[mjgaz6]

Hi,

I've seen on this forum other people having the same problem. Malwarebytes picks up this malware.trace bug when it scans - then it says it successfully deleted and it reappears when I reboot my computer. I've also run combo fix and that seemed to help speed the system up and make it run smoother, but Malwarebytes is still picking up the malware.trace. Here are my last couple logs:

Files Infected:
c:\documents and settings\localservice\application data\02000000ec08838f1270c.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\02000000ec08838f1270o.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\02000000ec08838f1270p.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\02000000ec08838f1270s.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\02000000ec08838f1270c.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\02000000ec08838f1270o.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\02000000ec08838f1270p.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\02000000ec08838f1270s.manifest (Malware.Trace) -> Quarantined and deleted successfully.

Here is my OTL file log:

OTL logfile created on: 5/30/2011 8:28:03 PM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\mike\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.52 Gb Available Physical Memory | 77.45% Memory free
6.50 Gb Paging File | 5.86 Gb Available in Paging File | 90.03% Paging File free
Paging file location(s): C:\pagefile.sys 3500 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 127.99 Gb Total Space | 64.94 Gb Free Space | 50.73% Space Free | Partition Type: NTFS
Drive E: | 267.67 Gb Total Space | 267.26 Gb Free Space | 99.85% Space Free | Partition Type: NTFS
Drive F: | 267.67 Gb Total Space | 264.12 Gb Free Space | 98.68% Space Free | Partition Type: NTFS
Drive G: | 268.18 Gb Total Space | 244.76 Gb Free Space | 91.27% Space Free | Partition Type: NTFS

Computer Name: HOME-CW3EF3TDYD | User Name: mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/30 20:27:55 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\mike\My Documents\Downloads\OTL.exe
PRC - [2011/05/30 15:14:19 | 000,768,512 | ---- | M] () -- C:\WINDOWS\system32\vbscript32.exe
PRC - [2011/05/30 15:14:19 | 000,768,512 | ---- | M] () -- C:\WINDOWS\system32\kbdbu32.exe
PRC - [2011/05/10 05:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/05/10 05:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/04/30 07:52:28 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/02/25 14:58:28 | 000,147,456 | ---- | M] (Pro Softnet Corporation) -- C:\Program Files\IDrive\IDriveE Service.exe
PRC - [2010/12/20 18:08:58 | 000,363,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/11/30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/05/30 20:27:55 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\mike\My Documents\Downloads\OTL.exe
MOD - [2011/05/10 05:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008/04/13 17:12:05 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\security.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (AVP)
SRV - [2011/05/30 15:14:19 | 000,768,512 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\kbdbu32.exe -- (NetDDE32)
SRV - [2011/05/10 05:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/02/28 16:19:04 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/02/25 14:58:28 | 000,147,456 | ---- | M] (Pro Softnet Corporation) [Auto | Running] -- C:\Program Files\IDrive\IDriveE Service.exe -- (IDriveE Service)
SRV - [2010/12/20 18:08:58 | 000,363,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)


========== Driver Services (SafeList) ==========

DRV - [2011/05/10 05:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/05/10 05:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/05/10 05:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/05/10 05:02:25 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/05/10 04:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/05/10 04:59:37 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/05/10 04:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/04/19 19:41:56 | 006,537,728 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/10/01 10:37:50 | 000,475,736 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2010/06/09 16:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl2.sys -- (kl2)
DRV - [2010/06/09 16:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\kl1.sys -- (KL1)
DRV - [2010/05/10 11:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/05/07 11:06:26 | 000,032,856 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2010/03/22 16:30:22 | 000,222,672 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2010/02/17 11:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/11/02 19:27:24 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/10/28 11:35:10 | 005,937,152 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/08/05 20:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2007/10/11 21:40:00 | 000,009,096 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdide.sys -- (amdide)
DRV - [2007/09/10 02:11:12 | 000,012,288 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Spyder3.sys -- (Spyder3)
DRV - [2007/07/20 18:40:10 | 000,084,992 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2007/04/16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006/01/04 15:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = E8 26 95 0E F5 AA 99 4E 89 B1 9A 3F 38 3F A5 B0 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9
FF - prefs.js..extensions.enabledItems: qrptoolbar@leapforceathome:1.74
FF - prefs.js..extensions.enabledItems: {8ea9957e-2953-402f-80e0-bceb5f169d6f}:0.5.4
FF - prefs.js..extensions.enabledItems: {f035aa18-ee32-4e6e-81d2-57e32867f8a7}:1.18
FF - prefs.js..extensions.enabledItems: {c4dc572a-3295-40eb-b30f-b54aa4cdc4b7}:0.7.23
FF - prefs.js..extensions.enabledItems: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {a19959fa-bcb9-43a8-bc2e-b827d666682b}:1.0
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/24 07:41:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/02 10:07:23 | 000,000,000 | ---D | M]

[2011/03/18 16:09:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\mike\Application Data\Mozilla\Extensions
[2011/05/30 20:11:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\mike\Application Data\Mozilla\Firefox\Profiles\7soc602r.default\extensions
[2011/03/26 11:32:44 | 000,000,000 | ---D | M] (Flashblock) -- C:\Documents and Settings\mike\Application Data\Mozilla\Firefox\Profiles\7soc602r.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2011/03/26 11:32:44 | 000,000,000 | ---D | M] (XHTML Mobile Profile) -- C:\Documents and Settings\mike\Application Data\Mozilla\Firefox\Profiles\7soc602r.default\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}
[2011/05/30 20:09:09 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Documents and Settings\mike\Application Data\Mozilla\Firefox\Profiles\7soc602r.default\extensions\{a19959fa-bcb9-43a8-bc2e-b827d666682b}
[2011/03/18 21:30:56 | 000,000,000 | ---D | M] (Web Developer) -- C:\Documents and Settings\mike\Application Data\Mozilla\Firefox\Profiles\7soc602r.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2011/03/26 11:32:44 | 000,000,000 | ---D | M] (wmlbrowser) -- C:\Documents and Settings\mike\Application Data\Mozilla\Firefox\Profiles\7soc602r.default\extensions\{c4dc572a-3295-40eb-b30f-b54aa4cdc4b7}
[2011/03/26 11:32:44 | 000,000,000 | ---D | M] (EWOQ Mobile Setup extension) -- C:\Documents and Settings\mike\Application Data\Mozilla\Firefox\Profiles\7soc602r.default\extensions\{f035aa18-ee32-4e6e-81d2-57e32867f8a7}
[2011/03/30 08:09:51 | 000,000,000 | ---D | M] ("Leapforce - Search Engine Evaluator Toolbar") -- C:\Documents and Settings\mike\Application Data\Mozilla\Firefox\Profiles\7soc602r.default\extensions\qrptoolbar@leapforceathome
[2011/05/30 20:11:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/05/02 10:07:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/05/02 10:07:18 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/05/02 10:07:18 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2011/05/30 19:57:52 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {0E9526E8-AAF5-4E99-89B1-9A3F383FA5B0} - C:\WINDOWS\system32\ATIDDC32.dll (CrypKey Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (f4eb5e6c) - {A9B85E61-E702-B31F-6E47-54511BECA0FB} - C:\WINDOWS\system32\neth32.dll (AIDEX Team)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [IDriveE Startup] C:\Program Files\IDrive\IDrvieEStartup.exe (Pro Softnet Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutorunsDisabled [2011/03/02 23:23:22 | 000,000,000 | -H-D | M]
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1298742063988 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnime...veX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O20 - AppInit_DLLs: (C:\WINDOWS\system32\neth32.dll) - C:\WINDOWS\system32\neth32.dll (AIDEX Team)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/02/26 09:55:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/30 20:11:29 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/05/30 20:05:52 | 000,177,152 | ---- | C] (AIDEX Team) -- C:\WINDOWS\System32\neth32.dll
[2011/05/30 19:42:12 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/05/30 19:40:05 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/05/30 19:39:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2011/05/30 19:39:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\mike\My Documents\My Videos
[2011/05/30 19:38:39 | 004,108,494 | R--- | C] (Swearware) -- C:\Documents and Settings\mike\Desktop\ComboFix.exe
[2011/05/30 15:14:22 | 000,349,696 | ---- | C] (CrypKey Inc.) -- C:\WINDOWS\System32\ATIDDC32.dll
[2011/05/28 00:04:01 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\mike\Recent
[2011/05/25 06:48:20 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011/05/24 23:42:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mike\Application Data\SUPERAntiSpyware.com
[2011/05/24 23:42:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/05/24 23:42:01 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/05/24 11:53:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\mike\Start Menu\Programs\Administrative Tools
[2011/05/24 11:19:43 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/05/24 11:19:42 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/05/24 11:19:42 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/05/24 11:19:42 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/05/24 11:19:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/05/24 11:18:44 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/24 11:04:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/05/24 11:04:04 | 000,307,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/05/24 11:04:04 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/05/24 11:04:02 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/05/24 11:04:02 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/05/24 11:04:02 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/05/24 11:04:01 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/05/24 11:04:01 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/05/24 11:04:00 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/05/24 11:03:51 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/05/24 11:03:51 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/05/24 11:03:44 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/05/24 11:03:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/05/24 11:03:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Templates
[2011/05/24 11:03:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/05/24 10:56:31 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2011/05/24 10:56:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mike\Application Data\InstallShield
[2011/05/24 10:50:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011/05/23 15:50:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2011/05/22 10:18:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mike\Application Data\Malwarebytes
[2011/05/22 10:18:49 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/22 10:18:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/22 10:18:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/05/22 10:18:46 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/22 10:18:46 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/12 11:22:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mike\Desktop\Enrique Trp
[2011/05/11 14:14:33 | 000,032,856 | ---- | C] (Kaspersky Lab ZAO) -- C:\WINDOWS\System32\drivers\klim5.sys
[2011/05/11 14:14:30 | 000,475,736 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2011/05/11 14:14:28 | 000,019,472 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klmouflt.sys
[2011/05/11 14:14:27 | 000,011,352 | ---- | C] (Kaspersky Lab ZAO) -- C:\WINDOWS\System32\drivers\kl2.sys
[2011/05/11 14:14:24 | 000,132,184 | ---- | C] (Kaspersky Lab ZAO) -- C:\WINDOWS\System32\drivers\kl1.sys
[2011/05/10 18:49:37 | 000,000,000 | ---D | C] -- C:\Swsetup
[2011/05/10 18:37:33 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2011/05/10 18:37:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Catalyst Control Center
[2011/05/10 18:36:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2011/05/10 18:36:13 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2011/05/10 18:35:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mike\My Documents\11-5_xp32_dd_ccc_ocl
[2011/05/04 14:33:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mike\Desktop\Digital Picture Frame
[2011/05/02 10:07:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2011/05/02 10:07:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011/05/02 10:07:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/05/02 10:07:15 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/05/02 10:06:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mike\Application Data\Sun
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\mike\*.tmp files -> C:\Documents and Settings\mike\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/30 20:10:41 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/05/30 20:09:54 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/05/30 20:09:54 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/05/30 20:05:58 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/30 20:05:52 | 000,177,152 | ---- | M] (AIDEX Team) -- C:\WINDOWS\System32\neth32.dll
[2011/05/30 20:05:52 | 000,000,092 | ---- | M] () -- C:\WINDOWS\System32\2117474638
[2011/05/30 20:05:44 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/30 20:05:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/30 19:57:52 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/05/30 19:42:20 | 000,000,339 | RHS- | M] () -- C:\boot.ini
[2011/05/30 19:38:52 | 004,108,494 | R--- | M] (Swearware) -- C:\Documents and Settings\mike\Desktop\ComboFix.exe
[2011/05/30 19:28:23 | 000,000,019 | ---- | M] () -- C:\WINDOWS\System32\5418093e
[2011/05/30 18:49:01 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/30 15:14:22 | 000,349,696 | ---- | M] (CrypKey Inc.) -- C:\WINDOWS\System32\ATIDDC32.dll
[2011/05/30 15:14:19 | 000,768,512 | ---- | M] () -- C:\WINDOWS\System32\vbscript32.exe
[2011/05/30 15:14:19 | 000,768,512 | ---- | M] () -- C:\WINDOWS\System32\kbdbu32.exe
[2011/05/25 06:54:16 | 002,013,992 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/05/24 11:04:05 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/05/24 11:04:01 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/05/24 11:03:30 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/05/24 10:56:31 | 000,000,223 | ---- | M] () -- C:\Boot.bak
[2011/05/24 10:55:33 | 006,946,957 | ---- | M] () -- C:\Documents and Settings\mike\My Documents\AMD_Processor_Driver_1320053.zip
[2011/05/23 15:37:06 | 000,000,086 | ---- | M] () -- C:\Documents and Settings\mike\Desktop\Buy jv16 PowerTools.url
[2011/05/23 15:36:35 | 000,000,022 | -HS- | M] () -- C:\WINDOWS\System5537 Data.Repository
[2011/05/23 15:36:35 | 000,000,022 | -HS- | M] () -- C:\Documents and Settings\mike\Application Data\Sys2662.Config.Repository.bin
[2011/05/22 10:32:49 | 000,020,102 | ---- | M] () -- C:\Documents and Settings\mike\My Documents\cc_20110522_103208.reg
[2011/05/22 10:31:40 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/05/22 00:13:48 | 000,601,271 | ---- | M] () -- C:\Documents and Settings\mike\Desktop\993693652_EvEfG-O-2.jpg
[2011/05/21 17:32:26 | 361,467,292 | ---- | M] () -- C:\Documents and Settings\mike\Desktop\IMG_5133 as Smart Object-1.tif
[2011/05/11 07:10:20 | 000,009,662 | ---- | M] () -- C:\WINDOWS\EPISME00.SWB
[2011/05/10 18:17:18 | 000,000,768 | ---- | M] () -- C:\Documents and Settings\mike\My Documents\cc_20110510_181711.reg
[2011/05/10 18:11:50 | 000,000,286 | ---- | M] () -- C:\WINDOWS\reimage.ini
[2011/05/10 17:14:23 | 000,019,604 | ---- | M] () -- C:\Documents and Settings\mike\My Documents\cc_20110510_171404.reg
[2011/05/10 14:06:56 | 000,014,510 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\wve8r271btq6i1ququcpx22kj3180d282726h32fxagh
[2011/05/10 14:06:55 | 000,014,510 | -HS- | M] () -- C:\Documents and Settings\mike\Local Settings\Application Data\wve8r271btq6i1ququcpx22kj3180d282726h32fxagh
[2011/05/10 05:10:59 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/05/10 05:10:55 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/05/10 05:03:54 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/05/10 05:03:44 | 000,307,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/05/10 05:02:37 | 000,049,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/05/10 05:02:25 | 000,102,616 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/05/10 05:02:22 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/05/10 04:59:56 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/05/10 04:59:37 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/05/10 04:59:35 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/05/04 15:50:52 | 294,407,944 | ---- | M] () -- C:\Documents and Settings\mike\Desktop\joshua_Tree_blend_finished.tif
[2011/05/04 15:36:21 | 000,191,947 | ---- | M] () -- C:\Documents and Settings\mike\Desktop\2892650570_b404d2776d_o.jpg
[2011/05/02 11:19:22 | 000,013,052 | ---- | M] () -- C:\Documents and Settings\mike\My Documents\cc_20110502_111856.reg
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\mike\*.tmp files -> C:\Documents and Settings\mike\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/30 19:42:20 | 000,000,223 | ---- | C] () -- C:\Boot.bak
[2011/05/30 19:42:15 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/05/30 17:52:40 | 000,000,019 | ---- | C] () -- C:\WINDOWS\System32\5418093e
[2011/05/30 15:14:29 | 000,768,512 | ---- | C] () -- C:\WINDOWS\System32\vbscript32.exe
[2011/05/30 15:14:25 | 000,768,512 | ---- | C] () -- C:\WINDOWS\System32\kbdbu32.exe
[2011/05/30 15:14:25 | 000,000,092 | ---- | C] () -- C:\WINDOWS\System32\2117474638
[2011/05/24 11:20:16 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/05/24 11:19:43 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/05/24 11:19:42 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/05/24 11:19:42 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/05/24 11:19:42 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/05/24 11:19:42 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/05/24 11:04:05 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/05/24 11:03:30 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/05/24 11:03:14 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/05/24 10:55:25 | 006,946,957 | ---- | C] () -- C:\Documents and Settings\mike\My Documents\AMD_Processor_Driver_1320053.zip
[2011/05/23 15:37:06 | 000,000,086 | ---- | C] () -- C:\Documents and Settings\mike\Desktop\Buy jv16 PowerTools.url
[2011/05/23 15:36:35 | 000,000,022 | -HS- | C] () -- C:\WINDOWS\System5537 Data.Repository
[2011/05/23 15:36:35 | 000,000,022 | -HS- | C] () -- C:\Documents and Settings\mike\Application Data\Sys2662.Config.Repository.bin
[2011/05/22 10:32:10 | 000,020,102 | ---- | C] () -- C:\Documents and Settings\mike\My Documents\cc_20110522_103208.reg
[2011/05/22 10:31:40 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/05/22 00:14:16 | 000,601,271 | ---- | C] () -- C:\Documents and Settings\mike\Desktop\993693652_EvEfG-O-2.jpg
[2011/05/21 17:32:17 | 361,467,292 | ---- | C] () -- C:\Documents and Settings\mike\Desktop\IMG_5133 as Smart Object-1.tif
[2011/05/11 14:14:24 | 000,027,675 | ---- | C] () -- C:\WINDOWS\System32\drivers\klopp.dat
[2011/05/10 18:17:12 | 000,000,768 | ---- | C] () -- C:\Documents and Settings\mike\My Documents\cc_20110510_181711.reg
[2011/05/10 18:11:39 | 000,000,286 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2011/05/10 17:14:07 | 000,019,604 | ---- | C] () -- C:\Documents and Settings\mike\My Documents\cc_20110510_171404.reg
[2011/05/10 12:31:02 | 000,014,510 | -HS- | C] () -- C:\Documents and Settings\mike\Local Settings\Application Data\wve8r271btq6i1ququcpx22kj3180d282726h32fxagh
[2011/05/10 12:31:02 | 000,014,510 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\wve8r271btq6i1ququcpx22kj3180d282726h32fxagh
[2011/05/04 15:36:21 | 000,191,947 | ---- | C] () -- C:\Documents and Settings\mike\Desktop\2892650570_b404d2776d_o.jpg
[2011/05/02 11:18:58 | 000,013,052 | ---- | C] () -- C:\Documents and Settings\mike\My Documents\cc_20110502_111856.reg
[2011/04/19 22:10:32 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2011/04/08 07:45:39 | 000,000,466 | ---- | C] () -- C:\Program Files\040820117453903.bat
[2011/03/18 16:08:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/03/03 10:57:35 | 000,055,808 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2011/03/03 10:57:35 | 000,026,032 | ---- | C] () -- C:\WINDOWS\System32\IDriveEXceedCryReg.exe
[2011/02/28 17:13:48 | 000,012,288 | R--- | C] () -- C:\WINDOWS\System32\drivers\Spyder3.sys
[2011/02/27 11:41:52 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011/02/27 11:02:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2011/02/26 10:52:25 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2011/02/26 10:40:16 | 000,080,416 | R--- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2011/02/26 09:56:10 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/02/26 09:53:01 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/02/26 02:48:18 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/02/26 02:47:34 | 002,013,992 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/06/25 18:22:50 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009/06/25 18:22:50 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2009/06/18 15:29:04 | 000,233,012 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2004/06/24 01:20:02 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\EAL32.INI
[2001/10/04 00:15:46 | 000,432,356 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/10/04 00:15:46 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/10/04 00:15:46 | 000,067,312 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/10/04 00:15:46 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/10/04 00:15:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/10/04 00:15:42 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/10/04 00:15:26 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001/10/04 00:15:02 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/10/04 00:15:02 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/10/04 00:14:30 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/10/04 00:13:42 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

========== LOP Check ==========

[2011/05/24 11:03:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/03/10 08:23:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2011/05/10 16:44:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2011/03/01 09:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mike\Application Data\FM Settings
[2011/03/22 20:30:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mike\Application Data\Oberon Media
[2011/04/10 21:42:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mike\Application Data\PictureCode
[2011/03/03 12:57:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mike\Application Data\Sammsoft
[2011/05/30 20:10:41 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========



< End of report >



c:\WINDOWS\system32\02000000ec08838f1270c.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\02000000ec08838f1270o.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\02000000ec08838f1270p.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\02000000ec08838f1270s.manifest (Malware.Trace) -> Quarantined and deleted successfully.

Your help is greatly appreciated.

Thanks,

Edited by mjgaz6, 30 May 2011 - 09:31 PM.

[Advertisements]

Hi, mjgaz6! Welcome to GeeksToGo! My nick name is Render and I will be assisting you with your Malware/Security problems. Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any queries or you are unsure about anything, just say and I'll help you out

It may well be worth you printing/saving the instructions throughout the fix, so you have them to hand just in case you are unable to access this site.

Please note:

• Remember to post your logs, not attach them. So, any logs from any programs we run, should be just 'copied & pasted' into your reply.
• Please only run the tools that I request. I know malware can be frustrating but running other tools in the meantime and between posts, only makes it harder for us to analyse and fix your PC in the long run.
• Please subscribe to this topic if you have not already done so. Please check back just in case, as the email system can fail at times.
• Just because your machine is running better does not mean it is completely cleaned. Please wait for the 'all clear' from me to say when we are done.
• Please reply within 3 days to be fair to other people asking for help.
• When in doubt, please stop and ask first. There's no harm in asking questions!

Please do the following:

Step 1

• Please download aswMBR.exe to your desktop.
• Double click the aswMBR.exe to run it.
  
  
  
• Click the Scan button to start scan.
  
  
  
• On completion of the scan click Save log, save it to your desktop and post in your next reply.

Step 2

Download RogueKiller to your desktop

• Quit all running programs
• For Vista/Seven, right click -> run as administrator, for XP simply run RogueKiller.exe
• When prompted, type 1 and validate
• The RKreport.txt shall be generated next to the executable.
• If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe

Please post the contents of the RKreport.txt in your next Reply.

When completed the above, please post back the following in the order asked for:

• aswMBR log
• Contents of the RKreport.txt
• Combofix log (should be on root of C drive)
  [/b]

[Render]

Hi, mjgaz6! Welcome to GeeksToGo! My nick name is Render and I will be assisting you with your Malware/Security problems. Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any queries or you are unsure about anything, just say and I'll help you out

It may well be worth you printing/saving the instructions throughout the fix, so you have them to hand just in case you are unable to access this site.

Please note:

• Remember to post your logs, not attach them. So, any logs from any programs we run, should be just 'copied & pasted' into your reply.
• Please only run the tools that I request. I know malware can be frustrating but running other tools in the meantime and between posts, only makes it harder for us to analyse and fix your PC in the long run.
• Please subscribe to this topic if you have not already done so. Please check back just in case, as the email system can fail at times.
• Just because your machine is running better does not mean it is completely cleaned. Please wait for the 'all clear' from me to say when we are done.
• Please reply within 3 days to be fair to other people asking for help.
• When in doubt, please stop and ask first. There's no harm in asking questions!

Please do the following:

Step 1

• Please download aswMBR.exe to your desktop.
• Double click the aswMBR.exe to run it.
  
  
  
• Click the Scan button to start scan.
  
  
  
• On completion of the scan click Save log, save it to your desktop and post in your next reply.

Step 2

Download RogueKiller to your desktop

• Quit all running programs
• For Vista/Seven, right click -> run as administrator, for XP simply run RogueKiller.exe
• When prompted, type 1 and validate
• The RKreport.txt shall be generated next to the executable.
• If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe

Please post the contents of the RKreport.txt in your next Reply.

When completed the above, please post back the following in the order asked for:

• aswMBR log
• Contents of the RKreport.txt
• Combofix log (should be on root of C drive)
  [/b]

[Render]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.