Help with malware

PleaseHelpMe12 · October 18, 2010

the problem started when i couldnt access the internet so i decided to come here and ask for help. There was no success message.

Elise · October 18, 2010

If you connect to the internet through a router, please reset it (it should have a button to do so on the backside). Usually you need to power off the router and keep the reset button pushed for approx. 10 seconds. If you do not know how to do this, give me the specs of your router or contact your ISP.

PleaseHelpMe12 · October 19, 2010

Is it the computer problem or just the addresses? For some odd reason the details of my connection is 0.0.0.0. Also im not sure if he reseted as i dont have control over the router

Elise · October 19, 2010

Are there more computers connected to the router? If so, can you verify if they have connection problems as well or if everything is fine there.

PleaseHelpMe12 · October 20, 2010

Yes there is one more, but everything is fine.

Elise · October 20, 2010

At this point your best bet (and possibly easiest solution) would be to install Service Pack 3.

You can download it here and transfer it with a CD/Flashdrive to your computer.

PleaseHelpMe12 · October 21, 2010

Ok I have installed SP3 and still no luck. I am thinking that all my addresses were changed by DNSChanger.

Elise · October 21, 2010

Please post me a new OTL quick scan log.

PleaseHelpMe12 · October 22, 2010

OTL logfile created on: 10/21/2010 4:11:58 PM - Run 5

OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\Compaq_Owner\Desktop\New Folder

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

895.00 Mb Total Physical Memory | 434.00 Mb Available Physical Memory | 48.00% Memory free

2.00 Gb Paging File | 2.00 Gb Available in Paging File | 84.00% Paging File free

Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 180.31 Gb Total Space | 99.64 Gb Free Space | 55.26% Space Free | Partition Type: NTFS

Drive D: | 5.99 Gb Total Space | 1.51 Gb Free Space | 25.20% Space Free | Partition Type: FAT32

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: STANLEY

Current User Name: Compaq_Owner

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 90 Days

Output = Standard

Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/10/04 16:04:46 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\New Folder\OTL.exe

PRC - [2010/08/31 23:39:18 | 001,164,584 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe

PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

PRC - [2010/08/06 16:39:33 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe

PRC - [2010/06/25 17:15:32 | 001,311,312 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe

PRC - [2010/06/22 12:09:20 | 000,112,208 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe

PRC - [2010/06/16 15:02:54 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Update\1.2.183.29\GoogleCrashHandler.exe

PRC - [2010/06/14 16:44:38 | 000,719,688 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe

PRC - [2010/06/14 16:42:50 | 001,051,976 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

PRC - [2010/06/01 14:53:46 | 001,093,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe

PRC - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe

PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe

PRC - [2008/07/26 08:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) -- c:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007/10/25 16:33:22 | 000,563,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

PRC - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe

PRC - [2004/10/15 02:50:22 | 000,331,776 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\sistray.exe

PRC - [2004/07/27 23:50:18 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

========== Modules (SafeList) ==========

MOD - [2010/10/04 16:04:46 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\New Folder\OTL.exe

MOD - [2008/04/14 05:40:22 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

MOD - [2007/10/19 13:19:10 | 000,109,080 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\temp\logishrd\LVPrcInj01.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)

SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2010/08/08 14:40:58 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)

SRV - [2010/06/14 16:42:50 | 001,051,976 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)

SRV - [2010/06/14 16:39:20 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)

SRV - [2010/05/06 02:29:12 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)

SRV - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)

SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)

SRV - [2009/12/17 17:37:52 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus®

SRV - [2009/05/06 13:50:00 | 002,756,910 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)

SRV - [2008/07/26 08:27:42 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)

SRV - [2008/07/26 08:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)

SRV - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\catchme.sys -- (catchme)

DRV - [2010/09/29 18:21:13 | 000,035,840 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\isapnp.sys -- (isapnp)

DRV - [2010/05/10 11:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)

DRV - [2010/03/25 21:30:22 | 000,151,216 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\MpFilter.sys -- (MpFilter)

DRV - [2010/03/18 02:02:32 | 000,028,624 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)

DRV - [2010/03/18 02:02:08 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)

DRV - [2010/03/18 02:01:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)

DRV - [2010/03/18 02:01:12 | 000,010,448 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)

DRV - [2010/02/25 11:18:08 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)

DRV - [2010/02/17 11:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)

DRV - [2010/02/17 11:15:58 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)

DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)

DRV - [2009/10/13 17:50:00 | 000,133,632 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Mkd2kfNT.sys -- (Mkd2kfNt)

DRV - [2009/08/09 14:25:56 | 000,029,696 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VClone.sys -- (VClone)

DRV - [2009/07/13 17:37:00 | 000,079,360 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Mkd2Nadr.sys -- (Mkd2Nadr)

DRV - [2009/05/31 11:02:58 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)

DRV - [2008/04/14 00:30:04 | 000,225,664 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)

DRV - [2007/10/19 13:16:30 | 002,109,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)

DRV - [2007/10/11 19:00:42 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)

DRV - [2007/10/11 18:59:24 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)

DRV - [2007/10/11 18:59:02 | 002,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)

DRV - [2007/10/11 18:55:58 | 001,279,000 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)

DRV - [2007/10/11 18:55:58 | 000,013,848 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)

DRV - [2007/04/11 15:33:06 | 000,079,376 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)

DRV - [2007/04/11 15:32:38 | 000,063,248 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)

DRV - [2007/04/11 15:32:30 | 000,020,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)

DRV - [2006/11/28 21:46:20 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50)

DRV - [2005/11/23 13:51:38 | 000,245,248 | R--- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)

DRV - [2005/04/20 11:00:56 | 002,317,696 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)

DRV - [2005/04/12 11:42:16 | 000,011,904 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)

DRV - [2005/04/12 11:08:44 | 000,247,296 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)

DRV - [2005/03/09 14:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)

DRV - [2004/10/15 12:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb)

DRV - [2004/08/03 23:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)

DRV - [2004/08/03 21:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)

DRV - [2004/06/29 10:07:18 | 001,268,204 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)

DRV - [2003/12/02 18:23:20 | 000,142,336 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\fasttx2k.sys -- (fasttx2k)

DRV - [2003/07/18 09:58:20 | 000,036,992 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (SISAGP)

DRV - [2003/07/11 16:28:56 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)

DRV - [2002/07/29 14:43:50 | 000,023,808 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)

DRV - [2001/08/17 13:53:42 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\loop.sys -- (msloop)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...arm1=seconduser

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...arm1=seconduser

IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...arm1=seconduser

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...arm1=seconduser

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3529863423-2296698273-380274974-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

IE - HKU\S-1-5-21-3529863423-2296698273-380274974-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-21-3529863423-2296698273-380274974-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3529863423-2296698273-380274974-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2010/09/26 12:15:44 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/25 18:53:18 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/25 22:58:52 | 000,000,000 | ---D | M]

[2010/09/24 17:47:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions

[2009/03/19 21:39:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions\mozswing@mozswing.org

[2010/09/26 12:17:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\profiles\c2nz3mf3.default\extensions

[2010/09/20 18:02:30 | 000,000,000 | ---D | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\profiles\c2nz3mf3.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}

[2009/11/21 18:59:47 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\profiles\c2nz3mf3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010/05/05 17:09:59 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\profiles\c2nz3mf3.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

[2010/09/26 12:17:38 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\profiles\c2nz3mf3.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}

[2010/06/17 17:47:08 | 000,000,000 | ---D | M] (Swag Bucks Toolbar) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\profiles\c2nz3mf3.default\extensions\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}

[2010/08/06 16:32:28 | 000,000,000 | ---D | M] (myBabylon English Toolbar) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\profiles\c2nz3mf3.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}

[2010/02/11 20:10:00 | 000,000,000 | ---D | M] (AIM Toolbar) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\profiles\c2nz3mf3.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}

[2010/08/08 15:16:06 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\profiles\c2nz3mf3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2010/01/09 23:15:34 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\profiles\c2nz3mf3.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}

[2010/08/09 10:43:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\profiles\c2nz3mf3.default\extensions\inboxcomtoolbar@inbox.com

[2010/08/08 13:37:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\profiles\xvx6e8kl.default\extensions

[2010/09/26 12:17:54 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

[2010/06/21 18:45:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

[2009/12/10 20:45:23 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll

[2010/08/06 16:31:59 | 000,002,226 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml

[2010/09/14 05:41:12 | 000,002,506 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml

O1 HOSTS File: ([2010/10/06 18:12:15 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.)

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll File not found

O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.

O3 - HKU\S-1-5-21-3529863423-2296698273-380274974-1009\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKU\S-1-5-21-3529863423-2296698273-380274974-1009\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.

O3 - HKU\S-1-5-21-3529863423-2296698273-380274974-1009\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)

O4 - HKLM..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\imekrmig.exe (Microsoft Corporation)

O4 - HKLM..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [iSUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)

O4 - HKLM..\Run: [iSUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)

O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()

O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()

O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [siSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)

O4 - HKLM..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe (Silicon Integrated Systems Corp.)

O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] c:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)

O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] c:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)

O4 - HKU\S-1-5-21-3529863423-2296698273-380274974-1009..\Run: [Aim] C:\Program Files\AIM7\aim.exe (AOL Inc.)

O4 - HKU\S-1-5-21-3529863423-2296698273-380274974-1009..\Run: [DWQueuedReporting] c:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe (Silicon Integrated Systems Corporation)

O4 - Startup: C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\QQ????????.lnk = File not found

O4 - Startup: C:\Documents and Settings\Compaq_Owner.YOUR-F78BF48CE2\Start Menu\Programs\Startup\Compaq Organize.lnk = C:\Program Files\Hewlett-Packard\Compaq Organize\bin\displayAgent.exe File not found

O4 - Startup: C:\Documents and Settings\PS\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe File not found

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-3529863423-2296698273-380274974-1009\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-3529863423-2296698273-380274974-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-21-3529863423-2296698273-380274974-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-21-3529863423-2296698273-380274974-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\S-1-5-21-3529863423-2296698273-380274974-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\DisableRegistryTools: = 0

O7 - HKU\S-1-5-21-3529863423-2296698273-380274974-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\DisableRegistryTools\ShowInfoTip: = 0

O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()

O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()

O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: QQ - C:\Program Files\Tencent\QQIntl\Bin\AddEmotion.htm ()

O9 - Extra Button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()

O9 - Extra 'Tools' menuitem : Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Key error.)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftu...b?1281896685921 (MUWebControl Class)

O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefieldheroes.com/static/up...er_4.0.21.0.cab (Battlefield Heroes Updater)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)

O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)

O24 - Desktop WallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2005/01/26 21:53:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2009/07/11 19:55:43 | 000,000,000 | ---D | M] - C:\autorun.inf -- [ NTFS ]

O32 - AutoRun File - [2001/07/28 07:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]

O32 - AutoRun File - [2009/07/11 19:55:42 | 000,000,000 | ---D | M] - D:\autorun.inf -- [ FAT32 ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2035/02/20 18:10:22 | 000,000,000 | ---D | C] -- C:\Program Files\BitDefender

[2035/02/20 18:10:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BitDefender

[2035/02/20 18:04:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender

[2010/10/20 21:28:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth

[2010/10/20 21:00:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials

[2010/10/20 20:03:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch

[2010/10/20 19:32:14 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$

[2010/10/18 21:13:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Desktop\New Folder

[2010/10/06 19:19:15 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2010/10/06 18:04:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp

[2010/10/05 21:36:28 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2010/10/05 21:36:28 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2010/10/05 21:36:28 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2010/10/05 21:36:28 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2010/10/05 21:36:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2010/10/05 21:35:55 | 000,000,000 | ---D | C] -- C:\Qoobox

[2010/09/28 21:01:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Malwarebytes

[2010/09/27 18:06:16 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010/09/27 18:06:09 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010/09/27 18:06:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2010/09/26 22:58:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Compaq_Owner\Recent

[2010/09/26 22:39:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools

[2010/09/26 21:58:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Error Fix

[2010/09/26 20:14:17 | 000,000,000 | ---D | C] -- C:\Program Files\Heroes of Newerth

[2010/09/26 14:19:34 | 000,000,000 | ---D | C] -- C:\Program Files\AVG

[2010/09/26 11:37:32 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2010/09/25 23:18:57 | 000,000,000 | ---D | C] -- C:\Config.Msi

[2010/09/25 18:22:07 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys

[2010/09/25 18:05:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Sunbelt Software

[2010/09/25 18:00:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft

[2010/09/25 16:13:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared

[2010/09/25 16:08:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DivX

[2010/09/24 22:08:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro

[2010/09/24 22:08:09 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5

[2010/09/24 19:14:17 | 000,000,000 | ---D | C] -- C:\Program Files\FrostWire

[2010/09/24 17:55:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\36D

[2010/09/24 17:46:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\BearShare

[2010/09/24 17:46:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\BearShare

[2010/09/24 17:44:20 | 000,000,000 | ---D | C] -- C:\Program Files\BearShare Applications

[2010/09/24 16:53:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Logitech

[2010/09/23 15:46:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\ScummVM

[2010/09/22 21:20:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\PackageAware

[2010/09/21 20:09:45 | 000,000,000 | ---D | C] -- C:\Rbackup

[2010/09/21 20:08:27 | 000,000,000 | ---D | C] -- C:\Program Files\Perfect Uninstaller

[2010/09/21 18:41:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Logishrd

[2010/09/21 18:36:40 | 000,016,400 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LNonPnP.sys

[2010/09/21 18:32:10 | 000,010,448 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LBeepKE.sys

[2010/09/21 18:31:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\LogiShrd

[2010/09/21 18:29:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Logishrd

[2010/09/21 17:51:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Logishrd

[2010/09/21 16:46:32 | 000,000,000 | ---D | C] -- C:\baf564d187a58f5e8508d8

[2010/09/20 18:06:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\SCE

[2010/09/20 18:03:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sony Online Entertainment

[2010/09/20 16:56:43 | 000,000,000 | ---D | C] -- C:\7e726738f925839b11a52066f1eac7

[2010/09/18 08:12:36 | 000,000,000 | ---D | C] -- C:\5c76360a5ac3d2d4b561ea0bd8

[2010/09/17 16:49:58 | 000,122,368 | ---- | C] (csie.org) -- C:\Documents and Settings\Compaq_Owner\Desktop\piaipRCHack_v1_20100916.exe

[2010/09/16 16:57:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\ParetoLogic

[2010/09/15 18:34:17 | 000,000,000 | ---D | C] -- C:\ee9fa69de0043ea99fa8ce1bd7e3ed

[2010/09/15 15:52:48 | 000,000,000 | ---D | C] -- C:\a02c4905316ad03911

[2010/09/14 19:41:49 | 000,000,000 | ---D | C] -- C:\07ec49f50c51bb5805c3533c9c363eac

[2010/09/12 09:46:20 | 000,000,000 | ---D | C] -- C:\0b9d86fa567799ded53650f6

[2010/09/10 16:54:32 | 000,000,000 | ---D | C] -- C:\dec6d3ed3b3b27a7949ef3b82d87d6

[2010/09/09 17:38:45 | 000,000,000 | ---D | C] -- C:\7a0e46d6151cdada602b05

[2010/09/09 17:21:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\FrostWire

[2010/09/09 17:21:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\FrostWire

[2010/09/09 15:37:33 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2

[2010/09/09 15:34:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF

[2010/09/08 15:54:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\vlc

[2010/09/07 16:28:20 | 000,000,000 | ---D | C] -- C:\2acb57fcfc740aeebd6f9a

[2010/09/06 14:05:25 | 000,000,000 | ---D | C] -- C:\f3cb61773fe4d19f3c422611

[2010/09/06 09:45:10 | 000,000,000 | ---D | C] -- C:\b836f6bc380e8c854a

[2010/09/05 08:14:11 | 000,000,000 | ---D | C] -- C:\24c5cf17c1a46d4106b40415c0

[2010/09/04 22:13:08 | 000,000,000 | ---D | C] -- C:\0a26855bb168818bd35526

[2010/09/04 12:17:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\MoongraMS

[2010/09/03 18:56:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\LocalMS

[2010/09/02 15:51:10 | 000,000,000 | ---D | C] -- C:\cb593d0fc2b17a34e7fd656c

[2010/09/01 16:56:39 | 000,000,000 | ---D | C] -- C:\f8e3dbf908041265ce

[2010/08/31 19:05:01 | 000,000,000 | ---D | C] -- C:\3651b05f47584d6150a3c5dc3a7458

[2010/08/29 09:33:20 | 000,000,000 | ---D | C] -- C:\a0ad088d9064369229

[2010/08/21 22:35:19 | 000,000,000 | ---D | C] -- C:\67b07c36a9d0dfd95117abaadaea803b

[2010/08/18 17:42:36 | 000,116,736 | ---- | C] (MagicISO, Inc.) -- C:\WINDOWS\System32\drivers\mcdbus.sys

[2010/08/18 17:31:15 | 000,000,000 | ---D | C] -- C:\46bcd6b368f679a9d5527f068c4b07

[2010/08/17 18:37:23 | 000,000,000 | ---D | C] -- C:\43c84b6bf335c97bee2fae2b

[2010/08/17 17:18:27 | 000,000,000 | ---D | C] -- C:\33e4b0fbc7219deb3f7c434d

[2010/08/16 22:05:26 | 000,000,000 | ---D | C] -- C:\a1ea3f24d950167dab43

[2010/08/16 17:30:12 | 000,000,000 | ---D | C] -- C:\5829af8f2fc834faf9

[2010/08/15 11:35:46 | 000,000,000 | ---D | C] -- C:\08187c76aa332c868f

[2010/08/14 19:16:50 | 000,133,632 | ---- | C] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\Mkd2kfNT.sys

[2010/08/14 19:16:50 | 000,079,360 | ---- | C] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\Mkd2Nadr.sys

[2010/08/14 18:39:50 | 000,000,000 | ---D | C] -- C:\44011fc6ec3b66562455735077

[2010/08/14 18:11:25 | 000,000,000 | ---D | C] -- C:\ad29d9d07a32a49819f012fff412

[2010/08/14 14:17:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\Application Data

[2010/08/14 14:08:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\CelinoSEA

[2010/08/14 11:32:55 | 000,000,000 | ---D | C] -- C:\48d55a494b806d4dfd

[2010/08/11 13:56:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Desktop\Internet Pass

[2010/08/11 10:30:09 | 000,000,000 | ---D | C] -- C:\eecca13cf62f68d5a093a070c802eb

[2010/08/10 09:15:10 | 000,000,000 | ---D | C] -- C:\c05ab9c6e30c898b25

[2010/08/09 10:41:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Styler

[2010/08/09 10:28:51 | 000,000,000 | ---D | C] -- C:\Program Files\Stardock

[2010/08/09 10:00:58 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger

[2010/08/09 10:00:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting

[2010/08/09 10:00:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en

[2010/08/09 10:00:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits

[2010/08/09 09:59:13 | 000,000,000 | ---D | C] -- C:\Program Files\Styler

[2010/08/09 09:52:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\IconTweaker

[2010/08/09 09:52:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IconTweaker

[2010/08/09 09:52:11 | 000,000,000 | ---D | C] -- C:\Program Files\IconTweaker

[2010/08/08 15:56:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\ViGlance

[2010/08/08 15:56:00 | 000,000,000 | ---D | C] -- C:\Program Files\ViGlance

[2010/08/08 15:13:18 | 000,000,000 | ---D | C] -- C:\WINDOWS backup

[2010/08/08 14:41:02 | 000,030,536 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe

[2010/08/08 14:40:59 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll

[2010/08/08 14:39:00 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2010

[2010/08/07 10:18:54 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla ActiveX Control v1.7.12

[2010/08/07 10:14:50 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN

[2010/08/07 10:14:35 | 000,000,000 | ---D | C] -- C:\Program Files\Graboid

[2010/08/06 16:39:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Real

[2010/08/06 16:32:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Conduit

[2010/08/06 16:32:38 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit

[2010/08/06 16:32:00 | 000,000,000 | ---D | C] -- C:\Program Files\Babylon

[2010/08/05 17:07:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Wizet

[2010/08/05 07:11:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tencent

[2010/08/03 21:36:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Canon

[2010/08/03 17:51:03 | 000,000,000 | ---D | C] -- C:\797556898332970c1f2f

[2010/08/03 09:48:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\QQMusicUpdate

[2010/08/03 09:48:35 | 000,308,600 | ---- | C] (Tencent) -- C:\WINDOWS\System32\MMInstaller.dll

[2010/08/02 00:27:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\Tencent Files

[2010/08/02 00:26:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Tencent

[2010/08/02 00:24:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Tencent

[2010/08/02 00:23:43 | 000,000,000 | ---D | C] -- C:\Program Files\Tencent

[2010/08/02 00:23:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Tencent

[2006/01/28 23:07:20 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[253 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2035/02/20 18:34:07 | 000,000,016 | ---- | M] () -- C:\WINDOWS\System32\asdict.dat

[2035/02/20 18:34:07 | 000,000,004 | ---- | M] () -- C:\WINDOWS\System32\aspdict-en.dat

[2010/10/21 16:14:10 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job

[2010/10/21 16:09:11 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010/10/21 16:09:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010/10/21 16:09:07 | 939,053,056 | -HS- | M] () -- C:\hiberfil.sys

[2010/10/20 22:47:57 | 007,864,320 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\NTUSER.DAT

[2010/10/20 22:47:53 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Compaq_Owner\ntuser.ini

[2010/10/20 22:08:00 | 000,001,006 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3529863423-2296698273-380274974-1009UA.job

[2010/10/20 22:08:00 | 000,000,370 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job

[2010/10/20 21:00:36 | 000,085,536 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

[2010/10/20 21:00:01 | 000,000,828 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Security Essentials.lnk

[2010/10/20 20:59:24 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010/10/20 20:06:03 | 000,512,004 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2010/10/20 20:06:03 | 000,434,456 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2010/10/20 20:06:03 | 000,068,852 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2010/10/20 20:02:49 | 000,298,848 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010/10/20 19:38:32 | 000,250,048 | RHS- | M] () -- C:\ntldr

[2010/10/20 18:04:00 | 000,000,408 | ---- | M] () -- C:\WINDOWS\tasks\At1.job

[2010/10/17 15:08:00 | 000,000,954 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3529863423-2296698273-380274974-1009Core.job

[2010/10/17 11:17:52 | 000,000,718 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\SUPERAntiSpyware.lnk

[2010/10/17 11:17:19 | 000,000,714 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Malwarebyte' Anti-Malware.lnk

[2010/10/17 10:50:00 | 000,000,408 | ---- | M] () -- C:\WINDOWS\tasks\At2.job

[2010/10/16 12:11:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2010/10/15 21:02:14 | 000,043,008 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/10/15 08:03:10 | 000,000,386 | ---- | M] () -- C:\WINDOWS\tasks\RegCure.job

[2010/10/14 22:12:29 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk

[2010/10/14 22:02:16 | 000,004,342 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat

[2010/10/08 17:15:00 | 000,000,490 | ---- | M] () -- C:\WINDOWS\tasks\Automatic maintenance.job

[2010/10/06 18:12:53 | 000,000,291 | ---- | M] () -- C:\WINDOWS\system.ini

[2010/10/06 18:12:15 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2010/10/05 21:15:32 | 003,873,401 | R--- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe

[2010/10/02 22:26:57 | 000,000,800 | ---- | M] () -- C:\WINDOWS\win.ini

[2010/09/29 18:21:13 | 000,035,840 | ---- | M] () -- C:\WINDOWS\System32\drivers\isapnp.sys

[2010/09/28 20:32:34 | 000,000,295 | RHS- | M] () -- C:\boot.ini

[2010/09/26 10:07:59 | 000,000,376 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Dataprivacy.xml

[2010/09/26 10:07:10 | 000,016,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys

[2010/09/25 18:22:06 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys

[2010/09/24 23:02:18 | 000,003,722 | ---- | M] () -- C:\WINDOWS\System32\.crusader

[2010/09/24 19:15:50 | 000,000,896 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 4.20.9.lnk

[2010/09/24 19:15:48 | 000,000,878 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\FrostWire 4.20.9.lnk

[2010/09/24 16:53:05 | 000,001,789 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Logitech QuickCam.lnk

[2010/09/23 15:50:44 | 000,171,386 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\cc_20100923_155023.reg

[2010/09/23 14:30:38 | 000,002,347 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Google Chrome.lnk

[2010/09/22 21:39:44 | 000,000,307 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\asdsad.bat

[2010/09/21 20:08:40 | 000,000,042 | ---- | M] () -- C:\WINDOWS\System32\AK083E209605E394C.lie

[2010/09/21 19:48:59 | 000,020,852 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\cc_20100921_194830.reg

[2010/09/21 18:36:40 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LNonPnP.sys

[2010/09/19 15:50:42 | 000,000,052 | ---- | M] () -- C:\WINDOWS\System32\ashttpstats.csv

[2010/09/19 15:49:58 | 002,151,976 | -H-- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\IconCache.db

[2010/09/19 13:53:55 | 000,000,141 | ---- | M] () -- C:\WINDOWS\System32\msexcr.ini

[2010/09/18 14:54:53 | 000,000,073 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\faster.bat

[2010/09/18 09:29:03 | 000,000,046 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\jagex_runescape_preferences.dat

[2010/09/18 09:27:53 | 000,000,099 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\jagex_runescape_preferences2.dat

[2010/09/17 16:49:59 | 000,122,368 | ---- | M] (csie.org) -- C:\Documents and Settings\Compaq_Owner\Desktop\piaipRCHack_v1_20100916.exe

[2010/09/16 16:07:18 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\jagex__preferences3.dat

[2010/09/09 17:02:04 | 000,000,812 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk

[2010/09/09 15:38:20 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb

[2010/09/09 15:38:18 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb

[2010/09/09 15:36:25 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx

[2010/09/09 15:34:57 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf

[2010/08/29 11:14:02 | 000,000,188 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PopTag!.url

[2010/08/29 10:07:18 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\winscp.RND

[2010/08/12 20:51:48 | 000,001,590 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\QQGame.lnk

[2010/08/11 10:15:04 | 000,000,000 | ---- | M] () -- C:\t39g

[2010/08/08 16:06:53 | 000,001,930 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Tencent QQ.lnk

[2010/08/07 00:18:11 | 000,000,000 | ---- | M] () -- C:\t5u0

[2010/08/06 16:44:04 | 000,000,100 | ---- | M] () -- C:\WINDOWS\cdplayer.ini

[2010/08/06 16:39:39 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll

[2010/08/05 17:18:55 | 000,000,000 | ---- | M] () -- C:\t4gs

[2010/08/04 07:38:13 | 000,000,000 | ---- | M] () -- C:\t3q4

[2010/08/03 09:48:50 | 000,000,000 | ---- | M] () -- C:\t2p4

[2010/08/02 00:24:18 | 000,001,930 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Tencent QQ.lnk

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[253 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2035/02/20 18:38:37 | 000,000,052 | ---- | C] () -- C:\WINDOWS\System32\ashttpstats.csv

[2035/02/20 18:34:07 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\asdict.dat

[2035/02/20 18:34:07 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\aspdict-en.dat

[2010/10/20 21:22:49 | 000,003,606 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\reset.log

[2010/10/20 21:05:20 | 000,000,408 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job

[2010/10/20 21:00:01 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Security Essentials.lnk

[2010/10/20 19:39:14 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod

[2010/10/20 19:39:13 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty

[2010/10/20 19:39:10 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img

[2010/10/17 11:17:52 | 000,000,718 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\SUPERAntiSpyware.lnk

[2010/10/17 11:17:19 | 000,000,714 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Malwarebyte' Anti-Malware.lnk

[2010/10/16 14:52:22 | 000,012,798 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\resetlog.txt

[2010/10/05 21:36:28 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2010/10/05 21:36:28 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2010/10/05 21:36:28 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2010/10/05 21:36:28 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2010/10/05 21:36:28 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2010/10/05 21:34:54 | 003,873,401 | R--- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe

[2010/09/28 19:35:10 | 000,000,490 | ---- | C] () -- C:\WINDOWS\tasks\Automatic maintenance.job

[2010/09/24 23:02:18 | 000,003,722 | ---- | C] () -- C:\WINDOWS\System32\.crusader

[2010/09/24 22:08:47 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys

[2010/09/24 19:15:50 | 000,000,896 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 4.20.9.lnk

[2010/09/24 19:15:47 | 000,000,878 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\FrostWire 4.20.9.lnk

[2010/09/23 23:15:13 | 000,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk

[2010/09/23 15:50:34 | 000,171,386 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\cc_20100923_155023.reg

[2010/09/22 21:39:44 | 000,000,307 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\asdsad.bat

[2010/09/21 20:08:40 | 000,000,042 | ---- | C] () -- C:\WINDOWS\System32\AK083E209605E394C.lie

[2010/09/21 19:48:44 | 000,020,852 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\cc_20100921_194830.reg

[2010/09/19 13:53:54 | 000,000,141 | ---- | C] () -- C:\WINDOWS\System32\msexcr.ini

[2010/09/18 14:54:52 | 000,000,073 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\faster.bat

[2010/09/16 16:48:27 | 000,001,521 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Utility Tray.lnk

[2010/09/16 16:07:18 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\jagex__preferences3.dat

[2010/09/16 16:07:15 | 000,000,099 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\jagex_runescape_preferences2.dat

[2010/09/09 17:02:04 | 000,000,812 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk

[2010/09/09 15:38:18 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb

[2010/09/09 15:38:18 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb

[2010/09/09 15:34:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf

[2010/08/29 11:14:02 | 000,000,188 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PopTag!.url

[2010/08/12 20:51:48 | 000,001,590 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\QQGame.lnk

[2010/08/11 10:15:04 | 000,000,000 | ---- | C] () -- C:\t39g

[2010/08/09 09:47:47 | 000,035,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\isapnp.sys

[2010/08/08 16:06:53 | 000,001,930 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Tencent QQ.lnk

[2010/08/07 00:18:11 | 000,000,000 | ---- | C] () -- C:\t5u0

[2010/08/05 17:18:55 | 000,000,000 | ---- | C] () -- C:\t4gs

[2010/08/05 08:59:28 | 000,059,500 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini

[2010/08/05 08:59:27 | 000,021,138 | ---- | C] () -- C:\WINDOWS\System32\Repository.reg

[2010/08/05 08:55:26 | 000,001,789 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Logitech QuickCam.lnk

[2010/08/04 07:38:13 | 000,000,000 | ---- | C] () -- C:\t3q4

[2010/08/03 09:52:15 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\korwbrkr.lex

[2010/08/03 09:52:15 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex

[2010/08/03 09:52:15 | 000,002,060 | ---- | C] () -- C:\WINDOWS\System32\noise.jpn

[2010/08/03 09:52:15 | 000,001,486 | ---- | C] () -- C:\WINDOWS\System32\noise.kor

[2010/08/03 09:52:05 | 000,211,938 | ---- | C] () -- C:\WINDOWS\System32\lcphrase.tbl

[2010/08/03 09:52:05 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls

[2010/08/03 09:52:05 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\c_10002.nls

[2010/08/03 09:52:05 | 000,146,126 | ---- | C] () -- C:\WINDOWS\System32\array30.tab

[2010/08/03 09:52:05 | 000,116,285 | ---- | C] () -- C:\WINDOWS\System32\msdayi.tbl

[2010/08/03 09:52:05 | 000,110,566 | ---- | C] () -- C:\WINDOWS\System32\arphr.tbl

[2010/08/03 09:52:05 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls

[2010/08/03 09:52:05 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.nls

[2010/08/03 09:52:05 | 000,044,370 | ---- | C] () -- C:\WINDOWS\System32\acode.tbl

[2010/08/03 09:52:05 | 000,044,370 | ---- | C] () -- C:\WINDOWS\System32\a234.tbl

[2010/08/03 09:52:05 | 000,043,242 | ---- | C] () -- C:\WINDOWS\System32\phoncode.tbl

[2010/08/03 09:52:05 | 000,024,114 | ---- | C] () -- C:\WINDOWS\System32\lcptr.tbl

[2010/08/03 09:52:05 | 000,018,600 | ---- | C] () -- C:\WINDOWS\System32\arrayhw.tab

[2010/08/03 09:52:05 | 000,016,312 | ---- | C] () -- C:\WINDOWS\System32\arptr.tbl

[2010/08/03 09:52:05 | 000,004,071 | ---- | C] () -- C:\WINDOWS\System32\phon.tbl

[2010/08/03 09:52:05 | 000,002,714 | ---- | C] () -- C:\WINDOWS\System32\phonptr.tbl

[2010/08/03 09:52:05 | 000,001,460 | ---- | C] () -- C:\WINDOWS\System32\a15.tbl

[2010/08/03 09:52:05 | 000,000,700 | ---- | C] () -- C:\WINDOWS\System32\dayiptr.tbl

[2010/08/03 09:52:05 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\dayiphr.tbl

[2010/08/03 09:52:04 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls

[2010/08/03 09:52:04 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\big5.nls

[2010/08/03 09:52:04 | 000,016,254 | ---- | C] () -- C:\WINDOWS\System32\PINTLPAE.HLP

[2010/08/03 09:52:04 | 000,014,821 | ---- | C] () -- C:\WINDOWS\System32\PINTLPAD.HLP

[2010/08/03 09:52:01 | 001,783,864 | ---- | C] () -- C:\WINDOWS\System32\WINPY.MB

[2010/08/03 09:52:01 | 001,564,868 | ---- | C] () -- C:\WINDOWS\System32\WINSP.MB

[2010/08/03 09:52:01 | 001,223,500 | ---- | C] () -- C:\WINDOWS\System32\WINZM.MB

[2010/08/03 09:52:00 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls

[2010/08/03 09:52:00 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\c_10008.nls

[2010/08/03 09:52:00 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\prcp.nls

[2010/08/03 09:52:00 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls

[2010/08/03 09:52:00 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\prc.nls

[2010/08/03 09:52:00 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls

[2010/08/03 09:51:58 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex

[2010/08/03 09:51:58 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex

[2010/08/03 09:51:47 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls

[2010/08/03 09:51:47 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\c_1361.nls

[2010/08/03 09:51:47 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls

[2010/08/03 09:51:47 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\c_10003.nls

[2010/08/03 09:51:47 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\ksc.nls

[2010/08/03 09:51:47 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls

[2010/08/03 09:51:40 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll

[2010/08/03 09:51:29 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls

[2010/08/03 09:51:29 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\c_20932.nls

[2010/08/03 09:51:29 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls

[2010/08/03 09:51:29 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\c_20000.nls

[2010/08/03 09:51:29 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls

[2010/08/03 09:51:29 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\c_20949.nls

[2010/08/03 09:51:29 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls

[2010/08/03 09:51:29 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\c_20936.nls

[2010/08/03 09:51:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls

[2010/08/03 09:51:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_21027.nls

[2010/08/03 09:51:28 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls

[2010/08/03 09:51:28 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\c_10001.nls

[2010/08/03 09:51:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls

[2010/08/03 09:51:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20290.nls

[2010/08/03 09:51:28 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\xjis.nls

[2010/08/03 09:51:28 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls

[2010/08/03 09:51:25 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll

[2010/08/03 09:51:23 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll

[2010/08/03 09:51:22 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe

[2010/08/03 09:51:21 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe

[2010/08/03 09:48:50 | 000,000,000 | ---- | C] () -- C:\t2p4

[2010/08/02 00:24:18 | 000,001,930 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Tencent QQ.lnk

[2010/06/03 09:13:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\SIS_LIB.DLL

[2010/06/03 09:12:00 | 000,103,281 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini

[2010/06/03 09:10:51 | 000,096,312 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini

[2010/06/02 21:48:48 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys

[2010/05/21 08:23:10 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll

[2010/03/03 19:00:19 | 000,000,025 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\bdfvconp.ini

[2010/01/24 22:51:10 | 000,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI

[2009/07/24 20:51:16 | 000,139,152 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys

[2009/07/08 19:42:20 | 000,139,152 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\PnkBstrK.sys

[2009/06/16 17:09:36 | 000,000,230 | ---- | C] () -- C:\WINDOWS\reimage.ini

[2009/06/12 21:22:23 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\setup_ldm.iss

[2009/05/31 10:59:52 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll

[2009/05/19 06:05:14 | 001,380,403 | ---- | C] () -- C:\WINDOWS\System32\avgsdk.dll

[2008/12/09 22:28:48 | 000,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini

[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll

[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll

[2007/12/17 18:39:54 | 000,000,050 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI

[2007/11/26 22:03:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini

[2007/10/11 18:59:24 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys

[2007/07/26 19:06:03 | 000,039,968 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\FASTWiz.log

[2007/03/17 22:49:48 | 000,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI

[2007/03/17 22:49:48 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI

[2007/03/17 21:58:55 | 000,000,870 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini

[2007/03/17 21:58:55 | 000,000,153 | ---- | C] () -- C:\WINDOWS\brpcfx.ini

[2007/01/20 17:16:08 | 000,000,699 | ---- | C] () -- C:\WINDOWS\HEGAMES.INI

[2006/04/14 08:40:03 | 000,004,342 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat

[2006/02/01 20:56:55 | 000,043,008 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2006/01/30 20:00:39 | 000,000,128 | ---- | C] () -- C:\WINDOWS\TTL3.ini

[2005/12/17 22:36:16 | 000,000,008 | ---- | C] () -- C:\WINDOWS\msoffice.ini

[2005/12/09 20:46:57 | 000,000,100 | ---- | C] () -- C:\WINDOWS\cdplayer.ini

[2005/11/29 19:04:19 | 000,000,949 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2005/11/24 21:07:47 | 000,000,021 | ---- | C] () -- C:\WINDOWS\atid.ini

[2005/11/08 19:06:16 | 000,000,229 | ---- | C] () -- C:\WINDOWS\QTW.INI

[2005/06/23 04:58:09 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2005/06/23 04:27:21 | 000,013,975 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS

[2005/06/23 04:27:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll

[2005/06/23 04:26:56 | 000,002,158 | ---- | C] () -- C:\WINDOWS\System32\ssmute.ini

[2005/06/23 04:24:27 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2005/06/23 04:11:53 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini

[2005/06/23 03:56:53 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini

[2005/06/23 03:54:42 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll

[2005/02/18 10:56:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini

[2004/06/15 21:38:00 | 000,000,592 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

[2003/04/10 22:04:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll

[2003/01/07 22:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2010/09/24 17:55:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\36D

[2009/04/29 20:36:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\aHisoft

[2010/02/11 20:09:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM

[2008/12/26 22:39:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\America's Army Deploy Client

[2010/01/16 14:42:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus

[2010/09/26 12:15:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BitDefender

[2010/06/02 21:49:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited

[2009/06/08 18:51:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations

[2010/06/02 19:54:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure

[2010/01/24 22:56:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier

[2007/06/17 20:00:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Escape From Paradise

[2009/02/14 11:57:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy2

[2009/03/30 14:26:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse

[2009/03/26 17:06:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GoBit Games

[2007/09/10 20:02:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft

[2010/09/24 23:01:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro

[2010/08/09 12:42:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IconTweaker

[2009/06/08 22:43:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IJJIGame

[2007/09/03 10:26:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin Games

[2007/05/24 18:38:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Legacy Interactive

[2010/01/24 22:56:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Megaupload

[2010/06/30 10:32:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir

[2009/02/16 19:07:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9

[2009/07/21 18:56:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS

[2007/07/21 13:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Games

[2006/02/04 22:51:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Media

[2010/09/18 14:39:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic

[2009/04/06 16:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst

[2010/05/15 10:52:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files

[2009/08/19 21:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RoboForm

[2009/06/06 17:27:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games

[2007/03/17 21:57:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft

[2010/07/02 16:45:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedyPC

[2010/09/26 22:49:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2010/08/05 07:11:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tencent

[2010/08/08 14:38:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software

[2007/10/29 18:19:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint

[2007/07/15 20:20:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom

[2008/12/04 15:21:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

[2010/05/10 17:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2009/07/10 21:28:30 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}

[2009/04/09 10:52:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

[2008/12/13 15:55:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}

[2005/06/23 04:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cathy\Application Data\InterMute

[2005/06/23 04:39:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cathy\Application Data\SampleView

[2010/02/11 20:11:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\acccore

[2006/02/21 19:14:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Aim

[2007/09/03 09:58:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Avernum 4 Saved Games

[2010/05/18 20:56:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Azureus

[2010/06/02 21:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Canneverbe Limited

[2009/11/21 17:29:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\CheckPoint

[2007/04/01 22:29:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Chicken Chase

[2010/05/31 19:59:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DMCache

[2010/09/21 21:35:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DNA

[2010/06/02 19:54:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DriverCure

[2006/09/11 19:28:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\EA

[2010/01/24 22:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\EmailNotifier

[2010/09/26 22:12:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Error Fix

[2007/06/03 18:47:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\fretsonfire

[2010/09/25 00:20:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\FrostWire

[2007/04/03 10:25:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Gaijin Ent

[2009/02/16 19:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\GameHouse

[2007/07/15 20:29:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Gamelab

[2009/09/28 20:31:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\GetRightToGo

[2006/02/08 18:34:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Hulabee

[2010/08/09 12:42:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\IconTweaker

[2010/05/31 18:06:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\IDM

[2010/05/08 11:41:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\IFViewer

[2009/06/08 21:35:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\ijjigame

[2007/01/19 17:51:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\IMVU

[2005/06/23 04:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\InterMute

[2005/11/19 00:41:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\InterTrust

[2007/04/03 20:35:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\InterVideo

[2006/01/29 10:22:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Jamdat

[2007/09/10 17:44:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Jane s Hotel

[2006/06/25 17:55:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Leadertech

[2010/05/09 10:44:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Macro Recorder

[2005/11/19 13:30:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\MSNInstaller

[2009/03/30 17:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\MxBoost

[2007/08/06 20:59:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\My Games

[2007/04/01 20:43:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\MysteryStudio

[2007/07/29 21:42:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Nexon

[2007/04/14 09:00:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Ohana Games

[2009/03/25 20:52:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Opera

[2007/04/13 21:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\OZ Intermedia

[2010/09/16 16:57:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\ParetoLogic

[2007/10/18 20:20:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\PC-FAX TX

[2009/04/06 16:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\PlayFirst

[2009/11/22 17:15:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\PPStream

[2010/08/03 09:48:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\QQMusicUpdate

[2005/11/27 20:59:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Raptisoft

[2005/06/23 04:39:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SampleView

[2007/06/21 20:48:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sandlot Games

[2007/07/29 16:03:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\ScanSoft

[2010/09/23 15:46:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\ScummVM

[2010/09/20 18:03:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sony Online Entertainment

[2007/09/10 17:40:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SpinTop

[2010/08/09 10:41:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Styler

[2010/05/18 17:37:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SystemRequirementsLab

[2010/09/14 19:58:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\TeamViewer

[2006/04/14 08:40:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Template

[2010/08/03 09:48:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Tencent

[2009/04/03 18:18:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Thinstall

[2006/03/18 09:36:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Thunderbird

[2009/07/10 21:29:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\TuneUp Software

[2010/06/02 19:51:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\uniblue

[2008/12/05 20:46:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Unity

[2009/08/10 21:01:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\uTorrent

[2007/03/04 11:57:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Viewpoint

[2010/08/08 16:17:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\ViGlance

[2007/01/05 17:52:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\WeatherBug

[2010/08/05 17:07:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Wizet

[2009/07/20 22:08:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Youdagames

[2007/07/29 11:23:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Zylom

[2009/02/15 14:27:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner.YOUR-F78BF48CE2\Application Data\AVGTOOLBAR

[2009/04/04 19:53:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner.YOUR-F78BF48CE2\Application Data\BitTorrent

[2009/04/04 19:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner.YOUR-F78BF48CE2\Application Data\DNA

[2005/06/23 04:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner.YOUR-F78BF48CE2\Application Data\InterMute

[2008/12/09 22:26:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner.YOUR-F78BF48CE2\Application Data\InterVideo

[2009/04/04 19:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner.YOUR-F78BF48CE2\Application Data\LimeWire

[2008/12/11 15:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner.YOUR-F78BF48CE2\Application Data\Nexon

[2005/06/23 04:39:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner.YOUR-F78BF48CE2\Application Data\SampleView

[2008/12/09 21:56:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner.YOUR-F78BF48CE2\Application Data\Template

[2008/12/13 11:28:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner.YOUR-F78BF48CE2\Application Data\Unity

[2005/06/23 04:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\InterMute

[2005/06/23 04:39:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\SampleView

[2005/06/23 04:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Emily\Application Data\InterMute

[2005/06/23 04:39:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Emily\Application Data\SampleView

[2005/06/23 04:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Application Data\InterMute

[2005/06/23 04:39:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Application Data\SampleView

[2005/06/23 04:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest.STANLEY\Application Data\InterMute

[2005/06/23 04:39:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest.STANLEY\Application Data\SampleView

[2005/12/18 17:22:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Parents\Application Data\Aim

[2005/06/23 04:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Parents\Application Data\InterMute

[2005/06/23 04:39:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Parents\Application Data\SampleView

[2005/06/23 04:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PS\Application Data\InterMute

[2009/04/04 19:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PS\Application Data\LimeWire

[2009/02/26 20:45:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PS\Application Data\Nexon

[2009/03/23 17:55:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PS\Application Data\Opera

[2005/06/23 04:39:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PS\Application Data\SampleView

[2009/03/03 21:27:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PS\Application Data\Template

[2010/10/20 18:04:00 | 000,000,408 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job

[2010/10/17 10:50:00 | 000,000,408 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job

[2010/10/08 17:15:00 | 000,000,490 | ---- | M] () -- C:\WINDOWS\Tasks\Automatic maintenance.job

[2010/10/20 22:08:00 | 000,000,370 | ---- | M] () -- C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job

[2010/10/21 16:14:10 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

[2010/10/15 08:03:10 | 000,000,386 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure.job

========== Purity Check ==========

========== Files - Unicode (All) ==========

[2010/08/11 20:42:43 | 000,000,796 | ---- | M] ()(C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\QQ????????.lnk) -- C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\QQ????????.lnk

[2010/08/11 20:42:43 | 000,000,796 | ---- | C] ()(C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\QQ????????.lnk) -- C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\QQ????????.lnk

[2010/08/11 20:42:43 | 000,000,765 | ---- | M] ()(C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\QQ??.lnk) -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\QQ??.lnk

[2010/08/11 20:42:43 | 000,000,765 | ---- | C] ()(C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\QQ??.lnk) -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\QQ??.lnk

[2010/08/11 20:39:21 | 000,000,000 | ---D | M](C:\Program Files\????) -- C:\Program Files\????

[2010/08/11 20:39:21 | 000,000,000 | ---D | C](C:\Program Files\????) -- C:\Program Files\????

========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C7B98566

@Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:10D98D98

@Alternate Data Stream - 154 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:679ABA25

@Alternate Data Stream - 153 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:522EA216

@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AC6124CA

@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A6346EE9

@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C3B5FCD5

@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B22A8503

@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A3750BE5

@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C86B29EB

@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:92C9159A

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FE0E5BC2

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FDCAE7B5

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:945FE29C

@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2F99F761

@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E965A533

@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:48F5D95B

@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D7DA89B1

@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E1982A23

@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8B3D4833

@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:61A065F2

@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1B9D528D

@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:94F67F32

@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:13AA281B

@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6BD304B9

@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CE6885F1

@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9E3E060F

@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5B3A4EC2

@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B19CC382

@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:241FA548

@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7DC6E295

@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5804A24D

< End of report >

Elise · October 22, 2010

Hi again,

Please redownload and rerun Combofix now and post me the log. It appears that the isapnp file is changed again.

PleaseHelpMe12 · October 23, 2010

ComboFix 10-10-22.03 - Compaq_Owner 10/22/2010 22:34:51.3.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.895.155 [GMT -7:00]

Running from: K:\ComboFix.exe

AV: Kaspersky Internet Security *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}

FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\TEMP\logishrd\LVPrcInj01.dll

.

((((((((((((((((((((((((( Files Created from 2010-09-23 to 2010-10-23 )))))))))))))))))))))))))))))))

.

2035-02-21 01:10 . 2010-09-26 19:15 -------- d-----w- c:\program files\BitDefender

2035-02-21 01:10 . 2010-09-26 19:15 -------- d-----w- c:\documents and settings\All Users\Application Data\BitDefender

2035-02-21 01:04 . 2010-09-26 19:15 -------- d-----w- c:\program files\Common Files\BitDefender

2010-10-21 04:28 . 2010-10-21 04:28 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth

2010-10-21 02:39 . 2008-04-14 12:41 4255 ------w- c:\windows\system32\drivers\adv01nt5.dll

2010-10-21 02:36 . 2006-12-29 07:31 19569 ----a-w- c:\windows\002767_.tmp

2010-09-29 04:01 . 2010-09-29 04:01 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Malwarebytes

2010-09-28 01:06 . 2010-04-29 22:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-09-28 01:06 . 2010-09-28 01:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2010-09-28 01:06 . 2010-04-29 22:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-09-27 05:39 . 2010-09-28 00:04 -------- d-----w- c:\program files\Common Files\PC Tools

2010-09-27 04:58 . 2010-09-27 05:12 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Error Fix

2010-09-27 03:14 . 2010-09-27 03:26 -------- d-----w- c:\program files\Heroes of Newerth

2010-09-26 21:19 . 2010-09-26 21:19 -------- d-----w- c:\program files\AVG

2010-09-26 18:37 . 2010-10-17 18:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-09-26 01:22 . 2010-09-26 01:22 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2010-09-26 01:05 . 2010-09-26 01:05 -------- d-----w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\Sunbelt Software

2010-09-26 01:00 . 2010-09-26 18:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft

2010-09-25 23:14 . 2010-08-12 04:07 9200 ------w- c:\windows\system32\drivers\cdralw2k.sys

2010-09-25 23:14 . 2010-08-12 04:07 9072 ------w- c:\windows\system32\drivers\cdr4_xp.sys

2010-09-25 23:14 . 2010-08-12 04:07 133616 ------w- c:\windows\system32\pxafs.dll

2010-09-25 23:14 . 2010-08-12 04:07 126448 ------w- c:\windows\system32\pxinsi64.exe

2010-09-25 23:14 . 2010-08-12 04:07 123888 ------w- c:\windows\system32\pxcpyi64.exe

2010-09-25 23:13 . 2010-09-25 23:13 -------- d-----w- c:\program files\Common Files\DivX Shared

2010-09-25 23:08 . 2010-09-25 23:15 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX

2010-09-25 05:08 . 2010-09-26 17:07 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys

2010-09-25 05:08 . 2010-09-25 06:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Hitman Pro

2010-09-25 05:08 . 2010-09-25 05:08 -------- d-----w- c:\program files\Hitman Pro 3.5

2010-09-25 02:14 . 2010-09-25 02:18 -------- d-----w- c:\program files\FrostWire

2010-09-25 00:55 . 2010-09-25 00:55 -------- d-----w- c:\documents and settings\All Users\Application Data\36D

2010-09-25 00:46 . 2010-09-25 01:07 -------- d-----w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\BearShare

2010-09-25 00:44 . 2010-09-26 01:53 -------- d-----w- c:\program files\BearShare Applications

2010-09-24 23:53 . 2010-09-24 23:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Logitech

2010-09-24 06:18 . 2010-09-24 06:18 -------- d-sh--w- c:\documents and settings\Default User\IETldCache

2010-09-24 05:42 . 2010-09-24 05:42 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache

2010-09-23 22:46 . 2010-09-23 22:46 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\ScummVM

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-10-21 02:50 . 2010-10-21 02:50 45056 ----a-w- c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\uninstallUI\eHelpSetup.exe

2010-10-21 02:50 . 2010-10-21 02:50 44032 ----a-w- c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\Scripts\devcon.exe

2010-09-30 01:21 . 2010-08-09 16:47 35840 ----a-w- c:\windows\system32\drivers\isapnp.sys

2010-09-23 04:39 . 2010-09-23 04:39 307 ----a-w- c:\documents and settings\Compaq_Owner\asdsad.bat

2010-09-22 01:36 . 2010-09-22 01:36 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys

2010-08-12 04:07 . 2005-01-26 16:03 45648 ------w- c:\windows\system32\drivers\pxhelp20.sys

2010-08-10 12:15 . 2010-08-10 12:15 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2010-08-10 12:15 . 2010-08-10 12:15 69632 ----a-w- c:\windows\system32\QuickTime.qts

2010-08-09 16:42 . 2009-07-11 05:06 2321024 ----a-w- c:\windows\system32\TUKernel.exe

2010-08-02 07:24 . 2010-08-02 07:24 106496 ----a-r- c:\documents and settings\Compaq_Owner\Application Data\Microsoft\Installer\{3CA54984-A14B-42FE-9FF1-7EA90151D725}\NewShortcut311_0951773981FA4AB2BC21B7DCEC95892A.exe

2010-08-02 07:24 . 2010-08-02 07:24 106496 ----a-r- c:\documents and settings\Compaq_Owner\Application Data\Microsoft\Installer\{3CA54984-A14B-42FE-9FF1-7EA90151D725}\NewShortcut31_2F252077BA3F4362913955273A708467.exe

2010-08-02 07:24 . 2010-08-02 07:24 106496 ----a-r- c:\documents and settings\Compaq_Owner\Application Data\Microsoft\Installer\{3CA54984-A14B-42FE-9FF1-7EA90151D725}\NewShortcut1_EDD4ABB1C1B34A9D84CE33FBFB5D3639.exe

2010-07-28 01:44 . 2010-07-28 01:44 91424 ----a-w- c:\windows\system32\dnssd.dll

2010-07-28 01:44 . 2010-07-28 01:44 107808 ----a-w- c:\windows\system32\dns-sd.exe

2006-01-29 06:07 . 2006-01-29 06:07 774144 -c--a-w- c:\program files\RngInterstitial.dll

.

------- Sigcheck -------

[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys

[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\atapi.sys

[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys

[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\drivers\atapi.sys

[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys

[7] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys

[7] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\kbdclass.sys

[-] 2004-08-04 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\kbdclass.sys

[-] 2004-08-04 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys

[-] 2004-08-04 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\system32\drivers\kbdclass.sys

[-] 2004-08-04 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0003\DriverFiles\i386\kbdclass.sys

[-] 2004-08-04 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0008\DriverFiles\i386\kbdclass.sys

[-] 2010-05-06 . C7B7A88CC7D7ABA5C395145BF92F46F7 . 5950976 . . [8.00.6001.18928] . . c:\windows\system32\mshtml.dll

[-] 2010-05-06 . C7B7A88CC7D7ABA5C395145BF92F46F7 . 5950976 . . [8.00.6001.18928] . . c:\windows\system32\dllcache\mshtml.dll

[-] 2010-05-06 . 9BE28F749A7FE7F8F177C6AA2E9DA609 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll

[-] 2010-02-25 . 7054F6ADC9B670887659F1561603B0D0 . 5944832 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll

[-] 2010-02-25 . 974772C74DA7C7A8E7C813A9908A845F . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll

[-] 2009-12-21 . BE6EEBEF636773A8E7A82214E81C563A . 5942784 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\mshtml.dll

[-] 2009-12-21 . E6B64C6C729BBC38AB7CC92CE33F97A5 . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll

[-] 2009-10-29 . C0F9AC6FAB2C788FFEE3E69585A0E93F . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll

[-] 2009-10-29 . CBB1EF54B86EDB78649909DD1699E5CA . 5940736 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll

[-] 2009-10-22 . CDA69BC1C23B0EA033B989F67CB722FF . 5939712 . . [8.00.6001.18852] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll

[-] 2009-10-22 . A6CF28C6E0B6D10098AB601D85EE55E8 . 5943296 . . [8.00.6001.22942] . . c:\windows\$hf_mig$\KB976749-IE8\SP3QFE\mshtml.dll

[-] 2009-08-29 . 0E49677EE57A928765FC47FFBACD5326 . 5940224 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976749-IE8\mshtml.dll

[-] 2009-08-29 . B68F6E6C66D17D9EDABF3D5DA71046DA . 5942272 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll

[-] 2009-07-19 . 5A32B43A48D6DCA339BF24105D9A028F . 5937152 . . [8.00.6001.18812] . . c:\windows\ie8updates\KB974455-IE8\mshtml.dll

[-] 2009-07-19 . F25D866DD486AD30E05E5596CB363C3E . 5938176 . . [8.00.6001.22902] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\mshtml.dll

[-] 2009-05-13 . EEAADAA744B20E68CF5EB4FBB4F8AFA9 . 5936128 . . [8.00.6001.18783] . . c:\windows\ie8updates\KB972260-IE8\mshtml.dll

[-] 2009-05-13 . 1290E417BF806185CC7B2845E78A104E . 5936128 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\mshtml.dll

[-] 2009-04-29 . 04AB92BFDDF275D50E3D42CDB4BF110E . 3060736 . . [6.00.2900.3562] . . c:\windows\ie8\mshtml.dll

[-] 2009-04-29 . ABD8093E43E53AEA5898D2214B92E9BA . 3068928 . . [6.00.2900.5803] . . c:\windows\$hf_mig$\KB969897\SP3GDR\mshtml.dll

[-] 2009-04-29 . 7BB862F4CBB8361551C34674291BA5EC . 3068928 . . [6.00.2900.3562] . . c:\windows\$hf_mig$\KB969897\SP2QFE\mshtml.dll

[-] 2009-04-29 . 06CF679E3D24C3DF270556456A0F1EDA . 3069440 . . [6.00.2900.5803] . . c:\windows\$hf_mig$\KB969897\SP3QFE\mshtml.dll

[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\mshtml.dll

[-] 2009-02-20 . 03D98EB3F7BBD1FA14C650597F1989BC . 3067904 . . [6.00.2900.3527] . . c:\windows\$hf_mig$\KB963027\SP2QFE\mshtml.dll

[-] 2009-02-20 . 2F70F2F74C40397D031016FA162981C2 . 3068416 . . [6.00.2900.5764] . . c:\windows\$hf_mig$\KB963027\SP3GDR\mshtml.dll

[-] 2009-02-20 . 1618A4A2C5DD8164B8295190C8EA6544 . 3068416 . . [6.00.2900.5764] . . c:\windows\$hf_mig$\KB963027\SP3QFE\mshtml.dll

[-] 2008-12-14 . 2973F5FC57D2755AB57ED14FFF8DDA47 . 5699584 . . [8.00.6001.22342] . . c:\windows\$hf_mig$\KB960714-IE8\SP3QFE\mshtml.dll

[-] 2008-12-12 . 6D1D493622EA050DBAABD0C4C1DFADB5 . 3067392 . . [6.00.2900.3492] . . c:\windows\$hf_mig$\KB960714\SP2QFE\mshtml.dll

[-] 2008-12-12 . B6DAA74E2ED36C71B502945589A683AE . 3067904 . . [6.00.2900.5726] . . c:\windows\$hf_mig$\KB960714\SP3QFE\mshtml.dll

[-] 2008-12-12 . C828AA1C5469E72251F3D367005E589F . 3067904 . . [6.00.2900.5726] . . c:\windows\$hf_mig$\KB960714\SP3GDR\mshtml.dll

[-] 2008-10-16 . CC5A2205D37AE67CE23AB7FD3E1FDACA . 3067904 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3QFE\mshtml.dll

[-] 2008-10-16 . C99D8B48FC245D98E1A2BAB6594458C9 . 3067392 . . [6.00.2900.3462] . . c:\windows\$hf_mig$\KB958215\SP2QFE\mshtml.dll

[-] 2008-10-16 . B846C2DE341CF32B42AD297437233742 . 3067904 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3GDR\mshtml.dll

[-] 2008-08-26 . 25CC085720EE3617FD1F8AB9E2F7CAB2 . 3594752 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll

[-] 2008-06-24 . EC936148284F557F19C333178768109B . 3592192 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\mshtml.dll

[-] 2008-06-23 . 28B8231CA8D55FC85E027A57C90F5C88 . 3594240 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll

[-] 2008-04-24 . 8976CAB317105F7431B08EA32AB73C65 . 3591680 . . [7.00.6000.16674] . . c:\windows\ie7updates\KB953838-IE7\mshtml.dll

[-] 2008-04-23 . 4D612FF5D3B7EEF200595AE6F95D5E68 . 3593728 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll

[7] 2008-04-14 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll

[-] 2008-03-02 . AB2C88167D78D71D93558ACECB24CC7A . 3591680 . . [7.00.6000.16640] . . c:\windows\ie7updates\KB950759-IE7\mshtml.dll

[-] 2008-03-01 . 4EE273E2B09317C1217EF0DB91F93534 . 3593216 . . [7.00.6000.20772] . . c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\mshtml.dll

[-] 2007-12-08 . A097C36412455F0C7E42377FAF8809B7 . 3592192 . . [7.00.6000.16608] . . c:\windows\ie7updates\KB947864-IE7\mshtml.dll

[-] 2007-12-07 . 976C46ED4A75FC66D9C596778898CE1E . 3593216 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\mshtml.dll

[-] 2007-10-30 . 54D8B404F17AA74C666F7F3AEF2AE459 . 3593216 . . [7.00.6000.20710] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\mshtml.dll

[-] 2007-10-30 . 8AB7ECF59D6EBBE986277B65ED4A40A1 . 3590656 . . [7.00.6000.16587] . . c:\windows\ie7updates\KB944533-IE7\mshtml.dll

[-] 2007-08-20 . E267EE248CDA7667C19001C069DE867B . 3584512 . . [7.00.6000.16544] . . c:\windows\ie7updates\KB942615-IE7\mshtml.dll

[-] 2007-08-20 . AA8A4BD78D24FCDB96DDAEE3756AA372 . 3592192 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\mshtml.dll

[-] 2007-07-19 . BD609A26B683332A0E0E1445C5724851 . 3583488 . . [7.00.6000.16525] . . c:\windows\ie7updates\KB939653-IE7\mshtml.dll

[-] 2007-07-18 . 7CE243CFD47AD0DC431586CB8C542A11 . 3584000 . . [7.00.6000.20641] . . c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\mshtml.dll

[-] 2007-05-08 . 1D4E3B86C601A2497C99790CC4D7DF26 . 3584000 . . [7.00.6000.20591] . . c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\mshtml.dll

[-] 2007-05-08 . 5D90A7200F72DACE663EE78DE234FCC7 . 3583488 . . [7.00.6000.16481] . . c:\windows\ie7updates\KB937143-IE7\mshtml.dll

[-] 2006-10-17 . D557C817132597A1760BE40813EE7514 . 3577856 . . [7.00.5730.11] . . c:\windows\ie7\mshtml.dll

[-] 2006-10-17 . D557C817132597A1760BE40813EE7514 . 3577856 . . [7.00.5730.11] . . c:\windows\ie7updates\KB933566-IE7\mshtml.dll

[-] 2005-11-24 . D3F037F5DA702AE9DDD7663EC9D78BA7 . 3018240 . . [6.00.2900.2802] . . c:\windows\$hf_mig$\KB905915\SP2QFE\mshtml.dll

[-] 2005-10-05 . 3394299FBF1CD0B24089FC762611360B . 3017728 . . [6.00.2900.2769] . . c:\windows\$hf_mig$\KB896688\SP2QFE\mshtml.dll

[-] 2005-01-27 . 91C5ADE25BC4E3322577854FA2E7B58B . 3008000 . . [6.00.2900.2604] . . c:\windows\$hf_mig$\KB867282\SP2QFE\mshtml.dll

[-] 2010-05-06 . 2D9C7B010409372C34F725DA5CCED083 . 916480 . . [8.00.6001.18923] . . c:\windows\system32\wininet.dll

[-] 2010-05-06 . 2D9C7B010409372C34F725DA5CCED083 . 916480 . . [8.00.6001.18923] . . c:\windows\system32\dllcache\wininet.dll

[-] 2010-05-06 . C1490F68B44AF8B781F52F12F564625D . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll

[-] 2010-02-25 . 7A42CFED96CDA7F2FB1A26D1F9F65775 . 916480 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll

[-] 2010-02-25 . 4458D59F2B0369F4D3B137541D284041 . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll

[-] 2009-12-21 . FF4241C74E0C0A5AFFFE05F584213ECB . 916480 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\wininet.dll

[-] 2009-12-21 . 5E1F666B8955FD77E65D65C4C4D882A3 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll

[-] 2009-10-29 . 6AF52998B90F72FF2325D84D90EDA1CC . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll

[-] 2009-10-29 . 75240F6EDBCE7B85DF66874407D38A4F . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll

[-] 2009-08-29 . CF0A5FE05BF614C24950D8FAEC1BC309 . 916480 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll

[-] 2009-08-29 . 972B226BDAD71C55F3CC9A72BBF8F1C1 . 916480 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll

[-] 2009-07-03 . 7E8A47A2E6561274B83E257CE74803FD . 915456 . . [8.00.6001.18806] . . c:\windows\ie8updates\KB974455-IE8\wininet.dll

[-] 2009-07-03 . 38114DAB42FB2EB84D1726C42B8D80C5 . 915456 . . [8.00.6001.22896] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll

[-] 2009-05-13 . 366C72AF6970DB7BB39AB0142BF09DB5 . 915456 . . [8.00.6001.18783] . . c:\windows\ie8updates\KB972260-IE8\wininet.dll

[-] 2009-05-13 . C0EB6850C8A02A154281749DC61FAF22 . 915456 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\wininet.dll

[-] 2009-04-29 . 9D6E5AEB8F237E03D5892951EB3D6A7E . 659456 . . [6.00.2900.3562] . . c:\windows\ie8\wininet.dll

[-] 2009-04-29 . 6002073519FA478BF89977369CDFD156 . 666624 . . [6.00.2900.5803] . . c:\windows\$hf_mig$\KB969897\SP3GDR\wininet.dll

[-] 2009-04-29 . 9E36A148748C5DE4EA1F47B9B625F412 . 668160 . . [6.00.2900.3562] . . c:\windows\$hf_mig$\KB969897\SP2QFE\wininet.dll

[-] 2009-04-29 . 04BCB4F87B35502568F6CF33433543A5 . 668160 . . [6.00.2900.5803] . . c:\windows\$hf_mig$\KB969897\SP3QFE\wininet.dll

[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\wininet.dll

[-] 2009-02-20 . 1EA0E6DD74199209D60991FD46CE8643 . 668160 . . [6.00.2900.3527] . . c:\windows\$hf_mig$\KB963027\SP2QFE\wininet.dll

[-] 2009-02-20 . 5B6A3EB7BB2F338BC2CB9F2FA4AAEA9E . 666112 . . [6.00.2900.5764] . . c:\windows\$hf_mig$\KB963027\SP3GDR\wininet.dll

[-] 2009-02-20 . 711FEABED387B29FF7ED61BC6806A06C . 667648 . . [6.00.2900.5764] . . c:\windows\$hf_mig$\KB963027\SP3QFE\wininet.dll

[-] 2008-10-16 . 93C9D0A216498EE14EB9B26119BB95EE . 667648 . . [6.00.2900.3462] . . c:\windows\$hf_mig$\KB958215\SP2QFE\wininet.dll

[-] 2008-10-16 . E8FCE58A470999350F64C591557F9E42 . 667136 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3QFE\wininet.dll

[-] 2008-10-16 . 1576318BF08D28CC61D1278114AD8D5B . 666112 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3GDR\wininet.dll

[-] 2008-08-26 . 77C192FE56A70D7FA0247BA0A6201C32 . 827904 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll

[-] 2008-06-23 . 8C13D4A7479FA0A026EDA8ABCE82C0ED . 826368 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\wininet.dll

[-] 2008-06-23 . C66402A06B83B036C195242C0C8CF83C . 827904 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll

[-] 2008-04-23 . F6589BE784647CFDBC22EA51CCB1A57A . 826368 . . [7.00.6000.16674] . . c:\windows\ie7updates\KB953838-IE7\wininet.dll

[-] 2008-04-23 . 41546B396A526918DA7995A02EA04E51 . 827392 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll

[7] 2008-04-14 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll

[-] 2008-03-01 . AD21461AEF8244EDEC2EF18E55E1DCF3 . 826368 . . [7.00.6000.16640] . . c:\windows\ie7updates\KB950759-IE7\wininet.dll

[-] 2008-03-01 . 6316C2F0C61271C8ABDFF7429174879E . 827392 . . [7.00.6000.20772] . . c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll

[-] 2007-12-07 . 806D274C9A6C3AAEA5EAE8E4AF841E04 . 824832 . . [7.00.6000.16608] . . c:\windows\ie7updates\KB947864-IE7\wininet.dll

[-] 2007-12-07 . B5B411BB229AE6EAD7652A32ED47BFB9 . 825344 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll

[-] 2007-10-10 . 30C1E0F34AD2972C72A01DB5C74AB065 . 824832 . . [7.00.6000.16574] . . c:\windows\ie7updates\KB944533-IE7\wininet.dll

[-] 2007-10-10 . 0E5D918F87EFA7D2424D66B499C7EB04 . 825344 . . [7.00.6000.20696] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll

[-] 2007-08-20 . 774435E499D8E9643EC961A6103C361F . 824832 . . [7.00.6000.16544] . . c:\windows\ie7updates\KB942615-IE7\wininet.dll

[-] 2007-08-20 . 357D54BF94FE9D6D8505A96B5C2A3BCA . 825344 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll

[-] 2007-06-27 . D6ED5E042C5207553E7F5E842918137F . 824320 . . [7.00.6000.20627] . . c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\wininet.dll

[-] 2007-06-27 . 8068CBB58FE60CC95AEB2CFF70178208 . 823808 . . [7.00.6000.16512] . . c:\windows\ie7updates\KB939653-IE7\wininet.dll

[-] 2007-04-25 . 431DEFBB4A3D7B0DC062C1B064623A2F . 823808 . . [7.00.6000.20583] . . c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\wininet.dll

[-] 2007-04-25 . 0586A7F0B2FDB94D624F399D4728E7C8 . 822784 . . [7.00.6000.16473] . . c:\windows\ie7updates\KB937143-IE7\wininet.dll

[-] 2006-10-17 . FED30AFC65931E390B3C90DC63E29E42 . 818688 . . [7.00.5730.11] . . c:\windows\ie7\wininet.dll

[-] 2006-10-17 . FED30AFC65931E390B3C90DC63E29E42 . 818688 . . [7.00.5730.11] . . c:\windows\ie7updates\KB933566-IE7\wininet.dll

[-] 2005-10-21 . AF785C4947676A7FC1673FDC5C8D0B5B . 661504 . . [6.00.2900.2781] . . c:\windows\$hf_mig$\KB905915\SP2QFE\wininet.dll

[-] 2005-09-02 . 97A6FD7CAFD688CF2C78939EBAF0CD0C . 660480 . . [6.00.2900.2753] . . c:\windows\$hf_mig$\KB896688\SP2QFE\wininet.dll

[-] 2005-01-28 . A8EAC5330876548E9966A7D13025D196 . 657920 . . [6.00.2900.2598] . . c:\windows\$hf_mig$\KB867282\SP2QFE\wininet.dll

[7] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys

[7] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\aec.sys

[-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys

[-] 2004-08-04 12:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtServicePackUninstall$\aec.sys

[-] 2004-08-04 12:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\system32\drivers\aec.sys

[-] 2009-01-31 03:33 . 051B1BDECD6DEE18C771B5D5EC7F044D . 27136 . . [11.0.5721.5262] . . c:\windows\system32\mspmsnsv.dll

[-] 2009-01-31 03:33 . 051B1BDECD6DEE18C771B5D5EC7F044D . 27136 . . [11.0.5721.5262] . . c:\windows\system32\dllcache\mspmsnsv.dll

[-] 2004-08-11 15:45 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll

[-] 2004-08-11 15:45 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll

[-] 2004-08-04 12:00 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Aim"="c:\program files\AIM7\aim.exe" [2010-03-08 3972440]

"Google Update"="c:\documents and settings\Compaq_Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-08-11 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 57344]

"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-28 221184]

"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-28 81920]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

"SiSPower"="SiSPower.dll" [2005-04-12 49152]

"SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2002-07-13 106496]

"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]

"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-04 44032]

"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392]

"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]

"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]

"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984]

"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-08-06 202256]

"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1311312]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-08-10 421888]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-01 1164584]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Utility Tray.lnk - c:\windows\system32\sistray.exe [2010-6-3 331776]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"UIHost"="c:\windows\system32\logonui.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]

2010-05-06 09:29 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

@=""

[HKLM\~\startupfolder\C:^Documents and Settings^Compaq_Owner^Start Menu^Programs^Startup^MagicDisc.lnk]

path=c:\documents and settings\Compaq_Owner\Start Menu\Programs\Startup\MagicDisc.lnk

backup=c:\windows\pss\MagicDisc.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

"AntiVirusOverride"=dword:00000001

"AntiVirusDisableNotify"=dword:00000001

"FirewallDisableNotify"=dword:00000001

"FirewallOverride"=dword:00000001

"UpdatesDisableNotify"=dword:00000001

"UacDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\WINDOWS\\system32\\wuauclt.exe"=

"c:\\HP\\KBD\\KBD.EXE"=

"c:\\Program Files\\Java\\jre1.5.0\\bin\\jusched.exe"=

"c:\\WINDOWS\\system32\\PnkBstrA.exe"=

"c:\\WINDOWS\\system32\\PnkBstrB.exe"=

"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=

"c:\\Program Files\\DNA\\btdna.exe"=

"c:\\Program Files\\PPStream\\PPStream.exe"=

"c:\\Program Files\\PPStream\\PPSAP.exe"=

"c:\\Documents and Settings\\All Users\\Documents\\ppstreamsetup (2).exe"=

"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=

"c:\\Program Files\\Logitech Touch Mouse Server\\iTouch-Server-Win.exe"=

"c:\\Program Files\\AIM7\\aim.exe"=

"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\FrostWire\\FrostWire.exe"=

"c:\\Program Files\\Tencent\\QQIntl\\Bin\\QQ.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"57743:TCP"= 57743:TCP:Pando Media Booster

"57743:UDP"= 57743:UDP:Pando Media Booster

"57716:TCP"= 57716:TCP:Pando Media Booster

"57716:UDP"= 57716:UDP:Pando Media Booster

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/17/2010 11:25 AM 12872]

R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/10/2010 11:41 AM 67656]

R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [9/21/2010 6:32 PM 10448]

R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [6/14/2010 4:42 PM 1051976]

R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [6/14/2009 11:22 PM 24652]

R3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [8/14/2010 7:16 PM 79360]

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2/25/2010 11:18 AM 10064]

S3 Lavasoft Kernexplorer;Lavasoft helper driver; [x]

S3 maxD20081102;maxD20081102; [x]

S3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNT.sys [8/14/2010 7:16 PM 133632]

S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]

S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2/17/2010 11:15 AM 12872]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

getPlusHelper REG_MULTI_SZ getPlusHelper

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

.

Contents of the 'Scheduled Tasks' folder

2010-10-16 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 18:50]

2010-10-21 c:\windows\Tasks\At1.job

- c:\program files\norton pc checkup\pc_checkup.exe [2008-06-29 21:50]

2010-10-17 c:\windows\Tasks\At2.job

- c:\program files\norton pc checkup\pc_checkup.exe [2008-06-29 21:50]

2010-10-23 c:\windows\Tasks\Automatic maintenance.job

- c:\program files\TuneUp Utilities 2010\OneClickStarter.exe [2010-06-14 23:48]

2010-10-23 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job

- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2006-07-08 01:26]

2010-10-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3529863423-2296698273-380274974-1009Core.job

- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-08-11 17:38]

2010-10-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3529863423-2296698273-380274974-1009UA.job

- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-08-11 17:38]

2010-10-15 c:\windows\Tasks\RegCure.job

- c:\program files\RegCure\RegCure.exe [2008-11-27 18:55]

.

------- Supplementary Scan -------

.

uStart Page = about:blank

uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=presario&pf=desktop

mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=presario&pf=desktop

uInternet Connection Wizard,ShellNext = hxxp://shop.trendmicro.com/tmasy/eol.html?X=300&Y=300&WIDTH=690&HEIGHT=480

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://www.google.com/keyword/%s

IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm

IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm

IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm

IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000

IE: QQ - c:\program files\Tencent\QQIntl\Bin\AddEmotion.htm

DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.21.0.cab

FF - ProfilePath - c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\profiles\c2nz3mf3.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - BearShare Web Search

FF - prefs.js: browser.startup.homepage - hxxp://swagbucks.com

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=megaup&p=

FF - component: c:\documents and settings\Compaq_Owner\Application Data\IDM\idmmzcc3\components\idmmzcc.dll

FF - component: c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com\components\gvtlf.dll

FF - component: c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\c2nz3mf3.default\extensions\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}\components\FFExternalAlert.dll

FF - component: c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\c2nz3mf3.default\extensions\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}\components\RadioWMPCore.dll

FF - component: c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\c2nz3mf3.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll

FF - component: c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\c2nz3mf3.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\RadioWMPCore.dll

FF - component: c:\program files\BitDefender\BitDefender 2010\bdaphffext\components\bdaphff2.dll

FF - component: c:\program files\BitDefender\BitDefender 2010\bdaphffext\components\bdaphff3.6.dll

FF - component: c:\program files\BitDefender\BitDefender 2010\bdaphffext\components\bdaphff3.dll

FF - plugin: c:\documents and settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll

FF - plugin: c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\c2nz3mf3.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll

FF - plugin: c:\documents and settings\Compaq_Owner\Application Data\Mozilla\plugins\np-mswmp.dll

FF - plugin: c:\documents and settings\Compaq_Owner\Local Settings\Application Data\Google\Update\1.2.183.29\npGoogleOneClick8.dll

FF - plugin: c:\program files\AhnLab\ASP\Components\aosmgr\conflict_221\npaosmgr.dll

FF - plugin: c:\program files\AhnLab\ASP\MyKeyDefense 2.5\npmkd25aos.dll

FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npdnupdater2.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll

FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----

FF - user.js: nglayout.initialpaint.delay - 600

FF - user.js: network.http.max-connections-per-server - 8

FF - user.js: network.http.max-persistent-connections-per-server - 4

.

------- File Associations -------

.

txtfile=c:\windows\notepad.exe %1

.

- - - - ORPHANS REMOVED - - - -

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

AddRemove-QQ?? - c:\program files\????\QQGAME\Uninstall.EXE

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-10-22 22:43

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\EN]

@DACL=(02 0000)

"OnLineServicesDirName"="Online Services"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\FR]

@DACL=(02 0000)

"OnLineServicesDirName"="Services en ligne"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\HP\MX]

@DACL=(02 0000)

"OnLineServicesDirName"="Servicios en l

Elise · October 23, 2010

Please click Start > Run, type sfc /scannow and press enter. Let the system file checker run unhindered. When asked, insert your XP CD.

When done, rerun Combofix and post me the new log.

PleaseHelpMe12 · October 24, 2010

What if I don't have a XP CD?

Elise · October 24, 2010

Try it without CD. There are legit copies of the files on the system apparently, so the system file checker should be able to do its job.

PleaseHelpMe12 · October 24, 2010

It ask for a Windows XP Home Edition CD-ROM. Will a Windows XP 2000 work?

Elise · October 25, 2010

Not sure, but I'd say, just try it.

PleaseHelpMe12 · October 26, 2010

I found an article of using sfc /scannow with just i386 with this article, http://www.updatexp.com/scannow-sfc.html , but i tried and it still asks for a CD

Elise · October 26, 2010

Please rerun Combofix and post me the new log.

PleaseHelpMe12 · October 27, 2010

ComboFix 10-10-26.01 - Compaq_Owner 10/26/2010 22:07:14.4.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.895.545 [GMT -7:00]

Running from: K:\ComboFix.exe

AV: Kaspersky Internet Security *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}

FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\TEMP\logishrd\LVPrcInj01.dll

.

((((((((((((((((((((((((( Files Created from 2010-09-27 to 2010-10-27 )))))))))))))))))))))))))))))))

.

2035-02-21 01:10 . 2010-09-26 19:15 -------- d-----w- c:\program files\BitDefender

2035-02-21 01:10 . 2010-09-26 19:15 -------- d-----w- c:\documents and settings\All Users\Application Data\BitDefender

2035-02-21 01:04 . 2010-09-26 19:15 -------- d-----w- c:\program files\Common Files\BitDefender

2010-10-26 04:35 . 2010-10-26 04:35 -------- d-----w- C:\i386