Piriform Community Forums > WinBlueSoft infevtion

Piriform Community Forums > Computer Help and Discussion > Spyware Hell

Help!

Jul 18 2009, 01:37 PM

I have followed the directions in the "Before you post" thread to the best of my ability. The only thing I can't do is run the Malwarebytes program. There is an infection called WinBlueSoft preventing it from running. Here are the requested scan results from everything else:

Rooter:

Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows XP Home Edition (5.1.2600) Service Pack 3
[32_bits] - x86 Family 6 Model 15 Stepping 13, GenuineIntel
.
[wscsvc] (Security Center) RUNNING (state:4)
[SharedAccess] RUNNING (state:4)
Windows Firewall -> Enabled
.
Internet Explorer 8.0.6001.18702
Mozilla Firefox 3.0.11 (en-US)
.
C:\ [Fixed-NTFS] .. ( Total:229 Go - Free:192 Go )
D:\ [CD_Rom]
.
Scan : 09:04.19
Path : C:\Documents and Settings\Keith\Desktop\Rooter.exe
User : Keith ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
______ System (4)
______ \SystemRoot\System32\smss.exe (724)
______ \??\C:\WINDOWS\system32\csrss.exe (772)
______ \??\C:\WINDOWS\system32\winlogon.exe (796)
______ C:\WINDOWS\system32\services.exe (840)
______ C:\WINDOWS\system32\lsass.exe (852)
______ C:\WINDOWS\system32\svchost.exe (1048)
______ C:\WINDOWS\system32\svchost.exe (1120)
______ C:\WINDOWS\System32\svchost.exe (1216)
______ C:\WINDOWS\system32\svchost.exe (1316)
______ C:\WINDOWS\system32\svchost.exe (1384)
______ C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (1432)
______ C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (1452)
______ C:\Program Files\Alwil Software\Avast4\ashServ.exe (1512)
______ C:\WINDOWS\system32\spoolsv.exe (1888)
______ C:\WINDOWS\Explorer.EXE (252)
______ C:\WINDOWS\system32\svchost.exe (584)
______ C:\WINDOWS\system32\igfxtray.exe (612)
______ C:\WINDOWS\system32\hkcmd.exe (620)
______ C:\WINDOWS\system32\igfxpers.exe (632)
______ C:\WINDOWS\system32\igfxsrvc.exe (652)
______ C:\WINDOWS\RTHDCPL.EXE (712)
______ C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (764)
______ C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (920)
______ C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (996)
______ C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (992)
______ C:\Program Files\Bonjour\mDNSResponder.exe (1056)
______ C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe (1156)
______ C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (1180)
______ C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (1328)
______ C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe (1804)
______ C:\Program Files\Dell Support Center\bin\sprtcmd.exe (1816)
______ C:\Program Files\Java\jre6\bin\jusched.exe (1928)
______ C:\Program Files\Dell Network Assistant\hnm_svc.exe (132)
______ C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (224)
______ C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (360)
______ C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (508)
______ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (548)
______ C:\Program Files\DellSupport\DSAgnt.exe (260)
______ C:\WINDOWS\system32\ctfmon.exe (744)
______ C:\Program Files\Java\jre6\bin\jqs.exe (1476)
______ C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe (1832)
______ C:\Program Files\Dell Network Assistant\ezi_hnm2.exe (2172)
______ C:\Program Files\Digital Line Detect\DLG.exe (2192)
______ C:\Program Files\Windows Desktop Search\WindowsSearch.exe (2208)
______ C:\Program Files\WinZip\WZQKPICK.EXE (2288)
______ C:\Program Files\Dell Support Center\bin\sprtsvc.exe (2620)
______ C:\WINDOWS\system32\svchost.exe (2660)
______ C:\WINDOWS\system32\SearchIndexer.exe (2916)
______ C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (3544)
______ C:\WINDOWS\system32\wbem\unsecapp.exe (3580)
______ C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (3648)
______ C:\WINDOWS\system32\wbem\wmiprvse.exe (3668)
______ C:\WINDOWS\System32\alg.exe (2316)
______ C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe (3512)
______ C:\Program Files\Mozilla Firefox\firefox.exe (3196)
______ C:\WINDOWS\system32\wuauclt.exe (3940)
______ C:\WINDOWS\system32\SearchProtocolHost.exe (3528)
______ C:\WINDOWS\system32\SearchFilterHost.exe (3520)
______ C:\Documents and Settings\Keith\Desktop\Rooter.exe (1984)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 (Start_Offset:32256 | Length:49319424)
\Device\Harddisk0\Partition2 --[ MBR ]-- (Start_Offset:49351680 | Length:246709048320)
\Device\Harddisk0\Partition3 (Start_Offset:246766625280 | Length:3224309760)
.
----------------------\\ Scheduled Tasks
.
C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
C:\WINDOWS\Tasks\desktop.ini
C:\WINDOWS\Tasks\Google Software Updater.job
C:\WINDOWS\Tasks\Norton PC Checkup WeekDay Scanner.job
C:\WINDOWS\Tasks\Norton PC Checkup Weekend Scanner.job
C:\WINDOWS\Tasks\SA.DAT
.
----------------------\\ Registry
.
Rootkit! ... [HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_MSIVXSERV.SYS]
Rootkit! ... [HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_MSIVXSERV.SYS]
Rootkit! ... [HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MSIVXSERV.SYS]
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 09:04.50
.
C:\Rooter$\Rooter_1.txt - (18/07/2009 | 09:04.50)

RootRepeal:

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/07/18 09:09
Program Version: Version 1.3.2.0
Windows Version: Windows XP SP3
==================================================

Hidden Services
-------------------
Service Name: MSIVXserv.sys
Image PathC:\WINDOWS\system32\drivers\MSIVXkyfkmlgxvjlalirkrgomujejtvaokedf.sys

==EOF==

OTL:

OTL logfile created on: 7/18/2009 9:12:10 AM - Run 1
OTL by OldTimer - Version 3.0.9.1 Folder = C:\Documents and Settings\Keith\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.10 Mb Total Physical Memory | 429.49 Mb Available Physical Memory | 42.39% Memory free
2.38 Gb Paging File | 1.82 Gb Available in Paging File | 76.51% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 229.77 Gb Total Space | 192.62 Gb Free Space | 83.84% Space Free | Partition Type: NTFS
Drive D: | 98.67 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: D9B2N3F1
Current User Name: Keith
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\System32\igfxtray.exe (Intel Corporation)
PRC - C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)
PRC - C:\WINDOWS\System32\igfxpers.exe (Intel Corporation)
PRC - C:\WINDOWS\System32\igfxsrvc.exe (Intel Corporation)
PRC - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe (Roxio)
PRC - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
PRC - C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
PRC - C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe (Hewlett-Packard)
PRC - C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Dell Network Assistant\hnm_svc.exe (SingleClick Systems)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe (Sonic Solutions)
PRC - C:\Program Files\Dell Network Assistant\ezi_hnm2.exe (SingleClick Systems)
PRC - C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
PRC - C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
PRC - C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
PRC - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\WINDOWS\System32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\WINDOWS\System32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe (Sonic Solutions)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Documents and Settings\Keith\Desktop\OTL(2).exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (ACDaemon [Auto | Running]) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (DSBrokerService [On_Demand | Stopped]) -- C:\Program Files\DellSupport\brkrsvc.exe ()
SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (GoogleDesktopManager [On_Demand | Stopped]) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (gusvc [Auto | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (hnmsvc [Auto | Running]) -- C:\Program Files\Dell Network Assistant\hnm_svc.exe (SingleClick Systems)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Stopped]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (Lavasoft Ad-Aware Service [Auto | Running]) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (License Management Service ESD [On_Demand | Stopped]) -- C:\Program Files\Common Files\element5 Shared\Service\Licence Manager ESD.exe (element5)
SRV - (lxdb_device [On_Demand | Stopped]) -- C:\WINDOWS\System32\lxdbcoms.exe ( )
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (RoxMediaDB9 [On_Demand | Stopped]) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe (Sonic Solutions)
SRV - (RoxWatch9 [Auto | Running]) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe (Sonic Solutions)
SRV - (Seekeen Service [Auto | Stopped]) -- File not found
SRV - (sprtsvc_dellsupportcenter [Auto | Running]) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (stllssvr [On_Demand | Stopped]) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (MicroVision Development, Inc.)
SRV - (StumbleUponUpdateService [On_Demand | Stopped]) -- C:\Program Files\StumbleUpon\StumbleUponUpdateService.exe (stumbleupon.com)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (Aavmker4 [System | Running]) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (Afc [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\Afc.sys (Arcsoft, Inc.)
DRV - (AliIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (amdagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (asc [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (aswFsBlk [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\aswFsBlk.sys (ALWIL Software)
DRV - (aswMon2 [Auto | Running]) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswRdr [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswSP [System | Running]) -- C:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswTdi [System | Running]) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (CmdIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (dac2w2k [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (DLABMFSM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLABMFSM.SYS (Roxio)
DRV - (DLABOIOM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLABOIOM.SYS (Roxio)
DRV - (DLACDBHM [System | Running]) -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS (Roxio)
DRV - (DLADResM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLADResM.SYS (Roxio)
DRV - (DLAIFS_M [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAIFS_M.SYS (Roxio)
DRV - (DLAOPIOM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAOPIOM.SYS (Roxio)
DRV - (DLAPoolM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAPoolM.SYS (Roxio)
DRV - (DLARTL_M [System | Running]) -- C:\WINDOWS\System32\Drivers\DLARTL_M.SYS (Roxio)
DRV - (DLAUDFAM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAUDFAM.SYS (Roxio)
DRV - (DLAUDF_M [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAUDF_M.SYS (Roxio)
DRV - (DRVMCDB [Boot | Running]) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)
DRV - (DRVNDDM [Auto | Running]) -- C:\WINDOWS\System32\Drivers\DRVNDDM.SYS (Roxio)
DRV - (DSproct [On_Demand | Running]) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)
DRV - (dsunidrv [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\dsunidrv.sys (Gteko Ltd.)
DRV - (E100B [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (e1express [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\e1e5132.sys (Intel Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (HSFHWBS2 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys (Conexant Systems, Inc.)
DRV - (HSF_DP [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (ialm [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\igxpmp32.sys (Intel Corporation)
DRV - (iaStor [Boot | Running]) -- C:\WINDOWS\system32\drivers\iaStor.sys (Intel Corporation)
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (Lbd [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (MODEMCSA [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (mraid35x [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (nm [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\NMnt.sys (Microsoft Corporation)
DRV - (nv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (Packet [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\packet.sys (SingleClick Systems)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (ql1080 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql12160 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1280 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sisagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (Sparrow [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (symc810 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (symc8xx [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (sym_hi [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (sym_u3 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (ultra [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (winachsf [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Search
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://windiwsfsearch.com/search?q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6071119
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6071119
IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\w, = http://windiwsfsearch.com/search?q=%s

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6071119
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
IE - URLSearchHook: *BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - Reg Error: Key error. File not found
IE - URLSearchHook: *CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = microweb

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.5
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:3.3.14
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14
FF - prefs.js..extensions.enabledItems: {DB390D2E-0FB4-413F-B039-AE342D1D40BA}:1.0
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.33
FF - prefs.js..extensions.enabledItems: {3EC9C995-8072-4fc0-953E-4F30620D17F3}:2.0.0.4
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11
FF - prefs.js..network.proxy.no_proxies_on: "microweb"

FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/07/13 17:31:29 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/06/13 01:35:32 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009/07/13 17:30:59 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009/06/13 01:35:33 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 7.2\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2009/07/12 07:13:02 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 7.2\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2009/06/13 01:35:34 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Navigator 9.0.0.6\extensions\\Components: C:\Program Files\Netscape\Navigator 9\components [2009/06/13 01:35:35 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Navigator 9.0.0.6\extensions\\Plugins: C:\Program Files\Netscape\Navigator 9\plugins [2009/06/13 01:35:34 | 00,000,000 | ---D | M]

[2008/11/22 11:39:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\mozilla\Extensions
[2008/11/22 11:39:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/07/18 08:53:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\mozilla\Firefox\Profiles\7fumghcj.default\extensions
[2009/07/18 08:53:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\mozilla\Firefox\Profiles\7fumghcj.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2008/12/22 14:34:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\mozilla\Firefox\Profiles\7fumghcj.default\extensions\{3EC9C995-8072-4fc0-953E-4F30620D17F3}
[2009/07/18 08:53:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\mozilla\Firefox\Profiles\7fumghcj.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2009/07/18 08:53:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\mozilla\Firefox\Profiles\7fumghcj.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/01/01 14:49:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\mozilla\Firefox\Profiles\7fumghcj.default\extensions\{cac97cb3-f8d9-4b18-a2e4-03bebb60c1e2}(2)
[2009/07/18 08:53:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\mozilla\Firefox\Profiles\7fumghcj.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/07/18 08:33:01 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/06/13 01:24:22 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/14 08:10:52 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/04/10 09:23:44 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/06/12 20:38:54 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2008/12/19 04:49:20 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{DB390D2E-0FB4-413F-B039-AE342D1D40BA}
[2009/06/13 01:24:10 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/06/13 01:24:10 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/02/18 02:27:31 | 00,135,680 | ---- | M] (Google) -- C:\Program Files\mozilla firefox\components\GoogleDesktopMozilla.dll
[2007/04/10 18:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll
[2008/11/04 11:15:38 | 00,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2009/05/21 11:33:58 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/04/25 10:20:59 | 00,024,684 | ---- | M] (MyWebSearch.com) -- C:\Program Files\mozilla firefox\plugins\NPMyWebS.dll
[2009/06/13 01:24:15 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009/06/13 01:35:30 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/06/13 01:35:31 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/06/13 01:35:31 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/06/13 01:35:31 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/06/13 01:35:31 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/06/13 01:35:31 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/06/13 01:35:31 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2008/10/30 02:00:50 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2008/10/30 02:00:50 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/06/23 11:41:09 | 00,001,490 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg_igeared.xml
[2008/10/30 02:00:50 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2008/10/30 02:00:50 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2008/10/30 02:00:50 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/12/19 04:51:09 | 00,002,386 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seekeen.xml
[2008/10/30 02:00:50 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml

O1 HOSTS File: (266992 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 171203.com
O1 - Hosts: 127.0.0.1 17-plus.com
O1 - Hosts: 127.0.0.1 1800searchonline.com
O1 - Hosts: 127.0.0.1 www.1800searchonline.com
O1 - Hosts: 127.0.0.1 180searchassistant.com
O1 - Hosts: 9246 more lines...
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (StumbleUpon Launcher) - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll (stumbleupon.com)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll File not found
O2 - BHO: (no name) - {A81EBFD7-0FA3-41ec-B60D-6DAE78B4D31A} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (StumbleUpon Toolbar) - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll (stumbleupon.com)
O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [LXDBCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDBtime.DLL ()
O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\PROGRA~1\MYWEBS~1\bar\3.bin\m3SrchMn.exe File not found
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe (Roxio)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Scansoft, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WinBlueSoft] C:\Program Files\WinBlueSoft Software\WinBlueSoft\WinBlueSoft.exe File not found
O4 - HKCU..\Run: [DellSupport] File not found
O4 - HKCU..\Run: [GridinSoft Trojan Killer] C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe File not found
O4 - HKCU..\Run: [setup2.exe] C:\WINDOWS\System32\setup2.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Dell Network Assistant.lnk = C:\WINDOWS\Installer\{0240BDFB-2995-4A3F-8C96-18D41282B716}\Icon0240BDFB3.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskmgr = 0
O8 - Extra context menu item: &Search - File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: StumbleUpon PhotoBlog It! - File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 47 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: 46 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02A2D714-433E-46E4-B217-7C3B3FAF8EAE} http://www.worldwinner.com/games/v47/scrab...rabblecubes.cab (ScrabbleCubes Control)
O16 - DPF: {038E2507-7A48-41E2-94AD-7F23D199AF4E} http://www.worldwinner.com/games/v54/zengems/zengems.cab (ZenGems Control)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.microsoft.com/OAS/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {18C3FD15-74F6-4280-9C98-3590C966B7B8} http://www.worldwinner.com/games/v47/skillgam/skillgam.cab (SkillGam Control)
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} http://www.worldwinner.com/games/v47/share...GamesLoader.cab (FunGamesLoader Object)
O16 - DPF: {33E54F7F-561C-49E6-929B-D7E76D3AFEB1} http://www.worldwinner.com/games/v50/pool/pool.cab (Pool Control)
O16 - DPF: {42FDC231-A411-45F8-B8B6-3B5026111DA8} http://www.worldwinner.com/games/v47/solit...litairerush.cab (SolitaireRush Control)
O16 - DPF: {555F1BBC-6EC2-474F-84AF-633EF097FF54} http://www.worldwinner.com/games/v52/wwhearts/wwhearts.cab (WWHearts Control)
O16 - DPF: {58FC4C77-71C2-4972-A8CD-78691AD85158} http://www.worldwinner.com/games/v63/bjattack/bja.cab (BJA Control)
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} http://www.worldwinner.com/games/v51/bejeweled/bejeweled.cab (Bejeweled Control)
O16 - DPF: {61900274-3323-4446-BDCD-91548D32AF1B} http://www.worldwinner.com/games/v56/spide...ersolitaire.cab (SpiderSolitaire Control)
O16 - DPF: {64CD313F-F079-4D93-959F-4D28B5519449} http://www.worldwinner.com/games/v56/jeopardy/jeopardy.cab (Jeopardy Control)
O16 - DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} http://www.worldwinner.com/games/v41/freecell/freecell.cab (FreeCell Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftu...b?1206188596468 (MUWebControl Class)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinner.com/games/shared/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {94299420-321F-4FF9-A247-62A23EBB640B} http://www.worldwinner.com/games/v46/wordmojo/wordmojo.cab (WordMojo Control)
O16 - DPF: {95A311CD-EC8E-452A-BCEC-B844EB616D03} http://www.worldwinner.com/games/v51/bejew...eweledtwist.cab (BejeweledTwist Control)
O16 - DPF: {97438FE9-D361-4279-BA82-98CC0877A717} http://www.worldwinner.com/games/v57/cubis/cubis.cab (Cubis Control)
O16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} http://www.worldwinner.com/games/v57/wof/wof.cab (WoF Control)
O16 - DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} http://www.worldwinner.com/games/v67/swapit/swapit.cab (SwapIt Control)
O16 - DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} http://www.worldwinner.com/games/v41/hangman/hangman.cab (Hangman Control)
O16 - DPF: {BA35B9B8-DE9E-47C9-AFA7-3C77E3DDFD39} http://www.worldwinner.com/games/v46/monopoly/monopoly.cab (Monopoly Control)
O16 - DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} http://www.worldwinner.com/games/v52/dinerdash/dinerdash.cab (DinerDash Control)
O16 - DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} http://www.worldwinner.com/games/v43/paint/paint.cab (Paint Control)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E70E3E64-2793-4AEF-8CC8-F1606BE563B0} http://www.worldwinner.com/games/v53/wwspades/wwspades.cab (WWSpades Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.75.198 68.87.64.150
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.79,85.255.112.213
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 14:04:08 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/01/21 12:37:38 | 00,000,036 | R--- | M] () - D:\Autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()

NetSvcs: 6to4 - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Iprip - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Pagis Schedule Monitor.lnk - C:\Program Files\ScanSoft\Pagis\Monitor.exe - (ScanSoft Inc.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^SnagIt 8.lnk - C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe - (TechSmith Corporation)
MsConfig - StartUpReg: Ad-Watch - hkey= - key= - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: ArcSoft Connection Service - hkey= - key= - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
MsConfig - StartUpReg: DellSupportCenter - hkey= - key= - C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
MsConfig - StartUpReg: Google Desktop Search - hkey= - key= - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
MsConfig - StartUpReg: InstantAccess - hkey= - key= - C:\Program Files\ScanSoft\TextBridge Millennium\Bin\InstantAccess.exe (Scansoft, Inc.)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: Messenger (Yahoo!) - hkey= - key= - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe File not found
MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: nm - C:\WINDOWS\System32\DRIVERS\NMnt.sys (Microsoft Corporation)
SafeBootNet: nm.sys - C:\WINDOWS\System32\DRIVERS\NMnt.sys (Microsoft Corporation)
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: vsmon - Service
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.4
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {44BBBACC-E8BF-E22B-AE36-0515C9B9A4C0} - Adobe Shockwave Director 10.2
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4B3B989B-C45F-E409-5AAE-BE6FBD5D0CD2} - DirectAnimation
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {51773DF8-7720-4548-2E86-1DDB7F5C830A} - DirectAnimation
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - Microsoft .NET Framework 1.1 Hotfix (KB928366)
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {B6C85ECB-A8DA-FCC7-5C85-7FBD80B08097} - Vector Graphics Rendering (VML)
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -

Drivers32: msacm.iac2 - C:\WINDOWS\System32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: VIDC.ACDV - ACDV.dll File not found
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2009/12/26 18:30:09 | 00,014,019 | ---- | C] () -- C:\WINDOWS\System32\a99addware15z6.ocx
[2009/12/23 13:23:35 | 00,011,537 | ---- | C] () -- C:\WINDOWS\System32\4873t9ief2z005.exe
[2009/12/23 11:07:36 | 00,014,222 | ---- | C] () -- C:\WINDOWS\9935n9t-a-virzs454.bin
[2009/12/23 04:33:43 | 00,011,042 | ---- | C] () -- C:\WINDOWS\System32\7382ad9wa5e39z.ocx
[2009/12/22 03:48:39 | 00,003,086 | ---- | C] () -- C:\WINDOWS\78bc59azse2899.dll
[2009/12/20 02:16:59 | 00,015,547 | ---- | C] () -- C:\WINDOWS\System32\35951wor93z4.cpl
[2009/12/20 01:27:20 | 00,018,366 | ---- | C] () -- C:\WINDOWS\9619not-a-v5rus2zf.exe
[2009/12/19 23:36:42 | 00,008,670 | ---- | C] () -- C:\WINDOWS\System32\109z4hackto5l543.ocx
[2009/12/18 20:49:02 | 00,014,700 | ---- | C] () -- C:\WINDOWS\System32\6378zdd5ar92131.dll
[2009/12/18 06:16:53 | 00,014,644 | ---- | C] () -- C:\WINDOWS\System32\19287spzmbot59e5.bin
[2009/12/16 20:28:38 | 00,013,915 | ---- | C] () -- C:\WINDOWS\z9d8vir125.dll
[2009/12/15 20:37:48 | 00,006,986 | ---- | C] () -- C:\WINDOWS\3b4fspar5e977z.bin
[2009/12/13 01:49:59 | 00,011,551 | ---- | C] () -- C:\WINDOWS\System32\z0551tr9j2a0.bin
[2009/12/11 17:37:09 | 00,007,635 | ---- | C] () -- C:\WINDOWS\326935izus736.bin
[2009/12/11 10:56:35 | 00,018,014 | ---- | C] () -- C:\WINDOWS\System32\9ab4ste5lz356.dll
[2009/12/11 08:13:39 | 00,009,701 | ---- | C] () -- C:\WINDOWS\zb2bt59ef3033.cpl
[2009/12/10 04:59:49 | 00,013,862 | ---- | C] () -- C:\WINDOWS\System32\3995tzreat19818.ocx
[2009/12/09 21:48:08 | 00,008,714 | ---- | C] () -- C:\WINDOWS\System32\754z9ir11125.ocx
[2009/12/09 08:39:29 | 00,010,309 | ---- | C] () -- C:\WINDOWS\System32\c25down9oadzr1870.cpl
[2009/12/07 02:03:09 | 00,005,555 | ---- | C] () -- C:\WINDOWS\System32\zefddownloader4549.exe
[2009/12/06 19:41:34 | 00,017,083 | ---- | C] () -- C:\WINDOWS\System32\6cz5steal49.cpl
[2009/12/05 02:48:53 | 00,009,499 | ---- | C] () -- C:\WINDOWS\System32\6654a9dware31z1.dll
[2009/12/04 18:22:18 | 00,013,334 | ---- | C] () -- C:\WINDOWS\System32\534aspyware4z09.ocx
[2009/12/04 02:50:04 | 00,013,621 | ---- | C] () -- C:\WINDOWS\System32\11454wzrmf59.cpl
[2009/12/03 02:28:57 | 00,017,277 | ---- | C] () -- C:\WINDOWS\System32\18679spz254.ocx
[2009/12/02 16:09:34 | 00,010,367 | ---- | C] () -- C:\WINDOWS\5zc9t5reat27792.ocx
[2009/12/02 04:44:51 | 00,008,320 | ---- | C] () -- C:\WINDOWS\System32\5f2zvir1059.bin
[2009/11/30 23:11:27 | 00,007,142 | ---- | C] () -- C:\WINDOWS\System32\10a9threa517z5.dll
[2009/11/28 17:50:27 | 00,008,360 | ---- | C] () -- C:\WINDOWS\4d79vir590z.bin
[2009/11/26 11:13:26 | 00,015,580 | ---- | C] () -- C:\WINDOWS\System32\4827viz5s2e9.ocx
[2009/11/26 01:15:51 | 00,009,228 | ---- | C] () -- C:\WINDOWS\16595not-z-virus4df.exe
[2009/11/24 19:48:29 | 00,018,383 | ---- | C] () -- C:\WINDOWS\5dc5bzckd9or956.exe
[2009/11/24 07:57:36 | 00,010,623 | ---- | C] () -- C:\WINDOWS\System32\2e08addw9re5815z.ocx
[2009/11/21 10:17:48 | 00,010,787 | ---- | C] () -- C:\WINDOWS\390es5arse23z2.exe
[2009/11/21 04:38:43 | 00,011,449 | ---- | C] () -- C:\WINDOWS\System32\2zad5ddwar9743.ocx
[2009/11/20 02:01:39 | 00,012,632 | ---- | C] () -- C:\WINDOWS\System32\3288no5-a-vzrus70e9.bin
[2009/11/19 06:26:23 | 00,015,189 | ---- | C] () -- C:\WINDOWS\b23download9r758z.bin
[2009/11/19 02:27:54 | 00,003,647 | ---- | C] () -- C:\WINDOWS\System32\519fdown59adzr2173.bin
[2009/11/18 21:22:40 | 00,007,954 | ---- | C] () -- C:\WINDOWS\61z8b5ckdoor5879.ocx
[2009/11/18 09:11:25 | 00,005,422 | ---- | C] () -- C:\WINDOWS\System32\543bszywa9e971.cpl
[2009/11/18 03:27:10 | 00,012,987 | ---- | C] () -- C:\WINDOWS\System32\414sp96z5.bin
[2009/11/16 20:48:23 | 00,005,906 | ---- | C] () -- C:\WINDOWS\System32\6z2a9pa5se489.cpl
[2009/11/16 05:22:07 | 00,018,003 | ---- | C] () -- C:\WINDOWS\975fthreat65z5.dll
[2009/11/15 12:44:32 | 00,014,938 | ---- | C] () -- C:\WINDOWS\7190spar5ez695.exe
[2009/11/14 01:33:49 | 00,012,283 | ---- | C] () -- C:\WINDOWS\System32\225659wnloadez2156.bin
[2009/11/14 00:27:34 | 00,007,913 | ---- | C] () -- C:\WINDOWS\13594spy33az.cpl
[2009/11/13 07:05:28 | 00,013,048 | ---- | C] () -- C:\WINDOWS\z59545py5c7.bin
[2009/11/13 01:48:04 | 00,016,821 | ---- | C] () -- C:\WINDOWS\System32\64z3thief9005.bin
[2009/11/12 10:00:16 | 00,009,048 | ---- | C] () -- C:\WINDOWS\9f3sp59ze1329.dll
[2009/11/11 15:08:03 | 00,016,609 | ---- | C] () -- C:\WINDOWS\3825vzr5409.exe
[2009/11/10 17:40:25 | 00,012,360 | ---- | C] () -- C:\WINDOWS\9855spz731.ocx
[2009/11/06 15:58:24 | 00,003,205 | ---- | C] () -- C:\WINDOWS\9b4bthreat2z551.ocx
[2009/11/03 23:50:47 | 00,008,082 | ---- | C] () -- C:\WINDOWS\System32\32038zroj539.cpl
[2009/10/31 22:56:20 | 00,003,359 | ---- | C] () -- C:\WINDOWS\19035s9yz9c.cpl
[2009/10/31 22:48:58 | 00,016,816 | ---- | C] () -- C:\WINDOWS\System32\74459acktool5z5.bin
[2009/10/28 05:47:12 | 00,008,960 | ---- | C] () -- C:\WINDOWS\94e4backdoor575z.cpl
[2009/10/26 22:26:58 | 00,011,031 | ---- | C] () -- C:\WINDOWS\2658159zmbot513.cpl
[2009/10/23 18:32:15 | 00,004,444 | ---- | C] () -- C:\WINDOWS\159859ot-a-virus51z.exe
[2009/10/23 00:20:06 | 00,013,418 | ---- | C] () -- C:\WINDOWS\6938szywa5e2070.dll
[2009/10/22 20:38:50 | 00,009,958 | ---- | C] () -- C:\WINDOWS\System32\5z99add59re950.bin
[2009/10/21 09:10:08 | 00,013,880 | ---- | C] () -- C:\WINDOWS\a9stea53z05.ocx
[2009/10/17 14:01:22 | 00,009,474 | ---- | C] () -- C:\WINDOWS\System32\36099pz415.bin
[2009/10/16 12:43:12 | 00,015,500 | ---- | C] () -- C:\WINDOWS\System32\5971vzrus5715.cpl
[2009/10/14 12:38:17 | 00,002,536 | ---- | C] () -- C:\WINDOWS\19835sp5mbot5z89.exe
[2009/10/12 08:48:35 | 00,017,302 | ---- | C] () -- C:\WINDOWS\System32\6b5bz9y5are2166.cpl
[2009/10/10 19:34:41 | 00,014,686 | ---- | C] () -- C:\WINDOWS\System32\39329ir2z455.dll
[2009/10/10 08:55:22 | 00,007,755 | ---- | C] () -- C:\WINDOWS\19522vz5us4a7.ocx
[2009/10/10 06:21:32 | 00,013,522 | ---- | C] () -- C:\WINDOWS\12c2v9r1z52.dll
[2009/10/10 06:16:50 | 00,016,172 | ---- | C] () -- C:\WINDOWS\24580trojz599.bin
[2009/10/10 02:13:38 | 00,015,918 | ---- | C] () -- C:\WINDOWS\29538szambot14f.ocx
[2009/10/08 10:04:35 | 00,008,487 | ---- | C] () -- C:\WINDOWS\System32\5927zh5ef845.ocx
[2009/10/07 23:37:22 | 00,003,382 | ---- | C] () -- C:\WINDOWS\System32\3452zpy950.ocx
[2009/10/06 14:38:28 | 00,005,384 | ---- | C] () -- C:\WINDOWS\z5c9a9dware453.ocx
[2009/10/06 03:56:16 | 00,011,932 | ---- | C] () -- C:\WINDOWS\System32\11398spambzt385.exe
[2009/10/04 01:31:46 | 00,003,565 | ---- | C] () -- C:\WINDOWS\System32\5656t9ief21z6.exe
[2009/10/03 18:45:13 | 00,012,868 | ---- | C] () -- C:\WINDOWS\73addownzoader1595.exe
[2009/10/02 23:46:25 | 00,013,221 | ---- | C] () -- C:\WINDOWS\System32\73z9thi5f1914.exe
[2009/09/27 03:00:11 | 00,013,604 | ---- | C] () -- C:\WINDOWS\558zadd9are2982.bin
[2009/09/26 15:48:58 | 00,003,588 | ---- | C] () -- C:\WINDOWS\2005dow9lzader568.bin
[2009/09/26 05:49:17 | 00,002,866 | ---- | C] () -- C:\WINDOWS\System32\76z2downloa5er2906.ocx
[2009/09/24 01:50:47 | 00,003,553 | ---- | C] () -- C:\WINDOWS\System32\59a6t9i5f16z9.ocx
[2009/09/23 08:02:25 | 00,015,885 | ---- | C] () -- C:\WINDOWS\System32\z340t5ief8119.exe
[2009/09/21 23:32:00 | 00,008,821 | ---- | C] () -- C:\WINDOWS\System32\16556w9rmzd4.cpl
[2009/09/19 20:53:16 | 00,005,836 | ---- | C] () -- C:\WINDOWS\System32\30695spyza55.ocx
[2009/09/17 05:07:15 | 00,015,509 | ---- | C] () -- C:\WINDOWS\System32\201b5zeal9489.cpl
[2009/09/13 22:25:49 | 00,011,748 | ---- | C] () -- C:\WINDOWS\z0509ir1960.ocx
[2009/09/13 10:03:01 | 00,005,000 | ---- | C] () -- C:\WINDOWS\5015wor591cz.dll
[2009/09/13 07:07:43 | 00,015,628 | ---- | C] () -- C:\WINDOWS\1783d9wnloader5z3.ocx
[2009/09/13 03:52:49 | 00,015,779 | ---- | C] () -- C:\WINDOWS\e97zhrea92251.dll
[2009/09/12 11:22:09 | 00,008,690 | ---- | C] () -- C:\WINDOWS\System32\619zsparse2095.bin
[2009/09/09 06:05:42 | 00,003,091 | ---- | C] () -- C:\WINDOWS\2z568worm69f.exe
[2009/09/09 01:20:42 | 00,011,240 | ---- | C] () -- C:\WINDOWS\System32\34a0tzre5t151379.ocx
[2009/09/08 17:07:53 | 00,012,440 | ---- | C] () -- C:\WINDOWS\System32\17824nzt-a-vi9us752.dll
[2009/09/07 20:29:05 | 00,013,253 | ---- | C] () -- C:\WINDOWS\9159tzoj955.bin
[2009/09/07 08:06:51 | 00,015,997 | ---- | C] () -- C:\WINDOWS\528z19orm7f4.dll
[2009/09/05 15:51:44 | 00,011,583 | ---- | C] () -- C:\WINDOWS\System32\260z2viru9450.dll
[2009/09/01 08:30:52 | 00,018,206 | ---- | C] () -- C:\WINDOWS\ze5dbackdoor2974.cpl
[2009/08/27 20:48:25 | 00,003,088 | ---- | C] () -- C:\WINDOWS\System32\97d7spzw5re1529.cpl
[2009/08/27 18:38:50 | 00,015,893 | ---- | C] () -- C:\WINDOWS\826z9ot-a-5irus37d.dll
[2009/08/27 18:33:09 | 00,015,933 | ---- | C] () -- C:\WINDOWS\System32\2z294spa5bot6df.exe
[2009/08/26 11:17:17 | 00,004,861 | ---- | C] () -- C:\WINDOWS\9ac8spars51z33.dll
[2009/08/25 16:35:59 | 00,010,525 | ---- | C] () -- C:\WINDOWS\453bbackzoor559.bin
[2009/08/24 21:59:56 | 00,005,772 | ---- | C] () -- C:\WINDOWS\9889zpy2935.ocx
[2009/08/24 16:58:52 | 00,012,531 | ---- | C] () -- C:\WINDOWS\5zdcspa59e1409.cpl
[2009/08/24 10:59:21 | 00,005,259 | ---- | C] () -- C:\WINDOWS\z0589py788.ocx
[2009/08/23 04:41:50 | 00,012,206 | ---- | C] () -- C:\WINDOWS\System32\1957sparse3979z.dll
[2009/08/23 00:27:52 | 00,016,529 | ---- | C] () -- C:\WINDOWS\9851t5iez3245.exe
[2009/08/22 21:45:41 | 00,003,032 | ---- | C] () -- C:\WINDOWS\System32\3b49spzrse351.bin
[2009/08/21 18:23:19 | 00,016,200 | ---- | C] () -- C:\WINDOWS\1303759rz556.dll
[2009/08/20 16:13:02 | 00,008,487 | ---- | C] () -- C:\WINDOWS\System32\zef45hief2969.cpl
[2009/08/20 12:07:36 | 00,015,595 | ---- | C] () -- C:\WINDOWS\System32\16z27spam9ot532.dll
[2009/08/20 07:19:10 | 00,006,254 | ---- | C] () -- C:\WINDOWS\352tzre9t5159.exe
[2009/08/19 19:32:16 | 00,008,884 | ---- | C] () -- C:\WINDOWS\System32\6z16ste5l395.ocx
[2009/08/19 03:35:15 | 00,010,730 | ---- | C] () -- C:\WINDOWS\System32\46d4baczdoo95851.exe
[2009/08/18 08:38:32 | 00,003,715 | ---- | C] () -- C:\WINDOWS\17z5backdoor590.cpl
[2009/08/18 04:31:22 | 00,003,117 | ---- | C] () -- C:\WINDOWS\System32\59cesteal146z.bin
[2009/08/17 07:45:16 | 00,002,684 | ---- | C] () -- C:\WINDOWS\2d40szar5e1894.ocx
[2009/08/17 06:35:58 | 00,010,010 | ---- | C] () -- C:\WINDOWS\191cspa5ze789.bin
[2009/08/16 04:13:51 | 00,018,301 | ---- | C] () -- C:\WINDOWS\6893tro555z.exe
[2009/08/15 16:33:23 | 00,003,490 | ---- | C] () -- C:\WINDOWS\System32\2ffethreat95z25.cpl
[2009/08/15 12:41:24 | 00,009,163 | ---- | C] () -- C:\WINDOWS\System32\7bf59hrz5t11180.cpl
[2009/08/14 08:04:45 | 00,007,452 | ---- | C] () -- C:\WINDOWS\System32\79ccthie53101z.exe
[2009/08/14 02:38:56 | 00,012,111 | ---- | C] () -- C:\WINDOWS\System32\50f5back9oor2z6.ocx
[2009/08/13 14:06:13 | 00,007,794 | ---- | C] () -- C:\WINDOWS\System32\515st9alz864.exe
[2009/08/12 08:06:02 | 00,017,972 | ---- | C] () -- C:\WINDOWS\304cthrezt239685.cpl
[2009/08/11 04:49:24 | 00,009,704 | ---- | C] () -- C:\WINDOWS\System32\3399w9rz53.dll
[2009/08/09 04:53:11 | 00,007,159 | ---- | C] () -- C:\WINDOWS\System32\12287spa9boz65b.bin
[2009/08/08 15:34:07 | 00,013,244 | ---- | C] () -- C:\WINDOWS\System32\54f7th9eat15785z.exe
[2009/08/08 02:43:43 | 00,009,322 | ---- | C] () -- C:\WINDOWS\2762459z-a-virus26c.dll
[2009/08/07 23:49:52 | 00,003,195 | ---- | C] () -- C:\WINDOWS\System32\z23649or565.cpl
[2009/08/06 10:54:12 | 00,006,737 | ---- | C] () -- C:\WINDOWS\System32\7394ste5lz697.exe
[2009/08/05 19:12:52 | 00,008,853 | ---- | C] () -- C:\WINDOWS\zb45th9ef553.bin
[2009/08/04 01:51:12 | 00,011,751 | ---- | C] () -- C:\WINDOWS\System32\5061azdwa9e264.cpl
[2009/08/03 18:22:41 | 00,012,018 | ---- | C] () -- C:\WINDOWS\System32\18acthrea5z10569.dll
[2009/08/02 01:52:02 | 00,013,329 | ---- | C] () -- C:\WINDOWS\System32\6a5fz9yware155.dll
[2009/07/27 13:32:20 | 00,016,270 | ---- | C] () -- C:\WINDOWS\System32\3d5a5hiez659.exe
[2009/07/26 09:39:41 | 00,003,166 | ---- | C] () -- C:\WINDOWS\System32\19855not-a-virus6z5.dll
[2009/07/23 23:36:54 | 00,003,720 | ---- | C] () -- C:\WINDOWS\System32\3095z9pambot40f.dll
[2009/07/23 13:36:13 | 00,010,546 | ---- | C] () -- C:\WINDOWS\System32\7099baczd59r763.ocx
[2009/07/22 05:00:45 | 00,005,694 | ---- | C] () -- C:\WINDOWS\227dt5rea9z305.bin
[2009/07/21 21:53:51 | 00,002,780 | ---- | C] () -- C:\WINDOWS\System32\559baddware1z32.cpl
[2009/07/20 15:28:24 | 00,002,788 | ---- | C] () -- C:\WINDOWS\2025s5eal9025z.cpl
[2009/07/18 13:03:43 | 00,003,409 | ---- | C] () -- C:\WINDOWS\System32\4745ha95tozl34.bin
[2009/07/18 09:10:31 | 00,513,024 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Keith\Desktop\OTL(2).exe
[2009/07/18 09:10:22 | 00,513,024 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Keith\Desktop\OTL.exe
[2009/07/18 09:04:50 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/07/18 09:04:06 | 00,173,119 | ---- | C] (Eric_71) -- C:\Documents and Settings\Keith\Desktop\Rooter.exe
[2009/07/18 08:58:08 | 00,265,216 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Keith\Desktop\TFC.exe
[2009/07/18 08:56:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/07/18 08:56:20 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\Keith\Desktop\NTREGOPT.lnk
[2009/07/18 08:56:20 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Keith\Desktop\ERUNT.lnk
[2009/07/18 08:56:19 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/07/18 08:54:46 | 00,794,112 | ---- | C] () -- C:\Documents and Settings\Keith\Desktop\The_Comedian.exe
[2009/07/18 08:42:15 | 00,000,000 | ---D | C] -- C:\_OTM
[2009/07/18 08:40:47 | 00,407,552 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Keith\Desktop\OTM.exe
[2009/07/18 08:30:23 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Keith\Desktop\HijackThis.lnk
[2009/07/18 08:30:03 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Keith\Desktop\HJTInstall.exe
[2009/07/18 08:29:10 | 03,775,176 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Keith\Desktop\mbam-setup.exe
[2009/07/17 07:39:18 | 00,016,940 | ---- | C] () -- C:\WINDOWS\System32\103679pambo56z8.cpl
[2009/07/15 16:03:28 | 00,000,680 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FOX News Live.lnk
[2009/07/15 16:03:28 | 00,000,000 | ---D | C] -- C:\Program Files\FOX News Live
[2009/07/14 21:01:21 | 00,008,430 | ---- | C] () -- C:\WINDOWS\System32\5315th9efz192.ocx
[2009/07/13 22:23:57 | 00,014,474 | ---- | C] () -- C:\WINDOWS\System32\6f78st95z1010.cpl
[2009/07/13 17:44:11 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009/07/13 17:44:11 | 00,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2009/07/13 17:44:10 | 00,051,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009/07/13 17:44:10 | 00,026,944 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009/07/13 17:44:09 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009/07/13 17:44:09 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009/07/13 17:44:09 | 00,094,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009/07/13 17:44:09 | 00,093,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009/07/13 17:44:09 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009/07/13 17:43:50 | 01,256,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009/07/13 17:43:50 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2009/07/13 17:43:48 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/07/13 17:17:58 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/07/13 17:17:55 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/07/13 17:17:54 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/07/13 17:17:54 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/07/13 17:17:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/07/13 02:06:09 | 00,001,641 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Finish Downloading Spyware Doctor with AntiVirus.lnk
[2009/07/13 01:42:13 | 00,000,000 | ---D | C] -- C:\Rbackup
[2009/07/13 01:41:29 | 00,000,042 | ---- | C] () -- C:\WINDOWS\System32\AK083E209605E394C.lie
[2009/07/13 01:41:22 | 00,000,000 | ---D | C] -- C:\Program Files\Perfect Uninstaller
[2009/07/12 20:06:25 | 00,000,850 | ---- | C] () -- C:\WINDOWS\System32\ProductTweaks.xml
[2009/07/12 20:06:23 | 00,000,385 | ---- | C] () -- C:\WINDOWS\System32\user_gensett.xml
[2009/07/12 20:03:47 | 00,003,120 | ---- | C] () -- C:\WINDOWS\System32\DRWSJLAD.ocx
[2009/07/12 20:03:47 | 00,003,120 | ---- | C] () -- C:\WINDOWS\LJRGKDD9.ocx
[2009/07/12 20:03:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\logs
[2009/07/12 20:01:01 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender
[2009/07/12 19:52:51 | 00,007,896 | ---- | C] () -- C:\WINDOWS\System32\z5esparse697.ocx
[2009/07/12 17:27:06 | 17,306,928 | ---- | C] (PC Tools ) -- C:\Documents and Settings\Keith\Desktop\spdoc.exe
[2009/07/12 16:33:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Keith\Application Data\eAcceleration
[2009/07/12 10:17:04 | 00,000,000 | ---D | C] -- C:\Program Files\GridinSoft Trojan Killer
[2009/07/12 09:58:26 | 24,449,920 | ---- | C] (PC Tools ) -- C:\Documents and Settings\Keith\Desktop\sdsetup.exe
[2009/07/12 07:29:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Keith\Application Data\PC Tools
[2009/07/12 07:03:28 | 00,015,688 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/07/12 06:49:59 | 00,064,160 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/07/12 06:49:40 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
[2009/07/12 06:49:38 | 00,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/07/11 23:14:05 | 00,017,185 | ---- | C] () -- C:\WINDOWS\29875zor52bd.dll
[2009/07/10 22:54:50 | 00,012,236 | ---- | C] () -- C:\WINDOWS\System32\5cd9sparse256z.dll
[2009/07/09 21:56:42 | 00,011,701 | ---- | C] () -- C:\WINDOWS\3d93downloadez455.cpl
[2009/07/09 20:08:43 | 00,008,227 | ---- | C] () -- C:\WINDOWS\System32\1f6espa9sez7295.exe
[2009/07/07 18:38:24 | 00,017,232 | ---- | C] () -- C:\WINDOWS\5d97add5are282z.ocx
[2009/07/07 06:22:56 | 00,015,329 | ---- | C] () -- C:\WINDOWS\76a9t5reat2190z.ocx
[2009/07/06 22:02:57 | 00,014,370 | ---- | C] () -- C:\WINDOWS\ze87spar9e5771.bin
[2009/07/05 19:48:22 | 00,006,544 | ---- | C] () -- C:\WINDOWS\System32\z1625worm599.ocx
[2009/07/05 13:10:48 | 00,007,493 | ---- | C] () -- C:\WINDOWS\System32\17965virusza1.ocx
[2009/07/04 15:27:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FunGames
[2009/07/01 17:37:11 | 00,010,811 | ---- | C] () -- C:\WINDOWS\35cespazse14955.exe
[2009/06/29 15:42:55 | 00,000,000 | ---D | C] -- C:\Program Files\Avery Dennison
[2009/06/27 05:15:04 | 00,005,329 | ---- | C] () -- C:\WINDOWS\System32\19006hacktool5adz.bin
[2009/06/27 01:40:54 | 00,012,857 | ---- | C] () -- C:\WINDOWS\System32\ze0dsp9rse5975.ocx
[2009/06/26 08:51:40 | 00,006,900 | ---- | C] () -- C:\WINDOWS\System32\2z91vir1651.dll
[2009/06/23 13:31:12 | 16,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\Keith\Desktop\spybotsd162.exe
[2009/06/23 13:19:13 | 00,000,000 | ---D | C] -- C:\AVGTemp
[2009/06/23 13:18:50 | 00,762,952 | ---- | C] () -- C:\Documents and Settings\Keith\Desktop\avgremover_en.exe
[2009/06/23 12:20:57 | 00,017,669 | ---- | C] () -- C:\WINDOWS\System32\6cdcsz9a53098.dll
[2009/06/23 12:20:57 | 00,013,306 | ---- | C] () -- C:\WINDOWS\z372wo9m51f5.bin
[2009/06/23 12:20:57 | 00,011,693 | ---- | C] () -- C:\WINDOWS\22z14not-a-9irus1dc5.bin
[2009/06/23 12:20:57 | 00,008,408 | ---- | C] () -- C:\WINDOWS\System32\69dzthreat57188.bin
[2009/06/23 12:20:56 | 00,018,400 | ---- | C] () -- C:\WINDOWS\System32\23876w9r571z.dll
[2009/06/23 12:20:56 | 00,018,323 | ---- | C] () -- C:\WINDOWS\System32\f05dowzloader29735.exe
[2009/06/23 12:20:56 | 00,018,260 | ---- | C] () -- C:\WINDOWS\System32\5d59thrza94556.exe
[2009/06/23 12:20:56 | 00,018,158 | ---- | C] () -- C:\WINDOWS\5565spamz9t574.exe
[2009/06/23 12:20:56 | 00,018,073 | ---- | C] () -- C:\WINDOWS\110295orz6f9.exe
[2009/06/23 12:20:56 | 00,018,072 | ---- | C] () -- C:\WINDOWS\System32\4115backdo9r21z4.bin
[2009/06/23 12:20:56 | 00,017,912 | ---- | C] () -- C:\WINDOWS\System32\z18975py95d.dll
[2009/06/23 12:20:56 | 00,017,659 | ---- | C] () -- C:\WINDOWS\51408spz7879.ocx
[2009/06/23 12:20:56 | 00,017,469 | ---- | C] () -- C:\WINDOWS\5883hzcktool299.ocx
[2009/06/23 12:20:56 | 00,017,450 | ---- | C] () -- C:\WINDOWS\55a3spazs9463.ocx
[2009/06/23 12:20:56 | 00,017,343 | ---- | C] () -- C:\WINDOWS\System32\2d5z9ir2528.cpl
[2009/06/23 12:20:56 | 00,017,318 | ---- | C] () -- C:\WINDOWS\System32\ba5thiez21419.dll
[2009/06/23 12:20:56 | 00,017,122 | ---- | C] () -- C:\WINDOWS\3554baczdoo92453.dll
[2009/06/23 12:20:56 | 00,017,095 | ---- | C] () -- C:\WINDOWS\System32\78astea548z9.dll
[2009/06/23 12:20:56 | 00,016,994 | ---- | C] () -- C:\WINDOWS\7a8z5ea9953.exe
[2009/06/23 12:20:56 | 00,016,980 | ---- | C] () -- C:\WINDOWS\31760sp95zf.bin
[2009/06/23 12:20:56 | 00,016,513 | ---- | C] () -- C:\WINDOWS\37z2threa593646.ocx
[2009/06/23 12:20:56 | 00,016,511 | ---- | C] () -- C:\WINDOWS\26461not-9-vir5s541z.bin
[2009/06/23 12:20:56 | 00,016,402 | ---- | C] () -- C:\WINDOWS\System32\59c2down9oadzr1794.dll
[2009/06/23 12:20:56 | 00,015,872 | ---- | C] () -- C:\WINDOWS\System32\7665tzr9at31828.dll
[2009/06/23 12:20:56 | 00,015,734 | ---- | C] () -- C:\WINDOWS\System32\179astea52z96.dll
[2009/06/23 12:20:56 | 00,015,711 | ---- | C] () -- C:\WINDOWS\System32\4z4b95yware2101.bin
[2009/06/23 12:20:56 | 00,015,512 | ---- | C] () -- C:\WINDOWS\59d5vir940z.dll
[2009/06/23 12:20:56 | 00,015,444 | ---- | C] () -- C:\WINDOWS\681a9zwnloader2455.exe
[2009/06/23 12:20:56 | 00,015,172 | ---- | C] () -- C:\WINDOWS\System32\1485zhac5tool4949.dll
[2009/06/23 12:20:56 | 00,015,045 | ---- | C] () -- C:\WINDOWS\System32\273zaddwar9375.cpl
[2009/06/23 12:20:56 | 00,014,996 | ---- | C] () -- C:\WINDOWS\25799not-a-z9rus255.cpl
[2009/06/23 12:20:56 | 00,014,647 | ---- | C] () -- C:\WINDOWS\System32\4927hackto5l9f5z.cpl
[2009/06/23 12:20:56 | 00,014,468 | ---- | C] () -- C:\WINDOWS\System32\26ed95r7z7.dll
[2009/06/23 12:20:56 | 00,014,285 | ---- | C] () -- C:\WINDOWS\System32\255atzreat90876.exe
[2009/06/23 12:20:56 | 00,013,917 | ---- | C] () -- C:\WINDOWS\48dc5hreatz936.bin
[2009/06/23 12:20:56 | 00,013,798 | ---- | C] () -- C:\WINDOWS\21992vizus65a5.ocx
[2009/06/23 12:20:56 | 00,013,781 | ---- | C] () -- C:\WINDOWS\System32\15e5download9z1079.ocx
[2009/06/23 12:20:56 | 00,013,380 | ---- | C] () -- C:\WINDOWS\System32\699dzackd5or318.bin
[2009/06/23 12:20:56 | 00,013,252 | ---- | C] () -- C:\WINDOWS\System32\3195v5r306z.ocx
[2009/06/23 12:20:56 | 00,013,251 | ---- | C] () -- C:\WINDOWS\System32\20b69pyw5re1639z.exe
[2009/06/23 12:20:56 | 00,013,164 | ---- | C] () -- C:\WINDOWS\System32\24bc9zeal18795.exe
[2009/06/23 12:20:56 | 00,012,927 | ---- | C] () -- C:\WINDOWS\2119s9ywa5e1z3.cpl
[2009/06/23 12:20:56 | 00,012,818 | ---- | C] () -- C:\WINDOWS\System32\506bback5ooz13879.ocx
[2009/06/23 12:20:56 | 00,012,324 | ---- | C] () -- C:\WINDOWS\7385not-azv9rus578.dll
[2009/06/23 12:20:56 | 00,012,291 | ---- | C] () -- C:\WINDOWS\System32\594fspywarz2485.bin
[2009/06/23 12:20:56 | 00,012,157 | ---- | C] () -- C:\WINDOWS\System32\23119spam5ot49cz.exe
[2009/06/23 12:20:56 | 00,012,145 | ---- | C] () -- C:\WINDOWS\74d0b5ckdozr979.cpl
[2009/06/23 12:20:56 | 00,012,092 | ---- | C] () -- C:\WINDOWS\System32\z899spyware31245.cpl
[2009/06/23 12:20:56 | 00,011,949 | ---- | C] () -- C:\WINDOWS\1d92viz1854.exe
[2009/06/23 12:20:56 | 00,011,914 | ---- | C] () -- C:\WINDOWS\System32\79zbspywar5388.dll
[2009/06/23 12:20:56 | 00,011,849 | ---- | C] () -- C:\WINDOWS\3768a5dware2959z.bin
[2009/06/23 12:20:56 | 00,011,802 | ---- | C] () -- C:\WINDOWS\128z5p92d2.ocx
[2009/06/23 12:20:56 | 00,011,611 | ---- | C] () -- C:\WINDOWS\95967spy569z.dll
[2009/06/23 12:20:56 | 00,011,555 | ---- | C] () -- C:\WINDOWS\89z25roj5a39.bin
[2009/06/23 12:20:56 | 00,011,528 | ---- | C] () -- C:\WINDOWS\6893sparsz551.exe
[2009/06/23 12:20:56 | 00,011,069 | ---- | C] () -- C:\WINDOWS\System32\2c3fzpywa592224.cpl
[2009/06/23 12:20:56 | 00,011,022 | ---- | C] () -- C:\WINDOWS\System32\z8788not-a-v5rus2ea9.cpl
[2009/06/23 12:20:56 | 00,010,659 | ---- | C] () -- C:\WINDOWS\28193zpy5f6.cpl
[2009/06/23 12:20:56 | 00,010,511 | ---- | C] () -- C:\WINDOWS\System32\16015z9rus1d05.ocx
[2009/06/23 12:20:56 | 00,010,408 | ---- | C] () -- C:\WINDOWS\5505not9z-vi5us2ac.exe
[2009/06/23 12:20:56 | 00,010,230 | ---- | C] () -- C:\WINDOWS\5595a5dw9re4z5.ocx
[2009/06/23 12:20:56 | 00,009,883 | ---- | C] () -- C:\WINDOWS\System32\6975sz9rse2609.dll
[2009/06/23 12:20:56 | 00,008,781 | ---- | C] () -- C:\WINDOWS\System32\97572tz5j1d.dll
[2009/06/23 12:20:56 | 00,008,605 | ---- | C] () -- C:\WINDOWS\System32\205at9reat5z859.ocx
[2009/06/23 12:20:56 | 00,008,528 | ---- | C] () -- C:\WINDOWS\System32\3z53thi9f615.ocx
[2009/06/23 12:20:56 | 00,008,521 | ---- | C] () -- C:\WINDOWS\System32\165z0vir5s7d9.exe
[2009/06/23 12:20:56 | 00,008,435 | ---- | C] () -- C:\WINDOWS\z04595reat23998.cpl
[2009/06/23 12:20:56 | 00,008,424 | ---- | C] () -- C:\WINDOWS\System32\39495hrea923254z.dll
[2009/06/23 12:20:56 | 00,008,344 | ---- | C] () -- C:\WINDOWS\System32\17936w9rm15bz.bin
[2009/06/23 12:20:56 | 00,008,328 | ---- | C] () -- C:\WINDOWS\System32\619cthiez1507.cpl
[2009/06/23 12:20:56 | 00,008,112 | ---- | C] () -- C:\WINDOWS\System32\6525s9zware2204.ocx
[2009/06/23 12:20:56 | 00,008,094 | ---- | C] () -- C:\WINDOWS\43159ot-5-zirusa3.ocx
[2009/06/23 12:20:56 | 00,008,039 | ---- | C] () -- C:\WINDOWS\System32\55a1stzal95275.ocx
[2009/06/23 12:20:56 | 00,007,929 | ---- | C] () -- C:\WINDOWS\System32\4z539hreat7873.bin
[2009/06/23 12:20:56 | 00,007,659 | ---- | C] () -- C:\WINDOWS\System32\52e7a95ware63z.bin
[2009/06/23 12:20:56 | 00,007,546 | ---- | C] () -- C:\WINDOWS\28z939i5us2a.bin
[2009/06/23 12:20:56 | 00,007,144 | ---- | C] () -- C:\WINDOWS\System32\6080not-a9zirus551.bin
[2009/06/23 12:20:56 | 00,007,079 | ---- | C] () -- C:\WINDOWS\35z1sparse596.exe
[2009/06/23 12:20:56 | 00,006,839 | ---- | C] () -- C:\WINDOWS\309345acktz9lad.ocx
[2009/06/23 12:20:56 | 00,006,763 | ---- | C] () -- C:\WINDOWS\25259hief5972z.bin
[2009/06/23 12:20:56 | 00,006,457 | ---- | C] () -- C:\WINDOWS\System32\21f5st95z2065.exe
[2009/06/23 12:20:56 | 00,006,103 | ---- | C] () -- C:\WINDOWS\System32\5c09thre593659z.exe
[2009/06/23 12:20:56 | 00,005,989 | ---- | C] () -- C:\WINDOWS\3ze9vir4135.bin
[2009/06/23 12:20:56 | 00,005,926 | ---- | C] () -- C:\WINDOWS\115thzef9799.ocx
[2009/06/23 12:20:56 | 00,005,467 | ---- | C] () -- C:\WINDOWS\5z25spy9a5e2949.dll
[2009/06/23 12:20:56 | 00,005,444 | ---- | C] () -- C:\WINDOWS\55469w9rz5ab.bin
[2009/06/23 12:20:56 | 00,005,429 | ---- | C] () -- C:\WINDOWS\System32\9b9zthreat2583.cpl
[2009/06/23 12:20:56 | 00,005,383 | ---- | C] () -- C:\WINDOWS\System32\2c52baczdoor18209.bin
[2009/06/23 12:20:56 | 00,005,370 | ---- | C] () -- C:\WINDOWS\System32\z9972spambot195.cpl
[2009/06/23 12:20:56 | 00,005,272 | ---- | C] () -- C:\WINDOWS\System32\99470spy75ez.cpl
[2009/06/23 12:20:56 | 00,005,226 | ---- | C] () -- C:\WINDOWS\System32\24959hzck9ool614.cpl
[2009/06/23 12:20:56 | 00,004,890 | ---- | C] () -- C:\WINDOWS\96427hacktzol158.exe
[2009/06/23 12:20:56 | 00,004,797 | ---- | C] () -- C:\WINDOWS\8171sp9mbo56z5.ocx
[2009/06/23 12:20:56 | 00,004,608 | ---- | C] () -- C:\WINDOWS\System32\4a6bbackdozr10659.cpl
[2009/06/23 12:20:56 | 00,004,077 | ---- | C] () -- C:\WINDOWS\System32\29828sp5zbotea.dll
[2009/06/23 12:20:56 | 00,003,765 | ---- | C] () -- C:\WINDOWS\2b9c5ddware906z.cpl
[2009/06/23 12:20:56 | 00,003,480 | ---- | C] () -- C:\WINDOWS\System32\5001s9y5fz.ocx
[2009/06/23 12:20:56 | 00,003,352 | ---- | C] () -- C:\WINDOWS\z8856troj749.exe
[2009/06/23 12:20:56 | 00,003,270 | ---- | C] () -- C:\WINDOWS\149395pz749.ocx
[2009/06/23 12:20:56 | 00,003,261 | ---- | C] () -- C:\WINDOWS\System32\47069iru55b0z.ocx
[2009/06/23 12:20:56 | 00,003,254 | ---- | C] () -- C:\WINDOWS\System32\6fa7add59ze1355.cpl
[2009/06/23 12:20:56 | 00,003,148 | ---- | C] () -- C:\WINDOWS\System32\5z7vi9us459.dll
[2009/06/23 12:20:56 | 00,003,131 | ---- | C] () -- C:\WINDOWS\System32\3a779pyware525z.cpl
[2009/06/23 12:20:56 | 00,003,052 | ---- | C] () -- C:\WINDOWS\9z299ot-a-virus5fd.ocx
[2009/06/23 12:20:56 | 00,002,928 | ---- | C] () -- C:\WINDOWS\29348trojz625.ocx
[2009/06/23 12:20:56 | 00,002,774 | ---- | C] () -- C:\WINDOWS\System32\995ownloaz9r86.ocx
[2009/06/23 12:20:56 | 00,002,753 | ---- | C] () -- C:\WINDOWS\5260spars96z5.ocx
[2009/06/23 12:20:56 | 00,002,532 | ---- | C] () -- C:\WINDOWS\6ecaaddw5rz2349.bin
[2009/06/23 12:20:56 | 00,002,523 | ---- | C] () -- C:\WINDOWS\System32\1795spywzre1649.cpl
[2009/06/23 12:20:55 | 00,018,229 | ---- | C] () -- C:\WINDOWS\3550add95re45z.ocx
[2009/06/23 12:20:55 | 00,017,084 | ---- | C] () -- C:\WINDOWS\195sparse9z4.dll
[2009/06/23 12:20:55 | 00,006,729 | ---- | C] () -- C:\WINDOWS\System32\30896troz905.dll
[2009/06/23 12:20:55 | 00,005,471 | ---- | C] () -- C:\WINDOWS\System32\4b1zst59l2495.ocx
[2009/06/23 12:20:55 | 00,004,985 | ---- | C] () -- C:\WINDOWS\3d209aczdo5r716.cpl
[2009/06/23 12:20:55 | 00,002,895 | ---- | C] () -- C:\WINDOWS\System32\23bthr9at1439z5.dll
[2009/06/23 12:19:49 | 00,087,370 | ---- | C] () -- C:\Documents and Settings\Keith\Desktop\setup.exe
[2009/06/23 11:41:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Keith\Local Settings\Application Data\AVG Security Toolbar
[2009/06/23 11:28:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2009/06/23 11:05:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2009/06/23 10:40:45 | 00,113,040 | ---- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\Keith\Desktop\GoToAssistStarter.exe
[2009/06/23 09:57:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Keith\Local Settings\Application Data\Citrix
[2009/06/23 09:31:09 | 00,037,102 | ---- | C] () -- C:\Documents and Settings\Keith\Desktop\Say_Chease.jpg
[2009/06/23 06:52:15 | 00,008,590 | ---- | C] () -- C:\WINDOWS\System32\11655sza9bot66a.dll
[2009/06/22 17:36:00 | 00,001,652 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PhotoStudio 6.lnk
[2009/06/22 17:17:12 | 00,018,688 | ---- | C] (Arcsoft, Inc.) -- C:\WINDOWS\System32\drivers\afc.sys
[2009/06/22 17:17:06 | 00,072,448 | ---- | C] (ArcSoft Inc.) -- C:\WINDOWS\System32\PhotoImpression Slideshow.scr
[2009/06/22 17:16:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PhotoImpression Slideshow
[2009/06/22 16:48:05 | 00,012,186 | ---- | C] () -- C:\WINDOWS\System32\1d8cthief29z5.bin
[2009/06/22 16:27:27 | 00,002,516 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2009/06/22 16:27:27 | 00,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\8FC8D2060D.sys
[2009/06/21 20:44:55 | 00,000,865 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AutoImager.lnk
[2009/06/21 20:44:55 | 00,000,000 | ---D | C] -- C:\Program Files\Mystik Media
[2009/06/21 20:44:01 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{E33597A3-E995-4DA4-A3A0-F1775979A8E0}
[2009/06/21 20:17:50 | 00,077,108 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/06/21 20:15:15 | 00,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe
[2009/06/21 20:15:14 | 00,000,759 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Picasa 3.lnk
[2009/06/21 20:14:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IOSUBSYS
[2009/06/21 19:57:37 | 00,000,812 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Paint.NET.lnk
[2009/06/21 19:57:19 | 00,000,000 | ---D | C] -- C:\Program Files\Paint.NET
[2009/06/21 19:45:58 | 00,015,748 | ---- | C] () -- C:\WINDOWS\7778add59rz2562.exe
[2009/06/21 14:36:06 | 00,015,970 | ---- | C] () -- C:\WINDOWS\System32\23556zpamb9t5ad.cpl
[2009/06/21 11:11:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Keith\Local Settings\Application Data\WorldWinner.com
[2009/06/21 09:51:47 | 00,054,982 | ---- | C] () -- C:\Documents and Settings\Keith\Desktop\12713990.jpg
[2009/06/19 13:12:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009/06/09 07:56:06 | 00,018,418 | ---- | C] () -- C:\WINDOWS\System32\4b68virz95.dll
[2009/06/02 21:19:46 | 00,010,997 | ---- | C] () -- C:\WINDOWS\12e9vi523z8.dll
[2009/06/02 11:00:30 | 00,012,384 | ---- | C] () -- C:\WINDOWS\59f8vzr2695.dll
[2009/05/24 22:58:55 | 00,007,728 | ---- | C] () -- C:\WINDOWS\System32\54907not-a-virzs609.dll
[2009/05/24 12:45:43 | 00,005,953 | ---- | C] () -- C:\WINDOWS\3909st5alz427.dll
[2009/05/15 23:09:22 | 00,017,018 | ---- | C] () -- C:\WINDOWS\System32\35920spambz966f.dll
[2009/05/14 16:44:55 | 00,016,482 | ---- | C] () -- C:\WINDOWS\915down5oader282z.dll
[2009/05/14 01:20:16 | 00,015,415 | ---- | C] () -- C:\WINDOWS\95e4thiez25105.dll
[2009/05/10 11:48:48 | 00,004,685 | ---- | C] () -- C:\WINDOWS\System32\1433ste5l3049z.dll
[2009/05/06 03:49:47 | 00,017,808 | ---- | C] () -- C:\WINDOWS\System32\49a0thrz9t5592.dll
[2009/05/04 13:13:15 | 00,011,922 | ---- | C] () -- C:\WINDOWS\System32\56f2s9yware27z8.dll
[2009/05/04 09:06:01 | 00,016,007 | ---- | C] () -- C:\WINDOWS\91693hacktool5daz.dll
[2009/04/29 00:18:01 | 00,000,068 | -HS- | C] () -- C:\WINDOWS\System32\windzfa0.sys
[2009/04/18 21:22:33 | 00,004,441 | ---- | C] () -- C:\WINDOWS\System32\152595orm7cez.dll
[2009/04/09 21:13:55 | 00,011,091 | ---- | C] () -- C:\WINDOWS\2538tz95f1475.dll
[2009/04/02 19:49:18 | 00,011,690 | ---- | C] () -- C:\WINDOWS\System32\190zspy65b.dll
[2009/04/01 21:47:13 | 00,008,521 | ---- | C] () -- C:\WINDOWS\System32\6939steaz17945.dll
[2009/03/31 22:05:53 | 01,103,360 | ---- | C] () -- C:\WINDOWS\System32\cidfont.dll
[2009/03/31 21:43:54 | 00,009,141 | ---- | C] () -- C:\WINDOWS\System32\zvprtmon.dll
[2009/03/31 21:43:54 | 00,008,407 | ---- | C] () -- C:\WINDOWS\System32\zvprtmonui.dll
[2009/03/19 16:25:55 | 00,010,740 | ---- | C] () -- C:\WINDOWS\c47ba9kd5zr1720.dll
[2009/03/15 19:28:30 | 00,002,548 | ---- | C] () -- C:\WINDOWS\System32\66e9szea51301.dll
[2009/03/02 15:11:58 | 00,003,395 | ---- | C] () -- C:\WINDOWS\System32\4f98sparsz28675.dll
[2009/02/28 17:36:26 | 00,006,071 | ---- | C] () -- C:\WINDOWS\System32\zc69threat15645.dll
[2009/02/13 05:23:30 | 00,013,861 | ---- | C] () -- C:\WINDOWS\dz0spy5a9e1309.dll
[2009/02/10 15:01:14 | 00,008,997 | ---- | C] () -- C:\WINDOWS\37859parse1051z.dll
[2009/02/09 03:41:30 | 00,012,683 | ---- | C] () -- C:\WINDOWS\1eb4spz9are12575.dll
[2009/01/24 07:23:46 | 00,017,909 | ---- | C] () -- C:\WINDOWS\System32\21750zpy3509.dll
[2009/01/16 10:22:30 | 00,004,503 | ---- | C] () -- C:\WINDOWS\29662spamzot254.dll
[2009/01/12 15:52:01 | 00,003,692 | ---- | C] () -- C:\WINDOWS\170z5not-a-v59us28f.dll
[2009/01/07 06:39:06 | 00,000,164 | ---- | C] () -- C:\WINDOWS\System32\psconv.ini
[2009/01/05 07:42:52 | 00,018,122 | ---- | C] () -- C:\WINDOWS\19519vi5us708z.dll
[2008/12/25 19:42:56 | 00,007,583 | ---- | C] () -- C:\WINDOWS\System32\59769spyzd6.dll
[2008/12/21 12:18:14 | 00,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/12/21 12:18:13 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008/12/17 11:14:20 | 00,017,939 | ---- | C] () -- C:\WINDOWS\System32\5z19downloader1954.dll
[2008/12/10 17:39:34 | 00,011,400 | ---- | C] () -- C:\WINDOWS\System32\59eazhief5132.dll
[2008/12/09 17:08:17 | 00,016,311 | ---- | C] () -- C:\WINDOWS\f69vi5z120.dll
[2008/11/22 19:37:56 | 00,013,729 | ---- | C] () -- C:\WINDOWS\System32\94265tzoj65a.dll
[2008/11/20 19:07:26 | 00,010,526 | ---- | C] () -- C:\WINDOWS\14z009ack5ool3bc.dll
[2008/11/16 16:02:24 | 00,008,820 | ---- | C] () -- C:\WINDOWS\1dz7vi59259.dll
[2008/11/16 10:05:45 | 00,000,126 | ---- | C] () -- C:\WINDOWS\Z.ini
[2008/11/13 06:25:59 | 00,007,997 | ---- | C] () -- C:\WINDOWS\System32\21671noz-a-59rus580.dll
[2008/11/12 11:44:57 | 00,009,746 | ---- | C] () -- C:\WINDOWS\System32\27987hz5ktool3d4.dll
[2008/11/11 21:48:52 | 00,013,227 | ---- | C] () -- C:\WINDOWS\System32\z97fdownloader526.dll
[2008/11/02 01:03:22 | 00,010,613 | ---- | C] () -- C:\WINDOWS\54031hacktool5z9.dll
[2008/10/14 16:35:19 | 00,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/10/11 21:37:10 | 00,017,462 | ---- | C] () -- C:\WINDOWS\29475spy3b5z.dll
[2008/09/24 18:46:33 | 00,010,178 | ---- | C] () -- C:\WINDOWS\208075ot-z-viru9730.dll
[2008/09/21 07:17:52 | 00,012,018 | ---- | C] () -- C:\WINDOWS\69115zarse9639.dll
[2008/09/14 19:45:00 | 00,009,856 | ---- | C] () -- C:\WINDOWS\System32\26321hackt9o5zaa.dll
[2008/09/10 00:16:04 | 00,016,966 | ---- | C] () -- C:\WINDOWS\36885ownload9r90z.dll
[2008/09/04 00:33:01 | 00,000,376 | ---- | C] () -- C:\WINDOWS\COOK'N5.INI
[2008/09/04 00:27:13 | 00,000,077 | ---- | C] () -- C:\WINDOWS\Cook'n99.ini
[2008/09/03 22:14:54 | 00,008,605 | ---- | C] () -- C:\WINDOWS\System32\z95threat8899.dll
[2008/09/01 18:43:21 | 00,009,721 | ---- | C] () -- C:\WINDOWS\System32\56796vir9z1a.dll
[2008/08/25 08:24:29 | 00,005,866 | ---- | C] () -- C:\WINDOWS\899szy56d5.dll
[2008/08/25 06:19:45 | 00,010,645 | ---- | C] () -- C:\WINDOWS\System32\5149parse23z1.dll
[2008/08/20 22:16:59 | 00,003,081 | ---- | C] () -- C:\WINDOWS\313daddzar59.dll
[2008/08/15 00:52:41 | 00,006,284 | ---- | C] () -- C:\WINDOWS\3ce5sparsz99805.dll
[2008/08/14 20:50:38 | 00,017,703 | ---- | C] () -- C:\WINDOWS\9d55ackdooz1011.dll
[2008/08/13 06:49:26 | 00,013,032 | ---- | C] () -- C:\WINDOWS\3095ztro595c.dll
[2008/08/11 19:15:26 | 00,012,679 | ---- | C] () -- C:\WINDOWS\System32\5575sparze58579.dll
[2008/08/11 07:28:39 | 00,000,088 | RHS- | C] () -- C:\WINDOWS\System32\8FC8D2060D.sys
[2008/07/21 10:53:08 | 00,011,497 | ---- | C] () -- C:\WINDOWS\3z59vi9152.dll
[2008/07/21 00:44:34 | 00,003,350 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/07/20 09:01:23 | 00,016,447 | ---- | C] () -- C:\WINDOWS\System32\14z99not-5-virus42e.dll
[2008/07/13 23:04:58 | 00,013,364 | ---- | C] () -- C:\WINDOWS\System32\28558wor94ze.dll
[2008/07/11 16:49:40 | 00,003,251 | ---- | C] () -- C:\WINDOWS\25z83not-a5virus98b.dll
[2008/07/09 07:45:07 | 00,003,441 | ---- | C] () -- C:\WINDOWS\z94559ief1783.dll
[2008/07/03 02:25:58 | 00,015,125 | ---- | C] () -- C:\WINDOWS\System32\1c539pywaze3004.dll
[2008/06/27 03:29:00 | 00,012,189 | ---- | C] () -- C:\WINDOWS\System32\19474virus5e5z.dll
[2008/06/25 19:51:59 | 00,017,810 | ---- | C] () -- C:\WINDOWS\System32\641ztroj579.dll
[2008/06/07 02:26:50 | 00,012,022 | ---- | C] () -- C:\WINDOWS\System32\24975hackt5zl6b1.dll
[2008/06/04 11:14:08 | 00,017,063 | ---- | C] () -- C:\WINDOWS\System32\279975ot9a-vzrusd8.dll
[2008/05/27 20:35:56 | 00,004,619 | ---- | C] () -- C:\WINDOWS\System32\z5994s5ambot689.dll
[2008/05/19 03:20:04 | 00,003,076 | ---- | C] () -- C:\WINDOWS\System32\256spywzre2974.dll
[2008/05/15 23:25:13 | 00,018,125 | ---- | C] () -- C:\WINDOWS\System32\4b53spzrse3950.dll
[2008/05/06 14:42:17 | 00,008,029 | ---- | C] () -- C:\WINDOWS\System32\9675spazbot735.dll
[2008/04/16 04:21:45 | 00,011,820 | ---- | C] () -- C:\WINDOWS\3z75th9eat24795.dll
[2008/04/12 20:41:54 | 00,007,905 | ---- | C] () -- C:\WINDOWS\System32\z099addware2452.dll
[2008/03/28 18:02:40 | 00,009,655 | ---- | C] () -- C:\WINDOWS\System32\10321wo5m947z.dll
[2008/03/22 13:05:36 | 00,002,574 | ---- | C] () -- C:\WINDOWS\System32\4052downloadzr9355.dll
[2008/03/20 10:11:08 | 00,013,914 | ---- | C] () -- C:\WINDOWS\System32\78d1do59lozder2831.dll
[2008/03/18 03:37:38 | 00,008,235 | ---- | C] () -- C:\WINDOWS\48be5ir32z9.dll
[2008/03/11 01:24:05 | 00,007,999 | ---- | C] () -- C:\WINDOWS\System32\30fzback5oor69.dll
[2008/03/10 21:49:31 | 00,011,758 | ---- | C] () -- C:\WINDOWS\159z5sp51df.dll
[2008/03/10 19:36:01 | 00,008,377 | ---- | C] () -- C:\WINDOWS\System32\59hazktoo5593.dll
[2008/02/22 00:46:22 | 00,012,663 | ---- | C] () -- C:\WINDOWS\System32\11333not9a-vzrus569.dll
[2008/02/21 21:22:22 | 00,000,031 | ---- | C] () -- C:\WINDOWS\System32\Days5.ini
[2008/02/21 15:49:44 | 00,008,993 | ---- | C] () -- C:\WINDOWS\142z4wo95162.dll
[2008/02/18 14:55:48 | 00,013,739 | ---- | C] () -- C:\WINDOWS\60z5threat94468.dll
[2008/02/16 04:30:03 | 00,007,665 | ---- | C] () -- C:\WINDOWS\56z39virus29c.dll
[2008/02/14 20:40:32 | 00,007,401 | ---- | C] () -- C:\WINDOWS\12723not-a-viruz4579.dll
[2008/02/08 19:54:15 | 00,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2008/02/02 22:25:27 | 00,016,496 | ---- | C] () -- C:\WINDOWS\3e5bbackzoor25419.dll
[2008/01/16 04:04:50 | 00,000,042 | ---- | C] () -- C:\WINDOWS\FFS20ChtReg.ini
[2008/01/16 03:33:55 | 00,000,049 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2008/01/13 08:54:21 | 00,009,944 | ---- | C] () -- C:\WINDOWS\System32\3254vir29z4.dll
[2008/01/08 20:23:50 | 00,017,385 | ---- | C] () -- C:\WINDOWS\3096695y68z.dll
[2008/01/01 17:50:36 | 00,005,292 | ---- | C] () -- C:\WINDOWS\59507spy6dz.dll
[2007/12/28 00:30:22 | 00,000,104 | -HS- | C] () -- C:\WINDOWS\WSYS049.SYS
[2007/12/28 00:11:16 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\ypwp87a.dll
[2007/12/25 09:24:06 | 00,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/12/21 02:48:11 | 00,230,400 | ---- | C] () -- C:\WINDOWS\System32\Tiff32.dll
[2007/12/21 02:48:11 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\Jpeg32.dll
[2007/12/21 02:48:01 | 00,046,512 | ---- | C] () -- C:\WINDOWS\System32\EPSN.DLL
[2007/12/20 22:39:22 | 00,335,872 | ---- | C] () -- C:\WINDOWS\System32\ldf252.dll
[2007/12/03 22:43:29 | 00,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2007/11/22 18:24:37 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2007/11/22 18:24:14 | 00,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2007/11/22 18:22:40 | 00,000,666 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2007/11/22 18:07:48 | 00,536,576 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdblmpm.dll
[2007/11/22 18:07:48 | 00,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdbcomm.dll
[2007/11/22 18:07:48 | 00,409,600 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdbinpa.dll
[2007/11/22 18:07:48 | 00,393,216 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdbiesc.dll
[2007/11/22 18:07:48 | 00,114,688 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdbpplc.dll
[2007/11/22 18:07:48 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdbvs.dll
[2007/11/22 18:07:48 | 00,001,504 | ---- | C] () -- C:\WINDOWS\System32\lxdbprod.ini
[2007/11/22 18:07:47 | 01,183,744 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdbserv.dll
[2007/11/22 18:07:47 | 00,995,328 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdbusb1.dll
[2007/11/22 18:07:47 | 00,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdbhbn3.dll
[2007/11/22 18:07:47 | 00,610,304 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdbcomc.dll
[2007/11/22 18:07:47 | 00,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdbprox.dll
[2007/11/19 09:44:47 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/11/19 09:35:15 | 00,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2007/11/19 09:35:15 | 00,000,750 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/11/19 09:09:33 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll
[2007/11/19 09:08:05 | 00,001,120 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/09/27 10:51:02 | 00,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 00,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 00,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/12/20 11:11:06 | 00,002,045 | -H-- | C] () -- C:\WINDOWS\System32\whlb32g.dll
[2006/12/20 11:11:04 | 00,002,045 | -H-- | C] () -- C:\WINDOWS\System32\whls32a.dll
[2006/11/07 05:25:58 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/09/17 00:36:50 | 00,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/17 00:36:50 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2004/08/10 14:12:05 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 14:01:18 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 13:51:28 | 00,000,639 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/10 13:51:26 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2001/09/17 10:48:54 | 00,503,808 | R--- | C] () -- C:\WINDOWS\System32\lt_xtrans.dll
[2001/09/17 10:48:54 | 00,286,720 | R--- | C] () -- C:\WINDOWS\System32\MrSIDD.dll
[2001/09/17 10:48:54 | 00,163,840 | R--- | C] () -- C:\WINDOWS\System32\lt_common.dll
[2001/09/17 10:48:54 | 00,126,976 | R--- | C] () -- C:\WINDOWS\System32\lt_trans.dll
[2001/09/17 10:48:54 | 00,069,632 | R--- | C] () -- C:\WINDOWS\System32\lt_meta.dll
[2001/09/17 10:48:54 | 00,053,248 | R--- | C] () -- C:\WINDOWS\System32\lt_encrypt.dll
[2001/09/17 10:48:54 | 00,020,480 | R--- | C] () -- C:\WINDOWS\System32\lt_messagetext.dll
[2001/09/17 10:48:52 | 00,006,688 | ---- | C] () -- C:\WINDOWS\System32\Digita.sys
[2001/07/13 08:04:00 | 00,373,248 | ---- | C] () -- C:\WINDOWS\EyeCand3.INI
[1997/06/13 21:56:08 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== Files - Modified Within 30 Days ==========

[2009/12/26 18:30:09 | 00,014,019 | ---- | M] () -- C:\WINDOWS\System32\a99addware15z6.ocx
[2009/12/23 13:23:35 | 00,011,537 | ---- | M] () -- C:\WINDOWS\System32\4873t9ief2z005.exe
[2009/12/23 11:07:36 | 00,014,222 | ---- | M] () -- C:\WINDOWS\9935n9t-a-virzs454.bin
[2009/12/23 04:33:43 | 00,011,042 | ---- | M] () -- C:\WINDOWS\System32\7382ad9wa5e39z.ocx
[2009/12/22 03:48:39 | 00,003,086 | ---- | M] () -- C:\WINDOWS\78bc59azse2899.dll
[2009/12/20 02:16:59 | 00,015,547 | ---- | M] () -- C:\WINDOWS\System32\35951wor93z4.cpl
[2009/12/20 01:27:20 | 00,018,366 | ---- | M] () -- C:\WINDOWS\9619not-a-v5rus2zf.exe
[2009/12/19 23:36:42 | 00,008,670 | ---- | M] () -- C:\WINDOWS\System32\109z4hackto5l543.ocx
[2009/12/18 20:49:02 | 00,014,700 | ---- | M] () -- C:\WINDOWS\System32\6378zdd5ar92131.dll
[2009/12/18 06:16:53 | 00,014,644 | ---- | M] () -- C:\WINDOWS\System32\19287spzmbot59e5.bin
[2009/12/16 20:28:38 | 00,013,915 | ---- | M] () -- C:\WINDOWS\z9d8vir125.dll
[2009/12/15 20:37:48 | 00,006,986 | ---- | M] () -- C:\WINDOWS\3b4fspar5e977z.bin
[2009/12/13 01:49:59 | 00,011,551 | ---- | M] () -- C:\WINDOWS\System32\z0551tr9j2a0.bin
[2009/12/11 17:37:09 | 00,007,635 | ---- | M] () -- C:\WINDOWS\326935izus736.bin
[2009/12/11 10:56:35 | 00,018,014 | ---- | M] () -- C:\WINDOWS\System32\9ab4ste5lz356.dll
[2009/12/11 08:13:39 | 00,009,701 | ---- | M] () -- C:\WINDOWS\zb2bt59ef3033.cpl
[2009/12/10 04:59:49 | 00,013,862 | ---- | M] () -- C:\WINDOWS\System32\3995tzreat19818.ocx
[2009/12/09 21:48:08 | 00,008,714 | ---- | M] () -- C:\WINDOWS\System32\754z9ir11125.ocx
[2009/12/09 08:39:29 | 00,010,309 | ---- | M] () -- C:\WINDOWS\System32\c25down9oadzr1870.cpl
[2009/12/07 02:03:09 | 00,005,555 | ---- | M] () -- C:\WINDOWS\System32\zefddownloader4549.exe
[2009/12/06 19:41:34 | 00,017,083 | ---- | M] () -- C:\WINDOWS\System32\6cz5steal49.cpl
[2009/12/05 02:48:53 | 00,009,499 | ---- | M] () -- C:\WINDOWS\System32\6654a9dware31z1.dll
[2009/12/04 18:22:18 | 00,013,334 | ---- | M] () -- C:\WINDOWS\System32\534aspyware4z09.ocx
[2009/12/04 02:50:04 | 00,013,621 | ---- | M] () -- C:\WINDOWS\System32\11454wzrmf59.cpl
[2009/12/03 02:28:57 | 00,017,277 | ---- | M] () -- C:\WINDOWS\System32\18679spz254.ocx
[2009/12/02 16:09:34 | 00,010,367 | ---- | M] () -- C:\WINDOWS\5zc9t5reat27792.ocx
[2009/12/02 04:44:51 | 00,008,320 | ---- | M] () -- C:\WINDOWS\System32\5f2zvir1059.bin
[2009/11/30 23:11:27 | 00,007,142 | ---- | M] () -- C:\WINDOWS\System32\10a9threa517z5.dll
[2009/11/28 17:50:27 | 00,008,360 | ---- | M] () -- C:\WINDOWS\4d79vir590z.bin
[2009/11/26 11:13:26 | 00,015,580 | ---- | M] () -- C:\WINDOWS\System32\4827viz5s2e9.ocx
[2009/11/26 01:15:51 | 00,009,228 | ---- | M] () -- C:\WINDOWS\16595not-z-virus4df.exe
[2009/11/24 19:48:29 | 00,018,383 | ---- | M] () -- C:\WINDOWS\5dc5bzckd9or956.exe
[2009/11/24 07:57:36 | 00,010,623 | ---- | M] () -- C:\WINDOWS\System32\2e08addw9re5815z.ocx
[2009/11/21 10:17:48 | 00,010,787 | ---- | M] () -- C:\WINDOWS\390es5arse23z2.exe
[2009/11/21 04:38:43 | 00,011,449 | ---- | M] () -- C:\WINDOWS\System32\2zad5ddwar9743.ocx
[2009/11/20 02:01:39 | 00,012,632 | ---- | M] () -- C:\WINDOWS\System32\3288no5-a-vzrus70e9.bin
[2009/11/19 06:26:23 | 00,015,189 | ---- | M] () -- C:\WINDOWS\b23download9r758z.bin
[2009/11/19 02:27:54 | 00,003,647 | ---- | M] () -- C:\WINDOWS\System32\519fdown59adzr2173.bin
[2009/11/18 21:22:40 | 00,007,954 | ---- | M] () -- C:\WINDOWS\61z8b5ckdoor5879.ocx
[2009/11/18 09:11:25 | 00,005,422 | ---- | M] () -- C:\WINDOWS\System32\543bszywa9e971.cpl
[2009/11/18 03:27:10 | 00,012,987 | ---- | M] () -- C:\WINDOWS\System32\414sp96z5.bin
[2009/11/16 20:48:23 | 00,005,906 | ---- | M] () -- C:\WINDOWS\System32\6z2a9pa5se489.cpl
[2009/11/16 05:22:07 | 00,018,003 | ---- | M] () -- C:\WINDOWS\975fthreat65z5.dll
[2009/11/15 12:44:32 | 00,014,938 | ---- | M] () -- C:\WINDOWS\7190spar5ez695.exe
[2009/11/14 01:33:49 | 00,012,283 | ---- | M] () -- C:\WINDOWS\System32\225659wnloadez2156.bin
[2009/11/14 00:27:34 | 00,007,913 | ---- | M] () -- C:\WINDOWS\13594spy33az.cpl
[2009/11/13 07:05:28 | 00,013,048 | ---- | M] () -- C:\WINDOWS\z59545py5c7.bin
[2009/11/13 01:48:04 | 00,016,821 | ---- | M] () -- C:\WINDOWS\System32\64z3thief9005.bin
[2009/11/12 10:00:16 | 00,009,048 | ---- | M] () -- C:\WINDOWS\9f3sp59ze1329.dll
[2009/11/11 15:08:03 | 00,016,609 | ---- | M] () -- C:\WINDOWS\3825vzr5409.exe
[2009/11/10 17:40:25 | 00,012,360 | ---- | M] () -- C:\WINDOWS\9855spz731.ocx
[2009/11/06 15:58:24 | 00,003,205 | ---- | M] () -- C:\WINDOWS\9b4bthreat2z551.ocx
[2009/11/03 23:50:47 | 00,008,082 | ---- | M] () -- C:\WINDOWS\System32\32038zroj539.cpl
[2009/10/31 22:56:20 | 00,003,359 | ---- | M] () -- C:\WINDOWS\19035s9yz9c.cpl
[2009/10/31 22:48:58 | 00,016,816 | ---- | M] () -- C:\WINDOWS\System32\74459acktool5z5.bin
[2009/10/28 05:47:12 | 00,008,960 | ---- | M] () -- C:\WINDOWS\94e4backdoor575z.cpl
[2009/10/26 22:26:58 | 00,011,031 | ---- | M] () -- C:\WINDOWS\2658159zmbot513.cpl
[2009/10/23 18:32:15 | 00,004,444 | ---- | M] () -- C:\WINDOWS\159859ot-a-virus51z.exe
[2009/10/23 00:20:06 | 00,013,418 | ---- | M] () -- C:\WINDOWS\6938szywa5e2070.dll
[2009/10/22 20:38:50 | 00,009,958 | ---- | M] () -- C:\WINDOWS\System32\5z99add59re950.bin
[2009/10/21 09:10:08 | 00,013,880 | ---- | M] () -- C:\WINDOWS\a9stea53z05.ocx
[2009/10/17 14:01:22 | 00,009,474 | ---- | M] () -- C:\WINDOWS\System32\36099pz415.bin
[2009/10/16 12:43:12 | 00,015,500 | ---- | M] () -- C:\WINDOWS\System32\5971vzrus5715.cpl
[2009/10/14 12:38:17 | 00,002,536 | ---- | M] () -- C:\WINDOWS\19835sp5mbot5z89.exe
[2009/10/12 08:48:35 | 00,017,302 | ---- | M] () -- C:\WINDOWS\System32\6b5bz9y5are2166.cpl
[2009/10/10 19:34:41 | 00,014,686 | ---- | M] () -- C:\WINDOWS\System32\39329ir2z455.dll
[2009/10/10 08:55:22 | 00,007,755 | ---- | M] () -- C:\WINDOWS\19522vz5us4a7.ocx
[2009/10/10 06:21:32 | 00,013,522 | ---- | M] () -- C:\WINDOWS\12c2v9r1z52.dll
[2009/10/10 06:16:50 | 00,016,172 | ---- | M] () -- C:\WINDOWS\24580trojz599.bin
[2009/10/10 02:13:38 | 00,015,918 | ---- | M] () -- C:\WINDOWS\29538szambot14f.ocx
[2009/10/08 10:04:35 | 00,008,487 | ---- | M] () -- C:\WINDOWS\System32\5927zh5ef845.ocx
[2009/10/07 23:37:22 | 00,003,382 | ---- | M] () -- C:\WINDOWS\System32\3452zpy950.ocx
[2009/10/06 14:38:28 | 00,005,384 | ---- | M] () -- C:\WINDOWS\z5c9a9dware453.ocx
[2009/10/06 03:56:16 | 00,011,932 | ---- | M] () -- C:\WINDOWS\System32\11398spambzt385.exe
[2009/10/04 01:31:46 | 00,003,565 | ---- | M] () -- C:\WINDOWS\System32\5656t9ief21z6.exe
[2009/10/03 18:45:13 | 00,012,868 | ---- | M] () -- C:\WINDOWS\73addownzoader1595.exe
[2009/10/02 23:46:25 | 00,013,221 | ---- | M] () -- C:\WINDOWS\System32\73z9thi5f1914.exe
[2009/09/27 03:00:11 | 00,013,604 | ---- | M] () -- C:\WINDOWS\558zadd9are2982.bin
[2009/09/26 15:48:58 | 00,003,588 | ---- | M] () -- C:\WINDOWS\2005dow9lzader568.bin
[2009/09/26 05:49:17 | 00,002,866 | ---- | M] () -- C:\WINDOWS\System32\76z2downloa5er2906.ocx
[2009/09/24 01:50:47 | 00,003,553 | ---- | M] () -- C:\WINDOWS\System32\59a6t9i5f16z9.ocx
[2009/09/23 08:02:25 | 00,015,885 | ---- | M] () -- C:\WINDOWS\System32\z340t5ief8119.exe
[2009/09/21 23:32:00 | 00,008,821 | ---- | M] () -- C:\WINDOWS\System32\16556w9rmzd4.cpl
[2009/09/19 20:53:16 | 00,005,836 | ---- | M] () -- C:\WINDOWS\System32\30695spyza55.ocx
[2009/09/17 05:07:15 | 00,015,509 | ---- | M] () -- C:\WINDOWS\System32\201b5zeal9489.cpl
[2009/09/13 22:25:49 | 00,011,748 | ---- | M] () -- C:\WINDOWS\z0509ir1960.ocx
[2009/09/13 10:03:01 | 00,005,000 | ---- | M] () -- C:\WINDOWS\5015wor591cz.dll
[2009/09/13 07:07:43 | 00,015,628 | ---- | M] () -- C:\WINDOWS\1783d9wnloader5z3.ocx
[2009/09/13 03:52:49 | 00,015,779 | ---- | M] () -- C:\WINDOWS\e97zhrea92251.dll
[2009/09/12 11:22:09 | 00,008,690 | ---- | M] () -- C:\WINDOWS\System32\619zsparse2095.bin
[2009/09/09 06:05:42 | 00,003,091 | ---- | M] () -- C:\WINDOWS\2z568worm69f.exe
[2009/09/09 01:20:42 | 00,011,240 | ---- | M] () -- C:\WINDOWS\System32\34a0tzre5t151379.ocx
[2009/09/08 17:07:53 | 00,012,440 | ---- | M] () -- C:\WINDOWS\System32\17824nzt-a-vi9us752.dll
[2009/09/07 20:29:05 | 00,013,253 | ---- | M] () -- C:\WINDOWS\9159tzoj955.bin
[2009/09/07 08:06:51 | 00,015,997 | ---- | M] () -- C:\WINDOWS\528z19orm7f4.dll
[2009/09/05 15:51:44 | 00,011,583 | ---- | M] () -- C:\WINDOWS\System32\260z2viru9450.dll
[2009/09/01 08:30:52 | 00,018,206 | ---- | M] () -- C:\WINDOWS\ze5dbackdoor2974.cpl
[2009/08/27 20:48:25 | 00,003,088 | ---- | M] () -- C:\WINDOWS\System32\97d7spzw5re1529.cpl
[2009/08/27 18:38:50 | 00,015,893 | ---- | M] () -- C:\WINDOWS\826z9ot-a-5irus37d.dll
[2009/08/27 18:33:09 | 00,015,933 | ---- | M] () -- C:\WINDOWS\System32\2z294spa5bot6df.exe
[2009/08/26 11:17:17 | 00,004,861 | ---- | M] () -- C:\WINDOWS\9ac8spars51z33.dll
[2009/08/25 16:35:59 | 00,010,525 | ---- | M] () -- C:\WINDOWS\453bbackzoor559.bin
[2009/08/24 21:59:56 | 00,005,772 | ---- | M] () -- C:\WINDOWS\9889zpy2935.ocx
[2009/08/24 16:58:52 | 00,012,531 | ---- | M] () -- C:\WINDOWS\5zdcspa59e1409.cpl
[2009/08/24 10:59:21 | 00,005,259 | ---- | M] () -- C:\WINDOWS\z0589py788.ocx
[2009/08/23 04:41:50 | 00,012,206 | ---- | M] () -- C:\WINDOWS\System32\1957sparse3979z.dll
[2009/08/23 00:27:52 | 00,016,529 | ---- | M] () -- C:\WINDOWS\9851t5iez3245.exe
[2009/08/22 21:45:41 | 00,003,032 | ---- | M] () -- C:\WINDOWS\System32\3b49spzrse351.bin
[2009/08/21 18:23:19 | 00,016,200 | ---- | M] () -- C:\WINDOWS\1303759rz556.dll
[2009/08/20 16:13:02 | 00,008,487 | ---- | M] () -- C:\WINDOWS\System32\zef45hief2969.cpl
[2009/08/20 12:07:36 | 00,015,595 | ---- | M] () -- C:\WINDOWS\System32\16z27spam9ot532.dll
[2009/08/20 07:19:10 | 00,006,254 | ---- | M] () -- C:\WINDOWS\352tzre9t5159.exe
[2009/08/19 19:32:16 | 00,008,884 | ---- | M] () -- C:\WINDOWS\System32\6z16ste5l395.ocx
[2009/08/19 03:35:15 | 00,010,730 | ---- | M] () -- C:\WINDOWS\System32\46d4baczdoo95851.exe
[2009/08/18 08:38:32 | 00,003,715 | ---- | M] () -- C:\WINDOWS\17z5backdoor590.cpl
[2009/08/18 04:31:22 | 00,003,117 | ---- | M] () -- C:\WINDOWS\System32\59cesteal146z.bin
[2009/08/17 07:45:16 | 00,002,684 | ---- | M] () -- C:\WINDOWS\2d40szar5e1894.ocx
[2009/08/17 06:35:58 | 00,010,010 | ---- | M] () -- C:\WINDOWS\191cspa5ze789.bin
[2009/08/16 04:13:51 | 00,018,301 | ---- | M] () -- C:\WINDOWS\6893tro555z.exe
[2009/08/15 16:33:23 | 00,003,490 | ---- | M] () -- C:\WINDOWS\System32\2ffethreat95z25.cpl
[2009/08/15 12:41:24 | 00,009,163 | ---- | M] () -- C:\WINDOWS\System32\7bf59hrz5t11180.cpl
[2009/08/14 08:04:45 | 00,007,452 | ---- | M] () -- C:\WINDOWS\System32\79ccthie53101z.exe
[2009/08/14 02:38:56 | 00,012,111 | ---- | M] () -- C:\WINDOWS\System32\50f5back9oor2z6.ocx
[2009/08/13 14:06:13 | 00,007,794 | ---- | M] () -- C:\WINDOWS\System32\515st9alz864.exe
[2009/08/12 08:06:02 | 00,017,972 | ---- | M] () -- C:\WINDOWS\304cthrezt239685.cpl
[2009/08/11 04:49:24 | 00,009,704 | ---- | M] () -- C:\WINDOWS\System32\3399w9rz53.dll
[2009/08/09 04:53:11 | 00,007,159 | ---- | M] () -- C:\WINDOWS\System32\12287spa9boz65b.bin
[2009/08/08 15:34:07 | 00,013,244 | ---- | M] () -- C:\WINDOWS\System32\54f7th9eat15785z.exe
[2009/08/08 02:43:43 | 00,009,322 | ---- | M] () -- C:\WINDOWS\2762459z-a-virus26c.dll
[2009/08/07 23:49:52 | 00,003,195 | ---- | M] () -- C:\WINDOWS\System32\z23649or565.cpl
[2009/08/06 10:54:12 | 00,006,737 | ---- | M] () -- C:\WINDOWS\System32\7394ste5lz697.exe
[2009/08/05 19:12:52 | 00,008,853 | ---- | M] () -- C:\WINDOWS\zb45th9ef553.bin
[2009/08/04 01:51:12 | 00,011,751 | ---- | M] () -- C:\WINDOWS\System32\5061azdwa9e264.cpl
[2009/08/03 18:22:41 | 00,012,018 | ---- | M] () -- C:\WINDOWS\System32\18acthrea5z10569.dll
[2009/08/02 01:52:02 | 00,013,329 | ---- | M] () -- C:\WINDOWS\System32\6a5fz9yware155.dll
[2009/07/27 13:32:20 | 00,016,270 | ---- | M] () -- C:\WINDOWS\System32\3d5a5hiez659.exe
[2009/07/26 09:39:41 | 00,003,166 | ---- | M] () -- C:\WINDOWS\System32\19855not-a-virus6z5.dll
[2009/07/23 23:36:54 | 00,003,720 | ---- | M] () -- C:\WINDOWS\System32\3095z9pambot40f.dll
[2009/07/23 13:36:13 | 00,010,546 | ---- | M] () -- C:\WINDOWS\System32\7099baczd59r763.ocx
[2009/07/22 05:00:45 | 00,005,694 | ---- | M] () -- C:\WINDOWS\227dt5rea9z305.bin
[2009/07/21 21:53:51 | 00,002,780 | ---- | M] () -- C:\WINDOWS\System32\559baddware1z32.cpl
[2009/07/20 15:28:24 | 00,002,788 | ---- | M] () -- C:\WINDOWS\2025s5eal9025z.cpl
[2009/07/18 13:03:43 | 00,003,409 | ---- | M] () -- C:\WINDOWS\System32\4745ha95tozl34.bin
[2009/07/18 09:10:31 | 00,513,024 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Keith\Desktop\OTL(2).exe
[2009/07/18 09:10:22 | 00,513,024 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Keith\Desktop\OTL.exe
[2009/07/18 09:04:07 | 00,173,119 | ---- | M] (Eric_71) -- C:\Documents and Settings\Keith\Desktop\Rooter.exe
[2009/07/18 09:01:18 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/07/18 09:01:11 | 00,002,333 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Dell Network Assistant.lnk
[2009/07/18 09:00:58 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/07/18 09:00:54 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/07/18 08:58:09 | 00,265,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Keith\Desktop\TFC.exe
[2009/07/18 08:56:20 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\Keith\Desktop\NTREGOPT.lnk
[2009/07/18 08:56:20 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Keith\Desktop\ERUNT.lnk
[2009/07/18 08:54:48 | 00,794,112 | ---- | M] () -- C:\Documents and Settings\Keith\Desktop\The_Comedian.exe
[2009/07/18 08:40:47 | 00,407,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Keith\Desktop\OTM.exe
[2009/07/18 08:30:23 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Keith\Desktop\HijackThis.lnk
[2009/07/18 08:30:09 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Keith\Desktop\HJTInstall.exe
[2009/07/18 08:22:44 | 00,000,026 | ---- | M] () -- C:\WINDOWS\Zone.Identifier
[2009/07/17 07:39:18 | 00,016,940 | ---- | M] () -- C:\WINDOWS\System32\103679pambo56z8.cpl
[2009/07/16 22:45:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/07/15 16:03:29 | 00,000,680 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FOX News Live.lnk
[2009/07/14 21:01:21 | 00,008,430 | ---- | M] () -- C:\WINDOWS\System32\5315th9efz192.ocx
[2009/07/13 22:23:57 | 00,014,474 | ---- | M] () -- C:\WINDOWS\System32\6f78st95z1010.cpl
[2009/07/13 21:25:59 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/07/13 19:02:11 | 00,000,004 | ---- | M] () -- C:\WINDOWS\System32\MSIVXcount
[2009/07/13 17:44:11 | 00,001,709 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2009/07/13 17:44:09 | 00,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/07/13 17:17:09 | 03,775,176 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Keith\Desktop\mbam-setup.exe
[2009/07/13 13:36:34 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/07/13 13:36:12 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/07/13 06:50:12 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/07/13 02:06:09 | 00,001,641 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Finish Downloading Spyware Doctor with AntiVirus.lnk
[2009/07/13 01:41:29 | 00,000,042 | ---- | M] () -- C:\WINDOWS\System32\AK083E209605E394C.lie
[2009/07/13 00:45:35 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/07/12 20:06:25 | 00,000,850 | ---- | M] () -- C:\WINDOWS\System32\ProductTweaks.xml
[2009/07/12 20:06:23 | 00,000,385 | ---- | M] () -- C:\WINDOWS\System32\user_gensett.xml
[2009/07/12 20:03:47 | 00,003,120 | ---- | M] () -- C:\WINDOWS\System32\DRWSJLAD.ocx
[2009/07/12 20:03:47 | 00,003,120 | ---- | M] () -- C:\WINDOWS\LJRGKDD9.ocx
[2009/07/12 19:52:51 | 00,007,896 | ---- | M] () -- C:\WINDOWS\System32\z5esparse697.ocx
[2009/07/12 17:27:30 | 17,306,928 | ---- | M] (PC Tools ) -- C:\Documents and Settings\Keith\Desktop\spdoc.exe
[2009/07/12 10:10:00 | 00,000,350 | ---- | M] () -- C:\WINDOWS\tasks\Norton PC Checkup Weekend Scanner.job
[2009/07/12 09:59:10 | 24,449,920 | ---- | M] (PC Tools ) -- C:\Documents and Settings\Keith\Desktop\sdsetup.exe
[2009/07/12 07:25:08 | 00,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2009/07/12 06:49:38 | 00,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/07/11 23:14:05 | 00,017,185 | ---- | M] () -- C:\WINDOWS\29875zor52bd.dll
[2009/07/10 22:54:50 | 00,012,236 | ---- | M] () -- C:\WINDOWS\System32\5cd9sparse256z.dll
[2009/07/09 21:56:42 | 00,011,701 | ---- | M] () -- C:\WINDOWS\3d93downloadez455.cpl
[2009/07/09 20:08:43 | 00,008,227 | ---- | M] () -- C:\WINDOWS\System32\1f6espa9sez7295.exe
[2009/07/07 18:38:24 | 00,017,232 | ---- | M] () -- C:\WINDOWS\5d97add5are282z.ocx
[2009/07/07 06:22:56 | 00,015,329 | ---- | M] () -- C:\WINDOWS\76a9t5reat2190z.ocx
[2009/07/06 22:53:57 | 00,000,435 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2009/07/06 22:02:57 | 00,014,370 | ---- | M] () -- C:\WINDOWS\ze87spar9e5771.bin
[2009/07/05 19:48:22 | 00,006,544 | ---- | M] () -- C:\WINDOWS\System32\z1625worm599.ocx
[2009/07/05 13:10:48 | 00,007,493 | ---- | M] () -- C:\WINDOWS\System32\17965virusza1.ocx
[2009/07/01 17:37:11 | 00,010,811 | ---- | M] () -- C:\WINDOWS\35cespazse14955.exe
[2009/06/30 03:58:12 | 01,772,008 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/06/27 05:15:04 | 00,005,329 | ---- | M] () -- C:\WINDOWS\System32\19006hacktool5adz.bin
[2009/06/27 01:40:54 | 00,012,857 | ---- | M] () -- C:\WINDOWS\System32\ze0dsp9rse5975.ocx
[2009/06/26 08:51:40 | 00,006,900 | ---- | M] () -- C:\WINDOWS\System32\2z91vir1651.dll
[2009/06/23 13:31:23 | 16,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\Keith\Desktop\spybotsd162.exe
[2009/06/23 13:18:51 | 00,762,952 | ---- | M] () -- C:\Documents and Settings\Keith\Desktop\avgremover_en.exe
[2009/06/23 12:20:57 | 00,017,669 | ---- | M] () -- C:\WINDOWS\System32\6cdcsz9a53098.dll
[2009/06/23 12:20:57 | 00,013,306 | ---- | M] () -- C:\WINDOWS\z372wo9m51f5.bin
[2009/06/23 12:20:57 | 00,011,693 | ---- | M] () -- C:\WINDOWS\22z14not-a-9irus1dc5.bin
[2009/06/23 12:20:57 | 00,008,408 | ---- | M] () -- C:\WINDOWS\System32\69dzthreat57188.bin
[2009/06/23 12:20:56 | 00,018,400 | ---- | M] () -- C:\WINDOWS\System32\23876w9r571z.dll
[2009/06/23 12:20:56 | 00,018,323 | ---- | M] () -- C:\WINDOWS\System32\f05dowzloader29735.exe
[2009/06/23 12:20:56 | 00,018,260 | ---- | M] () -- C:\WINDOWS\System32\5d59thrza94556.exe
[2009/06/23 12:20:56 | 00,018,158 | ---- | M] () -- C:\WINDOWS\5565spamz9t574.exe
[2009/06/23 12:20:56 | 00,018,073 | ---- | M] () -- C:\WINDOWS\110295orz6f9.exe
[2009/06/23 12:20:56 | 00,018,072 | ---- | M] () -- C:\WINDOWS\System32\4115backdo9r21z4.bin
[2009/06/23 12:20:56 | 00,017,912 | ---- | M] () -- C:\WINDOWS\System32\z18975py95d.dll
[2009/06/23 12:20:56 | 00,017,659 | ---- | M] () -- C:\WINDOWS\51408spz7879.ocx
[2009/06/23 12:20:56 | 00,017,469 | ---- | M] () -- C:\WINDOWS\5883hzcktool299.ocx
[2009/06/23 12:20:56 | 00,017,450 | ---- | M] () -- C:\WINDOWS\55a3spazs9463.ocx
[2009/06/23 12:20:56 | 00,017,343 | ---- | M] () -- C:\WINDOWS\System32\2d5z9ir2528.cpl
[2009/06/23 12:20:56 | 00,017,318 | ---- | M] () -- C:\WINDOWS\System32\ba5thiez21419.dll
[2009/06/23 12:20:56 | 00,017,122 | ---- | M] () -- C:\WINDOWS\3554baczdoo92453.dll
[2009/06/23 12:20:56 | 00,017,095 | ---- | M] () -- C:\WINDOWS\System32\78astea548z9.dll
[2009/06/23 12:20:56 | 00,016,994 | ---- | M] () -- C:\WINDOWS\7a8z5ea9953.exe
[2009/06/23 12:20:56 | 00,016,980 | ---- | M] () -- C:\WINDOWS\31760sp95zf.bin
[2009/06/23 12:20:56 | 00,016,513 | ---- | M] () -- C:\WINDOWS\37z2threa593646.ocx
[2009/06/23 12:20:56 | 00,016,511 | ---- | M] () -- C:\WINDOWS\26461not-9-vir5s541z.bin
[2009/06/23 12:20:56 | 00,016,402 | ---- | M] () -- C:\WINDOWS\System32\59c2down9oadzr1794.dll
[2009/06/23 12:20:56 | 00,015,872 | ---- | M] () -- C:\WINDOWS\System32\7665tzr9at31828.dll
[2009/06/23 12:20:56 | 00,015,734 | ---- | M] () -- C:\WINDOWS\System32\179astea52z96.dll
[2009/06/23 12:20:56 | 00,015,711 | ---- | M] () -- C:\WINDOWS\System32\4z4b95yware2101.bin
[2009/06/23 12:20:56 | 00,015,512 | ---- | M] () -- C:\WINDOWS\59d5vir940z.dll
[2009/06/23 12:20:56 | 00,015,444 | ---- | M] () -- C:\WINDOWS\681a9zwnloader2455.exe
[2009/06/23 12:20:56 | 00,015,172 | ---- | M] () -- C:\WINDOWS\System32\1485zhac5tool4949.dll
[2009/06/23 12:20:56 | 00,015,045 | ---- | M] () -- C:\WINDOWS\System32\273zaddwar9375.cpl
[2009/06/23 12:20:56 | 00,014,996 | ---- | M] () -- C:\WINDOWS\25799not-a-z9rus255.cpl
[2009/06/23 12:20:56 | 00,014,647 | ---- | M] () -- C:\WINDOWS\System32\4927hackto5l9f5z.cpl
[2009/06/23 12:20:56 | 00,014,468 | ---- | M] () -- C:\WINDOWS\System32\26ed95r7z7.dll
[2009/06/23 12:20:56 | 00,014,285 | ---- | M] () -- C:\WINDOWS\System32\255atzreat90876.exe
[2009/06/23 12:20:56 | 00,013,917 | ---- | M] () -- C:\WINDOWS\48dc5hreatz936.bin
[2009/06/23 12:20:56 | 00,013,798 | ---- | M] () -- C:\WINDOWS\21992vizus65a5.ocx
[2009/06/23 12:20:56 | 00,013,781 | ---- | M] () -- C:\WINDOWS\System32\15e5download9z1079.ocx
[2009/06/23 12:20:56 | 00,013,380 | ---- | M] () -- C:\WINDOWS\System32\699dzackd5or318.bin
[2009/06/23 12:20:56 | 00,013,252 | ---- | M] () -- C:\WINDOWS\System32\3195v5r306z.ocx
[2009/06/23 12:20:56 | 00,013,251 | ---- | M] () -- C:\WINDOWS\System32\20b69pyw5re1639z.exe
[2009/06/23 12:20:56 | 00,013,164 | ---- | M] () -- C:\WINDOWS\System32\24bc9zeal18795.exe
[2009/06/23 12:20:56 | 00,012,927 | ---- | M] () -- C:\WINDOWS\2119s9ywa5e1z3.cpl
[2009/06/23 12:20:56 | 00,012,818 | ---- | M] () -- C:\WINDOWS\System32\506bback5ooz13879.ocx
[2009/06/23 12:20:56 | 00,012,324 | ---- | M] () -- C:\WINDOWS\7385not-azv9rus578.dll
[2009/06/23 12:20:56 | 00,012,291 | ---- | M] () -- C:\WINDOWS\System32\594fspywarz2485.bin
[2009/06/23 12:20:56 | 00,012,157 | ---- | M] () -- C:\WINDOWS\System32\23119spam5ot49cz.exe
[2009/06/23 12:20:56 | 00,012,145 | ---- | M] () -- C:\WINDOWS\74d0b5ckdozr979.cpl
[2009/06/23 12:20:56 | 00,012,092 | ---- | M] () -- C:\WINDOWS\System32\z899spyware31245.cpl
[2009/06/23 12:20:56 | 00,011,949 | ---- | M] () -- C:\WINDOWS\1d92viz1854.exe
[2009/06/23 12:20:56 | 00,011,914 | ---- | M] () -- C:\WINDOWS\System32\79zbspywar5388.dll
[2009/06/23 12:20:56 | 00,011,849 | ---- | M] () -- C:\WINDOWS\3768a5dware2959z.bin
[2009/06/23 12:20:56 | 00,011,802 | ---- | M] () -- C:\WINDOWS\128z5p92d2.ocx
[2009/06/23 12:20:56 | 00,011,611 | ---- | M] () -- C:\WINDOWS\95967spy569z.dll
[2009/06/23 12:20:56 | 00,011,555 | ---- | M] () -- C:\WINDOWS\89z25roj5a39.bin
[2009/06/23 12:20:56 | 00,011,528 | ---- | M] () -- C:\WINDOWS\6893sparsz551.exe
[2009/06/23 12:20:56 | 00,011,069 | ---- | M] () -- C:\WINDOWS\System32\2c3fzpywa592224.cpl
[2009/06/23 12:20:56 | 00,011,022 | ---- | M] () -- C:\WINDOWS\System32\z8788not-a-v5rus2ea9.cpl
[2009/06/23 12:20:56 | 00,010,659 | ---- | M] () -- C:\WINDOWS\28193zpy5f6.cpl
[2009/06/23 12:20:56 | 00,010,511 | ---- | M] () -- C:\WINDOWS\System32\16015z9rus1d05.ocx
[2009/06/23 12:20:56 | 00,010,408 | ---- | M] () -- C:\WINDOWS\5505not9z-vi5us2ac.exe
[2009/06/23 12:20:56 | 00,010,230 | ---- | M] () -- C:\WINDOWS\5595a5dw9re4z5.ocx
[2009/06/23 12:20:56 | 00,009,883 | ---- | M] () -- C:\WINDOWS\System32\6975sz9rse2609.dll
[2009/06/23 12:20:56 | 00,008,781 | ---- | M] () -- C:\WINDOWS\System32\97572tz5j1d.dll
[2009/06/23 12:20:56 | 00,008,605 | ---- | M] () -- C:\WINDOWS\System32\205at9reat5z859.ocx
[2009/06/23 12:20:56 | 00,008,528 | ---- | M] () -- C:\WINDOWS\System32\3z53thi9f615.ocx
[2009/06/23 12:20:56 | 00,008,521 | ---- | M] () -- C:\WINDOWS\System32\165z0vir5s7d9.exe
[2009/06/23 12:20:56 | 00,008,435 | ---- | M] () -- C:\WINDOWS\z04595reat23998.cpl
[2009/06/23 12:20:56 | 00,008,424 | ---- | M] () -- C:\WINDOWS\System32\39495hrea923254z.dll
[2009/06/23 12:20:56 | 00,008,344 | ---- | M] () -- C:\WINDOWS\System32\17936w9rm15bz.bin
[2009/06/23 12:20:56 | 00,008,328 | ---- | M] () -- C:\WINDOWS\System32\619cthiez1507.cpl
[2009/06/23 12:20:56 | 00,008,112 | ---- | M] () -- C:\WINDOWS\System32\6525s9zware2204.ocx
[2009/06/23 12:20:56 | 00,008,094 | ---- | M] () -- C:\WINDOWS\43159ot-5-zirusa3.ocx
[2009/06/23 12:20:56 | 00,008,039 | ---- | M] () -- C:\WINDOWS\System32\55a1stzal95275.ocx
[2009/06/23 12:20:56 | 00,007,929 | ---- | M] () -- C:\WINDOWS\System32\4z539hreat7873.bin
[2009/06/23 12:20:56 | 00,007,659 | ---- | M] () -- C:\WINDOWS\System32\52e7a95ware63z.bin
[2009/06/23 12:20:56 | 00,007,546 | ---- | M] () -- C:\WINDOWS\28z939i5us2a.bin
[2009/06/23 12:20:56 | 00,007,144 | ---- | M] () -- C:\WINDOWS\System32\6080not-a9zirus551.bin
[2009/06/23 12:20:56 | 00,007,079 | ---- | M] () -- C:\WINDOWS\35z1sparse596.exe
[2009/06/23 12:20:56 | 00,006,839 | ---- | M] () -- C:\WINDOWS\309345acktz9lad.ocx
[2009/06/23 12:20:56 | 00,006,763 | ---- | M] () -- C:\WINDOWS\25259hief5972z.bin
[2009/06/23 12:20:56 | 00,006,457 | ---- | M] () -- C:\WINDOWS\System32\21f5st95z2065.exe
[2009/06/23 12:20:56 | 00,006,103 | ---- | M] () -- C:\WINDOWS\System32\5c09thre593659z.exe
[2009/06/23 12:20:56 | 00,005,989 | ---- | M] () -- C:\WINDOWS\3ze9vir4135.bin
[2009/06/23 12:20:56 | 00,005,926 | ---- | M] () -- C:\WINDOWS\115thzef9799.ocx
[2009/06/23 12:20:56 | 00,005,467 | ---- | M] () -- C:\WINDOWS\5z25spy9a5e2949.dll
[2009/06/23 12:20:56 | 00,005,444 | ---- | M] () -- C:\WINDOWS\55469w9rz5ab.bin
[2009/06/23 12:20:56 | 00,005,429 | ---- | M] () -- C:\WINDOWS\System32\9b9zthreat2583.cpl
[2009/06/23 12:20:56 | 00,005,383 | ---- | M] () -- C:\WINDOWS\System32\2c52baczdoor18209.bin
[2009/06/23 12:20:56 | 00,005,370 | ---- | M] () -- C:\WINDOWS\System32\z9972spambot195.cpl
[2009/06/23 12:20:56 | 00,005,272 | ---- | M] () -- C:\WINDOWS\System32\99470spy75ez.cpl
[2009/06/23 12:20:56 | 00,005,226 | ---- | M] () -- C:\WINDOWS\System32\24959hzck9ool614.cpl
[2009/06/23 12:20:56 | 00,004,890 | ---- | M] () -- C:\WINDOWS\96427hacktzol158.exe
[2009/06/23 12:20:56 | 00,004,797 | ---- | M] () -- C:\WINDOWS\8171sp9mbo56z5.ocx
[2009/06/23 12:20:56 | 00,004,608 | ---- | M] () -- C:\WINDOWS\System32\4a6bbackdozr10659.cpl
[2009/06/23 12:20:56 | 00,004,077 | ---- | M] () -- C:\WINDOWS\System32\29828sp5zbotea.dll
[2009/06/23 12:20:56 | 00,003,765 | ---- | M] () -- C:\WINDOWS\2b9c5ddware906z.cpl
[2009/06/23 12:20:56 | 00,003,480 | ---- | M] () -- C:\WINDOWS\System32\5001s9y5fz.ocx
[2009/06/23 12:20:56 | 00,003,352 | ---- | M] () -- C:\WINDOWS\z8856troj749.exe
[2009/06/23 12:20:56 | 00,003,270 | ---- | M] () -- C:\WINDOWS\149395pz749.ocx
[2009/06/23 12:20:56 | 00,003,261 | ---- | M] () -- C:\WINDOWS\System32\47069iru55b0z.ocx
[2009/06/23 12:20:56 | 00,003,254 | ---- | M] () -- C:\WINDOWS\System32\6fa7add59ze1355.cpl
[2009/06/23 12:20:56 | 00,003,148 | ---- | M] () -- C:\WINDOWS\System32\5z7vi9us459.dll
[2009/06/23 12:20:56 | 00,003,131 | ---- | M] () -- C:\WINDOWS\System32\3a779pyware525z.cpl
[2009/06/23 12:20:56 | 00,003,052 | ---- | M] () -- C:\WINDOWS\9z299ot-a-virus5fd.ocx
[2009/06/23 12:20:56 | 00,002,928 | ---- | M] () -- C:\WINDOWS\29348trojz625.ocx
[2009/06/23 12:20:56 | 00,002,774 | ---- | M] () -- C:\WINDOWS\System32\995ownloaz9r86.ocx
[2009/06/23 12:20:56 | 00,002,753 | ---- | M] () -- C:\WINDOWS\5260spars96z5.ocx
[2009/06/23 12:20:56 | 00,002,532 | ---- | M] () -- C:\WINDOWS\6ecaaddw5rz2349.bin
[2009/06/23 12:20:56 | 00,002,523 | ---- | M] () -- C:\WINDOWS\System32\1795spywzre1649.cpl
[2009/06/23 12:20:55 | 00,018,229 | ---- | M] () -- C:\WINDOWS\3550add95re45z.ocx
[2009/06/23 12:20:55 | 00,017,084 | ---- | M] () -- C:\WINDOWS\195sparse9z4.dll
[2009/06/23 12:20:55 | 00,006,729 | ---- | M] () -- C:\WINDOWS\System32\30896troz905.dll
[2009/06/23 12:20:55 | 00,005,471 | ---- | M] () -- C:\WINDOWS\System32\4b1zst59l2495.ocx
[2009/06/23 12:20:55 | 00,004,985 | ---- | M] () -- C:\WINDOWS\3d209aczdo5r716.cpl
[2009/06/23 12:20:55 | 00,002,895 | ---- | M] () -- C:\WINDOWS\System32\23bthr9at1439z5.dll
[2009/06/23 12:19:49 | 00,087,370 | ---- | M] () -- C:\Documents and Settings\Keith\Desktop\setup.exe
[2009/06/23 10:40:45 | 00,113,040 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\Keith\Desktop\GoToAssistStarter.exe
[2009/06/23 09:31:15 | 00,037,102 | ---- | M] () -- C:\Documents and Settings\Keith\Desktop\Say_Chease.jpg
[2009/06/23 06:52:15 | 00,008,590 | ---- | M] () -- C:\WINDOWS\System32\11655sza9bot66a.dll
[2009/06/22 17:39:34 | 00,000,213 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ArcSoft Products and Bonus Offers.url
[2009/06/22 17:36:00 | 00,001,652 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PhotoStudio 6.lnk
[2009/06/22 17:21:20 | 00,007,145 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Global.sw2
[2009/06/22 16:48:05 | 00,012,186 | ---- | M] () -- C:\WINDOWS\System32\1d8cthief29z5.bin
[2009/06/22 16:42:07 | 00,002,516 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2009/06/22 16:28:16 | 00,000,088 | RHS- | M] () -- C:\Documents and Settings\All Users\Application Data\8FC8D2060D.sys
[2009/06/21 20:44:55 | 00,000,865 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AutoImager.lnk
[2009/06/21 20:17:50 | 00,077,108 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/06/21 20:15:14 | 00,000,759 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Picasa 3.lnk
[2009/06/21 19:57:37 | 00,000,812 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Paint.NET.lnk
[2009/06/21 19:45:58 | 00,015,748 | ---- | M] () -- C:\WINDOWS\7778add59rz2562.exe
[2009/06/21 14:36:06 | 00,015,970 | ---- | M] () -- C:\WINDOWS\System32\23556zpamb9t5ad.cpl
[2009/06/21 09:51:52 | 00,054,982 | ---- | M] () -- C:\Documents and Settings\Keith\Desktop\12713990.jpg
[2009/06/21 08:35:01 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 8.lnk

========== LOP Check ==========

[2009/07/13 17:37:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data
[2008/11/27 23:58:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2009/07/12 06:49:40 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
[2009/06/21 20:44:58 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{E33597A3-E995-4DA4-A3A0-F1775979A8E0}
[2007/12/20 22:22:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems
[2009/06/22 18:09:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ArcSoft
[2009/06/29 15:42:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avery
[2009/06/23 12:37:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2007/12/29 02:19:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Banner Maker Pro 7
[2009/06/23 11:05:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2008/09/15 02:32:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cogniview
[2008/03/02 00:07:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dell
[2007/11/22 21:35:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\element5
[2008/01/17 04:11:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2009/07/04 15:27:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FunGames
[2007/11/22 17:38:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2008/12/01 00:22:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2009/01/17 16:43:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2007/11/19 09:35:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Roxio
[2004/08/10 14:13:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2007/11/22 18:22:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2007/12/29 10:20:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SingleClick Systems
[2008/10/15 15:48:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SITEguard
[2009/07/12 11:07:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2007/11/30 17:24:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2007/12/20 23:19:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2009/07/18 09:01:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2007/12/21 02:49:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TextBridge
[2008/12/01 05:15:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TreeCardGames
[2008/12/20 15:21:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2009/01/06 19:46:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2008/02/04 19:40:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZipEC
[2007/11/22 15:48:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZipSE
[2009/07/13 17:31:00 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Keith\Application Data
[2009/07/18 08:15:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\ArcSoft
[2007/11/22 18:58:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\Canon
[2009/06/07 10:30:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\com.verizon.mediastore.vzwdownloadmanager.BEEF85639ECFAE88C004EA3A5F976EE53
86C7526.1
[2008/08/10 09:36:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\Corel
[2009/07/12 16:33:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\eAcceleration
[2008/01/13 12:41:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\Eyeblaster
[2007/12/29 14:40:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\FrmMain
[2007/11/22 17:27:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\Netscape
[2007/12/23 09:27:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\NewzToolz-EZ
[2008/12/24 15:24:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\Pogo Games
[2009/01/17 17:47:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\RCP 5
[2007/11/19 09:44:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\Roxio
[2007/11/22 18:22:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\ScanSoft
[2008/10/26 08:07:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\SecondLife
[2009/05/17 10:56:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\SolSuite
[2009/07/12 20:06:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\StumbleUpon
[2007/11/24 02:58:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\Template
[2007/11/22 17:21:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\Thunderbird
[2008/10/12 11:42:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\Windows Desktop Search
[2008/10/15 17:01:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\Windows Search
[2009/01/17 10:27:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\Zoner
[2009/07/13 06:50:12 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2009/07/16 22:45:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2004/08/04 06:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/07/18 09:01:18 | 00,000,868 | ---- | M] () -- C:\WINDOWS\Tasks\Google Software Updater.job
[2008/12/31 18:48:35 | 00,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\Norton PC Checkup WeekDay Scanner.job
[2009/07/12 10:10:00 | 00,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\Norton PC Checkup Weekend Scanner.job
[2009/07/18 09:00:58 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========

========== Custom Scans ==========

< %systemroot%\System32\antiwpa.dll >

< %systemroot%\SYSTEM32\wpa.dll >

< %systemroot%\setup\scripts\biestart.exe >

< %systemroot%\system32\drivers\royal.sys >

< %systemroot%\system32\oobe\AntiWPA_Crypt.dll >

< %TEMP%\antiwpa_crypt.dll >

< %TEMP%\antiwpa.dll /s >

< %PROGRAMFILES%\antiwpa.dll /s >

< %systemroot%\system32\crypt.dll >

< %TEMP%\crypt.dll >

< %SYSTEMDRIVE%\*. >
[2009/07/18 09:10:31 | 00,000,000 | ---D | M] -- C:
[2009/07/18 08:42:15 | 00,000,000 | ---D | M] -- C:\_OTM
[2009/06/23 13:19:13 | 00,000,000 | ---D | M] -- C:\AVGTemp
[2008/09/04 00:33:01 | 00,000,000 | ---D | M] -- C:\Cook'n
[2007/11/23 09:06:52 | 00,000,000 | ---D | M] -- C:\dell
[2007/11/23 08:18:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings
[2009/07/12 16:41:57 | 00,000,000 | ---D | M] -- C:\Downloads
[2007/07/16 20:46:42 | 00,000,000 | ---D | M] -- C:\drivers
[2007/11/22 17:04:57 | 00,000,000 | ---D | M] -- C:\i386
[2007/11/22 18:07:31 | 00,000,000 | ---D | M] -- C:\Lexmark
[2008/01/13 12:40:46 | 00,000,000 | ---D | M] -- C:\My Download Files
[2008/01/13 12:40:52 | 00,000,000 | ---D | M] -- C:\My Games
[2007/12/21 03:08:10 | 00,000,000 | R--D | M] -- C:\Pagis Inbox
[2008/03/10 02:16:20 | 00,000,000 | ---D | M] -- C:\PC HugWare
[2007/11/23 08:58:07 | 00,000,000 | ---D | M] -- C:\PFiles
[2009/07/18 08:56:19 | 00,000,000 | R--D | M] -- C:\Program Files
[2009/07/13 01:42:13 | 00,000,000 | ---D | M] -- C:\Rbackup
[2008/11/30 21:22:05 | 00,000,000 | -HSD | M] -- C:\RECYCLER
[2009/07/18 09:04:50 | 00,000,000 | ---D | M] -- C:\Rooter$
[2008/09/15 02:07:44 | 00,000,000 | ---D | M] -- C:\share
[2008/09/15 02:07:44 | 00,000,000 | ---D | M] -- C:\Startup
[2008/01/27 09:43:36 | 00,000,000 | -HSD | M] -- C:\System Volume Information
[2007/11/22 18:07:44 | 00,000,000 | ---D | M] -- C:\Temp
[2009/07/18 09:01:07 | 00,000,000 | ---D | M] -- C:\WINDOWS
[2007/11/22 16:25:16 | 00,000,000 | ---D | M] -- C:\Zoom 5241 USB Driver

< %SYSTEMDRIVE%\*.* >
[2009/01/07 06:40:32 | 06,334,802 | ---- | M] () -- C:\05-50 Janneke.tif
[2009/01/07 06:41:14 | 06,334,802 | ---- | M] () -- C:\06-08 Janneke.tif
[2009/01/07 06:40:29 | 06,334,802 | ---- | M] () -- C:\06-10 Janneke.tif
[2009/03/31 21:48:46 | 06,311,582 | ---- | M] () -- C:\2009_EntirelyPennyBlack.tif
[2007/11/22 15:12:22 | 07,539,712 | ---- | M] () -- C:\5241_USBdrv12300.exe
[2009/07/18 09:00:50 | 00,048,040 | ---- | M] () -- C:\aaw7boot.log
[2004/08/10 14:04:08 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/05/31 08:21:01 | 00,000,211 | RHS- | M] () -- C:\boot.ini
[2004/08/10 14:04:08 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2007/11/19 09:12:14 | 00,006,974 | RH-- | M] () -- C:\dell.sdr
[2008/09/15 02:07:46 | 00,000,732 | ---- | M] () -- C:\deskPDF.opt
[2009/07/18 04:28:20 | 00,096,883 | ---- | M] () -- C:\DTLog.txt
[2007/12/21 02:48:34 | 00,000,945 | ---- | M] () -- C:\genesis.log
[2007/11/22 14:38:15 | 00,004,128 | ---- | M] () -- C:\INFCACHE.1
[2009/02/17 15:53:18 | 00,000,239 | ---- | M] () -- C:\INSTALL.LOG
[2004/08/10 14:04:08 | 00,000,000 | -H-- | M] () -- C:\IO.SYS
[2009/07/18 08:59:50 | 00,112,433 | ---- | M] () -- C:\lxdb.log
[2004/08/10 14:04:08 | 00,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2004/08/04 06:00:00 | 00,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/09/07 09:16:09 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2008/01/05 03:16:45 | 00,000,549 | -H-- | M] () -- C:\os037707.bin
[2009/07/18 09:00:52 | 15,980,29824 | -HS- | M] () -- C:\pagefile.sys
[2009/07/18 09:09:04 | 00,000,800 | ---- | M] () -- C:\RootRepeal report 07-18-09 (09-09-04).txt
[2009/07/18 09:09:38 | 00,000,800 | ---- | M] () -- C:\RootRepeal report 07-18-09 (09-09-38).txt
[2007/12/16 00:24:56 | 00,000,036 | ---- | M] () -- C:\wizard.txt

< %PROGRAMFILES%\*. >
[2009/07/18 08:56:19 | 00,000,000 | R--D | M] -- C:\Program Files
[2009/01/18 04:32:48 | 00,000,000 | ---D | M] -- C:\Program Files\ACD Systems
[2008/11/16 11:35:54 | 00,000,000 | ---D | M] -- C:\Program Files\Adobe
[2009/03/31 22:16:54 | 00,000,000 | ---D | M] -- C:\Program Files\Advanced PDF to IMAGE converter
[2009/07/13 17:43:48 | 00,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2008/11/16 11:12:45 | 00,000,000 | ---D | M] -- C:\Program Files\Ancestral Author
[2008/10/06 17:29:01 | 00,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2009/06/22 17:35:44 | 00,000,000 | ---D | M] -- C:\Program Files\ArcSoft
[2009/06/29 15:42:55 | 00,000,000 | ---D | M] -- C:\Program Files\Avery Dennison
[2008/11/20 00:43:18 | 00,000,000 | ---D | M] -- C:\Program Files\AWS
[2007/12/29 02:19:31 | 00,000,000 | ---D | M] -- C:\Program Files\Banner Maker Pro 7
[2009/01/15 23:46:38 | 00,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2007/11/22 18:25:01 | 00,000,000 | ---D | M] -- C:\Program Files\Canon
[2007/11/22 18:18:11 | 00,000,000 | -H-D | M] -- C:\Program Files\CanonBJ
[2008/09/15 02:17:33 | 00,000,000 | ---D | M] -- C:\Program Files\CogniView
[2009/07/13 17:37:18 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files
[2004/08/10 14:02:08 | 00,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2007/11/19 09:14:36 | 00,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2009/06/22 16:52:18 | 00,000,000 | ---D | M] -- C:\Program Files\Corel
[2007/11/19 09:37:47 | 00,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2007/11/19 09:42:01 | 00,000,000 | ---D | M] -- C:\Program Files\Dell
[2007/11/19 09:40:02 | 00,000,000 | ---D | M] -- C:\Program Files\Dell DataSafe Online
[2007/12/29 10:20:37 | 00,000,000 | ---D | M] -- C:\Program Files\Dell Network Assistant
[2007/11/30 17:24:26 | 00,000,000 | ---D | M] -- C:\Program Files\Dell Support Center
[2007/11/19 09:39:09 | 00,000,000 | ---D | M] -- C:\Program Files\DellSupport
[2007/11/19 09:31:29 | 00,000,000 | ---D | M] -- C:\Program Files\Digital Line Detect
[2008/09/15 02:07:39 | 00,000,000 | ---D | M] -- C:\Program Files\Docudesk
[2009/06/15 09:08:04 | 00,000,000 | ---D | M] -- C:\Program Files\DVDConv
[2007/12/19 03:44:50 | 00,000,000 | ---D | M] -- C:\Program Files\Easypano
[2009/07/18 08:56:32 | 00,000,000 | ---D | M] -- C:\Program Files\ERUNT
[2009/03/08 21:17:26 | 00,000,000 | ---D | M] -- C:\Program Files\FastStone Capture
[2009/03/08 21:15:24 | 00,000,000 | ---D | M] -- C:\Program Files\FastStone Image Viewer
[2009/03/08 21:18:26 | 00,000,000 | ---D | M] -- C:\Program Files\FastStone MaxView
[2008/02/08 02:39:43 | 00,000,000 | ---D | M] -- C:\Program Files\FirmTools
[2009/07/15 16:03:28 | 00,000,000 | ---D | M] -- C:\Program Files\FOX News Live
[2008/12/20 13:41:53 | 00,000,000 | ---D | M] -- C:\Program Files\Free Offers from Freeze.com
[2009/01/22 05:17:02 | 00,000,000 | ---D | M] -- C:\Program Files\Freecell 2006
[2009/01/07 04:51:37 | 00,000,000 | ---D | M] -- C:\Program Files\GameTop.com
[2008/10/22 22:31:46 | 00,000,000 | ---D | M] -- C:\Program Files\GIMP-2.0
[2008/12/11 03:59:17 | 00,000,000 | ---D | M] -- C:\Program Files\Golden Dozen Solitaire
[2009/07/12 15:36:21 | 00,000,000 | ---D | M] -- C:\Program Files\Google
[2009/02/05 17:53:08 | 00,000,000 | ---D | M] -- C:\Program Files\greenstreet
[2009/04/16 14:47:51 | 00,000,000 | ---D | M] -- C:\Program Files\Greeting Card Studio
[2009/07/12 10:39:19 | 00,000,000 | ---D | M] -- C:\Program Files\GridinSoft Trojan Killer
[2009/01/07 05:32:02 | 00,000,000 | ---D | M] -- C:\Program Files\gs
[2007/11/24 01:50:20 | 00,000,000 | ---D | M] -- C:\Program Files\HP
[2009/07/16 18:15:38 | 00,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2007/11/19 09:29:04 | 00,000,000 | ---D | M] -- C:\Program Files\Intel
[2009/06/12 20:44:02 | 00,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2008/11/27 23:58:29 | 00,000,000 | ---D | M] -- C:\Program Files\iPod
[2009/02/18 02:26:32 | 00,000,000 | ---D | M] -- C:\Program Files\IrfanView
[2008/02/21 21:12:27 | 00,000,000 | ---D | M] -- C:\Program Files\ITSoft
[2008/11/27 23:58:55 | 00,000,000 | ---D | M] -- C:\Program Files\iTunes
[2007/11/22 23:32:05 | 00,000,000 | ---D | M] -- C:\Program Files\Jasc Software Inc
[2009/06/12 20:38:07 | 00,000,000 | ---D | M] -- C:\Program Files\Java
[2009/02/21 01:56:10 | 00,000,000 | ---D | M] -- C:\Program Files\Klondike Collection 7.0
[2008/09/04 02:31:27 | 00,000,000 | ---D | M] -- C:\Program Files\Lakefront Software
[2009/07/12 06:49:34 | 00,000,000 | ---D | M] -- C:\Program Files\Lavasoft
[2007/11/22 18:08:45 | 00,000,000 | ---D | M] -- C:\Program Files\Lexmark 840 Series
[2009/07/13 21:22:30 | 00,000,000 | ---D | M] -- C:\Program Files\Lx_cats
[2007/12/29 02:24:48 | 00,000,000 | ---D | M] -- C:\Program Files\Macrogaming
[2009/07/13 21:25:31 | 00,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/05/10 09:45:32 | 00,000,000 | ---D | M] -- C:\Program Files\Maximum Software
[2008/09/07 09:25:00 | 00,000,000 | ---D | M] -- C:\Program Files\Messenger
[2007/11/23 14:01:20 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2004/08/10 14:04:18 | 00,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2007/11/19 09:41:52 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2007/11/19 09:41:33 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Plus! Digital Media Edition
[2007/11/19 09:41:35 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Plus! Photo Story 2 LE
[2009/03/01 12:08:07 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2009/06/12 20:42:17 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2007/11/19 09:29:03 | 00,000,000 | ---D | M] -- C:\Program Files\Modem Diagnostic Tool
[2008/09/07 09:21:11 | 00,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2009/07/18 09:02:01 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009/07/18 08:19:54 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Thunderbird
[2007/11/23 15:13:30 | 00,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2004/08/10 14:01:16 | 00,000,000 | ---D | M] -- C:\Program Files\MSN
[2004/08/10 14:01:24 | 00,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2007/11/22 18:42:51 | 00,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2007/11/19 09:25:47 | 00,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2007/11/19 09:40:57 | 00,000,000 | ---D | M] -- C:\Program Files\MUSICMATCH
[2008/11/18 23:56:09 | 00,000,000 | ---D | M] -- C:\Program Files\My Craft Studio
[2009/06/21 20:44:55 | 00,000,000 | ---D | M] -- C:\Program Files\Mystik Media
[2008/09/07 09:18:39 | 00,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2007/11/25 13:01:07 | 00,000,000 | ---D | M] -- C:\Program Files\Netscape
[2007/11/19 09:31:35 | 00,000,000 | ---D | M] -- C:\Program Files\NetWaiting
[2007/11/22 18:23:27 | 00,000,000 | ---D | M] -- C:\Program Files\NewSoft
[2009/03/31 22:33:06 | 00,000,000 | ---D | M] -- C:\Program Files\office Convert Pdf to Jpg Jpeg Tiff Free
[2004/08/10 14:01:34 | 00,000,000 | ---D | M] -- C:\Program Files\Online Services
[2008/09/07 09:18:34 | 00,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2009/06/21 19:57:30 | 00,000,000 | ---D | M] -- C:\Program Files\Paint.NET
[2008/03/17 00:09:46 | 00,000,000 | ---D | M] -- C:\Program Files\PanaVue
[2009/03/15 01:22:19 | 00,000,000 | ---D | M] -- C:\Program Files\PanoramaStudio
[2009/03/31 22:05:54 | 00,000,000 | ---D | M] -- C:\Program Files\PDF to JPG
[2009/01/07 06:39:08 | 00,000,000 | ---D | M] -- C:\Program Files\PDF-Convert
[2009/07/13 01:41:25 | 00,000,000 | ---D | M] -- C:\Program Files\Perfect Uninstaller
[2008/11/18 07:02:09 | 00,000,000 | ---D | M] -- C:\Program Files\Photo-Brush
[2007/12/20 23:43:12 | 00,000,000 | ---D | M] -- C:\Program Files\PhotoSEAM
[2008/11/23 23:32:32 | 00,000,000 | ---D | M] -- C:\Program Files\Picaboo
[2008/03/15 00:21:24 | 00,000,000 | ---D | M] -- C:\Program Files\Picture Resize Genius
[2007/12/28 00:11:17 | 00,000,000 | ---D | M] -- C:\Program Files\Pixtra
[2009/04/25 14:33:13 | 00,000,000 | ---D | M] -- C:\Program Files\PopCap Games
[2007/12/28 00:29:54 | 00,000,000 | ---D | M] -- C:\Program Files\Pos
[2009/01/07 06:38:55 | 00,000,000 | ---D | M] -- C:\Program Files\psconvert
[2009/06/13 01:35:30 | 00,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2009/03/15 01:29:57 | 00,000,000 | ---D | M] -- C:\Program Files\RasterStitch Demo 2.30
[2008/01/13 12:39:13 | 00,000,000 | ---D | M] -- C:\Program Files\Real
[2007/11/23 15:06:41 | 00,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2008/12/01 05:07:26 | 00,000,000 | ---D | M] -- C:\Program Files\ReflexiveArcade
[2009/07/13 20:49:16 | 00,000,000 | ---D | M] -- C:\Program Files\Registry Mighty
[2007/11/19 09:35:14 | 00,000,000 | ---D | M] -- C:\Program Files\Roxio
[2007/12/21 02:49:11 | 00,000,000 | ---D | M] -- C:\Program Files\ScanSoft
[2009/03/25 14:13:16 | 00,000,000 | ---D | M] -- C:\Program Files\Seekeen
[2009/06/07 16:12:34 | 00,000,000 | ---D | M] -- C:\Program Files\SelectRebates
[2008/10/22 22:20:54 | 00,000,000 | ---D | M] -- C:\Program Files\Serif
[2009/01/26 23:12:30 | 00,000,000 | ---D | M] -- C:\Program Files\Smart PDF Converter
[2008/12/01 05:15:12 | 00,000,000 | ---D | M] -- C:\Program Files\SolSuite
[2008/10/15 18:47:09 | 00,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2008/03/08 00:10:56 | 00,000,000 | ---D | M] -- C:\Program Files\STOIK Imaging
[2009/06/09 18:58:36 | 00,000,000 | ---D | M] -- C:\Program Files\StumbleUpon
[2007/12/20 23:19:38 | 00,000,000 | ---D | M] -- C:\Program Files\TechSmith
[2009/07/18 08:30:23 | 00,000,000 | ---D | M] -- C:\Program Files\Trend Micro
[2009/01/07 06:47:36 | 00,000,000 | ---D | M] -- C:\Program Files\Tukanas Files Converter
[2004/08/10 14:08:30 | 00,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/06/07 10:41:07 | 00,000,000 | ---D | M] -- C:\Program Files\V CAST Music with Rhapsody
[2008/10/15 01:31:16 | 00,000,000 | ---D | M] -- C:\Program Files\VirRL2009
[2009/06/07 10:48:32 | 00,000,000 | ---D | M] -- C:\Program Files\VZWDownloadManager
[2009/06/13 06:56:11 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Desktop Search
[2007/11/23 15:04:32 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2008/09/07 09:18:35 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2008/09/07 09:18:34 | 00,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2004/08/10 14:02:52 | 00,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2009/01/02 11:21:24 | 00,000,000 | ---D | M] -- C:\Program Files\WinZip
[2008/02/04 19:39:55 | 00,000,000 | ---D | M] -- C:\Program Files\WinZip E-Mail Companion
[2008/03/22 02:53:51 | 00,000,000 | ---D | M] -- C:\Program Files\WinZip Self-Extractor
[2008/04/02 02:01:44 | 00,000,000 | ---D | M] -- C:\Program Files\xat.com Image Optimizer
[2004/08/10 14:04:18 | 00,000,000 | ---D | M] -- C:\Program Files\xerox
[2008/12/21 12:18:14 | 00,000,000 | ---D | M] -- C:\Program Files\Xvid
[2009/06/21 09:08:47 | 00,000,000 | ---D | M] -- C:\Program Files\Yahoo!
[2009/01/16 23:07:30 | 00,000,000 | ---D | M] -- C:\Program Files\Zoner
[2007/11/22 16:25:47 | 00,000,000 | ---D | M] -- C:\Program Files\Zoom
[2009/03/31 21:43:53 | 00,000,000 | ---D | M] -- C:\Program Files\zvprt40

< set /c >
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Keith\Application Data
CLASSPATH=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=D9B2N3F1
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Keith
LOGONSERVER=\\D9B2N3F1
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 13, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0d
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
RoxioCentral=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Keith\LOCALS~1\Temp
TMP=C:\DOCUME~1\Keith\LOCALS~1\Temp
USERDOMAIN=D9B2N3F1
USERNAME=Keith
USERPROFILE=C:\Documents and Settings\Keith
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI

========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:825D5945
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9CF56DF4
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BEB71B81
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7E95B6FD
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:20C3AB27
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >

If this is in the wrong forum, I'm sorry.

EDIT: I forgot to mention that Corona sent me.

Help!

Jul 18 2009, 03:56 PM

Malwarebytes finally ran. Here is the log:

Malwarebytes' Anti-Malware 1.39
Database version: 2421
Windows 5.1.2600 Service Pack 3

7/18/2009 11:54:56 AM
mbam-log-2009-07-18 (11-54-49).txt

Scan type: Full Scan (C:\|)
Objects scanned: 263481
Time elapsed: 1 hour(s), 20 minute(s), 11 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 14
Registry Values Infected: 5
Registry Data Items Infected: 10
Folders Infected: 9
Files Infected: 59

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\z444.z444mgr (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\z444.z444mgr.1 (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{67450775-3b18-49b1-aa83-0e010f07f4df} (Trojan.Dropper) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{69b3ebfa-0015-4914-9312-e7758eacfac1} (Trojan.Dropper) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{30de9920-2e84-40a2-88a5-b8d256e15101} (Trojan.Dropper) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\seekeen (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\WinBlueSoft (Rogue.WinBlue) -> No action taken.
HKEY_CLASSES_ROOT\virrlwarning.warningbho (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\virrlwarning.warningbho.1 (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\DVDConv (Trojan.DNSChanger) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDConv (Trojan.DNSChanger) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Registry Mighty_is1 (Rogue.RegistryMighty) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Registry Mighty (Rogue.RegistryMighty) -> No action taken.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\c:\program files\common files\acd systems\Filters\EITCC_LinearBlur.dll (Trojan.Dropper) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WinBlueSoft (Rogue.WinBlue) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\(default) (Adware.Hotbar) -> No action taken.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURL (Hijack.Search) -> Bad: (http://windiwsfsearch.com) Good: (http://www.Google.com/) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Search Bar (Hijack.Search) -> Bad: (http://windiwsfsearch.com/ie6.html) Good: (http://www.Google.com/) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Hijack.Search) -> Bad: (http://windiwsfsearch.com/search?q={searchTerms}) Good: (http://www.Google.com/) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w\(default) (Hijack.Search) -> Bad: (http://windiwsfsearch.com/search?q=%s) Good: (http://www.Google.com/) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.79,85.255.112.213 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{e85b93b7-9648-404c-bc56-27eaa097221b}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.79,85.255.112.213 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.79,85.255.112.213 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{e85b93b7-9648-404c-bc56-27eaa097221b}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.79,85.255.112.213 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.79,85.255.112.213 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{e85b93b7-9648-404c-bc56-27eaa097221b}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.79,85.255.112.213 -> No action taken.

Folders Infected:
C:\Program Files\SelectRebates (Adware.SelectRebates) -> No action taken.
c:\program files\VirRL2009 (Rogue.AntiVirusLab) -> No action taken.
C:\Program Files\Seekeen (Trojan.Agent) -> No action taken.
C:\Program Files\Maximum Software (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\Keith\Start Menu\Programs\DVDConv (Trojan.DNSChanger) -> No action taken.
C:\Program Files\DVDConv (Trojan.DNSChanger) -> No action taken.
C:\Program Files\Registry Mighty (Rogue.RegistryMighty) -> No action taken.
c:\program files\registry mighty\RepairBackup (Rogue.RegistryMighty) -> No action taken.
C:\Documents and Settings\All Users\Start Menu\Programs\Registry Mighty (Rogue.RegistryMighty) -> No action taken.

Files Infected:
c:\program files\common files\acd systems\Filters\EITCC_LinearBlur.dll (Trojan.Dropper) -> No action taken.
c:\program files\selectrebates\SelectRebatesDownload.exe (Adware.SelectRebates) -> No action taken.
c:\program files\DVDConv\Uninstall.exe (Trojan.DNSChanger) -> No action taken.
c:\program files\mozilla firefox\plugins\NPMyWebS.dll (Adware.MyWeb) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP681\A0131636.exe (Adware.MyWeb) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127412.DLL (Adware.MyWebSearch) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127404.DLL (Adware.MyWebSearch) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127407.EXE (Adware.MyWeb) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127408.EXE (Adware.MyWeb) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127409.EXE (Adware.MyWeb) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127411.SCR (Adware.MyWebSearch) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127415.DLL (Adware.MyWeb) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127416.DLL (Adware.MyWeb) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127417.EXE (Adware.MyWeb) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127418.DLL (Adware.MyWeb) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127419.DLL (Adware.MyWeb) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127420.scr (Adware.MyWebSearch) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127421.DLL (Adware.MyWeb) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127424.DLL (Adware.MyWeb) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127427.EXE (Adware.MyWeb) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127428.EXE (Adware.MyWeb) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127429.DLL (Adware.MyWeb) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127431.EXE (Adware.MyWeb) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127432.EXE (Adware.MyWeb) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127433.DLL (Adware.MyWeb) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127434.DLL (Adware.MyWeb) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127435.DLL (Adware.MyWeb) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127442.exe (Rogue.Installer) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127443.exe (Rogue.BugDoctor) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127458.DLL (Adware.MyWeb) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127460.DLL (Adware.MyWeb) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127461.EXE (Adware.MyWeb) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127462.DLL (Adware.MyWeb) -> No action taken.
c:\system volume information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\RP647\A0127463.DLL (Adware.MyWeb) -> No action taken.
c:\program files\Seekeen\home.js (Trojan.Agent) -> No action taken.
c:\program files\Seekeen\readme.html (Trojan.Agent) -> No action taken.
c:\program files\Seekeen\uninstall.exe (Trojan.Agent) -> No action taken.
c:\documents and settings\Keith\start menu\Programs\DVDConv\Uninstall.lnk (Trojan.DNSChanger) -> No action taken.
c:\program files\registry mighty\Code (Rogue.RegistryMighty) -> No action taken.
c:\program files\registry mighty\errorlist.txt (Rogue.RegistryMighty) -> No action taken.
c:\program files\registry mighty\MightyHelp.chm (Rogue.RegistryMighty) -> No action taken.
c:\program files\registry mighty\RegistryMighty.url (Rogue.RegistryMighty) -> No action taken.
c:\program files\registry mighty\ScanResult (Rogue.RegistryMighty) -> No action taken.
c:\program files\registry mighty\ScanSection.ini (Rogue.RegistryMighty) -> No action taken.
c:\program files\registry mighty\unins000.dat (Rogue.RegistryMighty) -> No action taken.
c:\program files\registry mighty\unins000.exe (Rogue.RegistryMighty) -> No action taken.
c:\program files\registry mighty\Update.ini (Rogue.RegistryMighty) -> No action taken.
c:\program files\registry mighty\repairbackup\_20090109_003145.reg (Rogue.RegistryMighty) -> No action taken.
c:\documents and settings\all users\start menu\Programs\registry mighty\Registry Mighty Help.lnk (Rogue.RegistryMighty) -> No action taken.
c:\documents and settings\all users\start menu\Programs\registry mighty\Registry Mighty on the Web.lnk (Rogue.RegistryMighty) -> No action taken.
c:\documents and settings\all users\start menu\Programs\registry mighty\Registry Mighty.lnk (Rogue.RegistryMighty) -> No action taken.
c:\documents and settings\all users\start menu\Programs\registry mighty\Uninstall Registry Mighty.lnk (Rogue.RegistryMighty) -> No action taken.
C:\Documents and Settings\Janet\My Documents\My Music\My Music.url (Trojan.Zlob) -> No action taken.
C:\Documents and Settings\Janet\My Documents\My Pictures\My Pictures.url (Trojan.Zlob) -> No action taken.
C:\Documents and Settings\Janet\My Documents\My Videos\My Video.url (Trojan.Zlob) -> No action taken.
C:\Documents and Settings\Janet\My Documents\My Documents.url (Trojan.Zlob) -> No action taken.
c:\documents and settings\Janet\Desktop\Click to Find and Fix Errors.lnk (Rogue.Link) -> No action taken.
c:\RECYCLER\ADAPT_Installer.exe (Heuristics.Malware) -> No action taken.
C:\WINDOWS\system32\MSIVXcount (Trojan.Agent) -> No action taken.

Help!

Jul 18 2009, 05:38 PM

QUOTE (Help! @ Jul 18 2009, 10:56 AM)

I finally got Malwarebytes to run. It found 97 infections and fixed them all. After the scan and removal, Malwarebytes updated normally. I scanned again and found one more infection. I'm scanning now with AVAST.

Thank you Hazelnut!

Rorschach112

Jul 20 2009, 09:16 PM

hi

Download ComboFix from one of these locations:

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you don't know how to disable them then just continue on.
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt log in your next reply.

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.