dhmalick

DDS (Ver_09-12-01.01) - NTFSx86 Run by Owner at 17:26:22.25 on Tue 03/16/2010 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2047.1283 [GMT -5:00] AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\arservice.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS svchost.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\WINDOWS\ARPWRMSG.EXE C:\Program Files\Digital Media Reader\readericon45G.exe C:\WINDOWS\zHotkey.exe C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe C:\PROGRA~1\COMMON~1\AOL\126794~1\EE\AOLHOS~1.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\PROGRA~1\COMMON~1\AOL\126794~1\EE\AOLServiceHost.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\iPod\bin\iPodService.exe C:\Documents and Settings\Owner.YOUR-139C4F05C6\Local Settings\Application Data\ave.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Avira\AntiVir Desktop\avcenter.exe C:\Program Files\Avira\AntiVir Desktop\avscan.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Owner.YOUR-139C4F05C6\My Documents\downloads\Defogger.exe C:\Documents and Settings\Owner.YOUR-139C4F05C6\Local Settings\Temporary Internet Files\Content.IE5\JRLNCEQO\dds[1].com ============== Pseudo HJT Report =============== uSearch Bar = hxxp://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=DTP&M=GT5220 uStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=DTP&M=GT5220 uInternet Settings,ProxyOverride = *.local mSearchAssistant = hxxp://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=DTP&M=GT5220 BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\windows\system32\BAE.dll TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll uRun: [Power2GoExpress] NA uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [ehTray] c:\windows\ehome\ehtray.exe mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup mRun: [AlwaysReady Power Message APP] ARPWRMSG.EXE mRun: [readericon] c:\program files\digital media reader\readericon45G.exe mRun: [CHotkey] zHotkey.exe mRun: [HostManager] c:\program files\common files\aol\1267947654\ee\AOLHostManager.exe mRun: [AOL Spyware Protection] "c:\progra~1\common~1\aol\aolspy~1\AOLSP Scheduler.exe" mRun: [RTHDCPL] RTHDCPL.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [Reminder] %WINDIR%\Creator\Remind_XP.exe mRun: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun mRun: [MSKDetectorExe] c:\program files\mcafee\spamkiller\MSKDetct.exe /uninstall mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\bigfix.lnk - c:\program files\bigfix\bigfix.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Notify: AtiExtEvent - Ati2evxx.dll AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL ============= SERVICES / DRIVERS =============== R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-3-16 11608] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-3-16 108289] R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-3-16 185089] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-3-16 55656] R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-3-7 38224] =============== Created Last 30 ================ 2010-03-16 22:23:48 0 ----a-w- c:\documents and settings\owner.your-139c4f05c6\defogger_reenable 2010-03-16 22:08:41 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-03-16 22:08:38 0 d-----w- c:\program files\Avira 2010-03-16 22:08:38 0 d-----w- c:\docume~1\alluse~1\applic~1\Avira 2010-03-15 22:49:46 296462 ----a-w- c:\windows\~DF56E5.tmp 2010-03-15 21:07:48 296462 ----a-w- c:\windows\~DFBB5A.tmp 2010-03-15 00:44:58 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2010-03-15 00:44:58 107368 ----a-w- c:\windows\system32\GEARAspi.dll 2010-03-15 00:42:35 0 d-----w- c:\program files\iPod 2010-03-15 00:42:30 0 d-----w- c:\program files\iTunes 2010-03-15 00:42:30 0 d-----w- c:\docume~1\alluse~1\applic~1\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2010-03-15 00:42:12 0 d-----w- c:\program files\Bonjour 2010-03-15 00:41:17 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys 2010-03-15 00:41:17 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll 2010-03-10 12:11:40 3555328 -c----w- c:\windows\system32\dllcache\moviemk.exe 2010-03-08 02:36:24 0 d-----w- c:\program files\ATI Technologies 2010-03-08 02:36:21 0 d-----w- c:\program files\ATI 2010-03-08 02:35:23 0 d-----w- C:\ATI 2010-03-08 00:27:57 0 d-----w- c:\windows\system32\CatRoot_bak 2010-03-08 00:27:42 1089601 -c----w- c:\windows\system32\dllcache\ntprint.cat 2010-03-08 00:11:49 701440 ----a-w- c:\windows\system32\cohelper.dll 2010-03-08 00:11:48 6136 ----a-w- c:\windows\system32\drivers\nvphy.bin 2010-03-08 00:11:47 7090 ----a-w- c:\windows\system32\nvnrm.nvu 2010-03-08 00:11:47 485920 ----a-w- c:\windows\system32\nvunrm.exe 2010-03-08 00:07:13 0 d-----w- C:\NVIDIA 2010-03-08 00:00:55 0 d-----w- c:\program files\SystemRequirementsLab 2010-03-07 23:45:49 0 d-----w- c:\docume~1\owner~1.you\applic~1\Blitware 2010-03-07 23:45:46 0 d-----w- c:\program files\Driver Robot 2010-03-07 21:34:41 0 d-----w- c:\windows\system32\XPSViewer 2010-03-07 21:34:11 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2010-03-07 21:34:11 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2010-03-07 21:34:11 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll 2010-03-07 21:34:11 575488 ------w- c:\windows\system32\xpsshhdr.dll 2010-03-07 21:34:11 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll 2010-03-07 21:34:11 1676288 ------w- c:\windows\system32\xpssvcs.dll 2010-03-07 21:34:11 117760 ------w- c:\windows\system32\prntvpt.dll 2010-03-07 21:34:10 0 d-----w- C:\03d7fcfdb7ae82ec03fb8042 2010-03-07 21:31:36 0 d-----w- c:\program files\MSXML 6.0 2010-03-07 19:39:23 0 d-----w- C:\Nostale(UK) 2010-03-07 16:04:12 23040 -c----w- c:\windows\system32\dllcache\fltmc.exe 2010-03-07 16:04:12 16896 -c----w- c:\windows\system32\dllcache\fltlib.dll 2010-03-07 16:04:12 128896 -c----w- c:\windows\system32\dllcache\fltmgr.sys 2010-03-07 15:59:38 0 d-----w- c:\windows\ServicePackFiles 2010-03-07 15:58:17 0 d-----w- c:\program files\MSXML 4.0 2010-03-07 15:54:31 0 d-sh--w- c:\documents and settings\owner.your-139c4f05c6\IECompatCache 2010-03-07 15:53:06 0 d-sh--w- c:\documents and settings\owner.your-139c4f05c6\PrivacIE 2010-03-07 15:52:05 0 d-sh--w- c:\documents and settings\owner.your-139c4f05c6\IETldCache 2010-03-07 15:47:37 0 d-----w- c:\windows\ie8updates 2010-03-07 15:47:23 453760 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2010-03-07 15:47:14 202752 -c----w- c:\windows\system32\dllcache\rmcast.sys 2010-03-07 15:46:50 272128 -c----w- c:\windows\system32\dllcache\bthport.sys 2010-03-07 15:46:50 272128 ------w- c:\windows\system32\drivers\bthport.sys 2010-03-07 15:46:43 153088 -c----w- c:\windows\system32\dllcache\triedit.dll 2010-03-07 15:45:31 470528 -c----w- c:\windows\system32\dllcache\aclayers.dll 2010-03-07 15:45:14 0 dc-h--w- c:\windows\ie8 2010-03-07 15:44:53 69632 -c----w- c:\windows\system32\dllcache\raschap.dll 2010-03-07 15:44:53 112128 -c----w- c:\windows\system32\dllcache\rastls.dll 2010-03-07 15:44:19 82432 -c----w- c:\windows\system32\dllcache\fontsub.dll 2010-03-07 15:42:53 128512 -c----w- c:\windows\system32\dllcache\dhtmled.ocx 2010-03-07 15:42:07 539136 -c----w- c:\windows\system32\dllcache\msftedit.dll 2010-03-07 15:42:07 433152 -c----w- c:\windows\system32\dllcache\riched20.dll 2010-03-07 15:42:05 8454656 -c----w- c:\windows\system32\dllcache\shell32.dll 2010-03-07 15:41:52 45568 -c----w- c:\windows\system32\dllcache\dnsrslvr.dll 2010-03-07 15:41:48 574464 -c----w- c:\windows\system32\dllcache\ntfs.sys 2010-03-07 15:39:31 683520 -c----w- c:\windows\system32\dllcache\inetcomm.dll 2010-03-07 15:38:13 546304 -c----w- c:\windows\system32\dllcache\hhctrl.ocx 2010-03-07 15:37:30 0 d-----w- c:\windows\system32\PreInstall 2010-03-07 15:30:45 664 ----a-w- c:\windows\system32\d3d9caps.dat 2010-03-07 15:30:23 292864 -c----w- c:\windows\system32\dllcache\winsrv.dll 2010-03-07 15:30:20 8192 -c----w- c:\windows\system32\dllcache\rasadhlp.dll 2010-03-07 15:30:14 331776 -c----w- c:\windows\system32\dllcache\msadce.dll 2010-03-07 15:29:50 2142720 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe 2010-03-07 15:29:49 2185984 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe 2010-03-07 15:29:48 2020864 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe 2010-03-07 15:29:47 2063104 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe 2010-03-07 15:29:42 655872 -c----w- c:\windows\system32\dllcache\mstscax.dll 2010-03-07 15:29:29 332800 -c----w- c:\windows\system32\dllcache\netapi32.dll 2010-03-07 15:27:33 0 d-----w- c:\docume~1\owner~1.you\applic~1\McAfee.com Personal Firewall 2010-03-07 15:21:59 69120 -c----w- c:\windows\system32\dllcache\iecompat.dll 2010-03-07 15:21:55 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll 2010-03-07 15:21:55 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll 2010-03-07 15:21:55 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2010-03-07 15:21:55 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2010-03-07 15:21:54 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll 2010-03-07 15:21:52 11070464 -c----w- c:\windows\system32\dllcache\ieframe.dll 2010-03-07 15:21:36 294912 -c----w- c:\windows\system32\dllcache\msctf.dll 2010-03-07 14:41:08 552 ----a-w- c:\windows\system32\d3d8caps.dat 2010-03-07 14:36:13 0 d-----w- c:\docume~1\owner~1.you\applic~1\Malwarebytes 2010-03-07 14:36:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-03-07 14:36:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-03-07 14:36:07 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-03-07 14:36:07 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes 2010-03-07 14:30:58 0 d-----w- c:\docume~1\owner~1.you\applic~1\You've Got Pictures Screensaver 2010-03-07 14:29:41 0 d-----w- c:\windows\system32\SoftwareDistribution 2010-03-07 08:19:48 8192 ----a-w- c:\windows\REGLOCS.OLD 2010-03-07 08:17:46 0 ----a-w- c:\windows\system32\Gateway_GT5220__GCN6B11018492.MRK 2010-03-07 08:17:37 333 ----a-w- c:\windows\system32\$ncsp$.inf 2010-03-07 08:17:26 146650 ----a-w- c:\windows\system32\BuzzingBee.wav 2010-03-07 08:17:25 940794 ----a-w- c:\windows\system32\LoopyMusic.wav 2010-03-07 08:17:09 0 d-----w- c:\windows\system32\Lang 2010-03-07 08:16:51 172416 -c--a-w- c:\windows\system32\dllcache\kmixer.sys 2010-03-07 08:16:51 172416 ----a-w- c:\windows\system32\drivers\kmixer.sys 2010-03-07 08:16:39 52864 -c--a-w- c:\windows\system32\dllcache\dmusic.sys 2010-03-07 08:16:39 52864 ----a-w- c:\windows\system32\drivers\DMusic.sys 2010-03-07 08:15:26 53664 ----a-w- c:\windows\system32\Status.MPF 2010-03-07 08:14:32 54272 ----a-w- c:\windows\system32\drivers\swmidi.sys 2010-03-07 08:14:29 6400 ----a-w- c:\windows\system32\drivers\splitter.sys 2010-03-07 08:12:18 352640 -c--a-w- c:\windows\system32\dllcache\srv.sys 2010-03-07 08:10:15 0 d-----w- c:\program files\McAfee 2010-03-07 08:10:05 0 d-----w- c:\docume~1\alluse~1\applic~1\McAfee.com Personal Firewall 2010-03-07 08:09:37 0 d-----w- c:\docume~1\alluse~1\applic~1\McAfee.com 2010-03-07 07:46:45 82944 -c--a-w- c:\windows\system32\dllcache\wdmaud.sys 2010-03-07 07:46:45 82944 ----a-w- c:\windows\system32\drivers\wdmaud.sys 2010-03-07 07:45:20 2944 ----a-w- c:\windows\system32\drivers\drmkaud.sys 2010-03-07 07:45:19 60800 ----a-w- c:\windows\system32\drivers\sysaudio.sys 2010-03-07 07:45:18 7552 ----a-w- c:\windows\system32\drivers\MSKSSRV.sys 2010-03-07 07:45:17 4992 ----a-w- c:\windows\system32\drivers\MSPQM.sys 2010-03-07 07:45:16 5376 ----a-w- c:\windows\system32\drivers\MSPCLOCK.sys 2010-03-07 07:45:11 23552 ----a-w- c:\windows\system32\jesterss.dll 2010-03-07 07:45:11 1239209 ----a-w- c:\windows\system32\gtw_logo.scr 2010-03-07 07:45:11 1150 ----a-w- c:\windows\system32\gtw.ico 2010-03-07 07:45:11 0 d-----w- c:\program files\gtw_logo 2010-03-07 07:45:08 741376 ----a-w- c:\windows\system32\BigFixSuppress.exe 2010-03-07 07:45:08 741376 ----a-w- c:\windows\system32\BigFixShortcutInStartup.exe 2010-03-07 07:45:06 67072 ----a-w- c:\windows\POWERCFG.EXE 2010-03-07 07:45:06 0 d-----w- c:\program files\AMD Live! 2010-03-07 07:44:42 0 d-----w- c:\program files\Microsoft Money 2006 2010-03-07 07:44:11 453152 ----a-w- c:\windows\system32\nvusmb.exe 2010-03-07 07:44:11 2344 ----a-w- c:\windows\system32\nvsmb.nvu 2010-03-07 07:44:03 485920 ----a-w- c:\windows\system32\NVUNINST.EXE 2010-03-07 07:43:04 0 d-----w- c:\program files\Realtek 2010-03-07 07:42:03 0 d-----w- c:\program files\MSN Encarta Plus 2010-03-07 07:41:52 173184 ----a-w- c:\windows\system32\ygpss.scr 2010-03-07 07:41:52 0 d-----w- c:\program files\common files\Nullsoft 2010-03-07 07:41:27 0 d-----w- c:\program files\common files\Real 2010-03-07 07:41:19 0 d-----w- c:\docume~1\alluse~1\applic~1\Viewpoint 2010-03-07 07:41:18 0 d-----w- c:\program files\Viewpoint 2010-03-07 07:41:17 0 d-----w- c:\docume~1\alluse~1\applic~1\Pure Networks 2010-03-07 07:41:14 0 d-----w- c:\program files\Pure Networks 2010-03-07 07:41:08 0 d-----w- c:\program files\common files\AolCoach 2010-03-07 07:40:52 0 d-----w- c:\program files\common files\aolshare 2010-03-07 07:40:52 0 d-----w- c:\program files\America Online 9.0 2010-03-07 07:40:47 1207 ---ha-w- C:\IPH.PH 2010-03-07 07:40:46 0 d-----w- c:\program files\common files\AOL 2010-03-07 07:40:30 0 d-----w- c:\docume~1\alluse~1\applic~1\Napster 2010-03-07 07:40:27 0 d-----w- c:\program files\Napster 2010-03-07 07:40:07 550912 ----a-w- c:\windows\zHotkey.exe 2010-03-07 07:40:07 4223 ----a-w- c:\windows\mHotkey.reg 2010-03-07 07:40:07 36864 ----a-w- c:\windows\ShowWnd.exe 2010-03-07 07:40:06 532544 ----a-w- c:\windows\PIC.dll 2010-03-07 07:40:06 5280 ----a-w- c:\windows\hotbtnv.vxd 2010-03-07 07:40:06 42040 ----a-w- c:\windows\PatchWnd.exe 2010-03-07 07:40:06 24576 ----a-w- c:\windows\HKNTDLL.dll 2010-03-07 07:40:06 11776 ----a-w- c:\windows\HIDMNT.dll 2010-03-07 07:39:46 4 ----a-w- c:\windows\Pix11.dat 2010-03-07 07:39:18 0 d-----w- c:\program files\Microsoft Digital Image 2006 2010-03-07 07:39:14 89088 ----a-r- c:\windows\system32\atl71.dll 2010-03-07 07:37:57 0 d-----w- c:\docume~1\alluse~1\applic~1\WildTangent 2010-03-07 07:37:53 0 d-----w- c:\windows\wt 2010-03-07 07:37:52 0 d-----w- c:\program files\WildTangent 2010-03-07 07:37:49 0 d-----w- c:\program files\Gateway Games 2010-03-07 07:37:39 20480 ----a-w- c:\windows\system32\Marker32.exe 2010-03-07 07:37:30 49265 ----a-w- c:\windows\system32\jpicpl32.cpl 2010-03-07 07:37:04 2238 ----a-w- c:\windows\system32\32-aol.ico 2010-03-07 07:37:04 1406 ----a-w- c:\windows\system32\16-aol.ico 2010-03-07 07:37:03 94208 ----a-w- c:\windows\system32\bae.dll 2010-03-07 07:36:56 13352 ----a-w- c:\windows\BigFixClientOverride.dll 2010-03-07 07:36:55 0 d-----w- c:\program files\BigFix 2010-03-07 07:35:58 0 d-----w- c:\program files\Digital Media Reader 2010-03-07 07:35:51 0 d-----w- c:\windows\Downloaded Installations 2010-03-07 07:34:56 376 ----a-w- c:\windows\ODBC.INI 2010-03-07 07:34:53 24816 ----a-w- c:\windows\system32\mdimon.dll 2010-03-07 07:34:31 0 d-----w- c:\program files\Microsoft ActiveSync 2010-03-07 07:34:20 0 d-----w- c:\windows\SHELLNEW 2010-03-07 07:33:01 51656 ----a-w- c:\windows\system32\OEMLOGO.bmp 2010-03-07 07:32:56 2 ----a-w- C:\AUDIT_INSTALL_IN_PROGRESS 2010-03-07 07:22:42 0 d-----w- c:\windows\system32\ReinstallBackups 2010-03-07 07:22:41 36864 ----a-w- c:\windows\system32\drivers\AmdK8.sys 2010-03-07 07:22:37 2 --sh--r- C:\USER 2010-03-07 07:22:37 0 ----a-w- C:\REQUEST_OEMRESET_ENDUSER 2010-03-07 07:21:47 0 d-----w- c:\program files\CONEXANT 2010-03-07 07:21:25 17024 ----a-w- c:\windows\system32\drivers\usbohci.sys 2010-03-07 07:19:03 60 ----a-w- c:\windows\system32\SYSDRV.DAT 2010-03-07 07:19:00 0 d-----w- c:\windows\creator 2010-03-07 07:18:14 86016 ----a-w- c:\windows\system32\mdmxsdk.dll 2010-03-07 07:18:14 13059 ----a-w- c:\windows\system32\drivers\mdmxsdk.sys 2010-03-07 07:18:13 705280 ----a-w- c:\windows\system32\drivers\HSF_CNXT.sys 2010-03-07 07:18:13 42858 ----a-w- c:\windows\system32\hsfci014.dll 2010-03-07 07:18:13 221440 ----a-w- c:\windows\system32\drivers\HSFHWBS2.sys 2010-03-07 07:18:13 133221 ----a-w- c:\windows\system32\drivers\HSFProf.cty 2010-03-07 07:18:13 1033600 ----a-w- c:\windows\system32\drivers\HSF_DPV.sys 2010-03-07 07:18:12 0 d-----w- c:\windows\SMINST 2010-03-07 07:18:10 0 d-----w- c:\windows\I386 2010-03-07 07:16:59 74240 ----a-w- c:\windows\system32\usbui.dll 2010-03-07 07:15:57 51712 ----a-w- c:\windows\system32\drivers\tosdvd.sys 2010-03-07 07:04:47 9522 ----a-w- c:\windows\Zapotec.bmp 2010-03-07 07:03:59 98304 ----a-w- c:\windows\system32\rtm.dll 2010-03-07 07:02:59 97280 ----a-w- c:\windows\system32\loadperf.dll 2010-03-07 07:01:59 619008 ----a-w- c:\windows\system32\dx7vb.dll ==================== Find3M ==================== 2010-03-07 07:41:31 8552 ----a-w- c:\windows\system32\drivers\asctrm.sys 2010-02-03 04:52:08 4605952 ----a-w- c:\windows\system32\drivers\ati2mtag.sys 2010-02-03 04:12:26 45056 ----a-w- c:\windows\system32\aticalrt.dll 2010-02-03 04:12:12 45056 ----a-w- c:\windows\system32\aticalcl.dll 2010-02-03 04:10:32 3633152 ----a-w- c:\windows\system32\aticaldd.dll 2010-02-03 04:07:36 311296 ----a-w- c:\windows\system32\atiiiexx.dll 2010-02-03 04:02:40 14188544 ----a-w- c:\windows\system32\atioglxx.dll 2010-02-03 03:50:38 3566048 ----a-w- c:\windows\system32\ati3duag.dll 2010-02-03 03:40:36 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll 2010-02-03 03:39:38 301568 ----a-w- c:\windows\system32\ati2dvag.dll 2010-02-03 03:35:14 2176640 ----a-w- c:\windows\system32\ativvaxx.dll 2010-02-03 03:34:48 887724 ----a-w- c:\windows\system32\ativva6x.dat 2010-02-03 03:32:50 397312 ----a-w- c:\windows\system32\atiok3x2.dll 2010-02-03 03:23:42 208896 ----a-w- c:\windows\system32\atipdlxx.dll 2010-02-03 03:23:24 155648 ----a-w- c:\windows\system32\Oemdspif.dll 2010-02-03 03:23:10 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe 2010-02-03 03:23:00 43520 ----a-w- c:\windows\system32\ati2edxx.dll 2010-02-03 03:22:44 159744 ----a-w- c:\windows\system32\ati2evxx.dll 2010-02-03 03:21:20 602112 ----a-w- c:\windows\system32\ati2evxx.exe 2010-02-03 03:19:52 53248 ----a-w- c:\windows\system32\ATIDDC.DLL 2010-02-03 03:19:02 143360 ----a-w- c:\windows\system32\atiapfxx.exe 2010-02-03 03:18:04 65024 ----a-w- c:\windows\system32\atimpc32.dll 2010-02-03 03:18:04 65024 ----a-w- c:\windows\system32\amdpcom32.dll 2010-02-03 03:17:12 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2010-02-03 03:15:06 565248 ----a-w- c:\windows\system32\atikvmag.dll 2010-02-03 03:12:54 180224 ----a-w- c:\windows\system32\atiadlxx.dll 2010-02-03 03:12:24 17408 ----a-w- c:\windows\system32\atitvo32.dll 2010-02-03 03:06:08 638976 ----a-w- c:\windows\system32\ati2cqag.dll 2009-12-21 19:14:05 916480 ----a-w- c:\windows\system32\wininet.dll ============= FINISH: 17:27:10.46 =============== Attach.zip

I have successfully used Malware Bytes a couple of times to clean out this virus that has appeared in various names. Last night, one of my computers became infected with XP AntiMalware 2010, but MalwareBytes will not clean it. I downloaded a new FixExe.reg and ran it. I updated MalwareBytes and ran it. MalwareBytes found errors that it cleaned the first time. Subsequent scans find nothing. But XP AntiMalware 2010 is still popping up. Can someone please advise? Many thanks.