[mkes2]

I keep getting XP Total Security Alert messages, I've tried running malwarebytes and it does not run and Microsoft Security Essentials did not detect it.

OTL logfile created on: 3/27/2011 5:19:16 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Mike\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 75.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 186.30 Gb Total Space | 30.93 Gb Free Space | 16.60% Space Free | Partition Type: NTFS
Drive D: | 5.52 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 583.78 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive J: | 7.72 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: HOUSE-29AFCC26C | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/03/27 17:18:35 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\My Documents\Downloads\OTL.exe
PRC - [2011/03/27 15:47:07 | 000,327,680 | -HS- | M] (Valve Corporation) -- C:\Documents and Settings\Mike\Local Settings\Application Data\mtj.exe
PRC - [2011/03/24 19:32:07 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/11/30 15:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/11 14:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2009/11/06 14:24:52 | 000,195,176 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe
PRC - [2009/11/06 14:13:20 | 000,191,080 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2005/11/16 22:49:44 | 005,238,272 | ---- | M] (Linksys) -- C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
PRC - [2004/02/07 01:56:14 | 000,041,025 | ---- | M] (GEMTEKS) -- C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe


========== Modules (SafeList) ==========

MOD - [2011/03/27 17:18:35 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\My Documents\Downloads\OTL.exe
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Running] -- -- (WMP54Gv4SVC)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/11/11 14:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/12/15 16:07:16 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/11/06 14:24:52 | 000,195,176 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe -- (UpdateCenterService)
SRV - [2009/11/06 14:13:20 | 000,191,080 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2008/11/26 13:36:12 | 000,323,584 | -H-- | M] (DeviceVM) [Auto | Stopped] -- C:\ASUS.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/07/24 13:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)


========== Driver Services (SafeList) ==========

DRV - [2011/03/27 14:34:10 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C14284D0-D6A6-41E6-8BDC-E60D7CC9614F}\MpKsle22328cb.sys -- (MpKsle22328cb)
DRV - [2010/04/12 04:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2010/03/30 23:38:26 | 000,020,968 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz133_x32.sys -- (cpuz133)
DRV - [2010/02/03 00:52:08 | 004,605,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009/12/25 22:56:13 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/09/15 14:59:28 | 000,038,248 | ---- | M] (NVIDIA Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvoclock.sys -- (nvoclock)
DRV - [2009/08/26 04:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009/05/25 19:31:32 | 000,252,416 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VMUVC.sys -- (VMUVC)
DRV - [2008/09/29 04:06:08 | 000,876,288 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2008/09/25 09:51:42 | 000,115,328 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/07/01 13:12:32 | 000,398,720 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vvftUVC.sys -- (vvftUVC)
DRV - [2008/02/14 02:12:00 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)
DRV - [2007/12/17 05:14:00 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2007/07/20 19:40:10 | 000,084,992 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2007/04/17 22:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\regi.sys -- (regi)
DRV - [2007/04/16 19:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2005/10/27 18:06:30 | 000,356,096 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt61.sys -- (RT61) Linksys Wireless-G PCI Adapter Driver(RT61)
DRV - [2004/08/14 20:00:00 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT2014090
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:18810

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:7


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/24 19:32:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/24 19:32:20 | 000,000,000 | ---D | M]

[2009/08/11 04:49:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Extensions
[2009/08/03 23:09:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Extensions\[email protected]
[2009/08/11 04:49:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Extensions\[email protected]
[2011/03/27 16:58:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\twd5m03y.default\extensions
[2010/04/28 20:18:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\twd5m03y.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/04 03:31:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\twd5m03y.default\extensions\{2458abc0-f443-11dd-87af-0800200c9a66}
[2010/05/17 21:33:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\twd5m03y.default\extensions\{6c3a1de1-94ca-4ad6-acdf-c1324adc487b}
[2009/11/06 15:07:48 | 000,000,000 | ---D | M] (MushroomKingdom) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\twd5m03y.default\extensions\{BF32D2C8-9C75-404b-ACF4-880DB4679236}
[2011/01/04 03:31:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\twd5m03y.default\extensions\[email protected]
[2011/01/04 03:31:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\twd5m03y.default\extensions\[email protected]
[2011/03/27 16:25:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/03/25 17:18:42 | 000,000,000 | ---D | M] (Move Media Player) -- C:\DOCUMENTS AND SETTINGS\MIKE\APPLICATION DATA\MOVE NETWORKS
[2009/07/08 01:05:27 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009/04/01 01:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll
[2007/04/16 13:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll

O1 HOSTS File: ([2004/08/04 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [VMonitorVMUVC] C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe (Vimicro Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Mike\Start Menu\Programs\IMVU\Run IMVU.lnk ()
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {230C3D02-DA27-11D2-8612-00A0C93EEA3C} http://photo-vendor....des/saxfile.cab (SAXFile FileUpload ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Mike\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mike\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/06 16:46:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/09/08 17:13:25 | 000,000,058 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2002/03/25 21:03:42 | 000,024,576 | R--- | M] () - E:\AutoRunMorrowind.exe -- [ CDFS ]
O32 - AutoRun File - [2002/04/03 21:12:04 | 000,000,150 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2009/07/16 18:13:07 | 001,246,440 | R--- | M] () - J:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009/04/13 23:17:18 | 000,000,058 | R--- | M] () - J:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{41398bbc-d707-11df-9565-00248cbf8536}\Shell\AutoRun\command - "" = L:\WDSetup.exe
O33 - MountPoints2\{d8fed6c1-6a19-11de-a8ef-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{d8fed6c1-6a19-11de-a8ef-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d8fed6c1-6a19-11de-a8ef-806d6172696f}\Shell\AutoRun\command - "" = D:\FalloutLauncher.exe -- [2008/09/18 14:38:35 | 006,981,048 | R--- | M] (Bethesda Softworks)
O33 - MountPoints2\{d8fed6c2-6a19-11de-a8ef-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{d8fed6c2-6a19-11de-a8ef-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d8fed6c2-6a19-11de-a8ef-806d6172696f}\Shell\AutoRun\command - "" = E:\AutoRunMorrowind.exe -- [2002/03/25 21:03:42 | 000,024,576 | R--- | M] ()
O33 - MountPoints2\{d8fed6c2-6a19-11de-a8ef-806d6172696f}\Shell\install\command - "" = E:\Setup.exe -- [2001/09/05 04:23:24 | 000,056,320 | R--- | M] (InstallShield Software Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "C:\Documents and Settings\Mike\Local Settings\Application Data\mtj.exe" -a "%1" %* (Valve Corporation)
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "C:\Documents and Settings\Mike\Local Settings\Application Data\mtj.exe" -a "%1" %* (Valve Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2011/03/27 16:48:31 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mike\Recent
[2011/03/27 15:47:07 | 000,327,680 | -HS- | C] (Valve Corporation) -- C:\Documents and Settings\Mike\Local Settings\Application Data\mtj.exe
[2011/03/24 18:47:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2011/03/24 18:47:01 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/03/24 18:46:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2011/03/08 22:40:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\Leatrix Latency Fix 1.23
[2011/03/03 21:48:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/03/27 16:55:51 | 000,012,488 | -HS- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\72xy4j5pr746copb247k3woh
[2011/03/27 16:55:51 | 000,012,488 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\72xy4j5pr746copb247k3woh
[2011/03/27 15:47:07 | 000,327,680 | -HS- | M] (Valve Corporation) -- C:\Documents and Settings\Mike\Local Settings\Application Data\mtj.exe
[2011/03/27 15:19:05 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-746137067-926492609-839522115-1004.job
[2011/03/27 15:19:04 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/03/27 02:07:32 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/03/26 16:28:59 | 000,000,012 | -H-- | M] () -- C:\WINDOWS\System32\%sdvmexp.idx
[2011/03/26 16:25:08 | 000,000,675 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\World of Warcraft.lnk
[2011/03/26 14:32:45 | 000,435,238 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/03/26 14:32:45 | 000,069,580 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/03/26 14:28:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/03/26 12:34:36 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011/03/24 18:47:36 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2011/03/24 18:45:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/03/15 01:16:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-746137067-926492609-839522115-1004.job
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/03/27 15:47:08 | 000,012,488 | -HS- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\72xy4j5pr746copb247k3woh
[2011/03/27 15:47:08 | 000,012,488 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\72xy4j5pr746copb247k3woh
[2011/03/26 16:28:59 | 000,000,012 | -H-- | C] () -- C:\WINDOWS\System32\%sdvmexp.idx
[2011/03/24 18:47:36 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2011/01/06 01:50:01 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\PUTTY.RND
[2011/01/06 01:20:15 | 000,002,384 | ---- | C] () -- C:\WINDOWS\System32\LOWERP.ini
[2011/01/06 01:20:15 | 000,001,248 | ---- | C] () -- C:\WINDOWS\System32\LPOff.ini
[2011/01/04 22:21:42 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/11/29 08:08:25 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\844F637868.sys
[2010/11/29 08:08:24 | 000,002,516 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2010/10/21 15:51:13 | 000,240,624 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/10/21 15:51:10 | 000,240,624 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/10/21 15:51:10 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/09/25 23:18:13 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010/09/25 22:11:17 | 000,552,904 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/05/19 02:07:02 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010/05/16 14:31:07 | 000,000,621 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2010/02/21 17:30:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010/02/21 17:30:15 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010/02/21 17:30:14 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010/02/21 17:30:13 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2010/02/21 17:30:13 | 000,198,341 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009/12/27 00:41:52 | 000,499,200 | ---- | C] () -- C:\WINDOWS\System32\WZDPlay.dll
[2009/12/11 15:03:18 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/10/18 20:32:46 | 000,000,890 | ---- | C] () -- C:\WINDOWS\System32\WLAN.INI
[2009/10/18 20:06:19 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2009/10/03 08:11:03 | 000,000,440 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009/09/27 16:12:22 | 002,293,194 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009/08/07 20:51:34 | 000,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009/07/29 03:32:57 | 000,000,036 | -H-- | C] () -- C:\WINDOWS\System32\swk.ini
[2009/07/11 01:19:46 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/07/11 00:59:22 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/06 23:36:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/07/06 23:20:53 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2009/07/06 23:20:53 | 000,012,400 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2009/07/06 23:20:49 | 000,011,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2009/07/06 23:20:49 | 000,010,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2009/07/06 22:23:11 | 000,001,746 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2009/07/06 22:22:42 | 000,028,866 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2009/07/06 22:22:27 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009/07/06 22:22:13 | 000,028,099 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009/07/06 22:22:13 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009/07/06 16:48:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/07/06 16:43:30 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/07/06 06:44:57 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/07/06 06:43:39 | 000,130,888 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/10/21 13:40:00 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2008/10/21 13:40:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2004/08/04 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 08:00:00 | 000,435,238 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 08:00:00 | 000,069,580 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 08:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== Alternate Data Streams ==========

@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF

< End of report >

[Advertisements]

Hello mkes2 and welcome to G2G!

My nick is maliprog and I'll will be your technical support on this issue. Before we start please read my notes carefully:

NOTE:

• Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
• Absence of symptoms does not always mean the computer is clean
• Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
• Please DO NOT run any scans or fix on your own without my direction.
• Please read all of my response through at least once before attempting to follow the procedures described.
• If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
• Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply.
• You must reply within 3 days or your topic will be closed

Step 1

Please close all running programs and Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  

  :OTL
  IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
  IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:18810
  O24 - Desktop WallPaper: C:\Documents and Settings\Mike\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
  O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mike\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
  O35 - HKCU\..exefile [open] -- "C:\Documents and Settings\Mike\Local Settings\Application Data\mtj.exe" -a "%1" %* (Valve Corporation)
  O37 - HKCU\...exe [@ = exefile] -- "C:\Documents and Settings\Mike\Local Settings\Application Data\mtj.exe" -a "%1" %* (Valve Corporation)
  [2011/03/27 15:47:07 | 000,327,680 | -HS- | C] (Valve Corporation) -- C:\Documents and Settings\Mike\Local Settings\Application Data\mtj.exe
  [2011/03/27 16:55:51 | 000,012,488 | -HS- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\72xy4j5pr746copb247k3woh
  [2011/03/27 16:55:51 | 000,012,488 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\72xy4j5pr746copb247k3woh
  [2011/03/27 15:47:07 | 000,327,680 | -HS- | M] (Valve Corporation) -- C:\Documents and Settings\Mike\Local Settings\Application Data\mtj.exe
  [2010/11/29 08:08:25 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\844F637868.sys
  [2010/11/29 08:08:24 | 000,002,516 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
  
  :Files
  ipconfig /flushdns /c
  
  :Commands
  [purity]
  [emptytemp]
  [emptyflash]
  [Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• Post the fix log it produces in your next reply.

Step 2

Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish, so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

Step 3

Please don't forget to include these items in your reply:

• OTL fix log
• Malwarebytes log

It would be helpful if you could post each log in separate post

[maliprog]

Hello mkes2 and welcome to G2G!

My nick is maliprog and I'll will be your technical support on this issue. Before we start please read my notes carefully:

NOTE:

• Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
• Absence of symptoms does not always mean the computer is clean
• Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
• Please DO NOT run any scans or fix on your own without my direction.
• Please read all of my response through at least once before attempting to follow the procedures described.
• If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
• Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply.
• You must reply within 3 days or your topic will be closed

Step 1

Please close all running programs and Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  

  :OTL
  IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
  IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:18810
  O24 - Desktop WallPaper: C:\Documents and Settings\Mike\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
  O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mike\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
  O35 - HKCU\..exefile [open] -- "C:\Documents and Settings\Mike\Local Settings\Application Data\mtj.exe" -a "%1" %* (Valve Corporation)
  O37 - HKCU\...exe [@ = exefile] -- "C:\Documents and Settings\Mike\Local Settings\Application Data\mtj.exe" -a "%1" %* (Valve Corporation)
  [2011/03/27 15:47:07 | 000,327,680 | -HS- | C] (Valve Corporation) -- C:\Documents and Settings\Mike\Local Settings\Application Data\mtj.exe
  [2011/03/27 16:55:51 | 000,012,488 | -HS- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\72xy4j5pr746copb247k3woh
  [2011/03/27 16:55:51 | 000,012,488 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\72xy4j5pr746copb247k3woh
  [2011/03/27 15:47:07 | 000,327,680 | -HS- | M] (Valve Corporation) -- C:\Documents and Settings\Mike\Local Settings\Application Data\mtj.exe
  [2010/11/29 08:08:25 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\844F637868.sys
  [2010/11/29 08:08:24 | 000,002,516 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
  
  :Files
  ipconfig /flushdns /c
  
  :Commands
  [purity]
  [emptytemp]
  [emptyflash]
  [Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• Post the fix log it produces in your next reply.

Step 2

Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish, so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

Step 3

Please don't forget to include these items in your reply:

• OTL fix log
• Malwarebytes log

It would be helpful if you could post each log in separate post

[mkes2]

Only problem I seem be having now is that Windows Security Center says that my automatic updates are off when they are on and it won't let me update it from the bubble. Logs to follow.

[mkes2]

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6186

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

3/28/2011 8:16:37 PM
mbam-log-2011-03-28 (20-16-37).txt

Scan type: Quick scan
Objects scanned: 139595
Time elapsed: 2 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

[mkes2]

I am unable to locate the fix log for OTL, here is another scan log instead :/

OTL logfile created on: 3/28/2011 8:22:51 PM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Mike\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 76.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 186.30 Gb Total Space | 31.06 Gb Free Space | 16.67% Space Free | Partition Type: NTFS
Drive D: | 5.52 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 583.78 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: HOUSE-29AFCC26C | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/03/28 20:22:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
PRC - [2011/03/24 19:32:07 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/12/20 18:08:46 | 000,963,976 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010/11/30 15:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/11 14:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2009/11/06 14:24:52 | 000,195,176 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe
PRC - [2009/11/06 14:13:20 | 000,191,080 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
PRC - [2009/11/06 14:13:16 | 000,133,736 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe
PRC - [2008/11/26 13:36:12 | 000,323,584 | -H-- | M] (DeviceVM) -- C:\ASUS.SYS\config\DVMExportService.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/07/24 13:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2005/11/16 22:49:44 | 005,238,272 | ---- | M] (Linksys) -- C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
PRC - [2004/02/07 01:56:14 | 000,041,025 | ---- | M] (GEMTEKS) -- C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe


========== Modules (SafeList) ==========

MOD - [2011/03/28 20:22:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Running] -- -- (WMP54Gv4SVC)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/11/11 14:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/12/15 16:07:16 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/11/06 14:24:52 | 000,195,176 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe -- (UpdateCenterService)
SRV - [2009/11/06 14:13:20 | 000,191,080 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2008/11/26 13:36:12 | 000,323,584 | -H-- | M] (DeviceVM) [Auto | Running] -- C:\ASUS.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/07/24 13:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)


========== Driver Services (SafeList) ==========

DRV - [2011/03/28 20:08:55 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C14284D0-D6A6-41E6-8BDC-E60D7CC9614F}\MpKsla111d04d.sys -- (MpKsla111d04d)
DRV - [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | Disabled | Running] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/04/12 04:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2010/03/30 23:38:26 | 000,020,968 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz133_x32.sys -- (cpuz133)
DRV - [2010/02/03 00:52:08 | 004,605,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009/12/25 22:56:13 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/09/15 14:59:28 | 000,038,248 | ---- | M] (NVIDIA Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvoclock.sys -- (nvoclock)
DRV - [2009/08/26 04:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009/05/25 19:31:32 | 000,252,416 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VMUVC.sys -- (VMUVC)
DRV - [2008/09/29 04:06:08 | 000,876,288 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2008/09/25 09:51:42 | 000,115,328 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/07/01 13:12:32 | 000,398,720 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vvftUVC.sys -- (vvftUVC)
DRV - [2008/02/14 02:12:00 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)
DRV - [2007/12/17 05:14:00 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2007/07/20 19:40:10 | 000,084,992 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2007/04/17 22:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\regi.sys -- (regi)
DRV - [2007/04/16 19:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2005/10/27 18:06:30 | 000,356,096 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt61.sys -- (RT61) Linksys Wireless-G PCI Adapter Driver(RT61)
DRV - [2004/08/14 20:00:00 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT2014090
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://my.yahoo.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:7


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/24 19:32:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/24 19:32:20 | 000,000,000 | ---D | M]

[2009/08/11 04:49:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Extensions
[2009/08/03 23:09:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Extensions\[email protected]
[2009/08/11 04:49:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Extensions\[email protected]
[2011/03/27 16:58:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\twd5m03y.default\extensions
[2010/04/28 20:18:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\twd5m03y.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/04 03:31:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\twd5m03y.default\extensions\{2458abc0-f443-11dd-87af-0800200c9a66}
[2010/05/17 21:33:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\twd5m03y.default\extensions\{6c3a1de1-94ca-4ad6-acdf-c1324adc487b}
[2009/11/06 15:07:48 | 000,000,000 | ---D | M] (MushroomKingdom) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\twd5m03y.default\extensions\{BF32D2C8-9C75-404b-ACF4-880DB4679236}
[2011/01/04 03:31:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\twd5m03y.default\extensions\[email protected]
[2011/01/04 03:31:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\twd5m03y.default\extensions\[email protected]
[2011/03/27 16:25:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/03/25 17:18:42 | 000,000,000 | ---D | M] (Move Media Player) -- C:\DOCUMENTS AND SETTINGS\MIKE\APPLICATION DATA\MOVE NETWORKS
[2009/07/08 01:05:27 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009/04/01 01:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll
[2007/04/16 13:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll

O1 HOSTS File: ([2004/08/04 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [VMonitorVMUVC] C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe (Vimicro Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Mike\Start Menu\Programs\IMVU\Run IMVU.lnk ()
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {230C3D02-DA27-11D2-8612-00A0C93EEA3C} http://photo-vendor....des/saxfile.cab (SAXFile FileUpload ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/06 16:46:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/09/08 17:13:25 | 000,000,058 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2002/03/25 21:03:42 | 000,024,576 | R--- | M] () - E:\AutoRunMorrowind.exe -- [ CDFS ]
O32 - AutoRun File - [2002/04/03 21:12:04 | 000,000,150 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{41398bbc-d707-11df-9565-00248cbf8536}\Shell\AutoRun\command - "" = L:\WDSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/03/28 20:22:36 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
[2011/03/28 05:35:40 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/03/27 17:47:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mike\Recent
[2011/03/24 18:47:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2011/03/24 18:47:01 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/03/24 18:46:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2011/03/08 22:40:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\Leatrix Latency Fix 1.23
[2011/03/03 21:48:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype

========== Files - Modified Within 30 Days ==========

[2011/03/28 20:22:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
[2011/03/28 20:13:55 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/03/28 20:13:07 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011/03/28 20:12:57 | 000,435,238 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/03/28 20:12:57 | 000,069,580 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/03/28 20:09:10 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-746137067-926492609-839522115-1004.job
[2011/03/28 20:08:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/03/27 17:32:13 | 000,000,354 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\fix.reg
[2011/03/27 15:19:04 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/03/26 16:25:08 | 000,000,675 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\World of Warcraft.lnk
[2011/03/24 18:47:36 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2011/03/24 18:45:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/03/15 01:16:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-746137067-926492609-839522115-1004.job

========== Files Created - No Company Name ==========

[2011/03/27 17:32:13 | 000,000,354 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\fix.reg
[2011/03/24 18:47:36 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2011/01/06 01:50:01 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\PUTTY.RND
[2011/01/06 01:20:15 | 000,002,384 | ---- | C] () -- C:\WINDOWS\System32\LOWERP.ini
[2011/01/06 01:20:15 | 000,001,248 | ---- | C] () -- C:\WINDOWS\System32\LPOff.ini
[2011/01/04 22:21:42 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/10/21 15:51:13 | 000,240,624 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/10/21 15:51:10 | 000,240,624 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/10/21 15:51:10 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/09/25 23:18:13 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010/09/25 22:11:17 | 000,552,904 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/05/19 02:07:02 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010/05/16 14:31:07 | 000,000,621 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2010/02/21 17:30:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010/02/21 17:30:15 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010/02/21 17:30:14 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010/02/21 17:30:13 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2010/02/21 17:30:13 | 000,198,341 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009/12/27 00:41:52 | 000,499,200 | ---- | C] () -- C:\WINDOWS\System32\WZDPlay.dll
[2009/12/11 15:03:18 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/10/18 20:32:46 | 000,000,890 | ---- | C] () -- C:\WINDOWS\System32\WLAN.INI
[2009/10/18 20:06:19 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2009/10/03 08:11:03 | 000,000,440 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009/09/27 16:12:22 | 002,293,194 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009/08/07 20:51:34 | 000,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009/07/29 03:32:57 | 000,000,036 | -H-- | C] () -- C:\WINDOWS\System32\swk.ini
[2009/07/11 01:19:46 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/07/11 00:59:22 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/06 23:36:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/07/06 23:20:53 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2009/07/06 23:20:53 | 000,012,400 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2009/07/06 23:20:49 | 000,011,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2009/07/06 23:20:49 | 000,010,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2009/07/06 22:23:11 | 000,001,746 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2009/07/06 22:22:42 | 000,028,866 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2009/07/06 22:22:27 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009/07/06 22:22:13 | 000,028,099 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009/07/06 22:22:13 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009/07/06 16:48:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/07/06 16:43:30 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/07/06 06:44:57 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/07/06 06:43:39 | 000,130,888 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/10/21 13:40:00 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2008/10/21 13:40:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2004/08/04 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 08:00:00 | 000,435,238 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 08:00:00 | 000,069,580 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 08:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== Alternate Data Streams ==========

@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF

< End of report >

[maliprog]

Hi mkes2,

This is usually system problem. Let's try to solve it in easy way

Please download

 repairupdates.zip   347bytes   155 downloads

to your Desktop. UnZip it on your desktop and run repairupdates.bat by double click on it. Wait until program finish and it will close itself. Try to run updates now.

NOTE: Sometimes it is necessary to disable and then enable update in Control Panel to finish repair them.

[maliprog]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.