Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Google redirect


  • Please log in to reply

#1
pittzburghkid

pittzburghkid

    Member

  • Member
  • PipPip
  • 10 posts
My wife picked up a virus on Facebook. Ever since when we type in a search engine the links appear but when followed lead to spam sites. Hope you can help.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:59:21, on 12/15/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\lxcycoms.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\AOL\1156939992\ee\AOLSoftware.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Lexmark 3400 Series\lxcymon.exe
C:\Program Files\Lexmark 3400 Series\ezprint.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\PROGRA~1\Comcast\COMCAS~1\data\Xtras\mssysmgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\HPQ\SHARED\HPQWMI.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.my.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://encarta.msn.c...sp?pid=51957HP1
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {2E1AAFF1-3641-2B95-6123-3F71C605C3BE} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1156939992\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [lxcymon.exe] "C:\Program Files\Lexmark 3400 Series\lxcymon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3400 Series\ezprint.exe"
O4 - HKLM\..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Comcast\COMCAS~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [CyberDefender Early Detection Center] "C:\Program Files\CyberDefender\AntiSpyware\cdasf9.exe" /minimize
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Search - ?p=ZJxdm319YYUS
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=presario&pf=laptop
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} (Infotl Control) - http://site.ebrary.c...s/ebraryRdr.cab
O16 - DPF: {0441781A-3075-4C8F-9FDB-A6BCAE8769A1} (vmLaunch Class) - http://downloads.com.../vmLauncher.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebo...toUploader5.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com...p/PCPitStop.CAB
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/SCRABBLE/Images/stg_drm.ocx
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewi...oOnlineScan.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoft...s/as2stubie.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgree...eensActivia.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebo...toUploader3.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onec...lscbase5036.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebo...otoUploader.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebo...oUploader55.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoft...s/as2stubie.cab
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadbl...ivex/sabspx.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcaf...,26/mcgdmgr.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/SCRABBLE/Images/armhelper.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - http://webcam1.pghar...activex/AMC.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.ad...Plus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{98F40828-164D-4280-8269-97BC23285474}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{AA170F33-4FBC-4A67-8C0E-A0A816D8CB6F}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{AA37BDCB-BF04-4545-8F75-E3BC06CEFBBF}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{B3AF86E0-5E15-4012-B537-6670828A68C4}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 207.68.160.190 194.25.2.129 208.67.222.222 207.68.160.190 194.25.2.129 208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{98F40828-164D-4280-8269-97BC23285474}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 207.68.160.190 194.25.2.129 208.67.222.222 207.68.160.190 194.25.2.129 208.67.222.222
O17 - HKLM\System\CS3\Services\Tcpip\..\{98F40828-164D-4280-8269-97BC23285474}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 207.68.160.190 194.25.2.129 208.67.222.222 207.68.160.190 194.25.2.129 208.67.222.222
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxcy_device - - C:\WINDOWS\system32\lxcycoms.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 11597 bytes

UPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/15/2009 at 00:43 AM

Application Version : 3.8.1002

Core Rules Database Version : 4021
Trace Rules Database Version: 1961

Scan type : Complete Scan
Total Scan Time : 00:41:07

Memory items scanned : 497
Memory threats detected : 0
Registry items scanned : 6502
Registry threats detected : 0
File items scanned : 7969
File threats detected : 57

Adware.Tracking Cookie
C:\Documents and Settings\Jeremy\cookies\[email protected][1].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][2].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][2].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][2].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][1].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][1].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][1].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][2].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][2].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][1].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][1].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][2].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][1].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][1].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][2].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][1].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][1].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][1].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][2].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][2].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][1].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][2].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][1].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][2].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][2].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][1].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][1].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][3].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][1].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][1].txt
C:\Documents and Settings\Jeremy\cookies\[email protected]almedia[1].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][2].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][2].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][2].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][2].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][1].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][1].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][1].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][2].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][3].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][1].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][2].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][2].txt
C:\Documents and Settings\Jeremy\cookies\[email protected][1].txt
C:\Documents and Settings\Isabella\Cookies\[email protected][2].txt
C:\Documents and Settings\Isabella\Cookies\[email protected][2].txt
C:\Documents and Settings\Isabella\Cookies\[email protected][1].txt
C:\Documents and Settings\Isabella\Cookies\[email protected][1].txt
C:\Documents and Settings\Isabella\Cookies\[email protected][1].txt
C:\Documents and Settings\Isabella\Cookies\[email protected][2].txt
C:\Documents and Settings\Isabella\Cookies\[email protected][2].txt
C:\Documents and Settings\Isabella\Cookies\[email protected][2].txt
C:\Documents and Settings\Isabella\Cookies\[email protected][2].txt
C:\Documents and Settings\Isabella\Cookies\[email protected][2].txt
C:\Documents and Settings\Isabella\Cookies\[email protected][2].txt
C:\Documents and Settings\Isabella\Cookies\[email protected][1].txt
C:\Documents and Settings\Jeremy\Cookies\[email protected][1].txt




Malwarebytes' Anti-Malware 1.42
Database version: 3366
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/15/2009 3:34:13 PM
mbam-log-2009-12-15 (15-34-13).txt

Scan type: Full Scan (C:\|)
Objects scanned: 222901
Time elapsed: 1 hour(s), 5 minute(s), 26 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

Advertisements


#2
pittzburghkid

pittzburghkid

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
OTL logfile created on: 12/21/2009 2:00:47 AM - Run 1
OTL by OldTimer - Version 3.1.19.0 Folder = C:\Documents and Settings\Jeremy\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

382.00 Mb Total Physical Memory | 94.00 Mb Available Physical Memory | 25.00% Memory free
919.00 Mb Paging File | 332.00 Mb Available in Paging File | 36.00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.88 Gb Total Space | 2.58 Gb Free Space | 4.62% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JER
Current User Name: Jeremy
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2009/12/21 01:58:09 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeremy\Desktop\OTL.exe
PRC - [2009/10/11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/09/21 22:14:27 | 01,028,432 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2009/09/21 22:14:27 | 00,520,024 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2009/09/13 18:52:50 | 01,048,392 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2009/07/02 17:36:52 | 00,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009/03/08 13:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2008/04/13 19:12:41 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/28 13:30:48 | 00,936,960 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\Verizon\McciTrayApp.exe
PRC - [2007/06/25 09:34:58 | 00,082,608 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 3400 Series\ezprint.exe
PRC - [2007/06/25 09:34:56 | 00,291,504 | ---- | M] () -- C:\Program Files\Lexmark 3400 Series\lxcymon.exe
PRC - [2007/06/20 05:28:56 | 00,537,264 | ---- | M] ( ) -- C:\WINDOWS\system32\lxcycoms.exe
PRC - [2007/05/23 09:12:46 | 01,314,816 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2007/01/04 17:13:54 | 00,240,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2006/12/06 07:12:20 | 00,282,624 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\QuickTime\qttask.exe
PRC - [2006/12/05 18:38:58 | 00,707,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\vVX3000.exe
PRC - [2006/10/23 07:50:35 | 00,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2006/10/18 20:05:26 | 00,204,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2006/09/25 19:52:48 | 00,050,736 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\1156939992\ee\aolsoftware.exe
PRC - [2005/05/09 18:16:15 | 00,192,512 | ---- | M] (Simple Star, Inc.) -- C:\Program Files\Comcast\Comcast PhotoShow 4\data\Xtras\mssysmgr.exe
PRC - [2005/04/11 12:00:00 | 00,339,968 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
PRC - [2005/04/11 08:31:26 | 00,360,448 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2005/04/01 17:11:14 | 00,794,624 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
PRC - [2005/03/04 14:16:18 | 00,098,304 | R--- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HPQ\Shared\hpqwmi.exe
PRC - [2005/02/22 18:32:14 | 00,038,912 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2005/02/02 07:12:22 | 00,102,492 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2005/02/02 07:11:12 | 00,692,316 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2004/08/04 03:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe
PRC - [2003/08/27 10:29:46 | 00,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe


========== Modules (SafeList) ==========

MOD - [2009/12/21 01:58:09 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeremy\Desktop\OTL.exe
MOD - [2005/02/02 07:12:14 | 00,069,724 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (iPodService)
SRV - [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/09/21 22:14:27 | 01,028,432 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/07/02 17:36:52 | 00,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2007/06/20 05:28:56 | 00,537,264 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxcycoms.exe -- (lxcy_device)
SRV - [2007/01/19 11:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc)
SRV - [2007/01/04 17:13:54 | 00,240,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2006/10/23 07:50:35 | 00,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2005/11/14 01:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/04/11 08:31:26 | 00,360,448 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2005/03/04 14:16:18 | 00,098,304 | R--- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Running] -- C:\Program Files\HPQ\Shared\hpqwmi.exe -- (hpqwmi)
SRV - [2005/02/22 18:32:14 | 00,038,912 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2003/08/27 10:29:46 | 00,065,536 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.my.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: (734 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {2E1AAFF1-3641-2B95-6123-3F71C605C3BE} - No CLSID value found.
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - SITEguard - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe (AOL LLC)
O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 3400 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1156939992\ee\aolsoftware.exe (America Online, Inc.)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [lxcymon.exe] C:\Program Files\Lexmark 3400 Series\lxcymon.exe ()
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [VX3000] C:\WINDOWS\vVX3000.exe (Microsoft Corporation)
O4 - HKCU..\Run: [CyberDefender Early Detection Center] C:\Program Files\CyberDefender\AntiSpyware\cdasf9.exe (CyberDefender Corp.)
O4 - HKCU..\Run: [PhotoShow Deluxe Media Manager] C:\Program Files\Comcast\Comcast PhotoShow 4\data\Xtras\mssysmgr.exe (Simple Star, Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_17.dll (Sun Microsystems, Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} http://site.ebrary.c...s/ebraryRdr.cab (Infotl Control)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Reg Error: Key error.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0441781A-3075-4C8F-9FDB-A6BCAE8769A1} http://downloads.com.../vmLauncher.cab (vmLaunch Class)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://pcpitstop.com...p/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/SCRABBLE/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} http://downloads.ewi...oOnlineScan.cab (ewidoOnlineScan Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photo.walgree...eensActivia.cab (Snapfish Activia)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcaf...01/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} http://upload.facebo...toUploader3.cab (Facebook Photo Uploader 4 Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase5036.cab (Windows Live Safety Center Base Module)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} http://upload.facebo...otoUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadbl...ivex/sabspx.cab (SABScanProcesses Class)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://download.mcaf...,26/mcgdmgr.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/SCRABBLE/Images/armhelper.ocx (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} http://webcam1.pghar...activex/AMC.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 207.68.160.190 194.25.2.129 208.67.222.222 207.68.160.190 194.25.2.129 208.67.222.222
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{765f85ac-c572-11dc-89ae-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{765f85ac-c572-11dc-89ae-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{765f85ac-c572-11dc-89ae-00038a000015}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (autocheck smrgdf C:\Documents and Settings\Jeremy\Application Data\iolo\) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2005/04/29 22:41:02 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - C:\WINDOWS\system32\irmon.dll (Microsoft Corporation)
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (52639325338206208)

========== Files/Folders - Created Within 14 Days ==========

[2009/12/21 01:58:03 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jeremy\Desktop\OTL.exe
[2009/12/21 01:18:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9 Installer
[2009/12/21 01:17:57 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2009/12/19 23:33:19 | 00,000,000 | ---D | C] -- C:\5a441410766cf4a51a7099
[2009/12/15 15:58:34 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/12/15 15:57:58 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Program Files\HJTInstall.exe
[2009/12/15 13:48:38 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Jeremy\Recent
[2009/12/15 13:44:03 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/12/15 05:41:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jeremy\Application Data\Malwarebytes
[2009/12/15 05:41:08 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/12/15 05:40:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/12/15 05:40:54 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/12/15 05:40:52 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/12/15 04:34:22 | 00,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2009/12/15 04:34:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jeremy\Application Data\Uniblue
[2009/12/15 04:34:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2009/12/15 04:31:57 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}
[2009/12/12 09:35:01 | 00,080,384 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\o4Patch.exe
[2009/12/12 09:35:01 | 00,078,336 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\Agent.OMZ.Fix.exe
[2009/12/12 09:35:00 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.C.exe
[2009/12/12 09:34:59 | 00,087,552 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\VACFix.exe
[2009/12/12 09:34:59 | 00,082,432 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\404Fix.exe
[2009/12/12 09:34:58 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.exe
[2009/12/12 09:34:56 | 00,289,144 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\VCCLSID.exe
[2009/12/12 09:34:56 | 00,079,360 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swxcacls.exe
[2009/12/12 09:34:54 | 00,288,417 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\SrchSTS.exe
[2009/12/12 09:34:53 | 00,135,168 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swreg.exe
[2009/12/12 09:34:52 | 00,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\WINDOWS\System32\Process.exe
[2009/12/12 09:32:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jeremy\Desktop\SmitfraudFix
[2009/12/11 21:56:12 | 00,000,000 | ---D | C] -- C:\Program Files\CyberDefender
[2009/12/11 15:57:23 | 00,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2009/07/22 02:01:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/05/06 22:41:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2008/10/10 15:32:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Google
[2008/03/23 09:00:00 | 00,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyinpa.dll
[2008/03/23 09:00:00 | 00,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyiesc.dll
[2008/03/23 09:00:00 | 00,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyhcp.dll
[2008/03/23 08:59:59 | 01,224,704 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyserv.dll
[2008/03/23 08:59:59 | 00,995,328 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyusb1.dll
[2008/03/23 08:59:59 | 00,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyprox.dll
[2008/03/23 08:59:59 | 00,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcypplc.dll
[2008/03/23 08:59:58 | 00,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcypmui.dll
[2008/03/23 08:59:58 | 00,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcylmpm.dll
[2008/03/23 08:59:56 | 00,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyhbn3.dll
[2008/03/23 08:59:54 | 00,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcycomc.dll
[2008/03/23 08:59:54 | 00,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcycomm.dll
[2007/12/25 05:13:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2007/07/12 11:31:44 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2006/12/29 11:07:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2006/12/29 07:05:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\AOL
[2006/04/13 03:11:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Symantec
[2005/04/29 22:40:57 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2009/12/21 02:03:00 | 00,000,366 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2009/12/21 01:58:09 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeremy\Desktop\OTL.exe
[2009/12/21 01:41:47 | 00,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/12/21 01:33:33 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/12/21 01:31:23 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/12/21 01:30:55 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/12/21 01:30:42 | 40,113,3568 | -HS- | M] () -- C:\hiberfil.sys
[2009/12/21 01:29:04 | 05,767,168 | -H-- | M] () -- C:\Documents and Settings\Jeremy\NTUSER.DAT
[2009/12/21 01:29:04 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Jeremy\ntuser.ini
[2009/12/21 01:25:45 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/12/21 00:07:23 | 00,000,951 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/20 22:39:43 | 00,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{E8039235-C547-429E-801B-05C1AAAB5744}.job
[2009/12/18 16:53:28 | 00,209,408 | ---- | M] () -- C:\Documents and Settings\Jeremy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/18 00:28:50 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/12/16 23:15:06 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/12/15 15:58:36 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Jeremy\Desktop\HijackThis.lnk
[2009/12/15 15:58:26 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\HJTInstall.exe
[2009/12/15 05:41:18 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/12/15 03:38:23 | 00,019,968 | ---- | M] () -- C:\Documents and Settings\Jeremy\Desktop\Christmas List.doc
[2009/12/12 10:10:05 | 00,003,622 | ---- | M] () -- C:\WINDOWS\System32\tmp.reg
[2009/12/11 21:57:19 | 00,000,222 | R--- | M] () -- C:\Documents and Settings\Jeremy\Desktop\PC Support.url
[2009/12/11 21:57:18 | 00,000,852 | R--- | M] () -- C:\Documents and Settings\Jeremy\Desktop\CyberDefender.lnk
[2009/12/10 03:35:21 | 00,462,426 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/12/10 03:35:20 | 00,079,650 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/12/10 03:35:16 | 00,551,500 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/12/07 10:03:21 | 00,294,912 | ---- | M] () -- C:\Documents and Settings\Jeremy\My Documents\Jeremy.fdy
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/12/21 01:25:43 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/12/15 15:58:36 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Jeremy\Desktop\HijackThis.lnk
[2009/12/15 05:41:17 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/12/14 03:39:54 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/12/12 09:41:11 | 00,003,622 | ---- | C] () -- C:\WINDOWS\System32\tmp.reg
[2009/12/12 09:34:57 | 00,075,776 | ---- | C] () -- C:\WINDOWS\System32\WS2Fix.exe
[2009/12/12 09:34:55 | 00,051,200 | ---- | C] () -- C:\WINDOWS\System32\dumphive.exe
[2009/12/12 09:34:54 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\swsc.exe
[2009/12/11 21:57:19 | 00,000,222 | R--- | C] () -- C:\Documents and Settings\Jeremy\Desktop\PC Support.url
[2009/12/11 21:57:18 | 00,000,852 | R--- | C] () -- C:\Documents and Settings\Jeremy\Desktop\CyberDefender.lnk
[2009/11/28 01:41:06 | 00,000,036 | ---- | C] () -- C:\Documents and Settings\Jeremy\Local Settings\Application Data\housecall.guid.cache
[2008/06/28 02:45:49 | 00,010,752 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/06/10 19:07:20 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/06/10 19:03:26 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/06/10 19:03:26 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/05/22 17:18:54 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/03/23 09:02:35 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxcyvs.dll
[2008/03/23 09:02:30 | 00,344,064 | ---- | C] () -- C:\WINDOWS\System32\lxcycoin.dll
[2008/03/23 09:01:27 | 00,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxcydrs.dll
[2008/03/23 09:01:27 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxcycaps.dll
[2008/03/23 09:01:26 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\lxcycnv4.dll
[2008/03/23 09:00:00 | 00,274,432 | ---- | C] () -- C:\WINDOWS\System32\lxcyinst.dll
[2008/01/10 21:03:17 | 00,167,936 | R--- | C] () -- C:\WINDOWS\System32\GBInf.dll
[2007/12/25 05:11:34 | 00,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2007/07/26 22:28:32 | 00,000,045 | ---- | C] () -- C:\WINDOWS\System32\RPVersion.ini
[2007/07/24 14:47:31 | 00,015,498 | ---- | C] () -- C:\WINDOWS\VX3000.ini
[2007/06/29 11:46:39 | 00,000,035 | ---- | C] () -- C:\WINDOWS\DAVIDSON.INI
[2007/06/29 11:46:39 | 00,000,028 | ---- | C] () -- C:\WINDOWS\KIDPHON.INI
[2007/06/26 18:07:37 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2007/01/23 15:15:22 | 00,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2006/12/13 22:27:52 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2006/09/14 20:40:09 | 00,000,000 | ---- | C] () -- C:\WINDOWS\muveeapp.INI
[2006/09/14 19:15:23 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS5y.DLL
[2006/08/05 07:13:44 | 00,000,032 | ---- | C] () -- C:\WINDOWS\AuthMgr.INI
[2006/05/07 04:05:03 | 00,001,359 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/03/19 12:11:20 | 00,003,245 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2006/03/13 03:11:19 | 00,209,408 | ---- | C] () -- C:\Documents and Settings\Jeremy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/03/05 01:14:54 | 00,000,008 | ---- | C] () -- C:\Documents and Settings\Jeremy\Application Data\usb.dat.bin
[2006/03/03 12:02:04 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/03/03 11:57:37 | 00,000,952 | ---- | C] () -- C:\Documents and Settings\Jeremy\Application Data\wklnhst.dat
[2005/04/30 00:30:44 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/04/30 00:30:44 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/04/30 00:30:44 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/04/30 00:30:44 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/04/30 00:30:44 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/04/30 00:30:44 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/04/30 00:17:21 | 00,015,669 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/02/12 03:33:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/07 08:16:44 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/07 08:10:08 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/01/13 13:46:34 | 00,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2002/03/13 15:46:46 | 00,053,248 | R--- | C] () -- C:\WINDOWS\System32\zlib.dll
[1999/01/22 13:46:58 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/08/16 05:00:00 | 00,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysres.dll

========== LOP Check ==========

[2009/02/20 02:59:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\16261
[2009/02/20 00:42:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\19251
[2009/02/10 06:42:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1A203
[2009/01/12 23:27:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\21A5
[2009/02/19 23:20:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\4242
[2009/04/28 01:32:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\A271
[2008/01/10 21:03:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Agilix
[2007/09/24 09:36:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2009/12/15 04:38:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2007/12/25 05:13:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2005/04/30 00:47:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2009/11/26 22:37:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SITEguard
[2009/12/02 02:40:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2009/11/14 15:12:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2006/03/03 12:33:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/12/15 04:35:11 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}
[2009/05/06 22:12:55 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
[2008/01/10 21:34:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\Blackboard
[2008/06/24 07:46:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\Comcast
[2006/08/05 07:38:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\Earthlink
[2008/01/02 15:25:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\FrostWire
[2008/09/27 22:37:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\GetRightToGo
[2008/01/07 22:17:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\HorizonWimba
[2006/03/05 00:09:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\InterVideo
[2007/12/25 05:13:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\iolo
[2006/09/14 20:37:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\Leadertech
[2009/12/02 02:41:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\LimeWire
[2006/08/05 07:01:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\MSNInstaller
[2006/09/14 20:39:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\muvee Technologies
[2009/10/02 11:59:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\Participatory Culture Foundation
[2009/10/02 15:59:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\PCF-VLC
[2006/03/13 03:48:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\QuitCounter
[2007/12/05 19:02:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\Snapfish
[2007/09/26 20:31:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\SpinTop
[2006/03/03 11:57:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\Template
[2009/12/15 04:34:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\Uniblue
[2006/09/06 19:49:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jeremy\Application Data\Walgreens
[2009/12/16 23:15:06 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2009/12/21 01:41:47 | 00,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2009/12/20 22:39:43 | 00,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{E8039235-C547-429E-801B-05C1AAAB5744}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2006/03/04 10:17:50 | 00,010,920 | ---- | M] () -- C:\aolconnfix.exe


< MD5 for: AGP440.SYS >
[2008/04/13 13:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 13:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2008/04/13 13:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 19:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 19:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 19:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 03:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/13 19:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 19:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 03:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/04 03:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 19:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 19:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

========== Files - Unicode (All) ==========
[2007/10/25 18:12:34 | 00,000,000 | ---D | M](C:\WINDOWS\System32\??crosoft.NET) -- C:\WINDOWS\System32\Міcrosoft.NET
[2007/09/24 10:38:57 | 00,000,000 | ---D | M](C:\Program Files\A?pPatch) -- C:\Program Files\AрpPatch
[2007/09/24 10:38:57 | 00,000,000 | ---D | M](C:\Program Files\A?pPatch) -- C:\Program Files\AрpPatch
[2007/09/24 09:58:29 | 00,000,000 | ---D | M](C:\Program Files\A?pPatch\A?pPatch) -- C:\Program Files\AрpPatch\AрpPatch
[2007/09/24 09:58:26 | 00,000,000 | ---D | M](C:\WINDOWS\s?stem32) -- C:\WINDOWS\sуstem32
[2007/09/24 09:58:26 | 00,000,000 | ---D | C](C:\WINDOWS\s?stem32) -- C:\WINDOWS\sуstem32
[2007/09/22 09:38:36 | 00,000,000 | ---D | C](C:\WINDOWS\System32\??crosoft.NET) -- C:\WINDOWS\System32\Міcrosoft.NET
(C:\Program Files\A?pPatch) -- C:\Program Files\AрpPatch

========== Alternate Data Streams ==========

@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7E95B6FD
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2D5907B8
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
  • 0

#3
pittzburghkid

pittzburghkid

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Did I post the right items?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP