Running it now as we speak. I am aware of the proxy, I put it there so I could access ESET online scanner, as well as MS virus detection, and Kapsy online virus scanner tool. I can remove the proxy, but then I wouldnt be able to download anything anti-virus related.
Here is the log with the script you asked me to run:
OTL logfile created on: 5/8/2010 7:52:51 PM - Run 4
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\adminbsb\Desktop
Windows 2000 Standard Edition Service Pack 4 (Version = 5.0.2195) - Type = NTDomainController
Internet Explorer (Version = 6.0.2800.1106)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 88.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files
Drive C: | 68.23 Gb Total Space | 39.67 Gb Free Space | 58.14% Space Free | Partition Type: NTFS
Drive D: | 68.23 Gb Total Space | 64.65 Gb Free Space | 94.75% Space Free | Partition Type: NTFS
Drive E: | 136.73 Gb Total Space | 65.07 Gb Free Space | 47.59% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 298.09 Gb Total Space | 297.81 Gb Free Space | 99.91% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: FLAWNS
Current User Name: adminbsb
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ========== PRC - [2010/05/08 11:53:34 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\adminbsb\Desktop\OTL.exe
PRC - [2010/05/06 17:04:56 | 002,017,280 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2009/12/15 18:12:58 | 001,955,184 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMyPC\g2tray.exe
PRC - [2009/12/15 18:12:56 | 000,557,424 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMyPC\g2svc.exe
PRC - [2009/12/15 18:12:54 | 001,465,712 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMyPC\g2printh.exe
PRC - [2009/12/15 18:12:52 | 001,535,344 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMyPC\g2mainh.exe
PRC - [2009/12/15 18:12:52 | 000,574,832 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMyPC\g2pre.exe
PRC - [2009/12/15 18:12:50 | 001,715,056 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMyPC\g2host.exe
PRC - [2009/12/15 18:12:46 | 000,564,592 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMyPC\g2audioh.exe
PRC - [2009/12/15 18:12:44 | 001,089,392 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMyPC\g2comm.exe
PRC - [2009/09/15 13:50:06 | 000,087,312 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\LLSSRV.EXE
PRC - [2009/02/13 06:54:30 | 000,335,120 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\DNS.EXE
PRC - [2007/09/05 10:53:48 | 000,020,480 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2005/11/16 11:00:00 | 000,122,880 | ---- | M] (WinZip Computing LP) -- C:\Program Files\WinZip\WZQKPICK.EXE
PRC - [2004/09/07 11:59:06 | 000,122,128 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\mstask.exe
PRC - [2003/06/19 15:05:04 | 000,745,232 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\ntfrs.exe
PRC - [2003/06/19 15:05:04 | 000,243,472 | ---- | M] (Microsoft Corporation) -- C:\WINNT\explorer.exe
PRC - [2003/06/19 15:05:04 | 000,196,706 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\wbem\WinMgmt.exe
PRC - [2003/06/19 15:05:04 | 000,090,896 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\dfssvc.exe
PRC - [2003/06/19 15:05:04 | 000,068,368 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\regsvc.exe
PRC - [2003/06/19 15:05:04 | 000,025,872 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\ismserv.exe
PRC - [2003/06/19 15:05:04 | 000,014,608 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\inetsrv\inetinfo.exe
PRC - [2002/07/24 08:00:00 | 000,025,360 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\tcpsvcs.exe
========== Modules (SafeList) ========== MOD - [2010/05/08 11:53:34 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\adminbsb\Desktop\OTL.exe
MOD - [2003/06/19 15:05:04 | 000,106,547 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\msscript.ocx
MOD - [2003/06/19 15:05:04 | 000,010,000 | ---- | M] (Microsoft Corporation) -- C:\WINNT\system32\lz32.dll
========== Win32 Services (SafeList) ========== SRV - [2009/12/15 18:12:56 | 000,557,424 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [Auto | Running] -- C:\Program Files\Citrix\GoToMyPC\g2svc.exe -- (GoToMyPC)
SRV - [2009/09/15 13:50:06 | 000,087,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\LLSSRV.EXE -- (LicenseService)
SRV - [2009/02/13 06:54:30 | 000,335,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\DNS.EXE -- (DNS)
SRV - [2007/09/05 10:53:48 | 000,020,480 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2007/05/24 08:08:44 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2004/09/07 11:59:06 | 000,122,128 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\mstask.exe -- (Schedule)
SRV - [2003/06/19 15:05:04 | 000,745,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\ntfrs.exe -- (NtFrs)
SRV - [2003/06/19 15:05:04 | 000,196,706 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\wbem\WinMgmt.exe -- (WinMgmt)
SRV - [2003/06/19 15:05:04 | 000,147,728 | ---- | M] (VERITAS Software Corp.) [On_Demand | Stopped] -- C:\WINNT\System32\dmadmin.exe -- (dmadmin)
SRV - [2003/06/19 15:05:04 | 000,142,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINNT\system32\termsrv.exe -- (TermService)
SRV - [2003/06/19 15:05:04 | 000,094,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINNT\system32\FAXSVC.EXE -- (Fax)
SRV - [2003/06/19 15:05:04 | 000,090,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\dfssvc.exe -- (Dfs)
SRV - [2003/06/19 15:05:04 | 000,068,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\regsvc.exe -- (RemoteRegistry)
SRV - [2003/06/19 15:05:04 | 000,025,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\ismserv.exe -- (IsmServ)
SRV - [2003/06/19 15:05:04 | 000,022,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINNT\system32\utilman.exe -- (UtilMan)
SRV - [2003/06/19 15:05:04 | 000,014,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2003/06/19 15:05:04 | 000,014,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transport Protocol (SMTP)
SRV - [2003/06/19 15:05:04 | 000,014,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2002/07/24 08:00:00 | 000,025,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINNT\system32\tcpsvcs.exe -- (DHCPServer)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Running] -- -- (MEMSWEEP2)
DRV - [2010/05/06 17:10:20 | 000,068,168 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 11:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2006/04/27 17:25:26 | 000,158,208 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\e1000nt5.sys -- (E1000) Intel®
DRV - [2004/07/22 10:11:26 | 000,023,936 | ---- | M] (LSI Logic Corporation) [Kernel | Boot | Running] -- C:\WINNT\system32\drivers\mraid2k.sys -- (mraid2k)
DRV - [2003/11/20 13:03:06 | 000,009,728 | ---- | M] (Quantum Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\QntmDLT.sys -- (QntmDLT)
DRV - [2003/06/19 15:05:04 | 000,369,104 | ---- | M] (VERITAS Software Corp.) [Kernel | Disabled | Stopped] -- C:\WINNT\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2003/06/19 15:05:04 | 000,137,936 | ---- | M] (VERITAS Software Corp.) [Kernel | Boot | Running] -- C:\WINNT\System32\drivers\dmio.sys -- (dmio)
DRV - [2003/06/19 15:05:04 | 000,074,448 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINNT\system32\drivers\Dfs.sys -- (DfsDriver)
DRV - [2003/06/19 15:05:04 | 000,060,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\parallel.sys -- (Parallel)
DRV - [2003/06/19 15:05:04 | 000,032,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\uhcd.sys -- (uhcd)
DRV - [2003/06/19 15:05:04 | 000,027,440 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINNT\system32\drivers\efs.sys -- (EFS)
DRV - [2003/06/19 15:05:04 | 000,020,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\tdipx.sys -- (TDIPX)
DRV - [2003/06/19 15:05:04 | 000,018,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\tdnetb.sys -- (TDNETB)
DRV - [2003/06/19 15:05:04 | 000,018,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\tdspx.sys -- (TDSPX)
DRV - [2003/06/19 15:05:04 | 000,012,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\tdasync.sys -- (TDASYNC)
DRV - [2003/06/19 15:05:04 | 000,007,728 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINNT\system32\drivers\diskperf.sys -- (Diskperf)
DRV - [2003/06/19 15:05:04 | 000,007,312 | ---- | M] (VERITAS Software Corp.) [Kernel | Boot | Running] -- C:\WINNT\System32\drivers\dmload.sys -- (dmload)
DRV - [2002/08/14 16:03:36 | 000,017,005 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINNT\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2002/07/24 08:00:00 | 000,021,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\rca.sys -- (RCA)
DRV - [2002/07/24 08:00:00 | 000,012,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINNT\System32\drivers\spud.sys -- (spud)
DRV - [2002/07/24 08:00:00 | 000,009,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINNT\system32\drivers\netdtect.sys -- (NetDetect)
DRV - [2000/06/09 08:20:20 | 000,006,961 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\bnchtape.sys -- (bnchtape)
DRV - [1999/11/10 11:34:08 | 000,071,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINNT\system32\drivers\atimpab.sys -- (atirage3)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.bing.com/IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 74.115.1.13:80
O1 HOSTS File: ([2010/05/04 14:31:04 | 000,607,013 | ---- | M]) - C:\WINNT\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 fr.a2dfp.net
O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 adserver.abv.bg
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 achmedia.com
O1 - Hosts: 127.0.0.1 aconti.net
O1 - Hosts: 127.0.0.1 secure.aconti.net
O1 - Hosts: 127.0.0.1 www.aconti.net #[Dialer.Aconti]
O1 - Hosts: 127.0.0.1 ads.active.com
O1 - Hosts: 127.0.0.1 am1.activemeter.com
O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ads.activepower.net
O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ad2games.com
O1 - Hosts: 127.0.0.1 cms.ad2click.nl
O1 - Hosts: 127.0.0.1 ads.ad2games.com
O1 - Hosts: 127.0.0.1 content.ad20.net
O1 - Hosts: 16040 more lines...
O3 - HKLM\..\Toolbar: (@msdxmLC.dll,-1@1033,&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx ()
O4 - HKLM..\Run: [*GoToMyPC] C:\Program Files\Citrix\GoToMyPC\g2svc.exe (Citrix Online, a division of Citrix Systems, Inc.)
O4 - HKLM..\Run: [HitmanPro35] C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe (SurfRight B.V.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing LP)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ShowSuperHidden = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disablecad = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINNT\system32\RNR20.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B}
http://support.dell....iler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://fpdownload.ma...director/sw.cab (Reg Error: Key error.)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166}
http://cdn.scan.onec...lscbase6087.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://update.micros...b?1268936622546 (WUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}
http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1}
http://dlm.tools.aka...vex-2.2.3.2.cab (DLM Control)
O16 - DPF: DirectAnimation Java Classes file://C:\WINNT\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINNT\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = freedomlawns.local
O18 - Protocol\Handler\intu-help-qb1 {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (TODO: <Company name>)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINNT\system32\msdxm.ocx ()
O18 - Protocol\Filter\application/octet-stream - No CLSID value found
O18 - Protocol\Filter\application/x-complus - No CLSID value found
O18 - Protocol\Filter\application/x-msdownload - No CLSID value found
O18 - Protocol\Filter\Class Install Handler - No CLSID value found
O18 - Protocol\Filter\deflate - No CLSID value found
O18 - Protocol\Filter\gzip - No CLSID value found
O18 - Protocol\Filter\lzdhtml - No CLSID value found
O18 - Protocol\Filter\text/webviewhtml - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINNT\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\wzcnotif: DllName - wzcdlg.dll - C:\WINNT\System32\wzcdlg.dll (Microsoft Corporation)
O24 - Desktop BackupWallPaper:
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O29 - HKLM SecurityProviders - (pwdssp.dll) - C:\WINNT\System32\pwdssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/01/14 00:45:17 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: Ias - C:\WINNT\system32\ias [2010/05/08 06:00:21 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Nwsapagent - File not found
========== Files/Folders - Created Within 30 Days ========== [2010/05/08 19:52:30 | 344,104,592 | ---- | C] (Kaspersky Lab ) -- C:\Documents and Settings\adminbsb\Desktop\kasp8.0.2090_adminkiten.exe
[2010/05/08 16:11:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adminbsb\My Documents\hosts
[2010/05/08 15:52:25 | 000,000,000 | ---D | C] -- C:\Program Files\Security Task Manager
[2010/05/08 15:19:32 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/05/08 15:19:32 | 000,000,000 | ---D | C] -- C:\Program Files\Citrix
[2010/05/08 15:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/05/08 12:06:48 | 000,000,000 | ---D | C] -- C:\Program Files\Softwin
[2010/05/08 12:06:27 | 000,465,000 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\adminbsb\Desktop\bitdefender_antirootkit-beta2.exe
[2010/05/08 11:53:31 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\adminbsb\Desktop\OTL.exe
[2010/05/08 10:17:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbamswissarmy.sys
[2010/05/08 10:16:59 | 000,019,288 | ---- | C] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbam.sys
[2010/05/08 10:16:18 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/05/08 09:27:26 | 000,264,704 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\adminbsb\Desktop\TFC.exe
[2010/05/08 09:09:01 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2010/05/08 09:09:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2010/05/08 09:08:57 | 005,937,984 | ---- | C] (SurfRight B.V.) -- C:\Documents and Settings\adminbsb\Desktop\HitmanPro35.exe
[2010/05/08 08:54:45 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\adminbsb\Desktop\ATF-Cleaner.exe
[2010/05/08 08:53:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adminbsb\Desktop\GooredFix Backups
[2010/05/08 08:52:58 | 000,070,858 | ---- | C] (jpshortstuff) -- C:\Documents and Settings\adminbsb\Desktop\GooredFix.exe
[2010/05/08 08:33:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/05/08 08:30:03 | 000,000,000 | ---D | C] -- C:\VundoFix Backups
[2010/05/08 08:29:52 | 000,119,808 | ---- | C] (Atribune.org) -- C:\Documents and Settings\adminbsb\Desktop\VundoFix.exe
[2010/05/08 07:41:30 | 125,883,520 | ---- | C] (AVG Technologies) -- C:\Documents and Settings\adminbsb\Desktop\avg_ipw_stf_all_90_819a2842.exe
[2010/05/08 06:51:46 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/05/08 06:20:28 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2010/05/08 06:16:57 | 000,615,912 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\adminbsb\Desktop\Windows2000-KB921883-x86-ENU.EXE
[2010/05/08 06:16:08 | 000,724,792 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\adminbsb\Desktop\WindowsServer2003-KB921883-v2-x86-ENU.exe
[2010/05/05 12:22:45 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/05/04 11:26:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2010/05/03 19:08:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/05/03 19:07:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adminbsb\My Documents\Simply Super Software
[2010/05/03 18:45:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adminbsb\DoctorWeb
[2010/05/03 18:28:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adminbsb\My Documents\RegRun2
[2010/05/03 18:28:08 | 000,000,000 | ---D | C] -- C:\Program Files\UnHackMe
[2010/05/03 18:22:27 | 010,859,096 | ---- | C] (Greatis Software, LLC. ) -- C:\Documents and Settings\adminbsb\Desktop\unhackme_setup.exe
[2010/04/29 15:54:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/04/29 15:18:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/04/29 15:18:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adminbsb\Application Data\SUPERAntiSpyware.com
[2010/04/29 15:18:40 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/04/29 15:18:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\adminbsb\Application Data\WinRAR
[2010/04/29 15:14:45 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
========== Files - Modified Within 30 Days ========== [2010/05/08 19:52:30 | 344,104,592 | ---- | M] (Kaspersky Lab ) -- C:\Documents and Settings\adminbsb\Desktop\kasp8.0.2090_adminkiten.exe
[2010/05/08 19:52:20 | 000,860,160 | ---- | M] () -- C:\Documents and Settings\adminbsb\NTUSER.DAT
[2010/05/08 19:03:54 | 000,076,288 | ---- | M] () -- C:\WINNT\System32\dnsmgmt.msc
[2010/05/08 19:03:40 | 000,077,312 | ---- | M] () -- C:\Documents and Settings\adminbsb\My Documents\mbr.exe
[2010/05/08 19:02:39 | 000,001,980 | ---- | M] () -- C:\Documents and Settings\adminbsb\Desktop\WKSFS.key
[2010/05/08 16:26:43 | 001,339,288 | ---- | M] () -- C:\Documents and Settings\adminbsb\My Documents\sar_15_sfx.exe
[2010/05/08 16:10:22 | 000,149,705 | ---- | M] () -- C:\Documents and Settings\adminbsb\My Documents\hosts.zip
[2010/05/08 16:03:15 | 000,000,006 | -H-- | M] () -- C:\WINNT\tasks\SA.DAT
[2010/05/08 15:50:50 | 001,709,408 | ---- | M] () -- C:\Documents and Settings\adminbsb\My Documents\taskmanager17.exe
[2010/05/08 13:35:31 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\adminbsb\ntuser.ini
[2010/05/08 13:35:26 | 000,556,022 | -H-- | M] () -- C:\WINNT\ShellIconCache
[2010/05/08 13:13:28 | 000,065,536 | ---- | M] () -- C:\WINNT\NETLOGON.CHG
[2010/05/08 12:27:34 | 000,002,374 | ---- | M] () -- C:\Documents and Settings\adminbsb\Desktop\HiJackThis.lnk
[2010/05/08 12:09:18 | 000,231,390 | ---- | M] () -- C:\Documents and Settings\adminbsb\Desktop\RootkitRevealer.zip
[2010/05/08 12:06:33 | 000,465,000 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\adminbsb\Desktop\bitdefender_antirootkit-beta2.exe
[2010/05/08 11:53:34 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\adminbsb\Desktop\OTL.exe
[2010/05/08 10:18:32 | 000,000,569 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/08 09:31:18 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\adminbsb\Desktop\us2ldynb.exe
[2010/05/08 09:27:29 | 000,264,704 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\adminbsb\Desktop\TFC.exe
[2010/05/08 09:18:53 | 000,014,792 | ---- | M] () -- C:\WINNT\System32\drivers\hitmanpro35.sys
[2010/05/08 09:18:37 | 000,001,549 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Hitman Pro 3.5.lnk
[2010/05/08 09:18:34 | 005,937,984 | ---- | M] (SurfRight B.V.) -- C:\Documents and Settings\adminbsb\Desktop\HitmanPro35.exe
[2010/05/08 09:03:47 | 000,000,579 | ---- | M] () -- C:\WINNT\System32\drivers\etc\HOSTS.MVP
[2010/05/08 08:54:45 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\adminbsb\Desktop\ATF-Cleaner.exe
[2010/05/08 08:52:59 | 000,070,858 | ---- | M] (jpshortstuff) -- C:\Documents and Settings\adminbsb\Desktop\GooredFix.exe
[2010/05/08 08:43:16 | 000,004,958 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2010/05/08 08:33:17 | 000,000,659 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/05/08 08:33:04 | 008,206,880 | ---- | M] () -- C:\Documents and Settings\adminbsb\Desktop\SUPERAntiSpyware.exe
[2010/05/08 08:29:53 | 000,119,808 | ---- | M] (Atribune.org) -- C:\Documents and Settings\adminbsb\Desktop\VundoFix.exe
[2010/05/08 07:41:30 | 125,883,520 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\adminbsb\Desktop\avg_ipw_stf_all_90_819a2842.exe
[2010/05/08 06:56:21 | 000,070,144 | ---- | M] () -- C:\WINNT\System32\dompol.msc
[2010/05/08 06:20:28 | 000,002,839 | ---- | M] () -- C:\Documents and Settings\adminbsb\Desktop\Sophos confic-a Cleanup Tool.lnk
[2010/05/08 06:20:20 | 003,920,384 | ---- | M] () -- C:\Documents and Settings\adminbsb\Desktop\conficker-removal-tool.msi
[2010/05/08 06:17:03 | 000,615,912 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\adminbsb\Desktop\Windows2000-KB921883-x86-ENU.EXE
[2010/05/08 06:16:15 | 000,724,792 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\adminbsb\Desktop\WindowsServer2003-KB921883-v2-x86-ENU.exe
[2010/05/08 06:00:21 | 000,066,048 | ---- | M] () -- C:\WINNT\System32\rrasmgmt.msc
[2010/05/08 05:57:54 | 000,066,048 | ---- | M] () -- C:\WINNT\System32\dhcpmgmt.msc
[2010/05/08 05:47:13 | 000,000,380 | ---- | M] () -- C:\Documents and Settings\adminbsb\My Documents\backup2010.reg
[2010/05/08 05:35:19 | 003,684,271 | ---- | M] () -- C:\Documents and Settings\adminbsb\Desktop\ComboFix.exe
[2010/05/08 05:33:34 | 000,002,644 | ---- | M] () -- C:\WINNT\imsins.BAK
[2010/05/05 12:22:50 | 000,067,072 | ---- | M] () -- C:\WINNT\System32\dsa.msc
[2010/05/04 14:31:04 | 000,607,013 | ---- | M] () -- C:\WINNT\System32\drivers\etc\HOSTS
[2010/05/04 11:25:25 | 001,709,408 | ---- | M] () -- C:\Documents and Settings\adminbsb\Desktop\taskmanager17.exe
[2010/05/03 19:08:59 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\adminbsb\Local Settings\Application Data\housecall.guid.cache
[2010/05/03 18:28:50 | 000,002,577 | ---- | M] () -- C:\WINNT\System32\CONFIG.NT
[2010/05/03 18:28:50 | 000,000,438 | ---- | M] () -- C:\WINNT\System32\AUTOEXEC.NT
[2010/05/03 18:28:50 | 000,000,002 | RHS- | M] () -- C:\WINNT\winstart.bat
[2010/05/03 18:22:10 | 010,837,867 | ---- | M] () -- C:\Documents and Settings\adminbsb\Desktop\unhackme.zip
[2010/05/03 18:14:42 | 044,089,904 | ---- | M] () -- C:\Documents and Settings\adminbsb\Desktop\tools.exe
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:24 | 000,019,288 | ---- | M] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbam.sys
[2010/04/29 15:18:15 | 006,574,239 | ---- | M] () -- C:\Documents and Settings\adminbsb\Desktop\SUPERAntiSpyware.rar
[2010/04/15 14:31:10 | 035,552,574 | ---- | M] () -- C:\Documents and Settings\adminbsb\My Documents\backup.reg
[2010/04/15 13:57:21 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_640.dat
========== Files Created - No Company Name ========== [2010/05/08 19:04:36 | 000,077,312 | ---- | C] () -- C:\Documents and Settings\adminbsb\My Documents\mbr.exe
[2010/05/08 19:02:45 | 000,001,980 | ---- | C] () -- C:\Documents and Settings\adminbsb\Desktop\WKSFS.key
[2010/05/08 16:26:55 | 001,339,288 | ---- | C] () -- C:\Documents and Settings\adminbsb\My Documents\sar_15_sfx.exe
[2010/05/08 16:10:46 | 000,149,705 | ---- | C] () -- C:\Documents and Settings\adminbsb\My Documents\hosts.zip
[2010/05/08 15:51:24 | 001,709,408 | ---- | C] () -- C:\Documents and Settings\adminbsb\My Documents\taskmanager17.exe
[2010/05/08 12:09:16 | 000,231,390 | ---- | C] () -- C:\Documents and Settings\adminbsb\Desktop\RootkitRevealer.zip
[2010/05/08 10:17:04 | 000,000,569 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/08 09:31:15 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\adminbsb\Desktop\us2ldynb.exe
[2010/05/08 09:18:37 | 000,001,549 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Hitman Pro 3.5.lnk
[2010/05/08 09:09:08 | 000,014,792 | ---- | C] () -- C:\WINNT\System32\drivers\hitmanpro35.sys
[2010/05/08 08:33:17 | 000,000,659 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/05/08 08:33:04 | 008,206,880 | ---- | C] () -- C:\Documents and Settings\adminbsb\Desktop\SUPERAntiSpyware.exe
[2010/05/08 08:21:28 | 000,556,022 | -H-- | C] () -- C:\WINNT\ShellIconCache
[2010/05/08 06:20:28 | 000,002,839 | ---- | C] () -- C:\Documents and Settings\adminbsb\Desktop\Sophos confic-a Cleanup Tool.lnk
[2010/05/08 06:20:20 | 003,920,384 | ---- | C] () -- C:\Documents and Settings\adminbsb\Desktop\conficker-removal-tool.msi
[2010/05/08 05:47:13 | 000,000,380 | ---- | C] () -- C:\Documents and Settings\adminbsb\My Documents\backup2010.reg
[2010/05/08 05:35:19 | 003,684,271 | ---- | C] () -- C:\Documents and Settings\adminbsb\Desktop\ComboFix.exe
[2010/05/05 12:22:45 | 000,002,374 | ---- | C] () -- C:\Documents and Settings\adminbsb\Desktop\HiJackThis.lnk
[2010/05/04 11:25:25 | 001,709,408 | ---- | C] () -- C:\Documents and Settings\adminbsb\Desktop\taskmanager17.exe
[2010/05/03 19:08:59 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\adminbsb\Local Settings\Application Data\housecall.guid.cache
[2010/05/03 18:28:50 | 000,000,002 | RHS- | C] () -- C:\WINNT\winstart.bat
[2010/05/03 18:22:10 | 010,837,867 | ---- | C] () -- C:\Documents and Settings\adminbsb\Desktop\unhackme.zip
[2010/05/03 18:14:42 | 044,089,904 | ---- | C] () -- C:\Documents and Settings\adminbsb\Desktop\tools.exe
[