WiredWX Hobby Weather ToolsLog in

 


Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

3 posters

descriptionMalwarebytes, HijackThis, Spybot S&D, AVG no longer working - Page 2 EmptyRe: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

more_horiz
ComboFix 09-10-13.01 - Compaq_Owner 10/13/2009 22:37.3.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.446.220 [GMT -7:00]
Running from: c:\documents and settings\Compaq_Owner\My Documents\Downloads\ComboFix.exe
Command switches used :: c:\documents and settings\Compaq_Owner\My Documents\Downloads\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

FILE ::
"C:\dvglbk.exe"
"c:\windows\system32\TerNa.exe"
"C:\wridiint.exe"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\dvglbk.exe
c:\program files\RegistryFix8
c:\program files\RegistryFix8\RegistryFix8Backup\10,3,2009_22,10,56.cab
c:\windows\system32\TerNa.exe
C:\wridiint.exe

.
((((((((((((((((((((((((( Files Created from 2009-09-14 to 2009-10-14 )))))))))))))))))))))))))))))))
.

2009-10-13 02:06 . 2009-10-13 02:06 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-10-12 20:38 . 2009-10-12 20:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-10-12 20:38 . 2009-10-12 20:39 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-10-11 21:11 . 2009-09-10 21:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-11 21:11 . 2009-10-12 20:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-11 21:11 . 2009-09-10 21:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-11 21:09 . 2009-10-11 21:09 -------- d-----w- c:\documents and settings\Administrator.RIVERA\Application Data\Malwarebytes
2009-10-11 21:07 . 2009-10-11 21:07 -------- d-----w- c:\documents and settings\Administrator.RIVERA\Local Settings\Application Data\AVG Security Toolbar
2009-10-09 23:03 . 2009-10-09 23:03 -------- d-----w- c:\program files\Lame for Audacity
2009-10-09 22:16 . 2009-10-13 01:37 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Audacity
2009-10-09 22:16 . 2009-10-09 22:16 -------- d-----w- c:\program files\Audacity 1.3 Beta (Unicode)
2009-10-09 06:05 . 2009-10-09 06:07 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-10-08 17:51 . 2004-06-10 14:34 53693 ----a-r- c:\windows\UNDPX2A.sys
2009-10-08 17:51 . 2004-06-10 14:31 135168 ----a-r- c:\windows\UNDPX2A.exe
2009-10-08 17:51 . 2004-06-09 23:42 15429 ----a-r- c:\windows\system32\drivers\Sacm2A.sys
2009-10-04 06:18 . 2009-10-04 06:18 -------- d-----w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\Yahoo
2009-10-04 06:15 . 2009-10-04 06:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2009-09-26 03:34 . 2009-10-11 21:13 -------- d-----w- c:\program files\BitLord
2009-09-15 02:55 . 2009-09-15 02:56 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-14 03:37 . 2009-06-29 05:56 7620 ----a-w- c:\documents and settings\Compaq_Owner\Application Data\wklnhst.dat
2009-10-13 05:45 . 2007-02-07 19:10 -------- d--h--w- c:\documents and settings\Compaq_Owner\Application Data\Move Networks
2009-10-10 20:15 . 2005-08-03 21:52 -------- d-----w- c:\program files\Easy Internet signup
2009-10-10 03:42 . 2005-11-18 10:22 60072 -c--a-w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-09 22:03 . 2005-12-09 03:17 -------- d-----w- c:\program files\Yahoo!
2009-10-04 06:17 . 2006-04-27 07:16 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Yahoo!
2009-09-29 08:33 . 2005-08-03 21:41 -------- d-----w- c:\program files\iTunes
2009-09-29 08:32 . 2005-08-03 21:41 -------- d-----w- c:\program files\iPod
2009-09-16 07:16 . 2009-03-28 09:19 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Apple Computer
2009-09-15 06:00 . 2009-08-06 04:40 -------- d-----w- c:\program files\PokerStars.NET
2009-09-15 02:51 . 2005-08-03 21:41 -------- d-----w- c:\program files\QuickTime
2009-09-15 02:49 . 2008-07-22 17:18 -------- d-----w- c:\program files\Common Files\Apple
2009-09-11 22:40 . 2009-06-15 20:34 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2009-08-17 08:03 . 2009-06-15 20:34 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-08-17 08:03 . 2009-06-15 20:34 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-08-17 08:03 . 2009-06-15 20:34 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-08-07 02:24 . 2004-08-04 12:00 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-07 02:24 . 2004-08-04 12:00 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-07 02:24 . 2008-10-16 22:09 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-07 02:24 . 2004-08-04 12:00 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-07 02:24 . 2004-08-04 12:00 53472 ------w- c:\windows\system32\wuauclt.exe
2009-08-07 02:24 . 2004-08-04 12:00 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-07 02:23 . 2004-08-04 12:00 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-07 02:23 . 2004-08-04 12:00 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-05 09:01 . 2004-08-04 12:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-03 05:17 . 2009-08-03 05:17 2256 ----a-w- c:\windows\current_settings.bin
2009-07-25 12:23 . 2009-06-12 01:28 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-07-17 19:01 . 2004-08-04 12:00 58880 ----a-w- c:\windows\system32\atl.dll
2007-12-05 12:23 . 2007-12-05 12:24 774144 -c--a-w- c:\program files\RngInterstitial.dll
2007-01-16 07:32 . 2007-01-16 07:32 7168 -csha-w- c:\program files\Thumbs.db
2003-08-27 21:19 . 2009-06-08 07:19 36963 ----a-r- c:\program files\Common Files\SM1updtr.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-09-02 18:58 1107200 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-05-27 4351216]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-11-10 406016]
"SM1BG"="c:\windows\SM1BG.EXE" [2003-08-27 94208]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2005-05-11 253952]
"ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 49152]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2005-08-03 180269]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"RoxioDragToDisc"="c:\program files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe" [2004-01-27 1179648]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-02-03 233304]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-21 305440]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-02-26 245760]
"HP Software Update"="c:\program files\HP\HP Software Update\HPwuSchd2.exe" [2005-02-17 49152]
"D-Link D-Link Wireless N DWA-130"="c:\program files\D-Link\DWA-130\AirNCFG.exe" [2008-10-01 1679360]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-10-09 2023704]
"SMSERIAL"="sm56hlpr.exe" - c:\windows\sm56hlpr.exe [2005-01-24 544768]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-17 08:03 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [6/15/2009 1:34 PM 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [6/15/2009 1:34 PM 108552]
R2 ANIWConnService;ANIWConn Service;c:\windows\system32\ANIWConnService.exe [5/20/2009 2:09 PM 143360]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [6/15/2009 1:34 PM 297752]
S3 RTL8192u;Realtek RTL8192U Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192u.sys [5/20/2009 2:07 PM 443776]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-10-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-12 20:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=presario&pf=desktop&parm1=seconduser
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=presario&pf=desktop&parm1=seconduser
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
FF - ProfilePath - c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\odo29sgx.default\
FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p=
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\documents and settings\Compaq_Owner\Application Data\Move Networks\plugins\npqmp071503000010.dll
FF - hȋdden: XUL Cache: {DF30700B-ED43-408A-90BB-8FA0A69AE598} - c:\documents and settings\Compaq_Owner\Local Settings\Application Data\{DF30700B-ED43-408A-90BB-8FA0A69AE598}
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-13 22:45
Windows 5.1.2600 Service Pack 3 NTFS

scanning hȋdden processes ...

scanning hȋdden autostart entries ...

scanning hȋdden files ...

scan completed successfully
hȋdden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(616)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-10-14 22:47
ComboFix-quarantined-files.txt 2009-10-14 05:46
ComboFix2.txt 2009-10-14 04:13
ComboFix3.txt 2009-06-25 04:34

Pre-Run: 150,578,417,664 bytes free
Post-Run: 150,566,920,192 bytes free

187 --- E O F --- 2009-10-10 08:42

descriptionMalwarebytes, HijackThis, Spybot S&D, AVG no longer working - Page 2 EmptyRe: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

more_horiz
Hi

Malwarebytes, HijackThis, Spybot S&D, AVG no longer working - Page 2 Mbamicontw5 Please download Malwarebytes Anti-Malware from here.

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

descriptionMalwarebytes, HijackThis, Spybot S&D, AVG no longer working - Page 2 EmptyRe: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

more_horiz
Malwarebytes' Anti-Malware 1.41
Database version: 2955
Windows 5.1.2600 Service Pack 3

10/14/2009 1:00:53 AM
mbam-log-2009-10-14 (01-00-53).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Objects scanned: 232376
Time elapsed: 1 hour(s), 21 minute(s), 11 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Qoobox\Quarantine\C\Documents and Settings\Compaq_Owner\Application Data\lizkavd.exe.vir (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\eventlog.dll.vir (Trojan.Sirefef) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\~.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP2\A0000295.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP2\A0000317.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP2\A0000320.dll (Trojan.Sirefef) -> Quarantined and deleted successfully.

descriptionMalwarebytes, HijackThis, Spybot S&D, AVG no longer working - Page 2 EmptyRe: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

more_horiz
Please run Trend Micro Housecall online scan.

  • Click Scan now.
  • Read and put a Check next to Yes I accept the terms of use.
  • Click the Launching HouseCall>> button.
  • If confirmed that HouseCall can run on your system, under Using Java-based HouseCall kernel click the Starting HouseCall>> button.
  • You may receive a Security Warning about the TrendMicro Java applet, click YES.
  • Under Scan complete computer for malware, grayware, and vulnerabilities click the Next>> button.
  • Please be patient while it installs, updates, and scans your system.
  • Once the scan is complete, it will take you to the summary page.
  • Under Cleanup options, choose clean all detected infections automatically.
  • Click the Clean now>> button.
  • If anything was found you may be prompted to run the scan again, you can just close the browser window.

descriptionMalwarebytes, HijackThis, Spybot S&D, AVG no longer working - Page 2 EmptyRe: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

more_horiz
Alright, I did the TrendMicro Housecall. I was prompted to run the scan again, but I closed the browser.

Is there a next step??

Can I delete/uninstall Spybot and Hijack This and other programs??

descriptionMalwarebytes, HijackThis, Spybot S&D, AVG no longer working - Page 2 EmptyRe: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

more_horiz
Please re-open Malwarebytes, click the Update tab, and click Check for Updates. Then, click the Scanner tab, select Perform Quick Scan, and press Scan. Remove selected, and post the log in your next reply.

descriptionMalwarebytes, HijackThis, Spybot S&D, AVG no longer working - Page 2 EmptyRe: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

more_horiz
Malwarebytes' Anti-Malware 1.41
Database version: 2968
Windows 5.1.2600 Service Pack 3

10/15/2009 2:14:18 PM
mbam-log-2009-10-15 (14-14-18).txt

Scan type: Quick Scan
Objects scanned: 114053
Time elapsed: 5 minute(s), 44 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

descriptionMalwarebytes, HijackThis, Spybot S&D, AVG no longer working - Page 2 EmptyRe: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

more_horiz
Now to get you off to a good start we will clean your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your restore points, but this is my method:
  • Select Start > All Programs > Accessories > System tools > System Restore.
  • On the dialogue box that appears select Create a Restore Point
  • Click NEXT
  • Enter a name e.g. Clean
  • Click CREATE

You now have a clean restore point, to get rid of the bad ones:
  • Select Start > All Programs > Accessories > System tools > Disk Cleanup.
  • In the Drop down box that appears select your main drive e.g. C
  • Click OK
  • The System will do some calculation and the display a dialogue box with TABS
  • Select the More Options Tab.
  • At the bottom will be a system restore box with a CLEANUP button click this
  • Accept the Warning and select OK again, the program will close and you are done


==

Download Security Check by screen317 from SpywareInfoforum.org or Changelog.fr.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

descriptionMalwarebytes, HijackThis, Spybot S&D, AVG no longer working - Page 2 EmptyRe: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

more_horiz
Results of screen317's Security Check version 0.99.0
Windows XP Service Pack 3
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
AVG Free 8.5
AVG Anti-Rootkit Free
``````````````````````````````
Anti-malware/Other Utilities Check:

Spybot - Search & Destroy
AVG Anti-Rootkit Free
HijackThis 2.0.2
Java(TM) 6 Update 15
Adobe Flash Player 10
Adobe Reader 7.0
Out of date Adobe Reader installed!
``````````````````````````````
Process Check:
objlist.exe by Laurent

AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
``````````````````````````````
DNS Vulnerability Check:

GREAT! (Not vulnerable to DNS cache poisoning)

`````````End of Log```````````

descriptionMalwarebytes, HijackThis, Spybot S&D, AVG no longer working - Page 2 EmptyRe: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

more_horiz
Please download the newest version of Adobe Acrobat Reader from Adobe.com

Before installing: it is important to remove older versions of Acrobat Reader since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs.
Search in the list for all previous installed versions of Adobe Acrobat Reader. Uninstall/Remove each of them.

Once old versions are gone, please install the newest version.

==

How is your computer running? Are those programs you mentioned operational? Are you satisfied with the results?

descriptionMalwarebytes, HijackThis, Spybot S&D, AVG no longer working - Page 2 EmptyRe: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

more_horiz
Malwarebytes and AVG are working. Spybot Search and Destroy and Hijack This are still saying " Windows cannot access the specified device, path, or file. You may not have the appropriate permission to access the item."

Do I uninstall and then re-install them? Or do I not need them anymore?

The computer is still running slower then usual, but other than that I am satisfied with what your instructions has accomplished for me.

descriptionMalwarebytes, HijackThis, Spybot S&D, AVG no longer working - Page 2 EmptyRe: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

more_horiz
Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:

    Code:


    :filefind
    scecli.dll
    netlogon.dll
    eventlog.dll
    winlogon.exe
    comres.dll
    crypt32.dll
    gpedit.dll
    rundll32.exe
    sfc.dll
    svchost.exe
    cngaudit.dll
    beep.sys
    wscntfy.exe
    atapi.sys


  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

descriptionMalwarebytes, HijackThis, Spybot S&D, AVG no longer working - Page 2 EmptyRe: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

more_horiz
SystemLook v1.0 by jpshortstuff (29.08.09)
Log created at 11:29 on 17/10/2009 by Compaq_Owner (Administrator - Elevation successful)

========== filefind ==========

Searching for "scecli.dll"
C:\WINDOWS\$NtServicePackUninstall$\scecli.dll -----c 180224 bytes [20:32 12/06/2009] [12:00 04/08/2004] 0F78E27F563F2AAF74B91A49E2ABF19A
C:\WINDOWS\ERDNT\cache\scecli.dll --a--- 181248 bytes [04:11 14/10/2009] [00:12 14/04/2008] A86BB5E61BF3E39B62AB4C7E7085A084
C:\WINDOWS\ServicePackFiles\i386\scecli.dll ------ 181248 bytes [03:04 01/04/2009] [00:12 14/04/2008] A86BB5E61BF3E39B62AB4C7E7085A084
C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\scecli.dll --a--c 181248 bytes [22:53 19/08/2008] [00:12 14/04/2008] A86BB5E61BF3E39B62AB4C7E7085A084
C:\WINDOWS\system32\scecli.dll ------ 181248 bytes [12:00 04/08/2004] [00:12 14/04/2008] A86BB5E61BF3E39B62AB4C7E7085A084

Searching for "netlogon.dll"
C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll -----c 407040 bytes [20:32 12/06/2009] [12:00 04/08/2004] 96353FCECBA774BB8DA74A1C6507015A
C:\WINDOWS\ERDNT\cache\netlogon.dll --a--- 407040 bytes [04:11 14/10/2009] [00:12 14/04/2008] 1B7F071C51B77C272875C3A23E1E4550
C:\WINDOWS\ServicePackFiles\i386\netlogon.dll ------ 407040 bytes [03:03 01/04/2009] [00:12 14/04/2008] 1B7F071C51B77C272875C3A23E1E4550
C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\netlogon.dll --a--c 407040 bytes [22:53 19/08/2008] [00:12 14/04/2008] 1B7F071C51B77C272875C3A23E1E4550
C:\WINDOWS\system32\netlogon.dll ------ 407040 bytes [12:00 04/08/2004] [00:12 14/04/2008] 1B7F071C51B77C272875C3A23E1E4550

Searching for "eventlog.dll"
C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll -----c 55808 bytes [20:32 12/06/2009] [12:00 04/08/2004] 82B24CB70E5944E6E34662205A2A5B78
C:\WINDOWS\ERDNT\cache\eventlog.dll --a--- 56320 bytes [04:11 14/10/2009] [00:11 14/04/2008] 6D4FEB43EE538FC5428CC7F0565AA656
C:\WINDOWS\ServicePackFiles\i386\eventlog.dll ------ 56320 bytes [03:03 01/04/2009] [00:11 14/04/2008] 6D4FEB43EE538FC5428CC7F0565AA656
C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\eventlog.dll --a--c 56320 bytes [22:52 19/08/2008] [00:11 14/04/2008] 6D4FEB43EE538FC5428CC7F0565AA656
C:\WINDOWS\system32\eventlog.dll ------ 56320 bytes [12:00 04/08/2004] [00:11 14/04/2008] 6D4FEB43EE538FC5428CC7F0565AA656

Searching for "winlogon.exe"
C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe -----c 502272 bytes [20:32 12/06/2009] [12:00 04/08/2004] 01C3346C241652F43AED8E2149881BFE
C:\WINDOWS\ERDNT\cache\winlogon.exe --a--- 507904 bytes [04:11 14/10/2009] [00:12 14/04/2008] ED0EF0A136DEC83DF69F04118870003E
C:\WINDOWS\ServicePackFiles\i386\winlogon.exe ------ 507904 bytes [03:04 01/04/2009] [00:12 14/04/2008] ED0EF0A136DEC83DF69F04118870003E
C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\winlogon.exe --a--c 507904 bytes [22:53 19/08/2008] [00:12 14/04/2008] ED0EF0A136DEC83DF69F04118870003E
C:\WINDOWS\system32\winlogon.exe ------ 507904 bytes [12:00 04/08/2004] [00:12 14/04/2008] ED0EF0A136DEC83DF69F04118870003E

Searching for "comres.dll"
C:\WINDOWS\$NtServicePackUninstall$\comres.dll -----c 792064 bytes [20:32 12/06/2009] [12:00 04/08/2004] 6728270CB7DBB776ED086F5AC4C82310
C:\WINDOWS\ServicePackFiles\i386\comres.dll ------ 792064 bytes [03:03 01/04/2009] [00:11 14/04/2008] 1280A158C722FA95A80FB7AEBE78FA7D
C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\comres.dll --a--c 792064 bytes [22:52 19/08/2008] [00:11 14/04/2008] 1280A158C722FA95A80FB7AEBE78FA7D
C:\WINDOWS\system32\comres.dll --a--- 792064 bytes [12:00 04/08/2004] [00:11 14/04/2008] 1280A158C722FA95A80FB7AEBE78FA7D

Searching for "crypt32.dll"
C:\WINDOWS\$NtServicePackUninstall$\crypt32.dll -----c 597504 bytes [20:32 12/06/2009] [12:00 04/08/2004] EFC958396A7A7EF7E6D4A52B97512E18
C:\WINDOWS\ServicePackFiles\i386\crypt32.dll ------ 599040 bytes [03:03 01/04/2009] [00:11 14/04/2008] BDAAF79DD63F194434D31A74B9BB8B77
C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\crypt32.dll --a--c 599040 bytes [22:52 19/08/2008] [00:11 14/04/2008] BDAAF79DD63F194434D31A74B9BB8B77
C:\WINDOWS\system32\crypt32.dll --a--- 599040 bytes [12:00 04/08/2004] [00:11 14/04/2008] BDAAF79DD63F194434D31A74B9BB8B77

Searching for "gpedit.dll"
No files found.

Searching for "rundll32.exe"
C:\WINDOWS\$NtServicePackUninstall$\rundll32.exe -----c 33280 bytes [20:32 12/06/2009] [12:00 04/08/2004] DA285490BBD8A1D0CE6623577D5BA1FF
C:\WINDOWS\ServicePackFiles\i386\rundll32.exe ------ 33280 bytes [03:04 01/04/2009] [00:12 14/04/2008] 037B1E7798960E0420003D05BB577EE6
C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\rundll32.exe --a--c 33280 bytes [22:53 19/08/2008] [00:12 14/04/2008] 037B1E7798960E0420003D05BB577EE6
C:\WINDOWS\system32\rundll32.exe --a--- 33280 bytes [12:00 04/08/2004] [00:12 14/04/2008] 037B1E7798960E0420003D05BB577EE6

Searching for "sfc.dll"
C:\WINDOWS\$NtServicePackUninstall$\sfc.dll -----c 5120 bytes [20:32 12/06/2009] [12:00 04/08/2004] E8A12A12EA9088B4327D49EDCA3ADD3E
C:\WINDOWS\ERDNT\cache\sfc.dll --a--- 5120 bytes [04:11 14/10/2009] [00:12 14/04/2008] 96E1C926F22EE1BFBAE82901A35F6BF3
C:\WINDOWS\ServicePackFiles\i386\sfc.dll ------ 5120 bytes [03:04 01/04/2009] [00:12 14/04/2008] 96E1C926F22EE1BFBAE82901A35F6BF3
C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\sfc.dll --a--c 5120 bytes [22:53 19/08/2008] [00:12 14/04/2008] 96E1C926F22EE1BFBAE82901A35F6BF3
C:\WINDOWS\system32\sfc.dll ------ 5120 bytes [12:00 04/08/2004] [00:12 14/04/2008] 96E1C926F22EE1BFBAE82901A35F6BF3

Searching for "svchost.exe"
C:\WINDOWS\$NtServicePackUninstall$\svchost.exe -----c 14336 bytes [20:32 12/06/2009] [12:00 04/08/2004] 8F078AE4ED187AAABC0A305146DE6716
C:\WINDOWS\ERDNT\cache\svchost.exe --a--- 14336 bytes [04:11 14/10/2009] [00:12 14/04/2008] 27C6D03BCDB8CFEB96B716F3D8BE3E18
C:\WINDOWS\ServicePackFiles\i386\svchost.exe ------ 14336 bytes [03:04 01/04/2009] [00:12 14/04/2008] 27C6D03BCDB8CFEB96B716F3D8BE3E18
C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\svchost.exe --a--c 14336 bytes [22:53 19/08/2008] [00:12 14/04/2008] 27C6D03BCDB8CFEB96B716F3D8BE3E18
C:\WINDOWS\system32\svchost.exe ------ 14336 bytes [12:00 04/08/2004] [00:12 14/04/2008] 27C6D03BCDB8CFEB96B716F3D8BE3E18

Searching for "cngaudit.dll"
No files found.

Searching for "beep.sys"
C:\WINDOWS\ERDNT\cache\beep.sys --a--- 4224 bytes [04:11 14/10/2009] [12:00 04/08/2004] DA1F27D85E0D1525F6621372E7B685E9
C:\WINDOWS\system32\dllcache\beep.sys --a--c 4224 bytes [12:00 04/08/2004] [12:00 04/08/2004] DA1F27D85E0D1525F6621372E7B685E9
C:\WINDOWS\system32\drivers\beep.sys ------ 4224 bytes [12:00 04/08/2004] [12:00 04/08/2004] DA1F27D85E0D1525F6621372E7B685E9

Searching for "wscntfy.exe"
C:\WINDOWS\$NtServicePackUninstall$\wscntfy.exe -----c 13824 bytes [20:33 12/06/2009] [12:00 04/08/2004] 49911DD39E023BB6C45E4E436CFBD297
C:\WINDOWS\ERDNT\cache\wscntfy.exe --a--- 13824 bytes [04:11 14/10/2009] [00:12 14/04/2008] F92E1076C42FCD6DB3D72D8CFE9816D5
C:\WINDOWS\ServicePackFiles\i386\wscntfy.exe ------ 13824 bytes [03:05 01/04/2009] [00:12 14/04/2008] F92E1076C42FCD6DB3D72D8CFE9816D5
C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\wscntfy.exe --a--c 13824 bytes [22:53 19/08/2008] [00:12 14/04/2008] F92E1076C42FCD6DB3D72D8CFE9816D5
C:\WINDOWS\system32\wscntfy.exe ------ 13824 bytes [12:00 04/08/2004] [00:12 14/04/2008] F92E1076C42FCD6DB3D72D8CFE9816D5

Searching for "atapi.sys"
C:\WINDOWS\$NtServicePackUninstall$\atapi.sys -----c 95360 bytes [20:32 12/06/2009] [12:00 04/08/2004] CDFE4411A69C224BD1D11B2DA92DAC51
C:\WINDOWS\ServicePackFiles\i386\atapi.sys ------ 96512 bytes [03:02 01/04/2009] [18:40 13/04/2008] 9F3A2F5AA6875C72BF062C712CFA2674
C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\atapi.sys --a--c 96512 bytes [22:52 19/08/2008] [18:40 13/04/2008] 9F3A2F5AA6875C72BF062C712CFA2674
C:\WINDOWS\system32\drivers\atapi.sys --a--- 96512 bytes [12:00 04/08/2004] [18:40 13/04/2008] 9F3A2F5AA6875C72BF062C712CFA2674

-=End Of File=-

descriptionMalwarebytes, HijackThis, Spybot S&D, AVG no longer working - Page 2 EmptyRe: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

more_horiz
Hi

Deeper inspection Roger that

Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in

    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %SYSTEMDRIVE%\*.exe
    %systemroot%\system32\eventlog.dll
    %systemroot%\system32\scecli.dll
    %systemroot%\netlogon.dll
    %systemroot%\system32\cngaudit.dll
    %systemroot%\system32\sceclt.dll
    %systemroot%\ntelogon.dll
    %systemroot%\system32\logevent.dll
    %systemroot%\system32\drivers\iaStor.sys
    %systemroot%\System32\drivers\nvstor.sys
    %systemroot%\system32\drivers\atapi.sys

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time

descriptionMalwarebytes, HijackThis, Spybot S&D, AVG no longer working - Page 2 EmptyRe: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

more_horiz
Oh no...sorry!! Hehe...BUT THANK YOU AGAIN FOR HELPING ME....

OTL.Txt



OTL logfile created on: 10/17/2009 5:30:40 PM - Run 1
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.48 Mb Total Physical Memory | 196.66 Mb Available Physical Memory | 44.05% Memory free
1.06 Gb Paging File | 0.60 Gb Available in Paging File | 56.17% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 179.80 Gb Total Space | 138.00 Gb Free Space | 76.75% Space Free | Partition Type: NTFS
Drive D: | 6.50 Gb Total Space | 1.19 Gb Free Space | 18.24% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: RIVERA
Current User Name: Compaq_Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2009/10/17 17:27:29 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
PRC - [2009/10/16 23:33:08 | 02,025,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2009/09/21 16:36:12 | 00,305,440 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/09/21 16:36:02 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/08/17 01:03:09 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/08/17 01:03:05 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/08/17 01:02:56 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/07/27 17:19:10 | 00,199,184 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
PRC - [2009/07/25 05:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/07/25 05:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/06/05 11:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/03/05 16:07:20 | 02,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/14 17:53:02 | 00,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/11/09 13:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/01 11:22:50 | 01,679,360 | ---- | M] (D-Link) -- C:\Program Files\D-Link\DWA-130\AirNCFG.exe
PRC - [2008/07/09 08:58:42 | 00,143,360 | ---- | M] () -- C:\WINDOWS\System32\ANIWConnService.exe
PRC - [2008/04/13 17:12:41 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
PRC - [2008/04/13 17:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2007/01/19 11:49:26 | 00,049,152 | ---- | M] (Wireless Service) -- C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
PRC - [2007/01/19 11:49:04 | 00,049,152 | ---- | M] (Wireless Service) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
PRC - [2005/06/21 06:10:30 | 00,053,248 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2005/06/08 04:05:00 | 00,344,064 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
PRC - [2005/06/07 22:38:32 | 00,376,832 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2005/02/17 06:11:42 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
PRC - [2005/02/02 16:44:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\HP\KBD\KBD.EXE
PRC - [2005/01/24 02:56:00 | 00,544,768 | ---- | M] (Motorola Inc.) -- C:\WINDOWS\sm56hlpr.exe
PRC - [2004/09/07 13:47:52 | 00,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCXMNTR.EXE
PRC - [2004/01/27 14:39:00 | 01,179,648 | ---- | M] (Roxio) -- C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
PRC - [2003/08/27 14:20:00 | 00,094,208 | R--- | M] (Cypress Semiconductor) -- C:\WINDOWS\SM1BG.EXE
PRC - [2003/06/20 06:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [1998/05/07 09:04:38 | 00,052,736 | ---- | M] (Hewlett-Packard Company) -- c:\windows\system\hpsysdrv.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/09/21 16:36:02 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2009/08/17 01:02:56 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
SRV - [2009/07/25 05:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2009/06/05 11:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2009/01/14 17:53:02 | 00,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008/11/09 13:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService [Auto | Running])
SRV - [2008/07/09 08:58:42 | 00,143,360 | ---- | M] () -- C:\WINDOWS\System32\ANIWConnService.exe -- (ANIWConnService [Auto | Running])
SRV - [2008/04/13 17:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2007/01/19 11:49:26 | 00,049,152 | ---- | M] (Wireless Service) -- C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService [Auto | Running])
SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2005/06/21 06:10:30 | 00,053,248 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2005/06/07 22:38:32 | 00,376,832 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2004/10/22 10:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2004/07/15 08:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2003/07/28 19:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2003/06/20 06:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=presario&pf=desktop&parm1=seconduser
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5
FF - prefs.js..extensions.enabledItems: avg@igeared:2.609.002.003
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: {DF30700B-ED43-408A-90BB-8FA0A69AE598}:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3
FF - prefs.js..keyword.URL: "http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p="

FF - HKLM\software\mozilla\Firefox\extensions\\{DF30700B-ED43-408A-90BB-8FA0A69AE598}: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\{DF30700B-ED43-408A-90BB-8FA0A69AE598} [2009/06/11 18:39:41 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009/06/21 08:11:24 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared [2009/10/10 01:39:03 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/06/11 18:27:18 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/10/13 11:54:32 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/10/16 17:22:51 | 00,000,000 | ---D | M]

[2009/10/09 15:13:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Extensions
[2009/10/09 15:13:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/10/16 18:15:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Firefox\Profiles\odo29sgx.default\extensions
[2009/10/16 23:36:08 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/10/09 15:11:28 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/08/11 00:56:28 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/08/24 13:15:25 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/08/24 13:15:26 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/07/25 05:23:01 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/08/24 13:15:27 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009/02/27 13:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009/10/13 11:54:21 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/10/13 11:54:22 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/10/13 11:54:24 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/10/13 11:54:24 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/10/13 11:54:24 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/10/13 11:54:25 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/10/13 11:54:25 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2009/08/24 11:45:46 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/08/24 11:45:46 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/10/11 14:07:19 | 00,001,497 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg_igeared.xml
[2009/08/24 11:45:46 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/08/24 11:45:46 | 00,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/08/24 11:45:46 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/08/24 11:45:46 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/08/24 11:45:46 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [D-Link D-Link Wireless N DWA-130] C:\Program Files\D-Link\DWA-130\AirNCFG.exe (D-Link)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corp.)
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe (Roxio)
O4 - HKLM..\Run: [SM1BG] C:\WINDOWS\SM1BG.EXE (Cypress Semiconductor)
O4 - HKLM..\Run: [SMSERIAL] C:\WINDOWS\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan.lnk = C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Backward Links - C:\Program Files\Google\GoogleToolbar1.dll File not found
O8 - Extra context menu item: Cached Snapshot of Page - C:\Program Files\Google\GoogleToolbar1.dll File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/06/24 22:32:00 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 07:07:38 | 00,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{5ac526cc-8d0c-11de-9d19-0013d486933c}\Shell - "" = AutoRun
O33 - MountPoints2\{5ac526cc-8d0c-11de-9d19-0013d486933c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5ac526cc-8d0c-11de-9d19-0013d486933c}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

NetSvcs: 6to4 - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Iprip - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)

MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D} - Microsoft .NET Framework 1.1 Security Update (KB953297)
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\System32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\VfWWDM32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
Drivers32: wave2 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

========== Files/Folders - Created Within 14 Days ==========

[1 C:\WINDOWS\*.tmp files]
[2009/10/16 04:59:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/10/16 04:56:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2009/10/16 04:51:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2009/10/12 13:38:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/10/03 23:15:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2009/10/09 15:16:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Audacity
[2009/10/09 15:13:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla
[2009/10/03 23:18:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Yahoo
[2009/10/16 04:59:42 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2009/10/09 15:16:28 | 00,000,000 | ---D | C] -- C:\Program Files\Audacity 1.3 Beta (Unicode)
[2009/10/09 16:03:42 | 00,000,000 | ---D | C] -- C:\Program Files\Lame for Audacity
[2009/10/11 14:11:55 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/10/16 04:55:56 | 00,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2009/10/12 13:38:31 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/10/17 17:27:28 | 00,521,216 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2009/10/17 01:24:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009/10/16 17:56:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Desktop\1
[2009/10/16 04:59:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9 Installer
[2009/10/15 18:25:58 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/10/14 01:38:01 | 00,102,664 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2009/10/13 22:49:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp
[2009/10/11 14:11:56 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/10/11 14:11:55 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/10/09 14:37:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\VirtualDJ
[2009/10/08 23:05:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2009/10/08 10:51:15 | 00,015,429 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\Sacm2A.sys
[2009/06/08 00:19:54 | 00,036,963 | R--- | C] (Cypress Semiconductor) -- C:\Program Files\Common Files\SM1updtr.dll
[2007/12/05 05:24:13 | 00,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll

========== Files - Modified Within 14 Days ==========

[16 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/10/17 17:27:29 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2009/10/17 11:28:48 | 00,102,660 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\SystemLook.exe
[2009/10/17 08:08:26 | 43,179,769 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/10/16 23:54:56 | 00,017,920 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/16 19:18:59 | 00,002,256 | ---- | M] () -- C:\WINDOWS\current_settings.bin
[2009/10/16 17:52:29 | 00,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\PCLECHAL.INI
[2009/10/16 17:28:15 | 00,000,246 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2009/10/16 17:22:45 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/10/16 17:22:41 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/10/16 17:22:39 | 46,824,2432 | -HS- | M] () -- C:\hiberfil.sys
[2009/10/16 04:56:03 | 00,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan.lnk
[2009/10/15 23:54:30 | 00,000,686 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\BitLord.lnk
[2009/10/15 18:36:40 | 00,843,167 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\SecurityCheck.exe
[2009/10/15 17:17:08 | 00,033,037 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/10/14 03:12:10 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/10/14 01:36:45 | 00,102,664 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2009/10/14 01:24:12 | 00,000,036 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\housecall.guid.cache
[2009/10/13 23:30:40 | 00,000,704 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/13 22:45:14 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/10/13 21:04:44 | 00,000,007 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME
[2009/10/13 21:04:13 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/10/13 20:37:49 | 00,007,620 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat
[2009/10/13 20:37:48 | 00,009,216 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\videos.wps
[2009/10/12 19:06:03 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/10/12 16:41:26 | 00,082,264 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Production 1.dmsm
[2009/10/12 13:38:35 | 00,000,941 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Spybot - Search & Destroy.lnk
[2009/10/11 14:20:09 | 00,000,633 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/10/11 14:20:09 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009/10/11 13:48:34 | 00,010,240 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\lb.wps
[2009/10/11 08:10:09 | 00,236,544 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2009/10/10 12:43:07 | 00,009,728 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\home.wps
[2009/10/10 08:49:02 | 00,221,632 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/10/09 20:42:22 | 00,060,072 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/10/09 15:16:42 | 00,000,737 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Audacity 1.3 Beta (Unicode).lnk
[2009/10/09 15:11:31 | 00,001,610 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/10/08 23:36:54 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/10/08 23:30:49 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/10/08 23:30:49 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/10/08 23:07:56 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/10/08 23:06:02 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2009/10/08 10:38:22 | 00,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmpEE697.FOT
[2009/10/08 10:38:22 | 00,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmpD0797.FOT
[2009/10/08 10:38:22 | 00,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmpC3797.FOT
[2009/10/08 10:38:22 | 00,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp4F597.FOT
[2009/10/08 10:38:22 | 00,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp32697.FOT
[2009/10/08 10:38:22 | 00,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp24697.FOT
[2009/10/08 10:38:22 | 00,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp18697.FOT
[2009/10/03 23:15:54 | 00,000,820 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk

========== Files - No Company Name ==========
[2009/10/17 11:28:36 | 00,102,660 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\SystemLook.exe
[2009/10/17 01:24:54 | 00,003,525 | R--- | C] () -- C:\WINDOWS\System32\drivers\CamF2111.bin
[2009/10/17 01:24:53 | 00,014,217 | R--- | C] () -- C:\WINDOWS\System\SenF2111.csr
[2009/10/17 01:24:53 | 00,014,174 | R--- | C] () -- C:\WINDOWS\System\SenH2111.csr
[2009/10/17 01:24:53 | 00,005,295 | R--- | C] () -- C:\WINDOWS\VF0080.uns
[2009/10/17 01:24:53 | 00,003,525 | R--- | C] () -- C:\WINDOWS\System32\drivers\CamH2111.bin
[2009/10/16 04:56:03 | 00,000,707 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan.lnk
[2009/10/15 23:54:30 | 00,000,686 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\BitLord.lnk
[2009/10/15 18:36:38 | 00,843,167 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\SecurityCheck.exe
[2009/10/14 01:24:12 | 00,000,036 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\housecall.guid.cache
[2009/10/13 20:50:53 | 46,824,2432 | -HS- | C] () -- C:\hiberfil.sys
[2009/10/13 20:37:47 | 00,009,216 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\videos.wps
[2009/10/12 16:41:26 | 00,082,264 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Production 1.dmsm
[2009/10/12 13:38:35 | 00,000,941 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Spybot - Search & Destroy.lnk
[2009/10/11 14:11:58 | 00,000,704 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/11 13:48:33 | 00,010,240 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\lb.wps
[2009/10/10 12:43:06 | 00,009,728 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\home.wps
[2009/10/09 15:16:42 | 00,000,737 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Audacity 1.3 Beta (Unicode).lnk
[2009/10/09 15:11:31 | 00,001,610 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/10/08 23:06:02 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2009/10/08 10:51:15 | 00,135,168 | R--- | C] () -- C:\WINDOWS\UNDPX2A.exe
[2009/10/08 10:51:15 | 00,053,693 | R--- | C] () -- C:\WINDOWS\UNDPX2A.sys
[2009/10/08 10:38:22 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmpEE697.FOT
[2009/10/08 10:38:22 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmpD0797.FOT
[2009/10/08 10:38:22 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmpC3797.FOT
[2009/10/08 10:38:22 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp4F597.FOT
[2009/10/08 10:38:22 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp32697.FOT
[2009/10/08 10:38:22 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp24697.FOT
[2009/10/08 10:38:22 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp18697.FOT
[2009/10/03 23:15:54 | 00,000,820 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2009/08/02 16:25:16 | 00,138,752 | ---- | C] () -- C:\WINDOWS\System32\MASE32.DLL
[2009/08/02 16:25:16 | 00,057,856 | ---- | C] () -- C:\WINDOWS\System32\MASD32.DLL
[2009/08/02 16:25:15 | 00,196,096 | ---- | C] () -- C:\WINDOWS\System32\MACD32.DLL
[2009/08/02 16:25:15 | 00,136,192 | ---- | C] () -- C:\WINDOWS\System32\MAMC32.DLL
[2009/08/02 16:25:15 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\MA32.DLL
[2009/06/28 22:56:58 | 00,007,620 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat
[2009/06/14 14:50:53 | 00,005,448 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\f4a922ec565C.manifest
[2009/06/14 14:50:53 | 00,001,814 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\f4a922ec565P.manifest
[2009/06/14 14:50:53 | 00,000,793 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\f4a922ec565O.manifest
[2009/06/14 14:50:53 | 00,000,011 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\f4a922ec565S.manifest
[2009/06/11 02:03:42 | 00,000,285 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/05/28 01:45:48 | 00,000,911 | ---- | C] () -- C:\WINDOWS\ifotucig.dll
[2009/05/20 14:09:04 | 00,262,144 | ---- | C] () -- C:\WINDOWS\System32\wlanapp.dll
[2009/05/20 14:09:04 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\JJAKEn.dll
[2009/05/20 14:08:31 | 00,385,024 | ---- | C] () -- C:\WINDOWS\System32\ANIOWPS.dll
[2009/03/28 02:19:35 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\desktop.ini
[2009/03/28 02:19:34 | 01,579,848 | -H-- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\IconCache.db
[2008/06/17 17:41:15 | 00,000,000 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\0000000000t.dat
[2008/06/17 17:37:58 | 00,000,033 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\install.ini
[2007/07/18 21:14:00 | 00,060,857 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\5E41BDC33E9B4A7DADED969491FFC466.rul
[2007/07/18 21:14:00 | 00,013,990 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\5E41BDC33E9B4A7DADED969491FFC466.sta
[2007/01/31 22:33:12 | 00,002,508 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\$_hpcst$.hpc
[2007/01/23 01:26:21 | 00,001,763 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/01/16 00:32:52 | 00,007,168 | -HS- | C] () -- C:\Program Files\Thumbs.db
[2006/09/28 21:02:51 | 00,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2006/01/19 21:13:38 | 00,000,080 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005/12/08 20:45:28 | 00,000,012 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameE.txt
[2005/11/26 23:26:31 | 00,000,028 | ---- | C] () -- C:\WINDOWS\atid.ini
[2005/11/18 03:22:48 | 00,060,072 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2005/10/15 02:48:38 | 00,017,920 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/08/03 15:12:12 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/08/03 14:46:08 | 00,012,964 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2005/08/03 14:46:03 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2005/08/03 14:43:51 | 00,000,172 | ---- | C] () -- C:\WINDOWS\Quicken.ini
[2005/08/03 14:40:33 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/08/03 14:35:33 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/08/03 14:35:32 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/08/03 14:35:32 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/08/03 14:35:32 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/08/03 14:35:32 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/08/03 14:35:32 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/08/03 14:29:53 | 00,000,056 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/08/03 14:25:21 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/03 14:23:07 | 00,065,536 | ---- | C] () -- C:\WINDOWS\sm56spn.dll
[2005/08/03 14:23:07 | 00,065,536 | ---- | C] () -- C:\WINDOWS\sm56itl.dll
[2005/08/03 14:23:07 | 00,065,536 | ---- | C] () -- C:\WINDOWS\sm56ger.dll
[2005/08/03 14:23:07 | 00,065,536 | ---- | C] () -- C:\WINDOWS\sm56fra.dll
[2005/08/03 14:23:07 | 00,065,536 | ---- | C] () -- C:\WINDOWS\sm56eng.dll
[2005/08/03 14:23:07 | 00,065,536 | ---- | C] () -- C:\WINDOWS\sm56brz.dll
[2005/08/03 14:23:07 | 00,049,152 | ---- | C] () -- C:\WINDOWS\sm56jpn.dll
[2005/08/03 14:23:07 | 00,045,056 | ---- | C] () -- C:\WINDOWS\sm56cht.dll
[2005/08/03 14:23:07 | 00,045,056 | ---- | C] () -- C:\WINDOWS\sm56chs.dll
[2005/08/03 14:11:27 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/08/03 14:07:50 | 00,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2005/08/03 14:07:50 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2005/08/03 14:07:28 | 00,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2005/07/07 13:07:24 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/06/24 22:32:00 | 00,000,633 | ---- | C] () -- C:\WINDOWS\win.ini
[2005/06/24 15:26:26 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2005/06/24 15:26:14 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2005/05/09 23:52:32 | 00,022,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2004/08/04 12:00:00 | 00,020,580 | ---- | C] () -- C:\WINDOWS\batmeter16.dll
[2004/06/15 22:38:02 | 00,000,592 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/01/07 22:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2009/10/16 04:59:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data
[2008/12/01 23:38:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2009/09/14 19:56:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/06/16 04:39:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/09/11 15:40:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2005/08/03 14:43:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intuit
[2007/12/04 19:18:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin Games
[2006/09/02 02:02:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2006/04/27 00:28:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2009/08/02 16:23:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2005/10/06 22:03:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pure Networks
[2009/08/03 00:46:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Roxio
[2005/08/03 14:12:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2005/12/11 01:14:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2007/10/15 20:46:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/10/13 21:00:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data
[2005/11/04 01:02:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\.bittorrent
[2005/11/26 23:32:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\acccore
[2007/10/15 20:09:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Aim
[2009/10/12 18:37:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Audacity
[2007/07/18 21:18:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Error Safe
[2005/12/11 01:48:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\funkitron
[2005/10/12 17:54:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\InterVideo
[2005/08/03 14:43:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Intuit
[2005/11/18 11:30:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Leadertech
[2009/10/12 22:45:50 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Move Networks
[2007/10/15 20:37:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\MSNInstaller
[2007/10/15 20:40:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\OpenOffice.org2
[2005/12/09 23:22:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\OurPictures
[2006/06/13 11:44:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Roxio
[2005/08/03 14:45:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SampleView
[2005/10/10 01:04:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Template
[2007/02/06 22:24:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Viewpoint
[2006/04/13 18:48:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\WeatherBug
[2005/10/06 22:03:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\You've Got Pictures Screensaver
[2009/10/12 19:06:03 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2004/08/04 12:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/10/16 17:22:45 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >

< %systemroot%\system32\eventlog.dll >
[2008/04/13 17:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
[16 C:\WINDOWS\system32\*.tmp files]

< %systemroot%\system32\scecli.dll >
[2008/04/13 17:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
[16 C:\WINDOWS\system32\*.tmp files]

< %systemroot%\netlogon.dll >

< %systemroot%\system32\cngaudit.dll >

< %systemroot%\system32\sceclt.dll >

< %systemroot%\ntelogon.dll >

< %systemroot%\system32\logevent.dll >
[2008/04/13 17:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\logevent.dll
[16 C:\WINDOWS\system32\*.tmp files]

< %systemroot%\system32\drivers\iaStor.sys >
[2005/03/09 18:09:18 | 00,870,912 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\iaStor.sys

< %systemroot%\System32\drivers\nvstor.sys >

< %systemroot%\system32\drivers\atapi.sys >
[2008/04/13 11:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atapi.sys
< End of report >

descriptionMalwarebytes, HijackThis, Spybot S&D, AVG no longer working - Page 2 EmptyRe: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum