Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

InnoSetupRegFile / is-MOP88.exe [Solved]

Started by x24val , May 04 2009 10:47 AM

  • This topic is locked This topic is locked

#16
x24val
Posted 08 May 2009 - 05:00 PM

x24val

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
I had "show hidden files" already selected and both hide options were already unchecked, but I followed through and went to virscan, but it's the same as before ...can't paste, can't type in file path
  • 0

Advertisements

#17
heir
Posted 08 May 2009 - 05:36 PM

heir

    Trusted Helper

  • Malware Removal
  • 5,427 posts
Let's see this time then

Run OTListIt2.exe
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTLI
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKLM..\RunOnce: [InnoSetupRegFile.0000000001] "C:\WINDOWS\is-MOP88.exe" /REG File not found
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • Then post a new OTL2 log

  • 0

#18
x24val
Posted 08 May 2009 - 05:44 PM

x24val

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
when my computer started back up this time there was no "woo-hoo" windows warning alert and no window asking me to search for "is-MOP88.exe" but the Spybot request still popped up.

========== OTLISTIT ==========
Process explorer.exe killed successfully!
Process TeaTimer.exe killed successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\InnoSetupRegFile.0000000001 deleted successfully.
========== COMMANDS ==========
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_2d8.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_740.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
Temp folders emptied.
Explorer started successfully

OTListIt2 by OldTimer - Version 2.0.15.3 log created on 05082009_163841

Files moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File C:\WINDOWS\temp\Perflib_Perfdata_2d8.dat not found!
File C:\WINDOWS\temp\Perflib_Perfdata_740.dat not found!

Registry entries deleted on Reboot...
  • 0

#19
heir
Posted 08 May 2009 - 05:47 PM

heir

    Trusted Helper

  • Malware Removal
  • 5,427 posts
Scan with OTListIt2 and post the content of OTListIt.txt

Edited by heir, 08 May 2009 - 05:48 PM.
typos

  • 0

#20
x24val
Posted 08 May 2009 - 05:52 PM

x24val

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
OTListIt logfile created on: 5/8/2009 4:49:57 PM - Run 4
OTListIt2 by OldTimer - Version 2.0.15.3 Folder = C:\Documents and Settings\Gritch\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.90 Gb Available Physical Memory | 95.03% Memory free
4.00 Gb Paging File | 3.85 Gb Available in Paging File | 96.35% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97.65 Gb Total Space | 14.80 Gb Free Space | 15.16% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 200.43 Gb Total Space | 55.47 Gb Free Space | 27.67% Space Free | Partition Type: NTFS
Drive F: | 372.60 Gb Total Space | 78.91 Gb Free Space | 21.18% Space Free | Partition Type: NTFS
Drive G: | 279.46 Gb Total Space | 85.48 Gb Free Space | 30.59% Space Free | Partition Type: NTFS
Drive H: | 465.76 Gb Total Space | 12.30 Gb Free Space | 2.64% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: VIDEO
Current User Name: Gritch
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\iPod Access for Windows\iPAHelper.exe ()
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
PRC - C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
PRC - C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe ()
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Documents and Settings\Gritch\Desktop\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (Adobe LM Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (Ati HotKey Poller [Auto | Running]) -- C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (ATI Smart [Auto | Stopped]) -- C:\WINDOWS\system32\ati2sgag.exe ()
SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (gusvc [Auto | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (Idrtarnr [Disabled | Stopped]) -- File not found
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (iPAHelper.exe [Auto | Running]) -- C:\Program Files\iPod Access for Windows\iPAHelper.exe ()
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (61883 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\61883.sys (Microsoft Corporation)
DRV - (Aavmker4 [System | Running]) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (ADIDTSFiltService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\adidts.sys (Analog Devices, Inc.)
DRV - (ADIHdAudAddService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (AEAudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\AEAudio.sys (Andrea Electronics Corporation)
DRV - (Afc [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\Afc.sys (Arcsoft, Inc.)
DRV - (AFS2K [System | Running]) -- C:\WINDOWS\System32\drivers\AFS2K.SYS (Oak Technology Inc.)
DRV - (ASPI32 [System | Running]) -- C:\WINDOWS\System32\drivers\aspi32.sys (Adaptec)
DRV - (aswMon2 [Auto | Running]) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswRdr [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswTdi [System | Running]) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (ati2mtag [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (Avc [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\avc.sys (Microsoft Corporation)
DRV - (AVCSTRM [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\avcstrm.sys (Microsoft Corporation)
DRV - (ENUM1394 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\enum1394.sys (Microsoft Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (JGOGO [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\JGOGO.sys (JMicron )
DRV - (JRAID [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\jraid.sys (JMicron Technology Corp.)
DRV - (mcdbus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\mcdbus.sys (MagicISO, Inc.)
DRV - (MSDV [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\msdv.sys (Microsoft Corporation)
DRV - (MSTAPE [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\mstape.sys (Microsoft Corporation)
DRV - (MTsensor [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ASACPI.sys ()
DRV - (pfc [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\PxHelp20.sys (Sonic Solutions)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (StillCam [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\serscan.sys (Microsoft Corporation)
DRV - (usbaudio [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (yukonwxp [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\yk51x86.sys (Marvell)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://news.google.com/news?ned=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.co...en-US:official"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10

FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/03/10 10:33:48 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/04/29 12:36:55 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/05/02 15:10:28 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/05/02 15:10:28 | 00,000,000 | ---D | M]

[2009/05/02 15:10:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gritch\Application Data\mozilla\Extensions
[2009/05/02 15:10:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gritch\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2007/09/05 14:39:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gritch\Application Data\mozilla\Firefox\Profiles\bfyp5y6h.default\extensions
[2009/05/08 12:43:32 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/05/02 15:10:28 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/10 10:33:59 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/04/07 07:34:02 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/04/23 21:38:30 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/23 21:38:32 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/04/23 17:39:08 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/04/23 17:39:08 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/04/23 17:39:08 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/04/23 17:39:08 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/04/23 17:39:08 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/04/23 17:39:08 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/04/23 17:39:08 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (224265 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 babe.the-killer.bz
O1 - Hosts: 127.0.0.1 www.babe.the-killer.bz
O1 - Hosts: 127.0.0.1 babe.k-lined.com
O1 - Hosts: 127.0.0.1 www.babe.k-lined.com
O1 - Hosts: 127.0.0.1 did.i-used.cc
O1 - Hosts: 127.0.0.1 www.did.i-used.cc
O1 - Hosts: 127.0.0.1 coolwwwsearch.com
O1 - Hosts: 127.0.0.1 www.coolwwwsearch.com
O1 - Hosts: 127.0.0.1 coolwebsearch.com
O1 - Hosts: 127.0.0.1 www.coolwebsearch.com
O1 - Hosts: 127.0.0.1 hi.studioaperto.net
O1 - Hosts: 127.0.0.1 www.hi.studioaperto.net
O1 - Hosts: 127.0.0.1 wazzupnet.com
O1 - Hosts: 127.0.0.1 www.wazzupnet.com
O1 - Hosts: 127.0.0.1 gueb.com
O1 - Hosts: 127.0.0.1 www.gueb.com
O1 - Hosts: 127.0.0.1 kabex.com
O1 - Hosts: 127.0.0.1 www.kabex.com
O1 - Hosts: 127.0.0.1 hityou.com
O1 - Hosts: 127.0.0.1 www.hityou.com
O1 - Hosts: 127.0.0.1 miosearch.com
O1 - Hosts: 127.0.0.1 www.miosearch.com
O1 - Hosts: 127.0.0.1 blue-elefant.com
O1 - Hosts: 127.0.0.1 www.blue-elefant.com
O1 - Hosts: 7871 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [\CHRIS\EPSON Stylus Photo R220 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIA.EXE /P38 "\\CHRIS\EPSON Stylus Photo R220 Series" /O6 "USB001" /M "Stylus Photo R220" (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe boot (JMicron Technology Corp.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [Recordpad] "C:\Program Files\NCH Swift Sound\Recordpad\recordpad.exe" -logon File not found
O4 - HKLM..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard)
O4 - HKLM..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (Nero AG)
O4 - HKCU..\Run: [EPSON Stylus Photo R220 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIA.EXE /FU "C:\WINDOWS\TEMP\E_S28B.tmp" /EF "HKCU" (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKLM..\RunOnce: [InnoSetupRegFile.0000000001] "C:\WINDOWS\is-MOP88.exe" /REG File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Gritch\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\Gritch\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Documents and Settings\Gritch\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_13.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 35 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 34 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} http://support.cox.c...oad/tgctlcm.cab (Support.com Configuration Class)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} http://picasaweb.goo...0/uploader2.cab (UploadListView Class)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.4.1.cab (DLM Control)
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} http://www.fcd.maric...mgaxctrl6.5.cab (Autodesk MapGuide ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1184178072328 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1184178058531 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - CLSID or File not found.
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/07/11 10:15:16 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/02/08 00:35:55 | 00,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/05/08 16:04:01 | 00,005,120 | -HS- | C] () -- C:\WINDOWS\System32\Thumbs.db
[2009/05/08 11:00:32 | 00,059,804 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\Inno.jpg
[2009/05/07 22:17:15 | 00,353,672 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\whats_this.jpg
[2009/05/07 16:46:31 | 00,000,000 | ---D | C] -- C:\Lop SD
[2009/05/07 16:46:16 | 00,530,106 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\LopSD.exe
[2009/05/07 16:21:36 | 00,000,000 | ---D | C] -- C:\_OTListIt
[2009/05/07 11:55:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Desktop\JonJackson
[2009/05/07 11:55:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\My Documents\Roxio
[2009/05/07 11:54:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Application Data\Roxio
[2009/05/07 11:17:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Desktop\mpix
[2009/05/05 23:48:26 | 85,901,040 | ---- | C] (Avery Dennison ) -- C:\Documents and Settings\Gritch\Desktop\DesignPro5_4_Limited.exe
[2009/05/05 23:04:24 | 00,935,203 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\mill.jpg
[2009/05/05 00:37:57 | 61,591,015 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\S_A_Demo.avi
[2009/05/04 23:36:57 | 64,809,1128 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\new_moonsong.avi
[2009/05/04 22:51:09 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/05/04 18:49:42 | 19,489,55708 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\postcards_BTS.avi
[2009/05/04 16:52:27 | 53,075,114 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\Postcards_BTS_final.mov
[2009/05/04 14:09:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Desktop\menu
[2009/05/04 09:13:40 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Gritch\Desktop\OTListIt2.exe
[2009/05/04 09:11:53 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/04 09:11:50 | 00,267,612 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\Rooter.exe
[2009/05/02 15:10:31 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/05/02 15:09:12 | 07,526,856 | ---- | C] (Mozilla) -- C:\Documents and Settings\Gritch\Desktop\Firefox Setup 3.0.10.exe
[2009/05/02 11:44:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Application Data\Malwarebytes
[2009/05/02 11:44:23 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/05/02 11:44:23 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/02 11:44:21 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/05/02 11:44:20 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/05/02 11:44:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/05/02 11:43:44 | 02,967,800 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Gritch\Desktop\mbam-setup.exe
[2009/05/02 11:42:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/05/02 11:42:26 | 00,000,767 | ---- | C] () -- C:\Documents and Settings\Gritch\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/05/02 11:42:13 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\NTREGOPT.lnk
[2009/05/02 11:42:13 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\ERUNT.lnk
[2009/05/02 11:42:12 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/05/02 11:41:54 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Gritch\Desktop\erunt_setup.exe
[2009/05/02 11:41:25 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Documents and Settings\Gritch\Desktop\SysRestorePoint.exe
[2009/05/02 11:30:59 | 01,678,112 | ---- | C] (Uniblue Systems ) -- C:\Documents and Settings\Gritch\Desktop\cbbleepingregistrybooster.exe
[2009/05/02 11:16:06 | 00,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srusd.dll
[2009/05/02 11:16:06 | 00,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2009/05/02 11:16:06 | 00,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\serscan.sys
[2009/05/02 11:16:06 | 00,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2009/05/02 11:16:05 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fnfilter.dll
[2009/05/02 11:16:05 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2009/05/02 09:52:13 | 43,896,751 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\columbia_crash.wmv
[2009/05/01 19:51:22 | 29,081,93083 | ---- | C] () -- C:\ADBEPPROCS4_Cont_LS7.7z
[2009/05/01 17:08:01 | 12,990,33847 | ---- | C] () -- C:\ADBEPPROCS4_LS7.7z
[2009/05/01 17:08:00 | 00,001,983 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\Start Download Manager.lnk
[2009/05/01 12:25:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Desktop\warning
[2009/04/30 08:44:21 | 00,019,456 | ---- | C] () -- C:\Documents and Settings\Gritch\My Documents\Confirmatio1.doc
[2009/04/29 18:41:26 | 01,089,593 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat
[2009/04/29 18:27:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Application Data\Uniblue
[2009/04/29 18:27:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2009/04/29 14:18:29 | 02,702,884 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\cz27v51.pdf
[2009/04/29 13:31:46 | 04,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2009/04/29 13:31:46 | 01,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2009/04/29 13:31:46 | 00,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2009/04/29 13:31:45 | 02,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2009/04/29 13:31:45 | 00,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2009/04/29 13:31:45 | 00,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2009/04/29 13:31:45 | 00,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2009/04/29 13:31:45 | 00,069,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2009/04/29 13:31:45 | 00,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2009/04/29 13:31:44 | 04,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2009/04/29 13:31:44 | 00,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2009/04/29 13:31:44 | 00,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2009/04/29 13:31:44 | 00,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2009/04/29 13:31:44 | 00,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2009/04/29 13:31:43 | 01,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2009/04/29 13:31:43 | 00,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2009/04/29 13:31:43 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2009/04/29 13:31:43 | 00,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2009/04/29 13:31:42 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2009/04/29 13:31:42 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2009/04/29 13:31:41 | 01,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2009/04/29 13:31:41 | 00,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2009/04/29 13:31:41 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2009/04/29 13:31:41 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2009/04/29 13:31:41 | 00,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2009/04/29 13:31:41 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2009/04/29 13:31:40 | 03,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2009/04/29 13:31:40 | 00,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2009/04/29 13:31:40 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2009/04/29 13:31:40 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2009/04/29 13:31:39 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2009/04/29 13:31:39 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2009/04/29 13:31:39 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2009/04/29 13:31:39 | 00,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2009/04/29 13:31:38 | 03,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2009/04/29 13:31:38 | 01,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2009/04/29 13:31:38 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2009/04/29 13:31:38 | 00,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2009/04/29 13:31:37 | 03,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2009/04/29 13:31:37 | 01,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2009/04/29 13:31:37 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2009/04/29 13:31:36 | 03,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2009/04/29 13:31:36 | 01,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2009/04/29 13:31:36 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2009/04/29 13:31:36 | 00,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2009/04/29 13:31:36 | 00,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2009/04/29 13:31:35 | 00,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2009/04/29 13:31:35 | 00,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2009/04/29 13:31:34 | 03,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2009/04/29 13:31:34 | 01,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2009/04/29 13:31:34 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2009/04/29 13:31:34 | 00,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2009/04/29 13:31:33 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2009/04/29 13:31:33 | 00,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2009/04/29 13:31:32 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2009/04/29 13:31:32 | 00,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2009/04/29 13:31:32 | 00,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2009/04/29 13:31:32 | 00,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2009/04/29 13:31:32 | 00,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2009/04/29 13:31:31 | 00,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2009/04/29 13:31:31 | 00,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2009/04/29 13:31:31 | 00,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2009/04/29 13:31:28 | 02,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2009/04/29 13:31:28 | 00,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2009/04/29 13:31:28 | 00,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2009/04/29 13:31:27 | 02,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2009/04/29 13:31:27 | 02,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2009/04/29 13:31:27 | 02,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2009/04/29 13:31:27 | 00,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2009/04/29 13:31:26 | 02,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2009/04/29 13:31:26 | 02,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2009/04/29 13:31:25 | 02,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2009/04/29 13:27:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2009/04/29 13:27:26 | 00,301,384 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Gritch\Desktop\dxwebsetup.exe
[2009/04/29 13:06:22 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/04/29 10:13:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\My Documents\CONSOLE
[2009/04/29 09:49:50 | 00,018,203 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\Canon_Progressive-Scan_HDV.zip
[2009/04/27 19:27:14 | 00,020,480 | ---- | C] () -- C:\Documents and Settings\Gritch\My Documents\Laskarina Bouboulina.doc
[2009/04/25 18:58:44 | 00,092,160 | ---- | C] () -- C:\Documents and Settings\Gritch\My Documents\cyprus.doc
[2009/04/22 00:16:18 | 00,044,032 | ---- | C] () -- C:\Documents and Settings\Gritch\My Documents\A preface.doc
[2009/04/21 14:30:08 | 28,559,7828 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\mill_editor.mov
[2009/04/21 14:06:15 | 64,900,876 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\AME_All_4.0.1_mul_AdobeUpdate.zip
[2009/04/21 13:35:27 | 00,034,304 | ---- | C] () -- C:\Documents and Settings\Gritch\My Documents\D_Dennis005.doc
[2009/04/21 13:32:08 | 00,034,304 | ---- | C] () -- C:\Documents and Settings\Gritch\My Documents\D_Dennis004.doc
[2009/04/20 11:23:19 | 00,000,021 | ---- | C] () -- C:\WINDOWS\SurCode.INI
[2009/04/19 16:01:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Desktop\ART
[2009/04/18 18:43:12 | 00,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/04/18 18:42:49 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/04/18 18:42:45 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/04/18 18:42:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/04/18 00:30:47 | 03,567,616 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\Tori Amos - Bliss.mp3
[2009/04/17 22:56:57 | 08,067,660 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\tori amos - datura.mp3
[2009/04/17 15:59:51 | 00,133,378 | ---- | C] () -- C:\Documents and Settings\Gritch\My Documents\test.pdf
[2009/04/17 15:56:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\My Documents\Adobe Scripts
[2009/04/17 15:54:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Application Data\com.adobe.ExMan
[2009/04/16 14:31:58 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/16 14:31:58 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/16 14:31:58 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/16 14:31:58 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/16 14:31:58 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/16 14:31:58 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/16 14:31:58 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/16 14:31:58 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/16 14:31:57 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/16 14:31:26 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/04/16 14:31:26 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/04/16 14:31:26 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/15 09:10:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2009/04/14 17:01:41 | 00,028,672 | ---- | C] () -- C:\Documents and Settings\Gritch\My Documents\local_webshow.doc
[2009/04/14 16:15:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Application Data\Download Manager
[2009/04/14 11:05:22 | 07,906,653 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\cardtrans.pspimage
[2009/04/13 23:49:10 | 11,702,5267 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\Mill_Ave_Premiere.wmv
[2009/04/13 02:30:17 | 47,973,343 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\robin_wilson.wmv
[2009/04/12 21:08:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Application Data\DriverCure
[2009/04/12 21:08:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2009/04/12 21:08:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2009/04/12 19:40:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Desktop\aifss
[2009/04/12 01:57:39 | 11,593,1769 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\nelson.mov
[2009/04/11 23:35:08 | 00,023,040 | ---- | C] () -- C:\Documents and Settings\Gritch\My Documents\Hi Art.doc
[2009/04/10 10:55:23 | 00,404,265 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\iLogo.jpg
[2009/04/09 21:29:01 | 04,397,806 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\encore151_updater.zip
[2009/04/09 10:39:29 | 89,244,213 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\ethics_business.wmv
[2009/03/28 17:53:47 | 00,000,025 | ---- | C] () -- C:\WINDOWS\EPR220.ini
[2009/03/28 17:32:16 | 00,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009/03/08 12:09:41 | 00,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/02/25 12:35:27 | 00,000,264 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2009/02/12 03:02:19 | 00,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/10/06 15:03:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2008/01/08 13:59:10 | 00,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/01/08 13:59:10 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/12/16 16:26:38 | 00,059,392 | R--- | C] () -- C:\WINDOWS\System32\streamhlp.dll
[2007/12/12 16:07:58 | 00,000,645 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/09/28 09:07:52 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/09/28 09:05:50 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2007/09/28 09:05:50 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2007/09/28 09:05:08 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/08/29 18:09:48 | 00,000,054 | ---- | C] () -- C:\WINDOWS\JascCmdFile.INI
[2007/07/19 16:37:36 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2007/07/19 16:37:36 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2007/07/19 16:37:36 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2007/07/19 16:37:36 | 00,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2007/07/19 16:37:36 | 00,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2007/07/14 16:04:34 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/07/11 10:46:26 | 00,029,057 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2007/07/11 10:46:03 | 00,028,735 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2007/07/11 10:46:02 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2007/07/11 10:45:56 | 00,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2004/03/23 18:45:35 | 00,299,008 | ---- | C] () -- C:\WINDOWS\System32\Look Suite.win.dll
[2004/03/23 18:45:34 | 00,131,072 | ---- | C] () -- C:\WINDOWS\System32\libguide40.dll
[2001/08/23 05:00:00 | 00,000,794 | ---- | C] () -- C:\WINDOWS\win.ini
[2001/08/23 05:00:00 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[1999/01/27 13:39:06 | 00,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1999/01/22 16:46:58 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1997/06/13 07:56:08 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[1763/08/02 04:54:33 | 00,004,263 | -HS- | C] () -- C:\WINDOWS\windllreg1c.sys

========== Files - Modified Within 30 Days ==========

[1 C:\*.tmp files]
[1 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/05/08 16:40:34 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/05/08 16:40:28 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/08 16:40:20 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Gritch\Local Settings\desktop.ini
[2009/05/08 16:40:16 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/08 16:40:12 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/08 16:04:02 | 00,014,848 | -HS- | M] () -- C:\WINDOWS\Thumbs.db
[2009/05/08 16:04:01 | 00,005,120 | -HS- | M] () -- C:\WINDOWS\System32\Thumbs.db
[2009/05/08 16:04:01 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/05/08 11:34:13 | 00,365,056 | -HS- | M] () -- C:\Documents and Settings\Gritch\Desktop\Thumbs.db
[2009/05/08 11:00:32 | 00,059,804 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\Inno.jpg
[2009/05/07 22:28:23 | 00,353,672 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\whats_this.jpg
[2009/05/07 16:46:16 | 00,530,106 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\LopSD.exe
[2009/05/06 11:36:17 | 00,000,164 | ---- | M] () -- C:\WINDOWS\VUI.pref
[2009/05/05 23:48:30 | 85,901,040 | ---- | M] (Avery Dennison ) -- C:\Documents and Settings\Gritch\Desktop\DesignPro5_4_Limited.exe
[2009/05/05 23:19:48 | 00,935,203 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\mill.jpg
[2009/05/05 02:37:28 | 61,591,015 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\S_A_Demo.avi
[2009/05/04 19:41:48 | 19,489,55708 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\postcards_BTS.avi
[2009/05/04 09:13:44 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gritch\Desktop\OTListIt2.exe
[2009/05/04 09:11:53 | 00,267,612 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\Rooter.exe
[2009/05/02 17:59:03 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/05/02 15:10:31 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/05/02 15:09:47 | 07,526,856 | ---- | M] (Mozilla) -- C:\Documents and Settings\Gritch\Desktop\Firefox Setup 3.0.10.exe
[2009/05/02 12:00:27 | 02,068,624 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/02 11:44:23 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/02 11:44:01 | 02,967,800 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Gritch\Desktop\mbam-setup.exe
[2009/05/02 11:42:26 | 00,000,767 | ---- | M] () -- C:\Documents and Settings\Gritch\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/05/02 11:42:13 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\NTREGOPT.lnk
[2009/05/02 11:42:13 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\ERUNT.lnk
[2009/05/02 11:41:59 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Gritch\Desktop\erunt_setup.exe
[2009/05/02 11:41:27 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Documents and Settings\Gritch\Desktop\SysRestorePoint.exe
[2009/05/02 11:31:10 | 01,678,112 | ---- | M] (Uniblue Systems ) -- C:\Documents and Settings\Gritch\Desktop\cbbleepingregistrybooster.exe
[2009/05/02 10:05:14 | 43,896,751 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\columbia_crash.wmv
[2009/05/02 09:23:06 | 47,973,343 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\robin_wilson.wmv
[2009/05/01 23:53:30 | 29,081,93083 | ---- | M] () -- C:\ADBEPPROCS4_Cont_LS7.7z
[2009/05/01 19:51:21 | 00,001,983 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\Start Download Manager.lnk
[2009/05/01 18:54:12 | 12,990,33847 | ---- | M] () -- C:\ADBEPPROCS4_LS7.7z
[2009/05/01 13:49:13 | 00,000,219 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.tgz
[2009/05/01 13:49:13 | 00,000,205 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.dll
[2009/05/01 13:49:13 | 00,000,087 | ---- | M] () -- C:\WINDOWS\System32\ssprs.tgz
[2009/05/01 13:49:13 | 00,000,073 | ---- | M] () -- C:\WINDOWS\System32\ssprs.dll
[2009/05/01 13:49:13 | 00,000,021 | ---- | M] () -- C:\WINDOWS\SurCode.INI
[2009/04/30 08:44:21 | 00,019,456 | ---- | M] () -- C:\Documents and Settings\Gritch\My Documents\Confirmatio1.doc
[2009/04/29 21:10:31 | 00,034,304 | ---- | M] () -- C:\Documents and Settings\Gritch\My Documents\D_Dennis005.doc
[2009/04/29 21:05:31 | 00,034,304 | ---- | M] () -- C:\Documents and Settings\Gritch\My Documents\D_Dennis004.doc
[2009/04/29 14:18:31 | 02,702,884 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\cz27v51.pdf
[2009/04/29 13:27:28 | 00,301,384 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Gritch\Desktop\dxwebsetup.exe
[2009/04/29 13:10:54 | 00,000,077 | -HS- | M] () -- C:\Documents and Settings\Gritch\My Documents\desktop.ini
[2009/04/29 13:07:23 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/04/29 12:39:00 | 00,501,230 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/29 12:39:00 | 00,441,124 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/29 12:39:00 | 00,071,060 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/29 09:49:54 | 00,018,203 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\Canon_Progressive-Scan_HDV.zip
[2009/04/27 22:48:28 | 00,020,480 | ---- | M] () -- C:\Documents and Settings\Gritch\My Documents\Laskarina Bouboulina.doc
[2009/04/26 12:59:21 | 00,092,160 | ---- | M] () -- C:\Documents and Settings\Gritch\My Documents\cyprus.doc
[2009/04/22 03:55:07 | 00,044,032 | ---- | M] () -- C:\Documents and Settings\Gritch\My Documents\A preface.doc
[2009/04/22 03:07:24 | 28,559,7828 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\mill_editor.mov
[2009/04/21 14:06:19 | 64,900,876 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\AME_All_4.0.1_mul_AdobeUpdate.zip
[2009/04/18 18:43:12 | 00,001,804 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/04/17 15:59:54 | 00,133,378 | ---- | M] () -- C:\Documents and Settings\Gritch\My Documents\test.pdf
[2009/04/15 09:43:51 | 28,925,56032 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\12.mov
[2009/04/14 17:53:09 | 00,028,672 | ---- | M] () -- C:\Documents and Settings\Gritch\My Documents\local_webshow.doc
[2009/04/14 11:05:22 | 07,906,653 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\cardtrans.pspimage
[2009/04/14 00:16:34 | 11,702,5267 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\Mill_Ave_Premiere.wmv
[2009/04/12 02:32:42 | 11,593,1769 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\nelson.mov
[2009/04/11 23:35:08 | 00,023,040 | ---- | M] () -- C:\Documents and Settings\Gritch\My Documents\Hi Art.doc
[2009/04/10 22:52:24 | 00,134,968 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\pspbrwse.jbf
[2009/04/10 10:55:23 | 00,404,265 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\iLogo.jpg
[2009/04/09 21:29:03 | 04,397,806 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\encore151_updater.zip
[2009/04/09 10:53:29 | 89,244,213 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\ethics_business.wmv

========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AC6124CA
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05D195EC
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2615E8F1
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
  • 0

#21
heir
Posted 08 May 2009 - 05:59 PM

heir

    Trusted Helper

  • Malware Removal
  • 5,427 posts
Make sure that Spybot Teatimer is disabled.
Follow instructions here to disable it.

Then do this OTL-fix.

Run OTListIt2.exe
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTLI
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
SRV - (Idrtarnr [Disabled | Stopped]) -- File not found
O4 - HKLM..\RunOnce: [InnoSetupRegFile.0000000001] "C:\WINDOWS\is-MOP88.exe" /REG File not found
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • Then post a new OTL2 log

  • 0

#22
x24val
Posted 08 May 2009 - 06:11 PM

x24val

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
I'm having trouble figuring this out. I've got to the point where you click on system startup, but I don't see anything to uncheck that says "teatimer"

# Click on the "System Startup" icon in the List
# Uncheck the "TeaTimer" box and "OK" any prompts.
  • 0

#23
x24val
Posted 08 May 2009 - 06:31 PM

x24val

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
this is the screen I'm stuck at... bad res, but there's a 91k limit

Attached Thumbnails

  • spybot.jpg

  • 0

#24
x24val
Posted 08 May 2009 - 07:59 PM

x24val

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
well I rechecked the resident teatimer box then went to system startup and teatimer was there. So I unchecked the box in the system startup and the resident teatimer box was automatically unchecked. So I ran the fix ...hope I didn't screw it up, but I now am not getting the Spybot request anymore.

========== OTLISTIT ==========
Process explorer.exe killed successfully!

Service\Driver Idrtarnr deleted successfully.
File File not found not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\InnoSetupRegFile.0000000001 deleted successfully.
========== COMMANDS ==========
File delete failed. C:\Documents and Settings\Gritch\Local Settings\Temp\etilqs_7LkJTS1EwGTgH26ZMqKS scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\unp65959245.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_53c.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_73c.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
Temp folders emptied.
Explorer started successfully

OTListIt2 by OldTimer - Version 2.0.15.3 log created on 05082009_185308

Files moved on Reboot...
File C:\Documents and Settings\Gritch\Local Settings\Temp\etilqs_7LkJTS1EwGTgH26ZMqKS not found!
File C:\WINDOWS\temp\_avast4_\unp65959245.tmp not found!
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File C:\WINDOWS\temp\Perflib_Perfdata_53c.dat not found!
File C:\WINDOWS\temp\Perflib_Perfdata_73c.dat not found!

Registry entries deleted on Reboot...
  • 0

#25
x24val
Posted 08 May 2009 - 08:03 PM

x24val

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
enabled TeaTimer on Spybot and the Spybot notice has immediatly returned
  • 0

Advertisements

#26
heir
Posted 10 May 2009 - 03:07 PM

heir

    Trusted Helper

  • Malware Removal
  • 5,427 posts
We'll do it a bit different this time.

Make sure that Spybot Teatimer is disabled.
Follow instructions here to disable it.

Then do this OTL-fix.

Run OTListIt2.exe
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTLI
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [InnoSetupRegFile.0000000001] "C:\WINDOWS\is-MOP88.exe" /REG File not found
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done


Enable teatimer
If/when you get that notice from spybot teatimer allow the change.

Reboot your computer
Scan with OTL2 and post a fresh OTListIt.txt log
  • 0

#27
x24val
Posted 10 May 2009 - 03:23 PM

x24val

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
disabled Teatimer ...ran fix ...no request ...enabled TeaTimer, followed by Spybot request. Said "yes" then ran scan...

OTListIt logfile created on: 5/10/2009 2:20:20 PM - Run 5
OTListIt2 by OldTimer - Version 2.0.15.3 Folder = C:\Documents and Settings\Gritch\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.85 Gb Available Physical Memory | 92.50% Memory free
4.00 Gb Paging File | 3.84 Gb Available in Paging File | 95.89% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97.65 Gb Total Space | 14.81 Gb Free Space | 15.17% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 200.43 Gb Total Space | 55.47 Gb Free Space | 27.67% Space Free | Partition Type: NTFS
Drive F: | 372.60 Gb Total Space | 78.91 Gb Free Space | 21.18% Space Free | Partition Type: NTFS
Drive G: | 279.46 Gb Total Space | 83.38 Gb Free Space | 29.84% Space Free | Partition Type: NTFS
Drive H: | 465.76 Gb Total Space | 12.28 Gb Free Space | 2.64% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: VIDEO
Current User Name: Gritch
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\iPod Access for Windows\iPAHelper.exe ()
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
PRC - C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
PRC - C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard)
PRC - c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe ()
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Documents and Settings\Gritch\Desktop\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (Adobe LM Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (Ati HotKey Poller [Auto | Running]) -- C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (ATI Smart [Auto | Stopped]) -- C:\WINDOWS\system32\ati2sgag.exe ()
SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (gusvc [Auto | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (iPAHelper.exe [Auto | Running]) -- C:\Program Files\iPod Access for Windows\iPAHelper.exe ()
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (61883 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\61883.sys (Microsoft Corporation)
DRV - (Aavmker4 [System | Running]) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (ADIDTSFiltService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\adidts.sys (Analog Devices, Inc.)
DRV - (ADIHdAudAddService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (AEAudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\AEAudio.sys (Andrea Electronics Corporation)
DRV - (Afc [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\Afc.sys (Arcsoft, Inc.)
DRV - (AFS2K [System | Running]) -- C:\WINDOWS\System32\drivers\AFS2K.SYS (Oak Technology Inc.)
DRV - (ASPI32 [System | Running]) -- C:\WINDOWS\System32\drivers\aspi32.sys (Adaptec)
DRV - (aswMon2 [Auto | Running]) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswRdr [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswTdi [System | Running]) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (ati2mtag [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (Avc [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\avc.sys (Microsoft Corporation)
DRV - (AVCSTRM [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\avcstrm.sys (Microsoft Corporation)
DRV - (ENUM1394 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\enum1394.sys (Microsoft Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (JGOGO [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\JGOGO.sys (JMicron )
DRV - (JRAID [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\jraid.sys (JMicron Technology Corp.)
DRV - (mcdbus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\mcdbus.sys (MagicISO, Inc.)
DRV - (MSDV [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\msdv.sys (Microsoft Corporation)
DRV - (MSTAPE [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\mstape.sys (Microsoft Corporation)
DRV - (MTsensor [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ASACPI.sys ()
DRV - (pfc [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\PxHelp20.sys (Sonic Solutions)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (StillCam [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\serscan.sys (Microsoft Corporation)
DRV - (usbaudio [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (yukonwxp [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\yk51x86.sys (Marvell)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://news.google.com/news?ned=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.co...en-US:official"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10

FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/03/10 10:33:48 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/04/29 12:36:55 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/05/02 15:10:28 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/05/02 15:10:28 | 00,000,000 | ---D | M]

[2009/05/02 15:10:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gritch\Application Data\mozilla\Extensions
[2009/05/02 15:10:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gritch\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2007/09/05 14:39:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gritch\Application Data\mozilla\Firefox\Profiles\bfyp5y6h.default\extensions
[2009/05/10 00:57:59 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/05/02 15:10:28 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/10 10:33:59 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/04/07 07:34:02 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/04/23 21:38:30 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/23 21:38:32 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/04/23 17:39:08 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/04/23 17:39:08 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/04/23 17:39:08 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/04/23 17:39:08 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/04/23 17:39:08 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/04/23 17:39:08 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/04/23 17:39:08 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (224265 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 babe.the-killer.bz
O1 - Hosts: 127.0.0.1 www.babe.the-killer.bz
O1 - Hosts: 127.0.0.1 babe.k-lined.com
O1 - Hosts: 127.0.0.1 www.babe.k-lined.com
O1 - Hosts: 127.0.0.1 did.i-used.cc
O1 - Hosts: 127.0.0.1 www.did.i-used.cc
O1 - Hosts: 127.0.0.1 coolwwwsearch.com
O1 - Hosts: 127.0.0.1 www.coolwwwsearch.com
O1 - Hosts: 127.0.0.1 coolwebsearch.com
O1 - Hosts: 127.0.0.1 www.coolwebsearch.com
O1 - Hosts: 127.0.0.1 hi.studioaperto.net
O1 - Hosts: 127.0.0.1 www.hi.studioaperto.net
O1 - Hosts: 127.0.0.1 wazzupnet.com
O1 - Hosts: 127.0.0.1 www.wazzupnet.com
O1 - Hosts: 127.0.0.1 gueb.com
O1 - Hosts: 127.0.0.1 www.gueb.com
O1 - Hosts: 127.0.0.1 kabex.com
O1 - Hosts: 127.0.0.1 www.kabex.com
O1 - Hosts: 127.0.0.1 hityou.com
O1 - Hosts: 127.0.0.1 www.hityou.com
O1 - Hosts: 127.0.0.1 miosearch.com
O1 - Hosts: 127.0.0.1 www.miosearch.com
O1 - Hosts: 127.0.0.1 blue-elefant.com
O1 - Hosts: 127.0.0.1 www.blue-elefant.com
O1 - Hosts: 7871 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [\CHRIS\EPSON Stylus Photo R220 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIA.EXE /P38 "\\CHRIS\EPSON Stylus Photo R220 Series" /O6 "USB001" /M "Stylus Photo R220" (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe boot (JMicron Technology Corp.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [Recordpad] "C:\Program Files\NCH Swift Sound\Recordpad\recordpad.exe" -logon File not found
O4 - HKLM..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard)
O4 - HKLM..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (Nero AG)
O4 - HKCU..\Run: [EPSON Stylus Photo R220 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIA.EXE /FU "C:\WINDOWS\TEMP\E_S28B.tmp" /EF "HKCU" (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Gritch\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\Gritch\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Documents and Settings\Gritch\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_13.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 35 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 34 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} http://support.cox.c...oad/tgctlcm.cab (Support.com Configuration Class)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} http://picasaweb.goo...0/uploader2.cab (UploadListView Class)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.4.1.cab (DLM Control)
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} http://www.fcd.maric...mgaxctrl6.5.cab (Autodesk MapGuide ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1184178072328 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1184178058531 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - CLSID or File not found.
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/07/11 10:15:16 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/02/08 00:35:55 | 00,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/05/08 22:54:48 | 10,498,8993 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\tv_networks.wmv
[2009/05/08 17:27:18 | 00,088,661 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\spybot.jpg
[2009/05/08 16:04:01 | 00,005,120 | -HS- | C] () -- C:\WINDOWS\System32\Thumbs.db
[2009/05/08 11:00:32 | 00,059,804 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\Inno.jpg
[2009/05/07 22:17:15 | 00,353,672 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\whats_this.jpg
[2009/05/07 16:46:31 | 00,000,000 | ---D | C] -- C:\Lop SD
[2009/05/07 16:46:16 | 00,530,106 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\LopSD.exe
[2009/05/07 16:21:36 | 00,000,000 | ---D | C] -- C:\_OTListIt
[2009/05/07 11:55:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Desktop\JonJackson
[2009/05/07 11:55:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\My Documents\Roxio
[2009/05/07 11:54:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Application Data\Roxio
[2009/05/07 11:17:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Desktop\mpix
[2009/05/05 23:48:26 | 85,901,040 | ---- | C] (Avery Dennison ) -- C:\Documents and Settings\Gritch\Desktop\DesignPro5_4_Limited.exe
[2009/05/05 23:04:24 | 00,935,203 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\mill.jpg
[2009/05/05 00:37:57 | 61,591,015 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\S_A_Demo.avi
[2009/05/04 23:36:57 | 64,809,1128 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\new_moonsong.avi
[2009/05/04 22:51:09 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/05/04 18:49:42 | 19,489,55708 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\postcards_BTS.avi
[2009/05/04 16:52:27 | 53,075,114 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\Postcards_BTS_final.mov
[2009/05/04 14:09:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Desktop\menu
[2009/05/04 09:13:40 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Gritch\Desktop\OTListIt2.exe
[2009/05/04 09:11:53 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/04 09:11:50 | 00,267,612 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\Rooter.exe
[2009/05/02 15:10:31 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/05/02 15:09:12 | 07,526,856 | ---- | C] (Mozilla) -- C:\Documents and Settings\Gritch\Desktop\Firefox Setup 3.0.10.exe
[2009/05/02 11:44:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Application Data\Malwarebytes
[2009/05/02 11:44:23 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/05/02 11:44:23 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/02 11:44:21 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/05/02 11:44:20 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/05/02 11:44:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/05/02 11:43:44 | 02,967,800 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Gritch\Desktop\mbam-setup.exe
[2009/05/02 11:42:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/05/02 11:42:26 | 00,000,767 | ---- | C] () -- C:\Documents and Settings\Gritch\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/05/02 11:42:13 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\NTREGOPT.lnk
[2009/05/02 11:42:13 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\ERUNT.lnk
[2009/05/02 11:42:12 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/05/02 11:41:54 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Gritch\Desktop\erunt_setup.exe
[2009/05/02 11:41:25 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Documents and Settings\Gritch\Desktop\SysRestorePoint.exe
[2009/05/02 11:30:59 | 01,678,112 | ---- | C] (Uniblue Systems ) -- C:\Documents and Settings\Gritch\Desktop\cbbleepingregistrybooster.exe
[2009/05/02 11:16:06 | 00,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srusd.dll
[2009/05/02 11:16:06 | 00,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2009/05/02 11:16:06 | 00,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\serscan.sys
[2009/05/02 11:16:06 | 00,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2009/05/02 11:16:05 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fnfilter.dll
[2009/05/02 11:16:05 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2009/05/02 09:52:13 | 43,896,751 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\columbia_crash.wmv
[2009/05/01 19:51:22 | 29,081,93083 | ---- | C] () -- C:\ADBEPPROCS4_Cont_LS7.7z
[2009/05/01 17:08:01 | 12,990,33847 | ---- | C] () -- C:\ADBEPPROCS4_LS7.7z
[2009/05/01 17:08:00 | 00,001,983 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\Start Download Manager.lnk
[2009/05/01 12:25:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Desktop\warning
[2009/04/30 08:44:21 | 00,019,456 | ---- | C] () -- C:\Documents and Settings\Gritch\My Documents\Confirmatio1.doc
[2009/04/29 18:41:26 | 01,089,593 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat
[2009/04/29 18:27:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Application Data\Uniblue
[2009/04/29 18:27:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2009/04/29 14:18:29 | 02,702,884 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\cz27v51.pdf
[2009/04/29 13:31:46 | 04,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2009/04/29 13:31:46 | 01,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2009/04/29 13:31:46 | 00,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2009/04/29 13:31:45 | 02,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2009/04/29 13:31:45 | 00,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2009/04/29 13:31:45 | 00,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2009/04/29 13:31:45 | 00,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2009/04/29 13:31:45 | 00,069,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2009/04/29 13:31:45 | 00,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2009/04/29 13:31:44 | 04,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2009/04/29 13:31:44 | 00,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2009/04/29 13:31:44 | 00,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2009/04/29 13:31:44 | 00,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2009/04/29 13:31:44 | 00,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2009/04/29 13:31:43 | 01,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2009/04/29 13:31:43 | 00,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2009/04/29 13:31:43 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2009/04/29 13:31:43 | 00,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2009/04/29 13:31:42 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2009/04/29 13:31:42 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2009/04/29 13:31:41 | 01,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2009/04/29 13:31:41 | 00,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2009/04/29 13:31:41 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2009/04/29 13:31:41 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2009/04/29 13:31:41 | 00,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2009/04/29 13:31:41 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2009/04/29 13:31:40 | 03,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2009/04/29 13:31:40 | 00,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2009/04/29 13:31:40 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2009/04/29 13:31:40 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2009/04/29 13:31:39 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2009/04/29 13:31:39 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2009/04/29 13:31:39 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2009/04/29 13:31:39 | 00,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2009/04/29 13:31:38 | 03,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2009/04/29 13:31:38 | 01,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2009/04/29 13:31:38 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2009/04/29 13:31:38 | 00,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2009/04/29 13:31:37 | 03,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2009/04/29 13:31:37 | 01,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2009/04/29 13:31:37 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2009/04/29 13:31:36 | 03,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2009/04/29 13:31:36 | 01,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2009/04/29 13:31:36 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2009/04/29 13:31:36 | 00,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2009/04/29 13:31:36 | 00,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2009/04/29 13:31:35 | 00,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2009/04/29 13:31:35 | 00,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2009/04/29 13:31:34 | 03,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2009/04/29 13:31:34 | 01,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2009/04/29 13:31:34 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2009/04/29 13:31:34 | 00,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2009/04/29 13:31:33 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2009/04/29 13:31:33 | 00,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2009/04/29 13:31:32 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2009/04/29 13:31:32 | 00,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2009/04/29 13:31:32 | 00,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2009/04/29 13:31:32 | 00,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2009/04/29 13:31:32 | 00,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2009/04/29 13:31:31 | 00,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2009/04/29 13:31:31 | 00,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2009/04/29 13:31:31 | 00,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2009/04/29 13:31:28 | 02,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2009/04/29 13:31:28 | 00,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2009/04/29 13:31:28 | 00,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2009/04/29 13:31:27 | 02,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2009/04/29 13:31:27 | 02,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2009/04/29 13:31:27 | 02,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2009/04/29 13:31:27 | 00,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2009/04/29 13:31:26 | 02,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2009/04/29 13:31:26 | 02,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2009/04/29 13:31:25 | 02,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2009/04/29 13:27:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2009/04/29 13:27:26 | 00,301,384 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Gritch\Desktop\dxwebsetup.exe
[2009/04/29 13:06:22 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/04/29 10:13:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\My Documents\CONSOLE
[2009/04/29 09:49:50 | 00,018,203 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\Canon_Progressive-Scan_HDV.zip
[2009/04/27 19:27:14 | 00,020,480 | ---- | C] () -- C:\Documents and Settings\Gritch\My Documents\Laskarina Bouboulina.doc
[2009/04/25 18:58:44 | 00,092,160 | ---- | C] () -- C:\Documents and Settings\Gritch\My Documents\cyprus.doc
[2009/04/22 00:16:18 | 00,044,032 | ---- | C] () -- C:\Documents and Settings\Gritch\My Documents\A preface.doc
[2009/04/21 14:30:08 | 28,559,7828 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\mill_editor.mov
[2009/04/21 14:06:15 | 64,900,876 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\AME_All_4.0.1_mul_AdobeUpdate.zip
[2009/04/21 13:35:27 | 00,034,304 | ---- | C] () -- C:\Documents and Settings\Gritch\My Documents\D_Dennis005.doc
[2009/04/21 13:32:08 | 00,034,304 | ---- | C] () -- C:\Documents and Settings\Gritch\My Documents\D_Dennis004.doc
[2009/04/20 11:23:19 | 00,000,021 | ---- | C] () -- C:\WINDOWS\SurCode.INI
[2009/04/19 16:01:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Desktop\ART
[2009/04/18 18:43:12 | 00,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/04/18 18:42:49 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/04/18 18:42:45 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/04/18 18:42:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/04/18 00:30:47 | 03,567,616 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\Tori Amos - Bliss.mp3
[2009/04/17 22:56:57 | 08,067,660 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\tori amos - datura.mp3
[2009/04/17 15:59:51 | 00,133,378 | ---- | C] () -- C:\Documents and Settings\Gritch\My Documents\test.pdf
[2009/04/17 15:56:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\My Documents\Adobe Scripts
[2009/04/17 15:54:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Application Data\com.adobe.ExMan
[2009/04/16 14:31:58 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/16 14:31:58 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/16 14:31:58 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/16 14:31:58 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/16 14:31:58 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/16 14:31:58 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/16 14:31:58 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/16 14:31:58 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/16 14:31:57 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/16 14:31:26 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/04/16 14:31:26 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/04/16 14:31:26 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/15 09:10:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2009/04/14 17:01:41 | 00,028,672 | ---- | C] () -- C:\Documents and Settings\Gritch\My Documents\local_webshow.doc
[2009/04/14 16:15:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Application Data\Download Manager
[2009/04/14 11:05:22 | 07,906,653 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\cardtrans.pspimage
[2009/04/13 23:49:10 | 11,702,5267 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\Mill_Ave_Premiere.wmv
[2009/04/13 02:30:17 | 47,973,343 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\robin_wilson.wmv
[2009/04/12 21:08:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Application Data\DriverCure
[2009/04/12 21:08:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2009/04/12 21:08:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2009/04/12 19:40:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Desktop\aifss
[2009/04/12 01:57:39 | 11,593,1769 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\nelson.mov
[2009/04/11 23:35:08 | 00,023,040 | ---- | C] () -- C:\Documents and Settings\Gritch\My Documents\Hi Art.doc
[2009/03/28 17:53:47 | 00,000,025 | ---- | C] () -- C:\WINDOWS\EPR220.ini
[2009/03/28 17:32:16 | 00,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009/03/08 12:09:41 | 00,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/02/25 12:35:27 | 00,000,264 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2009/02/12 03:02:19 | 00,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/10/06 15:03:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2008/01/08 13:59:10 | 00,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/01/08 13:59:10 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/12/16 16:26:38 | 00,059,392 | R--- | C] () -- C:\WINDOWS\System32\streamhlp.dll
[2007/12/12 16:07:58 | 00,000,645 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/09/28 09:07:52 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/09/28 09:05:50 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2007/09/28 09:05:50 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2007/09/28 09:05:08 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/08/29 18:09:48 | 00,000,054 | ---- | C] () -- C:\WINDOWS\JascCmdFile.INI
[2007/07/19 16:37:36 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2007/07/19 16:37:36 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2007/07/19 16:37:36 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2007/07/19 16:37:36 | 00,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2007/07/19 16:37:36 | 00,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2007/07/14 16:04:34 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/07/11 10:46:26 | 00,029,057 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2007/07/11 10:46:03 | 00,028,735 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2007/07/11 10:46:02 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2007/07/11 10:45:56 | 00,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2004/03/23 18:45:35 | 00,299,008 | ---- | C] () -- C:\WINDOWS\System32\Look Suite.win.dll
[2004/03/23 18:45:34 | 00,131,072 | ---- | C] () -- C:\WINDOWS\System32\libguide40.dll
[2001/08/23 05:00:00 | 00,000,794 | ---- | C] () -- C:\WINDOWS\win.ini
[2001/08/23 05:00:00 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[1999/01/27 13:39:06 | 00,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1999/01/22 16:46:58 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1997/06/13 07:56:08 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[1763/08/02 04:54:33 | 00,004,263 | -HS- | C] () -- C:\WINDOWS\windllreg1c.sys

========== Files - Modified Within 30 Days ==========

[1 C:\*.tmp files]
[1 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/05/10 14:18:42 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/05/10 14:18:36 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/10 14:18:28 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Gritch\Local Settings\desktop.ini
[2009/05/10 14:18:25 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/10 14:18:21 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/09 17:59:01 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/05/08 23:24:16 | 10,498,8993 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\tv_networks.wmv
[2009/05/08 17:29:44 | 00,088,661 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\spybot.jpg
[2009/05/08 16:04:02 | 00,014,848 | -HS- | M] () -- C:\WINDOWS\Thumbs.db
[2009/05/08 16:04:01 | 00,005,120 | -HS- | M] () -- C:\WINDOWS\System32\Thumbs.db
[2009/05/08 16:04:01 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/05/08 11:34:13 | 00,365,056 | -HS- | M] () -- C:\Documents and Settings\Gritch\Desktop\Thumbs.db
[2009/05/08 11:00:32 | 00,059,804 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\Inno.jpg
[2009/05/07 22:28:23 | 00,353,672 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\whats_this.jpg
[2009/05/07 16:46:16 | 00,530,106 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\LopSD.exe
[2009/05/06 11:36:17 | 00,000,164 | ---- | M] () -- C:\WINDOWS\VUI.pref
[2009/05/05 23:48:30 | 85,901,040 | ---- | M] (Avery Dennison ) -- C:\Documents and Settings\Gritch\Desktop\DesignPro5_4_Limited.exe
[2009/05/05 23:19:48 | 00,935,203 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\mill.jpg
[2009/05/05 02:37:28 | 61,591,015 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\S_A_Demo.avi
[2009/05/04 19:41:48 | 19,489,55708 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\postcards_BTS.avi
[2009/05/04 09:13:44 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gritch\Desktop\OTListIt2.exe
[2009/05/04 09:11:53 | 00,267,612 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\Rooter.exe
[2009/05/02 15:10:31 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/05/02 15:09:47 | 07,526,856 | ---- | M] (Mozilla) -- C:\Documents and Settings\Gritch\Desktop\Firefox Setup 3.0.10.exe
[2009/05/02 12:00:27 | 02,068,624 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/02 11:44:23 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/02 11:44:01 | 02,967,800 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Gritch\Desktop\mbam-setup.exe
[2009/05/02 11:42:26 | 00,000,767 | ---- | M] () -- C:\Documents and Settings\Gritch\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/05/02 11:42:13 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\NTREGOPT.lnk
[2009/05/02 11:42:13 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\ERUNT.lnk
[2009/05/02 11:41:59 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Gritch\Desktop\erunt_setup.exe
[2009/05/02 11:41:27 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Documents and Settings\Gritch\Desktop\SysRestorePoint.exe
[2009/05/02 11:31:10 | 01,678,112 | ---- | M] (Uniblue Systems ) -- C:\Documents and Settings\Gritch\Desktop\cbbleepingregistrybooster.exe
[2009/05/02 10:05:14 | 43,896,751 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\columbia_crash.wmv
[2009/05/02 09:23:06 | 47,973,343 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\robin_wilson.wmv
[2009/05/01 23:53:30 | 29,081,93083 | ---- | M] () -- C:\ADBEPPROCS4_Cont_LS7.7z
[2009/05/01 19:51:21 | 00,001,983 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\Start Download Manager.lnk
[2009/05/01 18:54:12 | 12,990,33847 | ---- | M] () -- C:\ADBEPPROCS4_LS7.7z
[2009/05/01 13:49:13 | 00,000,219 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.tgz
[2009/05/01 13:49:13 | 00,000,205 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.dll
[2009/05/01 13:49:13 | 00,000,087 | ---- | M] () -- C:\WINDOWS\System32\ssprs.tgz
[2009/05/01 13:49:13 | 00,000,073 | ---- | M] () -- C:\WINDOWS\System32\ssprs.dll
[2009/05/01 13:49:13 | 00,000,021 | ---- | M] () -- C:\WINDOWS\SurCode.INI
[2009/04/30 08:44:21 | 00,019,456 | ---- | M] () -- C:\Documents and Settings\Gritch\My Documents\Confirmatio1.doc
[2009/04/29 21:10:31 | 00,034,304 | ---- | M] () -- C:\Documents and Settings\Gritch\My Documents\D_Dennis005.doc
[2009/04/29 21:05:31 | 00,034,304 | ---- | M] () -- C:\Documents and Settings\Gritch\My Documents\D_Dennis004.doc
[2009/04/29 14:18:31 | 02,702,884 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\cz27v51.pdf
[2009/04/29 13:27:28 | 00,301,384 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Gritch\Desktop\dxwebsetup.exe
[2009/04/29 13:10:54 | 00,000,077 | -HS- | M] () -- C:\Documents and Settings\Gritch\My Documents\desktop.ini
[2009/04/29 13:07:23 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/04/29 12:39:00 | 00,501,230 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/29 12:39:00 | 00,441,124 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/29 12:39:00 | 00,071,060 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/29 09:49:54 | 00,018,203 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\Canon_Progressive-Scan_HDV.zip
[2009/04/27 22:48:28 | 00,020,480 | ---- | M] () -- C:\Documents and Settings\Gritch\My Documents\Laskarina Bouboulina.doc
[2009/04/26 12:59:21 | 00,092,160 | ---- | M] () -- C:\Documents and Settings\Gritch\My Documents\cyprus.doc
[2009/04/22 03:55:07 | 00,044,032 | ---- | M] () -- C:\Documents and Settings\Gritch\My Documents\A preface.doc
[2009/04/22 03:07:24 | 28,559,7828 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\mill_editor.mov
[2009/04/21 14:06:19 | 64,900,876 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\AME_All_4.0.1_mul_AdobeUpdate.zip
[2009/04/18 18:43:12 | 00,001,804 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/04/17 15:59:54 | 00,133,378 | ---- | M] () -- C:\Documents and Settings\Gritch\My Documents\test.pdf
[2009/04/15 09:43:51 | 28,925,56032 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\12.mov
[2009/04/14 17:53:09 | 00,028,672 | ---- | M] () -- C:\Documents and Settings\Gritch\My Documents\local_webshow.doc
[2009/04/14 11:05:22 | 07,906,653 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\cardtrans.pspimage
[2009/04/14 00:16:34 | 11,702,5267 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\Mill_Ave_Premiere.wmv
[2009/04/12 02:32:42 | 11,593,1769 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\nelson.mov
[2009/04/11 23:35:08 | 00,023,040 | ---- | M] () -- C:\Documents and Settings\Gritch\My Documents\Hi Art.doc
[2009/04/10 22:52:24 | 00,134,968 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\pspbrwse.jbf

========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AC6124CA
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05D195EC
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2615E8F1
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
  • 0

#28
x24val
Posted 10 May 2009 - 03:30 PM

x24val

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Oops! I didn't reboot after giving Spybot a "yes". So I rebooted ...computer started up very fast! Ran SCan and here it is...

OTListIt logfile created on: 5/10/2009 2:27:22 PM - Run 6
OTListIt2 by OldTimer - Version 2.0.15.3 Folder = C:\Documents and Settings\Gritch\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.83 Gb Available Physical Memory | 91.69% Memory free
4.00 Gb Paging File | 3.85 Gb Available in Paging File | 96.25% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97.65 Gb Total Space | 14.81 Gb Free Space | 15.17% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 200.43 Gb Total Space | 55.47 Gb Free Space | 27.67% Space Free | Partition Type: NTFS
Drive F: | 372.60 Gb Total Space | 78.91 Gb Free Space | 21.18% Space Free | Partition Type: NTFS
Drive G: | 279.46 Gb Total Space | 83.38 Gb Free Space | 29.84% Space Free | Partition Type: NTFS
Drive H: | 465.76 Gb Total Space | 12.28 Gb Free Space | 2.64% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: VIDEO
Current User Name: Gritch
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
PRC - C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
PRC - C:\Program Files\iPod Access for Windows\iPAHelper.exe ()
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe ()
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Documents and Settings\Gritch\Desktop\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (Adobe LM Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (Ati HotKey Poller [Auto | Running]) -- C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (ATI Smart [Auto | Stopped]) -- C:\WINDOWS\system32\ati2sgag.exe ()
SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (gusvc [Auto | Running]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (iPAHelper.exe [Auto | Running]) -- C:\Program Files\iPod Access for Windows\iPAHelper.exe ()
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (61883 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\61883.sys (Microsoft Corporation)
DRV - (Aavmker4 [System | Running]) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (ADIDTSFiltService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\adidts.sys (Analog Devices, Inc.)
DRV - (ADIHdAudAddService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (AEAudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\AEAudio.sys (Andrea Electronics Corporation)
DRV - (Afc [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\Afc.sys (Arcsoft, Inc.)
DRV - (AFS2K [System | Running]) -- C:\WINDOWS\System32\drivers\AFS2K.SYS (Oak Technology Inc.)
DRV - (ASPI32 [System | Running]) -- C:\WINDOWS\System32\drivers\aspi32.sys (Adaptec)
DRV - (aswMon2 [Auto | Running]) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswRdr [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswTdi [System | Running]) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (ati2mtag [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (Avc [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\avc.sys (Microsoft Corporation)
DRV - (AVCSTRM [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\avcstrm.sys (Microsoft Corporation)
DRV - (ENUM1394 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\enum1394.sys (Microsoft Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (JGOGO [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\JGOGO.sys (JMicron )
DRV - (JRAID [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\jraid.sys (JMicron Technology Corp.)
DRV - (mcdbus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\mcdbus.sys (MagicISO, Inc.)
DRV - (MSDV [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\msdv.sys (Microsoft Corporation)
DRV - (MSTAPE [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\mstape.sys (Microsoft Corporation)
DRV - (MTsensor [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ASACPI.sys ()
DRV - (pfc [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\PxHelp20.sys (Sonic Solutions)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (StillCam [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\serscan.sys (Microsoft Corporation)
DRV - (usbaudio [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (yukonwxp [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\yk51x86.sys (Marvell)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://news.google.com/news?ned=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.co...en-US:official"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10

FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/03/10 10:33:48 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/04/29 12:36:55 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/05/02 15:10:28 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/05/02 15:10:28 | 00,000,000 | ---D | M]

[2009/05/02 15:10:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gritch\Application Data\mozilla\Extensions
[2009/05/02 15:10:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gritch\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2007/09/05 14:39:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gritch\Application Data\mozilla\Firefox\Profiles\bfyp5y6h.default\extensions
[2009/05/10 00:57:59 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/05/02 15:10:28 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/10 10:33:59 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/04/07 07:34:02 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/04/23 21:38:30 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/23 21:38:32 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/04/23 17:39:08 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/04/23 17:39:08 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/04/23 17:39:08 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/04/23 17:39:08 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/04/23 17:39:08 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/04/23 17:39:08 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/04/23 17:39:08 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (224265 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 babe.the-killer.bz
O1 - Hosts: 127.0.0.1 www.babe.the-killer.bz
O1 - Hosts: 127.0.0.1 babe.k-lined.com
O1 - Hosts: 127.0.0.1 www.babe.k-lined.com
O1 - Hosts: 127.0.0.1 did.i-used.cc
O1 - Hosts: 127.0.0.1 www.did.i-used.cc
O1 - Hosts: 127.0.0.1 coolwwwsearch.com
O1 - Hosts: 127.0.0.1 www.coolwwwsearch.com
O1 - Hosts: 127.0.0.1 coolwebsearch.com
O1 - Hosts: 127.0.0.1 www.coolwebsearch.com
O1 - Hosts: 127.0.0.1 hi.studioaperto.net
O1 - Hosts: 127.0.0.1 www.hi.studioaperto.net
O1 - Hosts: 127.0.0.1 wazzupnet.com
O1 - Hosts: 127.0.0.1 www.wazzupnet.com
O1 - Hosts: 127.0.0.1 gueb.com
O1 - Hosts: 127.0.0.1 www.gueb.com
O1 - Hosts: 127.0.0.1 kabex.com
O1 - Hosts: 127.0.0.1 www.kabex.com
O1 - Hosts: 127.0.0.1 hityou.com
O1 - Hosts: 127.0.0.1 www.hityou.com
O1 - Hosts: 127.0.0.1 miosearch.com
O1 - Hosts: 127.0.0.1 www.miosearch.com
O1 - Hosts: 127.0.0.1 blue-elefant.com
O1 - Hosts: 127.0.0.1 www.blue-elefant.com
O1 - Hosts: 7871 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [\CHRIS\EPSON Stylus Photo R220 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIA.EXE /P38 "\\CHRIS\EPSON Stylus Photo R220 Series" /O6 "USB001" /M "Stylus Photo R220" (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe boot (JMicron Technology Corp.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [Recordpad] "C:\Program Files\NCH Swift Sound\Recordpad\recordpad.exe" -logon File not found
O4 - HKLM..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard)
O4 - HKLM..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (Nero AG)
O4 - HKCU..\Run: [EPSON Stylus Photo R220 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIA.EXE /FU "C:\WINDOWS\TEMP\E_S28B.tmp" /EF "HKCU" (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Gritch\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\Gritch\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Documents and Settings\Gritch\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_13.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 35 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 34 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} http://support.cox.c...oad/tgctlcm.cab (Support.com Configuration Class)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} http://picasaweb.goo...0/uploader2.cab (UploadListView Class)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.4.1.cab (DLM Control)
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} http://www.fcd.maric...mgaxctrl6.5.cab (Autodesk MapGuide ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1184178072328 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1184178058531 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - CLSID or File not found.
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/07/11 10:15:16 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/02/08 00:35:55 | 00,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/05/08 22:54:48 | 10,498,8993 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\tv_networks.wmv
[2009/05/08 17:27:18 | 00,088,661 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\spybot.jpg
[2009/05/08 16:04:01 | 00,005,120 | -HS- | C] () -- C:\WINDOWS\System32\Thumbs.db
[2009/05/08 11:00:32 | 00,059,804 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\Inno.jpg
[2009/05/07 22:17:15 | 00,353,672 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\whats_this.jpg
[2009/05/07 16:46:31 | 00,000,000 | ---D | C] -- C:\Lop SD
[2009/05/07 16:46:16 | 00,530,106 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\LopSD.exe
[2009/05/07 16:21:36 | 00,000,000 | ---D | C] -- C:\_OTListIt
[2009/05/07 11:55:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Desktop\JonJackson
[2009/05/07 11:55:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\My Documents\Roxio
[2009/05/07 11:54:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Application Data\Roxio
[2009/05/07 11:17:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Desktop\mpix
[2009/05/05 23:48:26 | 85,901,040 | ---- | C] (Avery Dennison ) -- C:\Documents and Settings\Gritch\Desktop\DesignPro5_4_Limited.exe
[2009/05/05 23:04:24 | 00,935,203 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\mill.jpg
[2009/05/05 00:37:57 | 61,591,015 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\S_A_Demo.avi
[2009/05/04 23:36:57 | 64,809,1128 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\new_moonsong.avi
[2009/05/04 22:51:09 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/05/04 18:49:42 | 19,489,55708 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\postcards_BTS.avi
[2009/05/04 16:52:27 | 53,075,114 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\Postcards_BTS_final.mov
[2009/05/04 14:09:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Desktop\menu
[2009/05/04 09:13:40 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Gritch\Desktop\OTListIt2.exe
[2009/05/04 09:11:53 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/04 09:11:50 | 00,267,612 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\Rooter.exe
[2009/05/02 15:10:31 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/05/02 15:09:12 | 07,526,856 | ---- | C] (Mozilla) -- C:\Documents and Settings\Gritch\Desktop\Firefox Setup 3.0.10.exe
[2009/05/02 11:44:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Application Data\Malwarebytes
[2009/05/02 11:44:23 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/05/02 11:44:23 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/02 11:44:21 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/05/02 11:44:20 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/05/02 11:44:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/05/02 11:43:44 | 02,967,800 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Gritch\Desktop\mbam-setup.exe
[2009/05/02 11:42:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/05/02 11:42:26 | 00,000,767 | ---- | C] () -- C:\Documents and Settings\Gritch\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/05/02 11:42:13 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\NTREGOPT.lnk
[2009/05/02 11:42:13 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\ERUNT.lnk
[2009/05/02 11:42:12 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/05/02 11:41:54 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Gritch\Desktop\erunt_setup.exe
[2009/05/02 11:41:25 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Documents and Settings\Gritch\Desktop\SysRestorePoint.exe
[2009/05/02 11:30:59 | 01,678,112 | ---- | C] (Uniblue Systems ) -- C:\Documents and Settings\Gritch\Desktop\cbbleepingregistrybooster.exe
[2009/05/02 11:16:06 | 00,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srusd.dll
[2009/05/02 11:16:06 | 00,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2009/05/02 11:16:06 | 00,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\serscan.sys
[2009/05/02 11:16:06 | 00,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2009/05/02 11:16:05 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fnfilter.dll
[2009/05/02 11:16:05 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2009/05/02 09:52:13 | 43,896,751 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\columbia_crash.wmv
[2009/05/01 19:51:22 | 29,081,93083 | ---- | C] () -- C:\ADBEPPROCS4_Cont_LS7.7z
[2009/05/01 17:08:01 | 12,990,33847 | ---- | C] () -- C:\ADBEPPROCS4_LS7.7z
[2009/05/01 17:08:00 | 00,001,983 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\Start Download Manager.lnk
[2009/05/01 12:25:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Desktop\warning
[2009/04/30 08:44:21 | 00,019,456 | ---- | C] () -- C:\Documents and Settings\Gritch\My Documents\Confirmatio1.doc
[2009/04/29 18:41:26 | 01,089,593 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat
[2009/04/29 18:27:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Application Data\Uniblue
[2009/04/29 18:27:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2009/04/29 14:18:29 | 02,702,884 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\cz27v51.pdf
[2009/04/29 13:31:46 | 04,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2009/04/29 13:31:46 | 01,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2009/04/29 13:31:46 | 00,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2009/04/29 13:31:45 | 02,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2009/04/29 13:31:45 | 00,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2009/04/29 13:31:45 | 00,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2009/04/29 13:31:45 | 00,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2009/04/29 13:31:45 | 00,069,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2009/04/29 13:31:45 | 00,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2009/04/29 13:31:44 | 04,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2009/04/29 13:31:44 | 00,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2009/04/29 13:31:44 | 00,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2009/04/29 13:31:44 | 00,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2009/04/29 13:31:44 | 00,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2009/04/29 13:31:43 | 01,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2009/04/29 13:31:43 | 00,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2009/04/29 13:31:43 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2009/04/29 13:31:43 | 00,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2009/04/29 13:31:42 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2009/04/29 13:31:42 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2009/04/29 13:31:41 | 01,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2009/04/29 13:31:41 | 00,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2009/04/29 13:31:41 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2009/04/29 13:31:41 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2009/04/29 13:31:41 | 00,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2009/04/29 13:31:41 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2009/04/29 13:31:40 | 03,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2009/04/29 13:31:40 | 00,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2009/04/29 13:31:40 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2009/04/29 13:31:40 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2009/04/29 13:31:39 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2009/04/29 13:31:39 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2009/04/29 13:31:39 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2009/04/29 13:31:39 | 00,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2009/04/29 13:31:38 | 03,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2009/04/29 13:31:38 | 01,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2009/04/29 13:31:38 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2009/04/29 13:31:38 | 00,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2009/04/29 13:31:37 | 03,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2009/04/29 13:31:37 | 01,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2009/04/29 13:31:37 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2009/04/29 13:31:36 | 03,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2009/04/29 13:31:36 | 01,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2009/04/29 13:31:36 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2009/04/29 13:31:36 | 00,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2009/04/29 13:31:36 | 00,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2009/04/29 13:31:35 | 00,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2009/04/29 13:31:35 | 00,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2009/04/29 13:31:34 | 03,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2009/04/29 13:31:34 | 01,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2009/04/29 13:31:34 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2009/04/29 13:31:34 | 00,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2009/04/29 13:31:33 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2009/04/29 13:31:33 | 00,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2009/04/29 13:31:32 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2009/04/29 13:31:32 | 00,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2009/04/29 13:31:32 | 00,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2009/04/29 13:31:32 | 00,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2009/04/29 13:31:32 | 00,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2009/04/29 13:31:31 | 00,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2009/04/29 13:31:31 | 00,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2009/04/29 13:31:31 | 00,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2009/04/29 13:31:28 | 02,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2009/04/29 13:31:28 | 00,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2009/04/29 13:31:28 | 00,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2009/04/29 13:31:27 | 02,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2009/04/29 13:31:27 | 02,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2009/04/29 13:31:27 | 02,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2009/04/29 13:31:27 | 00,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2009/04/29 13:31:26 | 02,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2009/04/29 13:31:26 | 02,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2009/04/29 13:31:25 | 02,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2009/04/29 13:27:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2009/04/29 13:27:26 | 00,301,384 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Gritch\Desktop\dxwebsetup.exe
[2009/04/29 13:06:22 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/04/29 10:13:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\My Documents\CONSOLE
[2009/04/29 09:49:50 | 00,018,203 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\Canon_Progressive-Scan_HDV.zip
[2009/04/27 19:27:14 | 00,020,480 | ---- | C] () -- C:\Documents and Settings\Gritch\My Documents\Laskarina Bouboulina.doc
[2009/04/25 18:58:44 | 00,092,160 | ---- | C] () -- C:\Documents and Settings\Gritch\My Documents\cyprus.doc
[2009/04/22 00:16:18 | 00,044,032 | ---- | C] () -- C:\Documents and Settings\Gritch\My Documents\A preface.doc
[2009/04/21 14:30:08 | 28,559,7828 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\mill_editor.mov
[2009/04/21 14:06:15 | 64,900,876 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\AME_All_4.0.1_mul_AdobeUpdate.zip
[2009/04/21 13:35:27 | 00,034,304 | ---- | C] () -- C:\Documents and Settings\Gritch\My Documents\D_Dennis005.doc
[2009/04/21 13:32:08 | 00,034,304 | ---- | C] () -- C:\Documents and Settings\Gritch\My Documents\D_Dennis004.doc
[2009/04/20 11:23:19 | 00,000,021 | ---- | C] () -- C:\WINDOWS\SurCode.INI
[2009/04/19 16:01:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Desktop\ART
[2009/04/18 18:43:12 | 00,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/04/18 18:42:49 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/04/18 18:42:45 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/04/18 18:42:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/04/18 00:30:47 | 03,567,616 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\Tori Amos - Bliss.mp3
[2009/04/17 22:56:57 | 08,067,660 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\tori amos - datura.mp3
[2009/04/17 15:59:51 | 00,133,378 | ---- | C] () -- C:\Documents and Settings\Gritch\My Documents\test.pdf
[2009/04/17 15:56:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\My Documents\Adobe Scripts
[2009/04/17 15:54:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Application Data\com.adobe.ExMan
[2009/04/16 14:31:58 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/16 14:31:58 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/16 14:31:58 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/16 14:31:58 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/16 14:31:58 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/16 14:31:58 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/16 14:31:58 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/16 14:31:58 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/16 14:31:57 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/16 14:31:26 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/04/16 14:31:26 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/04/16 14:31:26 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/15 09:10:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2009/04/14 17:01:41 | 00,028,672 | ---- | C] () -- C:\Documents and Settings\Gritch\My Documents\local_webshow.doc
[2009/04/14 16:15:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Application Data\Download Manager
[2009/04/14 11:05:22 | 07,906,653 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\cardtrans.pspimage
[2009/04/13 23:49:10 | 11,702,5267 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\Mill_Ave_Premiere.wmv
[2009/04/13 02:30:17 | 47,973,343 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\robin_wilson.wmv
[2009/04/12 21:08:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Application Data\DriverCure
[2009/04/12 21:08:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2009/04/12 21:08:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2009/04/12 19:40:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gritch\Desktop\aifss
[2009/04/12 01:57:39 | 11,593,1769 | ---- | C] () -- C:\Documents and Settings\Gritch\Desktop\nelson.mov
[2009/04/11 23:35:08 | 00,023,040 | ---- | C] () -- C:\Documents and Settings\Gritch\My Documents\Hi Art.doc
[2009/03/28 17:53:47 | 00,000,025 | ---- | C] () -- C:\WINDOWS\EPR220.ini
[2009/03/28 17:32:16 | 00,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009/03/08 12:09:41 | 00,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/02/25 12:35:27 | 00,000,264 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2009/02/12 03:02:19 | 00,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/10/06 15:03:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2008/01/08 13:59:10 | 00,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/01/08 13:59:10 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/12/16 16:26:38 | 00,059,392 | R--- | C] () -- C:\WINDOWS\System32\streamhlp.dll
[2007/12/12 16:07:58 | 00,000,645 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/09/28 09:07:52 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/09/28 09:05:50 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2007/09/28 09:05:50 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2007/09/28 09:05:08 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/08/29 18:09:48 | 00,000,054 | ---- | C] () -- C:\WINDOWS\JascCmdFile.INI
[2007/07/19 16:37:36 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2007/07/19 16:37:36 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2007/07/19 16:37:36 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2007/07/19 16:37:36 | 00,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2007/07/19 16:37:36 | 00,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2007/07/14 16:04:34 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/07/11 10:46:26 | 00,029,057 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2007/07/11 10:46:03 | 00,028,735 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2007/07/11 10:46:02 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2007/07/11 10:45:56 | 00,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2004/03/23 18:45:35 | 00,299,008 | ---- | C] () -- C:\WINDOWS\System32\Look Suite.win.dll
[2004/03/23 18:45:34 | 00,131,072 | ---- | C] () -- C:\WINDOWS\System32\libguide40.dll
[2001/08/23 05:00:00 | 00,000,794 | ---- | C] () -- C:\WINDOWS\win.ini
[2001/08/23 05:00:00 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[1999/01/27 13:39:06 | 00,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1999/01/22 16:46:58 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1997/06/13 07:56:08 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[1763/08/02 04:54:33 | 00,004,263 | -HS- | C] () -- C:\WINDOWS\windllreg1c.sys

========== Files - Modified Within 30 Days ==========

[1 C:\*.tmp files]
[1 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/05/10 14:27:08 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/05/10 14:27:03 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/10 14:26:54 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Gritch\Local Settings\desktop.ini
[2009/05/10 14:26:51 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/10 14:26:47 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/09 17:59:01 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/05/08 23:24:16 | 10,498,8993 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\tv_networks.wmv
[2009/05/08 17:29:44 | 00,088,661 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\spybot.jpg
[2009/05/08 16:04:02 | 00,014,848 | -HS- | M] () -- C:\WINDOWS\Thumbs.db
[2009/05/08 16:04:01 | 00,005,120 | -HS- | M] () -- C:\WINDOWS\System32\Thumbs.db
[2009/05/08 16:04:01 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/05/08 11:34:13 | 00,365,056 | -HS- | M] () -- C:\Documents and Settings\Gritch\Desktop\Thumbs.db
[2009/05/08 11:00:32 | 00,059,804 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\Inno.jpg
[2009/05/07 22:28:23 | 00,353,672 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\whats_this.jpg
[2009/05/07 16:46:16 | 00,530,106 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\LopSD.exe
[2009/05/06 11:36:17 | 00,000,164 | ---- | M] () -- C:\WINDOWS\VUI.pref
[2009/05/05 23:48:30 | 85,901,040 | ---- | M] (Avery Dennison ) -- C:\Documents and Settings\Gritch\Desktop\DesignPro5_4_Limited.exe
[2009/05/05 23:19:48 | 00,935,203 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\mill.jpg
[2009/05/05 02:37:28 | 61,591,015 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\S_A_Demo.avi
[2009/05/04 19:41:48 | 19,489,55708 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\postcards_BTS.avi
[2009/05/04 09:13:44 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gritch\Desktop\OTListIt2.exe
[2009/05/04 09:11:53 | 00,267,612 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\Rooter.exe
[2009/05/02 15:10:31 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/05/02 15:09:47 | 07,526,856 | ---- | M] (Mozilla) -- C:\Documents and Settings\Gritch\Desktop\Firefox Setup 3.0.10.exe
[2009/05/02 12:00:27 | 02,068,624 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/02 11:44:23 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/02 11:44:01 | 02,967,800 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Gritch\Desktop\mbam-setup.exe
[2009/05/02 11:42:26 | 00,000,767 | ---- | M] () -- C:\Documents and Settings\Gritch\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/05/02 11:42:13 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\NTREGOPT.lnk
[2009/05/02 11:42:13 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\ERUNT.lnk
[2009/05/02 11:41:59 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Gritch\Desktop\erunt_setup.exe
[2009/05/02 11:41:27 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Documents and Settings\Gritch\Desktop\SysRestorePoint.exe
[2009/05/02 11:31:10 | 01,678,112 | ---- | M] (Uniblue Systems ) -- C:\Documents and Settings\Gritch\Desktop\cbbleepingregistrybooster.exe
[2009/05/02 10:05:14 | 43,896,751 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\columbia_crash.wmv
[2009/05/02 09:23:06 | 47,973,343 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\robin_wilson.wmv
[2009/05/01 23:53:30 | 29,081,93083 | ---- | M] () -- C:\ADBEPPROCS4_Cont_LS7.7z
[2009/05/01 19:51:21 | 00,001,983 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\Start Download Manager.lnk
[2009/05/01 18:54:12 | 12,990,33847 | ---- | M] () -- C:\ADBEPPROCS4_LS7.7z
[2009/05/01 13:49:13 | 00,000,219 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.tgz
[2009/05/01 13:49:13 | 00,000,205 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.dll
[2009/05/01 13:49:13 | 00,000,087 | ---- | M] () -- C:\WINDOWS\System32\ssprs.tgz
[2009/05/01 13:49:13 | 00,000,073 | ---- | M] () -- C:\WINDOWS\System32\ssprs.dll
[2009/05/01 13:49:13 | 00,000,021 | ---- | M] () -- C:\WINDOWS\SurCode.INI
[2009/04/30 08:44:21 | 00,019,456 | ---- | M] () -- C:\Documents and Settings\Gritch\My Documents\Confirmatio1.doc
[2009/04/29 21:10:31 | 00,034,304 | ---- | M] () -- C:\Documents and Settings\Gritch\My Documents\D_Dennis005.doc
[2009/04/29 21:05:31 | 00,034,304 | ---- | M] () -- C:\Documents and Settings\Gritch\My Documents\D_Dennis004.doc
[2009/04/29 14:18:31 | 02,702,884 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\cz27v51.pdf
[2009/04/29 13:27:28 | 00,301,384 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Gritch\Desktop\dxwebsetup.exe
[2009/04/29 13:10:54 | 00,000,077 | -HS- | M] () -- C:\Documents and Settings\Gritch\My Documents\desktop.ini
[2009/04/29 13:07:23 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/04/29 12:39:00 | 00,501,230 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/29 12:39:00 | 00,441,124 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/29 12:39:00 | 00,071,060 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/29 09:49:54 | 00,018,203 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\Canon_Progressive-Scan_HDV.zip
[2009/04/27 22:48:28 | 00,020,480 | ---- | M] () -- C:\Documents and Settings\Gritch\My Documents\Laskarina Bouboulina.doc
[2009/04/26 12:59:21 | 00,092,160 | ---- | M] () -- C:\Documents and Settings\Gritch\My Documents\cyprus.doc
[2009/04/22 03:55:07 | 00,044,032 | ---- | M] () -- C:\Documents and Settings\Gritch\My Documents\A preface.doc
[2009/04/22 03:07:24 | 28,559,7828 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\mill_editor.mov
[2009/04/21 14:06:19 | 64,900,876 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\AME_All_4.0.1_mul_AdobeUpdate.zip
[2009/04/18 18:43:12 | 00,001,804 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/04/17 15:59:54 | 00,133,378 | ---- | M] () -- C:\Documents and Settings\Gritch\My Documents\test.pdf
[2009/04/15 09:43:51 | 28,925,56032 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\12.mov
[2009/04/14 17:53:09 | 00,028,672 | ---- | M] () -- C:\Documents and Settings\Gritch\My Documents\local_webshow.doc
[2009/04/14 11:05:22 | 07,906,653 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\cardtrans.pspimage
[2009/04/14 00:16:34 | 11,702,5267 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\Mill_Ave_Premiere.wmv
[2009/04/12 02:32:42 | 11,593,1769 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\nelson.mov
[2009/04/11 23:35:08 | 00,023,040 | ---- | M] () -- C:\Documents and Settings\Gritch\My Documents\Hi Art.doc
[2009/04/10 22:52:24 | 00,134,968 | ---- | M] () -- C:\Documents and Settings\Gritch\Desktop\pspbrwse.jbf

========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AC6124CA
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05D195EC
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2615E8F1
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
  • 0

#29
heir
Posted 10 May 2009 - 03:37 PM

heir

    Trusted Helper

  • Malware Removal
  • 5,427 posts
Looks as that took care of that entry.

Let's run an other couple of scans.


Step 1.
Clean temp locations:

Please download ATF Cleaner by Atribune.
Caution: This program is for Windows 2000, XP and Vista onlyDouble-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

Step 2.
Scan with MBAM:

Please download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.


Step 3.
Scan with Kaspersky Online Scanner:

Please do an online scan with Kaspersky Online Scanner

Kaspersky online scanner uses JAVA tecnology to perform the scan. If you do not have the latest JAVA version, follow the instrutions below under Upgrading Java, to download and install the latest vesion.

  • Read through the requirements and privacy statement and click on Accept button.
  • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  • When the downloads have finished, click on Settings.
  • Make sure the following is checked.
    • Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
      Mail databases
  • Click on My Computer under Scan.
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  • Please post this log in your next reply.

Upgrading Java:

Posted Image Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application. Beware it is NOT supported for use in 9x or ME and probably will not install in those systems

Upgrading Java:
  • Download the latest version of Java SE Runtime Environment (JRE)JRE 6 Update 13.
  • Click the "Download" button to the right.
  • Select your Platform and check the box that says: "I agree to the Java SE Runtime Environment 6 License Agreement.".
  • Click on Continue.
  • Click on the link to download Windows Offline Installation (jre-6u13-windows-i586-p.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on the download to install the newest version.(Vista users, right click on the jre-6u13-windows-i586-p.exe and select "Run as an Administrator.")

Step 4.
Things I would like to see in your reply:

  • The content of the report from MBAM from Step 2.
  • The content of the report from Kaspersky Online Scanner from Step 3.

  • 0

#30
x24val
Posted 10 May 2009 - 06:14 PM

x24val

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
did all steps asked for...


Malwarebytes' Anti-Malware 1.36
Database version: 2105
Windows 5.1.2600 Service Pack 3

5/10/2009 2:46:05 PM
mbam-log-2009-05-10 (14-46-05).txt

Scan type: Quick Scan
Objects scanned: 82421
Time elapsed: 1 minute(s), 19 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0 REPORT
Sunday, May 10, 2009
Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Program database last update: Sunday, May 10, 2009 22:57:18
Records in database: 2156690
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\

Scan statistics:
Files scanned: 159818
Threat name: 1
Infected objects: 1
Suspicious objects: 0
Duration of the scan: 01:31:37


File name / Threat name / Threats count
C:\WINDOWS\system32\daSgo05\daSgo051080.exe Infected: Trojan-Downloader.Win32.VB.cho 1

The selected area was scanned.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP