OTListIt logfile created on: 4/5/2009 8:42:03 PM - Run 2 OTListIt2 by OldTimer - Version 2.0.12.0 Folder = C:\Documents and Settings\Administrator\Desktop Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 502.07 Mb Total Physical Memory | 74.46 Mb Available Physical Memory | 14.83% Memory free 1.94 Gb Paging File | 1.31 Gb Available in Paging File | 67.62% Paging File free Paging file location(s): C:\pagefile.sys 1512 2100; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 51.21 Gb Total Space | 10.57 Gb Free Space | 20.63% Space Free | Partition Type: NTFS Drive D: | 18.60 Gb Total Space | 18.53 Gb Free Space | 99.65% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: KATIE Current User Name: Administrator Logged in as Administrator. Current Boot Mode: SafeMode with Networking Scan Mode: Current user Output = Minimal File Age = 30 Days Company Name Whitelist: On [color=orange]========== Processes (SafeList) ==========[/color] PRC - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft) PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation) PRC - C:\Program Files\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.) PRC - C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.) PRC - c:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) PRC - c:\Program Files\McAfee\MSC\mcuimgr.exe (McAfee, Inc.) PRC - C:\Program Files\Canon\ZoomBrowser EX\Program\ZoomBrowser.exe () PRC - C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe () PRC - C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe (Microsoft Corporation) PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) PRC - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.) PRC - c:\Program Files\McAfee\VirusScan\mcvsshld.exe (McAfee, Inc.) PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation) PRC - c:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) PRC - C:\Program Files\internet explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe () PRC - c:\Program Files\McAfee\MSC\mcuimgr.exe (McAfee, Inc.) PRC - C:\WINDOWS\system32\cmd.exe (Microsoft Corporation) PRC - C:\Documents and Settings\Administrator\Desktop\OTListIt2.exe (OldTimer Tools) [color=orange]========== Win32 Services (SafeList) ==========[/color] SRV - (0097331238383567mcinstcleanup [Auto | Stopped]) -- File not found SRV - (aawservice [Auto | Running]) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft) SRV - (AdobeActiveFileMonitor6.0 [Auto | Stopped]) -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe () SRV - (Apple Mobile Device [Auto | Stopped]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation) SRV - (ATTRcAppSvc [On_Demand | Stopped]) -- C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe (PCTEL) SRV - (Automatic LiveUpdate Scheduler [Auto | Stopped]) -- File not found SRV - (bmwebcfg [On_Demand | Stopped]) -- C:\WINDOWS\system32\bmwebcfg.exe (Bytemobile, Inc.) SRV - (Bonjour Service [Auto | Stopped]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) SRV - (CCALib8 [Auto | Stopped]) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.) SRV - (ccEvtMgr [Auto | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) SRV - (ccPwdSvc [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe (Symantec Corporation) SRV - (ccSetMgr [Auto | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (DSBrokerService [On_Demand | Stopped]) -- C:\Program Files\DellSupport\brkrsvc.exe () SRV - (ehRecvr [On_Demand | Stopped]) -- C:\WINDOWS\eHome\ehRecvr.exe (Microsoft Corporation) SRV - (ehSched [On_Demand | Stopped]) -- C:\WINDOWS\eHome\ehSched.exe (Microsoft Corporation) SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (GEARSecurity [On_Demand | Stopped]) -- C:\WINDOWS\System32\GEARSec.exe (GEAR Software) SRV - (gusvc [Auto | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google) SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation) SRV - (iPod Service [On_Demand | Stopped]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.) SRV - (LiveUpdate [On_Demand | Stopped]) -- File not found SRV - (LiveUpdate Notice Ex [Auto | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) SRV - (LiveUpdate Notice Service [Auto | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation) SRV - (McAfee SiteAdvisor Service [Auto | Stopped]) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe () SRV - (mcmscsvc [Auto | Running]) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.) SRV - (McNASvc [Auto | Stopped]) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.) SRV - (McODS [On_Demand | Running]) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.) SRV - (McProxy [Auto | Stopped]) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.) SRV - (McrdSvc [On_Demand | Stopped]) -- C:\WINDOWS\ehome\mcrdsvc.exe (Microsoft Corporation) SRV - (McShield [Unknown | Stopped]) -- C:\Program Files\McAfee\VirusScan\McShield.exe (McAfee, Inc.) SRV - (McSysmon [On_Demand | Stopped]) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.) SRV - (MHN [On_Demand | Stopped]) -- C:\WINDOWS\System32\mhn.dll (Microsoft Corporation) SRV - (MpfService [Auto | Running]) -- C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.) SRV - (NetSvc [On_Demand | Stopped]) -- C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe (Intel(R) Corporation) SRV - (Norton Ghost [Auto | Stopped]) -- C:\Program Files\Norton Ghost\Agent\VProSvc.exe (Symantec Corporation) SRV - (Pml Driver HPZ12 [Unknown | Stopped]) -- C:\WINDOWS\system32\HPZipm12.exe (HP) SRV - (Symantec Core LC [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (Symantec Corporation) SRV - (usnjsvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation) SRV - (Viewpoint Manager Service [Auto | Stopped]) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation) SRV - (WLSetupSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation) SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation) [color=orange]========== Driver Services (SafeList) ==========[/color] DRV - (AFS2K [System | Running]) -- C:\WINDOWS\System32\drivers\AFS2K.SYS (Oak Technology Inc.) DRV - (AliIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (amdagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.) DRV - (asc [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.) DRV - (asc3550 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.) DRV - (ASCTRM [Auto | Stopped]) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows (R) 2000 DDK provider) DRV - (Aspi32 [Auto | Stopped]) -- C:\WINDOWS\System32\drivers\aspi32.sys (Adaptec) DRV - (CmdIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (dac2w2k [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation) DRV - (DLABOIOM [Auto | Stopped]) -- C:\WINDOWS\System32\DLA\DLABOIOM.SYS (Sonic Solutions) DRV - (DLACDBHM [System | Running]) -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS (Sonic Solutions) DRV - (DLADResN [Auto | Stopped]) -- C:\WINDOWS\System32\DLA\DLADResN.SYS (Sonic Solutions) DRV - (DLAIFS_M [Auto | Stopped]) -- C:\WINDOWS\System32\DLA\DLAIFS_M.SYS (Sonic Solutions) DRV - (DLAOPIOM [Auto | Stopped]) -- C:\WINDOWS\System32\DLA\DLAOPIOM.SYS (Sonic Solutions) DRV - (DLAPoolM [Auto | Stopped]) -- C:\WINDOWS\System32\DLA\DLAPoolM.SYS (Sonic Solutions) DRV - (DLARTL_N [System | Running]) -- C:\WINDOWS\System32\Drivers\DLARTL_N.SYS (Sonic Solutions) DRV - (DLAUDFAM [Auto | Stopped]) -- C:\WINDOWS\System32\DLA\DLAUDFAM.SYS (Sonic Solutions) DRV - (DLAUDF_M [Auto | Stopped]) -- C:\WINDOWS\System32\DLA\DLAUDF_M.SYS (Sonic Solutions) DRV - (DRVMCDB [Boot | Running]) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions) DRV - (DRVNDDM [Auto | Stopped]) -- C:\WINDOWS\System32\Drivers\DRVNDDM.SYS (Sonic Solutions) DRV - (DSproct [On_Demand | Stopped]) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.) DRV - (dsunidrv [Auto | Stopped]) -- C:\WINDOWS\system32\DRIVERS\dsunidrv.sys (Gteko Ltd.) DRV - (E100B [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys (Intel Corporation) DRV - (GearAspiWDM [System | Running]) -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows (R) Server 2003 DDK provider) DRV - (HPZid412 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys (HP) DRV - (HPZipr12 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys (HP) DRV - (HPZius12 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys (HP) DRV - (HSFHWBS2 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys (Conexant Systems, Inc.) DRV - (HSF_DP [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HSF_DP.sys (Conexant Systems, Inc.) DRV - (ialm [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ialmnt5.sys (Intel Corporation) DRV - (mdmxsdk [Auto | Stopped]) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys (Conexant) DRV - (mfeavfk [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.) DRV - (mfebopk [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.) DRV - (mfehidk [System | Stopped]) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.) DRV - (mferkdk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mferkdk.sys (McAfee, Inc.) DRV - (mfesmfk [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\mfesmfk.sys (McAfee, Inc.) DRV - (MODEMCSA [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation) DRV - (motmodem [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\motmodem.sys (Motorola) DRV - (MPFP [System | Running]) -- C:\WINDOWS\System32\Drivers\Mpfp.sys (McAfee, Inc.) DRV - (mraid35x [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.) DRV - (nv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation) DRV - (PalmUSBD [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\PalmUSBD.sys (Palm, Inc.) DRV - (pavboot [Boot | Stopped]) -- C:\WINDOWS\system32\drivers\pavboot.sys (Panda Security, S.L.) DRV - (PCASp50 [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA)) DRV - (PCTINDIS5 [On_Demand | Stopped]) -- C:\WINDOWS\system32\PCTINDIS5.SYS (PCTEL Inc.) DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.) DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions) DRV - (ql1080 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation) DRV - (ql12160 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation) DRV - (ql1280 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation) DRV - (RimVSerPort [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\RimSerial.sys (Research in Motion Ltd) DRV - (ROOTMODEM [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\RootMdm.sys (Microsoft Corporation) DRV - (SASDIFSV [System | Stopped]) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASENUM [On_Demand | Stopped]) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASKUTIL [System | Stopped]) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) DRV - (sisagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation) DRV - (Sparrow [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.) DRV - (STHDA [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.) DRV - (swmsflt [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\swmsflt.sys () DRV - (symc810 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.) DRV - (symc8xx [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic) DRV - (symlcbrd [Auto | Stopped]) -- C:\WINDOWS\system32\drivers\symlcbrd.sys (Symantec Corporation) DRV - (SymSnap [Boot | Running]) -- C:\WINDOWS\System32\drivers\SymSnap.sys (StorageCraft) DRV - (sym_hi [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic) DRV - (sym_u3 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic) DRV - (tcpipBM [System | Running]) -- C:\WINDOWS\System32\drivers\tcpipBM.sys (Bytemobile, Inc.) DRV - (ultra [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.) DRV - (USBAAPL [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\usbaapl.sys (Apple, Inc.) DRV - (usbaudio [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation) DRV - (V2IMount [System | Stopped]) -- C:\WINDOWS\System32\drivers\V2iMount.sys (Symantec Corporation) DRV - (winachsf [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.) [color=orange]========== Standard Registry (SafeList) ==========[/color] [color=orange]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{93C949E4-D49A-4E53-B077-70BF507B8296}: C:\DOCUMENTS AND SETTINGS\KATIE\LOCAL SETTINGS\APPLICATION DATA\{93C949E4-D49A-4E53-B077-70BF507B8296} [2009/02/07 05:34:59 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\PROGRAM FILES\MCAFEE\SITEADVISOR [2009/03/31 20:52:15 | 00,000,000 | ---D | M] O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll () O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.) O4 - HKLM..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated) O4 - HKLM..\Run: [AT&T Communication Manager] "C:\Program Files\AT&T\Communication Manager\ATTCM.exe" -a (ATT) O4 - HKLM..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" (Symantec Corporation) O4 - HKLM..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE (Sonic Solutions) O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe () O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation) O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation) O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation) O4 - HKLM..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup (InstallShield Software Corporation) O4 - HKLM..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start (InstallShield Software Corporation) O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey (McAfee, Inc.) O4 - HKLM..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide (McAfee, Inc.) O4 - HKLM..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" (Musicmatch, Inc.) O4 - HKCU..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup (Gteko Ltd.) O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation) O4 - HKCU..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe () O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - File not found O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites) O15 - HKLM\..Trusted Domains: 2 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKCU\..Trusted Sites: internet ([]about in Trusted sites) O15 - HKCU\..Trusted Sites: mcafee.com ([]http in Trusted sites) O15 - HKCU\..Trusted Sites: mcafee.com ([]https in Trusted sites) O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class) O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photo1.walgreens.com/WalgreensActivia.cab (Snapfish Activia) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_03) O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) O24 - Desktop Components:0 (My Current Home Page) - About:Home O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - Autorun File - C:\autoexec.bat () - [ NTFS ] O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () [color=orange]========== Files/Folders - Created Within 30 Days ==========[/color] [6 C:\WINDOWS\System32\*.tmp files] [1 C:\WINDOWS\*.tmp files] [2009/04/05 20:37:39 | 00,501,760 | ---- | C] (OldTimer Tools) -- C:\DOCUME~1\ADMINI~1\Desktop\OTListIt2.exe [2009/04/05 20:30:58 | 00,000,000 | ---D | C] -- C:\Rooter$ [2009/04/05 20:30:48 | 00,267,612 | ---- | C] () -- C:\DOCUME~1\ADMINI~1\Desktop\Rooter.exe [2009/04/05 20:22:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Bytemobile [2009/04/05 17:25:07 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT [2009/04/05 17:13:03 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2009/03/29 22:24:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2009/03/29 21:50:59 | 00,000,000 | -HSD | C] -- C:\RECYCLER [2009/03/29 19:53:46 | 00,028,544 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys [2009/03/29 19:53:37 | 00,000,000 | ---D | C] -- C:\Program Files\Panda Security [2009/03/29 00:40:46 | 00,000,000 | ---D | C] -- C:\ComboFix [2009/03/29 00:40:45 | 00,388,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF15882.exe [2009/03/28 12:59:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com [2009/03/28 12:49:34 | 00,000,283 | ---- | C] () -- C:\DOCUME~1\ADMINI~1\Desktop\Shortcut to ComboFix.lnk [2009/03/28 11:58:57 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2009/03/28 11:58:57 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2009/03/28 11:58:57 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2009/03/28 11:58:57 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2009/03/28 11:58:57 | 00,089,504 | ---- | C] (Smallfrogs Studio) -- C:\WINDOWS\fdsv.exe [2009/03/28 11:58:57 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2009/03/28 11:58:57 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2009/03/28 11:58:57 | 00,049,152 | ---- | C] () -- C:\WINDOWS\VFIND.exe [2009/03/28 11:58:57 | 00,029,696 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2009/03/28 11:58:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2009/03/28 11:57:25 | 00,000,000 | ---D | C] -- C:\Qoobox [2009/03/28 11:39:56 | 00,075,147 | ---- | C] () -- C:\MGlogs.zip [2009/03/28 11:39:50 | 01,340,161 | ---- | C] () -- C:\MGtools.exe [2009/03/28 11:38:27 | 00,000,000 | ---D | C] -- C:\MGTools [2009/03/27 19:38:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com [2009/03/27 19:38:06 | 00,000,817 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\SUPERAntiSpyware Free Edition.lnk [2009/03/27 19:37:58 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2009/03/27 19:04:12 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2009/03/27 19:04:12 | 00,000,696 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Malwarebytes' Anti-Malware.lnk [2009/03/27 19:04:09 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2009/03/27 19:02:35 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2009/03/27 19:02:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2009/03/27 18:31:45 | 00,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy [2009/03/27 16:52:34 | 00,043,008 | ---- | C] () -- C:\dxxrp.exe [2009/03/27 16:52:28 | 00,027,136 | ---- | C] () -- C:\vaybq.exe [2009/03/27 16:52:04 | 00,007,680 | ---- | C] () -- C:\ijmaxk.exe [2009/03/27 16:51:31 | 00,104,960 | ---- | C] () -- C:\WINDOWS\System32\dllcache\userinit.exe [2009/03/27 16:51:02 | 00,182,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndis.sys [2009/03/27 16:50:57 | 00,043,008 | ---- | C] () -- C:\aoqckrns.exe [2009/03/27 16:50:53 | 00,027,136 | ---- | C] () -- C:\ajtbyh.exe [2009/03/27 16:50:15 | 00,000,002 | ---- | C] () -- C:\-459583212 [2009/03/27 15:10:13 | 00,004,515 | ---- | C] () -- C:\WINDOWS\System32\Config.MPF [2009/03/26 23:02:34 | 00,000,703 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\McAfee EasyNetwork.lnk [2009/03/26 23:02:29 | 00,000,708 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\McAfee Security Center.lnk [2009/03/26 22:58:06 | 00,033,832 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdk.sys [2009/03/26 22:58:01 | 00,040,488 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfesmfk.sys [2009/03/26 22:58:00 | 00,201,320 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfehidk.sys [2009/03/26 22:58:00 | 00,079,304 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys [2009/03/26 22:58:00 | 00,035,240 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys [2009/03/26 22:57:51 | 00,113,952 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\Mpfp.sys [2009/03/26 22:57:27 | 00,000,356 | ---- | C] () -- C:\WINDOWS\tasks\McDefragTask.job [2009/03/26 22:57:27 | 00,000,348 | ---- | C] () -- C:\WINDOWS\tasks\McQcTask.job [2009/03/26 22:57:06 | 00,000,000 | ---D | C] -- C:\Program Files\McAfee.com [2009/03/26 22:56:58 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee [2009/03/26 22:40:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Macromedia [2009/03/26 21:52:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Adobe [2009/03/26 21:40:38 | 00,002,313 | ---- | C] () -- C:\DOCUME~1\ADMINI~1\Desktop\McAfee Virtual Technician.lnk [2009/03/26 21:40:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\McAfee [2009/03/26 21:36:31 | 00,000,000 | -HSD | C] -- C:\WINDOWS\CSC [2009/03/26 19:12:13 | 00,074,240 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll [2009/03/26 16:53:17 | 00,031,744 | ---- | C] () -- C:\rojpcck.exe [2009/03/08 07:50:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2009/03/08 07:50:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US [2009/03/08 07:48:23 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie7 [2009/03/08 07:47:51 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$ [2009/03/08 07:46:29 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$ [2009/03/08 07:44:13 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmllite.dll [2008/09/09 23:50:32 | 00,070,888 | ---- | C] () -- C:\WINDOWS\System32\rrxtiriy.dll [2008/09/09 17:33:34 | 00,070,888 | ---- | C] () -- C:\WINDOWS\System32\uwfanvny.dll [2008/07/24 20:45:06 | 00,026,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\swmsflt.sys [2007/11/07 15:31:27 | 00,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2007/11/07 15:31:26 | 00,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2007/11/07 15:04:23 | 00,000,080 | RHS- | C] () -- C:\WINDOWS\System32\D951428811.dll [2007/09/25 20:42:34 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll [2007/08/04 12:15:26 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI [2006/12/25 17:25:36 | 00,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll [2006/08/05 15:10:26 | 00,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI [2006/08/05 15:03:39 | 00,000,605 | ---- | C] () -- C:\WINDOWS\PCalcpro.ini [2006/08/05 15:03:39 | 00,000,543 | ---- | C] () -- C:\WINDOWS\asc_sys.ini [2006/08/05 15:03:39 | 00,000,182 | ---- | C] () -- C:\WINDOWS\medlrng.ini [2006/08/05 15:03:32 | 00,018,432 | ---- | C] () -- C:\WINDOWS\System32\ODBCSTF.DLL [2006/08/05 15:02:02 | 00,050,688 | ---- | C] () -- C:\WINDOWS\System32\iproc.dll [2006/08/05 15:02:02 | 00,041,984 | ---- | C] () -- C:\WINDOWS\System32\iprocnt.dll [2006/08/05 15:01:16 | 00,000,134 | ---- | C] () -- C:\WINDOWS\awshkwv.ini [2006/08/05 15:01:15 | 00,008,704 | ---- | C] () -- C:\WINDOWS\System32\twdll.dll [2006/07/01 19:45:11 | 00,000,056 | RHS- | C] () -- C:\WINDOWS\System32\D951428811.sys [2006/06/03 08:27:07 | 00,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI [2006/05/20 07:42:43 | 00,005,852 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2006/05/20 07:42:43 | 00,000,088 | RHS- | C] () -- C:\WINDOWS\System32\11884251D9.sys [2006/05/14 13:01:15 | 00,000,211 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI [2006/04/22 21:29:08 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006/04/22 21:13:06 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini [2006/04/18 08:24:33 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006/04/18 08:22:09 | 00,000,822 | ---- | C] () -- C:\WINDOWS\wininit.ini [2006/04/18 08:16:08 | 00,712,704 | ---- | C] () -- C:\WINDOWS\System32\DellSystemRestore.dll [2006/04/18 07:47:54 | 00,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2005/11/10 08:56:34 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2005/08/16 04:37:24 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2005/08/16 04:18:43 | 00,000,658 | ---- | C] () -- C:\WINDOWS\win.ini [2005/08/16 04:18:41 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini [2005/08/16 04:15:12 | 01,580,544 | ---- | C] () -- C:\WINDOWS\System32\sfcfiles.dll [2005/08/05 14:01:54 | 00,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2001/07/07 04:00:00 | 00,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini [1999/01/22 18:46:58 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [color=orange]========== Files - Modified Within 30 Days ==========[/color] [6 C:\WINDOWS\System32\*.tmp files] [1 C:\WINDOWS\*.tmp files] [2009/04/05 20:37:49 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\DOCUME~1\ADMINI~1\Desktop\OTListIt2.exe [2009/04/05 20:30:58 | 00,267,612 | ---- | M] () -- C:\DOCUME~1\ADMINI~1\Desktop\Rooter.exe [2009/04/05 20:22:33 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009/04/05 20:13:04 | 00,182,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndis.sys [2009/03/31 20:53:11 | 00,004,515 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF [2009/03/31 20:52:22 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009/03/31 20:51:15 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009/03/31 15:49:27 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2009/03/29 00:39:33 | 00,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF15882.exe [2009/03/28 12:55:18 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2009/03/28 12:49:34 | 00,000,283 | ---- | M] () -- C:\DOCUME~1\ADMINI~1\Desktop\Shortcut to ComboFix.lnk [2009/03/28 12:10:22 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2009/03/28 11:54:20 | 00,075,147 | ---- | M] () -- C:\MGlogs.zip [2009/03/27 23:46:16 | 00,182,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndis.sys [2009/03/27 19:38:06 | 00,000,817 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\SUPERAntiSpyware Free Edition.lnk [2009/03/27 19:19:01 | 00,011,168 | -H-- | M] () -- C:\WINDOWS\System32\vihitiwo [2009/03/27 19:04:12 | 00,000,696 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Malwarebytes' Anti-Malware.lnk [2009/03/27 18:35:50 | 00,000,356 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job [2009/03/27 18:35:50 | 00,000,348 | ---- | M] () -- C:\WINDOWS\tasks\McQcTask.job [2009/03/27 18:34:43 | 04,240,656 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db [2009/03/27 18:23:34 | 01,340,161 | ---- | M] () -- C:\MGtools.exe [2009/03/27 16:52:38 | 00,043,008 | ---- | M] () -- C:\dxxrp.exe [2009/03/27 16:52:31 | 00,027,136 | ---- | M] () -- C:\vaybq.exe [2009/03/27 16:52:25 | 00,000,002 | ---- | M] () -- C:\-459583212 [2009/03/27 16:52:04 | 00,007,680 | ---- | M] () -- C:\ijmaxk.exe [2009/03/27 16:51:25 | 00,104,960 | ---- | M] () -- C:\WINDOWS\System32\dllcache\userinit.exe [2009/03/27 16:50:59 | 00,043,008 | ---- | M] () -- C:\aoqckrns.exe [2009/03/27 16:50:55 | 00,027,136 | ---- | M] () -- C:\ajtbyh.exe [2009/03/27 16:49:51 | 00,061,440 | -HS- | M] () -- C:\WINDOWS\System32\muyipigu.exe [2009/03/27 04:49:32 | 00,061,440 | -HS- | M] () -- C:\WINDOWS\System32\wayebomi.exe [2009/03/26 23:02:34 | 00,000,703 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\McAfee EasyNetwork.lnk [2009/03/26 23:02:29 | 00,000,708 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\McAfee Security Center.lnk [2009/03/26 21:40:38 | 00,002,313 | ---- | M] () -- C:\DOCUME~1\ADMINI~1\Desktop\McAfee Virtual Technician.lnk [2009/03/26 20:31:12 | 00,000,822 | ---- | M] () -- C:\WINDOWS\wininit.ini [2009/03/26 19:12:14 | 00,074,240 | ---- | M] () -- C:\WINDOWS\System32\zlib.dll [2009/03/26 16:53:18 | 00,031,744 | ---- | M] () -- C:\rojpcck.exe [2009/03/26 16:52:04 | 00,061,440 | -HS- | M] () -- C:\WINDOWS\System32\dotejisa.exe [2009/03/26 16:49:56 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2009/03/26 16:49:50 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2009/03/23 09:32:56 | 00,005,852 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2009/03/08 08:52:55 | 00,407,670 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2009/03/08 08:52:54 | 00,479,920 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009/03/08 08:52:54 | 00,064,200 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat < End of report >