/05/03 15:34:19 | 00,113,664 | ---- | M] () -- C:\kggi.exe
[2009/05/03 15:34:12 | 00,087,040 | -HS- | M] () -- C:\WINDOWS\System32\waritili.dll
[2009/05/03 15:34:11 | 00,079,872 | -HS- | M] () -- C:\WINDOWS\System32\yamiluyu.dll
[2009/05/03 15:34:11 | 00,052,224 | -HS- | M] () -- C:\WINDOWS\System32\kohajawu.exe
[2009/05/03 03:33:45 | 00,002,713 | -HS- | M] () -- C:\WINDOWS\System32\yilejino.exe
[2009/05/03 00:48:58 | 00,058,880 | ---- | M] () -- C:\DOCUME~1\MOBILE~1.L3T\My Documents\sofopticsSL&SW.doc
[2009/05/02 21:08:25 | 00,000,162 | -H-- | M] () -- C:\DOCUME~1\MOBILE~1.L3T\My Documents\~$fopticsSL&SW.doc
[2009/05/02 17:17:34 | 00,000,153 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2009/05/01 10:07:11 | 00,050,688 | -HS- | M] () -- C:\WINDOWS\System32\jiyazami.exe
[2009/04/30 23:59:38 | 00,000,165 | -H-- | M] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\~$dymaxpresentation.pptx
[2009/04/30 19:49:07 | 00,013,824 | -HS- | M] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\Thumbs.db
[2009/04/30 19:04:56 | 00,002,713 | -HS- | M] () -- C:\WINDOWS\System32\huyawuma.dll
[2009/04/30 19:04:54 | 00,002,713 | -HS- | M] () -- C:\WINDOWS\System32\lisuzise.exe
[2009/04/29 22:48:56 | 00,079,360 | -HS- | M] () -- C:\WINDOWS\System32\mubakopu.dll
[2009/04/29 22:48:55 | 00,051,200 | -HS- | M] () -- C:\WINDOWS\System32\monigula.exe
[2009/04/29 22:48:54 | 00,087,040 | -HS- | M] () -- C:\WINDOWS\System32\mekawiba.dll
[2009/04/29 10:47:10 | 00,088,576 | -HS- | M] () -- C:\WINDOWS\System32\leroyage.dll
[2009/04/29 10:47:08 | 00,051,200 | -HS- | M] () -- C:\WINDOWS\System32\rufobuwa.exe
[2009/04/27 22:36:43 | 00,489,984 | ---- | M] () -- C:\DOCUME~1\MOBILE~1.L3T\My Documents\dymax1poster.doc
[2009/04/27 22:09:00 | 00,010,240 | -HS- | M] () -- C:\DOCUME~1\MOBILE~1.L3T\My Documents\Thumbs.db
[2009/04/27 21:34:07 | 00,017,895 | ---- | M] () -- C:\DOCUME~1\MOBILE~1.L3T\My Documents\Picture1.jpg
[2009/04/27 19:35:17 | 00,050,688 | -HS- | M] () -- C:\WINDOWS\System32\jokilake.exe
[2009/04/27 19:35:16 | 00,088,064 | -HS- | M] () -- C:\WINDOWS\System32\giletisa.dll
[2009/04/27 19:35:16 | 00,079,872 | ---- | M] () -- C:\WINDOWS\System32\dorulelo.dll
[2009/04/27 05:32:42 | 00,079,872 | ---- | M] () -- C:\WINDOWS\System32\detadihi.dll
[2009/04/27 05:32:41 | 00,087,552 | -HS- | M] () -- C:\WINDOWS\System32\honimava.dll
[2009/04/27 05:32:41 | 00,051,712 | -HS- | M] () -- C:\WINDOWS\System32\duwiwuse.exe
[2009/04/26 17:32:21 | 00,087,552 | -HS- | M] () -- C:\WINDOWS\System32\piyuzula.dll
[2009/04/26 17:32:20 | 00,079,872 | ---- | M] () -- C:\WINDOWS\System32\jayoniyo.dll
[2009/04/26 17:32:20 | 00,052,224 | -HS- | M] () -- C:\WINDOWS\System32\bidineli.exe
[2009/04/26 05:31:53 | 00,079,872 | ---- | M] () -- C:\WINDOWS\System32\kirekuho.dll
[2009/04/26 05:31:52 | 00,087,552 | -HS- | M] () -- C:\WINDOWS\System32\jafigega.dll
[2009/04/26 05:31:52 | 00,051,712 | -HS- | M] () -- C:\WINDOWS\System32\pazadamu.exe
[2009/04/25 17:33:23 | 00,050,688 | -HS- | M] () -- C:\WINDOWS\System32\burejabe.exe
[2009/04/25 17:33:22 | 00,088,576 | -HS- | M] () -- C:\WINDOWS\System32\yururufo.dll
[2009/04/25 17:33:22 | 00,079,360 | ---- | M] () -- C:\WINDOWS\System32\rutadefo.dll
[2009/04/25 01:09:59 | 00,052,224 | -HS- | M] () -- C:\WINDOWS\System32\kodemifa.exe
[2009/04/25 01:09:58 | 00,087,040 | -HS- | M] () -- C:\WINDOWS\System32\kulejinu.dll
[2009/04/25 01:09:58 | 00,079,360 | ---- | M] () -- C:\WINDOWS\System32\tulededa.dll
[2009/04/24 04:22:03 | 00,002,713 | -HS- | M] () -- C:\WINDOWS\System32\vusirawa.dll
[2009/04/24 04:21:43 | 00,002,713 | -HS- | M] () -- C:\WINDOWS\System32\juwotiko.exe
[2009/04/24 04:21:43 | 00,002,713 | -HS- | M] () -- C:\WINDOWS\System32\hakifufi.dll
[2009/04/24 03:30:44 | 17,022,464 | ---- | M] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\MEM Senior Desgn Brochure_2009.ppt
[2009/04/23 18:10:35 | 00,308,736 | ---- | M] () -- C:\DOCUME~1\MOBILE~1.L3T\My Documents\brochuredymax1.ppt
[2009/04/23 16:20:59 | 00,049,152 | -HS- | M] () -- C:\WINDOWS\System32\gadozohu.dll
[2009/04/23 16:20:30 | 00,080,896 | ---- | M] () -- C:\WINDOWS\System32\viweyeju.dll
[2009/04/23 16:20:29 | 00,088,576 | -HS- | M] () -- C:\WINDOWS\System32\zoyokuvu.dll
[2009/04/23 16:20:29 | 00,051,200 | -HS- | M] () -- C:\WINDOWS\System32\nijonina.exe
[2009/04/23 01:34:01 | 00,083,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\bfpmpecyeaycbcqh.sys
[2009/04/23 01:24:24 | 00,050,688 | -HS- | M] () -- C:\WINDOWS\System32\rojawati.exe
[2009/04/23 01:24:22 | 00,088,576 | -HS- | M] () -- C:\WINDOWS\System32\zuwupima.dll
[2009/04/23 01:24:22 | 00,079,872 | ---- | M] () -- C:\WINDOWS\System32\jozuwitu.dll
[2009/04/22 00:19:25 | 00,001,595 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\DAEMON Tools Pro.lnk
[2009/04/22 00:00:16 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009/04/21 14:33:42 | 00,033,792 | ---- | M] () -- C:\DOCUME~1\MOBILE~1.L3T\My Documents\Bonus Problem 13.doc
[2009/04/16 19:10:17 | 00,017,920 | ---- | M] () -- C:\DOCUME~1\MOBILE~1.L3T\My Documents\memoptim.xls
[2009/04/16 19:10:02 | 00,141,643 | ---- | M] () -- C:\DOCUME~1\MOBILE~1.L3T\My Documents\corningglassSL&SW.docx
[2009/04/16 19:09:28 | 00,141,647 | ---- | M] () -- C:\DOCUME~1\MOBILE~1.L3T\My Documents\Corning Glass WorksSL.docx
[2009/04/16 02:02:09 | 00,213,918 | ---- | M] () -- C:\DOCUME~1\MOBILE~1.L3T\Desktop\scan.JPG
[2009/04/15 15:05:59 | 00,001,366 | ---- | M] () -- C:\WINDOWS\Lhiqamukohi.dat

========== LOP Check ==========

[2009/05/12 17:12:03 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data
[2005/12/20 15:55:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\acccore
[2008/11/11 18:18:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\Adobe
[2006/07/25 13:02:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\AdobeUM
[2006/12/29 13:15:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\Aim
[2009/02/20 04:07:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\Apple Computer
[2009/01/14 10:51:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\Atari
[2007/01/10 05:47:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\ATI
[2009/03/15 17:03:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\Azureus
[2009/05/05 17:07:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\DAEMON Tools
[2009/04/22 00:26:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\DAEMON Tools Lite
[2009/05/05 17:07:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\DAEMON Tools Pro
[2008/01/26 18:53:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\fltk.org
[2008/05/20 01:01:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\Google
[2008/06/17 03:54:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\Help
[2004/07/22 14:26:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\IBM
[2004/07/22 14:26:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\Identities
[2007/12/11 10:36:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\InstallShield
[2004/07/22 14:26:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\InterVideo
[2007/07/20 11:34:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\IsolatedStorage
[2006/12/29 11:24:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\Lavasoft
[2004/07/22 14:26:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\Leadertech
[2004/07/22 14:26:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\Macromedia
[2008/09/10 19:15:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\Mathsoft
[2008/04/30 00:22:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\Media Player Classic
[2008/10/27 11:56:40 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\Microsoft
[2009/01/19 01:50:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\mIRC
[2008/04/28 23:32:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\Move Networks
[2004/07/22 14:26:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\Mozilla
[2004/07/22 14:26:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\MSN6
[2006/07/25 13:03:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\PDFcreator
[2004/07/22 14:26:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\Real
[2009/03/01 19:22:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\Rockwell Software
[2004/07/22 14:26:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\Sonic
[2004/07/22 14:26:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\Sun
[2008/01/21 17:08:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\SystemRequirementsLab
[2005/12/20 15:36:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\Talkback
[2008/07/27 23:40:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\Uniblue
[2008/02/19 02:43:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\vlc
[2008/01/21 21:38:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mobile Student.L3T2104\Application Data\WinRAR
[2009/02/20 04:04:22 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2001/08/23 08:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2008/07/26 11:24:29 | 00,000,316 | ---- | M] () -- C:\WINDOWS\Tasks\PMTask.job
[2004/07/26 21:52:03 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========

< End of report >



Rooter:
Microsoft Windows XP Professional (5.1.2600) Service Pack 2

C:\ [Fixed] - NTFS - (Total:95393 Mo/Free:1482 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)

Wed 05/13/2009|21:15

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\ibmpmsvc.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
---------- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
---------- C:\Program Files\AskBarDis\bar\bin\AskService.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\Program Files\Bonjour\mDNSResponder.exe
---------- C:\WINDOWS\System32\cisvc.exe
---------- C:\Program Files\Symantec AntiVirus\DefWatch.exe
---------- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
---------- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
---------- C:\WINDOWS\system32\nvsvc32.exe
---------- C:\WINDOWS\system32\HPZipm12.exe
---------- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
---------- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
---------- c:\Program Files\Software Secure, Inc\SSIRuntimeService\SSIRuntimeService.exe
---------- C:\PROGRA~1\AVG\AVG8\avgtray.exe
---------- C:\Program Files\iTunes\iTunesHelper.exe
---------- C:\WINDOWS\system32\rundll32.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
---------- C:\WINDOWS\System32\TPHDEXLG.exe
---------- C:\WINDOWS\system32\TpKmpSVC.exe
---------- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
---------- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
---------- C:\Program Files\DAEMON Tools Lite\daemon.exe
---------- C:\Program Files\Viewpoint\Common\ViewpointService.exe
---------- C:\WINDOWS\system32\WebUpdateSvc.exe
---------- C:\WINDOWS\system32\WebUpdateSvc4.exe
---------- C:\Program Files\Digital Line Detect\DLG.exe
---------- C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
---------- c:\program files\lenovo\system update\suservice.exe
---------- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
---------- C:\Program Files\iPod\bin\iPodService.exe
---------- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
---------- C:\PROGRA~1\AVG\AVG8\avgrsx.exe
---------- C:\WINDOWS\system32\cidaemon.exe
---------- C:\WINDOWS\system32\cidaemon.exe
---------- C:\WINDOWS\system32\cidaemon.exe
---------- C:\Program Files\Internet Explorer\IEXPLORE.EXE
---------- C:\Program Files\Internet Explorer\iexplore.exe
---------- C:\WINDOWS\system32\NOTEPAD.EXE
---------- C:\Program Files\Internet Explorer\iexplore.exe
---------- C:\WINDOWS\system32\NOTEPAD.EXE
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!



1 - "C:\Rooter$\Rooter_1.txt" - Wed 05/13/2009|16:11
2 - "C:\Rooter$\Rooter_2.txt" - Wed 05/13/2009|21:16

----------------------\\ Scan completed at 21:16
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP