Multiple Issues

majority of programs do not initiate announcing "the dependency service or group failed to start"

google search links redirect to bogus, looping sites
unprompted uncloseable firefox tabs pop up at random intervals to bogus, looping sites

the host process for windows services stops working

OTL.txt attached

There was no attachment, Can you post it please?

the otl.txt text exceeds the character limit for a post, so i've placed it into two separate posts:

OTL logfile created on: 2/6/2011 4:51:56 PM - Run 3
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\u\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16757)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 382.00 Mb Available Physical Memory | 38.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 105.18 Gb Total Space | 27.45 Gb Free Space | 26.10% Space Free | Partition Type: NTFS
Drive F: | 4.58 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: LH-WC6BP8FI4TVD | User Name: u | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/02/06 16:28:14 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\u\Desktop\OTL.com
PRC - [2011/01/13 03:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/01/13 03:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/12/06 08:31:48 | 001,238,408 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2010/02/20 00:34:02 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/06/03 16:16:42 | 000,207,400 | ---- | M] (ActivIdentity) -- C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
PRC - [2009/06/03 16:16:34 | 000,153,640 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\acevents.exe
PRC - [2009/06/03 16:13:28 | 000,400,936 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
PRC - [2009/06/03 16:13:04 | 000,130,600 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
PRC - [2008/01/29 19:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2007/02/13 18:19:48 | 000,182,392 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2007/02/13 18:19:48 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2007/02/09 13:54:42 | 000,923,768 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
PRC - [2007/02/05 14:22:08 | 000,546,936 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
PRC - [2007/01/23 08:12:50 | 000,122,880 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxext.exe
PRC - [2007/01/22 23:39:32 | 000,321,656 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
PRC - [2007/01/11 20:36:34 | 000,469,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
PRC - [2006/11/28 22:27:46 | 000,274,432 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2006/11/28 22:09:58 | 000,135,168 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2006/11/28 22:09:46 | 000,172,032 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2006/11/13 08:32:52 | 000,118,784 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2006/11/13 08:32:52 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
PRC - [2006/11/13 08:32:49 | 000,042,544 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApMsgFwd.exe
PRC - [2006/11/02 07:34:32 | 001,004,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/02 04:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/02/06 16:28:14 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\u\Desktop\OTL.com
MOD - [2011/01/13 03:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2006/11/02 04:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (LiveUpdate Notice Ex)
SRV - [2011/01/13 03:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/12/06 08:31:48 | 001,238,408 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2009/06/03 16:16:42 | 000,207,400 | ---- | M] (ActivIdentity) [Auto | Running] -- C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe -- (ac.sharedstore)
SRV - [2008/01/29 19:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007/09/12 16:15:50 | 000,087,288 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2007/02/13 18:19:48 | 000,182,392 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2007/01/16 16:05:00 | 002,523,136 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2007/01/16 16:05:00 | 001,089,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-UCLS-UPnP) VAIO Media Content Collection (UPnP)
SRV - [2007/01/16 16:05:00 | 001,089,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP)
SRV - [2007/01/10 18:51:06 | 000,745,472 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe -- (VAIOMediaPlatform-UCLS-AppServer)
SRV - [2007/01/10 13:43:24 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2007/01/08 19:06:40 | 000,397,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-UCLS-HTTP) VAIO Media Content Collection (HTTP)
SRV - [2007/01/08 19:06:40 | 000,397,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP)
SRV - [2007/01/08 19:01:34 | 000,491,520 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2006/12/14 05:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/14 05:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/14 04:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/11/28 22:27:46 | 000,274,432 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2006/11/28 22:09:58 | 000,135,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2006/11/28 22:09:46 | 000,172,032 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2006/11/02 07:34:32 | 000,263,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2005/11/14 04:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - [2011/01/13 03:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/01/13 03:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/01/13 03:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/01/13 03:37:19 | 000,051,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/01/13 03:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/02/03 14:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2010/01/06 23:19:00 | 000,057,856 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SCR3XX2K.sys -- (SCR3XX2K)
DRV - [2008/07/25 19:18:52 | 000,033,792 | ---- | M] (TASCAM) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tscusb2a.sys -- (TASCAM_US144_WDM)
DRV - [2008/07/25 19:18:08 | 000,018,944 | ---- | M] (TASCAM) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tscusb2m.sys -- (TASCAM_US144_MIDI)
DRV - [2008/07/25 19:17:36 | 000,367,616 | ---- | M] (TASCAM) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tascusb2.sys -- (TASCAM_US122144)
DRV - [2007/02/08 19:03:16 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2007/02/08 08:27:24 | 000,807,424 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2007/02/05 08:22:40 | 001,668,456 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/02/01 01:37:18 | 000,027,520 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SonyNC.sys -- (SNC)
DRV - [2007/01/29 08:03:49 | 000,195,072 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007/01/23 09:00:16 | 000,509,440 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/01/23 08:12:41 | 001,478,144 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2007/01/23 08:12:41 | 001,478,144 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2006/11/23 18:20:06 | 000,018,432 | ---- | M] (SIA Syncrosoft) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\synasUSB.sys -- (SynasUSB)
DRV - [2006/11/13 22:07:45 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/11/13 22:07:41 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/11/13 22:07:38 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/11/13 22:07:38 | 000,206,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006/11/13 08:32:52 | 000,140,800 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 04:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 04:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 04:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 04:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 03:51:27 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbccid.sys -- (USBCCID)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 02:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/10/18 14:56:30 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2006/10/18 13:43:18 | 000,124,256 | R--- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/firefox"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7
FF - prefs.js..extensions.enabledItems: {FEB303A3-2023-4EE5-A917-C59C15E23047}:1.9.1
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/20 00:34:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/24 16:25:37 | 000,000,000 | ---D | M]

[2009/08/06 03:47:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\u\AppData\Roaming\mozilla\Extensions
[2011/02/05 23:54:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\u\AppData\Roaming\mozilla\Firefox\Profiles\8mmbyxhp.default\extensions
[2010/01/22 12:02:55 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\u\AppData\Roaming\mozilla\Firefox\Profiles\8mmbyxhp.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2008/05/10 01:00:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/08/06 03:47:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
[2010/12/03 03:47:01 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\U\APPDATA\LOCAL\{FEB303A3-2023-4EE5-A917-C59C15E23047}
[2003/03/18 20:20:00 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\mfc71.dll
[2003/02/21 03:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\msvcr71.dll
[2008/04/16 18:09:28 | 000,249,856 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npff_gdm.dll
[2010/02/01 15:47:38 | 000,155,648 | ---- | M] (IBM Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npmfv.dll

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (PE_IE_Helper Class) - {0941C58F-E461-4E03-BD7D-44C27392ADE1} - C:\Program Files\IBM\Lotus Forms\Viewer\3.5\PEhelper.dll (IBM Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [accrdsub] C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4 - HKLM..\Run: [acevents] C:\Program Files\ActivIdentity\ActivClient\acevents.exe (ActivIdentity)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.59.247.45 208.59.247.46
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\My Docs\Cars\190e 16v\P1000108 640.jpg
O24 - Desktop BackupWallPaper: C:\My Docs\Cars\190e 16v\P1000108 640.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/08/12 14:39:07 | 000,000,062 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{7ed5ea93-0a62-11dd-9273-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7ed5ea93-0a62-11dd-9273-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Launcher.exe -- [2009/10/06 07:43:37 | 000,558,376 | R--- | M] (Travellers Tales (UK) Ltd)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk - - File not found
MsConfig - StartUpFolder: C:^Users^u^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GameSpot Download Manager.lnk - - File not found
MsConfig - StartUpReg: ccApp - hkey= - key= - File not found
MsConfig - StartUpReg: QuickBooks Simple Start - hkey= - key= - C:\Program Files\Intuit\SimpleStartEntice\entice.exe ()
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Java\jre1.6.0\bin\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: Symantec PIF AlertEng - hkey= - key= - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
MsConfig - StartUpReg: VAIOSecurity - hkey= - key= - C:\Program Files\Sony\VAIO Security Center\VSC.exe ()
MsConfig - StartUpReg: VAIOSurvey - hkey= - key= - C:\Program Files\Sony\VAIO Survey\Vista VAIO Survey.exe ()
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: IsDrv122.sys - Reg Error: Value error.
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9212D8B4-C3CF-43E1-A1FF-8EEA311633DC} - Reg Error: Value error.
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {AAC3F1F0-5649-4670-A698-F1523729F015} - Microsoft .NET Framework 1.1 Hotfix (KB929729)
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

Drivers32: msacm.divxa32 - C:\Windows\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.dvsd - C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 30 Days ==========

[2011/02/06 16:27:58 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\u\Desktop\OTL.com
[2011/02/03 00:25:07 | 000,000,000 | ---D | C] -- C:\Users\u\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubi Soft
[2011/02/03 00:23:04 | 000,000,000 | ---D | C] -- C:\Users\u\Documents\Chessmaster 9000
[2011/02/03 00:17:46 | 000,000,000 | ---D | C] -- C:\Program Files\Ubi Soft
[2011/02/03 00:04:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/02/03 00:04:56 | 000,017,744 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/02/03 00:04:55 | 000,294,608 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/02/03 00:04:50 | 000,023,632 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/02/03 00:04:49 | 000,047,440 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/02/03 00:04:47 | 000,051,280 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/02/03 00:04:35 | 000,188,216 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/02/03 00:04:35 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/02/03 00:04:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2011/02/03 00:04:12 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2011/01/31 01:35:42 | 000,000,000 | ---D | C] -- C:\Users\u\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tool
[2011/01/31 01:25:29 | 000,000,000 | ---D | C] -- C:\ProgramData\hMdGiFp06511
[2011/01/29 15:57:07 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\System32\hamachi.sys
[2011/01/29 15:56:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011/01/29 15:56:28 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2011/01/24 16:19:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/01/24 16:19:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/01/24 16:19:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/01/24 16:18:58 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/01/24 16:18:58 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/01/15 22:11:45 | 000,000,000 | ---D | C] -- C:\Users\u\Desktop\3danalyzer
[2011/01/15 22:07:11 | 000,000,000 | ---D | C] -- C:\Users\u\AppData\Local\LucasArts
[2011/01/15 19:35:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LucasArts
[2011/01/08 10:39:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ActivIdentity
[2011/01/08 10:39:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ActivIdentity
[2011/01/08 10:39:18 | 000,000,000 | ---D | C] -- C:\Program Files\ActivIdentity
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/02/06 16:42:45 | 000,003,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/02/06 16:42:45 | 000,003,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/02/06 16:42:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/02/06 16:28:14 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\u\Desktop\OTL.com
[2011/02/05 11:52:16 | 000,049,209 | ---- | M] () -- C:\Users\u\Desktop\168939_1771613003568_1036530267_32019190_5377395_n.jpg
[2011/02/04 21:25:06 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011/02/04 21:24:30 | 133,692,073 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/02/03 00:04:57 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/02/03 00:04:47 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/01/27 10:06:26 | 000,107,008 | ---- | M] () -- C:\Users\u\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/21 19:47:20 | 000,673,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/01/21 19:47:20 | 000,125,296 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/01/20 12:02:20 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\aqoreyesubasebiw.dll
[2011/01/20 10:00:18 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ofanigowelijo.dll
[2011/01/20 07:58:21 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ukasulor.dll
[2011/01/20 05:56:17 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ibatariv.dll
[2011/01/20 03:54:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\oqudapeq.dll
[2011/01/20 01:52:22 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ikidomipu.dll
[2011/01/19 23:50:20 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ekotudok.dll
[2011/01/19 21:48:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\oyonaniyanuna.dll
[2011/01/19 19:46:19 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\acewatonudowu.dll
[2011/01/19 17:44:18 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\akupubopitucigen.dll
[2011/01/19 15:42:19 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ajuxupetozu.dll
[2011/01/19 13:40:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ekupopegogaj.dll
[2011/01/19 11:38:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\atawiqinoq.dll
[2011/01/19 09:36:18 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\aberajoz.dll
[2011/01/19 07:34:18 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\avajokilo.dll
[2011/01/19 05:32:18 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\amehalaf.dll
[2011/01/19 03:30:21 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ebifaduf.dll
[2011/01/19 01:28:13 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\opeyiger.dll
[2011/01/18 23:26:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ozosujox.dll
[2011/01/18 21:24:23 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\oxokogikewejo.dll
[2011/01/18 19:22:18 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\utonaviq.dll
[2011/01/18 17:20:13 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ugekicuh.dll
[2011/01/18 15:19:15 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\etezaxeq.dll
[2011/01/18 13:16:15 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\atozehobiqobac.dll
[2011/01/18 11:14:22 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\awixovabuyud.dll
[2011/01/18 09:12:21 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\iqemavabow.dll
[2011/01/18 07:11:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\uxoboboge.dll
[2011/01/18 05:08:19 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\itimesawe.dll
[2011/01/18 03:06:21 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ayiwecigitul.dll
[2011/01/18 01:04:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\abafiqemaqa.dll
[2011/01/17 23:02:23 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ozivomad.dll
[2011/01/17 21:00:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ozuyelukigatek.dll
[2011/01/17 18:58:17 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ofipozadutodi.dll
[2011/01/17 16:56:21 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\inequwejulati.dll
[2011/01/17 14:55:19 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\uqekizic.dll
[2011/01/17 12:52:18 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\icenuzehob.dll
[2011/01/17 10:50:19 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\egumamumuse.dll
[2011/01/17 08:48:20 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ohusodam.dll
[2011/01/17 06:46:17 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\esamuqob.dll
[2011/01/17 04:45:17 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\evetogumamu.dll
[2011/01/17 02:42:18 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\itemazizufe.dll
[2011/01/17 00:40:14 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\urirowigesi.dll
[2011/01/16 22:38:14 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\isocarezatecu.dll
[2011/01/16 20:37:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\edobayavejog.dll
[2011/01/16 18:34:18 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ijikefuperulaz.dll
[2011/01/16 16:32:18 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ekemapiqiyonox.dll
[2011/01/16 14:30:17 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\usoreqijolozik.dll
[2011/01/16 12:28:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ekafuyip.dll
[2011/01/16 10:26:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\awuneniqedukicu.dll
[2011/01/16 08:24:21 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\idipesiq.dll
[2011/01/16 06:23:17 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\etituxunaka.dll
[2011/01/16 04:20:14 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ivakogibuxidet.dll
[2011/01/16 02:18:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ubeyabeg.dll
[2011/01/16 00:16:14 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\iyurihesogol.dll
[2011/01/15 22:14:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\upehubimudutibo.dll
[2011/01/15 20:12:33 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\agizuferosu.dll
[2011/01/15 18:10:15 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\izaruvupo.dll
[2011/01/15 16:09:14 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\eluruxec.dll
[2011/01/15 14:07:13 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\izunepub.dll
[2011/01/15 12:05:25 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ecapaguheyekiten.dll
[2011/01/15 10:03:14 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ukeyihitamaga.dll
[2011/01/15 08:01:10 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\uraxonugidel.dll
[2011/01/15 05:59:12 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ahoyuqiy.dll
[2011/01/15 03:57:12 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ureyozewahatewis.dll
[2011/01/15 01:55:12 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\anagowize.dll
[2011/01/14 23:53:13 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\onihilofejinur.dll
[2011/01/14 21:51:14 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\oyajezoweqoh.dll
[2011/01/14 19:49:17 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\exavasaxogapoga.dll
[2011/01/14 17:47:15 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ufumirux.dll
[2011/01/14 15:45:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\agajukij.dll
[2011/01/14 13:43:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\uyocogiceyiqamab.dll
[2011/01/14 11:41:13 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\asefixipugofo.dll
[2011/01/14 05:58:36 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ihezoxufapifov.dll
[2011/01/14 03:56:39 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ipiyaciko.dll
[2011/01/14 01:54:37 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\avekomejesuxi.dll
[2011/01/13 23:52:37 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\evidicuvuh.dll
[2011/01/13 21:50:38 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ixokehadehip.dll
[2011/01/13 19:48:35 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\alutebic.dll
[2011/01/13 17:46:36 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\uqisaneyulexaheq.dll
[2011/01/13 15:44:35 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\eyacizepuficu.dll
[2011/01/13 13:42:36 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ijoguqut.dll
[2011/01/13 11:40:39 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ovixuzay.dll
[2011/01/13 09:38:53 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\igebeguy.dll
[2011/01/13 07:36:35 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\irujoxumugeyajo.dll
[2011/01/13 05:34:34 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ehequqis.dll
[2011/01/13 03:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/01/13 03:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/01/13 03:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/01/13 03:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/01/13 03:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/01/13 03:37:19 | 000,051,280 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/01/13 03:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/01/13 03:32:33 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\aleficawajurija.dll
[2011/01/13 01:30:42 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\acemememememe.dll
[2011/01/12 23:28:32 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\epamuguxav.dll
[2011/01/12 19:24:40 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\oresumid.dll
[2011/01/12 17:22:55 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\isizabocuka.dll
[2011/01/12 15:20:34 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ogajuxapivehadaj.dll
[2011/01/12 13:18:34 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ereqilaq.dll
[2011/01/12 11:16:40 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ayetobabuyu.dll
[2011/01/12 09:14:33 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ayitapimoxihu.dll
[2011/01/12 07:12:32 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\uroxevoyoh.dll
[2011/01/12 05:10:32 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\omamujum.dll
[2011/01/12 03:08:32 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\aqijojulowuni.dll
[2011/01/12 01:06:32 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\uruvolov.dll
[2011/01/11 23:04:40 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ifonulur.dll
[2011/01/11 21:02:35 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ikopogaxeyuvasa.dll
[2011/01/11 19:00:32 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\exexeyaki.dll
[2011/01/11 16:58:34 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\egugonajeroyo.dll
[2011/01/11 14:56:32 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ecajaqapejucoho.dll
[2011/01/11 12:54:40 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\uhewibiqorefube.dll
[2011/01/11 10:52:31 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\iviwojiy.dll
[2011/01/11 08:50:36 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\upifehocozisij.dll
[2011/01/11 06:48:29 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\amojacoyu.dll
[2011/01/11 04:46:30 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\uwodohugilidupa.dll
[2011/01/11 02:44:33 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\omimatumoyes.dll
[2011/01/11 00:42:31 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ixirinazobes.dll
[2011/01/10 22:40:32 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\uzefabizagovagif.dll
[2011/01/10 18:36:41 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\arudiwox.dll
[2011/01/10 16:34:34 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\uyidevipejidedu.dll
[2011/01/10 14:32:32 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ucugepukog.dll
[2011/01/10 12:30:33 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\adizanijudulige.dll
[2011/01/09 20:19:08 | 000,000,764 | ---- | M] () -- C:\Users\u\AppData\Local\eregilidu.dll
[2011/01/09 10:17:32 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\opegesif.dll
[2011/01/09 08:15:32 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ajexevuqa.dll
[2011/01/09 06:13:32 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\efixogapogaxeyu.dll
[2011/01/09 04:11:31 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ejiwamikux.dll
[2011/01/09 02:09:31 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\odeyumihoyopog.dll
[2011/01/09 00:07:33 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\oriniyan.dll
[2011/01/08 22:05:41 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ubiqayoqanejobec.dll
[2011/01/08 20:38:19 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\eqalusef.dll
[2011/01/08 10:39:26 | 000,002,051 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ActivClient Agent.lnk
[2011/01/08 06:16:22 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\elocetuw.dll
[2011/01/08 04:14:21 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\unalewizut.dll
[2011/01/08 02:12:21 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\isadukeq.dll
[2011/01/08 00:10:23 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\efedilak.dll
[2011/01/07 22:08:19 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\inomamajuxuges.dll
[2011/01/07 20:06:19 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\opofojocetu.dll
[2011/01/07 18:04:19 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ebujuxapivehadaj.dll
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/02/05 11:52:10 | 000,049,209 | ---- | C] () -- C:\Users\u\Desktop\168939_1771613003568_1036530267_32019190_5377395_n.jpg
[2011/02/03 00:04:57 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/02/03 00:03:41 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011/01/27 20:27:46 | 133,692,073 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/01/20 12:02:20 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\aqoreyesubasebiw.dll
[2011/01/20 10:00:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ofanigowelijo.dll
[2011/01/20 07:58:21 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ukasulor.dll
[2011/01/20 05:56:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ibatariv.dll
[2011/01/20 03:54:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\oqudapeq.dll
[2011/01/20 01:52:22 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ikidomipu.dll
[2011/01/19 23:50:20 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ekotudok.dll
[2011/01/19 21:48:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\oyonaniyanuna.dll
[2011/01/19 19:46:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\acewatonudowu.dll
[2011/01/19 17:44:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\akupubopitucigen.dll
[2011/01/19 15:42:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ajuxupetozu.dll
[2011/01/19 13:40:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ekupopegogaj.dll
[2011/01/19 11:38:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\atawiqinoq.dll
[2011/01/19 09:36:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\aberajoz.dll
[2011/01/19 07:34:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\avajokilo.dll
[2011/01/19 05:32:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\amehalaf.dll
[2011/01/19 03:30:21 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ebifaduf.dll
[2011/01/19 01:28:13 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\opeyiger.dll
[2011/01/18 23:26:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ozosujox.dll
[2011/01/18 21:24:23 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\oxokogikewejo.dll
[2011/01/18 19:22:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\utonaviq.dll
[2011/01/18 17:20:13 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ugekicuh.dll
[2011/01/18 15:19:15 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\etezaxeq.dll
[2011/01/18 13:16:15 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\atozehobiqobac.dll
[2011/01/18 11:14:22 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\awixovabuyud.dll
[2011/01/18 09:12:21 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\iqemavabow.dll
[2011/01/18 07:11:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uxoboboge.dll
[2011/01/18 05:08:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\itimesawe.dll
[2011/01/18 03:06:21 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ayiwecigitul.dll
[2011/01/18 01:04:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\abafiqemaqa.dll
[2011/01/17 23:02:22 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ozivomad.dll
[2011/01/17 21:00:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ozuyelukigatek.dll
[2011/01/17 18:58:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ofipozadutodi.dll
[2011/01/17 16:56:21 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\inequwejulati.dll
[2011/01/17 14:55:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uqekizic.dll
[2011/01/17 12:52:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\icenuzehob.dll
[2011/01/17 10:50:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\egumamumuse.dll
[2011/01/17 08:48:20 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ohusodam.dll
[2011/01/17 06:46:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\esamuqob.dll
[2011/01/17 04:45:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\evetogumamu.dll
[2011/01/17 02:42:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\itemazizufe.dll
[2011/01/17 00:40:14 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\urirowigesi.dll
[2011/01/16 22:38:14 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\isocarezatecu.dll
[2011/01/16 20:37:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\edobayavejog.dll
[2011/01/16 18:34:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ijikefuperulaz.dll
[2011/01/16 16:32:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ekemapiqiyonox.dll
[2011/01/16 14:30:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\usoreqijolozik.dll
[2011/01/16 12:28:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ekafuyip.dll
[2011/01/16 10:26:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\awuneniqedukicu.dll
[2011/01/16 08:24:21 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\idipesiq.dll
[2011/01/16 06:23:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\etituxunaka.dll
[2011/01/16 04:20:14 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ivakogibuxidet.dll
[2011/01/16 02:18:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ubeyabeg.dll
[2011/01/16 00:16:14 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\iyurihesogol.dll
[2011/01/15 22:14:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\upehubimudutibo.dll
[2011/01/15 20:12:33 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\agizuferosu.dll
[2011/01/15 18:10:15 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\izaruvupo.dll
[2011/01/15 16:09:14 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\eluruxec.dll
[2011/01/15 14:07:13 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\izunepub.dll
[2011/01/15 12:05:25 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ecapaguheyekiten.dll
[2011/01/15 10:03:14 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ukeyihitamaga.dll
[2011/01/15 08:01:10 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uraxonugidel.dll
[2011/01/15 05:59:12 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ahoyuqiy.dll
[2011/01/15 03:57:12 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ureyozewahatewis.dll
[2011/01/15 01:55:12 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\anagowize.dll
[2011/01/14 23:53:13 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\onihilofejinur.dll
[2011/01/14 21:51:14 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\oyajezoweqoh.dll
[2011/01/14 19:49:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\exavasaxogapoga.dll
[2011/01/14 17:47:15 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ufumirux.dll
[2011/01/14 15:45:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\agajukij.dll
[2011/01/14 13:43:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uyocogiceyiqamab.dll
[2011/01/14 11:41:13 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\asefixipugofo.dll
[2011/01/14 05:58:36 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ihezoxufapifov.dll
[2011/01/14 03:56:39 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ipiyaciko.dll
[2011/01/14 01:54:37 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\avekomejesuxi.dll
[2011/01/13 23:52:37 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\evidicuvuh.dll
[2011/01/13 21:50:38 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ixokehadehip.dll
[2011/01/13 19:48:35 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\alutebic.dll
[2011/01/13 17:46:36 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uqisaneyulexaheq.dll
[2011/01/13 15:44:35 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\eyacizepuficu.dll
[2011/01/13 13:42:36 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ijoguqut.dll
[2011/01/13 11:40:39 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ovixuzay.dll
[2011/01/13 09:38:53 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\igebeguy.dll
[2011/01/13 07:36:35 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\irujoxumugeyajo.dll
[2011/01/13 05:34:34 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ehequqis.dll
[2011/01/13 03:32:33 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\aleficawajurija.dll
[2011/01/13 01:30:42 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\acemememememe.dll
[2011/01/12 23:28:32 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\epamuguxav.dll
[2011/01/12 19:24:40 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\oresumid.dll
[2011/01/12 17:22:55 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\isizabocuka.dll
[2011/01/12 15:20:34 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ogajuxapivehadaj.dll
[2011/01/12 13:18:34 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ereqilaq.dll
[2011/01/12 11:16:40 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ayetobabuyu.dll
[2011/01/12 09:14:33 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ayitapimoxihu.dll
[2011/01/12 07:12:32 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uroxevoyoh.dll
[2011/01/12 05:10:32 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\omamujum.dll
[2011/01/12 03:08:32 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\aqijojulowuni.dll
[2011/01/12 01:06:32 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uruvolov.dll
[2011/01/11 23:04:40 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ifonulur.dll
[2011/01/11 21:02:35 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ikopogaxeyuvasa.dll
[2011/01/11 19:00:32 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\exexeyaki.dll
[2011/01/11 16:58:34 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\egugonajeroyo.dll
[2011/01/11 14:56:32 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ecajaqapejucoho.dll
[2011/01/11 12:54:40 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uhewibiqorefube.dll
[2011/01/11 10:52:31 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\iviwojiy.dll
[2011/01/11 08:50:36 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\upifehocozisij.dll
[2011/01/11 06:48:29 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\amojacoyu.dll
[2011/01/11 04:46:30 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uwodohugilidupa.dll
[2011/01/11 02:44:33 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\omimatumoyes.dll
[2011/01/11 00:42:31 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ixirinazobes.dll
[2011/01/10 22:40:32 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uzefabizagovagif.dll
[2011/01/10 18:36:41 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\arudiwox.dll
[2011/01/10 16:34:34 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uyidevipejidedu.dll
[2011/01/10 14:32:32 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ucugepukog.dll
[2011/01/10 12:30:33 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\adizanijudulige.dll
[2011/01/09 20:19:08 | 000,000,764 | ---- | C] () -- C:\Users\u\AppData\Local\eregilidu.dll
[2011/01/09 10:17:32 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\opegesif.dll
[2011/01/09 08:15:32 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ajexevuqa.dll
[2011/01/09 06:13:32 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\efixogapogaxeyu.dll
[2011/01/09 04:11:31 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ejiwamikux.dll
[2011/01/09 02:09:31 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\odeyumihoyopog.dll
[2011/01/09 00:07:33 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\oriniyan.dll
[2011/01/08 22:05:41 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ubiqayoqanejobec.dll
[2011/01/08 20:38:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\eqalusef.dll
[2011/01/08 10:39:26 | 000,002,051 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ActivClient Agent.lnk
[2011/01/08 06:16:22 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\elocetuw.dll
[2011/01/08 04:14:21 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\unalewizut.dll
[2011/01/08 02:12:21 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\isadukeq.dll
[2011/01/08 00:10:23 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\efedilak.dll
[2011/01/07 22:08:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\inomamajuxuges.dll
[2011/01/07 20:06:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\opofojocetu.dll
[2011/01/07 18:04:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ebujuxapivehadaj.dll
[2011/01/07 16:02:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\etepazuc.dll
[2011/01/07 14:00:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ekofawina.dll
[2011/01/07 11:58:23 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\exadosay.dll
[2011/01/07 09:56:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\asaqibiy.dll
[2011/01/07 07:54:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ajaxanim.dll
[2011/01/07 05:52:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\avoceweweciq.dll
[2011/01/07 03:50:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\aqahexof.dll
[2011/01/07 01:48:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ilisafuzawosa.dll
[2011/01/06 23:46:23 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\equbecerisubaca.dll
[2011/01/06 21:44:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\eyuvayadep.dll
[2011/01/06 19:42:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ujidoruvozer.dll
[2011/01/06 17:40:20 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\unuviyifanivago.dll
[2011/01/06 15:38:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\axuqulicaken.dll
[2011/01/06 13:36:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ujohovehulatole.dll
[2011/01/06 11:34:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\izocuqepico.dll
[2011/01/06 09:32:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\epoyuwamoxobuzog.dll
[2011/01/06 07:30:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\azadiyubaderoteg.dll
[2011/01/06 05:28:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\emeqixat.dll
[2011/01/06 03:26:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\elalezelag.dll
[2011/01/06 01:24:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ijijehul.dll
[2011/01/05 23:22:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ikezomufaveleri.dll
[2011/01/05 21:20:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\avahofus.dll
[2011/01/05 19:18:24 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uqazegix.dll
[2011/01/05 17:16:20 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\efogiravu.dll
[2011/01/05 15:14:21 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\evexuqux.dll
[2011/01/05 13:12:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ocicehenu.dll
[2011/01/05 11:10:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ogafiseq.dll
[2011/01/05 07:04:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uyogayuxoxotumud.dll
[2011/01/05 05:02:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uyamiroluqo.dll
[2011/01/05 03:00:38 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ayumiyaparohi.dll
[2011/01/05 00:58:14 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ohipamotetac.dll
[2011/01/04 22:57:20 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ijazetijoki.dll
[2011/01/04 06:10:42 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ahukenak.dll
[2011/01/04 04:08:44 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\iyokenakoh.dll
[2011/01/04 02:06:43 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\iwufoyeje.dll
[2011/01/03 22:49:51 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uvunezonusoh.dll
[2011/01/03 20:47:50 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\afavalan.dll
[2011/01/03 18:45:51 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\eziquxoj.dll
[2011/01/03 16:43:50 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\axetehihe.dll
[2011/01/03 14:41:44 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\oxudulig.dll
[2011/01/03 12:39:44 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\omidokaw.dll
[2011/01/03 10:37:42 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\enemikagoxu.dll
[2011/01/03 08:35:43 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ofujilil.dll
[2011/01/03 06:33:43 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\oqitezez.dll
[2011/01/03 04:31:47 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\exiwiwifafawi.dll
[2011/01/03 02:29:44 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\odoxazexowalifip.dll
[2011/01/03 00:27:46 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\odikecikotadoq.dll
[2011/01/02 22:25:46 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uloxadap.dll
[2011/01/02 20:23:46 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\oyuvifukif.dll
[2011/01/02 18:21:47 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\unerisohah.dll
[2011/01/02 16:19:46 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uzowerec.dll
[2011/01/02 14:17:45 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\upacamotigihag.dll
[2011/01/02 12:15:47 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ufijegig.dll
[2011/01/02 10:13:48 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\iwupukog.dll
[2011/01/02 08:11:47 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uneqevemite.dll
[2011/01/02 06:09:47 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ewifuyiwog.dll
[2011/01/02 04:07:48 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ejafefel.dll
[2011/01/02 02:05:49 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\oduwetur.dll
[2011/01/01 04:00:00 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ecepuxekuvay.dll
[2011/01/01 00:04:49 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ocidanes.dll
[2010/12/31 22:02:47 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\izaxoxotumudivos.dll
[2010/12/31 20:00:48 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ajufebosuyeganow.dll
[2010/12/31 13:59:00 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\icaneyafis.dll
[2010/12/31 03:57:41 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\anuvinuyozewahat.dll
[2010/12/31 01:55:41 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\amanorap.dll
[2010/12/30 23:53:42 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\aqogaxeyuvasa.dll
[2010/12/30 21:51:41 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\akawizuteroyow.dll
[2010/12/30 18:18:42 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\alaquqof.dll
[2010/12/30 14:05:44 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\edijesazukuyase.dll
[2010/12/30 12:03:43 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ewiwazulaxufosi.dll
[2010/12/30 10:01:42 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\odibiqorefu.dll
[2010/12/30 07:59:41 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\apejigok.dll
[2010/12/30 05:57:40 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ogilifipulukelik.dll
[2010/12/30 03:55:48 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\equlizegosuli.dll
[2010/12/29 22:36:43 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\alowefok.dll
[2010/12/29 20:34:43 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ebiquvetidacir.dll
[2010/12/29 18:32:44 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ucojagiqet.dll
[2010/12/29 12:19:21 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ewitomivokitu.dll
[2010/12/29 02:18:58 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ejuvezuy.dll
[2010/12/29 00:16:58 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\owivihegozavohi.dll
[2010/12/28 22:14:57 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uvejogumaj.dll
[2010/12/28 20:12:56 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\exirasewi.dll
[2010/12/28 18:10:56 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\aqeqahivaf.dll
[2010/12/28 16:08:55 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\edozapowi.dll
[2010/12/28 14:06:56 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uzebudaxubigaxel.dll
[2010/12/27 19:11:45 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\acixutap.dll
[2010/12/27 17:09:45 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\akifuxujabo.dll
[2010/12/27 15:07:46 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\udokuyep.dll
[2010/12/27 02:55:11 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\iqegotobuh.dll
[2010/12/27 00:53:11 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\isimomig.dll
[2010/12/26 22:51:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\okamewiga.dll
[2010/12/24 10:18:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\owemoqixatesuxid.dll
[2010/12/24 08:16:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uyecicojiceci.dll
[2010/12/24 06:14:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\enotiwoji.dll
[2010/12/24 04:12:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ujunatana.dll
[2010/12/24 02:10:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\onoyopog.dll
[2010/12/24 00:08:21 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ezaxefenoyivoq.dll
[2010/12/23 22:06:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\asuvepas.dll
[2010/12/23 20:04:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ufobekeyoj.dll
[2010/12/23 18:02:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ofozakax.dll
[2010/12/23 16:00:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\isezogerutew.dll
[2010/12/23 13:58:15 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\usacudeze.dll
[2010/12/23 11:56:15 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\asisarevegubelix.dll
[2010/12/23 03:22:43 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uqocelot.dll
[2010/12/23 01:20:42 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\upajedab.dll
[2010/12/22 23:18:42 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uyipofuyipidu.dll
[2010/12/22 21:16:41 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ecabadisuvu.dll
[2010/12/22 13:32:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\orazewujonafaz.dll
[2010/12/22 11:30:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\iqehusucamunum.dll
[2010/12/22 09:28:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\udiyiviyifani.dll
[2010/12/22 07:22:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ufugulus.dll
[2010/12/22 05:20:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\alejucow.dll
[2010/12/22 03:18:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ixicarezatecu.dll
[2010/12/22 01:16:20 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ozewamoxobuzog.dll
[2010/12/21 14:33:41 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\isapugof.dll
[2010/12/21 06:50:12 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\elakuqis.dll
[2010/12/21 04:48:12 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\aqihamiroluqoti.dll
[2010/12/21 02:46:12 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\eleforaw.dll
[2010/12/18 22:18:52 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ayupugeb.dll
[2010/12/18 20:16:52 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ahoyufomorabulez.dll
[2010/12/18 03:26:41 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\unokowuc.dll
[2010/11/29 01:48:05 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\Ozimacokuvomuyi.bin
[2010/11/29 01:48:04 | 000,000,120 | ---- | C] () -- C:\Users\u\AppData\Local\Qmoxuyevi.dat
[2010/09/07 16:23:10 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/08/30 19:57:35 | 000,045,541 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2010/03/10 22:54:45 | 000,000,680 | ---- | C] () -- C:\Users\u\AppData\Local\d3d9caps.dat
[2010/02/22 14:32:58 | 000,107,008 | ---- | C] () -- C:\Users\u\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/15 00:13:12 | 000,026,340 | ---- | C] () -- C:\Users\u\AppData\Roaming\UserTile.png
[2010/01/06 21:57:08 | 000,002,892 | ---- | C] () -- C:\Windows\System32\audcon.sys
[2010/01/01 15:36:43 | 000,211,893 | ---- | C] () -- C:\Windows\System32\drivers\IsDrv122.sys
[2009/10/13 14:52:06 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/04/02 00:45:29 | 000,139,152 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009/02/18 09:34:30 | 000,003,102 | ---- | C] () -- C:\Windows\Gs.ini
[2009/02/10 19:39:12 | 000,000,480 | ---- | C] () -- C:\Windows\wininit.ini
[2008/07/24 18:45:21 | 000,000,303 | ---- | C] () -- C:\Windows\MIREPAIR.INI
[2008/07/24 18:45:21 | 000,000,058 | ---- | C] () -- C:\Windows\MITCHELL.INI
[2008/07/24 18:45:08 | 000,001,980 | ---- | C] () -- C:\Windows\ODWIN.INI
[2008/07/24 18:45:08 | 000,000,754 | ---- | C] () -- C:\Windows\BTI.INI
[2008/04/14 16:52:26 | 000,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll
[2008/04/14 16:47:52 | 000,532,480 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Sony.dll
[2008/04/14 16:37:48 | 001,132,112 | ---- | C] () -- C:\ProgramData\pswi_preloaded.exe
[2008/02/24 11:56:18 | 000,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll
[2008/02/24 11:56:18 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2008/02/24 11:56:18 | 000,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll
[2008/02/24 11:56:17 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1151.dll
[2007/02/24 13:59:14 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[1999/01/22 13:46:56 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL

========== Custom Scans ==========


< %systemroot%\Fonts\*.com >
[2006/11/02 07:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 07:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 07:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 07:37:12 | 000,030,808 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/18 16:37:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2006/11/05 23:00:00 | 000,027,136 | ---- | M] (CANON INC.) -- C:\Windows\System32\spool\prtprocs\w32x86\CNMPD8O.DLL
[2006/11/05 23:00:00 | 000,069,632 | ---- | M] (CANON INC.) -- C:\Windows\System32\spool\prtprocs\w32x86\CNMPP8O.DLL
[2007/02/02 10:26:36 | 000,273,920 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\hpzpp4v2.dll
[2006/11/02 07:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 21:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2011/01/13 03:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2008/11/17 01:13:31 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %APPDATA%\Update\*.* >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2009/09/23 22:15:38 | 000,000,341 | -HS- | M] () -- C:\Users\u\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2008/06/26 00:26:18 | 020,798,256 | ---- | M] (Netopsystems AG ) -- C:\Users\u\Desktop\AdbeRdr70_enu_full.exe
[2011/02/06 17:01:08 | 000,318,897 | ---- | M] (Mindscape) -- C:\Users\u\Desktop\chessmaster_9k_v1.01.exe
[2010/10/06 15:11:58 | 022,989,975 | ---- | M] () -- C:\Users\u\Desktop\LotusForms351.EXE
[2008/12/01 17:55:54 | 010,097,616 | ---- | M] (PureEdge Solutions Inc.) -- C:\Users\u\Desktop\PEViewer650DODJ12 (Custom IFX-v3)(14Feb06).exe
[2008/10/03 00:17:12 | 001,234,120 | ---- | M] () -- C:\Users\u\Desktop\wrar380.exe
[2008/10/28 02:07:02 | 002,578,058 | ---- | M] () -- C:\Users\u\Desktop\zenresizer.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2010/02/20 00:34:01 | 000,120,280 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2010/02/20 00:34:02 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2010/02/20 00:34:09 | 000,244,696 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2008/04/14 14:33:49 | 000,000,402 | -HS- | M] () -- C:\Users\u\Favorites\desktop.ini
[2007/02/24 13:39:52 | 000,001,352 | ---- | M] () -- C:\Users\u\Favorites\Get Office Live now.lnk

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2010/08/30 20:35:01 | 000,045,541 | ---- | M] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2008/04/14 16:38:55 | 001,132,112 | ---- | M] () -- C:\ProgramData\pswi_preloaded.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2006/11/02 04:47:18 | 000,228,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2006/11/02 04:46:13 | 000,221,184 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006/11/02 05:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 05:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 05:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 05:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 05:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.sys >
[2006/11/02 02:09:42 | 000,009,029 | ---- | M] () -- C:\Windows\System32\ANSI.SYS
[2010/01/06 21:57:08 | 000,002,892 | ---- | M] () -- C:\Windows\System32\audcon.sys
[2008/11/16 19:35:17 | 000,224,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys
[2006/11/02 02:09:45 | 000,027,097 | ---- | M] () -- C:\Windows\System32\country.sys
[2009/03/18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) -- C:\Windows\System32\hamachi.sys
[2006/11/02 02:09:41 | 000,004,768 | ---- | M] () -- C:\Windows\System32\HIMEM.SYS
[2006/11/02 02:09:44 | 000,042,809 | ---- | M] () -- C:\Windows\System32\KEY01.SYS
[2006/11/02 02:09:44 | 000,042,537 | ---- | M] () -- C:\Windows\System32\KEYBOARD.SYS
[2006/11/02 02:09:29 | 000,027,866 | ---- | M] () -- C:\Windows\System32\NTDOS.SYS
[2006/11/02 02:09:35 | 000,029,146 | ---- | M] () -- C:\Windows\System32\NTDOS404.SYS
[2006/11/02 02:09:38 | 000,029,370 | ---- | M] () -- C:\Windows\System32\NTDOS411.SYS
[2006/11/02 02:09:40 | 000,029,274 | ---- | M] () -- C:\Windows\System32\NTDOS412.SYS
[2006/11/02 02:09:31 | 000,029,146 | ---- | M] () -- C:\Windows\System32\NTDOS804.SYS
[2006/11/02 02:09:20 | 000,033,952 | ---- | M] () -- C:\Windows\System32\NTIO.SYS
[2006/11/02 02:09:23 | 000,034,672 | ---- | M] () -- C:\Windows\System32\NTIO404.SYS
[2006/11/02 02:09:24 | 000,035,776 | ---- | M] () -- C:\Windows\System32\NTIO411.SYS
[2006/11/02 02:09:26 | 000,035,536 | ---- | M] () -- C:\Windows\System32\NTIO412.SYS
[2006/11/02 02:09:22 | 000,034,672 | ---- | M] () -- C:\Windows\System32\NTIO804.SYS
[2008/11/16 19:50:10 | 002,027,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

< %systemroot%\system32\drivers\*.dll >

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >
[2006/11/13 22:07:45 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2006/11/05 23:00:00 | 000,027,136 | ---- | M] (CANON INC.) -- C:\Windows\System32\spool\prtprocs\w32x86\CNMPD8O.DLL
[2006/11/05 23:00:00 | 000,069,632 | ---- | M] (CANON INC.) -- C:\Windows\System32\spool\prtprocs\w32x86\CNMPP8O.DLL
[2007/02/02 10:26:36 | 000,273,920 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\hpzpp4v2.dll
[2006/11/02 07:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 21:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll

< %SYSTEMDRIVE%\*.* >
[2011/02/03 00:45:08 | 000,006,683 | ---- | M] () -- C:\aaw7boot.log
[2006/09/18 16:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2006/11/02 04:53:57 | 000,438,840 | RHS- | M] () -- C:\bootmgr
[2008/02/24 11:25:33 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2010/02/18 19:30:47 | 000,017,675 | ---- | M] () -- C:\ComboFix.txt
[2006/09/18 16:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2008/05/31 18:05:10 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008/04/14 15:47:10 | 000,000,344 | -H-- | M] () -- C:\IPH.PH
[2008/05/31 18:05:10 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/02/06 16:42:23 | 1377,370,112 | -HS- | M] () -- C:\pagefile.sys
[2008/04/14 17:03:04 | 000,390,430 | ---- | M] () -- C:\vcredist_x86.log

< %PROGRAMFILES%\*. >
[2008/04/14 16:35:37 | 000,000,000 | ---D | M] -- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[2011/01/08 10:39:18 | 000,000,000 | ---D | M] -- C:\Program Files\ActivIdentity
[2010/04/02 17:05:03 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2011/02/03 00:04:12 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2008/02/24 11:59:14 | 000,000,000 | ---D | M] -- C:\Program Files\Apoint
[2011/02/03 00:53:17 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2008/02/24 11:58:30 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2010/09/07 18:09:09 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2011/01/15 23:32:57 | 000,000,000 | ---D | M] -- C:\Program Files\DVDVideoSoft
[2011/01/10 19:40:24 | 000,000,000 | ---D | M] -- C:\Program Files\EA GAMES
[2010/01/26 22:57:53 | 000,000,000 | ---D | M] -- C:\Program Files\Free WMA to MP3 Converter
[2009/02/10 15:29:24 | 000,000,000 | ---D | M] -- C:\Program Files\GameShadow
[2010/10/06 15:15:41 | 000,000,000 | ---D | M] -- C:\Program Files\IBM
[2011/01/15 23:46:55 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2008/11/17 00:58:24 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2008/04/14 17:04:35 | 000,000,000 | ---D | M] -- C:\Program Files\InterVideo
[2008/04/14 15:56:12 | 000,000,000 | ---D | M] -- C:\Program Files\Intuit
[2007/02/24 12:34:52 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2011/01/29 15:56:30 | 000,000,000 | ---D | M] -- C:\Program Files\LogMeIn Hamachi
[2011/01/15 21:42:42 | 000,000,000 | ---D | M] -- C:\Program Files\LucasArts
[2011/01/24 16:19:06 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/09/09 00:41:02 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2010/02/19 10:00:16 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2007/02/24 13:48:36 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server
[2010/08/16 21:54:17 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2010/08/30 20:25:28 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2006/11/02 07:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/02/20 00:34:48 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2010/09/09 00:40:45 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2010/09/07 18:00:38 | 000,000,000 | ---D | M] -- C:\Program Files\Nero
[2008/04/14 15:47:03 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2008/05/24 20:35:53 | 000,000,000 | ---D | M] -- C:\Program Files\Pyro Studios
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2008/10/28 02:11:33 | 000,000,000 | ---D | M] -- C:\Program Files\Single Step Media
[2011/01/15 23:46:55 | 000,000,000 | ---D | M] -- C:\Program Files\Sony
[2009/11/09 21:09:24 | 000,000,000 | ---D | M] -- C:\Program Files\Starcraft
[2011/01/24 12:31:38 | 000,000,000 | ---D | M] -- C:\Program Files\Steam
[2010/01/06 21:59:24 | 000,000,000 | ---D | M] -- C:\Program Files\Steinberg
[2010/01/06 21:57:23 | 000,000,000 | ---D | M] -- C:\Program Files\Syncrosoft
[2010/12/22 12:04:42 | 000,000,000 | ---D | M] -- C:\Program Files\The Creative Assembly
[2011/02/03 00:17:46 | 000,000,000 | ---D | M] -- C:\Program Files\Ubi Soft
[2006/11/02 08:01:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2010/10/06 15:17:08 | 000,000,000 | ---D | M] -- C:\Program Files\Viewer_armyifx
[2010/11/22 16:47:50 | 000,000,000 | ---D | M] -- C:\Program Files\Warcraft III
[2006/11/02 07:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2006/11/02 07:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2006/11/02 07:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2006/11/02 07:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2008/11/17 00:59:08 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2008/11/17 00:58:57 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2006/11/02 07:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2008/11/17 00:58:35 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2008/10/03 00:17:34 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR

< %appdata%\*.* >
[2010/02/15 00:13:12 | 000,026,340 | ---- | M] () -- C:\Users\u\AppData\Roaming\UserTile.png


< MD5 for: AGP440.SYS >
[2006/11/02 04:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\ERDNT\cache\AGP440.sys
[2006/11/02 04:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006/11/02 04:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2006/11/02 04:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\ERDNT\cache\atapi.sys
[2006/11/02 04:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\drivers\atapi.sys
[2006/11/02 04:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache\cngaudit.dll
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: DISK.SYS >
[2006/11/02 04:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\drivers\disk.sys
[2006/11/02 04:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys

< MD5 for: IASTORV.SYS >
[2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2006/11/02 04:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\ERDNT\cache\netlogon.dll
[2006/11/02 04:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll
[2006/11/02 04:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys

< MD5 for: SCECLI.DLL >
[2006/11/02 04:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\ERDNT\cache\scecli.dll
[2006/11/02 04:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll
[2006/11/02 04:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll

< MD5 for: USBSTOR.SYS >
[2006/11/02 03:55:05 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=FDBAABF07244C60B0F4E0A6E71A107C6 -- C:\Windows\System32\drivers\USBSTOR.SYS
[2006/11/02 03:55:05 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=FDBAABF07244C60B0F4E0A6E71A107C6 -- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_bb2778a0\USBSTOR.SYS

Hi.

Malwarebytes shows it need a reboot. Can you please reboot and post the log from the scan you ran?

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5701

Windows 6.0.6000
Internet Explorer 7.0.6000.16757

2/7/2011 10:47:40 AM
mbam-log-2011-02-07 (10-47-40).txt

Scan type: Quick scan
Objects scanned: 141185
Time elapsed: 23 minute(s), 31 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\u\AppData\Local\temp\9131.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.

REcent otl scan log:

OTL logfile created on: 2/7/2011 10:24:19 AM - Run 4
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\u\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16757)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 413.00 Mb Available Physical Memory | 41.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 105.18 Gb Total Space | 27.38 Gb Free Space | 26.03% Space Free | Partition Type: NTFS
Drive F: | 4.58 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: LH-WC6BP8FI4TVD | User Name: u | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/02/06 16:28:14 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\u\Desktop\OTL.com
PRC - [2011/01/13 03:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/01/13 03:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/12/20 18:08:46 | 000,963,976 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010/12/06 08:31:48 | 001,238,408 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2009/06/03 16:16:42 | 000,207,400 | ---- | M] (ActivIdentity) -- C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
PRC - [2009/06/03 16:16:34 | 000,153,640 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\acevents.exe
PRC - [2009/06/03 16:13:28 | 000,400,936 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
PRC - [2009/06/03 16:13:04 | 000,130,600 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
PRC - [2008/01/29 19:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2007/02/13 18:19:48 | 000,182,392 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2007/02/13 18:19:48 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2007/02/09 13:54:42 | 000,923,768 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
PRC - [2007/02/05 14:22:08 | 000,546,936 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
PRC - [2007/01/23 08:12:50 | 000,122,880 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxext.exe
PRC - [2007/01/22 23:39:32 | 000,321,656 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
PRC - [2007/01/11 20:36:34 | 000,469,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
PRC - [2006/11/28 22:27:46 | 000,274,432 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2006/11/28 22:09:58 | 000,135,168 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2006/11/28 22:09:46 | 000,172,032 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2006/11/13 08:32:52 | 000,118,784 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2006/11/13 08:32:52 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
PRC - [2006/11/13 08:32:49 | 000,042,544 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApMsgFwd.exe
PRC - [2006/11/02 07:34:32 | 001,004,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/02 04:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2004/12/14 06:44:06 | 000,029,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe


========== Modules (SafeList) ==========

MOD - [2011/02/06 16:28:14 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\u\Desktop\OTL.com
MOD - [2011/01/13 03:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2006/11/02 04:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (LiveUpdate Notice Ex)
SRV - [2011/01/13 03:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/12/06 08:31:48 | 001,238,408 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2009/06/03 16:16:42 | 000,207,400 | ---- | M] (ActivIdentity) [Auto | Running] -- C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe -- (ac.sharedstore)
SRV - [2008/01/29 19:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007/09/12 16:15:50 | 000,087,288 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2007/02/13 18:19:48 | 000,182,392 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2007/01/16 16:05:00 | 002,523,136 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2007/01/16 16:05:00 | 001,089,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-UCLS-UPnP) VAIO Media Content Collection (UPnP)
SRV - [2007/01/16 16:05:00 | 001,089,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP)
SRV - [2007/01/10 18:51:06 | 000,745,472 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe -- (VAIOMediaPlatform-UCLS-AppServer)
SRV - [2007/01/10 13:43:24 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2007/01/08 19:06:40 | 000,397,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-UCLS-HTTP) VAIO Media Content Collection (HTTP)
SRV - [2007/01/08 19:06:40 | 000,397,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP)
SRV - [2007/01/08 19:01:34 | 000,491,520 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2006/12/14 05:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/14 05:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/14 04:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/11/28 22:27:46 | 000,274,432 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2006/11/28 22:09:58 | 000,135,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2006/11/28 22:09:46 | 000,172,032 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2006/11/02 07:34:32 | 000,263,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2005/11/14 04:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - [2011/01/13 03:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/01/13 03:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/01/13 03:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/01/13 03:37:19 | 000,051,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/01/13 03:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | Disabled | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/02/03 14:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2010/01/06 23:19:00 | 000,057,856 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SCR3XX2K.sys -- (SCR3XX2K)
DRV - [2008/07/25 19:18:52 | 000,033,792 | ---- | M] (TASCAM) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tscusb2a.sys -- (TASCAM_US144_WDM)
DRV - [2008/07/25 19:18:08 | 000,018,944 | ---- | M] (TASCAM) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tscusb2m.sys -- (TASCAM_US144_MIDI)
DRV - [2008/07/25 19:17:36 | 000,367,616 | ---- | M] (TASCAM) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tascusb2.sys -- (TASCAM_US122144)
DRV - [2007/02/08 19:03:16 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2007/02/08 08:27:24 | 000,807,424 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2007/02/05 08:22:40 | 001,668,456 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/02/01 01:37:18 | 000,027,520 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SonyNC.sys -- (SNC)
DRV - [2007/01/29 08:03:49 | 000,195,072 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007/01/23 09:00:16 | 000,509,440 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/01/23 08:12:41 | 001,478,144 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2007/01/23 08:12:41 | 001,478,144 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2006/11/23 18:20:06 | 000,018,432 | ---- | M] (SIA Syncrosoft) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\synasUSB.sys -- (SynasUSB)
DRV - [2006/11/13 22:07:45 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/11/13 22:07:41 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/11/13 22:07:38 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/11/13 22:07:38 | 000,206,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006/11/13 08:32:52 | 000,140,800 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 04:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 04:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 04:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 04:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 03:51:27 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbccid.sys -- (USBCCID)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 02:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/10/18 14:56:30 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2006/10/18 13:43:18 | 000,124,256 | R--- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/firefox"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7
FF - prefs.js..extensions.enabledItems: {FEB303A3-2023-4EE5-A917-C59C15E23047}:1.9.1
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/20 00:34:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/24 16:25:37 | 000,000,000 | ---D | M]

[2009/08/06 03:47:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\u\AppData\Roaming\mozilla\Extensions
[2011/02/07 00:19:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\u\AppData\Roaming\mozilla\Firefox\Profiles\8mmbyxhp.default\extensions
[2010/01/22 12:02:55 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\u\AppData\Roaming\mozilla\Firefox\Profiles\8mmbyxhp.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2008/05/10 01:00:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/08/06 03:47:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
[2010/12/03 03:47:01 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\U\APPDATA\LOCAL\{FEB303A3-2023-4EE5-A917-C59C15E23047}
[2003/03/18 20:20:00 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\mfc71.dll
[2003/02/21 03:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\msvcr71.dll
[2008/04/16 18:09:28 | 000,249,856 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npff_gdm.dll
[2010/02/01 15:47:38 | 000,155,648 | ---- | M] (IBM Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npmfv.dll

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (PE_IE_Helper Class) - {0941C58F-E461-4E03-BD7D-44C27392ADE1} - C:\Program Files\IBM\Lotus Forms\Viewer\3.5\PEhelper.dll (IBM Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [accrdsub] C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4 - HKLM..\Run: [acevents] C:\Program Files\ActivIdentity\ActivClient\acevents.exe (ActivIdentity)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\My Docs\Cars\190e 16v\P1000108 640.jpg
O24 - Desktop BackupWallPaper: C:\My Docs\Cars\190e 16v\P1000108 640.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/08/12 14:39:07 | 000,000,062 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{7ed5ea93-0a62-11dd-9273-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7ed5ea93-0a62-11dd-9273-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Launcher.exe -- [2009/10/06 07:43:37 | 000,558,376 | R--- | M] (Travellers Tales (UK) Ltd)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/06 17:02:26 | 000,771,513 | ---- | C] (Ubisoft) -- C:\Users\u\Desktop\chessmaster_9k_v1.02a.exe
[2011/02/06 17:02:15 | 000,521,955 | ---- | C] (Ubisoft) -- C:\Users\u\Desktop\chessmaster_9k_v1.02.exe
[2011/02/06 17:00:51 | 000,318,897 | ---- | C] (Mindscape) -- C:\Users\u\Desktop\chessmaster_9k_v1.01.exe
[2011/02/06 16:27:58 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\u\Desktop\OTL.com
[2011/02/03 00:17:46 | 000,000,000 | ---D | C] -- C:\Program Files\Ubi Soft
[2011/02/03 00:04:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/02/03 00:04:56 | 000,017,744 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/02/03 00:04:55 | 000,294,608 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/02/03 00:04:50 | 000,023,632 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/02/03 00:04:49 | 000,047,440 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/02/03 00:04:47 | 000,051,280 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/02/03 00:04:35 | 000,188,216 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/02/03 00:04:35 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/02/03 00:04:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2011/02/03 00:04:12 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2011/01/31 01:35:42 | 000,000,000 | ---D | C] -- C:\Users\u\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tool
[2011/01/31 01:25:29 | 000,000,000 | ---D | C] -- C:\ProgramData\hMdGiFp06511
[2011/01/29 15:57:07 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\System32\hamachi.sys
[2011/01/29 15:56:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011/01/29 15:56:28 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2011/01/24 16:19:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/01/24 16:19:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/01/24 16:19:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/01/24 16:18:58 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/01/24 16:18:58 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/01/15 22:11:45 | 000,000,000 | ---D | C] -- C:\Users\u\Desktop\3danalyzer
[2011/01/15 22:07:11 | 000,000,000 | ---D | C] -- C:\Users\u\AppData\Local\LucasArts
[2011/01/15 19:35:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LucasArts
[2011/01/08 10:39:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ActivIdentity
[2011/01/08 10:39:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ActivIdentity
[2011/01/08 10:39:18 | 000,000,000 | ---D | C] -- C:\Program Files\ActivIdentity
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/02/07 10:18:46 | 000,003,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/02/07 10:18:46 | 000,003,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/02/07 10:18:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/02/07 10:18:17 | 179,997,161 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/02/06 17:02:29 | 000,771,513 | ---- | M] (Ubisoft) -- C:\Users\u\Desktop\chessmaster_9k_v1.02a.exe
[2011/02/06 17:02:19 | 000,521,955 | ---- | M] (Ubisoft) -- C:\Users\u\Desktop\chessmaster_9k_v1.02.exe
[2011/02/06 17:01:08 | 000,318,897 | ---- | M] (Mindscape) -- C:\Users\u\Desktop\chessmaster_9k_v1.01.exe
[2011/02/06 16:28:14 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\u\Desktop\OTL.com
[2011/02/05 11:52:16 | 000,049,209 | ---- | M] () -- C:\Users\u\Desktop\168939_1771613003568_1036530267_32019190_5377395_n.jpg
[2011/02/04 21:25:06 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011/02/03 00:04:47 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/02/02 22:49:24 | 1150,392,217 | ---- | M] () -- C:\Users\u\Desktop\CM9000_Setup.exe
[2011/01/27 10:06:26 | 000,107,008 | ---- | M] () -- C:\Users\u\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/21 19:47:20 | 000,673,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/01/21 19:47:20 | 000,125,296 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/01/20 12:02:20 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\aqoreyesubasebiw.dll
[2011/01/20 10:00:18 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ofanigowelijo.dll
[2011/01/20 07:58:21 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ukasulor.dll
[2011/01/20 05:56:17 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ibatariv.dll
[2011/01/20 03:54:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\oqudapeq.dll
[2011/01/20 01:52:22 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ikidomipu.dll
[2011/01/19 23:50:20 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ekotudok.dll
[2011/01/19 21:48:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\oyonaniyanuna.dll
[2011/01/19 19:46:19 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\acewatonudowu.dll
[2011/01/19 17:44:18 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\akupubopitucigen.dll
[2011/01/19 15:42:19 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ajuxupetozu.dll
[2011/01/19 13:40:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ekupopegogaj.dll
[2011/01/19 11:38:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\atawiqinoq.dll
[2011/01/19 09:36:18 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\aberajoz.dll
[2011/01/19 07:34:18 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\avajokilo.dll
[2011/01/19 05:32:18 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\amehalaf.dll
[2011/01/19 03:30:21 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ebifaduf.dll
[2011/01/19 01:28:13 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\opeyiger.dll
[2011/01/18 23:26:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ozosujox.dll
[2011/01/18 21:24:23 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\oxokogikewejo.dll
[2011/01/18 19:22:18 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\utonaviq.dll
[2011/01/18 17:20:13 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ugekicuh.dll
[2011/01/18 15:19:15 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\etezaxeq.dll
[2011/01/18 13:16:15 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\atozehobiqobac.dll
[2011/01/18 11:14:22 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\awixovabuyud.dll
[2011/01/18 09:12:21 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\iqemavabow.dll
[2011/01/18 07:11:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\uxoboboge.dll
[2011/01/18 05:08:19 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\itimesawe.dll
[2011/01/18 03:06:21 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ayiwecigitul.dll
[2011/01/18 01:04:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\abafiqemaqa.dll
[2011/01/17 23:02:23 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ozivomad.dll
[2011/01/17 21:00:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ozuyelukigatek.dll
[2011/01/17 18:58:17 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ofipozadutodi.dll
[2011/01/17 16:56:21 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\inequwejulati.dll
[2011/01/17 14:55:19 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\uqekizic.dll
[2011/01/17 12:52:18 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\icenuzehob.dll
[2011/01/17 10:50:19 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\egumamumuse.dll
[2011/01/17 08:48:20 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ohusodam.dll
[2011/01/17 06:46:17 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\esamuqob.dll
[2011/01/17 04:45:17 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\evetogumamu.dll
[2011/01/17 02:42:18 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\itemazizufe.dll
[2011/01/17 00:40:14 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\urirowigesi.dll
[2011/01/16 22:38:14 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\isocarezatecu.dll
[2011/01/16 20:37:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\edobayavejog.dll
[2011/01/16 18:34:18 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ijikefuperulaz.dll
[2011/01/16 16:32:18 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ekemapiqiyonox.dll
[2011/01/16 14:30:17 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\usoreqijolozik.dll
[2011/01/16 12:28:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ekafuyip.dll
[2011/01/16 10:26:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\awuneniqedukicu.dll
[2011/01/16 08:24:21 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\idipesiq.dll
[2011/01/16 06:23:17 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\etituxunaka.dll
[2011/01/16 04:20:14 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ivakogibuxidet.dll
[2011/01/16 02:18:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ubeyabeg.dll
[2011/01/16 00:16:14 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\iyurihesogol.dll
[2011/01/15 22:14:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\upehubimudutibo.dll
[2011/01/15 20:12:33 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\agizuferosu.dll
[2011/01/15 18:10:15 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\izaruvupo.dll
[2011/01/15 16:09:14 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\eluruxec.dll
[2011/01/15 14:07:13 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\izunepub.dll
[2011/01/15 12:05:25 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ecapaguheyekiten.dll
[2011/01/15 10:03:14 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ukeyihitamaga.dll
[2011/01/15 08:01:10 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\uraxonugidel.dll
[2011/01/15 05:59:12 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ahoyuqiy.dll
[2011/01/15 03:57:12 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ureyozewahatewis.dll
[2011/01/15 01:55:12 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\anagowize.dll
[2011/01/14 23:53:13 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\onihilofejinur.dll
[2011/01/14 21:51:14 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\oyajezoweqoh.dll
[2011/01/14 19:49:17 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\exavasaxogapoga.dll
[2011/01/14 17:47:15 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ufumirux.dll
[2011/01/14 15:45:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\agajukij.dll
[2011/01/14 13:43:16 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\uyocogiceyiqamab.dll
[2011/01/14 11:41:13 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\asefixipugofo.dll
[2011/01/14 05:58:36 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ihezoxufapifov.dll
[2011/01/14 03:56:39 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ipiyaciko.dll
[2011/01/14 01:54:37 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\avekomejesuxi.dll
[2011/01/13 23:52:37 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\evidicuvuh.dll
[2011/01/13 21:50:38 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ixokehadehip.dll
[2011/01/13 19:48:35 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\alutebic.dll
[2011/01/13 17:46:36 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\uqisaneyulexaheq.dll
[2011/01/13 15:44:35 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\eyacizepuficu.dll
[2011/01/13 13:42:36 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ijoguqut.dll
[2011/01/13 11:40:39 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ovixuzay.dll
[2011/01/13 09:38:53 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\igebeguy.dll
[2011/01/13 07:36:35 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\irujoxumugeyajo.dll
[2011/01/13 05:34:34 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ehequqis.dll
[2011/01/13 03:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/01/13 03:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/01/13 03:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/01/13 03:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/01/13 03:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/01/13 03:37:19 | 000,051,280 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/01/13 03:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/01/13 03:32:33 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\aleficawajurija.dll
[2011/01/13 01:30:42 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\acemememememe.dll
[2011/01/12 23:28:32 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\epamuguxav.dll
[2011/01/12 19:24:40 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\oresumid.dll
[2011/01/12 17:22:55 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\isizabocuka.dll
[2011/01/12 15:20:34 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ogajuxapivehadaj.dll
[2011/01/12 13:18:34 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ereqilaq.dll
[2011/01/12 11:16:40 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ayetobabuyu.dll
[2011/01/12 09:14:33 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ayitapimoxihu.dll
[2011/01/12 07:12:32 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\uroxevoyoh.dll
[2011/01/12 05:10:32 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\omamujum.dll
[2011/01/12 03:08:32 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\aqijojulowuni.dll
[2011/01/12 01:06:32 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\uruvolov.dll
[2011/01/11 23:04:40 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ifonulur.dll
[2011/01/11 21:02:35 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ikopogaxeyuvasa.dll
[2011/01/11 19:00:32 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\exexeyaki.dll
[2011/01/11 16:58:34 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\egugonajeroyo.dll
[2011/01/11 14:56:32 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ecajaqapejucoho.dll
[2011/01/11 12:54:40 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\uhewibiqorefube.dll
[2011/01/11 10:52:31 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\iviwojiy.dll
[2011/01/11 08:50:36 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\upifehocozisij.dll
[2011/01/11 06:48:29 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\amojacoyu.dll
[2011/01/11 04:46:30 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\uwodohugilidupa.dll
[2011/01/11 02:44:33 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\omimatumoyes.dll
[2011/01/11 00:42:31 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ixirinazobes.dll
[2011/01/10 22:40:32 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\uzefabizagovagif.dll
[2011/01/10 18:36:41 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\arudiwox.dll
[2011/01/10 16:34:34 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\uyidevipejidedu.dll
[2011/01/10 14:32:32 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ucugepukog.dll
[2011/01/10 12:30:33 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\adizanijudulige.dll
[2011/01/09 20:19:08 | 000,000,764 | ---- | M] () -- C:\Users\u\AppData\Local\eregilidu.dll
[2011/01/09 10:17:32 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\opegesif.dll
[2011/01/09 08:15:32 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ajexevuqa.dll
[2011/01/09 06:13:32 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\efixogapogaxeyu.dll
[2011/01/09 04:11:31 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ejiwamikux.dll
[2011/01/09 02:09:31 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\odeyumihoyopog.dll
[2011/01/09 00:07:33 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\oriniyan.dll
[2011/01/08 22:05:41 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\ubiqayoqanejobec.dll
[2011/01/08 20:38:19 | 000,000,000 | ---- | M] () -- C:\Users\u\AppData\Local\eqalusef.dll
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/02/05 11:52:10 | 000,049,209 | ---- | C] () -- C:\Users\u\Desktop\168939_1771613003568_1036530267_32019190_5377395_n.jpg
[2011/02/03 00:03:41 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011/02/02 22:10:06 | 1150,392,217 | ---- | C] () -- C:\Users\u\Desktop\CM9000_Setup.exe
[2011/01/27 20:27:46 | 179,997,161 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/01/20 12:02:20 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\aqoreyesubasebiw.dll
[2011/01/20 10:00:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ofanigowelijo.dll
[2011/01/20 07:58:21 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ukasulor.dll
[2011/01/20 05:56:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ibatariv.dll
[2011/01/20 03:54:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\oqudapeq.dll
[2011/01/20 01:52:22 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ikidomipu.dll
[2011/01/19 23:50:20 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ekotudok.dll
[2011/01/19 21:48:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\oyonaniyanuna.dll
[2011/01/19 19:46:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\acewatonudowu.dll
[2011/01/19 17:44:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\akupubopitucigen.dll
[2011/01/19 15:42:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ajuxupetozu.dll
[2011/01/19 13:40:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ekupopegogaj.dll
[2011/01/19 11:38:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\atawiqinoq.dll
[2011/01/19 09:36:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\aberajoz.dll
[2011/01/19 07:34:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\avajokilo.dll
[2011/01/19 05:32:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\amehalaf.dll
[2011/01/19 03:30:21 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ebifaduf.dll
[2011/01/19 01:28:13 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\opeyiger.dll
[2011/01/18 23:26:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ozosujox.dll
[2011/01/18 21:24:23 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\oxokogikewejo.dll
[2011/01/18 19:22:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\utonaviq.dll
[2011/01/18 17:20:13 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ugekicuh.dll
[2011/01/18 15:19:15 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\etezaxeq.dll
[2011/01/18 13:16:15 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\atozehobiqobac.dll
[2011/01/18 11:14:22 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\awixovabuyud.dll
[2011/01/18 09:12:21 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\iqemavabow.dll
[2011/01/18 07:11:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uxoboboge.dll
[2011/01/18 05:08:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\itimesawe.dll
[2011/01/18 03:06:21 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ayiwecigitul.dll
[2011/01/18 01:04:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\abafiqemaqa.dll
[2011/01/17 23:02:22 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ozivomad.dll
[2011/01/17 21:00:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ozuyelukigatek.dll
[2011/01/17 18:58:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ofipozadutodi.dll
[2011/01/17 16:56:21 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\inequwejulati.dll
[2011/01/17 14:55:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uqekizic.dll
[2011/01/17 12:52:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\icenuzehob.dll
[2011/01/17 10:50:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\egumamumuse.dll
[2011/01/17 08:48:20 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ohusodam.dll
[2011/01/17 06:46:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\esamuqob.dll
[2011/01/17 04:45:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\evetogumamu.dll
[2011/01/17 02:42:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\itemazizufe.dll
[2011/01/17 00:40:14 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\urirowigesi.dll
[2011/01/16 22:38:14 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\isocarezatecu.dll
[2011/01/16 20:37:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\edobayavejog.dll
[2011/01/16 18:34:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ijikefuperulaz.dll
[2011/01/16 16:32:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ekemapiqiyonox.dll
[2011/01/16 14:30:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\usoreqijolozik.dll
[2011/01/16 12:28:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ekafuyip.dll
[2011/01/16 10:26:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\awuneniqedukicu.dll
[2011/01/16 08:24:21 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\idipesiq.dll
[2011/01/16 06:23:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\etituxunaka.dll
[2011/01/16 04:20:14 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ivakogibuxidet.dll
[2011/01/16 02:18:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ubeyabeg.dll
[2011/01/16 00:16:14 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\iyurihesogol.dll
[2011/01/15 22:14:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\upehubimudutibo.dll
[2011/01/15 20:12:33 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\agizuferosu.dll
[2011/01/15 18:10:15 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\izaruvupo.dll
[2011/01/15 16:09:14 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\eluruxec.dll
[2011/01/15 14:07:13 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\izunepub.dll
[2011/01/15 12:05:25 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ecapaguheyekiten.dll
[2011/01/15 10:03:14 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ukeyihitamaga.dll
[2011/01/15 08:01:10 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uraxonugidel.dll
[2011/01/15 05:59:12 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ahoyuqiy.dll
[2011/01/15 03:57:12 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ureyozewahatewis.dll
[2011/01/15 01:55:12 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\anagowize.dll
[2011/01/14 23:53:13 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\onihilofejinur.dll
[2011/01/14 21:51:14 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\oyajezoweqoh.dll
[2011/01/14 19:49:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\exavasaxogapoga.dll
[2011/01/14 17:47:15 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ufumirux.dll
[2011/01/14 15:45:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\agajukij.dll
[2011/01/14 13:43:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uyocogiceyiqamab.dll
[2011/01/14 11:41:13 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\asefixipugofo.dll
[2011/01/14 05:58:36 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ihezoxufapifov.dll
[2011/01/14 03:56:39 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ipiyaciko.dll
[2011/01/14 01:54:37 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\avekomejesuxi.dll
[2011/01/13 23:52:37 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\evidicuvuh.dll
[2011/01/13 21:50:38 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ixokehadehip.dll
[2011/01/13 19:48:35 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\alutebic.dll
[2011/01/13 17:46:36 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uqisaneyulexaheq.dll
[2011/01/13 15:44:35 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\eyacizepuficu.dll
[2011/01/13 13:42:36 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ijoguqut.dll
[2011/01/13 11:40:39 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ovixuzay.dll
[2011/01/13 09:38:53 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\igebeguy.dll
[2011/01/13 07:36:35 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\irujoxumugeyajo.dll
[2011/01/13 05:34:34 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ehequqis.dll
[2011/01/13 03:32:33 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\aleficawajurija.dll
[2011/01/13 01:30:42 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\acemememememe.dll
[2011/01/12 23:28:32 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\epamuguxav.dll
[2011/01/12 19:24:40 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\oresumid.dll
[2011/01/12 17:22:55 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\isizabocuka.dll
[2011/01/12 15:20:34 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ogajuxapivehadaj.dll
[2011/01/12 13:18:34 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ereqilaq.dll
[2011/01/12 11:16:40 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ayetobabuyu.dll
[2011/01/12 09:14:33 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ayitapimoxihu.dll
[2011/01/12 07:12:32 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uroxevoyoh.dll
[2011/01/12 05:10:32 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\omamujum.dll
[2011/01/12 03:08:32 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\aqijojulowuni.dll
[2011/01/12 01:06:32 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uruvolov.dll
[2011/01/11 23:04:40 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ifonulur.dll
[2011/01/11 21:02:35 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ikopogaxeyuvasa.dll
[2011/01/11 19:00:32 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\exexeyaki.dll
[2011/01/11 16:58:34 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\egugonajeroyo.dll
[2011/01/11 14:56:32 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ecajaqapejucoho.dll
[2011/01/11 12:54:40 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uhewibiqorefube.dll
[2011/01/11 10:52:31 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\iviwojiy.dll
[2011/01/11 08:50:36 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\upifehocozisij.dll
[2011/01/11 06:48:29 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\amojacoyu.dll
[2011/01/11 04:46:30 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uwodohugilidupa.dll
[2011/01/11 02:44:33 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\omimatumoyes.dll
[2011/01/11 00:42:31 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ixirinazobes.dll
[2011/01/10 22:40:32 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uzefabizagovagif.dll
[2011/01/10 18:36:41 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\arudiwox.dll
[2011/01/10 16:34:34 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uyidevipejidedu.dll
[2011/01/10 14:32:32 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ucugepukog.dll
[2011/01/10 12:30:33 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\adizanijudulige.dll
[2011/01/09 20:19:08 | 000,000,764 | ---- | C] () -- C:\Users\u\AppData\Local\eregilidu.dll
[2011/01/09 10:17:32 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\opegesif.dll
[2011/01/09 08:15:32 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ajexevuqa.dll
[2011/01/09 06:13:32 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\efixogapogaxeyu.dll
[2011/01/09 04:11:31 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ejiwamikux.dll
[2011/01/09 02:09:31 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\odeyumihoyopog.dll
[2011/01/09 00:07:33 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\oriniyan.dll
[2011/01/08 22:05:41 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ubiqayoqanejobec.dll
[2011/01/08 20:38:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\eqalusef.dll
[2011/01/08 10:39:26 | 000,002,051 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ActivClient Agent.lnk
[2011/01/08 06:16:22 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\elocetuw.dll
[2011/01/08 04:14:21 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\unalewizut.dll
[2011/01/08 02:12:21 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\isadukeq.dll
[2011/01/08 00:10:23 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\efedilak.dll
[2011/01/07 22:08:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\inomamajuxuges.dll
[2011/01/07 20:06:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\opofojocetu.dll
[2011/01/07 18:04:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ebujuxapivehadaj.dll
[2011/01/07 16:02:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\etepazuc.dll
[2011/01/07 14:00:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ekofawina.dll
[2011/01/07 11:58:23 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\exadosay.dll
[2011/01/07 09:56:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\asaqibiy.dll
[2011/01/07 07:54:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ajaxanim.dll
[2011/01/07 05:52:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\avoceweweciq.dll
[2011/01/07 03:50:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\aqahexof.dll
[2011/01/07 01:48:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ilisafuzawosa.dll
[2011/01/06 23:46:23 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\equbecerisubaca.dll
[2011/01/06 21:44:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\eyuvayadep.dll
[2011/01/06 19:42:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ujidoruvozer.dll
[2011/01/06 17:40:20 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\unuviyifanivago.dll
[2011/01/06 15:38:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\axuqulicaken.dll
[2011/01/06 13:36:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ujohovehulatole.dll
[2011/01/06 11:34:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\izocuqepico.dll
[2011/01/06 09:32:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\epoyuwamoxobuzog.dll
[2011/01/06 07:30:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\azadiyubaderoteg.dll
[2011/01/06 05:28:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\emeqixat.dll
[2011/01/06 03:26:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\elalezelag.dll
[2011/01/06 01:24:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ijijehul.dll
[2011/01/05 23:22:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ikezomufaveleri.dll
[2011/01/05 21:20:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\avahofus.dll
[2011/01/05 19:18:24 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uqazegix.dll
[2011/01/05 17:16:20 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\efogiravu.dll
[2011/01/05 15:14:21 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\evexuqux.dll
[2011/01/05 13:12:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ocicehenu.dll
[2011/01/05 11:10:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ogafiseq.dll
[2011/01/05 07:04:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uyogayuxoxotumud.dll
[2011/01/05 05:02:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uyamiroluqo.dll
[2011/01/05 03:00:38 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ayumiyaparohi.dll
[2011/01/05 00:58:14 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ohipamotetac.dll
[2011/01/04 22:57:20 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ijazetijoki.dll
[2011/01/04 06:10:42 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ahukenak.dll
[2011/01/04 04:08:44 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\iyokenakoh.dll
[2011/01/04 02:06:43 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\iwufoyeje.dll
[2011/01/03 22:49:51 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uvunezonusoh.dll
[2011/01/03 20:47:50 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\afavalan.dll
[2011/01/03 18:45:51 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\eziquxoj.dll
[2011/01/03 16:43:50 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\axetehihe.dll
[2011/01/03 14:41:44 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\oxudulig.dll
[2011/01/03 12:39:44 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\omidokaw.dll
[2011/01/03 10:37:42 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\enemikagoxu.dll
[2011/01/03 08:35:43 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ofujilil.dll
[2011/01/03 06:33:43 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\oqitezez.dll
[2011/01/03 04:31:47 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\exiwiwifafawi.dll
[2011/01/03 02:29:44 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\odoxazexowalifip.dll
[2011/01/03 00:27:46 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\odikecikotadoq.dll
[2011/01/02 22:25:46 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uloxadap.dll
[2011/01/02 20:23:46 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\oyuvifukif.dll
[2011/01/02 18:21:47 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\unerisohah.dll
[2011/01/02 16:19:46 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uzowerec.dll
[2011/01/02 14:17:45 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\upacamotigihag.dll
[2011/01/02 12:15:47 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ufijegig.dll
[2011/01/02 10:13:48 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\iwupukog.dll
[2011/01/02 08:11:47 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uneqevemite.dll
[2011/01/02 06:09:47 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ewifuyiwog.dll
[2011/01/02 04:07:48 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ejafefel.dll
[2011/01/02 02:05:49 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\oduwetur.dll
[2011/01/01 04:00:00 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ecepuxekuvay.dll
[2011/01/01 00:04:49 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ocidanes.dll
[2010/12/31 22:02:47 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\izaxoxotumudivos.dll
[2010/12/31 20:00:48 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ajufebosuyeganow.dll
[2010/12/31 13:59:00 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\icaneyafis.dll
[2010/12/31 03:57:41 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\anuvinuyozewahat.dll
[2010/12/31 01:55:41 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\amanorap.dll
[2010/12/30 23:53:42 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\aqogaxeyuvasa.dll
[2010/12/30 21:51:41 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\akawizuteroyow.dll
[2010/12/30 18:18:42 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\alaquqof.dll
[2010/12/30 14:05:44 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\edijesazukuyase.dll
[2010/12/30 12:03:43 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ewiwazulaxufosi.dll
[2010/12/30 10:01:42 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\odibiqorefu.dll
[2010/12/30 07:59:41 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\apejigok.dll
[2010/12/30 05:57:40 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ogilifipulukelik.dll
[2010/12/30 03:55:48 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\equlizegosuli.dll
[2010/12/29 22:36:43 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\alowefok.dll
[2010/12/29 20:34:43 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ebiquvetidacir.dll
[2010/12/29 18:32:44 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ucojagiqet.dll
[2010/12/29 12:19:21 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ewitomivokitu.dll
[2010/12/29 02:18:58 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ejuvezuy.dll
[2010/12/29 00:16:58 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\owivihegozavohi.dll
[2010/12/28 22:14:57 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uvejogumaj.dll
[2010/12/28 20:12:56 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\exirasewi.dll
[2010/12/28 18:10:56 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\aqeqahivaf.dll
[2010/12/28 16:08:55 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\edozapowi.dll
[2010/12/28 14:06:56 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uzebudaxubigaxel.dll
[2010/12/27 19:11:45 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\acixutap.dll
[2010/12/27 17:09:45 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\akifuxujabo.dll
[2010/12/27 15:07:46 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\udokuyep.dll
[2010/12/27 02:55:11 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\iqegotobuh.dll
[2010/12/27 00:53:11 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\isimomig.dll
[2010/12/26 22:51:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\okamewiga.dll
[2010/12/24 10:18:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\owemoqixatesuxid.dll
[2010/12/24 08:16:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uyecicojiceci.dll
[2010/12/24 06:14:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\enotiwoji.dll
[2010/12/24 04:12:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ujunatana.dll
[2010/12/24 02:10:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\onoyopog.dll
[2010/12/24 00:08:21 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ezaxefenoyivoq.dll
[2010/12/23 22:06:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\asuvepas.dll
[2010/12/23 20:04:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ufobekeyoj.dll
[2010/12/23 18:02:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ofozakax.dll
[2010/12/23 16:00:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\isezogerutew.dll
[2010/12/23 13:58:15 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\usacudeze.dll
[2010/12/23 11:56:15 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\asisarevegubelix.dll
[2010/12/23 03:22:43 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uqocelot.dll
[2010/12/23 01:20:42 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\upajedab.dll
[2010/12/22 23:18:42 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\uyipofuyipidu.dll
[2010/12/22 21:16:41 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ecabadisuvu.dll
[2010/12/22 13:32:17 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\orazewujonafaz.dll
[2010/12/22 11:30:16 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\iqehusucamunum.dll
[2010/12/22 09:28:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\udiyiviyifani.dll
[2010/12/22 07:22:18 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ufugulus.dll
[2010/12/22 05:20:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\alejucow.dll
[2010/12/22 03:18:19 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ixicarezatecu.dll
[2010/12/22 01:16:20 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ozewamoxobuzog.dll
[2010/12/21 14:33:41 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\isapugof.dll
[2010/12/21 06:50:12 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\elakuqis.dll
[2010/12/21 04:48:12 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\aqihamiroluqoti.dll
[2010/12/21 02:46:12 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\eleforaw.dll
[2010/12/18 22:18:52 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ayupugeb.dll
[2010/12/18 20:16:52 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\ahoyufomorabulez.dll
[2010/12/18 03:26:41 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\unokowuc.dll
[2010/11/29 01:48:05 | 000,000,000 | ---- | C] () -- C:\Users\u\AppData\Local\Ozimacokuvomuyi.bin
[2010/11/29 01:48:04 | 000,000,120 | ---- | C] () -- C:\Users\u\AppData\Local\Qmoxuyevi.dat
[2010/09/07 16:23:10 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/08/30 19:57:35 | 000,045,541 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2010/03/10 22:54:45 | 000,000,680 | ---- | C] () -- C:\Users\u\AppData\Local\d3d9caps.dat
[2010/02/22 14:32:58 | 000,107,008 | ---- | C] () -- C:\Users\u\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/15 00:13:12 | 000,026,340 | ---- | C] () -- C:\Users\u\AppData\Roaming\UserTile.png
[2010/01/06 21:57:08 | 000,002,892 | ---- | C] () -- C:\Windows\System32\audcon.sys
[2010/01/01 15:36:43 | 000,211,893 | ---- | C] () -- C:\Windows\System32\drivers\IsDrv122.sys
[2009/10/13 14:52:06 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/04/02 00:45:29 | 000,139,152 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009/02/18 09:34:30 | 000,003,102 | ---- | C] () -- C:\Windows\Gs.ini
[2009/02/10 19:39:12 | 000,000,480 | ---- | C] () -- C:\Windows\wininit.ini
[2008/07/24 18:45:21 | 000,000,303 | ---- | C] () -- C:\Windows\MIREPAIR.INI
[2008/07/24 18:45:21 | 000,000,058 | ---- | C] () -- C:\Windows\MITCHELL.INI
[2008/07/24 18:45:08 | 000,001,980 | ---- | C] () -- C:\Windows\ODWIN.INI
[2008/07/24 18:45:08 | 000,000,754 | ---- | C] () -- C:\Windows\BTI.INI
[2008/04/14 16:52:26 | 000,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll
[2008/04/14 16:47:52 | 000,532,480 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Sony.dll
[2008/04/14 16:37:48 | 001,132,112 | ---- | C] () -- C:\ProgramData\pswi_preloaded.exe
[2008/02/24 11:56:18 | 000,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll
[2008/02/24 11:56:18 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2008/02/24 11:56:18 | 000,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll
[2008/02/24 11:56:17 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1151.dll
[2007/02/24 13:59:14 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[1999/01/22 13:46:56 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL

< End of report >

Hi,

Please download ComboFix from BleepingComputer.com

Alternate link: GeeksToGo.com


Rename ComboFix.exe to commy.exe before you save it to your Desktop

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
  
• Click Start then copy paste the following command into the search box & hit enter: "%userprofile%\desktop\commy.exe" /stepdel
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
  
• When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.

blue screen crash every time i try. in both safe mode and normal

Hi,

Try this first:

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5701

Windows 6.0.6000
Internet Explorer 7.0.6000.16757

2/7/2011 10:47:40 AM
mbam-log-2011-02-07 (10-47-40).txt

Scan type: Quick scan
Objects scanned: 141185
Time elapsed: 23 minute(s), 31 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\u\AppData\Local\temp\9131.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.

Hi,

Try ComboFix now please

no change. blue screen crash upon opening combofix

Hi,

Please download TDSSKiller from here and save it to your Desktop.

• Doubleclick TDSSKiller.exe to run the tool
  
• Click the Start Scan button
  
• After the scan has finished, click the Close button
  
• Click the Report button and copy/paste the contents of it into your next reply

Note:It will also create a log in the C:\ directory.

2011/02/09 15:19:53.0734 3392 TDSS rootkit removing tool 2.4.16.0 Feb 1 2011 10:34:03
2011/02/09 15:19:55.0139 3392 ================================================================================
2011/02/09 15:19:55.0139 3392 SystemInfo:
2011/02/09 15:19:55.0139 3392
2011/02/09 15:19:55.0139 3392 OS Version: 6.0.6000 ServicePack: 0.0
2011/02/09 15:19:55.0139 3392 Product type: Workstation
2011/02/09 15:19:55.0139 3392 ComputerName: LH-WC6BP8FI4TVD
2011/02/09 15:19:55.0139 3392 UserName: u
2011/02/09 15:19:55.0139 3392 Windows directory: C:\Windows
2011/02/09 15:19:55.0139 3392 System windows directory: C:\Windows
2011/02/09 15:19:55.0139 3392 Processor architecture: Intel x86
2011/02/09 15:19:55.0139 3392 Number of processors: 2
2011/02/09 15:19:55.0139 3392 Page size: 0x1000
2011/02/09 15:19:55.0139 3392 Boot type: Normal boot
2011/02/09 15:19:55.0139 3392 ================================================================================
2011/02/09 15:20:08.0106 3392 Initialize success
2011/02/09 15:20:11.0090 7244 ================================================================================
2011/02/09 15:20:11.0090 7244 Scan started
2011/02/09 15:20:11.0090 7244 Mode: Manual;
2011/02/09 15:20:11.0090 7244 ================================================================================
2011/02/09 15:20:40.0338 7244 ACPI (192bdbd1540645c4a2aa69f24cce197f) C:\Windows\system32\drivers\acpi.sys
2011/02/09 15:20:41.0413 7244 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/02/09 15:20:42.0582 7244 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/02/09 15:20:43.0727 7244 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/02/09 15:20:45.0287 7244 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/02/09 15:20:47.0287 7244 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
2011/02/09 15:20:48.0171 7244 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/02/09 15:20:48.0685 7244 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/02/09 15:20:49.0216 7244 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
2011/02/09 15:20:50.0001 7244 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/02/09 15:20:50.0385 7244 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
2011/02/09 15:20:51.0075 7244 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/02/09 15:20:51.0393 7244 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/02/09 15:20:52.0211 7244 ApfiltrService (7c2f57bce81fa74933f0e1c84a97c9db) C:\Windows\system32\DRIVERS\Apfiltr.sys
2011/02/09 15:20:53.0147 7244 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/02/09 15:20:53.0599 7244 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/02/09 15:20:54.0305 7244 aswFsBlk (cba53c5e29ae0a0ce76f9a2be3a40d9e) C:\Windows\system32\drivers\aswFsBlk.sys
2011/02/09 15:20:54.0733 7244 aswMonFlt (317f85fb68a3be507e9ccede5e6d9ee0) C:\Windows\system32\drivers\aswMonFlt.sys
2011/02/09 15:20:55.0349 7244 aswRdr (b6e8c5874377a42756c282fac2e20836) C:\Windows\system32\drivers\aswRdr.sys
2011/02/09 15:20:56.0275 7244 aswSP (b93a553c9b0f14263c8f016a44c3258c) C:\Windows\system32\drivers\aswSP.sys
2011/02/09 15:20:57.0245 7244 aswTdi (1408421505257846eb336feeef33352d) C:\Windows\system32\drivers\aswTdi.sys
2011/02/09 15:20:57.0975 7244 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/02/09 15:20:58.0382 7244 atapi (4f4fcb8b6ea06784fb6d475b7ec7300f) C:\Windows\system32\drivers\atapi.sys
2011/02/09 15:20:59.0225 7244 athr (b600e2c287e9fb70ffbd7cc103c10bee) C:\Windows\system32\DRIVERS\athr.sys
2011/02/09 15:21:00.0430 7244 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
2011/02/09 15:21:01.0688 7244 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
2011/02/09 15:21:02.0536 7244 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/02/09 15:21:03.0284 7244 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/02/09 15:21:04.0118 7244 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\DRIVERS\BrSerId.sys
2011/02/09 15:21:04.0359 7244 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/02/09 15:21:04.0908 7244 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/02/09 15:21:05.0327 7244 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\DRIVERS\BrUsbSer.sys
2011/02/09 15:21:06.0081 7244 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/02/09 15:21:07.0584 7244 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
2011/02/09 15:21:09.0117 7244 Cdralw2k (2c41cd49d82d5fd85c72d57b6ca25471) C:\Windows\system32\drivers\Cdralw2k.sys
2011/02/09 15:21:10.0065 7244 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
2011/02/09 15:21:10.0474 7244 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/02/09 15:21:11.0104 7244 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
2011/02/09 15:21:11.0987 7244 CmBatt (0fed59edb4a83ff17f1778827b88ab1a) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/02/09 15:21:12.0176 7244 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
2011/02/09 15:21:13.0199 7244 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\DRIVERS\compbatt.sys
2011/02/09 15:21:13.0278 7244 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/02/09 15:21:13.0466 7244 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/02/09 15:21:14.0349 7244 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
2011/02/09 15:21:15.0497 7244 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
2011/02/09 15:21:15.0777 7244 DMICall (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys
2011/02/09 15:21:16.0710 7244 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
2011/02/09 15:21:17.0739 7244 DXGKrnl (f032a2f91287a0b800891c7bef9ca7a8) C:\Windows\System32\drivers\dxgkrnl.sys
2011/02/09 15:21:18.0720 7244 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/02/09 15:21:19.0596 7244 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
2011/02/09 15:21:20.0837 7244 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/02/09 15:21:21.0681 7244 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
2011/02/09 15:21:22.0501 7244 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/02/09 15:21:22.0650 7244 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
2011/02/09 15:21:23.0445 7244 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
2011/02/09 15:21:23.0620 7244 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/02/09 15:21:24.0501 7244 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
2011/02/09 15:21:25.0286 7244 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
2011/02/09 15:21:25.0560 7244 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/02/09 15:21:26.0298 7244 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
2011/02/09 15:21:27.0512 7244 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/02/09 15:21:28.0223 7244 HDAudBus (ffb271303ba3c59d9c97b7af1175de95) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/02/09 15:21:28.0507 7244 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/02/09 15:21:29.0190 7244 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/02/09 15:21:29.0554 7244 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\DRIVERS\hidusb.sys
2011/02/09 15:21:30.0294 7244 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/02/09 15:21:30.0627 7244 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
2011/02/09 15:21:31.0714 7244 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
2011/02/09 15:21:32.0663 7244 HTTP (f31d27ccf514549a17e79bebe01b40b6) C:\Windows\system32\drivers\HTTP.sys
2011/02/09 15:21:33.0553 7244 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/02/09 15:21:33.0851 7244 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/02/09 15:21:35.0193 7244 ialm (a4fba5b34e69e46315a7c5223a470a17) C:\Windows\system32\DRIVERS\igdkmd32.sys
2011/02/09 15:21:36.0314 7244 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/02/09 15:21:37.0892 7244 igfx (a4fba5b34e69e46315a7c5223a470a17) C:\Windows\system32\DRIVERS\igdkmd32.sys
2011/02/09 15:21:38.0666 7244 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/02/09 15:21:40.0093 7244 IntcAzAudAddService (c61b3b87f3856cef0c9f204028c6860d) C:\Windows\system32\drivers\RTKVHDA.sys
2011/02/09 15:21:41.0003 7244 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
2011/02/09 15:21:41.0220 7244 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
2011/02/09 15:21:42.0087 7244 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/02/09 15:21:42.0948 7244 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/02/09 15:21:43.0623 7244 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
2011/02/09 15:21:44.0052 7244 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
2011/02/09 15:21:44.0562 7244 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/02/09 15:21:45.0009 7244 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/02/09 15:21:45.0562 7244 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/02/09 15:21:46.0074 7244 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/02/09 15:21:46.0435 7244 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/02/09 15:21:46.0822 7244 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
2011/02/09 15:21:47.0247 7244 KSecDD (11d0bc1f2afd8abbb5a3dc47a042de54) C:\Windows\system32\Drivers\ksecdd.sys
2011/02/09 15:21:48.0934 7244 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
2011/02/09 15:21:49.0932 7244 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/02/09 15:21:50.0477 7244 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/02/09 15:21:50.0531 7244 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/02/09 15:21:50.0914 7244 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
2011/02/09 15:21:51.0037 7244 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/02/09 15:21:51.0532 7244 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
2011/02/09 15:21:52.0341 7244 monitor (ec839ba91e45cce6eadafc418fff8206) C:\Windows\system32\DRIVERS\monitor.sys
2011/02/09 15:21:53.0085 7244 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
2011/02/09 15:21:53.0705 7244 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
2011/02/09 15:21:53.0993 7244 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
2011/02/09 15:21:54.0895 7244 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/02/09 15:21:55.0542 7244 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
2011/02/09 15:21:56.0532 7244 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/02/09 15:21:57.0611 7244 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
2011/02/09 15:21:58.0619 7244 mrxsmb (f6805dc6823b90393d561bdb163468f6) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/02/09 15:21:59.0864 7244 mrxsmb10 (3b6200fe9deef1f9bbf576a80082a741) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/02/09 15:22:00.0395 7244 mrxsmb20 (30a67c7d8b80281028916ded6a64aec9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/02/09 15:22:01.0440 7244 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
2011/02/09 15:22:02.0451 7244 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/02/09 15:22:03.0348 7244 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
2011/02/09 15:22:04.0011 7244 msisadrv (5f454a16a5146cd91a176d70f0cfa3ec) C:\Windows\system32\drivers\msisadrv.sys
2011/02/09 15:22:04.0939 7244 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
2011/02/09 15:22:05.0579 7244 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/02/09 15:22:06.0294 7244 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
2011/02/09 15:22:07.0300 7244 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
2011/02/09 15:22:08.0275 7244 mssmbios (4385c80ede885e25492d408cad91bd6f) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/02/09 15:22:09.0265 7244 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
2011/02/09 15:22:10.0122 7244 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
2011/02/09 15:22:10.0521 7244 NativeWifiP (497de786240303ee67ab01f5690c24c2) C:\Windows\system32\DRIVERS\nwifi.sys
2011/02/09 15:22:11.0461 7244 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
2011/02/09 15:22:12.0405 7244 NdisTapi (7584f1794b23b83d63cc124a8c56d103) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/02/09 15:22:13.0236 7244 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/02/09 15:22:14.0058 7244 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/02/09 15:22:14.0534 7244 NDProxy (874c12e3ad1431cabc854697d302c563) C:\Windows\system32\drivers\NDProxy.sys
2011/02/09 15:22:14.0630 7244 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
2011/02/09 15:22:15.0252 7244 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
2011/02/09 15:22:16.0255 7244 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/02/09 15:22:17.0268 7244 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
2011/02/09 15:22:18.0272 7244 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
2011/02/09 15:22:19.0285 7244 Ntfs (3f379380a4a2637f559444e338cf1b51) C:\Windows\system32\drivers\Ntfs.sys
2011/02/09 15:22:20.0133 7244 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/02/09 15:22:21.0082 7244 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
2011/02/09 15:22:21.0762 7244 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/02/09 15:22:22.0653 7244 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/02/09 15:22:23.0528 7244 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/02/09 15:22:24.0762 7244 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/02/09 15:22:24.0909 7244 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/02/09 15:22:25.0096 7244 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
2011/02/09 15:22:25.0226 7244 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/02/09 15:22:25.0295 7244 pci (1085d75657807e0e8b32f9e19a1647c3) C:\Windows\system32\drivers\pci.sys
2011/02/09 15:22:25.0455 7244 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\DRIVERS\pciide.sys
2011/02/09 15:22:25.0515 7244 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/02/09 15:22:25.0611 7244 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/02/09 15:22:25.0921 7244 PptpMiniport (6c359ac71d7b550a0d41f9db4563ce05) C:\Windows\system32\DRIVERS\raspptp.sys
2011/02/09 15:22:26.0088 7244 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/02/09 15:22:26.0195 7244 PSched (b74edf14453c9987e99e66535047ebee) C:\Windows\system32\DRIVERS\pacer.sys
2011/02/09 15:22:26.0418 7244 PxHelp20 (59464c712c8c75e4513064f5a485582f) C:\Windows\system32\Drivers\PxHelp20.sys
2011/02/09 15:22:26.0488 7244 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/02/09 15:22:26.0669 7244 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/02/09 15:22:26.0707 7244 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
2011/02/09 15:22:26.0751 7244 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
2011/02/09 15:22:26.0950 7244 Rasl2tp (88587dd843e2059848995b407b67f6cf) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/02/09 15:22:26.0988 7244 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/02/09 15:22:27.0018 7244 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
2011/02/09 15:22:27.0189 7244 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/02/09 15:22:27.0239 7244 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/02/09 15:22:27.0402 7244 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
2011/02/09 15:22:27.0459 7244 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
2011/02/09 15:22:27.0540 7244 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
2011/02/09 15:22:27.0762 7244 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/02/09 15:22:27.0889 7244 SCR3XX2K (b590c6b740a85130e88d35d007691eb4) C:\Windows\system32\DRIVERS\SCR3XX2K.sys
2011/02/09 15:22:27.0938 7244 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/02/09 15:22:28.0143 7244 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/02/09 15:22:28.0182 7244 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/02/09 15:22:28.0232 7244 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
2011/02/09 15:22:28.0328 7244 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
2011/02/09 15:22:28.0498 7244 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2011/02/09 15:22:28.0531 7244 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
2011/02/09 15:22:28.0610 7244 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/02/09 15:22:28.0790 7244 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/02/09 15:22:28.0815 7244 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/02/09 15:22:28.0881 7244 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/02/09 15:22:28.0940 7244 Smb (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys
2011/02/09 15:22:29.0098 7244 SNC (db31d8989b3450569c29780e7fa98c48) C:\Windows\system32\Drivers\SonyNC.sys
2011/02/09 15:22:29.0156 7244 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
2011/02/09 15:22:29.0259 7244 srv (63695467d2af343ee8d6766399aa1204) C:\Windows\system32\DRIVERS\srv.sys
2011/02/09 15:22:29.0500 7244 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
2011/02/09 15:22:29.0555 7244 srvnet (cd11a0767e82dd8b1a3a26d305dbec0f) C:\Windows\system32\DRIVERS\srvnet.sys
2011/02/09 15:22:29.0782 7244 swenum (1379bdb336f8158c176a465e30759f57) C:\Windows\system32\DRIVERS\swenum.sys
2011/02/09 15:22:29.0828 7244 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/02/09 15:22:29.0861 7244 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/02/09 15:22:30.0027 7244 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/02/09 15:22:30.0100 7244 SynasUSB (418bd80a7fefaa3fcbd3dcfc021cb294) C:\Windows\system32\drivers\SynasUSB.sys
2011/02/09 15:22:30.0176 7244 TASCAM_US122144 (968331cfa6a775e11ea8450928995b6d) C:\Windows\system32\Drivers\tascusb2.sys
2011/02/09 15:22:30.0368 7244 TASCAM_US144_MIDI (f57af1e329d8dc8fe65d550a6240bad6) C:\Windows\system32\drivers\tscusb2m.sys
2011/02/09 15:22:30.0445 7244 TASCAM_US144_WDM (67d7b8d23853e6e7b6816855692c69c0) C:\Windows\system32\drivers\tscusb2a.sys
2011/02/09 15:22:30.0550 7244 Tcpip (5df77458aa92fdb36fce79c60f74ab5d) C:\Windows\system32\drivers\tcpip.sys
2011/02/09 15:22:30.0750 7244 Tcpip6 (5df77458aa92fdb36fce79c60f74ab5d) C:\Windows\system32\DRIVERS\tcpip.sys
2011/02/09 15:22:30.0907 7244 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
2011/02/09 15:22:30.0974 7244 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
2011/02/09 15:22:31.0011 7244 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
2011/02/09 15:22:31.0048 7244 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
2011/02/09 15:22:31.0233 7244 TermDD (2c549bd9dd091fbfaa0a2a48e82ec2fb) C:\Windows\system32\DRIVERS\termdd.sys
2011/02/09 15:22:31.0394 7244 ti21sony (dcd46a3fc856167fd985507492ae610a) C:\Windows\system32\drivers\ti21sony.sys
2011/02/09 15:22:31.0632 7244 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/02/09 15:22:31.0700 7244 tunmp (a858917785681743c512950fdfa14db7) C:\Windows\system32\DRIVERS\tunmp.sys
2011/02/09 15:22:31.0782 7244 tunnel (29f1d1d888ee61d20d5662e72aa34129) C:\Windows\system32\DRIVERS\tunnel.sys
2011/02/09 15:22:31.0987 7244 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/02/09 15:22:32.0038 7244 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
2011/02/09 15:22:32.0132 7244 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/02/09 15:22:32.0168 7244 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/02/09 15:22:32.0333 7244 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/02/09 15:22:32.0376 7244 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/02/09 15:22:32.0415 7244 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
2011/02/09 15:22:32.0473 7244 usbccgp (05bca54c08783cd8e5f66b918672c465) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/02/09 15:22:32.0803 7244 USBCCID (68ab390b18a743aab32c669167aa6a61) C:\Windows\system32\DRIVERS\usbccid.sys
2011/02/09 15:22:32.0858 7244 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/02/09 15:22:32.0936 7244 usbehci (2eb960b1d4d3955d6869828a795b4942) C:\Windows\system32\DRIVERS\usbehci.sys
2011/02/09 15:22:33.0124 7244 usbhub (eb2ae90cf43f490f4832669d7f84e7da) C:\Windows\system32\DRIVERS\usbhub.sys
2011/02/09 15:22:33.0164 7244 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/02/09 15:22:33.0188 7244 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\DRIVERS\usbprint.sys
2011/02/09 15:22:33.0311 7244 usbscan (b1f95285c08ddfe00c0b955462637ec7) C:\Windows\system32\DRIVERS\usbscan.sys
2011/02/09 15:22:33.0452 7244 USBSTOR (fdbaabf07244c60b0f4e0a6e71a107c6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/02/09 15:22:33.0503 7244 usbuhci (1b3f9bbb6f3cd76745759ef8e0c94fab) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/02/09 15:22:33.0776 7244 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/02/09 15:22:33.0836 7244 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
2011/02/09 15:22:33.0917 7244 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/02/09 15:22:33.0954 7244 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/02/09 15:22:34.0084 7244 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
2011/02/09 15:22:34.0134 7244 volmgr (103e84c95832d0ed93507997cc7b54e8) C:\Windows\system32\drivers\volmgr.sys
2011/02/09 15:22:34.0179 7244 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
2011/02/09 15:22:34.0205 7244 volsnap (11ef6c1caef76b685233450a126125d6) C:\Windows\system32\drivers\volsnap.sys
2011/02/09 15:22:34.0377 7244 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/02/09 15:22:34.0466 7244 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/02/09 15:22:34.0506 7244 Wanarp (6e1a5be9a0605f3d932ff35fba2b22b3) C:\Windows\system32\DRIVERS\wanarp.sys
2011/02/09 15:22:34.0557 7244 Wanarpv6 (6e1a5be9a0605f3d932ff35fba2b22b3) C:\Windows\system32\DRIVERS\wanarp.sys
2011/02/09 15:22:34.0712 7244 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/02/09 15:22:34.0807 7244 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys
2011/02/09 15:22:35.0038 7244 WimFltr (c8d53a13e867d5a7eafb19400016560f) C:\Windows\system32\DRIVERS\wimfltr.sys
2011/02/09 15:22:35.0127 7244 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
2011/02/09 15:22:35.0354 7244 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
2011/02/09 15:22:35.0485 7244 WpdUsb (2d27171b16a577ef14c1273668753485) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/02/09 15:22:35.0520 7244 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
2011/02/09 15:22:35.0765 7244 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/02/09 15:22:35.0898 7244 yukonwlh (69222091b6285906aff82e43681cf826) C:\Windows\system32\DRIVERS\yk60x86.sys
2011/02/09 15:22:36.0051 7244 \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/02/09 15:22:36.0058 7244 ================================================================================
2011/02/09 15:22:36.0058 7244 Scan finished
2011/02/09 15:22:36.0058 7244 ================================================================================
2011/02/09 15:22:36.0082 8616 Detected object count: 1
2011/02/09 15:22:59.0315 8616 \HardDisk0 - will be cured after reboot
2011/02/09 15:22:59.0373 8616 Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Cure
2011/02/09 15:23:08.0930 0624 Deinitialize success

Woohoo! Perfect . That's cured a rootkit. Can you try ComboFix once more

Wa-Bam. Beautiful pieces of software. thanks very much

ComboFix 11-02-09.02 - u 02/09/2011 16:05:33.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1014.371 [GMT -5:00]
Running from: c:\users\u\Desktop\commy.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\pswi_preloaded.exe
c:\users\u\AppData\Roaming\Adobe\AdobeUpdate .exe
c:\users\u\AppData\Roaming\Adobe\plugs
c:\users\u\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tool

.
((((((((((((((((((((((((( Files Created from 2011-01-09 to 2011-02-09 )))))))))))))))))))))))))))))))
.

2011-02-09 21:13 . 2011-02-09 21:14 -------- d-----w- c:\users\u\AppData\Local\temp
2011-02-09 21:13 . 2011-02-09 21:13 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-02-09 21:13 . 2011-02-09 21:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-09 20:34 . 2011-02-09 20:34 -------- d--h--w- c:\programdata\CanonBJ
2011-02-08 05:17 . 2011-02-08 05:19 -------- d-----w- C:\commy
2011-02-07 20:17 . 2010-02-04 15:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2011-02-07 20:17 . 2010-02-04 15:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2011-02-07 20:17 . 2010-02-04 15:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2011-02-07 20:17 . 2010-02-04 15:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2011-02-07 20:17 . 2009-09-04 22:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2011-02-07 20:17 . 2009-09-04 22:44 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2011-02-07 20:17 . 2009-09-04 22:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2011-02-07 20:17 . 2009-09-04 22:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2011-02-07 20:17 . 2009-09-04 22:29 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2011-02-07 20:17 . 2009-09-04 22:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-02-07 20:17 . 2009-09-04 22:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2011-02-07 20:15 . 2009-03-16 19:18 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
2011-02-07 20:15 . 2009-03-16 19:18 235352 ----a-w- c:\windows\system32\xactengine3_4.dll
2011-02-07 20:15 . 2009-03-16 19:18 22360 ----a-w- c:\windows\system32\X3DAudio1_6.dll
2011-02-07 20:14 . 2011-02-07 20:14 -------- d-----w- c:\program files\Microsoft XNA
2011-02-07 19:48 . 2011-02-07 19:48 -------- d-----w- c:\users\u\AppData\Roaming\DivX
2011-02-03 05:17 . 2011-02-03 05:17 -------- d-----w- c:\program files\Ubi Soft
2011-02-03 05:04 . 2011-01-13 08:37 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-02-03 05:04 . 2011-01-13 08:41 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-02-03 05:04 . 2011-01-13 08:37 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-02-03 05:04 . 2011-01-13 08:40 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-02-03 05:04 . 2011-01-13 08:37 51280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-02-03 05:04 . 2011-01-13 08:47 38848 ----a-w- c:\windows\avastSS.scr
2011-02-03 05:04 . 2011-01-13 08:47 188216 ----a-w- c:\windows\system32\aswBoot.exe
2011-02-03 05:04 . 2011-02-03 05:04 -------- d-----w- c:\programdata\Alwil Software
2011-02-03 05:04 . 2011-02-03 05:04 -------- d-----w- c:\program files\Alwil Software
2011-01-31 06:25 . 2011-01-31 16:30 -------- d-----w- c:\programdata\hMdGiFp06511
2011-01-29 20:57 . 2009-03-18 21:35 26176 ---ha-w- c:\windows\system32\hamachi.sys
2011-01-29 20:56 . 2011-01-29 20:56 -------- d-----w- c:\program files\LogMeIn Hamachi
2011-01-24 21:19 . 2010-12-20 23:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-24 21:19 . 2011-01-24 21:19 -------- d-----w- c:\programdata\Malwarebytes
2011-01-24 21:18 . 2011-01-24 21:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-24 21:18 . 2010-12-20 23:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-16 03:07 . 2011-01-16 03:07 -------- d-----w- c:\users\u\AppData\Local\LucasArts

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2003-03-19 01:20 . 2010-10-06 20:16 1060864 ----a-w- c:\program files\mozilla firefox\plugins\mfc71.dll
2003-02-21 08:42 . 2010-10-06 20:16 348160 ----a-w- c:\program files\mozilla firefox\plugins\msvcr71.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-11-17 1232896]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"Steam"="c:\program files\Steam\Steam.exe" [2011-01-20 1242448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-02-05 4317184]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-01-23 98304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-01-23 106496]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-01-23 81920]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2006-11-13 118784]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-01-23 321656]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-05-07 210216]
"acevents"="c:\program files\ActivIdentity\ActivClient\acevents.exe" [2009-06-03 153640]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2009-06-03 400936]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-12-06 1910152]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
ActivClient Agent.lnk - c:\program files\ActivIdentity\ActivClient\acsagent.exe [2009-6-3 130600]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [2000-1-21 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-02-13 23:19 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IsDrv122.sys]
@=""

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
backup=c:\windows\pss\QuickBooks Update Agent.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^u^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GameSpot Download Manager.lnk]
path=c:\users\u\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameSpot Download Manager.lnk
backup=c:\windows\pss\GameSpot Download Manager.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickBooks Simple Start]
2007-01-31 04:59 371712 ----a-w- c:\program files\Intuit\SimpleStartEntice\entice.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2007-02-24 17:34 77824 ----a-w- c:\program files\Java\jre1.6.0\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng]
2008-01-30 00:38 583048 ----a-w- c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIOSecurity]
2006-11-28 22:30 2150400 ----a-w- c:\program files\Sony\VAIO Security Center\VSC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIOSurvey]
2006-12-07 00:08 577536 ----a-w- c:\program files\Sony\VAIO Survey\Vista VAIO Survey.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
R3 SCR3XX2K;SCR3xx USB SmartCardReader;c:\windows\system32\DRIVERS\SCR3XX2K.sys [2010-01-07 57856]
R3 SynasUSB;SynasUSB;c:\windows\system32\drivers\SynasUSB.sys [2006-11-23 18432]
R3 TASCAM_US122144;TASCAM USB 2.0 Audio Device driver;c:\windows\system32\Drivers\tascusb2.sys [2008-07-26 367616]
R3 TASCAM_US144_MIDI;TASCAM US-144 WDM MIDI Device;c:\windows\system32\drivers\tscusb2m.sys [2008-07-26 18944]
R3 TASCAM_US144_WDM;TASCAM US-144 WDM;c:\windows\system32\drivers\tscusb2a.sys [2008-07-26 33792]
R3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-01-10 745472]
R3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-01-09 397312]
R3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-01-16 1089536]
S1 aswSP;aswSP; [x]
S2 ac.sharedstore;ActivIdentity Shared Store Service;c:\program files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 207400]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-01-13 51280]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2010-12-06 1238408]
S2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-01-31 28933976]
S3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-02-08 807424]


--- Other Services/Drivers In Memory ---

*Deregistered* - klmd25
.
Contents of the 'Scheduled Tasks' folder

2008-12-30 c:\windows\Tasks\Vaio Service Utility.job
- c:\program files\Sony\Vaio Service Utility\VAIO-SU.exe [2007-02-16 12:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.sony.com/vaiopeople
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\8mmbyxhp.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox
FF - prefs.js: network.proxy.type - 4
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-ccApp - c:\program files\Common Files\Symantec Shared\ccApp.exe
AddRemove-Free PDF to Word Doc Converter_is1 - c:\program files\Free PDF to Word Doc Converter\unins000.exe
AddRemove-Freedom Fighters Demo - c:\progra~1\EAGAME~1\FREEDO~1\UNWISE.EXE
AddRemove-{7585478E9D9B42108671C12F8714CEFE} - c:\program files\DivX\DivXConverterUninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-09 16:14
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


c:\users\u\AppData\Local\Temp\catchme.dll 53248 bytes executable

scan completed successfully
hidden files: 1

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-3090746094-3283488223-3727284219-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:26,c4,81,60,e4,93,81,b5,88,1c,95,10,85,11,26,0b,fe,b6,97,47,ed,06,b7,
9d,a1,24,cd,5b,60,5f,65,34,bd,c5,25,d7,c4,a4,2c,d1,da,44,30,83,4e,d9,7f,cf,\
"??"=hex:28,ce,cb,36,3b,0c,e9,95,36,1a,07,a1,20,6d,17,94

[HKEY_USERS\S-1-5-21-3090746094-3283488223-3727284219-1005\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:4f,61,15,5d,0c,e3,5d,d3,e9,9a,3a,ef,10,68,a5,ff,1a,65,46,3c,b9,
b3,bb,14,cd,f1,19,72,2a,0b,72,3f,74,08,b0,45,e4,82,bc,c9,26,61,51,6b,d8,57,\
"rkeysecu"=hex:06,67,28,6a,87,33,18,e1,8a,2e,5b,bc,4c,31,b5,be

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2011-02-09 16:16:46
ComboFix-quarantined-files.txt 2011-02-09 21:16
ComboFix2.txt 2010-02-19 00:30

Pre-Run: 29,311,352,832 bytes free
Post-Run: 33,591,818,240 bytes free

- - End Of File - - 3D16172D7547324860EBFE9CDF3DC781

Hi,

Wa-Bam. Beautiful pieces of software.

Indeed they are but just a word of warning: They should not be run without the guidance of an expert trained in its use.

Re-running ComboFix to remove infections:

1. Close any open browsers.
   
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
   
3. Open notepad and copy/paste the text in the quotebox below into it:
   

   
   File::
   c:\users\u\AppData\Local\Temp\catchme.dll
   
   Registry::
   [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IsDrv122.sys]
   

4. Save this as CFScript.txt, in the same location as ComboFix.exe
   
   
   
   
5. Referring to the picture above, drag CFScript into ComboFix.exe
   
6. When finished, it shall produce a log for you at C:\ComboFix.txt
   
7. Please post the contents of the log in your next reply.

ComboFix 11-02-09.02 - u 02/09/2011 21:44:48.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1014.360 [GMT -5:00]
Running from: c:\users\u\Desktop\commy.exe
Command switches used :: c:\users\u\Desktop\CFScript.txt

FILE ::
"c:\users\u\AppData\Local\Temp\catchme.dll"
.

((((((((((((((((((((((((( Files Created from 2011-01-10 to 2011-02-10 )))))))))))))))))))))))))))))))
.

2011-02-10 02:52 . 2011-02-10 02:52 -------- d-----w- c:\users\u\AppData\Local\temp
2011-02-10 02:52 . 2011-02-10 02:52 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-02-10 02:52 . 2011-02-10 02:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-09 20:34 . 2011-02-09 20:34 -------- d--h--w- c:\programdata\CanonBJ
2011-02-08 05:17 . 2011-02-08 05:19 -------- d-----w- C:\commy
2011-02-07 20:17 . 2010-02-04 15:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2011-02-07 20:17 . 2010-02-04 15:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2011-02-07 20:17 . 2010-02-04 15:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2011-02-07 20:17 . 2010-02-04 15:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2011-02-07 20:17 . 2009-09-04 22:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2011-02-07 20:17 . 2009-09-04 22:44 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2011-02-07 20:17 . 2009-09-04 22:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2011-02-07 20:17 . 2009-09-04 22:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2011-02-07 20:17 . 2009-09-04 22:29 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2011-02-07 20:17 . 2009-09-04 22:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-02-07 20:17 . 2009-09-04 22:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2011-02-07 20:15 . 2009-03-16 19:18 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
2011-02-07 20:15 . 2009-03-16 19:18 235352 ----a-w- c:\windows\system32\xactengine3_4.dll
2011-02-07 20:15 . 2009-03-16 19:18 22360 ----a-w- c:\windows\system32\X3DAudio1_6.dll
2011-02-07 20:14 . 2011-02-07 20:14 -------- d-----w- c:\program files\Microsoft XNA
2011-02-07 19:48 . 2011-02-07 19:48 -------- d-----w- c:\users\u\AppData\Roaming\DivX
2011-02-03 05:17 . 2011-02-03 05:17 -------- d-----w- c:\program files\Ubi Soft
2011-02-03 05:04 . 2011-01-13 08:37 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-02-03 05:04 . 2011-01-13 08:41 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-02-03 05:04 . 2011-01-13 08:37 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-02-03 05:04 . 2011-01-13 08:40 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-02-03 05:04 . 2011-01-13 08:37 51280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-02-03 05:04 . 2011-01-13 08:47 38848 ----a-w- c:\windows\avastSS.scr
2011-02-03 05:04 . 2011-01-13 08:47 188216 ----a-w- c:\windows\system32\aswBoot.exe
2011-02-03 05:04 . 2011-02-03 05:04 -------- d-----w- c:\programdata\Alwil Software
2011-02-03 05:04 . 2011-02-03 05:04 -------- d-----w- c:\program files\Alwil Software
2011-01-31 06:25 . 2011-01-31 16:30 -------- d-----w- c:\programdata\hMdGiFp06511
2011-01-29 20:57 . 2009-03-18 21:35 26176 ---ha-w- c:\windows\system32\hamachi.sys
2011-01-24 21:19 . 2010-12-20 23:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-24 21:19 . 2011-01-24 21:19 -------- d-----w- c:\programdata\Malwarebytes
2011-01-24 21:18 . 2011-01-24 21:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-24 21:18 . 2010-12-20 23:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-16 03:07 . 2011-01-16 03:07 -------- d-----w- c:\users\u\AppData\Local\LucasArts

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2003-03-19 01:20 . 2010-10-06 20:16 1060864 ----a-w- c:\program files\mozilla firefox\plugins\mfc71.dll
2003-02-21 08:42 . 2010-10-06 20:16 348160 ----a-w- c:\program files\mozilla firefox\plugins\msvcr71.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-11-17 1232896]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"Steam"="c:\program files\Steam\Steam.exe" [2011-01-20 1242448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-02-05 4317184]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-01-23 98304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-01-23 106496]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-01-23 81920]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2006-11-13 118784]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-01-23 321656]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-05-07 210216]
"acevents"="c:\program files\ActivIdentity\ActivClient\acevents.exe" [2009-06-03 153640]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2009-06-03 400936]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
ActivClient Agent.lnk - c:\program files\ActivIdentity\ActivClient\acsagent.exe [2009-6-3 130600]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [2000-1-21 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-02-13 23:19 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IsDrv122.sys]
@=""

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
backup=c:\windows\pss\QuickBooks Update Agent.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^u^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GameSpot Download Manager.lnk]
path=c:\users\u\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameSpot Download Manager.lnk
backup=c:\windows\pss\GameSpot Download Manager.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickBooks Simple Start]
2007-01-31 04:59 371712 ----a-w- c:\program files\Intuit\SimpleStartEntice\entice.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2007-02-24 17:34 77824 ----a-w- c:\program files\Java\jre1.6.0\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIOSecurity]
2006-11-28 22:30 2150400 ----a-w- c:\program files\Sony\VAIO Security Center\VSC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIOSurvey]
2006-12-07 00:08 577536 ----a-w- c:\program files\Sony\VAIO Survey\Vista VAIO Survey.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
R3 SCR3XX2K;SCR3xx USB SmartCardReader;c:\windows\system32\DRIVERS\SCR3XX2K.sys [2010-01-07 57856]
R3 SynasUSB;SynasUSB;c:\windows\system32\drivers\SynasUSB.sys [2006-11-23 18432]
R3 TASCAM_US122144;TASCAM USB 2.0 Audio Device driver;c:\windows\system32\Drivers\tascusb2.sys [2008-07-26 367616]
R3 TASCAM_US144_MIDI;TASCAM US-144 WDM MIDI Device;c:\windows\system32\drivers\tscusb2m.sys [2008-07-26 18944]
R3 TASCAM_US144_WDM;TASCAM US-144 WDM;c:\windows\system32\drivers\tscusb2a.sys [2008-07-26 33792]
R3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-01-10 745472]
R3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-01-09 397312]
R3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-01-16 1089536]
S1 aswSP;aswSP; [x]
S2 ac.sharedstore;ActivIdentity Shared Store Service;c:\program files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 207400]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-01-13 51280]
S2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-01-31 28933976]
S3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-02-08 807424]


--- Other Services/Drivers In Memory ---

*Deregistered* - klmd25
.
Contents of the 'Scheduled Tasks' folder

2008-12-30 c:\windows\Tasks\Vaio Service Utility.job
- c:\program files\Sony\Vaio Service Utility\VAIO-SU.exe [2007-02-16 12:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.sony.com/vaiopeople
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\8mmbyxhp.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox
FF - prefs.js: network.proxy.type - 4
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-Symantec PIF AlertEng - c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-09 21:52
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-3090746094-3283488223-3727284219-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:26,c4,81,60,e4,93,81,b5,88,1c,95,10,85,11,26,0b,fe,b6,97,47,ed,06,b7,
9d,a1,24,cd,5b,60,5f,65,34,bd,c5,25,d7,c4,a4,2c,d1,da,44,30,83,4e,d9,7f,cf,\
"??"=hex:28,ce,cb,36,3b,0c,e9,95,36,1a,07,a1,20,6d,17,94

[HKEY_USERS\S-1-5-21-3090746094-3283488223-3727284219-1005\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:4f,61,15,5d,0c,e3,5d,d3,e9,9a,3a,ef,10,68,a5,ff,1a,65,46,3c,b9,
b3,bb,14,cd,f1,19,72,2a,0b,72,3f,74,08,b0,45,e4,82,bc,c9,26,61,51,6b,d8,57,\
"rkeysecu"=hex:06,67,28,6a,87,33,18,e1,8a,2e,5b,bc,4c,31,b5,be

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2011-02-09 21:55:12
ComboFix-quarantined-files.txt 2011-02-10 02:55
ComboFix2.txt 2011-02-09 21:16
ComboFix3.txt 2010-02-19 00:30

Pre-Run: 42,935,261,184 bytes free
Post-Run: 42,700,863,488 bytes free

- - End Of File - - BA3143AC9C3BF7E2E2980BA07E68A99D

Hi,

There was a syntax error in my script. My apologies.

Re-running ComboFix to remove infections:

1. Close any open browsers.
   
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
   
3. Open notepad and copy/paste the text in the quotebox below into it:
   

   
   Registry::
   [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IsDrv122.sys]
   

4. Save this as CFScript.txt, in the same location as ComboFix.exe
   
   
   
   
5. Referring to the picture above, drag CFScript into ComboFix.exe
   
6. When finished, it shall produce a log for you at C:\ComboFix.txt
   
7. Please post the contents of the log in your next reply.

ComboFix 11-02-09.02 - u 02/10/2011 11:49:10.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1014.529 [GMT -5:00]
Running from: c:\users\u\Desktop\commy.exe
Command switches used :: c:\users\u\Desktop\CFScript.txt
.

((((((((((((((((((((((((( Files Created from 2011-01-10 to 2011-02-10 )))))))))))))))))))))))))))))))
.

2011-02-10 16:57 . 2011-02-10 16:57 -------- d-----w- c:\users\u\AppData\Local\temp
2011-02-10 16:57 . 2011-02-10 16:57 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-02-10 16:57 . 2011-02-10 16:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-10 04:15 . 2011-02-10 04:15 -------- d-----w- c:\programdata\Trymedia
2011-02-09 20:34 . 2011-02-09 20:34 -------- d--h--w- c:\programdata\CanonBJ
2011-02-08 05:17 . 2011-02-08 05:19 -------- d-----w- C:\commy
2011-02-07 20:17 . 2010-02-04 15:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2011-02-07 20:17 . 2010-02-04 15:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2011-02-07 20:17 . 2010-02-04 15:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2011-02-07 20:17 . 2010-02-04 15:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2011-02-07 20:17 . 2009-09-04 22:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2011-02-07 20:17 . 2009-09-04 22:44 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2011-02-07 20:17 . 2009-09-04 22:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2011-02-07 20:17 . 2009-09-04 22:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2011-02-07 20:17 . 2009-09-04 22:29 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2011-02-07 20:17 . 2009-09-04 22:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-02-07 20:17 . 2009-09-04 22:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2011-02-07 20:15 . 2009-03-16 19:18 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
2011-02-07 20:15 . 2009-03-16 19:18 235352 ----a-w- c:\windows\system32\xactengine3_4.dll
2011-02-07 20:15 . 2009-03-16 19:18 22360 ----a-w- c:\windows\system32\X3DAudio1_6.dll
2011-02-07 20:14 . 2011-02-07 20:14 -------- d-----w- c:\program files\Microsoft XNA
2011-02-07 19:48 . 2011-02-07 19:48 -------- d-----w- c:\users\u\AppData\Roaming\DivX
2011-02-03 05:17 . 2011-02-03 05:17 -------- d-----w- c:\program files\Ubi Soft
2011-02-03 05:04 . 2011-01-13 08:37 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-02-03 05:04 . 2011-01-13 08:41 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-02-03 05:04 . 2011-01-13 08:37 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-02-03 05:04 . 2011-01-13 08:40 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-02-03 05:04 . 2011-01-13 08:37 51280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-02-03 05:04 . 2011-01-13 08:47 38848 ----a-w- c:\windows\avastSS.scr
2011-02-03 05:04 . 2011-01-13 08:47 188216 ----a-w- c:\windows\system32\aswBoot.exe
2011-02-03 05:04 . 2011-02-03 05:04 -------- d-----w- c:\programdata\Alwil Software
2011-02-03 05:04 . 2011-02-03 05:04 -------- d-----w- c:\program files\Alwil Software
2011-01-31 06:25 . 2011-01-31 16:30 -------- d-----w- c:\programdata\hMdGiFp06511
2011-01-29 20:57 . 2009-03-18 21:35 26176 ---ha-w- c:\windows\system32\hamachi.sys
2011-01-24 21:19 . 2010-12-20 23:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-24 21:19 . 2011-01-24 21:19 -------- d-----w- c:\programdata\Malwarebytes
2011-01-24 21:18 . 2011-01-24 21:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-24 21:18 . 2010-12-20 23:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-16 03:07 . 2011-01-16 03:07 -------- d-----w- c:\users\u\AppData\Local\LucasArts

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2003-03-19 01:20 . 2010-10-06 20:16 1060864 ----a-w- c:\program files\mozilla firefox\plugins\mfc71.dll
2003-02-21 08:42 . 2010-10-06 20:16 348160 ----a-w- c:\program files\mozilla firefox\plugins\msvcr71.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-11-17 1232896]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"Steam"="c:\program files\Steam\Steam.exe" [2011-01-20 1242448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-02-05 4317184]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-01-23 98304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-01-23 106496]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-01-23 81920]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2006-11-13 118784]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-01-23 321656]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-05-07 210216]
"acevents"="c:\program files\ActivIdentity\ActivClient\acevents.exe" [2009-06-03 153640]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2009-06-03 400936]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
ActivClient Agent.lnk - c:\program files\ActivIdentity\ActivClient\acsagent.exe [2009-6-3 130600]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [2000-1-21 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-02-13 23:19 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
backup=c:\windows\pss\QuickBooks Update Agent.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^u^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GameSpot Download Manager.lnk]
path=c:\users\u\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameSpot Download Manager.lnk
backup=c:\windows\pss\GameSpot Download Manager.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickBooks Simple Start]
2007-01-31 04:59 371712 ----a-w- c:\program files\Intuit\SimpleStartEntice\entice.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2007-02-24 17:34 77824 ----a-w- c:\program files\Java\jre1.6.0\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIOSecurity]
2006-11-28 22:30 2150400 ----a-w- c:\program files\Sony\VAIO Security Center\VSC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIOSurvey]
2006-12-07 00:08 577536 ----a-w- c:\program files\Sony\VAIO Survey\Vista VAIO Survey.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
R2 ac.sharedstore;ActivIdentity Shared Store Service;c:\program files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 207400]
R3 SCR3XX2K;SCR3xx USB SmartCardReader;c:\windows\system32\DRIVERS\SCR3XX2K.sys [2010-01-07 57856]
R3 SynasUSB;SynasUSB;c:\windows\system32\drivers\SynasUSB.sys [2006-11-23 18432]
R3 TASCAM_US122144;TASCAM USB 2.0 Audio Device driver;c:\windows\system32\Drivers\tascusb2.sys [2008-07-26 367616]
R3 TASCAM_US144_MIDI;TASCAM US-144 WDM MIDI Device;c:\windows\system32\drivers\tscusb2m.sys [2008-07-26 18944]
R3 TASCAM_US144_WDM;TASCAM US-144 WDM;c:\windows\system32\drivers\tscusb2a.sys [2008-07-26 33792]
R3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-01-10 745472]
R3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-01-09 397312]
R3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-01-16 1089536]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-01-13 51280]
S2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-01-31 28933976]
S3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-02-08 807424]

.
Contents of the 'Scheduled Tasks' folder

2008-12-30 c:\windows\Tasks\Vaio Service Utility.job
- c:\program files\Sony\Vaio Service Utility\VAIO-SU.exe [2007-02-16 12:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.sony.com/vaiopeople
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\8mmbyxhp.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox
FF - prefs.js: network.proxy.type - 4
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-10 11:57
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-3090746094-3283488223-3727284219-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:26,c4,81,60,e4,93,81,b5,88,1c,95,10,85,11,26,0b,fe,b6,97,47,ed,06,b7,
9d,a1,24,cd,5b,60,5f,65,34,bd,c5,25,d7,c4,a4,2c,d1,da,44,30,83,4e,d9,7f,cf,\
"??"=hex:28,ce,cb,36,3b,0c,e9,95,36,1a,07,a1,20,6d,17,94

[HKEY_USERS\S-1-5-21-3090746094-3283488223-3727284219-1005\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:4f,61,15,5d,0c,e3,5d,d3,e9,9a,3a,ef,10,68,a5,ff,1a,65,46,3c,b9,
b3,bb,14,cd,f1,19,72,2a,0b,72,3f,74,08,b0,45,e4,82,bc,c9,26,61,51,6b,d8,57,\
"rkeysecu"=hex:06,67,28,6a,87,33,18,e1,8a,2e,5b,bc,4c,31,b5,be

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2011-02-10 11:59:50
ComboFix-quarantined-files.txt 2011-02-10 16:59
ComboFix2.txt 2011-02-10 02:55
ComboFix3.txt 2011-02-09 21:16
ComboFix4.txt 2010-02-19 00:30

Pre-Run: 41,034,205,184 bytes free
Post-Run: 41,007,388,672 bytes free

- - End Of File - - 4FFFE9338F8588AB72DC6DFB94040729

Awesome. How's your machine running now?

absolutely beautifully. you guys are solid gold. My donation is inbound. thanks again

Great to hear!!

Congratulations!! Your PC is all clean!
To uninstall ComboFix

• Click the Start button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane.
  
• In the field, type in ComboFix /uninstall

(Note: Make sure there's a space between the word ComboFix and the forward-slash.)

• Then, press Enter, or click OK.
  
• This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore.

There are many things you can do to keep this from happening again. You can think of a computer like a car. It requires basic maintenance to keep in tip top shape and ready to go. Would you drive your car 100,000 miles without changing the oil? The same principle applies here.

Cleaning

Now that your PC is free of malware, it is important to clean up your PC. There are several good free cleaners available. You should make sure to clean up your temp files regularly, at least once a week.

ATF Cleaner
CCleaner

Defragmenting Your Hard Disk

Over time your PC can become fragmented, Windows comes with a defragmenting utility, however, it is very slow, and there are other options available.

To use the defragmenter included with Windows either go to Start/Run and type dfrg.msc, hit enter; or
right-click My Computer, choose Manage, Storage, Disk Defragmenter.

In the Defragmenter utility, select your main partition/HD, generally C:\ and select analyze . The analysis report will tell you whether or not your disk needs to be defragmented, if it does, click defragment. Be patient, this can take a long time.

Repeat for multiple partitions/hard disks.

System Restore Cleanup Instructions

If you are using Windows ME or XP then it is good to disable and re-enable system restore to make sure there are no infected files left in a restore point. (All restore points will be deleted that way)
You can find instructions on how to disable and re-enable system restore here:

Windows ME System Restore Guide

Windows XP System Restore Guide

Reading Tip:
Computer Health
Keep Your System Updated

Microsoft releases patches for Windows and Office products regularly to patch up Windows and Office products loopholes and fix any bugs found. Please ensure that you visit the following websites regularly or do update your system regularly.

Install the updates immediately, if they are found. Reboot your computer if necessary, revisit Windows Update and Office update sites until there are no more updates to be installed.

To update Windows and office

Go to Start > All Programs > Microsoft Update

Alternatively, you can visit the link below to update Windows and Office products.

Microsoft Update

If you are forgetful, you can change some settings so that you will be informed of updates. Here's how:

1. Go to Start > Control Panel > Automatic Updates
2. Select Automatic (recommended) radio button if you want the updates to be downloaded and installed without prompting you.
3. Select Download updates for me, but let me chose when to install them radio button if you want the updates to be downloaded automatically but to be installed at another time.4. Select Notify me but don't automatically download or install them radio button if you want to be notified of the updates.

Please make sure that you update your antivirus, firewall and anti-spyware programs at least once a week.

Be careful when opening attachments and downloading files.

1. Never open email attachments, not even if they are from someone you know. If you need to open them, scan them with your antivirus program before opening.
2. Never open emails from unknown senders.
3. Beware of emails that warn about viruses that are spreading, especially those from antivirus vendors. These are called hoaxes. The email addresses used in the hoaxes can be easily spoofed. Check the antivirus vendor websites to be sure.
4. Be careful of what you download. Only download files from known sources. Also, avoid cracked programs. If you need a particular program that costs too much for you, try finding free alternatives on Sourceforge or Pricelessware.

Surf safely

Many security exploits on websites are directed to users of Internet Explorer and Firefox.

If you use Firefox, try the No-script Add On - which, by default, disables all scripts on all websites. If you trust the website, you can manually allow scripts to work.

Backup regularly

You never know when your PC will become unstable or become so infected that you can't recover it. Follow this Microsoft Article to learn how to backup. Follow This Article by Microsoft to restore your backups.

Alternatively, you can use 3rd-party programs to back up your data. Examples of these can be found at
Bleeping Computer

Avoid P2P

I see you have P2P software installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It is certainly contributing to your current situation.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

I would strongly recommend that you uninstall them, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.

Prevent A Re-infection

1. Winpatrol

Winpatrol is a heuristic protection program, meaning it looks for patterns in codes that work like malware. It also takes a snapshot of your system's critical resources and alerts you to any changes that may occur without you knowing. You can read more about Winpatrol's features Here

You can get a Free Copy of Winpatrol or use the Plus Version for more features.

You can read Win Patrol FAQ if you run into problems.

2. Hosts File

A Hosts file is like a phone book. You look up someone's name in the phone book before calling him/her. Similarly, your PC will look up the website's IP address before you can view the website.

Hosts file will replace your current Hosts file with another one containing well-known advertisement sites, spyware sites and other bad sites. This new Hosts file will protect you by re-directing these bad sites to 127.0.0.1.

Here are some Hosts files:
MVPS Hosts File
Blue Tack’s Hosts File
Blue Tack’s Hosts Manager

3. Spybot Search and Destroy

Spybot Search & Destroy is another program for scanning spyware and adware. You are strongly encouraged to run a scan at least once per week.

Spybot Search & Destroy can be downloaded from here.

If you need help in using Spybot Search & Destroy, you can read Spybot Search and Destroy tutorial at Bleeping Computer.

4. SiteHound Toolbar

SiteHound is a toolbar that warns you if you go to a site that is known to scam people, that has potentially lots of viruses or spyware or other questionable content. If you know the site, you can enter it; if you don't, it will bring you back to the previous page. Currently, SiteHound works for Internet Explorer and Firefox only.

====

Stand Up and Be Counted ---> Malware Complaints<--- where you can make difference!

The site offers people who have been (or are) victims of malware the opportunity to document their story and, in that way, launch a complaint against the malware and the makers of the malware.
============================================================
See this page for more info about malware and prevention.
Thank you for choosing GeekPolice. Please see this page if you would like to leave feedback or contribute to our site.
Before the thread is archived, do you have any more questions?

Happy surfing and stay clean!