Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Unknown Mal/Spyware on computer


  • Please log in to reply

#1
Brainsickly

Brainsickly

    New Member

  • Member
  • Pip
  • 1 posts
A few days ago I kept getting the Yoog thing on Firefox. After downloading MBAM and a few other programs, it went away. But now I have a redirect issue with search engines. When I click a link from another search engine, I'll get a white page that reads "The Document Has Moved Here. Wait..." and it will redirect me to shopping websites. I no longer have the Yoog files on my computer or homepage issue, just this search engine thing. I don't know where to start since I don't know what kind of malware/spyware infection I have, which is why I've come here. I'd really appreciate some help. This thing is driving me crazy.

Rooter:

Microsoft Windows XP Professional (5.1.2600) Service Pack 3

A:\ [Removable] (Total:0 Mo/Free:0 Mo)
C:\ [Fixed] - NTFS - (Total:99998 Mo/Free:1301 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
E:\ [Fixed] - NTFS - (Total:138474 Mo/Free:3235 Mo)
F:\ [Removable] (Total:0 Mo/Free:0 Mo)
G:\ [Removable] (Total:0 Mo/Free:0 Mo)
H:\ [Removable] (Total:0 Mo/Free:0 Mo)
I:\ [Removable] (Total:0 Mo/Free:0 Mo)

Sun 05/31/2009|21:45

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
---------- C:\Program Files\Alwil Software\Avast4\ashServ.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\Program Files\Java\jre6\bin\jusched.exe
---------- C:\Program Files\Zune\ZuneLauncher.exe
---------- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
---------- C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
---------- C:\Program Files\Messenger\msmsgs.exe
---------- C:\Program Files\DNA\btdna.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Sprint Instinct Applications\MEMonitor.exe
---------- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
---------- C:\Program Files\Java\jre6\bin\jqs.exe
---------- C:\Program Files\Common Files\Motive\McciCMService.exe
---------- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
---------- C:\Nexon\Mabinogi\npkcmsvc.exe
---------- C:\WINDOWS\system32\nvsvc32.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
---------- C:\WINDOWS\system32\ZuneBusEnum.exe
---------- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
---------- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Mozilla Firefox\firefox.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!



1 - "C:\Rooter$\Rooter_1.txt" - Sun 05/31/2009|21:46

----------------------\\ Scan completed at 21:46


OTListIt:

OTListIt logfile created on: 5/31/2009 9:47:11 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Documents and Settings\Public\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 1.37 Gb Available Physical Memory | 70.82% Memory free
3.72 Gb Paging File | 3.28 Gb Available in Paging File | 87.95% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97.65 Gb Total Space | 65.27 Gb Free Space | 66.84% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 135.23 Gb Total Space | 135.16 Gb Free Space | 99.95% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: X2-MYCICKQUYC0W
Current User Name: Public
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
PRC - C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
PRC - C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe ()
PRC - C:\Program Files\Sprint Instinct Applications\MEMonitor.exe (Smith Micro Software, Inc.)
PRC - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe (Computer Associates International, Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Common Files\Motive\McciCMService.exe (Motive Communications, Inc.)
PRC - C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation)
PRC - C:\Nexon\Mabinogi\npkcmsvc.exe (INCA Internet Co., Ltd.)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe (CA, Inc.)
PRC - C:\WINDOWS\system32\ZuneBusEnum.exe (Microsoft Corporation)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Documents and Settings\Public\Desktop\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (Adobe LM Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe ()
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (CaCCProvSP [On_Demand | Stopped]) -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe (CA, Inc.)
SRV - (CAISafe [Auto | Running]) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe (Computer Associates International, Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (McciCMService [Auto | Running]) -- C:\Program Files\Common Files\Motive\McciCMService.exe (Motive Communications, Inc.)
SRV - (MDM [Auto | Running]) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation)
SRV - (MSCSPTISRV [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (npkcmsvc [Auto | Running]) -- C:\Nexon\Mabinogi\npkcmsvc.exe (INCA Internet Co., Ltd.)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (PACSPTISVR [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe ()
SRV - (Pml Driver HPH11 [On_Demand | Stopped]) -- C:\WINDOWS\system32\HPHipm11.exe (HP)
SRV - (SPTISRV [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (VETMSGNT [Auto | Running]) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe (CA, Inc.)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
SRV - (ZuneBusEnum [Auto | Running]) -- C:\WINDOWS\system32\ZuneBusEnum.exe (Microsoft Corporation)
SRV - (ZuneNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)
SRV - (ZuneWlanCfgSvc [On_Demand | Stopped]) -- C:\WINDOWS\system32\ZuneWlanCfgSvc.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (Aavmker4 [System | Running]) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (AFS2K [System | Running]) -- C:\WINDOWS\System32\drivers\AFS2K.SYS (Oak Technology Inc.)
DRV - (ALCXWDM [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (aswFsBlk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys (ALWIL Software)
DRV - (aswMon2 [Auto | Running]) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswRdr [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswSP [System | Running]) -- C:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswTdi [System | Running]) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (Dot4 HPH11 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\hphid411.sys (HP)
DRV - (Dot4Print HPH11 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\hphipr11.sys (HP)
DRV - (Dot4Usb HPH11 [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\hphius11.sys (HP)
DRV - (MREMP50 [On_Demand | Stopped]) -- C:\Program Files\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MRESP50 [On_Demand | Stopped]) -- C:\Program Files\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (nvata [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\nvata.sys (NVIDIA Corporation)
DRV - (NVENETFD [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\NVENETFD.sys (NVIDIA Corporation)
DRV - (nvnetbus [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\nvnetbus.sys (NVIDIA Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (SASKUTIL [Unknown | Running]) -- File not found
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (sscdbus [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sscdbus.sys (MCCI Corporation)
DRV - (sscdmdfl [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys (MCCI Corporation)
DRV - (sscdmdm [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sscdmdm.sys (MCCI Corporation)
DRV - (sscdserd [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sscdserd.sys (MCCI Corporation)
DRV - (VET-FILT [System | Running]) -- C:\WINDOWS\System32\drivers\vet-filt.sys (Computer Associates International, Inc.)
DRV - (VET-REC [System | Running]) -- C:\WINDOWS\System32\drivers\vet-rec.sys (Computer Associates International, Inc.)
DRV - (VETEBOOT [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\veteboot.sys (Computer Associates International, Inc.)
DRV - (VETEFILE [System | Running]) -- C:\WINDOWS\System32\drivers\vetefile.sys (Computer Associates International, Inc.)
DRV - (VETFDDNT [System | Running]) -- C:\WINDOWS\System32\drivers\vetfddnt.sys (Computer Associates International, Inc.)
DRV - (VETMONNT [System | Running]) -- C:\WINDOWS\System32\drivers\vetmonnt.sys (Computer Associates International, Inc.)
DRV - (wceusbsh [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\wceusbsh.sys (Microsoft Corporation)
DRV - (zumbus [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\zumbus.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www27.yoog.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..extensions.enabledItems: {fe0258ab-4f74-43a1-8781-bcdf340f9ee9}:2.5.5
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/05/31 21:25:37 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/05/31 21:25:31 | 00,000,000 | ---D | M]

[2009/05/31 21:25:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Public\Application Data\mozilla\Extensions
[2009/05/31 21:25:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Public\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/03/28 18:56:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Public\Application Data\mozilla\Extensions\[email protected]
[2009/05/31 21:29:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Public\Application Data\mozilla\Firefox\Profiles\26613i03.default\extensions
[2009/05/31 21:29:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Public\Application Data\mozilla\Firefox\Profiles\26613i03.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}
[2009/05/31 21:25:31 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/05/31 21:25:31 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/04/24 00:38:30 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/24 00:38:32 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/04/23 20:39:08 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/04/23 20:39:08 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/04/23 20:39:08 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/04/23 20:39:08 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/04/23 20:39:08 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/04/23 20:39:08 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/04/23 20:39:08 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (7657 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 206.53.61.77 google.ae
O1 - Hosts: 206.53.61.77 google.as
O1 - Hosts: 206.53.61.77 google.at
O1 - Hosts: 206.53.61.77 google.az
O1 - Hosts: 206.53.61.77 google.ba
O1 - Hosts: 206.53.61.77 google.be
O1 - Hosts: 206.53.61.77 google.bg
O1 - Hosts: 206.53.61.77 google.bs
O1 - Hosts: 206.53.61.77 google.ca
O1 - Hosts: 206.53.61.77 google.cd
O1 - Hosts: 206.53.61.77 google.com.gh
O1 - Hosts: 206.53.61.77 google.com.gi
O1 - Hosts: 206.53.61.77 google.com.hk
O1 - Hosts: 206.53.61.77 google.com.jm
O1 - Hosts: 206.53.61.77 google.com.ly
O1 - Hosts: 206.53.61.77 google.com.mx
O1 - Hosts: 206.53.61.77 google.com.my
O1 - Hosts: 206.53.61.77 google.com.na
O1 - Hosts: 206.53.61.77 google.com.nf
O1 - Hosts: 206.53.61.77 google.com.ng
O1 - Hosts: 206.53.61.77 google.ch
O1 - Hosts: 206.53.61.77 google.com.np
O1 - Hosts: 206.53.61.77 google.com.om
O1 - Hosts: 206.53.61.77 google.com.pa
O1 - Hosts: 206.53.61.77 google.com.pr
O1 - Hosts: 249 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (Yahoo! IE Suggest) - {5A263CF7-56A6-4D68-A8CF-345BE45BC911} - C:\Program Files\Yahoo!\Search\YSearchSuggest.dll (Yahoo! Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [HomeKeyLogger] C:\Program Files\HomeKeylogger\KeyLogger.exe File not found
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKLM..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe" (Microsoft Corporation)
O4 - HKCU..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" (BitTorrent, Inc.)
O4 - HKCU..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" ()
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Public\Start Menu\Programs\Startup\IMVU.lnk = C:\Documents and Settings\Public\Application Data\IMVUClient\IMVUClient.exe ()
O4 - Startup: C:\Documents and Settings\Public\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
O4 - Startup: C:\Documents and Settings\Public\Start Menu\Programs\Startup\Sprint media monitor.lnk = C:\WINDOWS\RM.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - Reg Error: Key error. File not found
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Public\Start Menu\Programs\IMVU\Run IMVU.lnk ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe File not found
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\VetRedir.dll (Computer Associates International, Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Monopoly%20Here%20and%20Now/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {37A273C2-5129-11D5-BF37-00A0CCE8754B} http://asp.mathxl.co...GenXInstall.cab (TTestGenXInstallObject)
O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} http://disney.go.com...OnlineGames.cab (Disney Online Games ActiveX Control)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (MySpace Uploader Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1176334557359 (WUWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {95D88B35-A521-472B-A182-BB1A98356421} http://asp.mathxl.co...nstallAsst2.cab (Pearson Installation Assistant 2)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Monopoly%20Here%20and%20Now/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} http://asp.mathxl.co.../MathPlayer.cab (Pearson MathXL Player)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/04/11 19:28:36 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009/05/31 21:44:58 | 00,000,000 | ---D | M]

========== Files/Folders - Created Within 30 Days ==========

[6 C:\WINDOWS\*.tmp files]
[2009/05/31 21:48:59 | 03,371,376 | ---- | C] (Malwarebytes Corporation ) -- C:\DOCUME~1\Public\Desktop\mbam-setup.exe
[2009/05/31 21:45:35 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/31 21:44:55 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\DOCUME~1\Public\Desktop\OTListIt2.exe
[2009/05/31 21:44:41 | 00,267,612 | ---- | C] () -- C:\DOCUME~1\Public\Desktop\Rooter.exe
[2009/05/31 21:32:37 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/05/31 21:25:33 | 00,001,602 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Mozilla Firefox.lnk
[2009/05/31 21:25:30 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/05/31 19:32:44 | 01,402,624 | ---- | C] (Runscanner.net) -- C:\DOCUME~1\Public\Desktop\RunScanner.exe
[2009/05/31 19:21:29 | 07,526,856 | ---- | C] (Mozilla) -- C:\DOCUME~1\Public\Desktop\Firefox Setup 3.0.10.exe
[2009/05/31 17:19:49 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009/05/31 17:19:49 | 00,050,864 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009/05/31 17:19:49 | 00,026,944 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009/05/31 17:19:49 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009/05/31 17:19:49 | 00,001,709 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\avast! Antivirus.lnk
[2009/05/31 17:19:48 | 00,111,184 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009/05/31 17:19:48 | 00,094,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009/05/31 17:19:48 | 00,093,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009/05/31 17:19:48 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009/05/31 17:19:40 | 01,236,208 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009/05/31 17:19:40 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2009/05/31 17:19:39 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/05/29 23:37:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Public\Application Data\Malwarebytes
[2009/05/29 23:37:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/05/29 23:36:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/05/29 23:36:24 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/05/29 23:36:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Public\Application Data\SUPERAntiSpyware.com
[2009/05/23 13:45:54 | 00,000,000 | ---D | C] -- C:\DOCUME~1\Public\Desktop\Jessica
[2009/05/21 16:33:44 | 00,030,720 | ---- | C] () -- C:\DOCUME~1\Public\My Documents\Mathew Torres Resume.doc
[2009/05/21 09:16:52 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\SystemFeed
[2009/05/21 09:16:39 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\b120681
[2009/05/18 07:30:55 | 00,692,258 | ---- | C] () -- C:\DOCUME~1\Public\My Documents\Untitled-2.gif
[2009/05/14 05:41:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Public\Application Data\InstallShield
[2009/05/14 05:33:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Public\Local Settings\Apps
[2009/05/13 14:44:12 | 00,000,714 | ---- | C] () -- C:\WINDOWS\System\akstart.lnk
[2009/05/12 20:52:24 | 00,000,889 | ---- | C] () -- C:\Documents and Settings\Public\Start Menu\Programs\Startup\IMVU.lnk
[2009/05/12 20:52:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Public\Application Data\IMVU
[2009/05/12 20:52:18 | 00,001,921 | ---- | C] () -- C:\DOCUME~1\Public\Desktop\IMVU.lnk
[2009/05/12 20:52:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Public\Application Data\IMVUClient
[2009/05/08 15:12:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Public\Application Data\Real
[2009/05/06 15:01:30 | 00,202,072 | R--- | C] (Coupons, Inc.) -- C:\WINDOWS\System32\cpnprt2.cid
[2009/05/06 15:00:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cache
[2009/05/06 00:03:53 | 09,066,760 | -H-- | C] () -- C:\DOCUME~1\Public\My Documents\Wonderland.pdf
[2009/05/06 00:03:53 | 05,136,712 | -H-- | C] () -- C:\DOCUME~1\Public\My Documents\Wonderland BookofKnots.pdf
[2009/05/03 21:49:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\ROSE Online Evolution
[2009/05/02 23:33:25 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2009/05/02 23:33:25 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2008/12/23 15:31:50 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/11/06 12:37:32 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/06 12:34:00 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/11/06 12:34:00 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/11/06 12:33:02 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/08/14 17:24:11 | 00,323,584 | ---- | C] () -- C:\WINDOWS\System32\FoxImager.dll
[2008/08/14 14:57:41 | 00,000,318 | ---- | C] () -- C:\WINDOWS\WPE PRO.INI
[2008/02/19 12:37:27 | 00,000,034 | ---- | C] () -- C:\WINDOWS\hpfsched.ini
[2007/04/18 17:40:27 | 00,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007/04/12 12:01:53 | 00,532,480 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Sony.dll
[2007/04/11 20:30:38 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/04/11 20:20:40 | 00,135,168 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007/04/11 20:20:35 | 00,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2006/01/24 06:15:00 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/01/24 06:15:00 | 01,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/01/24 06:15:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/01/24 06:15:00 | 00,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/01/24 06:15:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/01/24 06:15:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/01/24 06:15:00 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2003/03/31 08:00:00 | 00,000,684 | ---- | C] () -- C:\WINDOWS\win.ini
[2003/03/31 08:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2002/06/20 15:09:10 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\hpodinet.dll
[2002/05/03 15:25:32 | 00,364,544 | ---- | C] () -- C:\WINDOWS\System32\hpgt23.dll

========== Files - Modified Within 30 Days ==========

[3 C:\WINDOWS\System32\*.tmp files]
[6 C:\WINDOWS\*.tmp files]
[2009/05/31 21:49:04 | 03,371,376 | ---- | M] (Malwarebytes Corporation ) -- C:\DOCUME~1\Public\Desktop\mbam-setup.exe
[2009/05/31 21:44:59 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\DOCUME~1\Public\Desktop\OTListIt2.exe
[2009/05/31 21:44:41 | 00,267,612 | ---- | M] () -- C:\DOCUME~1\Public\Desktop\Rooter.exe
[2009/05/31 21:25:33 | 00,001,602 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Mozilla Firefox.lnk
[2009/05/31 21:22:07 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/31 21:22:07 | 00,000,889 | ---- | M] () -- C:\Documents and Settings\Public\Start Menu\Programs\Startup\IMVU.lnk
[2009/05/31 21:21:45 | 00,043,531 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/05/31 21:21:41 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/31 21:21:39 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Public\Local Settings\desktop.ini
[2009/05/31 21:21:35 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/31 19:23:16 | 07,526,856 | ---- | M] (Mozilla) -- C:\DOCUME~1\Public\Desktop\Firefox Setup 3.0.10.exe
[2009/05/31 17:22:49 | 00,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/05/31 17:19:49 | 00,001,709 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\avast! Antivirus.lnk
[2009/05/31 11:11:12 | 00,000,410 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Public.job
[2009/05/30 00:06:37 | 00,000,714 | ---- | M] () -- C:\WINDOWS\System\akstart.lnk
[2009/05/29 23:06:32 | 00,161,008 | ---- | M] (Computer Associates International, Inc.) -- C:\WINDOWS\System32\drivers\vetmonnt.sys
[2009/05/29 23:06:32 | 00,026,352 | ---- | M] (Computer Associates International, Inc.) -- C:\WINDOWS\System32\drivers\vet-filt.sys
[2009/05/29 23:06:32 | 00,021,488 | ---- | M] (Computer Associates International, Inc.) -- C:\WINDOWS\System32\drivers\vetfddnt.sys
[2009/05/29 23:06:32 | 00,021,104 | ---- | M] (Computer Associates International, Inc.) -- C:\WINDOWS\System32\drivers\vet-rec.sys
[2009/05/29 15:18:59 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/05/29 14:07:56 | 01,402,624 | ---- | M] (Runscanner.net) -- C:\DOCUME~1\Public\Desktop\RunScanner.exe
[2009/05/21 17:39:07 | 00,001,917 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/05/21 16:33:44 | 00,030,720 | ---- | M] () -- C:\DOCUME~1\Public\My Documents\Mathew Torres Resume.doc
[2009/05/21 09:19:31 | 00,007,657 | RHS- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/05/18 07:31:29 | 00,030,208 | -HS- | M] () -- C:\DOCUME~1\Public\My Documents\Thumbs.db
[2009/05/18 07:30:56 | 00,692,258 | ---- | M] () -- C:\DOCUME~1\Public\My Documents\Untitled-2.gif
[2009/05/12 20:52:18 | 00,001,921 | ---- | M] () -- C:\DOCUME~1\Public\Desktop\IMVU.lnk
[2009/05/07 03:16:29 | 24,699,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/05/06 15:01:30 | 00,202,072 | R--- | M] (Coupons, Inc.) -- C:\WINDOWS\System32\cpnprt2.cid
[2009/05/05 23:09:22 | 00,000,684 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/05/02 23:33:25 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
< End of report >


Extras

OTListIt Extras logfile created on: 5/31/2009 9:47:11 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Documents and Settings\Public\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 1.37 Gb Available Physical Memory | 70.82% Memory free
3.72 Gb Paging File | 3.28 Gb Available in Paging File | 87.95% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97.65 Gb Total Space | 65.27 Gb Free Space | 66.84% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 135.23 Gb Total Space | 135.16 Gb Free Space | 99.95% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: X2-MYCICKQUYC0W
Current User Name: Public
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"64707:TCP" = 64707:TCP:*:Disabled:SolidNetworkManager
"64707:UDP" = 64707:UDP:*:Disabled:SolidNetworkManager
"18961:TCP" = 18961:TCP:*:Disabled:SolidNetworkManager
"18961:UDP" = 18961:UDP:*:Disabled:SolidNetworkManager
"44634:TCP" = 44634:TCP:*:Enabled:SolidNetworkManager
"44634:UDP" = 44634:UDP:*:Enabled:SolidNetworkManager
"60500:TCP" = 60500:TCP:*:Disabled:SolidNetworkManager
"60500:UDP" = 60500:UDP:*:Disabled:SolidNetworkManager
"59979:TCP" = 59979:TCP:*:Disabled:SolidNetworkManager
"59979:UDP" = 59979:UDP:*:Disabled:SolidNetworkManager
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager File not found
C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager File not found
C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test (Microsoft Corporation)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail File not found
C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail File not found
C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail File not found
C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic File not found
C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic File not found
C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic File not found
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger (Yahoo! Inc.)
C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server File not found
C:\Program Files\BitTorrent_DNA\dna.exe:*:Enabled:BitTorrent DNA File not found
C:\Program Files\Tale of Tales\The Endless Forest 3\ForestViewer.exe:*:Enabled:ForestViewer File not found
C:\Program Files\Real\RealOne Player\realplay.exe:*:Enabled:RealOne Player (RealNetworks, Inc.)
C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb File not found
C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray File not found
C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client File not found
C:\Program Files\att-nap\McciBrowser.exe:*:Enabled:motivebrowser.exe (Motive Communications, Inc.)
C:\Program Files\DNA\btdna.exe:*:Enabled:DNA (BitTorrent, Inc.)
C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager File not found
C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager File not found
C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application File not found
C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire (FrostWire Group)
C:\Makena\There\ThereClient\There.exe:*:Enabled:There File not found
C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire (Lime Wire, LLC)
C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent File not found
C:\Program Files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe:*:Enabled:Yahoo! Music Jukebox File not found
C:\Program Files\ACSPMonitor\ASMonitor.exe:*:Enabled:System File not found

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}" = Zune Language Pack (FR)
"{0D396571-7BBD-44CE-ABB3-518BF86B72F7}" = HP Photo and Imaging 1.0 - HP Photosmart Printer Series
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15C46A4B-1AB5-4C25-91B6-59151E199D13}" = HP Photo and Imaging 2.0 - Photosmart Cameras
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FADAA19-E595-44CA-A072-58B6B0851768}" = Norton Security Scan
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{590D4F8F-98FE-47FA-AC2B-3F22FDCF7C09}" = ShareIns
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{831A18C6-C469-4B64-A5DE-68452D167284}" = Prepware 10
"{8912A802-1DD4-41F3-8450-B3209081BDB9}" = Sprint media manager
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{91130409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Small Business
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9862E0CB-4727-4FFC-963A-E22A9E9EC10C}" = Creative ZEN V Series (R2)
"{9D18465E-8B80-4AC1-8ABB-B42978B171E3}" = HP Photo and Imaging 1.0 - Scanjet 2300c Series
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.4
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Memories Disc
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{E9ED0801-253D-4FE9-AB20-F63DEFE72547}" = SAMSUNG Mobile USB DRIVER(4.40.7.0) v1.6
"{EE4ACABF-531E-419A-9225-B8E0FA4955AF}" = Zune Language Pack (ES)
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FF70513F-E3A7-402F-84FB-B7810A064BE2}" = Zune
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"am-plantsvszombiestm" = Plants vs. Zombies™
"AudibleManager" = AudibleManager
"avast!" = avast! Antivirus
"AviSynth" = AviSynth 2.5
"cciss_av" = CA Anti-Virus
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"Creative Removable Disk Manager" = Creative Removable Disk Manager
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"hphuni04" = Photosmart 130,230,7150,7345,7350,7550 (Remove only)
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"InstallShield_{E9ED0801-253D-4FE9-AB20-F63DEFE72547}" = SAMSUNG Mobile USB DRIVER(4.40.7.0) v1.6
"LimeWire" = LimeWire 5.1.2
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NSSSetup.{3FADAA19-E595-44CA-A072-58B6B0851768}" = Norton Security Scan (Symantec Corporation)
"NVIDIA Drivers" = NVIDIA Drivers
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-14-05-01
"Photo Viewer" = Photo Viewer 2.3
"RealPlayer 6.0" = RealOne Player
"SysInfo" = Creative System Information
"SystemRequirementsLab" = System Requirements Lab
"VETWIN32Vp5" = CA Anti-Virus
"ViewpointMediaPlayer" = Viewpoint Media Player
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! IE Suggest" = Yahoo! IE Search Suggest
"Yahoo! Messenger" = Yahoo! Messenger
"ZENcast Organizer" = ZENcast Organizer
"Zune" = Zune

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
"IMVU Avatar chat client software BETA" = IMVU Avatar Chat Software

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/23/2009 9:22:32 PM | Computer Name = X2-MYCICKQUYC0W | Source = Application Error | ID = 1000
Description = Faulting application yahoomessenger.exe, version 9.0.0.2124, faulting
module yahoomessenger.exe, version 9.0.0.2124, fault address 0x0002c185.

Error - 5/24/2009 12:41:18 AM | Computer Name = X2-MYCICKQUYC0W | Source = Application Error | ID = 1000
Description = Faulting application yahoomessenger.exe, version 9.0.0.2124, faulting
module yahoomessenger.exe, version 9.0.0.2124, fault address 0x0002c185.

Error - 5/26/2009 6:02:28 PM | Computer Name = X2-MYCICKQUYC0W | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3399, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 5/29/2009 10:34:34 PM | Computer Name = X2-MYCICKQUYC0W | Source = Application Hang | ID = 1002
Description = Hanging application explorer.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 5/31/2009 5:17:03 PM | Computer Name = X2-MYCICKQUYC0W | Source = Application Error | ID = 1000
Description = Faulting application yahoomessenger.exe, version 9.0.0.2124, faulting
module yahoomessenger.exe, version 9.0.0.2124, fault address 0x0002c185.

Error - 5/31/2009 9:14:47 PM | Computer Name = X2-MYCICKQUYC0W | Source = Application Hang | ID = 1002
Description = Hanging application mbam.exe, version 1.37.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 5/31/2009 9:14:53 PM | Computer Name = X2-MYCICKQUYC0W | Source = Application Hang | ID = 1002
Description = Hanging application mbam.exe, version 1.37.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 5/31/2009 9:14:53 PM | Computer Name = X2-MYCICKQUYC0W | Source = Application Hang | ID = 1001
Description = Fault bucket 1292139397.

Error - 5/31/2009 9:15:12 PM | Computer Name = X2-MYCICKQUYC0W | Source = Application Hang | ID = 1002
Description = Hanging application mbam.exe, version 1.37.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 5/31/2009 9:15:34 PM | Computer Name = X2-MYCICKQUYC0W | Source = Application Hang | ID = 1002
Description = Hanging application mbam.exe, version 1.37.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 5/1/2009 8:15:58 AM | Computer Name = X2-MYCICKQUYC0W | Source = Service Control Manager | ID = 7000
Description = The npkcrypt service failed to start due to the following error: %%2

Error - 5/2/2009 9:45:08 PM | Computer Name = X2-MYCICKQUYC0W | Source = Service Control Manager | ID = 7000
Description = The npkcrypt service failed to start due to the following error: %%2

Error - 5/3/2009 12:04:10 PM | Computer Name = X2-MYCICKQUYC0W | Source = Service Control Manager | ID = 7000
Description = The npkcrypt service failed to start due to the following error: %%2

Error - 5/4/2009 12:59:09 PM | Computer Name = X2-MYCICKQUYC0W | Source = Service Control Manager | ID = 7000
Description = The npkcrypt service failed to start due to the following error: %%2

Error - 5/4/2009 3:34:48 PM | Computer Name = X2-MYCICKQUYC0W | Source = Service Control Manager | ID = 7000
Description = The npkcrypt service failed to start due to the following error: %%2

Error - 5/5/2009 7:05:37 PM | Computer Name = X2-MYCICKQUYC0W | Source = Service Control Manager | ID = 7000
Description = The npkcrypt service failed to start due to the following error: %%2

Error - 5/7/2009 10:28:58 PM | Computer Name = X2-MYCICKQUYC0W | Source = Service Control Manager | ID = 7000
Description = The npkcrypt service failed to start due to the following error: %%2

Error - 5/8/2009 12:24:44 AM | Computer Name = X2-MYCICKQUYC0W | Source = Service Control Manager | ID = 7000
Description = The npkcrypt service failed to start due to the following error: %%2

Error - 5/12/2009 5:32:00 PM | Computer Name = X2-MYCICKQUYC0W | Source = Service Control Manager | ID = 7000
Description = The npkcrypt service failed to start due to the following error: %%2

Error - 5/12/2009 9:03:08 PM | Computer Name = X2-MYCICKQUYC0W | Source = Service Control Manager | ID = 7000
Description = The npkcrypt service failed to start due to the following error: %%2


< End of report >


MBAM

Malwarebytes' Anti-Malware 1.37
Database version: 2204
Windows 5.1.2600 Service Pack 3

5/31/2009 9:58:57 PM
mbam-log-2009-05-31 (21-58-57).txt

Scan type: Quick Scan
Objects scanned: 102739
Time elapsed: 5 minute(s), 4 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Delete on reboot.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Delete on reboot.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP