Help - Search - Members - Calendar
Full Version: i've got that damn antivirus2009 thingy
Malwarebytes Forum > Computer Help > Malware Removal - HijackThis Logs
ihateviruses2009
Nov 12 2008, 01:19 AM
not even in safemode, for the last half-day i've been very p***ed off, i've had to press the on-machine restart-button more times than you can say wickey-bo-bo

i have windoze XP prof' on my infected pc, this isn't the pc im using right now, using another pc. it's completly jammed! firefox/ie won't run, nothing will run except a few games, outlook express, msn.
I've tried running a few 100 malware removers in normal and safe-mode but nothing loads.

if you haven't gathered allready i've got that damn antivirus2009 thingy. why won't the anti-malware run? i've tried 1000 times im so angry!!
Raid
Nov 12 2008, 01:29 AM
Important!
All of the following instructions must be run on the affected computer. Logs from a different computer will not help me help you. So, if you need to download all of this and then copy it to CD or memory stick and take it to the other computer, please do so. Either way, it's important. The logs have to be made by the computer with the problem.

I need you to follow the instructions provided here Pre- HJT Post Instructions first.

I also need for you to download this program OTListIt.exe to your desktop.
  • Close all applications and windows so that you have nothing open and are at your Desktop
  • Double-click on the OTListIt.exe file to start OTListIt. OK any warning about running OTListIt.
  • Place a checkmark in the "Scan All Users" checkbox (Leave the 'Use Whitelist' checked' and the 'File Age:' at 30 days)
  • Click the Run Scan button
  • NOTE: Please be patient and let the scan run without using the computer
  • When the scan is complete, a text file (OTListIt.Txt) will open in Notepad (if not, it can be found on your Desktop)
  • In Notepad, click Edit, Select all then Edit, Copy
  • Reply to this topic, click in the topic reply window, and press Ctrl+V to paste the log or Righ click paste.
  • Submit your reply and close the Notepad window with OTList.txt
  • Also OTListIt's Extras.txt log file will be minimized in the Taskbar (and located on your Desktop) - click on this and maximize the window
  • In Notepad, click Edit, Select all then Edit, Copy
  • Reply to this topic again, click in the topic reply window, and press Ctrl+V to paste the extras log or Right click paste.
  • NOTE: If the files (OTListIt.txt, Extras.txt) do not appear in your taskbar, just open the files in notepad from your desktop.

Please allow me time to analyze your post. If you don't see a reply from me after 24 hours, feel free to PM me.
ihateviruses2009
Nov 12 2008, 04:54 PM
ok 4/5 :S I have windows XP profesional servicepack II by the way.

about search&destroy before i continue, well it would ONLY install in safemode, but either mode (Safe and normal) the program just wouldn't run. (even after i renamed the exe file like I had to do with antimalware).

anti malware log:

okMalwarebytes' Anti-Malware 1.30
Database version: 1306
Windows 5.1.2600 Service Pack 2

11/12/2008 15:36:54
mbam-log-2008-11-12 (15-36-54).txt

Scan type: Quick Scan
Objects scanned: 61670
Time elapsed: 1 hour(s), 18 minute(s), 18 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\ -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: system32\ -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\ (Trojan.Agent) -> Delete on reboot.

----------------------------------------------
just to let you know i actually did this twice and 5 trojans rufuse to budge



with Panda I got as far as "Sorry, updating is incomplete due to an error. Please try again." and ESET-Online (on the latest IE) was 404 heaven sad.gif
but panda/eset work on THIS pc, but that's no good is it. somthing is blocking it maybe.


Hijack log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:24:56, on 11/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 SP2 (7.00.6000.16735)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: SpamBlockerUtility - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\SpamBlockerUtility\Bin\4.8.4.0\SbHostIE.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [DeltTray] DeltTray.exe
O4 - HKLM\..\Run: [M-Audio Delta Taskbar Icon] C:\WINDOWS\System32\DeltTray.exe
O4 - HKLM\..\Run: [NetStat Live] C:\Program Files\AnalogX\NetStat Live\nsl.exe
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [AdvancedCleaner Free] "C:\Program Files\AdvancedCleaner Free\UADC.exe" /min
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "G:\Program Files\iTunesHelper.exe"
O4 - HKLM\..\Run: [lxdjmon.exe] "C:\Program Files\Lexmark 1400 Series\lxdjmon.exe"
O4 - HKLM\..\Run: [lxdjamon] "C:\Program Files\Lexmark 1400 Series\lxdjamon.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [iChat] C:\Program Files\IChat\iChat.exe
O4 - HKCU\..\Run: [RealPlayer] "C:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet7_22.dll' missing
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: karna.dat?,avgrsstx.dll
O20 - Winlogon Notify: mljijge - mljijge.dll (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxdjCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdjserv.exe
O23 - Service: lxdj_device - - C:\WINDOWS\system32\lxdjcoms.exe
O23 - Service: NNServ - Unknown owner - C:\Program Files\NewDotNet\nnrun.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - g:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe

--
End of file - 8512 bytes

----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
ihateviruses2009
Nov 12 2008, 04:55 PM
OTLIST IT:

OTListIt logfile created on: 11/12/2008 16:40:28 - Run
OTListIt by OldTimer - Version 1.0.12.0 Folder = C:\Documents and Settings\Mike\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: M/d/yyyy

1023.47 Mb Total Physical Memory | 615.41 Mb Available Physical Memory | 60.13% Memory free
2.40 Gb Paging File | 2.00 Gb Available in Paging File | 83.12% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.54 Gb Total Space | 1.35 Gb Free Space | 1.81% Space Free | Partition Type: NTFS
Drive D: | 84.74 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 465.76 Gb Total Space | 396.74 Gb Free Space | 85.18% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MIKESPC
Current User Name: Mike
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2008/09/10 13:01:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
[2008/10/01 12:06:14 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
[2008/11/12 13:32:57 | 00,282,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
[2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
[2003/10/20 13:47:36 | 00,053,248 | ---- | M] (GEAR Software) -- C:\WINDOWS\system32\gearsec.exe
[2004/09/26 15:30:36 | 00,073,852 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe
[2007/06/11 23:18:00 | 00,537,520 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdjcoms.exe
[2005/12/10 03:06:00 | 00,131,139 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
[2008/04/22 17:23:02 | 00,098,488 | ---- | M] (SiSoftware) -- g:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe
[2005/01/28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe
[2000/06/26 07:44:20 | 00,053,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MsPMSPSv.exe
[2004/09/26 15:31:14 | 00,135,168 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe
[2004/08/04 00:56:56 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
[2005/06/06 22:46:24 | 00,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
[2004/08/26 22:43:06 | 00,056,320 | ---- | M] (Doug Fetter Software Wizardry) -- C:\WINDOWS\system32\DeltTray.exe
[2005/11/01 00:00:00 | 00,307,200 | ---- | M] (Team H2O) -- C:\Program Files\Syncrosoft\POS\H2O\cledx.exe
[2008/11/12 13:32:42 | 01,177,368 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
[2008/10/01 17:57:12 | 00,289,576 | ---- | M] (Apple Inc.) -- G:\Program Files\iTunesHelper.exe
[2007/04/30 20:19:53 | 00,020,480 | ---- | M] () -- C:\Program Files\Lexmark 1400 Series\lxdjamon.exe
[2008/07/09 09:05:20 | 00,919,016 | ---- | M] (Zone Labs, LLC) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
[2007/07/01 14:05:45 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[2008/11/12 13:32:57 | 00,311,576 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
[2008/07/09 09:05:18 | 00,075,304 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
[2008/11/12 13:32:42 | 00,902,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
[2008/10/01 17:57:00 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
[2008/07/18 21:10:42 | 00,053,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
[2008/08/23 05:56:15 | 00,635,848 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
[2008/07/18 21:10:42 | 00,053,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
[2008/11/12 11:12:20 | 00,418,304 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTListIt.exe

========== (O23) Win32 Services ==========

[2008/09/10 13:01:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [Auto | Running])
[2008/10/01 12:06:14 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
[2007/10/24 00:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2008/11/12 13:32:42 | 00,902,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running])
[2008/11/12 13:32:57 | 00,282,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
[2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
[2007/10/24 00:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[1999/12/13 01:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTSVCCDA.EXE -- (Creative Service for CDROM Access [Disabled | Stopped])
[2003/10/20 13:47:36 | 00,053,248 | ---- | M] (GEAR Software) -- C:\WINDOWS\system32\gearsec.exe -- (GEARSecurity [Auto | Running])
[2007/01/27 15:48:48 | 00,138,168 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
[2004/09/26 15:30:36 | 00,073,852 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe -- (IAANTMon [Auto | Running])
[2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
[2008/10/01 17:57:00 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
[2007/06/11 23:17:46 | 00,099,248 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjserv.exe -- (lxdjCATSCustConnectService [Auto | Stopped])
[2007/06/11 23:18:00 | 00,537,520 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdjcoms.exe -- (lxdj_device [Auto | Running])
File not found -- -- (NNServ [Auto | Stopped])
[2005/12/10 03:06:00 | 00,131,139 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
[2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
[2008/04/22 17:23:02 | 00,098,488 | ---- | M] (SiSoftware) -- g:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe -- (SandraAgentSrv [Auto | Running])
[2005/01/28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [Auto | Running])
[2007/01/19 11:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
[2000/06/26 07:44:20 | 00,053,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MsPMSPSv.exe -- (WMDM PMSP Service [Auto | Running])

========== Driver Services ==========

[2008/11/12 13:33:07 | 00,096,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86 [System | Running])
[2008/11/12 13:33:07 | 00,026,184 | ---- | M] (GRISOFT, s.r.o.) -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86 [System | Running])
[2008/11/12 13:33:08 | 00,075,272 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX [Auto | Running])
[2004/12/06 17:55:20 | 00,126,720 | R--- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k [On_Demand | Stopped])
[2005/05/09 20:08:40 | 00,033,792 | ---- | M] (Team H2O) -- C:\WINDOWS\system32\drivers\cledx.sys -- (CLEDX [On_Demand | Running])
[2008/03/20 16:23:08 | 00,098,328 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\COMMONFX.sys -- (COMMONFX [On_Demand | Stopped])
[2008/03/20 16:23:08 | 00,098,328 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\COMMONFX.sys -- (COMMONFX.SYS [On_Demand | Stopped])
[2008/03/20 16:36:44 | 00,171,032 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\CT20XUT.sys -- (CT20XUT [On_Demand | Stopped])
[2008/03/20 16:36:44 | 00,171,032 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\CT20XUT.sys -- (CT20XUT.SYS [On_Demand | Stopped])
[2004/08/25 08:28:28 | 00,645,520 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k [On_Demand | Running])
[2004/08/25 08:29:30 | 00,374,704 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k [On_Demand | Running])
[2008/03/20 16:23:44 | 00,528,920 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTAUDFX.sys -- (CTAUDFX [On_Demand | Stopped])
[2008/03/20 16:23:44 | 00,528,920 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTAUDFX.sys -- (CTAUDFX.SYS [On_Demand | Stopped])
[2005/11/10 17:06:04 | 00,340,704 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k [On_Demand | Stopped])
[2008/03/20 16:26:30 | 00,163,352 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTEAPSFX.sys -- (CTEAPSFX [On_Demand | Stopped])
[2008/03/20 16:26:30 | 00,163,352 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTEAPSFX.sys -- (CTEAPSFX.SYS [On_Demand | Stopped])
[2008/03/20 16:32:36 | 00,259,096 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTEDSPFX.sys -- (CTEDSPFX [On_Demand | Stopped])
[2008/03/20 16:32:36 | 00,259,096 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTEDSPFX.sys -- (CTEDSPFX.SYS [On_Demand | Stopped])
[2008/03/20 16:38:06 | 00,134,168 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTEDSPIO.sys -- (CTEDSPIO [On_Demand | Stopped])
[2008/03/20 16:38:06 | 00,134,168 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTEDSPIO.sys -- (CTEDSPIO.SYS [On_Demand | Stopped])
[2008/03/20 16:37:36 | 00,309,784 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTEDSPSY.sys -- (CTEDSPSY [On_Demand | Stopped])
[2008/03/20 16:37:36 | 00,309,784 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTEDSPSY.sys -- (CTEDSPSY.SYS [On_Demand | Stopped])
[2008/03/20 16:36:14 | 00,099,352 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTERFXFX.sys -- (CTERFXFX [On_Demand | Stopped])
[2008/03/20 16:36:14 | 00,099,352 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTERFXFX.sys -- (CTERFXFX.SYS [On_Demand | Stopped])
[2008/03/20 16:40:38 | 01,324,056 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\CTEXFIFX.sys -- (CTEXFIFX [On_Demand | Stopped])
[2008/03/20 16:40:38 | 01,324,056 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS [On_Demand | Stopped])
[2008/03/20 16:37:10 | 00,072,728 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\CTHWIUT.sys -- (CTHWIUT [On_Demand | Stopped])
[2008/03/20 16:37:10 | 00,072,728 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\CTHWIUT.sys -- (CTHWIUT.SYS [On_Demand | Stopped])
[2004/08/25 08:29:50 | 00,006,096 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k [On_Demand | Running])
[2008/03/20 16:25:44 | 00,534,040 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTSBLFX.sys -- (CTSBLFX [On_Demand | Stopped])
[2008/03/20 16:25:44 | 00,534,040 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTSBLFX.sys -- (CTSBLFX.SYS [On_Demand | Stopped])
[2004/08/25 08:30:06 | 00,130,384 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k [On_Demand | Running])
[2005/10/06 13:31:54 | 00,292,992 | ---- | M] (Midiman/M-Audio) -- C:\WINDOWS\system32\drivers\delta.sys -- (DELTA [On_Demand | Running])
[2004/08/25 08:30:18 | 00,147,088 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia [On_Demand | Running])
[2004/08/03 23:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum [On_Demand | Stopped])
[2008/04/17 12:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
[2004/05/02 08:47:08 | 00,023,040 | R--- | M] () -- C:\WINDOWS\System32\drivers\GVCplDrv.sys -- (GVCplDrv [On_Demand | Running])
[2004/08/25 08:27:10 | 00,924,464 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k [On_Demand | Running])
[2004/08/25 08:27:28 | 00,148,368 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\haP16v2k.sys -- (hap16v2k [On_Demand | Stopped])
[2008/03/20 16:56:54 | 00,191,000 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\haP17v2k.sys -- (hap17v2k [On_Demand | Stopped])
[2004/03/17 15:10:40 | 00,113,664 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService [On_Demand | Running])
[2004/03/17 15:12:12 | 00,135,168 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus [On_Demand | Running])
[2004/09/26 15:24:54 | 00,477,952 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor [Boot | Running])
[2001/08/17 13:51:32 | 00,018,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir [On_Demand | Running])
[2007/07/19 15:10:28 | 00,127,768 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF [On_Demand | Stopped])
[2004/02/16 22:19:30 | 00,571,776 | ---- | M] (Eugene Gavrilov) -- C:\WINDOWS\system32\drivers\kx.sys -- (kxwdmdrv [On_Demand | Stopped])
[2001/07/27 21:50:05 | 00,031,744 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Temp\lac97inf.sys -- (lac97inf [On_Demand | Stopped])
[2007/09/05 01:46:34 | 00,092,544 | ---- | M] (MagicISO, Inc.) -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus [On_Demand | Running])
[2005/12/10 03:06:00 | 03,536,768 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv [On_Demand | Running])
[2004/08/25 08:29:42 | 00,178,736 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv [On_Demand | Running])
[2008/06/19 17:24:30 | 00,028,544 | ---- | M] (Panda Security, S.L.) -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot [Boot | Running])
[2004/04/01 16:30:46 | 00,010,368 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc [On_Demand | Running])
[2001/08/23 15:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2006/11/02 15:57:04 | 00,036,624 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2008/03/10 18:30:36 | 00,021,408 | ---- | M] (SiSoftware) -- g:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\sandra.sys -- (SANDRA [On_Demand | Stopped])
[2006/12/27 14:47:30 | 00,009,006 | ---- | M] (ZD Soft) -- C:\WINDOWS\system32\drivers\scrcap.sys -- (scrcap [On_Demand | Running])
[2007/11/13 10:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [Auto | Running])
[2003/09/22 13:46:10 | 00,096,906 | ---- | M] (Silicon Image, Inc) -- C:\WINDOWS\system32\drivers\SI3114r.sys -- (SI3114r [Boot | Running])
[2003/09/17 17:29:52 | 00,010,240 | ---- | M] (Silicon Image, Inc.) -- C:\WINDOWS\system32\drivers\SiWinAcc.sys -- (SiFilter [Boot | Running])
[2008/02/27 03:10:44 | 00,051,176 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan [Boot | Running])
[2008/02/20 12:47:34 | 00,027,936 | ---- | M] (RapidSolution Software AG) -- C:\WINDOWS\system32\drivers\tbhsd.sys -- (tbhsd [On_Demand | Running])
[2008/10/01 12:01:28 | 00,032,000 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped])
[2004/08/03 23:08:44 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbser.sys -- (usbser [On_Demand | Stopped])
[2008/07/09 09:05:22 | 00,394,952 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant [On_Demand | Running])
[2006/03/13 16:49:54 | 00,060,800 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\w300bus.sys -- (w300bus [On_Demand | Stopped])
[2006/03/13 16:50:00 | 00,009,264 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\w300mdfl.sys -- (w300mdfl [On_Demand | Stopped])
[2006/03/13 16:50:02 | 00,096,352 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\w300mdm.sys -- (w300mdm [On_Demand | Stopped])
[2006/03/13 16:50:06 | 00,087,824 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\w300mgmt.sys -- (w300mgmt [On_Demand | Stopped])
[2006/03/13 16:50:08 | 00,085,696 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\w300obex.sys -- (w300obex [On_Demand | Stopped])
[2003/12/23 06:32:00 | 00,174,464 | ---- | M] (Marvell Semiconductor Inc.) -- C:\WINDOWS\system32\drivers\yukonwxp.sys -- (yukonwxp [On_Demand | Running])

========== Internet Explorer ==========

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
URLSearchHook: - Reg Error: Key does not exist or could not be opened. File not found
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\S-1-5-21-436374069-884357618-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
HKU\S-1-5-21-436374069-884357618-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKU\S-1-5-21-436374069-884357618-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
HKU\S-1-5-21-436374069-884357618-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8
HKU\S-1-5-21-436374069-884357618-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-436374069-884357618-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
URLSearchHook: - Reg Error: Key does not exist or could not be opened. File not found
HKU\S-1-5-21-436374069-884357618-725345543-1003\S-1-5-21-436374069-884357618-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
HKU\S-1-5-21-436374069-884357618-725345543-1003\S-1-5-21-436374069-884357618-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

O1 HOSTS File: (732 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (SpamBlockerUtility) - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\SpamBlockerUtility\Bin\4.8.4.0\SbHostIE.dll File not found
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Spy Blocker) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm)
O3 - HKCU\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKCU\..\Toolbar: (no name) - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\SpamBlockerUtility\Bin\4.8.4.0\SbHostIE.dll File not found
O3 - HKCU\..\Toolbar: (no name) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm)
O3 - HKCU\..\Toolbar: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKCU\..\Toolbar: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKCU\..\Toolbar: (no name) - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\SpamBlockerUtility\Bin\4.8.4.0\SbHostIE.dll File not found
O3 - HKCU\..\Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKCU\..\Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar: (no name) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm)
O3 - HKU\S-1-5-21-436374069-884357618-725345543-1003\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKU\S-1-5-21-436374069-884357618-725345543-1003\..\Toolbar: (no name) - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\SpamBlockerUtility\Bin\4.8.4.0\SbHostIE.dll File not found
O3 - HKU\S-1-5-21-436374069-884357618-725345543-1003\..\Toolbar: (no name) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm)
O3 - HKU\S-1-5-21-436374069-884357618-725345543-1003\..\Toolbar: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKU\S-1-5-21-436374069-884357618-725345543-1003\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKU\S-1-5-21-436374069-884357618-725345543-1003\..\Toolbar: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKU\S-1-5-21-436374069-884357618-725345543-1003\..\Toolbar: (no name) - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\SpamBlockerUtility\Bin\4.8.4.0\SbHostIE.dll File not found
O3 - HKU\S-1-5-21-436374069-884357618-725345543-1003\..\Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - Reg Error: Key does not exist or could not be opened. File not found
O3 - HKU\S-1-5-21-436374069-884357618-725345543-1003\..\Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-436374069-884357618-725345543-1003\..\Toolbar: (no name) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm)
O4 - HKLM..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdvancedCleaner Free] "C:\Program Files\AdvancedCleaner Free\UADC.exe" /min File not found
O4 - HKLM..\Run: [Alcmtr] ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run File not found
O4 - HKLM..\Run: [CTxfiHlp] CTXFIHLP.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [DeltTray] DeltTray.exe (Doug Fetter Software Wizardry)
O4 - HKLM..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe File not found
O4 - HKLM..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe (Team H2O)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] "G:\Program Files\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [lxdjamon] "C:\Program Files\Lexmark 1400 Series\lxdjamon.exe" ()
O4 - HKLM..\Run: [lxdjmon.exe] "C:\Program Files\Lexmark 1400 Series\lxdjmon.exe" File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript File not found
O4 - HKLM..\Run: [M-Audio Delta Taskbar Icon] C:\WINDOWS\System32\DeltTray.exe (Doug Fetter Software Wizardry)
O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NetStat Live] C:\Program Files\AnalogX\NetStat Live\nsl.exe ()
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe ()
O4 - HKLM..\Run: [nwiz] nwiz.exe /install ()
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [SoundMan] SOUNDMAN.EXE File not found
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" (Zone Labs, LLC)
O4 - HKCU..\Run: [iChat] C:\Program Files\IChat\iChat.exe (AlexSoft)
O4 - HKCU..\Run: [RealPlayer] "C:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot (RealNetworks, Inc.)
O4 - HKCU..\Run: [SetDefaultMIDI] MIDIDef.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-436374069-884357618-725345543-1003..\Run: [iChat] C:\Program Files\IChat\iChat.exe (AlexSoft)
O4 - HKU\S-1-5-21-436374069-884357618-725345543-1003..\Run: [RealPlayer] "C:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-436374069-884357618-725345543-1003..\Run: [SetDefaultMIDI] MIDIDef.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-21-436374069-884357618-725345543-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-436374069-884357618-725345543-1003..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 (Adobe Systems Incorporated)
O4 - HKU\.DEFAULT..\RunOnce: [RunNarrator] Narrator.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (Creative Technology Ltd)
O4 - HKU\S-1-5-18..\RunOnce: [RunNarrator] Narrator.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (Creative Technology Ltd)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing LP)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceClassicControlPanel = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-436374069-884357618-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O7 - HKU\S-1-5-21-436374069-884357618-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O7 - HKU\S-1-5-21-436374069-884357618-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceClassicControlPanel = 1
O8 - Extra context menu item: &Search - Reg Error: Value does not exist or could not be read.
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Sites: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab (MessengerStatsClient Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab (ZoneIntro Class)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flash...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} http://messenger.zone.msn.com/binary/Chess.cab31267.cab (ZoneChess Object)
O18 - Protocol\Handler: - ipp - No CLSID value found
O18 - Protocol\Handler: - ipp\0x00000001 - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - linkscanner - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler: - livecall - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp - No CLSID value found
O18 - Protocol\Handler: - msdaipp\0x00000001 - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp\oledb - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - msnim - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler: - skype4com - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - See sections below for AppInitDlls and Winlogon settings

========== AppInit_DLLs ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_Dlls" = karna.dat?,avgrsstx.dll
>File not found --
>[2008/11/12 13:32:56 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\avgrsstx.dll

========== Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
mljijge: "DllName" = mljijge.dll -- File not found

========== LSA *Authentication Packages* ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Authentication Packages" = msv1_0,C:\WINDOWS\system32\geebb.dll,
>File not found -- C:\WINDOWS\system32\geebb.dll

========== Safeboot Options ==========

"AlternateShell" = cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[2005/12/22 12:36:15 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

========== Files/Folders - Created Within 30 Days ==========

[8 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[9 C:\Documents and Settings\All Users\Application Data\*.tmp files]
[2008/11/12 16:24:43 | 00,001,743 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\HijackThis.lnk
[2008/11/12 16:24:43 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2008/11/12 16:14:47 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Mike\Desktop\JTInstall.exe
[2008/11/12 16:05:29 | 00,028,544 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2008/11/12 16:04:54 | 00,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2008/11/12 16:04:35 | 00,175,648 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\activescan2_en.exe
[2008/11/12 15:57:53 | 00,000,942 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Spybot - Search & Destroy.lnk
[2008/11/12 15:51:50 | 15,083,520 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\Mike\Desktop\spybotsd160.exe
[2008/11/12 15:39:52 | 00,021,380 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\fail.JPG
[2008/11/12 13:32:56 | 00,001,516 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 8.0.lnk
[2008/11/12 12:38:27 | 00,000,802 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Watch.lnk
[2008/11/12 12:38:27 | 00,000,802 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2008/11/12 12:38:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2008/11/12 11:21:42 | 23,804,784 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\ppp2008.exe
[2008/11/12 11:12:15 | 00,418,304 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTListIt.exe
[2008/11/12 02:58:15 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\nrxe.sys
[2008/11/12 01:33:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Application Data\Malwarebytes
[2008/11/11 23:34:00 | 00,199,680 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\crd.exe
[2008/11/11 23:34:00 | 00,122,216 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\crude.jpg
[2008/11/11 23:34:00 | 00,015,958 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\crude.nfo
[2008/11/11 23:34:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\setup
[2008/11/11 23:34:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\keygen
[2008/11/11 23:33:09 | 03,049,294 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\malwarebytes.anti-malware.v1.29.multilingual.winall.incl.keygen-crd.rar
[2008/11/11 23:30:12 | 02,372,472 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Mike\Desktop\mbam-setup(4).exe
[2008/11/11 23:09:36 | 07,642,792 | ---- | C] (Simply Super Software ) -- C:\Documents and Settings\Mike\Desktop\trsetup.exe
[2008/11/11 18:18:56 | 00,000,704 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RogueRemover FREE.lnk
[2008/11/11 18:18:55 | 00,000,000 | ---D | C] -- C:\Program Files\RogueRemover FREE
[2008/11/11 18:18:19 | 00,690,568 | ---- | C] (Malwarebytes ) -- C:\Documents and Settings\Mike\Desktop\rr-free-setup.exe
[2008/11/11 17:37:15 | 01,435,272 | ---- | C] (Macromedia, Inc.) -- C:\WINDOWS\System32\Flash.ocx
[2008/11/11 17:37:15 | 01,140,472 | ---- | C] (Infragistics, Inc.) -- C:\WINDOWS\System32\IGUltraGrid20.ocx
[2008/11/11 17:37:15 | 00,423,784 | ---- | C] (Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com) -- C:\WINDOWS\System32\XceedBkp.dll
[2008/11/11 17:37:15 | 00,265,753 | ---- | C] (Ariad Software) -- C:\WINDOWS\System32\AS-Exp2.ocx
[2008/11/11 17:37:15 | 00,131,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSADODC.ocx
[2008/11/11 17:37:15 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\systray.ocx
[2008/11/11 17:37:14 | 00,089,088 | ---- | C] (Ariad Software) -- C:\WINDOWS\System32\ProgressBar4.ocx
[2008/11/11 17:37:14 | 00,011,012 | ---- | C] () -- C:\WINDOWS\System32\threadapi.tlb
[2008/11/11 17:37:14 | 00,010,752 | ---- | C] ( ) -- C:\WINDOWS\System32\md5.dll
[2008/11/11 17:08:53 | 00,000,000 | ---D | C] -- C:\Avenger
[2008/11/11 16:52:03 | 00,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2008/11/11 16:43:55 | 00,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2008/11/11 16:41:42 | 09,212,096 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Spyhunter-Detection-Utility-Install.exe
[2008/11/11 15:39:51 | 02,372,472 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Mike\Desktop\mbam-setup(2).exe
[2008/11/11 10:29:59 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2008/11/11 10:29:59 | 00,000,573 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2008/11/11 10:29:56 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2008/11/11 10:29:40 | 02,372,472 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Mike\Desktop\mbam-setup_130.exe
[2008/11/11 10:27:26 | 02,372,472 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Mike\Desktop\mbam-setup.exe
[2008/11/11 10:20:54 | 00,000,684 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Trojan Killer.lnk
[2008/11/11 10:20:53 | 00,000,000 | ---D | C] -- C:\Program Files\Trojan Killer
[2008/11/11 10:20:02 | 04,713,897 | ---- | C] (GridinSoft, Inc. ) -- C:\Documents and Settings\Mike\Desktop\trojankiller-setup.exe
[2008/11/11 03:11:11 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/11/11 02:59:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2008/11/11 01:47:35 | 00,031,240 | ---- | C] () -- C:\WINDOWS\Sysvxd.exe
[2008/11/11 01:11:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2008/11/11 01:09:17 | 00,459,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2008/11/11 01:09:17 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2008/11/11 01:09:15 | 00,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2008/11/11 01:09:15 | 00,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2008/11/11 01:09:15 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2008/11/11 01:09:13 | 06,066,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2008/11/11 01:09:13 | 00,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2008/11/11 01:09:12 | 02,455,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2008/11/11 01:09:11 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2008/11/11 01:08:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2008/11/11 01:07:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2008/11/11 01:04:29 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2008/11/11 01:03:17 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2008/11/11 01:01:00 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[2008/11/11 00:58:37 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmllite.dll
[2008/11/11 00:50:53 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2008/11/10 23:18:59 | 00,019,742 | ---- | C] () -- C:\WINDOWS\System32\iqenaxokuw.bat
[2008/11/10 23:18:59 | 00,019,411 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\benegosov.dll
[2008/11/10 23:18:59 | 00,018,925 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\pyvy._dl
[2008/11/10 23:18:59 | 00,018,511 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\utot._sy
[2008/11/10 23:18:59 | 00,018,504 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\aqywerax.dll
[2008/11/10 23:18:59 | 00,017,865 | ---- | C] () -- C:\WINDOWS\ipavokahib.dl
[2008/11/10 23:18:59 | 00,016,978 | ---- | C] () -- C:\WINDOWS\System32\atoramefo.bin
[2008/11/10 23:18:59 | 00,016,679 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\vovocax.pif
[2008/11/10 23:18:59 | 00,016,554 | ---- | C] () -- C:\WINDOWS\xydyc.reg
[2008/11/10 23:18:59 | 00,016,285 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\tufome.ban
[2008/11/10 23:18:59 | 00,016,259 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\izitibecyp.bin
[2008/11/10 23:18:59 | 00,016,029 | ---- | C] () -- C:\WINDOWS\System32\urucam.inf
[2008/11/10 23:18:59 | 00,015,976 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\zizi.dll
[2008/11/10 23:18:59 | 00,015,957 | ---- | C] () -- C:\WINDOWS\System32\ixohewu.scr
[2008/11/10 23:18:59 | 00,014,311 | ---- | C] () -- C:\Program Files\Common Files\jeqycy.dat
[2008/11/10 23:18:59 | 00,013,998 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\pypisawy.db
[2008/11/10 23:18:59 | 00,013,427 | ---- | C] () -- C:\WINDOWS\System32\ytapafuxi.scr
[2008/11/10 23:18:59 | 00,013,053 | ---- | C] () -- C:\WINDOWS\redahydumu.bat
[2008/11/10 23:18:59 | 00,012,538 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\axiqekitu.db
[2008/11/10 23:18:59 | 00,011,251 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\onomujamet.sys
[2008/11/10 23:18:59 | 00,011,034 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\apehiryp.db
[2008/11/10 23:11:06 | 00,019,361 | ---- | C] () -- C:\WINDOWS\System32\ocuhecyqor.bin
[2008/11/10 23:11:06 | 00,019,336 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\niqev.com
[2008/11/10 23:11:06 | 00,018,473 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\sybaw._dl
[2008/11/10 23:11:06 | 00,018,066 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\nydoson._dl
[2008/11/10 23:11:06 | 00,017,735 | ---- | C] () -- C:\Program Files\Common Files\opuhy.inf
[2008/11/10 23:11:06 | 00,017,080 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\nuji.bat
[2008/11/10 23:11:06 | 00,016,057 | ---- | C] () -- C:\WINDOWS\jorykamuhu.vbs
[2008/11/10 23:11:06 | 00,015,972 | ---- | C] () -- C:\WINDOWS\tytekicojy.scr
[2008/11/10 23:11:06 | 00,015,048 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\ybur.db
[2008/11/10 23:11:06 | 00,014,524 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\xilebewy.pif
[2008/11/10 23:11:06 | 00,013,541 | ---- | C] () -- C:\WINDOWS\System32\ginelygy.reg
[2008/11/10 23:11:06 | 00,013,318 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\cotyf.exe
[2008/11/10 23:11:06 | 00,012,870 | ---- | C] () -- C:\Program Files\Common Files\vepezenih._sy
[2008/11/10 23:11:06 | 00,012,824 | ---- | C] () -- C:\WINDOWS\exumu.scr
[2008/11/10 23:11:06 | 00,012,587 | ---- | C] () -- C:\WINDOWS\emibiqili.scr
[2008/11/10 23:11:06 | 00,012,573 | ---- | C] () -- C:\WINDOWS\System32\imodon.ban
[2008/11/10 23:11:06 | 00,012,266 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bunuve.pif
[2008/11/10 23:11:06 | 00,012,157 | ---- | C] () -- C:\WINDOWS\samyzedy.dl
[2008/11/10 23:11:06 | 00,011,938 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\tawuguduwi.dat
[2008/11/10 23:11:06 | 00,011,234 | ---- | C] () -- C:\Program Files\Common Files\ypuzovib.reg
[2008/11/10 23:11:06 | 00,010,679 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\udoqimoc._dl
[2008/11/08 01:56:40 | 08,443,378 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\202-spiral_tribe-connector-def.mp3
[2008/11/08 01:30:03 | 89,371,711 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Spiral-Tribe-Respect-To-The-Hardcore-Mother-Earth--EXPRSPICD--2CD-2008-DEF.part2.rar
[2008/11/08 01:01:27 | 00,048,588 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\spiraltribe.JPG
[2008/11/08 00:49:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\Spiral_Tribe-Respect_To_The_Hardcore_Mother_Earth-(EXPRSPICD)-2CD-2008-DEF
[2008/11/08 00:20:31 | 10,485,7600 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Spiral_Tribe-Respect_To_The_Hardcore_Mother_Earth-_EXPRSPICD_-2CD-2008-DEF.part1.rar
[2008/11/07 16:29:56 | 00,188,594 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Fire-Jericho.jpg
[2008/11/07 16:25:05 | 07,117,535 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\jericho.rar
[2008/11/07 15:17:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\jericho
[2008/11/07 01:04:10 | 04,338,978 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\organux_demo.zip
[2008/11/06 23:09:02 | 06,810,747 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\7up.xrns
[2008/11/06 20:27:08 | 94,954,427 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Most_Wanted_Old_Skool_Acapellas__02.rar
[2008/11/06 02:02:50 | 00,001,774 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\LoadDown.lnk
[2008/11/06 02:02:49 | 00,000,000 | ---D | C] -- C:\Program Files\UIC Phoenxsoftware
[2008/11/06 01:56:15 | 00,000,000 | ---D | C] -- C:\Program Files\EasySleep
[2008/11/05 21:39:44 | 00,127,768 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2008/11/05 11:12:27 | 00,019,491 | ---- | C] () -- C:\WINDOWS\lyzifebi.lib
[2008/11/05 11:12:27 | 00,019,490 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\sydifyniqu.sys
[2008/11/05 11:12:27 | 00,019,401 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\xidi.pif
[2008/11/05 11:12:27 | 00,018,549 | ---- | C] () -- C:\WINDOWS\sopy.dl
[2008/11/05 11:12:27 | 00,018,247 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\pemohaqoxu.dat
[2008/11/05 11:12:27 | 00,017,573 | ---- | C] () -- C:\Program Files\Common Files\sydupi.dl
[2008/11/05 11:12:27 | 00,017,274 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\gico.lib
[2008/11/05 11:12:27 | 00,016,584 | ---- | C] () -- C:\WINDOWS\pebyho.lib
[2008/11/05 11:12:27 | 00,015,263 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\cifuka.bat
[2008/11/05 11:12:27 | 00,014,019 | ---- | C] () -- C:\WINDOWS\qataboju.scr
[2008/11/05 11:12:27 | 00,012,182 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\qanama.scr
[2008/11/05 11:12:26 | 00,019,223 | ---- | C] () -- C:\Program Files\Common Files\emyham.sys
[2008/11/05 11:12:26 | 00,018,023 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\juza._dl
[2008/11/05 11:12:26 | 00,014,711 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\ulotawura.dl
[2008/11/05 11:12:26 | 00,014,381 | ---- | C] () -- C:\Program Files\Common Files\jodotut.reg
[2008/11/05 11:12:26 | 00,013,531 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\uqodi.inf
[2008/11/05 11:12:26 | 00,013,109 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\ocazyro._sy
[2008/11/05 11:12:26 | 00,012,640 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\dovuresozy.bat
[2008/11/05 11:12:26 | 00,012,431 | ---- | C] () -- C:\WINDOWS\otyviko._dl
[2008/11/05 11:12:26 | 00,012,338 | ---- | C] () -- C:\WINDOWS\System32\nyxozurul.scr
[2008/11/05 11:12:26 | 00,012,271 | ---- | C] () -- C:\WINDOWS\cedebuhe.lib
[2008/11/05 11:12:26 | 00,010,384 | ---- | C] () -- C:\WINDOWS\wowuv.inf
[2008/11/04 17:35:53 | 00,010,235 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\spunge.JPG
[2008/11/01 17:19:48 | 00,441,306 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\angle.bmp
[2008/11/01 16:59:27 | 02,313,910 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\wings 96style remix.xrns
[2008/10/31 18:12:06 | 00,043,605 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\sway.JPG
[2008/10/31 17:31:44 | 00,052,628 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\bm.JPG
[2008/10/30 22:21:29 | 00,056,035 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\dstyles.JPG
[2008/10/30 20:45:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\346346_Backups
[2008/10/30 16:57:32 | 05,604,355 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\346346.xrns
[2008/10/29 20:25:15 | 10,099,1815 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\MOV00136.MPG
[2008/10/29 16:11:59 | 04,905,796 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\raveyard.mp3
[2008/10/29 16:10:33 | 43,253,626 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\raveyard.wav
[2008/10/28 23:40:36 | 06,341,165 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\orch.xrns
[2008/10/28 18:19:17 | 04,300,844 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\blacksheepclip.wav
[2008/10/28 16:03:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\3 Feet High & Rising
[2008/10/28 00:22:04 | 00,015,443 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\experience.jpg
[2008/10/27 18:10:17 | 00,273,204 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\burndub.wav
[2008/10/27 17:46:58 | 00,038,205 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\What_U_Waitin_4.rm
[2008/10/27 16:41:02 | 04,137,562 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\wicked.xrns
[2008/10/27 16:19:26 | 21,816,238 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Debonaire - Name That Toon (12'') (1988).zip
[2008/10/27 00:40:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\Company Flow - Funcrusher Plus ( 1997 )
[2008/10/26 21:46:37 | 03,479,722 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Drum_rolls.zip
[2008/10/26 13:19:39 | 02,458,019 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\teatime.xrns
[2008/10/25 11:33:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\797_Backups
[2008/10/25 01:24:40 | 02,120,407 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\797.xrns
[2008/10/24 17:01:44 | 11,503,3010 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Needs_More_Bombscare-Nov_7.MP3
[2008/10/24 16:53:51 | 00,136,194 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\isotonik.JPG
[2008/10/24 16:05:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\Eminem-Infinite-1996-KSi
[2008/10/24 14:43:29 | 00,567,098 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\reaplugs112.zip
[2008/10/24 00:40:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\909_Backups
[2008/10/23 19:12:25 | 00,182,578 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\rr.JPG
[2008/10/23 16:20:04 | 06,504,117 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\909.xrns
[2008/10/23 15:56:57 | 04,891,269 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\xperience.rar
[2008/10/23 15:56:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\xperience
[2008/10/23 11:18:08 | 24,711,212 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\raggamuffin-hiphop_rub-a-dub-apella.wav
[2008/10/23 09:48:23 | 11,444,9748 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Thumbzo-92-93_Mix-Sept_08.MP3
[2008/10/22 15:17:35 | 20,709,934 | ---- | C] () -- C:\frg008.wav
[2008/10/22 15:17:16 | 00,040,520 | ---- | C] () -- C:\frg008.sfk
[2008/10/21 15:28:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\14TLP
[2008/10/18 12:01:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Local Settings\Application Data\TVU Networks
[2008/10/18 12:01:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TVU Networks
[2008/10/15 22:00:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Application Data\Lexmark Productivity Studio
[2008/10/15 21:47:55 | 00,000,000 | ---D | C] -- C:\Program Files\Lexmark Toolbar
[2008/10/15 21:47:25 | 00,000,000 | ---D | C] -- C:\Program Files\Lx_cats
[2008/10/15 21:44:44 | 00,000,000 | ---D | C] -- C:\logs
[2008/10/15 21:44:07 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdjvs.dll
[2008/10/15 21:44:02 | 00,348,160 | ---- | C] () -- C:\WINDOWS\System32\lxdjcoin.dll
[2008/10/15 21:43:37 | 00,000,749 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Lexmark Imaging Studio - 1400 Series.LNK
[2008/10/15 21:42:44 | 00,000,060 | ---- | C] () -- C:\WINDOWS\System32\lxdjrwrd.ini
[2008/10/15 21:42:30 | 00,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjinpa.dll
[2008/10/15 21:42:30 | 00,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjiesc.dll
[2008/10/15 21:42:30 | 00,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjhcp.dll
[2008/10/15 21:42:30 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\lxdjinst.dll
[2008/10/15 21:42:29 | 01,232,896 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjserv.dll
[2008/10/15 21:42:29 | 00,999,424 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjusb1.dll
[2008/10/15 21:42:29 | 00,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjpmui.dll
[2008/10/15 21:42:29 | 00,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjlmpm.dll
[2008/10/15 21:42:29 | 00,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjprox.dll
[2008/10/15 21:42:29 | 00,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjpplc.dll
[2008/10/15 21:42:28 | 00,722,917 | ---- | C] () -- C:\WINDOWS\System32\lxdjhelp.chm
[2008/10/15 21:42:28 | 00,385,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjih.exe
[2008/10/15 21:42:27 | 00,983,121 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lxdjgf.dll
[2008/10/15 21:42:27 | 00,700,416 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjhbn3.dll
[2008/10/15 21:42:27 | 00,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdjgrd.dll
[2008/10/15 21:42:26 | 00,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjcomc.dll
[2008/10/15 21:42:26 | 00,537,520 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjcoms.exe
[2008/10/15 21:42:26 | 00,425,984 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjcomm.dll
[2008/10/15 21:42:26 | 00,394,160 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjcfg.exe
[2008/10/15 21:42:26 | 00,077,906 | ---- | C] (Lexmark International) -- C:\WINDOWS\System32\lxdjcfg.dll
[2008/10/15 21:42:25 | 00,070,824 | ---- | C] () -- C:\WINDOWS\System32\LexFiles.ulf
[2008/10/15 21:42:25 | 00,001,828 | ---- | C] () -- C:\WINDOWS\System32\lxdj.loc
[2008/10/15 21:42:19 | 00,000,000 | ---D | C] -- C:\Program Files\Lexmark 1400 Series
[2008/10/14 14:53:06 | 00,001,612 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nero Express.lnk
[2008/10/14 14:52:47 | 00,368,640 | ---- | C] (Pegasus Imaging Corporation) -- C:\WINDOWS\System32\TwnLib4.dll
[2008/10/14 14:52:45 | 00,000,000 | ---D | C] -- C:\Program Files\Nero
[2008/10/14 14:52:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nero
[2008/10/14 14:41:48 | 00,015,129 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\BNLAudio1.nra


========== Files - Modified Within 30 Days ==========

[8 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[9 C:\Documents and Settings\All Users\Application Data\*.tmp files]
[2008/11/12 16:27:59 | 00,352,932 | -H-- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2008/11/12 16:27:42 | 00,000,434 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2008/11/12 16:27:07 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2008/11/12 16:27:00 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2008/11/12 16:24:43 | 00,001,743 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\HijackThis.lnk
[2008/11/12 16:19:51 | 00,000,924 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000004-00000000-00000001-00001102-00000004-40021102}.rfx
[2008/11/12 16:19:51 | 00,000,924 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000004-00000000-00000001-00001102-00000004-40021102}.rfx
[2008/11/12 16:19:51 | 00,000,384 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000004-00000000-00000001-00001102-00000004-40021102}.dat
[2008/11/12 16:19:51 | 00,000,384 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000004-00000000-00000001-00001102-00000004-40021102}.dat
[2008/11/12 16:19:51 | 00,000,064 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000004-00000000-00000001-00001102-00000004-40021102}.rfx
[2008/11/12 16:19:51 | 00,000,064 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000004-00000000-00000001-00001102-00000004-40021102}.rfx
[2008/11/12 16:14:53 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Mike\Desktop\JTInstall.exe
[2008/11/12 16:04:35 | 00,175,648 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\activescan2_en.exe
[2008/11/12 15:57:53 | 00,000,942 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Spybot - Search & Destroy.lnk
[2008/11/12 15:54:43 | 15,083,520 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\Mike\Desktop\spybotsd160.exe
[2008/11/12 15:39:53 | 00,021,380 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\fail.JPG
[2008/11/12 13:33:08 | 00,075,272 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2008/11/12 13:33:07 | 22,984,560 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2008/11/12 13:33:07 | 00,096,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2008/11/12 13:33:07 | 00,026,184 | ---- | M] (GRISOFT, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2008/11/12 13:32:58 | 05,618,689 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2008/11/12 13:32:58 | 00,786,367 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2008/11/12 13:32:58 | 00,057,347 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2008/11/12 13:32:56 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2008/11/12 13:32:56 | 00,001,516 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 8.0.lnk
[2008/11/12 12:38:27 | 00,000,802 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Watch.lnk
[2008/11/12 12:38:27 | 00,000,802 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2008/11/12 11:24:58 | 23,804,784 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\ppp2008.exe
[2008/11/12 11:12:20 | 00,418,304 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTListIt.exe
[2008/11/12 03:00:00 | 00,000,486 | ---- | M] () -- C:\WINDOWS\tasks\SpywareBot Scheduled Scan.job
[2008/11/12 02:58:15 | 00,061,440 | ---- | M] () -- C:\WINDOWS\System32\drivers\nrxe.sys
[2008/11/12 01:52:03 | 00,000,585 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\My Sharing Folders.lnk
[2008/11/12 00:09:36 | 00,000,874 | ---- | M] () -- C:\WINDOWS\win.ini
[2008/11/12 00:09:36 | 00,000,269 | ---- | M] () -- C:\WINDOWS\system.ini
[2008/11/12 00:09:36 | 00,000,211 | RHS- | M] () -- C:\boot.ini
[2008/11/11 23:33:35 | 03,049,294 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\malwarebytes.anti-malware.v1.29.multilingual.winall.incl.keygen-crd.rar
[2008/11/11 23:31:15 | 00,000,573 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2008/11/11 23:30:27 | 02,372,472 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Mike\Desktop\mbam-setup(4).exe
[2008/11/11 23:12:03 | 07,642,792 | ---- | M] (Simply Super Software ) -- C:\Documents and Settings\Mike\Desktop\trsetup.exe
[2008/11/11 18:18:56 | 00,000,704 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RogueRemover FREE.lnk
[2008/11/11 18:18:20 | 00,690,568 | ---- | M] (Malwarebytes ) -- C:\Documents and Settings\Mike\Desktop\rr-free-setup.exe
[2008/11/11 17:42:43 | 00,000,732 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2008/11/11 16:43:35 | 09,212,096 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Spyhunter-Detection-Utility-Install.exe
[2008/11/11 15:40:11 | 02,372,472 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Mike\Desktop\mbam-setup(2).exe
[2008/11/11 13:18:42 | 00,031,240 | ---- | M] () -- C:\WINDOWS\Sysvxd.exe
[2008/11/11 12:19:02 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008/11/11 10:29:43 | 02,372,472 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Mike\Desktop\mbam-setup_130.exe
[2008/11/11 10:27:47 | 02,372,472 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Mike\Desktop\mbam-setup.exe
[2008/11/11 10:20:54 | 00,000,684 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Trojan Killer.lnk
[2008/11/11 10:20:36 | 04,713,897 | ---- | M] (GridinSoft, Inc. ) -- C:\Documents and Settings\Mike\Desktop\trojankiller-setup.exe
[2008/11/11 10:15:00 | 00,066,098 | ---- | M] () -- C:\WINDOWS\System32\CTHELPER.RPT
[2008/11/11 01:08:59 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2008/11/10 23:18:59 | 00,019,742 | ---- | M] () -- C:\WINDOWS\System32\iqenaxokuw.bat
[2008/11/10 23:18:59 | 00,019,411 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\benegosov.dll
[2008/11/10 23:18:59 | 00,018,925 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\pyvy._dl
[2008/11/10 23:18:59 | 00,018,511 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\utot._sy
[2008/11/10 23:18:59 | 00,018,504 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\aqywerax.dll
[2008/11/10 23:18:59 | 00,017,865 | ---- | M] () -- C:\WINDOWS\ipavokahib.dl
[2008/11/10 23:18:59 | 00,016,978 | ---- | M] () -- C:\WINDOWS\System32\atoramefo.bin
[2008/11/10 23:18:59 | 00,016,679 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\vovocax.pif
[2008/11/10 23:18:59 | 00,016,554 | ---- | M] () -- C:\WINDOWS\xydyc.reg
[2008/11/10 23:18:59 | 00,016,285 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\tufome.ban
[2008/11/10 23:18:59 | 00,016,259 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\izitibecyp.bin
[2008/11/10 23:18:59 | 00,016,029 | ---- | M] () -- C:\WINDOWS\System32\urucam.inf
[2008/11/10 23:18:59 | 00,015,976 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\zizi.dll
[2008/11/10 23:18:59 | 00,015,957 | ---- | M] () -- C:\WINDOWS\System32\ixohewu.scr
[2008/11/10 23:18:59 | 00,014,311 | ---- | M] () -- C:\Program Files\Common Files\jeqycy.dat
[2008/11/10 23:18:59 | 00,013,998 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\pypisawy.db
[2008/11/10 23:18:59 | 00,013,427 | ---- | M] () -- C:\WINDOWS\System32\ytapafuxi.scr
[2008/11/10 23:18:59 | 00,013,053 | ---- | M] () -- C:\WINDOWS\redahydumu.bat
[2008/11/10 23:18:59 | 00,012,538 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\axiqekitu.db
[2008/11/10 23:18:59 | 00,011,251 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\onomujamet.sys
[2008/11/10 23:18:59 | 00,011,034 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\apehiryp.db
[2008/11/10 23:11:06 | 00,019,361 | ---- | M] () -- C:\WINDOWS\System32\ocuhecyqor.bin
[2008/11/10 23:11:06 | 00,019,336 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\niqev.com
[2008/11/10 23:11:06 | 00,018,473 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\sybaw._dl
[2008/11/10 23:11:06 | 00,018,066 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\nydoson._dl
[2008/11/10 23:11:06 | 00,017,735 | ---- | M] () -- C:\Program Files\Common Files\opuhy.inf
[2008/11/10 23:11:06 | 00,017,080 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\nuji.bat
[2008/11/10 23:11:06 | 00,016,057 | ---- | M] () -- C:\WINDOWS\jorykamuhu.vbs
[2008/11/10 23:11:06 | 00,015,972 | ---- | M] () -- C:\WINDOWS\tytekicojy.scr
[2008/11/10 23:11:06 | 00,015,048 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\ybur.db
[2008/11/10 23:11:06 | 00,014,524 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\xilebewy.pif
[2008/11/10 23:11:06 | 00,013,541 | ---- | M] () -- C:\WINDOWS\System32\ginelygy.reg
[2008/11/10 23:11:06 | 00,013,318 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\cotyf.exe
[2008/11/10 23:11:06 | 00,012,870 | ---- | M] () -- C:\Program Files\Common Files\vepezenih._sy
[2008/11/10 23:11:06 | 00,012,824 | ---- | M] () -- C:\WINDOWS\exumu.scr
[2008/11/10 23:11:06 | 00,012,587 | ---- | M] () -- C:\WINDOWS\emibiqili.scr
[2008/11/10 23:11:06 | 00,012,573 | ---- | M] () -- C:\WINDOWS\System32\imodon.ban
[2008/11/10 23:11:06 | 00,012,266 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\bunuve.pif
[2008/11/10 23:11:06 | 00,012,157 | ---- | M] () -- C:\WINDOWS\samyzedy.dl
[2008/11/10 23:11:06 | 00,011,938 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\tawuguduwi.dat
[2008/11/10 23:11:06 | 00,011,234 | ---- | M] () -- C:\Program Files\Common Files\ypuzovib.reg
[2008/11/10 23:11:06 | 00,010,679 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\udoqimoc._dl
[2008/11/10 23:02:09 | 04,313,120 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2008/11/10 23:02:09 | 00,053,708 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2008/11/10 15:50:48 | 08,443,378 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\202-spiral_tribe-connector-def.mp3
[2008/11/08 01:45:10 | 89,371,711 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Spiral-Tribe-Respect-To-The-Hardcore-Mother-Earth--EXPRSPICD--2CD-2008-DEF.part2.rar
[2008/11/08 01:01:27 | 00,048,588 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\spiraltribe.JPG
[2008/11/08 00:46:42 | 10,485,7600 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Spiral_Tribe-Respect_To_The_Hardcore_Mother_Earth-_EXPRSPICD_-2CD-2008-DEF.part1.rar
[2008/11/08 00:05:06 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2008/11/07 18:27:48 | 06,810,747 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\7up.xrns
[2008/11/07 16:29:57 | 00,188,594 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Fire-Jericho.jpg
[2008/11/07 16:25:08 | 07,117,535 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\jericho.rar
[2008/11/07 01:04:48 | 04,338,978 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\organux_demo.zip
[2008/11/06 21:07:56 | 94,954,427 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Most_Wanted_Old_Skool_Acapellas__02.rar
[2008/11/06 17:42:47 | 00,000,641 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Renoise.lnk
[2008/11/06 02:02:50 | 00,001,774 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\LoadDown.lnk
[2008/11/05 21:44:05 | 00,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2008/11/05 17:07:26 | 00,000,031 | ---- | M] () -- C:\WINDOWS\custvoic.ini
[2008/11/05 11:12:27 | 00,019,491 | ---- | M] () -- C:\WINDOWS\lyzifebi.lib
[2008/11/05 11:12:27 | 00,019,490 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\sydifyniqu.sys
[2008/11/05 11:12:27 | 00,019,401 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\xidi.pif
[2008/11/05 11:12:27 | 00,018,549 | ---- | M] () -- C:\WINDOWS\sopy.dl
[2008/11/05 11:12:27 | 00,018,247 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\pemohaqoxu.dat
[2008/11/05 11:12:27 | 00,017,573 | ---- | M] () -- C:\Program Files\Common Files\sydupi.dl
[2008/11/05 11:12:27 | 00,017,274 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\gico.lib
[2008/11/05 11:12:27 | 00,016,584 | ---- | M] () -- C:\WINDOWS\pebyho.lib
[2008/11/05 11:12:27 | 00,015,263 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\cifuka.bat
[2008/11/05 11:12:27 | 00,014,019 | ---- | M] () -- C:\WINDOWS\qataboju.scr
[2008/11/05 11:12:27 | 00,012,182 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\qanama.scr
[2008/11/05 11:12:26 | 00,019,223 | ---- | M] () -- C:\Program Files\Common Files\emyham.sys
[2008/11/05 11:12:26 | 00,018,023 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\juza._dl
[2008/11/05 11:12:26 | 00,014,711 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\ulotawura.dl
[2008/11/05 11:12:26 | 00,014,381 | ---- | M] () -- C:\Program Files\Common Files\jodotut.reg
[2008/11/05 11:12:26 | 00,013,531 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\uqodi.inf
[2008/11/05 11:12:26 | 00,013,109 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\ocazyro._sy
[2008/11/05 11:12:26 | 00,012,640 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\dovuresozy.bat
[2008/11/05 11:12:26 | 00,012,431 | ---- | M] () -- C:\WINDOWS\otyviko._dl
[2008/11/05 11:12:26 | 00,012,338 | ---- | M] () -- C:\WINDOWS\System32\nyxozurul.scr
[2008/11/05 11:12:26 | 00,012,271 | ---- | M] () -- C:\WINDOWS\cedebuhe.lib
[2008/11/05 11:12:26 | 00,010,384 | ---- | M] () -- C:\WINDOWS\wowuv.inf
[2008/11/05 10:58:27 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2008/11/02 01:02:55 | 02,313,910 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\wings 96style remix.xrns
[2008/11/01 17:19:48 | 00,441,306 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\angle.bmp
[2008/10/31 18:12:07 | 00,043,605 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\sway.JPG
[2008/10/31 17:31:45 | 00,052,628 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\bm.JPG
[2008/10/30 22:34:42 | 05,604,355 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\346346.xrns
[2008/10/30 22:21:29 | 00,056,035 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\dstyles.JPG
[2008/10/29 21:58:24 | 00,025,088 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/29 21:19:44 | 10,099,1815 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\MOV00136.MPG
[2008/10/29 16:12:09 | 04,905,796 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\raveyard.mp3
[2008/10/29 16:10:17 | 43,253,626 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\raveyard.wav
[2008/10/29 02:37:18 | 00,002,473 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Microsoft Word.lnk
[2008/10/29 02:03:34 | 06,341,165 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\orch.xrns
[2008/10/28 18:19:17 | 04,300,844 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\blacksheepclip.wav
[2008/10/28 00:22:05 | 00,015,443 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\experience.jpg
[2008/10/27 22:26:47 | 11,444,9748 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Thumbzo-92-93_Mix-Sept_08.MP3
[2008/10/27 22:25:41 | 00,136,194 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\isotonik.JPG
[2008/10/27 18:10:07 | 00,273,204 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\burndub.wav
[2008/10/27 17:46:58 | 00,038,205 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\What_U_Waitin_4.rm
[2008/10/27 16:57:02 | 04,137,562 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\wicked.xrns
[2008/10/27 16:22:44 | 21,816,238 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Debonaire - Name That Toon (12'') (1988).zip
[2008/10/27 00:43:53 | 11,503,3010 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Needs_More_Bombscare-Nov_7.MP3
[2008/10/26 21:47:09 | 03,479,722 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Drum_rolls.zip
[2008/10/26 20:42:54 | 00,397,560 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2008/10/26 20:42:53 | 00,059,780 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2008/10/26 20:42:51 | 00,464,860 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008/10/26 13:25:58 | 02,458,019 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\teatime.xrns
[2008/10/25 11:48:53 | 02,120,407 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\797.xrns
[2008/10/25 00:11:02 | 06,504,117 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\909.xrns
[2008/10/24 14:43:35 | 00,567,098 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\reaplugs112.zip
[2008/10/23 19:12:25 | 00,182,578 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\rr.JPG
[2008/10/23 15:56:59 | 04,891,269 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\xperience.rar
[2008/10/23 11:18:11 | 24,711,212 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\raggamuffin-hiphop_rub-a-dub-apella.wav
[2008/10/22 16:10:38 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2008/10/22 16:10:22 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2008/10/22 15:17:35 | 20,709,934 | ---- | M] () -- C:\frg008.wav
[2008/10/22 15:17:16 | 00,040,520 | ---- | M] () -- C:\frg008.sfk
[2008/10/21 19:00:26 | 00,015,958 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\crude.nfo
[2008/10/15 21:47:16 | 00,070,824 | ---- | M] () -- C:\WINDOWS\System32\LexFiles.ulf
[2008/10/15 21:44:29 | 00,025,416 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/10/15 21:43:37 | 00,000,749 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Lexmark Imaging Studio - 1400 Series.LNK
[2008/10/15 16:57:55 | 00,332,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netapi32.dll
[2008/10/15 16:57:55 | 00,332,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2008/10/15 13:40:33 | 00,133,280 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/10/15 02:08:55 | 00,006,310 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2008/10/14 14:53:06 | 00,001,612 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nero Express.lnk
[2008/10/14 14:41:48 | 00,015,129 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\BNLAudio1.nra
[2008/10/14 14:30:16 | 78,506,3264 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\Image.nrg

< End of report >
ihateviruses2009
Nov 12 2008, 04:56 PM
EXTRAS:

OTListIt Extras logfile created on: 11/12/2008 16:40:28 - Run
OTListIt by OldTimer - Version 1.0.12.0 Folder = C:\Documents and Settings\Mike\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: M/d/yyyy

1023.47 Mb Total Physical Memory | 615.41 Mb Available Physical Memory | 60.13% Memory free
2.40 Gb Paging File | 2.00 Gb Available in Paging File | 83.12% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.54 Gb Total Space | 1.35 Gb Free Space | 1.81% Space Free | Partition Type: NTFS
Drive D: | 84.74 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 465.76 Gb Total Space | 396.74 Gb Free Space | 85.18% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MIKESPC
Current User Name: Mike
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0
"DoNotAllowExceptions" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\IcmpSettings]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
File not found -- C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)
[2007/01/19 11:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
[2007/01/04 15:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
[2007/07/24 22:39:48 | 00,758,704 | ---- | M] (Skinkers Communications) -- C:\Program Files\The Eagle\TheEagle.exe
[2007/06/21 07:28:44 | 00,029,360 | ---- | M] () -- C:\Program Files\Lexmark 1400 Series\App4R.exe:*:Enabled:Printing Application
[2006/10/10 12:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
File not found -- C:\Program Files\Grisoft\AVG Free\avginet.exe:*:Enabled:avginet.exe
[2004/10/13 16:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
File not found -- C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)
File not found -- C:\Program Files\Grisoft\AVG Free\avgamsvr.exe:*:Enabled:avgamsvr.exe
File not found -- C:\Program Files\Grisoft\AVG Free\avgcc.exe:*:Enabled:avgcc.exe
[2007/02/09 16:00:48 | 25,388,584 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype
[2007/01/19 11:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
[2007/01/04 15:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
[2007/07/24 22:39:48 | 00,758,704 | ---- | M] (Skinkers Communications) -- C:\Program Files\The Eagle\TheEagle.exe
File not found -- C:\Program Files\Kontiki\KService.exe:*:Enabled:Delivery Manager Service
[2008/11/12 13:32:57 | 00,796,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe
[2008/11/12 13:32:42 | 00,902,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe
[2008/04/22 17:23:02 | 00,098,488 | ---- | M] (SiSoftware) -- G:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service
[2008/04/22 17:22:52 | 01,253,568 | ---- | M] (SiSoftware) -- G:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service
[2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
[2008/10/01 17:57:04 | 14,258,472 | ---- | M] (Apple Inc.) -- G:\Program Files\iTunes.exe:*:Enabled:iTunes
[2007/04/30 20:19:53 | 00,020,480 | ---- | M] () -- C:\Program Files\Lexmark 1400 Series\lxdjamon.exe:*:Enabled:Lexmark Device Monitor
[2007/06/11 23:17:58 | 00,394,160 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdjcfg.exe:*:Enabled:
[2007/06/11 23:18:00 | 00,537,520 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdjcoms.exe:*:Enabled:Lexmark Communications System
[2007/06/21 07:29:55 | 03,756,720 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1400 Series\Wireless\lxdjwpss.exe:*:Enabled:
[2007/06/11 23:17:55 | 00,291,760 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjpswx.exe:*:Enabled:
[2007/06/11 23:17:56 | 00,398,256 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjjswx.exe:*:Enabled:
[2007/06/11 23:17:50 | 00,082,864 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjtime.exe:*:Enabled:
[2006/10/10 12:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{00120409-78E1-11D2-B60F-006097C998E7}" = Microsoft FrontPage 2000
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2604C0F9-BFD3-4BA0-9EB5-22537C648F03}" = MobileMe Control Panel
"{2C0A655C-61E7-428A-8ED2-23A3D20E7DD2}" = Data Lifeguard Tools
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}" = Macromedia Flash MX
"{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}" = Skype Plugin Manager
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{51D3B904-3D9E-4F95-8466-4D2652C0630A}_is1" = MED Soundstudio 2.0
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{6076AA59-9E37-47C9-8902-3AF310ED3098}_is1" = Trojan Killer 1.4
"{61781604-466B-43EA-A62D-930DBB21FDAF}" = MIDI Yoke
"{61E3FE32-07B9-4563-A3E0-2DE2D620FE10}" = PixiePack Codec Pack
"{649E0E92-F09E-4D4F-84E2-72DE88B4671B}" = Broadband Download Monitor
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = LiveUpdate BVRP Software
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8F8358B8-3AD8-4F4E-9B82-B3D0A191FDCD}" = Hardcore Lives Tuner
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Application Accelerator
"{91170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{968CB479-6163-415F-A9D3-4489BF07DAFF}" = Sonic Foundry Sound Forge 6.0b
"{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}" = Apple Mobile Device Support
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{A4810699-E859-43A6-8F40-1743873E72AB}" = Delta
"{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9
"{B138D49F-B412-4B4A-9198-374EE0D593B7}" = DSA Motorcyclist Theory Test
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2196}_is1" = SiSoftware Sandra Lite XII.SP2c
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}" = Safari
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Picture Package Music Transfer
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}" = iTunes
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{EFD0BFEB-980E-491B-833B-A8848E5E0F0F}" = Hyplay
"{F18E8A0F-BE99-4305-96A5-6C0FD9D7D999}" = mobile PhoneTools
"{F863B682-5148-4738-B025-455AF892D723}" = Tunebite
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe Photoshop 5.0 Limited Edition" = Adobe Photoshop 5.0 Limited Edition
"Adobe Shockwave Player" = Adobe Shockwave Player
"AdobeESD" = Adobe Download Manager 2.0 (Remove Only)
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.3
"AnalogX NetStat Live" = AnalogX NetStat Live
"AnalogX SayIt" = AnalogX SayIt
"AnalogX Scratch" = AnalogX Scratch
"AntivirusPro2009" = Antivirus Pro 2009
"AudioRealism Drum Machine_is1" = ADM 1.0
"AVG8Uninstall" = AVG Free 8.0
"BulentsScreenRecorder3" = Bulent's Screen Recorder 3
"Camel Audio Camel Phat VST v3.15" = Camel Audio Camel Phat VST v3.15
"CCS64 V3.1" = CCS64 V3.1
"CDex" = CDex extraction audio
"Cliprex DS DVD Player" = Cliprex DS DVD Player
"CrySonic nXstasy" = CrySonic nXstasy
"daHornet VSTi V1.34_is1" = daHornet Version 1.34
"DebugMode Wax 2.0" = DebugMode Wax 2.0
"Digital Media Converter_is1" = Digital Media Converter 2.78
"discWelder BRONZE" = discWelder BRONZE
"DriverCD" = DriverCD
"EasySleep_is1" = EasySleep 3.0
"E-MU 0404 Uninstall" = E-MU Audio Drivers and E-MU 0404 Documentation
"EMU PatchMix DSP" = E-MU PatchMix DSP
"eMusic Promotion" = eMusic - 100 Free MP3 offer
"EZalpha" = EZalpha
"ffdshow" = ffdshow (remove only)
"FLV Player" = FLV Player 2.0, build 24
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.0
"GetRight" = GetRight
"GMedia Music impOSCar VSTi v1.0.0.1" = GMedia Music impOSCar VSTi v1.0.0.1
"HijackThis" = HijackThis 2.0.2
"InstallShield_{B138D49F-B412-4B4A-9198-374EE0D593B7}" = DSA Motorcyclist Theory Test
"iZotope pHATmatik PRO_is1" = iZotope pHATmatik PRO
"iZotope Vinyl_is1" = iZotope Vinyl
"KORG Legacy Collection - DIGITAL EDITION v1.0.0 " = KORG Legacy Collection - DIGITAL EDITION v1.0.0
"Korg Legacy Collection VSTi v1.0.02" = Korg Legacy Collection VSTi v1.0.02
"LastFM_is1" = Last.fm 1.4.2.59470
"Lexmark 1400 Series" = Lexmark 1400 Series
"LoadDown 2.1" = LoadDown 2.1
"LUXONIX Ravity(S) v1.4.1" = LUXONIX Ravity(S) v1.4.1
"LUXONIX_ravity(S)" = LUXONIX ravity(S) DEMO
"MadTracker 2" = MadTracker 2
"MagicDisc 2.5.79" = MagicDisc 2.5.79
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Malwarebytes' RogueRemover FREE_is1" = Malwarebytes' RogueRemover
"Maxthon" = Maxthon Browser (remove only)
"MED SoundStudio v1.7a_is1" = Med SoundStudio v1.7a
"mIRC" = mIRC
"ModPlug Tracker v1.16_is1" = ModPlug Tracker
"Mozilla Firefox (3.0.3)" = Mozilla Firefox (3.0.3)
"MS-MPEG4" = Microsoft MPEG-4 VKI Video Codec V1/V2/V3
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"MySearchSearchAssistant" = Search Assistant - My Search
"Native Instruments FM7 VSTi DXI RTAS v1.1.3.4" = Native Instruments FM7 VSTi DXI RTAS v1.1.3.4
"Native Instruments FM8 v1.0.1.002 VSTi DXi RTAS" = Native Instruments FM8 v1.0.1.002 VSTi DXi RTAS
"Native Instruments Traktor DJ Studio v3.1.1.053" = Native Instruments Traktor DJ Studio v3.1.1.053
"Naturpic Video Cutter_is1" = Naturpic Video Cutter 3.52
"Nero8Lite_is1" = Nero 8 Lite 8.1.1.3
"New.net" = New.net Domains 8.0 build 832
"Novation Bass-Station VSTi v1.10" = Novation Bass-Station VSTi v1.10
"NVIDIA Drivers" = NVIDIA Drivers
"Oddity" = GForce - Oddity
"Ohmforce Ohmboyz PRO VST v1.42" = Ohmforce Ohmboyz PRO VST v1.42
"Oxe FM Synth_is1" = Oxe FM Synth 1.1.2
"Pianoteq" = Pianoteq
"Pianoteq Trial" = Pianoteq Trial
"PSP VintageWarmer 2.0.0" = PSP VintageWarmer 2.0.0
"RealPlayer 6.0" = RealPlayer
"ReFX JunoX2 VSTi v1.51" = ReFX JunoX2 VSTi v1.51
"Renoise 1.8.0 RC2_is1" = Renoise 1.8.0 RC2
"Renoise 1.8.0 RC3_is1" = Renoise 1.8.0 RC3
"Renoise 1.8.0_is1" = Renoise 1.8.0
"Renoise 1.8.0b2_is1" = Renoise 1.8.0b2
"Renoise 1.9.0_is1" = Renoise 1.9.0
"Renoise 1.9.1_is1" = Renoise 1.9.1
"Renoise 2.0.0_is1" = Renoise 2.0.0
"Renoise V1.5.2_is1" = Renoise V1.5.2
"rgc:audio sfz VSTi_is1" = rgc:audio sfz VSTi v1.96
"SH-1001" = SH-1001
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"shortcircuit" = shortcircuit
"Skype_is1" = Skype 3.0
"Sonic Destructor" = Sonic Destructor
"Sonitex STX-1260 Trial Version_is1" = Sonitex STX-1260 v1.0 Trial Version
"Sonitex STX-1260_is1" = Sonitex STX-1260 v1.0
"Soulseek2" = SoulSeek 157 NS 13
"Sound Blaster Audigy" = Sound Blaster Audigy
"Spark FXMachine 2.1" = Spark FXMachine 2.1
"Speech Synthesizer 5.0_is1" = Speech Synthesizer 5.0
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
"ST6UNST #1" = WolfNameAnimator
"ST6UNST #2" = WolfNameAnimator (C:\Program Files\WolfNameAnimator\)
"Super Screen Capture_is1" = Super Screen Capture 4.0
"Super Screen Recorder_is1" = Super Screen Recorder 4.0
"SyncroSoft Emu" = SyncroSoft Emu (Remove only)
"Syncrosoft's License Control" = Syncrosoft's License Control
"The Eagle" = The Eagle (remove only)
"timeworks Reverb 4080L" = timeworks Reverb 4080L
"toppler" = Tower Toppler
"UControl Scan and Remove" = UControl Scan and Remove
"Unique Demo" = Unique Demo
"Vaporizer_is1" = Vaporizer v0.53b
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"Virtual Edit" = Virtual Edit Evaluation
"WaveLabLite" = WaveLab Lite
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 2
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"xvid" = XviD MPEG-4 Video Codec
"Yahoo! Companion" = Yahoo! Toolbar
"ZD Soft Screen Recorder" = ZD Soft Screen Recorder
"ZDSV" = ZD Soft Screen Video Decoder
"ZoneAlarm" = ZoneAlarm
"ZoneAlarmSB Uninstall" = ZoneAlarm Spy Blocker

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/10/2008 11:14:27 | Computer Name = MIKESPC | Source = Application Hang | ID = 1002
Description = Hanging application photosle.exe, version 3.0.64.101, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/10/2008 11:15:25 | Computer Name = MIKESPC | Source = Application Hang | ID = 1002
Description = Hanging application photosle.exe, version 3.0.64.101, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/10/2008 12:46:46 | Computer Name = MIKESPC | Source = ESENT | ID = 482
Description = msnmsgr (3156) An attempt to write to the file "\\.\C:\Documents and
Settings\Mike\Local Settings\Application Data\Microsoft\Messenger\wappie_man@hotmail.com\SharingMetadata\Working\database_1C6_734_A291_DD40\dfsr.db"
at offset 1179648 (0x0000000000120000) for 8192 (0x00002000) bytes failed with
system error 1453 (0x000005ad): "Insufficient quota to complete the requested service.
". The write operation will fail with error -1011 (0xfffffc0d). If this error
persists then the file may be damaged and may need to be restored from a previous
backup.

Error - 11/10/2008 20:11:40 | Computer Name = MIKESPC | Source = Application Error | ID = 1000
Description = Faulting application avgwdsvc.exe, version 8.0.0.145, faulting module
msvcr80.dll, version 8.0.50727.1433, fault address 0x000173bd.

Error - 11/10/2008 22:21:29 | Computer Name = MIKESPC | Source = Application Error | ID = 1000
Description = Faulting application avgwdsvc.exe, version 8.0.0.145, faulting module
msvcr80.dll, version 8.0.50727.1433, fault address 0x0001500a.

Error - 11/11/2008 08:00:09 | Computer Name = MIKESPC | Source = Application Error | ID = 1000
Description = Faulting application avgwdsvc.exe, version 8.0.0.145, faulting module
msvcr80.dll, version 8.0.50727.1433, fault address 0x0001500a.

Error - 11/11/2008 08:04:13 | Computer Name = MIKESPC | Source = Application Error | ID = 1001
Description = Fault bucket 862478225.

Error - 11/12/2008 08:08:33 | Computer Name = MIKESPC | Source = Application Error | ID = 1000
Description = Faulting application avgwdsvc.exe, version 8.0.0.145, faulting module
msvcr80.dll, version 8.0.50727.1433, fault address 0x0001500a.

Error - 11/12/2008 11:46:34 | Computer Name = MIKESPC | Source = SDWinSec.exe | ID = 0
Description =

Error - 11/12/2008 11:57:05 | Computer Name = MIKESPC | Source = SDWinSec.exe | ID = 0
Description =

[ System Events ]
Error - 11/12/2008 09:17:31 | Computer Name = MIKESPC | Source = Service Control Manager | ID = 7001
Description = The IPSEC Services service depends on the IPSEC driver service which
failed to start because of the following error: %%31

Error - 11/12/2008 09:17:31 | Computer Name = MIKESPC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AFD AvgLdx86 AvgMfx86 Beep Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip

Error - 11/12/2008 09:22:33 | Computer Name = MIKESPC | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 11/12/2008 09:24:01 | Computer Name = MIKESPC | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the lxdjCATSCustConnectService
service to connect.

Error - 11/12/2008 09:24:01 | Computer Name = MIKESPC | Source = Service Control Manager | ID = 7000
Description = The lxdjCATSCustConnectService service failed to start due to the
following error: %%1053

Error - 11/12/2008 09:24:03 | Computer Name = MIKESPC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Beep

Error - 11/12/2008 09:37:42 | Computer Name = MIKESPC | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the lxdjCATSCustConnectService
service to connect.

Error - 11/12/2008 09:37:42 | Computer Name = MIKESPC | Source = Service Control Manager | ID = 7000
Description = The lxdjCATSCustConnectService service failed to start due to the
following error: %%1053

Error - 11/12/2008 09:37:48 | Computer Name = MIKESPC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Beep

Error - 11/12/2008 12:27:36 | Computer Name = MIKESPC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Beep


< End of report >

------------------------------------------------------------------------------

I'd just like to also say i have a new problem, every link on google is "go.google" which sends me to spam websites, the only way i can get around this is by clicking Cached or using this PC.
Raid
Nov 12 2008, 09:42 PM
QUOTE (ihateviruses2009 @ Nov 12 2008, 11:56 AM) *

I'd just like to also say i have a new problem, every link on google is "go.google" which sends me to spam websites, the only way i can get around this is by clicking Cached or using this PC.


No doubt. I found what your issue is likely to be caused from, and then I found this as well:

[2008/11/11 23:33:09 | 03,049,294 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\malwarebytes.anti-malware.v1.29.multilingual.winall.incl.keygen-crd.rar

I can't stop you from bootlegging our software, but i'll be damned if I'm going to do you any favors to help you out at this point either. Except to say that I'm glad your infected, you most certainly got what you deserve. If you learn nothing else from this, pirating small apps like ours really isn't that smart; we're here to help you, and this is how you repay us for it?
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2010 Invision Power Services, Inc.