i tried to read the instructions and fix it myself but i didnt quite understand what a registry is or where to find it. So i figured i better not try.
i read everything and i hope im posting in the right place
thanks
jan
OTL.Txt 52.46KB 90 downloads
sorry if im not supposed to copy and paste the below. im not sure
OTL logfile created on: 6/20/2011 3:58:13 AM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\mom\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
254.48 Mb Total Physical Memory | 31.21 Mb Available Physical Memory | 12.26% Memory free
625.32 Mb Paging File | 124.84 Mb Available in Paging File | 19.96% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.21 Gb Total Space | 23.80 Gb Free Space | 63.96% Space Free | Partition Type: NTFS
Computer Name: D5X2P521 | User Name: mom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/06/20 03:20:37 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\mom\Desktop\OTL.exe
PRC - [2010/11/30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/01/17 13:03:06 | 000,135,168 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
PRC - [2005/04/20 10:34:12 | 000,487,936 | ---- | M] (Webroot Software, Inc.) -- C:\WINDOWS\SYSTEM32\wwSecure.exe
PRC - [2003/11/03 13:47:08 | 000,053,248 | ---- | M] (GEAR Software) -- C:\WINDOWS\SYSTEM32\gearsec.exe
PRC - [2002/08/14 06:03:00 | 000,135,168 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
========== Modules (SafeList) ==========
MOD - [2011/06/20 03:20:37 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\mom\Desktop\OTL.exe
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/03/02 21:49:14 | 000,069,632 | ---- | M] (HP) [Unknown | Stopped] -- C:\WINDOWS\SYSTEM32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2005/04/20 10:34:12 | 000,487,936 | ---- | M] (Webroot Software, Inc.) [Auto | Running] -- C:\WINDOWS\SYSTEM32\wwSecure.exe -- (wwSecSvc)
SRV - [2003/11/03 13:47:08 | 000,053,248 | ---- | M] (GEAR Software) [Auto | Running] -- C:\WINDOWS\SYSTEM32\gearsec.exe -- (GEARSecurity)
SRV - [2002/08/14 06:03:00 | 000,135,168 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE -- (NProtectService)
========== Driver Services (SafeList) ==========
DRV - [2011/06/20 03:01:50 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{33237E2E-4D6B-4899-82A2-A10FDD526D7F}\MpKslb8a6c501.sys -- (MpKslb8a6c501)
DRV - [2007/08/01 22:47:26 | 000,102,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\tmcomm.sys -- (tmcomm)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2004/08/04 01:29:49 | 000,019,455 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/04 01:29:47 | 000,012,063 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/04 01:29:45 | 000,023,615 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/04 01:29:43 | 000,033,599 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/04 01:29:42 | 000,019,551 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/04 01:29:41 | 000,029,311 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/04 01:29:37 | 000,012,415 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/04 01:29:37 | 000,012,127 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/04 01:29:37 | 000,011,775 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004/08/04 01:29:36 | 000,161,020 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2002/12/15 03:41:04 | 000,059,440 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2002/12/15 03:41:04 | 000,023,724 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2002/09/19 09:44:02 | 000,041,728 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2002/09/03 12:31:57 | 000,542,879 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_MSFT.sys -- (hsf_msft)
DRV - [2002/09/03 12:31:57 | 000,488,383 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_V124.sys -- (V124)
DRV - [2002/09/03 12:31:57 | 000,391,199 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_K56K.sys -- (K56)
DRV - [2002/09/03 12:31:57 | 000,289,887 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_FALL.sys -- (Fallback)
DRV - [2002/09/03 12:31:57 | 000,199,711 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_FAXX.sys -- (SoftFax)
DRV - [2002/09/03 12:31:57 | 000,115,807 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_FSKS.sys -- (Fsks)
DRV - [2002/09/03 12:31:57 | 000,067,167 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_BSC2.sys -- (basic2)
DRV - [2002/09/03 12:31:57 | 000,057,471 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_SAMP.sys -- (Rksample)
DRV - [2002/09/03 12:31:57 | 000,050,751 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_TONE.sys -- (Tones)
DRV - [2002/08/14 06:03:00 | 000,034,578 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\NPDRIVER.SYS -- (NPDriver)
DRV - [2002/07/19 12:22:08 | 000,017,153 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/06/30 21:50:12 | 000,167,155 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2002/06/30 21:49:46 | 001,172,416 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DP.sys -- (HSF_DP)
DRV - [2002/06/30 21:45:12 | 000,594,832 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.sys -- (winachsf)
DRV - [2002/04/10 19:01:12 | 000,024,554 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2002/04/10 19:01:00 | 000,029,638 | ---- | M] (Roxio) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2002/04/10 19:00:44 | 000,117,898 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k)
DRV - [2002/04/10 18:48:04 | 000,236,032 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\cdudf_xp.sys -- (cdudf_xp)
DRV - [2002/04/10 18:45:16 | 000,206,336 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\udfreadr_xp.sys -- (UdfReadr_xp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?.home=ytie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2009/12/13 13:58:03 | 000,000,156 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 209.44.111.57 antivir2009pro.com
O1 - Hosts: 209.44.111.57 www.antivir2009pro.com
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - Reg Error: Value error. File not found
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] File not found
O4 - HKLM..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O8 - Extra context menu item: &Yahoo! Search - C:\Program Files\Yahoo!\Common [2007/03/09 22:44:10 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Yahoo! &Dictionary - C:\Program Files\Yahoo!\Common [2007/03/09 22:44:10 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &Maps - C:\Program Files\Yahoo!\Common [2007/03/09 22:44:10 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &SMS - C:\Program Files\Yahoo!\Common [2007/03/09 22:44:10 | 000,000,000 | ---D | M]
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.micr...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://codecs.micros...386/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} http://a19.g.akamai....tle/Coupons.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.75.198 68.87.64.150
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\mom\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\mom\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/06/20 03:21:49 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\mom\Desktop\OTL.exe
[2011/06/19 20:25:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/06/19 20:07:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/03 20:04:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mom\Application Data\Malwarebytes
[2011/06/03 20:03:46 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/06/03 20:03:33 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/06/03 20:03:32 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/06/03 19:56:59 | 009,435,312 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\mom\Desktop\mbam-setup-1.51.0.1200.com
[2011/05/24 18:56:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2005/05/03 22:26:57 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/06/20 03:55:24 | 001,007,120 | ---- | M] () -- C:\Documents and Settings\mom\Desktop\uSeRiNiT.exe
[2011/06/20 03:20:37 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\mom\Desktop\OTL.exe
[2011/06/20 03:06:56 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/06/20 03:02:25 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011/06/20 03:00:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/06/20 03:00:21 | 266,915,840 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/20 01:58:05 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/06/20 01:37:03 | 000,000,360 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2011/06/19 20:44:10 | 000,841,906 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/06/19 18:54:13 | 000,002,198 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/06/19 00:51:07 | 000,000,971 | ---- | M] () -- C:\Documents and Settings\mom\Desktop\Along The Watchtower.url
[2011/06/18 22:39:22 | 000,029,325 | ---- | M] () -- C:\Documents and Settings\mom\Desktop\ESPN.com - NFL - NFL General Message Board.url
[2011/06/18 14:28:21 | 000,000,184 | ---- | M] () -- C:\Documents and Settings\mom\Desktop\Shiny and less broken GWD board - Index.url
[2011/06/18 09:08:00 | 000,000,390 | -H-- | M] () -- C:\WINDOWS\tasks\{DC3621C9-E674-4E94-AECE-337AE00352DD}_D5X2P521_mom.job
[2011/06/15 22:35:31 | 000,005,035 | ---- | M] () -- C:\Documents and Settings\mom\Desktop\Welcome! TF Metals Report.url
[2011/06/04 18:03:58 | 000,002,855 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.pif
[2011/06/03 19:56:59 | 009,435,312 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\mom\Desktop\mbam-setup-1.51.0.1200.com
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/24 19:14:10 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2011/05/24 14:51:27 | 000,016,994 | -HS- | M] () -- C:\Documents and Settings\mom\Local Settings\Application Data\w6r2f6ci4p63ya75hgb4wc01
[2011/05/24 14:51:27 | 000,016,994 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\w6r2f6ci4p63ya75hgb4wc01
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/06/20 03:55:20 | 001,007,120 | ---- | C] () -- C:\Documents and Settings\mom\Desktop\uSeRiNiT.exe
[2011/06/20 03:06:55 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/06/19 20:43:31 | 000,841,906 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/06/14 20:19:49 | 000,000,971 | ---- | C] () -- C:\Documents and Settings\mom\Desktop\Along The Watchtower.url
[2011/06/14 18:34:00 | 000,005,035 | ---- | C] () -- C:\Documents and Settings\mom\Desktop\Welcome! TF Metals Report.url
[2011/06/04 17:32:21 | 266,915,840 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/03 20:03:49 | 000,002,855 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.pif
[2011/05/15 10:20:32 | 000,016,994 | -HS- | C] () -- C:\Documents and Settings\mom\Local Settings\Application Data\w6r2f6ci4p63ya75hgb4wc01
[2011/05/15 10:20:32 | 000,016,994 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\w6r2f6ci4p63ya75hgb4wc01
[2007/05/16 07:49:01 | 000,000,204 | ---- | C] () -- C:\WINDOWS\EurekaLog.ini
[2007/05/01 17:40:17 | 000,020,811 | ---- | C] () -- C:\WINDOWS\System32\drivers\IPFWHook.sys
[2006/12/29 23:25:17 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2006/10/29 22:28:44 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\mom\Local Settings\Application Data\fusioncache.dat
[2006/10/29 14:16:00 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2006/10/29 14:08:29 | 000,109,168 | ---- | C] () -- C:\WINDOWS\hpoins08.dat
[2006/10/29 14:08:29 | 000,007,577 | ---- | C] () -- C:\WINDOWS\hpomdl08.dat
[2006/03/30 20:44:11 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS7I.DLL
[2006/03/11 04:22:25 | 000,000,032 | ---- | C] () -- C:\WINDOWS\thxcfg.ini
[2005/12/01 10:57:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/09/14 00:34:56 | 000,427,977 | -HS- | C] () -- C:\WINDOWS\System32\ihhkj.ini2
[2005/09/11 22:49:12 | 000,002,154 | ---- | C] () -- C:\WINDOWS\System32\tmmute.ini
[2005/09/05 16:19:03 | 000,181,771 | -HS- | C] () -- C:\WINDOWS\System32\ihhkj.ini
[2005/04/05 10:19:37 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2005/03/09 20:41:03 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2004/09/12 07:43:33 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/06/29 00:18:34 | 000,000,058 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/03/09 15:52:23 | 000,000,048 | ---- | C] () -- C:\WINDOWS\PerWin.ini
[2004/02/02 16:07:48 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2004/01/28 02:42:33 | 000,071,749 | ---- | C] () -- C:\WINDOWS\HCExtOutput.dll
[2004/01/28 02:42:33 | 000,000,823 | ---- | C] () -- C:\WINDOWS\TSC.ini
[2004/01/28 02:41:32 | 000,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2004/01/27 23:56:02 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2004/01/23 20:07:47 | 000,002,365 | ---- | C] () -- C:\WINDOWS\System32\down.com
[2003/11/10 17:38:14 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\mom\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003/11/09 17:52:37 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini
[2003/07/14 14:09:54 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2003/05/23 17:01:40 | 000,000,045 | ---- | C] () -- C:\WINDOWS\EPSC82.ini
[2003/05/23 17:00:40 | 000,000,145 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT3.DAT
[2003/03/21 19:42:03 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2003/02/14 20:26:52 | 000,000,207 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2003/01/23 01:43:42 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\mom\Application Data\PFP100JPR.{PB
[2003/01/23 01:43:41 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\mom\Application Data\PFP100JCM.{PB
[2003/01/07 22:42:41 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\mom\Application Data\dm.ini
[2002/12/15 03:42:27 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2002/12/15 03:41:04 | 000,053,248 | ---- | C] () -- C:\WINDOWS\uneng.exe
[2002/12/15 03:31:03 | 000,000,052 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2002/12/15 03:31:02 | 000,007,406 | ---- | C] () -- C:\WINDOWS\ICOADB32.DAT
[2002/12/15 03:31:02 | 000,000,829 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2002/12/15 03:26:19 | 000,000,831 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2002/12/15 03:18:52 | 000,002,048 | --S- | C] () -- C:\WINDOWS\BOOTSTAT.DAT
[2002/12/15 03:18:10 | 000,442,888 | ---- | C] () -- C:\WINDOWS\System32\PERFH009.DAT
[2002/12/15 03:18:10 | 000,072,104 | ---- | C] () -- C:\WINDOWS\System32\PERFC009.DAT
[2002/12/15 03:05:50 | 000,000,480 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2002/12/05 17:51:00 | 000,059,392 | R--- | C] () -- C:\WINDOWS\streamhlp.dll
[2002/09/03 13:17:03 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/09/03 13:16:59 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/09/03 12:53:27 | 001,142,784 | ---- | C] () -- C:\WINDOWS\System32\quartz(2).dll
[2002/09/03 12:52:01 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2002/09/03 12:51:58 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2002/09/03 12:41:59 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2002/09/03 12:41:43 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2002/09/03 12:32:10 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002/09/03 12:30:33 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2002/09/03 11:05:08 | 000,177,056 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002/09/03 10:59:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/09/03 10:56:30 | 000,023,348 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/08/29 07:00:00 | 000,152,576 | ---- | C] () -- C:\WINDOWS\System32\QASF(2).DLL
[2002/08/29 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2002/03/14 12:00:26 | 000,038,567 | ---- | C] () -- C:\WINDOWS\System32\pcpbios.exe
[2001/07/06 17:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2000/11/10 17:57:04 | 000,005,025 | ---- | C] () -- C:\WINDOWS\System32\patterns.dat
[1999/07/23 14:46:48 | 000,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 11:53:20 | 000,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
[1998/08/16 05:00:00 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysres.dll
[1980/01/01 02:00:00 | 000,009,785 | ---- | C] () -- C:\WINDOWS\System32\drivers\a312.sys
========== Alternate Data Streams ==========
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\cidaemon.exe:SummaryInformation
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
Edited by gilly578, 27 June 2011 - 07:47 PM.