Smart Engine Virus

I was hit with this gnarly virus named SMART ENGINE VIRUS it will quickly insert its corrupt files and change system registry so as to make your computer impossible to use. It will run its fake scanner and display a list of fabricated scan results. It not only slows down your computer performance, but also paralyzes your browsers and directs you to its affiliated websites. I copied this info, i am not a computer whiz, but I am learning, PLEASE HELP. I tried Mal-ware before this posting and it had 800 infected files. I downloaded smart engine remover, the Malware had already done the work and it found nothing, but it is still not working right. I am sure that it wreaked some havoc................frustrated that i cannot get to internet.

OTL logfile created on: 10/17/2010 05:50:44 PM - Run 2
OTL by OldTimer - Version 3.2.15.2 Folder = C:\Documents and Settings\Maria\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 238.00 Mb Available Physical Memory | 46.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76.33 Gb Total Space | 57.02 Gb Free Space | 74.70% Space Free | Partition Type: NTFS
Drive G: | 1.88 Gb Total Space | 1.74 Gb Free Space | 92.69% Space Free | Partition Type: FAT

Computer Name: MARIA-DE6AB9E2D | User Name: Maria | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days

========== Processes (SafeList) ==========

PRC - [2010/10/17 16:45:59 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Maria\My Documents\Downloads\OTL.exe
PRC - [2010/09/15 04:34:02 | 001,094,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/06/11 18:53:33 | 000,455,600 | ---- | M] () -- C:\Program Files\Lexmark 7500 Series\lxdlmon.exe
PRC - [2007/06/01 13:06:09 | 000,020,480 | ---- | M] () -- C:\Program Files\Lexmark 7500 Series\lxdlamon.exe
PRC - [2007/05/29 09:19:56 | 000,598,960 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdlcoms.exe
PRC - [2007/05/29 09:19:38 | 000,099,248 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdlserv.exe

========== Modules (SafeList) ==========

MOD - [2010/10/17 16:45:59 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Maria\My Documents\Downloads\OTL.exe
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/07/12 01:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009/07/11 19:41:02 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
MOD - [2008/04/13 17:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008/04/13 10:37:57 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll

========== Win32 Services (SafeList) ==========

SRV - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2007/05/29 09:19:56 | 000,598,960 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxdlcoms.exe -- (lxdl_device)
SRV - [2007/05/29 09:19:38 | 000,099,248 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdlserv.exe -- (lxdlCATSCustConnectService)

========== Driver Services (SafeList) ==========

DRV - [2008/04/13 11:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2006/02/14 17:02:58 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnicxp.sys -- (SISNICXP)
DRV - [2004/08/03 15:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2004/08/03 15:31:20 | 000,036,224 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\an983.sys -- (AN983)
DRV - [2004/08/03 15:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:25527

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.selectedEngine: "search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.1
FF - prefs.js..extensions.enabledItems: [email protected]:2.4
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.5.4.20081105
FF - prefs.js..keyword.URL: "http://search.mywebs...934&searchfor="
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/16 12:08:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/16 11:47:18 | 000,000,000 | ---D | M]

[2010/04/30 22:29:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\Mozilla\Extensions
[2010/10/17 12:13:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\Mozilla\Firefox\Profiles\r1kpnnn7.default\extensions
[2010/05/03 17:46:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Maria\Application Data\Mozilla\Firefox\Profiles\r1kpnnn7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/10/16 15:14:43 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Maria\Application Data\Mozilla\Firefox\Profiles\r1kpnnn7.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/07/24 09:46:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\Mozilla\Firefox\Profiles\r1kpnnn7.default\extensions\[email protected]
[2010/09/18 00:15:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\Mozilla\Firefox\Profiles\r1kpnnn7.default\extensions\[email protected]
[2010/05/09 11:31:30 | 000,001,944 | ---- | M] () -- C:\Documents and Settings\Maria\Application Data\Mozilla\Firefox\Profiles\r1kpnnn7.default\searchplugins\bing-zugo.xml
[2010/05/29 18:52:14 | 000,010,017 | ---- | M] () -- C:\Documents and Settings\Maria\Application Data\Mozilla\Firefox\Profiles\r1kpnnn7.default\searchplugins\mywebsearch.xml
[2010/05/15 16:18:42 | 000,002,183 | ---- | M] () -- C:\Documents and Settings\Maria\Application Data\Mozilla\Firefox\Profiles\r1kpnnn7.default\searchplugins\oneriot.xml
[2010/10/16 11:47:18 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/08/03 15:07:42 | 000,373,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll

O1 HOSTS File: ([2010/10/15 19:08:45 | 000,002,967 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 74.125.45.100 4-open-davinci.com
O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getavplusnow.com
O1 - Hosts: 74.125.45.100 safebrowsing-cache.google.com
O1 - Hosts: 74.125.45.100 urs.microsoft.com
O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com
O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com
O1 - Hosts: 74.125.45.100 paysoftbillsolution.com
O1 - Hosts: 74.125.45.100 protected.maxisoftwaremart.com
O1 - Hosts: 173.236.107.251 www.google.com
O1 - Hosts: 173.236.107.251 google.com
O1 - Hosts: 173.236.107.251 google.com.au
O1 - Hosts: 173.236.107.251 www.google.com.au
O1 - Hosts: 173.236.107.251 google.be
O1 - Hosts: 173.236.107.251 www.google.be
O1 - Hosts: 173.236.107.251 google.com.br
O1 - Hosts: 173.236.107.251 www.google.com.br
O1 - Hosts: 40 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {627af46b-2076-42ae-a2fd-8428734d3e74} - No CLSID value found.
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O2 - BHO: (no name) - {C4B8BAB4-1667-11DF-A242-BA9455D89593} - No CLSID value found.
O2 - BHO: (no name) - {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {627af46b-2076-42ae-a2fd-8428734d3e74} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Lexmark 7500 Series Fax Server] C:\Program Files\Lexmark 7500 Series\fm3032.exe ()
O4 - HKLM..\Run: [lxdlamon] C:\Program Files\Lexmark 7500 Series\lxdlamon.exe ()
O4 - HKLM..\Run: [lxdlmon.exe] C:\Program Files\Lexmark 7500 Series\lxdlmon.exe ()
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RegistryQuick.exe] C:\Program Files\RegQuick\RegistryQuick.exe File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\Maria\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1258234931769 (WUWebControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 205.171.2.65 205.171.3.65
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/11/14 14:25:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{6fe9ce80-ec6f-11de-af1a-000ae6967395}\Shell\AutoRun\command - "" = G:\setupSNK.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/10/17 15:04:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/10/17 15:03:50 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/10/17 12:18:09 | 000,000,000 | ---D | C] -- C:\Program Files\GooReader
[2010/10/17 00:33:10 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Maria\Recent
[2010/10/16 22:05:03 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/10/16 15:39:26 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2010/10/16 15:25:24 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2010/10/16 15:23:10 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2010/10/16 14:16:53 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Clean Expert
[2010/10/16 14:11:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RegInOut
[2010/10/16 14:11:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegInOut
[2010/10/16 14:04:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maria\Application Data\PCFix
[2010/10/16 13:57:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maria\Application Data\ConsumerSoft
[2010/10/16 13:57:50 | 000,000,000 | ---D | C] -- C:\Program Files\ConsumerSoft
[2010/10/16 12:36:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RegiCleanse
[2010/10/16 12:13:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maria\Application Data\ParetoLogic
[2010/10/15 22:56:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\sc_startup_backup
[2010/10/15 21:12:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010/10/15 18:54:15 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2010/10/15 17:24:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maria\My Documents\Chicano Studies
[2010/10/15 14:16:30 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Maria\Application Data\Smart Engine
[2010/10/15 14:16:26 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\SMYJAQMFTE
[2010/10/15 14:15:44 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\47389e
[2010/10/14 10:47:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maria\Local Settings\Application Data\GooReader
[2010/10/02 15:00:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maria\My Documents\OneNote Notebooks
[2010/09/30 12:03:25 | 000,028,672 | ---- | C] (Auralis, Inc.) -- C:\WINDOWS\System32\ssconfig.exe
[2010/09/04 03:29:29 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Maria\My Documents\My Shapes
[2010/09/03 21:33:33 | 000,000,000 | ---D | C] -- C:\Program Files\Amazon
[2010/09/03 21:17:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Expression
[2010/09/03 20:53:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/09/03 19:46:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/09/03 19:44:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010/09/03 19:41:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/09/03 19:26:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010/09/03 19:20:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maria\Local Settings\Application Data\Microsoft Help
[2010/09/03 19:20:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2010/09/03 19:17:09 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/08/05 19:05:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maria\Application Data\KodakCredentialStore
[2010/07/31 11:08:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/07/31 11:08:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/07/31 11:07:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2010/07/31 11:07:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/07/31 00:14:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maria\My Documents\SCHOLARSHIPS
[2010/07/31 00:13:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maria\My Documents\business documents
[2010/07/24 12:55:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maria\Application Data\PriceGong
[2010/07/19 19:16:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Lexmark Productivity Studio
[2010/06/04 20:54:47 | 000,434,176 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdlhcp.dll
[2010/06/04 20:54:47 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdlinpa.dll
[2010/06/04 20:54:46 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdliesc.dll
[2010/06/04 20:54:45 | 001,200,128 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdlserv.dll
[2010/06/04 20:54:45 | 000,950,272 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdlusb1.dll
[2010/06/04 20:54:44 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdlpmui.dll
[2010/06/04 20:54:44 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdlprox.dll
[2010/06/04 20:54:43 | 000,565,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdllmpm.dll
[2010/06/04 20:54:41 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdlhbn3.dll
[2010/06/04 20:54:36 | 000,860,160 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdlcomc.dll
[2010/06/04 20:54:36 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdlcomm.dll
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/10/17 17:17:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-329068152-1343024091-1060284298-1003UA.job
[2010/10/17 16:43:48 | 000,015,492 | ---- | M] () -- C:\Documents and Settings\Maria\Desktop\Joaquin Murieta.docx
[2010/10/17 16:43:12 | 000,000,597 | ---- | M] () -- C:\WINDOWS\WSST_Screen_Saver.ini
[2010/10/17 15:22:35 | 000,000,957 | ---- | M] () -- C:\Documents and Settings\Maria\Desktop\ark.test
[2010/10/17 15:21:43 | 000,000,957 | ---- | M] () -- C:\Documents and Settings\Maria\My Documents\ark.text
[2010/10/17 15:07:36 | 000,000,714 | ---- | M] () -- C:\Documents and Settings\Maria\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/10/17 15:07:36 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/17 15:04:07 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Maria\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/10/17 15:03:54 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Maria\Desktop\NTREGOPT.lnk
[2010/10/17 15:03:54 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Maria\Desktop\ERUNT.lnk
[2010/10/17 14:37:56 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/10/17 14:32:23 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/17 14:32:19 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2010/10/17 14:32:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/17 14:32:06 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/17 12:19:43 | 000,002,365 | ---- | M] () -- C:\Documents and Settings\Maria\Desktop\GooReader.lnk
[2010/10/16 15:49:10 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\Maria\Desktop\Defraggler.lnk
[2010/10/16 15:33:02 | 000,003,734 | ---- | M] () -- C:\Documents and Settings\Maria\My Documents\cc_20101016_153255.reg
[2010/10/16 15:19:05 | 000,140,800 | ---- | M] () -- C:\Documents and Settings\Maria\My Documents\cc_20101016_151858.reg
[2010/10/16 14:43:44 | 000,000,332 | ---- | M] () -- C:\WINDOWS\tasks\RegInOut Scheduled Scan - Maria.job
[2010/10/16 14:06:26 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/10/16 12:12:34 | 000,000,376 | ---- | M] () -- C:\WINDOWS\tasks\PC Health Advisor Defrag.job
[2010/10/16 11:47:22 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Maria\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/10/16 11:47:22 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/10/15 22:03:08 | 000,000,042 | ---- | M] () -- C:\WINDOWS\System32\scud.udf
[2010/10/15 19:08:45 | 000,002,967 | RHS- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/10/14 18:17:12 | 000,267,800 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/14 11:01:42 | 000,012,275 | ---- | M] () -- C:\Documents and Settings\Maria\Desktop\Young guns.docx
[2010/10/08 14:57:00 | 000,000,436 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration Task.job
[2010/10/05 21:38:45 | 000,435,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/10/05 21:38:45 | 000,068,156 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/10/03 22:06:42 | 000,014,970 | ---- | M] () -- C:\Documents and Settings\Maria\Desktop\Geronimo.docx
[2010/10/03 00:30:16 | 000,012,962 | ---- | M] () -- C:\Documents and Settings\Maria\Desktop\Buffalo Soldiers.docx
[2010/09/30 20:09:15 | 002,359,350 | ---- | M] () -- C:\WINDOWS\webshots.bmp
[2010/09/30 12:03:25 | 000,028,672 | ---- | M] (Auralis, Inc.) -- C:\WINDOWS\System32\ssconfig.exe
[2010/09/30 12:03:24 | 006,913,698 | ---- | M] () -- C:\WINDOWS\Lizard King Arts Inc Tahoe Scenic Screensaver.dat
[2010/09/30 12:03:23 | 000,466,944 | ---- | M] () -- C:\WINDOWS\Lizard King Arts Inc Tahoe Scenic Screensaver.scr
[2010/09/30 12:03:17 | 000,180,224 | ---- | M] () -- C:\WINDOWS\UninstallWSST.exe
[2010/09/24 16:10:11 | 000,015,413 | ---- | M] () -- C:\Documents and Settings\Maria\Desktop\Juan Seguin.docx
[2010/09/18 12:32:56 | 000,001,682 | ---- | M] () -- C:\Documents and Settings\All Users\lxdl
[2010/09/03 21:33:37 | 000,001,721 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Kindle For PC.lnk
[2010/09/03 21:02:26 | 000,000,510 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010/08/07 21:50:31 | 000,574,464 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
[2010/08/07 21:50:31 | 000,257,024 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/10/17 15:22:35 | 000,000,957 | ---- | C] () -- C:\Documents and Settings\Maria\Desktop\ark.test
[2010/10/17 15:21:43 | 000,000,957 | ---- | C] () -- C:\Documents and Settings\Maria\My Documents\ark.text
[2010/10/17 15:07:36 | 000,000,714 | ---- | C] () -- C:\Documents and Settings\Maria\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/10/17 15:07:36 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/17 15:04:07 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Maria\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/10/17 15:03:54 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Maria\Desktop\NTREGOPT.lnk
[2010/10/17 15:03:54 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Maria\Desktop\ERUNT.lnk
[2010/10/17 13:01:52 | 536,399,872 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/17 12:18:11 | 000,002,365 | ---- | C] () -- C:\Documents and Settings\Maria\Desktop\GooReader.lnk
[2010/10/16 15:39:32 | 000,001,580 | ---- | C] () -- C:\Documents and Settings\Maria\Desktop\Defraggler.lnk
[2010/10/16 15:32:58 | 000,003,734 | ---- | C] () -- C:\Documents and Settings\Maria\My Documents\cc_20101016_153255.reg
[2010/10/16 15:19:02 | 000,140,800 | ---- | C] () -- C:\Documents and Settings\Maria\My Documents\cc_20101016_151858.reg
[2010/10/16 14:11:13 | 000,000,332 | ---- | C] () -- C:\WINDOWS\tasks\RegInOut Scheduled Scan - Maria.job
[2010/10/16 12:12:33 | 000,000,376 | ---- | C] () -- C:\WINDOWS\tasks\PC Health Advisor Defrag.job
[2010/10/16 11:47:22 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/10/15 22:03:08 | 000,000,042 | ---- | C] () -- C:\WINDOWS\System32\scud.udf
[2010/10/15 21:17:18 | 000,000,408 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/10/15 19:46:42 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/10/14 14:47:26 | 000,357,096 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/10/14 10:57:52 | 000,015,492 | ---- | C] () -- C:\Documents and Settings\Maria\Desktop\Joaquin Murieta.docx
[2010/10/06 22:30:56 | 000,012,275 | ---- | C] () -- C:\Documents and Settings\Maria\Desktop\Young guns.docx
[2010/10/03 00:07:32 | 000,012,962 | ---- | C] () -- C:\Documents and Settings\Maria\Desktop\Buffalo Soldiers.docx
[2010/10/02 22:26:32 | 000,014,970 | ---- | C] () -- C:\Documents and Settings\Maria\Desktop\Geronimo.docx
[2010/09/30 12:03:48 | 002,359,350 | ---- | C] () -- C:\WINDOWS\webshots.bmp
[2010/09/30 12:03:31 | 000,000,597 | ---- | C] () -- C:\WINDOWS\WSST_Screen_Saver.ini
[2010/09/30 12:03:24 | 006,913,698 | ---- | C] () -- C:\WINDOWS\Lizard King Arts Inc Tahoe Scenic Screensaver.dat
[2010/09/30 12:03:20 | 000,466,944 | ---- | C] () -- C:\WINDOWS\Lizard King Arts Inc Tahoe Scenic Screensaver.scr
[2010/09/30 12:03:16 | 000,180,224 | ---- | C] () -- C:\WINDOWS\UninstallWSST.exe
[2010/09/16 11:18:00 | 000,015,413 | ---- | C] () -- C:\Documents and Settings\Maria\Desktop\Juan Seguin.docx
[2010/09/03 21:33:37 | 000,001,721 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Kindle For PC.lnk
[2010/09/03 17:19:07 | 000,001,682 | ---- | C] () -- C:\Documents and Settings\All Users\lxdl
[2010/08/26 23:12:50 | 000,000,978 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-329068152-1343024091-1060284298-1003UA.job
[2010/06/04 21:01:19 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdlvs.dll
[2010/06/04 21:01:09 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\lxdlcoin.dll
[2010/06/04 20:59:57 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxdldrs.dll
[2010/06/04 20:59:57 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxdlcaps.dll
[2010/06/04 20:59:56 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdlcnv4.dll
[2010/06/04 20:59:11 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\LXDLPMON.DLL
[2010/06/04 20:59:11 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXDLFXPU.DLL
[2010/06/04 20:58:51 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdloem.dll
[2010/06/04 20:55:05 | 000,000,060 | ---- | C] () -- C:\WINDOWS\System32\lxdlrwrd.ini
[2010/06/04 20:54:48 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\lxdlinst.dll
[2010/06/04 20:54:40 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdlgrd.dll
[2010/05/15 12:00:47 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Maria\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/14 17:23:27 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/11/14 16:44:44 | 000,000,510 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/11/14 05:43:33 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/09/01 09:46:09 | 000,185,344 | ---- | C] () -- C:\WINDOWS\System32\MemWarp.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2003/02/19 02:26:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll

========== LOP Check ==========

[2010/10/15 14:17:46 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\47389e
[2010/06/04 20:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\7500 Series
[2010/04/30 19:48:06 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\771ac43
[2010/05/15 20:33:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2010/07/03 10:46:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2010/05/15 21:22:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FileCure
[2010/04/30 17:21:42 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\MSVXE
[2010/10/16 14:26:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2010/10/16 14:11:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegInOut
[2010/10/16 11:16:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\sc_startup_backup
[2010/10/15 14:16:26 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\SMYJAQMFTE
[2010/10/15 17:34:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/07/31 00:12:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ThumbnailCache4R
[2010/04/21 19:13:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/14 17:21:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/06/05 14:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\7500 Series
[2010/05/15 08:13:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\Amazon
[2010/07/03 10:53:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\Clip Art Collection
[2010/04/28 21:26:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/10/16 13:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\ConsumerSoft
[2010/05/15 20:28:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\DriverCure
[2010/05/15 20:18:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\ElevatedDiagnostics
[2010/06/18 16:30:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\InterTrust
[2010/07/02 10:43:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\Lexmark Productivity Studio
[2010/10/16 12:13:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\ParetoLogic
[2010/10/16 14:04:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\PCFix
[2010/07/24 12:55:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\PriceGong
[2010/05/15 11:47:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\Process Hacker
[2010/07/03 10:44:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\Sammsoft
[2010/07/03 10:46:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\simppulltoolbar
[2010/07/02 15:19:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\Skinux
[2010/10/15 14:17:38 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Maria\Application Data\Smart Engine
[2010/04/30 17:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\TeamViewer
[2010/04/21 18:38:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2010/07/03 10:35:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\WeatherBug
[2010/04/30 18:56:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
[2010/10/08 14:57:00 | 000,000,436 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration Task.job
[2010/10/17 14:37:56 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2010/10/17 14:32:19 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2010/10/16 12:12:34 | 000,000,376 | ---- | M] () -- C:\WINDOWS\Tasks\PC Health Advisor Defrag.job
[2010/10/16 14:43:44 | 000,000,332 | ---- | M] () -- C:\WINDOWS\Tasks\RegInOut Scheduled Scan - Maria.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2009/11/14 14:25:20 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/11/14 13:49:53 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2009/11/14 14:25:20 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/10/14 13:15:23 | 000,006,954 | ---- | M] () -- C:\CybDefInstallInfo.log
[2010/10/14 13:08:58 | 000,000,111 | ---- | M] () -- C:\CybDefWebInstaller.log
[2010/10/17 14:32:06 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/14 14:25:20 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/16 17:46:53 | 000,107,984 | ---- | M] () -- C:\lma_log.html
[2009/11/14 14:25:20 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2006/12/31 17:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/11/14 15:04:40 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/10/17 14:32:04 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2009/11/14 05:39:49 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009/11/14 05:39:49 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009/11/14 05:39:49 | 000,884,736 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-10-14 21:47:06

========== Alternate Data Streams ==========

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

< End of report >

OTL logfile created on: 10/17/2010 05:39:28 PM - Run 2
OTL by OldTimer - Version 3.2.15.2 Folder = C:\Documents and Settings\Maria\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 249.00 Mb Available Physical Memory | 49.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76.33 Gb Total Space | 57.05 Gb Free Space | 74.74% Space Free | Partition Type: NTFS
Drive G: | 1.88 Gb Total Space | 1.74 Gb Free Space | 92.69% Space Free | Partition Type: FAT

Computer Name: MARIA-DE6AB9E2D | User Name: Maria | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days

========== Processes (SafeList) ==========

PRC - [2010/10/17 16:45:59 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Maria\My Documents\Downloads\OTL.exe
PRC - [2010/09/15 04:34:02 | 001,094,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/06/11 18:53:33 | 000,455,600 | ---- | M] () -- C:\Program Files\Lexmark 7500 Series\lxdlmon.exe
PRC - [2007/06/01 13:06:09 | 000,020,480 | ---- | M] () -- C:\Program Files\Lexmark 7500 Series\lxdlamon.exe
PRC - [2007/05/29 09:19:56 | 000,598,960 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdlcoms.exe
PRC - [2007/05/29 09:19:38 | 000,099,248 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdlserv.exe

========== Modules (SafeList) ==========

MOD - [2010/10/17 16:45:59 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Maria\My Documents\Downloads\OTL.exe
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008/04/13 17:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2007/05/29 09:19:56 | 000,598,960 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxdlcoms.exe -- (lxdl_device)
SRV - [2007/05/29 09:19:38 | 000,099,248 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdlserv.exe -- (lxdlCATSCustConnectService)

========== Driver Services (SafeList) ==========

DRV - [2008/04/13 11:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2006/02/14 17:02:58 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnicxp.sys -- (SISNICXP)
DRV - [2004/08/03 15:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2004/08/03 15:31:20 | 000,036,224 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\an983.sys -- (AN983)
DRV - [2004/08/03 15:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:25527

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.selectedEngine: "search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.1
FF - prefs.js..extensions.enabledItems: [email protected]:2.4
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.5.4.20081105
FF - prefs.js..keyword.URL: "http://search.mywebs...934&searchfor="
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/16 12:08:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/16 11:47:18 | 000,000,000 | ---D | M]

[2010/04/30 22:29:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\Mozilla\Extensions
[2010/10/17 12:13:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\Mozilla\Firefox\Profiles\r1kpnnn7.default\extensions
[2010/05/03 17:46:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Maria\Application Data\Mozilla\Firefox\Profiles\r1kpnnn7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/10/16 15:14:43 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Maria\Application Data\Mozilla\Firefox\Profiles\r1kpnnn7.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/07/24 09:46:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\Mozilla\Firefox\Profiles\r1kpnnn7.default\extensions\[email protected]
[2010/09/18 00:15:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\Mozilla\Firefox\Profiles\r1kpnnn7.default\extensions\[email protected]
[2010/05/09 11:31:30 | 000,001,944 | ---- | M] () -- C:\Documents and Settings\Maria\Application Data\Mozilla\Firefox\Profiles\r1kpnnn7.default\searchplugins\bing-zugo.xml
[2010/05/29 18:52:14 | 000,010,017 | ---- | M] () -- C:\Documents and Settings\Maria\Application Data\Mozilla\Firefox\Profiles\r1kpnnn7.default\searchplugins\mywebsearch.xml
[2010/05/15 16:18:42 | 000,002,183 | ---- | M] () -- C:\Documents and Settings\Maria\Application Data\Mozilla\Firefox\Profiles\r1kpnnn7.default\searchplugins\oneriot.xml
[2010/10/16 11:47:18 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/08/03 15:07:42 | 000,373,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll

O1 HOSTS File: ([2010/10/15 19:08:45 | 000,002,967 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 74.125.45.100 4-open-davinci.com
O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getavplusnow.com
O1 - Hosts: 74.125.45.100 safebrowsing-cache.google.com
O1 - Hosts: 74.125.45.100 urs.microsoft.com
O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com
O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com
O1 - Hosts: 74.125.45.100 paysoftbillsolution.com
O1 - Hosts: 74.125.45.100 protected.maxisoftwaremart.com
O1 - Hosts: 173.236.107.251 www.google.com
O1 - Hosts: 173.236.107.251 google.com
O1 - Hosts: 173.236.107.251 google.com.au
O1 - Hosts: 173.236.107.251 www.google.com.au
O1 - Hosts: 173.236.107.251 google.be
O1 - Hosts: 173.236.107.251 www.google.be
O1 - Hosts: 173.236.107.251 google.com.br
O1 - Hosts: 173.236.107.251 www.google.com.br
O1 - Hosts: 40 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {627af46b-2076-42ae-a2fd-8428734d3e74} - No CLSID value found.
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O2 - BHO: (no name) - {C4B8BAB4-1667-11DF-A242-BA9455D89593} - No CLSID value found.
O2 - BHO: (no name) - {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {627af46b-2076-42ae-a2fd-8428734d3e74} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Lexmark 7500 Series Fax Server] C:\Program Files\Lexmark 7500 Series\fm3032.exe ()
O4 - HKLM..\Run: [lxdlamon] C:\Program Files\Lexmark 7500 Series\lxdlamon.exe ()
O4 - HKLM..\Run: [lxdlmon.exe] C:\Program Files\Lexmark 7500 Series\lxdlmon.exe ()
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RegistryQuick.exe] C:\Program Files\RegQuick\RegistryQuick.exe File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\Maria\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1258234931769 (WUWebControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 205.171.2.65 205.171.3.65
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/11/14 14:25:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{6fe9ce80-ec6f-11de-af1a-000ae6967395}\Shell\AutoRun\command - "" = G:\setupSNK.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 90 Days ==========

[2010/10/17 15:04:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/10/17 15:03:50 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/10/17 12:18:09 | 000,000,000 | ---D | C] -- C:\Program Files\GooReader
[2010/10/17 00:33:10 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Maria\Recent
[2010/10/16 22:05:03 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/10/16 15:39:26 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2010/10/16 15:25:24 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2010/10/16 15:23:10 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2010/10/16 14:16:53 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Clean Expert
[2010/10/16 14:11:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RegInOut
[2010/10/16 14:11:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegInOut
[2010/10/16 14:04:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maria\Application Data\PCFix
[2010/10/16 13:57:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maria\Application Data\ConsumerSoft
[2010/10/16 13:57:50 | 000,000,000 | ---D | C] -- C:\Program Files\ConsumerSoft
[2010/10/16 12:36:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RegiCleanse
[2010/10/16 12:13:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maria\Application Data\ParetoLogic
[2010/10/15 22:56:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\sc_startup_backup
[2010/10/15 21:12:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010/10/15 18:54:15 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2010/10/15 17:24:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maria\My Documents\Chicano Studies
[2010/10/15 14:16:30 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Maria\Application Data\Smart Engine
[2010/10/15 14:16:26 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\SMYJAQMFTE
[2010/10/15 14:15:44 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\47389e
[2010/10/14 10:47:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maria\Local Settings\Application Data\GooReader
[2010/10/02 15:00:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maria\My Documents\OneNote Notebooks
[2010/09/30 12:03:25 | 000,028,672 | ---- | C] (Auralis, Inc.) -- C:\WINDOWS\System32\ssconfig.exe
[2010/09/04 03:29:29 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Maria\My Documents\My Shapes
[2010/09/03 21:33:33 | 000,000,000 | ---D | C] -- C:\Program Files\Amazon
[2010/09/03 21:17:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Expression
[2010/09/03 20:53:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/09/03 19:46:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/09/03 19:44:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010/09/03 19:41:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/09/03 19:26:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010/09/03 19:20:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maria\Local Settings\Application Data\Microsoft Help
[2010/09/03 19:20:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2010/09/03 19:17:09 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/08/05 19:05:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maria\Application Data\KodakCredentialStore
[2010/07/31 11:08:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/07/31 11:08:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/07/31 11:07:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2010/07/31 11:07:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/07/31 00:14:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maria\My Documents\SCHOLARSHIPS
[2010/07/31 00:13:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maria\My Documents\business documents
[2010/07/24 12:55:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maria\Application Data\PriceGong
[2010/07/19 19:16:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Lexmark Productivity Studio
[2010/06/04 20:54:47 | 000,434,176 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdlhcp.dll
[2010/06/04 20:54:47 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdlinpa.dll
[2010/06/04 20:54:46 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdliesc.dll
[2010/06/04 20:54:45 | 001,200,128 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdlserv.dll
[2010/06/04 20:54:45 | 000,950,272 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdlusb1.dll
[2010/06/04 20:54:44 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdlpmui.dll
[2010/06/04 20:54:44 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdlprox.dll
[2010/06/04 20:54:43 | 000,565,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdllmpm.dll
[2010/06/04 20:54:41 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdlhbn3.dll
[2010/06/04 20:54:36 | 000,860,160 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdlcomc.dll
[2010/06/04 20:54:36 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdlcomm.dll
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/10/17 17:17:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-329068152-1343024091-1060284298-1003UA.job
[2010/10/17 16:43:48 | 000,015,492 | ---- | M] () -- C:\Documents and Settings\Maria\Desktop\Joaquin Murieta.docx
[2010/10/17 16:43:12 | 000,000,597 | ---- | M] () -- C:\WINDOWS\WSST_Screen_Saver.ini
[2010/10/17 15:22:35 | 000,000,957 | ---- | M] () -- C:\Documents and Settings\Maria\Desktop\ark.test
[2010/10/17 15:21:43 | 000,000,957 | ---- | M] () -- C:\Documents and Settings\Maria\My Documents\ark.text
[2010/10/17 15:07:36 | 000,000,714 | ---- | M] () -- C:\Documents and Settings\Maria\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/10/17 15:07:36 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/17 15:04:07 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Maria\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/10/17 15:03:54 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Maria\Desktop\NTREGOPT.lnk
[2010/10/17 15:03:54 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Maria\Desktop\ERUNT.lnk
[2010/10/17 14:37:56 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/10/17 14:32:23 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/17 14:32:19 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2010/10/17 14:32:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/17 14:32:06 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/17 12:19:43 | 000,002,365 | ---- | M] () -- C:\Documents and Settings\Maria\Desktop\GooReader.lnk
[2010/10/16 15:49:10 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\Maria\Desktop\Defraggler.lnk
[2010/10/16 15:33:02 | 000,003,734 | ---- | M] () -- C:\Documents and Settings\Maria\My Documents\cc_20101016_153255.reg
[2010/10/16 15:19:05 | 000,140,800 | ---- | M] () -- C:\Documents and Settings\Maria\My Documents\cc_20101016_151858.reg
[2010/10/16 14:43:44 | 000,000,332 | ---- | M] () -- C:\WINDOWS\tasks\RegInOut Scheduled Scan - Maria.job
[2010/10/16 14:06:26 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/10/16 12:12:34 | 000,000,376 | ---- | M] () -- C:\WINDOWS\tasks\PC Health Advisor Defrag.job
[2010/10/16 11:47:22 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Maria\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/10/16 11:47:22 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/10/15 22:03:08 | 000,000,042 | ---- | M] () -- C:\WINDOWS\System32\scud.udf
[2010/10/15 19:08:45 | 000,002,967 | RHS- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/10/14 18:17:12 | 000,267,800 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/14 11:01:42 | 000,012,275 | ---- | M] () -- C:\Documents and Settings\Maria\Desktop\Young guns.docx
[2010/10/08 14:57:00 | 000,000,436 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration Task.job
[2010/10/05 21:38:45 | 000,435,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/10/05 21:38:45 | 000,068,156 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/10/03 22:06:42 | 000,014,970 | ---- | M] () -- C:\Documents and Settings\Maria\Desktop\Geronimo.docx
[2010/10/03 00:30:16 | 000,012,962 | ---- | M] () -- C:\Documents and Settings\Maria\Desktop\Buffalo Soldiers.docx
[2010/09/30 20:09:15 | 002,359,350 | ---- | M] () -- C:\WINDOWS\webshots.bmp
[2010/09/30 12:03:25 | 000,028,672 | ---- | M] (Auralis, Inc.) -- C:\WINDOWS\System32\ssconfig.exe
[2010/09/30 12:03:24 | 006,913,698 | ---- | M] () -- C:\WINDOWS\Lizard King Arts Inc Tahoe Scenic Screensaver.dat
[2010/09/30 12:03:23 | 000,466,944 | ---- | M] () -- C:\WINDOWS\Lizard King Arts Inc Tahoe Scenic Screensaver.scr
[2010/09/30 12:03:17 | 000,180,224 | ---- | M] () -- C:\WINDOWS\UninstallWSST.exe
[2010/09/24 16:10:11 | 000,015,413 | ---- | M] () -- C:\Documents and Settings\Maria\Desktop\Juan Seguin.docx
[2010/09/18 12:32:56 | 000,001,682 | ---- | M] () -- C:\Documents and Settings\All Users\lxdl
[2010/09/03 21:33:37 | 000,001,721 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Kindle For PC.lnk
[2010/09/03 21:02:26 | 000,000,510 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010/08/07 21:50:31 | 000,574,464 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
[2010/08/07 21:50:31 | 000,257,024 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/10/17 15:22:35 | 000,000,957 | ---- | C] () -- C:\Documents and Settings\Maria\Desktop\ark.test
[2010/10/17 15:21:43 | 000,000,957 | ---- | C] () -- C:\Documents and Settings\Maria\My Documents\ark.text
[2010/10/17 15:07:36 | 000,000,714 | ---- | C] () -- C:\Documents and Settings\Maria\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/10/17 15:07:36 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/17 15:04:07 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Maria\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/10/17 15:03:54 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Maria\Desktop\NTREGOPT.lnk
[2010/10/17 15:03:54 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Maria\Desktop\ERUNT.lnk
[2010/10/17 13:01:52 | 536,399,872 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/17 12:18:11 | 000,002,365 | ---- | C] () -- C:\Documents and Settings\Maria\Desktop\GooReader.lnk
[2010/10/16 15:39:32 | 000,001,580 | ---- | C] () -- C:\Documents and Settings\Maria\Desktop\Defraggler.lnk
[2010/10/16 15:32:58 | 000,003,734 | ---- | C] () -- C:\Documents and Settings\Maria\My Documents\cc_20101016_153255.reg
[2010/10/16 15:19:02 | 000,140,800 | ---- | C] () -- C:\Documents and Settings\Maria\My Documents\cc_20101016_151858.reg
[2010/10/16 14:11:13 | 000,000,332 | ---- | C] () -- C:\WINDOWS\tasks\RegInOut Scheduled Scan - Maria.job
[2010/10/16 12:12:33 | 000,000,376 | ---- | C] () -- C:\WINDOWS\tasks\PC Health Advisor Defrag.job
[2010/10/16 11:47:22 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/10/15 22:03:08 | 000,000,042 | ---- | C] () -- C:\WINDOWS\System32\scud.udf
[2010/10/15 21:17:18 | 000,000,408 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/10/15 19:46:42 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/10/14 14:47:26 | 000,357,096 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/10/14 10:57:52 | 000,015,492 | ---- | C] () -- C:\Documents and Settings\Maria\Desktop\Joaquin Murieta.docx
[2010/10/06 22:30:56 | 000,012,275 | ---- | C] () -- C:\Documents and Settings\Maria\Desktop\Young guns.docx
[2010/10/03 00:07:32 | 000,012,962 | ---- | C] () -- C:\Documents and Settings\Maria\Desktop\Buffalo Soldiers.docx
[2010/10/02 22:26:32 | 000,014,970 | ---- | C] () -- C:\Documents and Settings\Maria\Desktop\Geronimo.docx
[2010/09/30 12:03:48 | 002,359,350 | ---- | C] () -- C:\WINDOWS\webshots.bmp
[2010/09/30 12:03:31 | 000,000,597 | ---- | C] () -- C:\WINDOWS\WSST_Screen_Saver.ini
[2010/09/30 12:03:24 | 006,913,698 | ---- | C] () -- C:\WINDOWS\Lizard King Arts Inc Tahoe Scenic Screensaver.dat
[2010/09/30 12:03:20 | 000,466,944 | ---- | C] () -- C:\WINDOWS\Lizard King Arts Inc Tahoe Scenic Screensaver.scr
[2010/09/30 12:03:16 | 000,180,224 | ---- | C] () -- C:\WINDOWS\UninstallWSST.exe
[2010/09/16 11:18:00 | 000,015,413 | ---- | C] () -- C:\Documents and Settings\Maria\Desktop\Juan Seguin.docx
[2010/09/03 21:33:37 | 000,001,721 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Kindle For PC.lnk
[2010/09/03 17:19:07 | 000,001,682 | ---- | C] () -- C:\Documents and Settings\All Users\lxdl
[2010/08/26 23:12:50 | 000,000,978 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-329068152-1343024091-1060284298-1003UA.job
[2010/06/04 21:01:19 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdlvs.dll
[2010/06/04 21:01:09 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\lxdlcoin.dll
[2010/06/04 20:59:57 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxdldrs.dll
[2010/06/04 20:59:57 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxdlcaps.dll
[2010/06/04 20:59:56 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdlcnv4.dll
[2010/06/04 20:59:11 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\LXDLPMON.DLL
[2010/06/04 20:59:11 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXDLFXPU.DLL
[2010/06/04 20:58:51 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdloem.dll
[2010/06/04 20:55:05 | 000,000,060 | ---- | C] () -- C:\WINDOWS\System32\lxdlrwrd.ini
[2010/06/04 20:54:48 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\lxdlinst.dll
[2010/06/04 20:54:40 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdlgrd.dll
[2010/05/15 12:00:47 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Maria\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/14 17:23:27 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/11/14 16:44:44 | 000,000,510 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/11/14 05:43:33 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/09/01 09:46:09 | 000,185,344 | ---- | C] () -- C:\WINDOWS\System32\MemWarp.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2003/02/19 02:26:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll

========== LOP Check ==========

[2010/10/15 14:17:46 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\47389e
[2010/06/04 20:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\7500 Series
[2010/04/30 19:48:06 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\771ac43
[2010/05/15 20:33:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2010/07/03 10:46:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2010/05/15 21:22:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FileCure
[2010/04/30 17:21:42 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\MSVXE
[2010/10/16 14:26:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2010/10/16 14:11:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegInOut
[2010/10/16 11:16:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\sc_startup_backup
[2010/10/15 14:16:26 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\SMYJAQMFTE
[2010/10/15 17:34:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/07/31 00:12:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ThumbnailCache4R
[2010/04/21 19:13:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/14 17:21:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/06/05 14:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\7500 Series
[2010/05/15 08:13:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\Amazon
[2010/07/03 10:53:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\Clip Art Collection
[2010/04/28 21:26:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/10/16 13:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\ConsumerSoft
[2010/05/15 20:28:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\DriverCure
[2010/05/15 20:18:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\ElevatedDiagnostics
[2010/06/18 16:30:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\InterTrust
[2010/07/02 10:43:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\Lexmark Productivity Studio
[2010/10/16 12:13:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\ParetoLogic
[2010/10/16 14:04:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\PCFix
[2010/07/24 12:55:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\PriceGong
[2010/05/15 11:47:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\Process Hacker
[2010/07/03 10:44:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\Sammsoft
[2010/07/03 10:46:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\simppulltoolbar
[2010/07/02 15:19:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\Skinux
[2010/10/15 14:17:38 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Maria\Application Data\Smart Engine
[2010/04/30 17:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\TeamViewer
[2010/04/21 18:38:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2010/07/03 10:35:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\WeatherBug
[2010/04/30 18:56:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Maria\Application Data\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
[2010/10/08 14:57:00 | 000,000,436 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration Task.job
[2010/10/17 14:37:56 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2010/10/17 14:32:19 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2010/10/16 12:12:34 | 000,000,376 | ---- | M] () -- C:\WINDOWS\Tasks\PC Health Advisor Defrag.job
[2010/10/16 14:43:44 | 000,000,332 | ---- | M] () -- C:\WINDOWS\Tasks\RegInOut Scheduled Scan - Maria.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2009/11/14 14:25:20 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/11/14 13:49:53 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2009/11/14 14:25:20 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/10/14 13:15:23 | 000,006,954 | ---- | M] () -- C:\CybDefInstallInfo.log
[2010/10/14 13:08:58 | 000,000,111 | ---- | M] () -- C:\CybDefWebInstaller.log
[2010/10/17 14:32:06 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/14 14:25:20 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/16 17:46:53 | 000,107,984 | ---- | M] () -- C:\lma_log.html
[2009/11/14 14:25:20 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2006/12/31 17:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/11/14 15:04:40 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/10/17 14:32:04 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2009/11/14 05:39:49 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009/11/14 05:39:49 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009/11/14 05:39:49 | 000,884,736 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-10-14 21:47:06

========== Alternate Data Streams ==========

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

< End of report >

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4864

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

10/17/2010 05:33:10 PM
mbam-log-2010-10-17 (17-33-10).txt

Scan type: Quick scan
Objects scanned: 153383
Time elapsed: 32 minute(s), 27 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

GMER 1.0.15.15319 - http://www.gmer.net
Rootkit scan 2010-10-17 18:33:30
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Maria\LOCALS~1\Temp\ffayakob.sys

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Mozilla Firefox\firefox.exe[2268] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 004013F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

#1
Malyssa

Posted 17 October 2010 - 07:40 PM

Advertisements

#2
RKinner

Posted 21 October 2010 - 07:31 PM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us