i've got that damn antivirus2009 thingy

ihateviruses2009 · November 12, 2008

not even in safemode, for the last half-day i've been very p***ed off, i've had to press the on-machine restart-button more times than you can say wickey-bo-bo

i have windoze XP prof' on my infected pc, this isn't the pc im using right now, using another pc. it's completly jammed! firefox/ie won't run, nothing will run except a few games, outlook express, msn.

I've tried running a few 100 malware removers in normal and safe-mode but nothing loads.

if you haven't gathered allready i've got that damn antivirus2009 thingy. why won't the anti-malware run? i've tried 1000 times im so angry!!

Raid · November 12, 2008

Important!

All of the following instructions must be run on the affected computer. Logs from a different computer will not help me help you. So, if you need to download all of this and then copy it to CD or memory stick and take it to the other computer, please do so. Either way, it's important. The logs have to be made by the computer with the problem.

I need you to follow the instructions provided here

Pre- HJT Post Instructions

first.

I also need for you to download this program

OTListIt.exe

http://oldtimer.geekstogo.com/OTListIt.exe' rel="external nofollow">

to your desktop.

Close all applications and windows so that you have nothing open and are at your Desktop
Double-click on the OTListIt.exe file to start OTListIt. OK any warning about running OTListIt.
Place a checkmark in the
"Scan All Users"
checkbox (Leave the 'Use Whitelist' checked' and the 'File Age:' at 30 days)
Click the Run Scan button
NOTE:
Please be patient and let the scan run without using the computer
When the scan is complete, a text file (
OTListIt.Txt
) will open in Notepad (if not, it can be found on your Desktop)
In Notepad, click
Edit
,
Select all
then
Edit
,
Copy
Reply to this topic, click in the topic reply window, and press Ctrl+V to paste the log or Righ click paste.
Submit your reply and close the Notepad window with
OTList.txt
Also OTListIt's
Extras.txt
log file will be minimized in the Taskbar (and located on your Desktop) - click on this and maximize the window
In Notepad, click
Edit
,
Select all
then
Edit
,
Copy
Reply to this topic again, click in the topic reply window, and press Ctrl+V to paste the extras log or Right click paste.
NOTE:
If the files (
OTListIt.txt, Extras.txt
) do not appear in your taskbar, just open the files in notepad from your desktop.

Please allow me time to analyze your post. If you don't see a reply from me after 24 hours, feel free to PM me.

ihateviruses2009 · November 12, 2008

ok 4/5 :S I have windows XP profesional servicepack II by the way.

about search&destroy before i continue, well it would ONLY install in safemode, but either mode (Safe and normal) the program just wouldn't run. (even after i renamed the exe file like I had to do with antimalware).

anti malware log:

okMalwarebytes' Anti-Malware 1.30

Database version: 1306

Windows 5.1.2600 Service Pack 2

11/12/2008 15:36:54

mbam-log-2008-11-12 (15-36-54).txt

Scan type: Quick Scan

Objects scanned: 61670

Time elapsed: 1 hour(s), 18 minute(s), 18 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 2

Registry Values Infected: 0

Registry Data Items Infected: 2

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\ -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: system32\ -> Quarantined and deleted successfully.

Folders Infected:

(No malicious items detected)

Files Infected:

C:\WINDOWS\system32\ (Trojan.Agent) -> Delete on reboot.

----------------------------------------------

just to let you know i actually did this twice and 5 trojans rufuse to budge

with Panda I got as far as "Sorry, updating is incomplete due to an error. Please try again." and ESET-Online (on the latest IE) was 404 heaven :blink:

but panda/eset work on THIS pc, but that's no good is it. somthing is blocking it maybe.

Hijack log:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 16:24:56, on 11/12/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 SP2 (7.00.6000.16735)

Boot mode: Safe mode

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R3 - URLSearchHook: (no name) - - (no file)

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O3 - Toolbar: SpamBlockerUtility - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\SpamBlockerUtility\Bin\4.8.4.0\SbHostIE.dll (file missing)

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll

O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL

O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe

O4 - HKLM\..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\Updreg.exe

O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe

O4 - HKLM\..\Run: [DeltTray] DeltTray.exe

O4 - HKLM\..\Run: [M-Audio Delta Taskbar Icon] C:\WINDOWS\System32\DeltTray.exe

O4 - HKLM\..\Run: [NetStat Live] C:\Program Files\AnalogX\NetStat Live\nsl.exe

O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe

O4 - HKLM\..\Run: [AdvancedCleaner Free] "C:\Program Files\AdvancedCleaner Free\UADC.exe" /min

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [iTunesHelper] "G:\Program Files\iTunesHelper.exe"

O4 - HKLM\..\Run: [lxdjmon.exe] "C:\Program Files\Lexmark 1400 Series\lxdjmon.exe"

O4 - HKLM\..\Run: [lxdjamon] "C:\Program Files\Lexmark 1400 Series\lxdjamon.exe"

O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKCU\..\Run: [iChat] C:\Program Files\IChat\iChat.exe

O4 - HKCU\..\Run: [RealPlayer] "C:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1

O4 - HKCU\..\Run: [setDefaultMIDI] MIDIDef.exe

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm

O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet7_22.dll' missing

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab

O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: karna.dat?,avgrsstx.dll

O20 - Winlogon Notify: mljijge - mljijge.dll (file missing)

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: lxdjCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdjserv.exe

O23 - Service: lxdj_device - - C:\WINDOWS\system32\lxdjcoms.exe

O23 - Service: NNServ - Unknown owner - C:\Program Files\NewDotNet\nnrun.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - g:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe

--

End of file - 8512 bytes

----------------------------------------------------------------------------------------------------------------------------------------------------------------------------

ihateviruses2009 · November 12, 2008

OTLIST IT:

OTListIt logfile created on: 11/12/2008 16:40:28 - Run

OTListIt by OldTimer - Version 1.0.12.0 Folder = C:\Documents and Settings\Mike\Desktop

Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: M/d/yyyy

1023.47 Mb Total Physical Memory | 615.41 Mb Available Physical Memory | 60.13% Memory free

2.40 Gb Paging File | 2.00 Gb Available in Paging File | 83.12% Paging File free

Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 74.54 Gb Total Space | 1.35 Gb Free Space | 1.81% Space Free | Partition Type: NTFS

Drive D: | 84.74 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

Drive G: | 465.76 Gb Total Space | 396.74 Gb Free Space | 85.18% Space Free | Partition Type: NTFS

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: MIKESPC

Current User Name: Mike

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Whitelist: On

File Age = 30 Days

========== Processes ==========

[2008/09/10 13:01:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

[2008/10/01 12:06:14 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

[2008/11/12 13:32:57 | 00,282,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe

[2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe

[2003/10/20 13:47:36 | 00,053,248 | ---- | M] (GEAR Software) -- C:\WINDOWS\system32\gearsec.exe

[2004/09/26 15:30:36 | 00,073,852 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe

[2007/06/11 23:18:00 | 00,537,520 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdjcoms.exe

[2005/12/10 03:06:00 | 00,131,139 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe

[2008/04/22 17:23:02 | 00,098,488 | ---- | M] (SiSoftware) -- g:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe

[2005/01/28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe

[2000/06/26 07:44:20 | 00,053,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MsPMSPSv.exe

[2004/09/26 15:31:14 | 00,135,168 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAAnotif.exe

[2004/08/04 00:56:56 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe

[2005/06/06 22:46:24 | 00,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

[2004/08/26 22:43:06 | 00,056,320 | ---- | M] (Doug Fetter Software Wizardry) -- C:\WINDOWS\system32\DeltTray.exe

[2005/11/01 00:00:00 | 00,307,200 | ---- | M] (Team H2O) -- C:\Program Files\Syncrosoft\POS\H2O\cledx.exe

[2008/11/12 13:32:42 | 01,177,368 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe

[2008/10/01 17:57:12 | 00,289,576 | ---- | M] (Apple Inc.) -- G:\Program Files\iTunesHelper.exe

[2007/04/30 20:19:53 | 00,020,480 | ---- | M] () -- C:\Program Files\Lexmark 1400 Series\lxdjamon.exe

[2008/07/09 09:05:20 | 00,919,016 | ---- | M] (Zone Labs, LLC) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

[2007/07/01 14:05:45 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[2008/11/12 13:32:57 | 00,311,576 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe

[2008/07/09 09:05:18 | 00,075,304 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe

[2008/11/12 13:32:42 | 00,902,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe

[2008/10/01 17:57:00 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe

[2008/07/18 21:10:42 | 00,053,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe

[2008/08/23 05:56:15 | 00,635,848 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe

[2008/07/18 21:10:42 | 00,053,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe

[2008/11/12 11:12:20 | 00,418,304 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTListIt.exe

========== (O23) Win32 Services ==========

[2008/09/10 13:01:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [Auto | Running])

[2008/10/01 12:06:14 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])

[2007/10/24 00:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])

[2008/11/12 13:32:42 | 00,902,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running])

[2008/11/12 13:32:57 | 00,282,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])

[2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])

[2007/10/24 00:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])

[1999/12/13 01:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTSVCCDA.EXE -- (Creative Service for CDROM Access [Disabled | Stopped])

[2003/10/20 13:47:36 | 00,053,248 | ---- | M] (GEAR Software) -- C:\WINDOWS\system32\gearsec.exe -- (GEARSecurity [Auto | Running])

[2007/01/27 15:48:48 | 00,138,168 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])

[2004/09/26 15:30:36 | 00,073,852 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe -- (IAANTMon [Auto | Running])

[2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])

[2008/10/01 17:57:00 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])

[2007/06/11 23:17:46 | 00,099,248 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjserv.exe -- (lxdjCATSCustConnectService [Auto | Stopped])

[2007/06/11 23:18:00 | 00,537,520 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdjcoms.exe -- (lxdj_device [Auto | Running])

File not found -- -- (NNServ [Auto | Stopped])

[2005/12/10 03:06:00 | 00,131,139 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])

[2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])

[2008/04/22 17:23:02 | 00,098,488 | ---- | M] (SiSoftware) -- g:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe -- (SandraAgentSrv [Auto | Running])

[2005/01/28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [Auto | Running])

[2007/01/19 11:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])

[2000/06/26 07:44:20 | 00,053,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MsPMSPSv.exe -- (WMDM PMSP Service [Auto | Running])

========== Driver Services ==========

[2008/11/12 13:33:07 | 00,096,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86 [system | Running])

[2008/11/12 13:33:07 | 00,026,184 | ---- | M] (GRISOFT, s.r.o.) -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86 [system | Running])

[2008/11/12 13:33:08 | 00,075,272 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX [Auto | Running])

[2004/12/06 17:55:20 | 00,126,720 | R--- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k [On_Demand | Stopped])

[2005/05/09 20:08:40 | 00,033,792 | ---- | M] (Team H2O) -- C:\WINDOWS\system32\drivers\cledx.sys -- (CLEDX [On_Demand | Running])

[2008/03/20 16:23:08 | 00,098,328 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\COMMONFX.sys -- (COMMONFX [On_Demand | Stopped])

[2008/03/20 16:23:08 | 00,098,328 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\COMMONFX.sys -- (COMMONFX.SYS [On_Demand | Stopped])

[2008/03/20 16:36:44 | 00,171,032 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\CT20XUT.sys -- (CT20XUT [On_Demand | Stopped])

[2008/03/20 16:36:44 | 00,171,032 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\CT20XUT.sys -- (CT20XUT.SYS [On_Demand | Stopped])

[2004/08/25 08:28:28 | 00,645,520 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k [On_Demand | Running])

[2004/08/25 08:29:30 | 00,374,704 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k [On_Demand | Running])

[2008/03/20 16:23:44 | 00,528,920 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTAUDFX.sys -- (CTAUDFX [On_Demand | Stopped])

[2008/03/20 16:23:44 | 00,528,920 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTAUDFX.sys -- (CTAUDFX.SYS [On_Demand | Stopped])

[2005/11/10 17:06:04 | 00,340,704 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k [On_Demand | Stopped])

[2008/03/20 16:26:30 | 00,163,352 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTEAPSFX.sys -- (CTEAPSFX [On_Demand | Stopped])

[2008/03/20 16:26:30 | 00,163,352 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTEAPSFX.sys -- (CTEAPSFX.SYS [On_Demand | Stopped])

[2008/03/20 16:32:36 | 00,259,096 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTEDSPFX.sys -- (CTEDSPFX [On_Demand | Stopped])

[2008/03/20 16:32:36 | 00,259,096 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTEDSPFX.sys -- (CTEDSPFX.SYS [On_Demand | Stopped])

[2008/03/20 16:38:06 | 00,134,168 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTEDSPIO.sys -- (CTEDSPIO [On_Demand | Stopped])

[2008/03/20 16:38:06 | 00,134,168 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTEDSPIO.sys -- (CTEDSPIO.SYS [On_Demand | Stopped])

[2008/03/20 16:37:36 | 00,309,784 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTEDSPSY.sys -- (CTEDSPSY [On_Demand | Stopped])

[2008/03/20 16:37:36 | 00,309,784 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTEDSPSY.sys -- (CTEDSPSY.SYS [On_Demand | Stopped])

[2008/03/20 16:36:14 | 00,099,352 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTERFXFX.sys -- (CTERFXFX [On_Demand | Stopped])

[2008/03/20 16:36:14 | 00,099,352 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTERFXFX.sys -- (CTERFXFX.SYS [On_Demand | Stopped])

[2008/03/20 16:40:38 | 01,324,056 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\CTEXFIFX.sys -- (CTEXFIFX [On_Demand | Stopped])

[2008/03/20 16:40:38 | 01,324,056 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS [On_Demand | Stopped])

[2008/03/20 16:37:10 | 00,072,728 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\CTHWIUT.sys -- (CTHWIUT [On_Demand | Stopped])

[2008/03/20 16:37:10 | 00,072,728 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\CTHWIUT.sys -- (CTHWIUT.SYS [On_Demand | Stopped])

[2004/08/25 08:29:50 | 00,006,096 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k [On_Demand | Running])

[2008/03/20 16:25:44 | 00,534,040 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTSBLFX.sys -- (CTSBLFX [On_Demand | Stopped])

[2008/03/20 16:25:44 | 00,534,040 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTSBLFX.sys -- (CTSBLFX.SYS [On_Demand | Stopped])

[2004/08/25 08:30:06 | 00,130,384 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k [On_Demand | Running])

[2005/10/06 13:31:54 | 00,292,992 | ---- | M] (Midiman/M-Audio) -- C:\WINDOWS\system32\drivers\delta.sys -- (DELTA [On_Demand | Running])

[2004/08/25 08:30:18 | 00,147,088 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia [On_Demand | Running])

[2004/08/03 23:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum [On_Demand | Stopped])

[2008/04/17 12:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])

[2004/05/02 08:47:08 | 00,023,040 | R--- | M] () -- C:\WINDOWS\System32\drivers\GVCplDrv.sys -- (GVCplDrv [On_Demand | Running])

[2004/08/25 08:27:10 | 00,924,464 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k [On_Demand | Running])

[2004/08/25 08:27:28 | 00,148,368 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\haP16v2k.sys -- (hap16v2k [On_Demand | Stopped])

[2008/03/20 16:56:54 | 00,191,000 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\haP17v2k.sys -- (hap17v2k [On_Demand | Stopped])

[2004/03/17 15:10:40 | 00,113,664 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService [On_Demand | Running])

[2004/03/17 15:12:12 | 00,135,168 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus [On_Demand | Running])

[2004/09/26 15:24:54 | 00,477,952 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor [boot | Running])

[2001/08/17 13:51:32 | 00,018,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir [On_Demand | Running])

[2007/07/19 15:10:28 | 00,127,768 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF [On_Demand | Stopped])

[2004/02/16 22:19:30 | 00,571,776 | ---- | M] (Eugene Gavrilov) -- C:\WINDOWS\system32\drivers\kx.sys -- (kxwdmdrv [On_Demand | Stopped])

[2001/07/27 21:50:05 | 00,031,744 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Temp\lac97inf.sys -- (lac97inf [On_Demand | Stopped])

[2007/09/05 01:46:34 | 00,092,544 | ---- | M] (MagicISO, Inc.) -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus [On_Demand | Running])

[2005/12/10 03:06:00 | 03,536,768 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv [On_Demand | Running])

[2004/08/25 08:29:42 | 00,178,736 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv [On_Demand | Running])

[2008/06/19 17:24:30 | 00,028,544 | ---- | M] (Panda Security, S.L.) -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot [boot | Running])

[2004/04/01 16:30:46 | 00,010,368 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc [On_Demand | Running])

[2001/08/23 15:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])

[2006/11/02 15:57:04 | 00,036,624 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20 [boot | Running])

[2008/03/10 18:30:36 | 00,021,408 | ---- | M] (SiSoftware) -- g:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\sandra.sys -- (SANDRA [On_Demand | Stopped])

[2006/12/27 14:47:30 | 00,009,006 | ---- | M] (ZD Soft) -- C:\WINDOWS\system32\drivers\scrcap.sys -- (scrcap [On_Demand | Running])

[2007/11/13 10:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [Auto | Running])

[2003/09/22 13:46:10 | 00,096,906 | ---- | M] (Silicon Image, Inc) -- C:\WINDOWS\system32\drivers\SI3114r.sys -- (SI3114r [boot | Running])

[2003/09/17 17:29:52 | 00,010,240 | ---- | M] (Silicon Image, Inc.) -- C:\WINDOWS\system32\drivers\SiWinAcc.sys -- (SiFilter [boot | Running])

[2008/02/27 03:10:44 | 00,051,176 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan [boot | Running])

[2008/02/20 12:47:34 | 00,027,936 | ---- | M] (RapidSolution Software AG) -- C:\WINDOWS\system32\drivers\tbhsd.sys -- (tbhsd [On_Demand | Running])

[2008/10/01 12:01:28 | 00,032,000 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped])

[2004/08/03 23:08:44 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbser.sys -- (usbser [On_Demand | Stopped])

[2008/07/09 09:05:22 | 00,394,952 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant [On_Demand | Running])

[2006/03/13 16:49:54 | 00,060,800 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\w300bus.sys -- (w300bus [On_Demand | Stopped])

[2006/03/13 16:50:00 | 00,009,264 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\w300mdfl.sys -- (w300mdfl [On_Demand | Stopped])

[2006/03/13 16:50:02 | 00,096,352 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\w300mdm.sys -- (w300mdm [On_Demand | Stopped])

[2006/03/13 16:50:06 | 00,087,824 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\w300mgmt.sys -- (w300mgmt [On_Demand | Stopped])

[2006/03/13 16:50:08 | 00,085,696 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\w300obex.sys -- (w300obex [On_Demand | Stopped])

[2003/12/23 06:32:00 | 00,174,464 | ---- | M] (Marvell Semiconductor Inc.) -- C:\WINDOWS\system32\drivers\yukonwxp.sys -- (yukonwxp [On_Demand | Running])

========== Internet Explorer ==========

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com

URLSearchHook: - Reg Error: Key does not exist or could not be opened. File not found

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\S-1-5-21-436374069-884357618-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

HKU\S-1-5-21-436374069-884357618-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

HKU\S-1-5-21-436374069-884357618-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google

HKU\S-1-5-21-436374069-884357618-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8

HKU\S-1-5-21-436374069-884357618-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

HKU\S-1-5-21-436374069-884357618-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com

URLSearchHook: - Reg Error: Key does not exist or could not be opened. File not found

HKU\S-1-5-21-436374069-884357618-725345543-1003\S-1-5-21-436374069-884357618-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\S-1-5-21-436374069-884357618-725345543-1003\S-1-5-21-436374069-884357618-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

O1 HOSTS File: (732 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)

O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()

O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (SpamBlockerUtility) - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\SpamBlockerUtility\Bin\4.8.4.0\SbHostIE.dll File not found

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)

O3 - HKLM\..\Toolbar: (ZoneAlarm Spy Blocker) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm)

O3 - HKCU\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)

O3 - HKCU\..\Toolbar: (no name) - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\SpamBlockerUtility\Bin\4.8.4.0\SbHostIE.dll File not found

O3 - HKCU\..\Toolbar: (no name) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm)

O3 - HKCU\..\Toolbar: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()

O3 - HKCU\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)

O3 - HKCU\..\Toolbar: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - Reg Error: Key does not exist or could not be opened. File not found

O3 - HKCU\..\Toolbar: (no name) - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\SpamBlockerUtility\Bin\4.8.4.0\SbHostIE.dll File not found

O3 - HKCU\..\Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - Reg Error: Key does not exist or could not be opened. File not found

O3 - HKCU\..\Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)

O3 - HKCU\..\Toolbar: (no name) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm)

O3 - HKU\S-1-5-21-436374069-884357618-725345543-1003\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)

O3 - HKU\S-1-5-21-436374069-884357618-725345543-1003\..\Toolbar: (no name) - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\SpamBlockerUtility\Bin\4.8.4.0\SbHostIE.dll File not found

O3 - HKU\S-1-5-21-436374069-884357618-725345543-1003\..\Toolbar: (no name) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm)

O3 - HKU\S-1-5-21-436374069-884357618-725345543-1003\..\Toolbar: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()

O3 - HKU\S-1-5-21-436374069-884357618-725345543-1003\..\Toolbar: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)

O3 - HKU\S-1-5-21-436374069-884357618-725345543-1003\..\Toolbar: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - Reg Error: Key does not exist or could not be opened. File not found

O3 - HKU\S-1-5-21-436374069-884357618-725345543-1003\..\Toolbar: (no name) - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\SpamBlockerUtility\Bin\4.8.4.0\SbHostIE.dll File not found

O3 - HKU\S-1-5-21-436374069-884357618-725345543-1003\..\Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - Reg Error: Key does not exist or could not be opened. File not found

O3 - HKU\S-1-5-21-436374069-884357618-725345543-1003\..\Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)

O3 - HKU\S-1-5-21-436374069-884357618-725345543-1003\..\Toolbar: (no name) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm)

O4 - HKLM..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdvancedCleaner Free] "C:\Program Files\AdvancedCleaner Free\UADC.exe" /min File not found

O4 - HKLM..\Run: [Alcmtr] ALCMTR.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)

O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run File not found

O4 - HKLM..\Run: [CTxfiHlp] CTXFIHLP.EXE (Creative Technology Ltd)

O4 - HKLM..\Run: [DeltTray] DeltTray.exe (Doug Fetter Software Wizardry)

O4 - HKLM..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe File not found

O4 - HKLM..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe (Team H2O)

O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe (Windows ® Server 2003 DDK provider)

O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe (Intel Corporation)

O4 - HKLM..\Run: [iTunesHelper] "G:\Program Files\iTunesHelper.exe" (Apple Inc.)

O4 - HKLM..\Run: [lxdjamon] "C:\Program Files\Lexmark 1400 Series\lxdjamon.exe" ()

O4 - HKLM..\Run: [lxdjmon.exe] "C:\Program Files\Lexmark 1400 Series\lxdjmon.exe" File not found

O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript File not found

O4 - HKLM..\Run: [M-Audio Delta Taskbar Icon] C:\WINDOWS\System32\DeltTray.exe (Doug Fetter Software Wizardry)

O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe (Ahead Software Gmbh)

O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)

O4 - HKLM..\Run: [NetStat Live] C:\Program Files\AnalogX\NetStat Live\nsl.exe ()

O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)

O4 - HKLM..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe ()

O4 - HKLM..\Run: [nwiz] nwiz.exe /install ()

O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)

O4 - HKLM..\Run: [soundMan] SOUNDMAN.EXE File not found

O4 - HKLM..\Run: [updReg] C:\WINDOWS\Updreg.exe (Creative Technology Ltd.)

O4 - HKLM..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" (Zone Labs, LLC)

O4 - HKCU..\Run: [iChat] C:\Program Files\IChat\iChat.exe (AlexSoft)

O4 - HKCU..\Run: [RealPlayer] "C:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot (RealNetworks, Inc.)

O4 - HKCU..\Run: [setDefaultMIDI] MIDIDef.exe (Creative Technology Ltd)

O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - HKCU..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 (Adobe Systems Incorporated)

O4 - HKU\S-1-5-21-436374069-884357618-725345543-1003..\Run: [iChat] C:\Program Files\IChat\iChat.exe (AlexSoft)

O4 - HKU\S-1-5-21-436374069-884357618-725345543-1003..\Run: [RealPlayer] "C:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot (RealNetworks, Inc.)

O4 - HKU\S-1-5-21-436374069-884357618-725345543-1003..\Run: [setDefaultMIDI] MIDIDef.exe (Creative Technology Ltd)

O4 - HKU\S-1-5-21-436374069-884357618-725345543-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - HKU\S-1-5-21-436374069-884357618-725345543-1003..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 (Adobe Systems Incorporated)

O4 - HKU\.DEFAULT..\RunOnce: [RunNarrator] Narrator.exe (Microsoft Corporation)

O4 - HKU\.DEFAULT..\RunOnce: [setDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (Creative Technology Ltd)

O4 - HKU\S-1-5-18..\RunOnce: [RunNarrator] Narrator.exe (Microsoft Corporation)

O4 - HKU\S-1-5-18..\RunOnce: [setDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (Creative Technology Ltd)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing LP)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceClassicControlPanel = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-436374069-884357618-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95

O7 - HKU\S-1-5-21-436374069-884357618-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =

O7 - HKU\S-1-5-21-436374069-884357618-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceClassicControlPanel = 1

O8 - Extra context menu item: &Search - Reg Error: Value does not exist or could not be read.

O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm

O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm

O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll (Sun Microsystems, Inc.)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O15 - HKLM\..Trusted Sites: 1 domain(s) and sub-domain(s) not assigned to a zone.

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab (MessengerStatsClient Class)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab (ZoneIntro Class)

O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)

O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flash...ent/swflash.cab (Shockwave Flash Object)

O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} http://messenger.zone.msn.com/binary/Chess.cab31267.cab (ZoneChess Object)

O18 - Protocol\Handler: - ipp - No CLSID value found

O18 - Protocol\Handler: - ipp\0x00000001 - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler: - linkscanner - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)

O18 - Protocol\Handler: - livecall - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)

O18 - Protocol\Handler: - msdaipp - No CLSID value found

O18 - Protocol\Handler: - msdaipp\0x00000001 - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler: - msdaipp\oledb - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler: - msnim - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)

O18 - Protocol\Handler: - skype4com - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)

O20 - See sections below for AppInitDlls and Winlogon settings

========== AppInit_DLLs ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_Dlls" = karna.dat?,avgrsstx.dll

>File not found --

>[2008/11/12 13:32:56 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\avgrsstx.dll

========== Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]

mljijge: "DllName" = mljijge.dll -- File not found

========== LSA *Authentication Packages* ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

"Authentication Packages" = msv1_0,C:\WINDOWS\system32\geebb.dll,

>File not found -- C:\WINDOWS\system32\geebb.dll

========== Safeboot Options ==========

"AlternateShell" = cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]

"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []

[2005/12/22 12:36:15 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

========== Files/Folders - Created Within 30 Days ==========

[8 C:\WINDOWS\System32\*.tmp files]

[3 C:\WINDOWS\*.tmp files]

[9 C:\Documents and Settings\All Users\Application Data\*.tmp files]

[2008/11/12 16:24:43 | 00,001,743 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\HijackThis.lnk

[2008/11/12 16:24:43 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro

[2008/11/12 16:14:47 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Mike\Desktop\JTInstall.exe

[2008/11/12 16:05:29 | 00,028,544 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys

[2008/11/12 16:04:54 | 00,000,000 | ---D | C] -- C:\Program Files\Panda Security

[2008/11/12 16:04:35 | 00,175,648 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\activescan2_en.exe

[2008/11/12 15:57:53 | 00,000,942 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Spybot - Search & Destroy.lnk

[2008/11/12 15:51:50 | 15,083,520 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\Mike\Desktop\spybotsd160.exe

[2008/11/12 15:39:52 | 00,021,380 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\fail.JPG

[2008/11/12 13:32:56 | 00,001,516 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 8.0.lnk

[2008/11/12 12:38:27 | 00,000,802 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Watch.lnk

[2008/11/12 12:38:27 | 00,000,802 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk

[2008/11/12 12:38:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft

[2008/11/12 11:21:42 | 23,804,784 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\ppp2008.exe

[2008/11/12 11:12:15 | 00,418,304 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTListIt.exe

[2008/11/12 02:58:15 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\nrxe.sys

[2008/11/12 01:33:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Application Data\Malwarebytes

[2008/11/11 23:34:00 | 00,199,680 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\crd.exe

[2008/11/11 23:34:00 | 00,122,216 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\crude.jpg

[2008/11/11 23:34:00 | 00,015,958 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\crude.nfo

[2008/11/11 23:34:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\setup

[2008/11/11 23:34:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\keygen

[2008/11/11 23:33:09 | 03,049,294 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\malwarebytes.anti-malware.v1.29.multilingual.winall.incl.keygen-crd.rar

[2008/11/11 23:30:12 | 02,372,472 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Mike\Desktop\mbam-setup(4).exe

[2008/11/11 23:09:36 | 07,642,792 | ---- | C] (Simply Super Software ) -- C:\Documents and Settings\Mike\Desktop\trsetup.exe

[2008/11/11 18:18:56 | 00,000,704 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RogueRemover FREE.lnk

[2008/11/11 18:18:55 | 00,000,000 | ---D | C] -- C:\Program Files\RogueRemover FREE

[2008/11/11 18:18:19 | 00,690,568 | ---- | C] (Malwarebytes ) -- C:\Documents and Settings\Mike\Desktop\rr-free-setup.exe

[2008/11/11 17:37:15 | 01,435,272 | ---- | C] (Macromedia, Inc.) -- C:\WINDOWS\System32\Flash.ocx

[2008/11/11 17:37:15 | 01,140,472 | ---- | C] (Infragistics, Inc.) -- C:\WINDOWS\System32\IGUltraGrid20.ocx

[2008/11/11 17:37:15 | 00,423,784 | ---- | C] (Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com) -- C:\WINDOWS\System32\XceedBkp.dll

[2008/11/11 17:37:15 | 00,265,753 | ---- | C] (Ariad Software) -- C:\WINDOWS\System32\AS-Exp2.ocx

[2008/11/11 17:37:15 | 00,131,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSADODC.ocx

[2008/11/11 17:37:15 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\systray.ocx

[2008/11/11 17:37:14 | 00,089,088 | ---- | C] (Ariad Software) -- C:\WINDOWS\System32\ProgressBar4.ocx

[2008/11/11 17:37:14 | 00,011,012 | ---- | C] () -- C:\WINDOWS\System32\threadapi.tlb

[2008/11/11 17:37:14 | 00,010,752 | ---- | C] ( ) -- C:\WINDOWS\System32\md5.dll

[2008/11/11 17:08:53 | 00,000,000 | ---D | C] -- C:\Avenger

[2008/11/11 16:52:03 | 00,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware

[2008/11/11 16:43:55 | 00,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group

[2008/11/11 16:41:42 | 09,212,096 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Spyhunter-Detection-Utility-Install.exe

[2008/11/11 15:39:51 | 02,372,472 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Mike\Desktop\mbam-setup(2).exe

[2008/11/11 10:29:59 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2008/11/11 10:29:59 | 00,000,573 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2008/11/11 10:29:56 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2008/11/11 10:29:40 | 02,372,472 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Mike\Desktop\mbam-setup_130.exe

[2008/11/11 10:27:26 | 02,372,472 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Mike\Desktop\mbam-setup.exe

[2008/11/11 10:20:54 | 00,000,684 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Trojan Killer.lnk

[2008/11/11 10:20:53 | 00,000,000 | ---D | C] -- C:\Program Files\Trojan Killer

[2008/11/11 10:20:02 | 04,713,897 | ---- | C] (GridinSoft, Inc. ) -- C:\Documents and Settings\Mike\Desktop\trojankiller-setup.exe

[2008/11/11 03:11:11 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2008/11/11 02:59:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2008/11/11 01:47:35 | 00,031,240 | ---- | C] () -- C:\WINDOWS\Sysvxd.exe

[2008/11/11 01:11:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie7updates

[2008/11/11 01:09:17 | 00,459,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll

[2008/11/11 01:09:17 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll

[2008/11/11 01:09:15 | 00,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui

[2008/11/11 01:09:15 | 00,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll

[2008/11/11 01:09:15 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe

[2008/11/11 01:09:13 | 06,066,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll

[2008/11/11 01:09:13 | 00,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll

[2008/11/11 01:09:12 | 02,455,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat

[2008/11/11 01:09:11 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll

[2008/11/11 01:08:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM

[2008/11/11 01:07:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US

[2008/11/11 01:04:29 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie7

[2008/11/11 01:03:17 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$

[2008/11/11 01:01:00 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$

[2008/11/11 00:58:37 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmllite.dll

[2008/11/11 00:50:53 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic

[2008/11/10 23:18:59 | 00,019,742 | ---- | C] () -- C:\WINDOWS\System32\iqenaxokuw.bat

[2008/11/10 23:18:59 | 00,019,411 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\benegosov.dll

[2008/11/10 23:18:59 | 00,018,925 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\pyvy._dl

[2008/11/10 23:18:59 | 00,018,511 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\utot._sy

[2008/11/10 23:18:59 | 00,018,504 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\aqywerax.dll

[2008/11/10 23:18:59 | 00,017,865 | ---- | C] () -- C:\WINDOWS\ipavokahib.dl

[2008/11/10 23:18:59 | 00,016,978 | ---- | C] () -- C:\WINDOWS\System32\atoramefo.bin

[2008/11/10 23:18:59 | 00,016,679 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\vovocax.pif

[2008/11/10 23:18:59 | 00,016,554 | ---- | C] () -- C:\WINDOWS\xydyc.reg

[2008/11/10 23:18:59 | 00,016,285 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\tufome.ban

[2008/11/10 23:18:59 | 00,016,259 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\izitibecyp.bin

[2008/11/10 23:18:59 | 00,016,029 | ---- | C] () -- C:\WINDOWS\System32\urucam.inf

[2008/11/10 23:18:59 | 00,015,976 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\zizi.dll

[2008/11/10 23:18:59 | 00,015,957 | ---- | C] () -- C:\WINDOWS\System32\ixohewu.scr

[2008/11/10 23:18:59 | 00,014,311 | ---- | C] () -- C:\Program Files\Common Files\jeqycy.dat

[2008/11/10 23:18:59 | 00,013,998 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\pypisawy.db

[2008/11/10 23:18:59 | 00,013,427 | ---- | C] () -- C:\WINDOWS\System32\ytapafuxi.scr

[2008/11/10 23:18:59 | 00,013,053 | ---- | C] () -- C:\WINDOWS\redahydumu.bat

[2008/11/10 23:18:59 | 00,012,538 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\axiqekitu.db

[2008/11/10 23:18:59 | 00,011,251 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\onomujamet.sys

[2008/11/10 23:18:59 | 00,011,034 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\apehiryp.db

[2008/11/10 23:11:06 | 00,019,361 | ---- | C] () -- C:\WINDOWS\System32\ocuhecyqor.bin

[2008/11/10 23:11:06 | 00,019,336 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\niqev.com

[2008/11/10 23:11:06 | 00,018,473 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\sybaw._dl

[2008/11/10 23:11:06 | 00,018,066 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\nydoson._dl

[2008/11/10 23:11:06 | 00,017,735 | ---- | C] () -- C:\Program Files\Common Files\opuhy.inf

[2008/11/10 23:11:06 | 00,017,080 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\nuji.bat

[2008/11/10 23:11:06 | 00,016,057 | ---- | C] () -- C:\WINDOWS\jorykamuhu.vbs

[2008/11/10 23:11:06 | 00,015,972 | ---- | C] () -- C:\WINDOWS\tytekicojy.scr

[2008/11/10 23:11:06 | 00,015,048 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\ybur.db

[2008/11/10 23:11:06 | 00,014,524 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\xilebewy.pif

[2008/11/10 23:11:06 | 00,013,541 | ---- | C] () -- C:\WINDOWS\System32\ginelygy.reg

[2008/11/10 23:11:06 | 00,013,318 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\cotyf.exe

[2008/11/10 23:11:06 | 00,012,870 | ---- | C] () -- C:\Program Files\Common Files\vepezenih._sy

[2008/11/10 23:11:06 | 00,012,824 | ---- | C] () -- C:\WINDOWS\exumu.scr

[2008/11/10 23:11:06 | 00,012,587 | ---- | C] () -- C:\WINDOWS\emibiqili.scr

[2008/11/10 23:11:06 | 00,012,573 | ---- | C] () -- C:\WINDOWS\System32\imodon.ban

[2008/11/10 23:11:06 | 00,012,266 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bunuve.pif

[2008/11/10 23:11:06 | 00,012,157 | ---- | C] () -- C:\WINDOWS\samyzedy.dl

[2008/11/10 23:11:06 | 00,011,938 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\tawuguduwi.dat

[2008/11/10 23:11:06 | 00,011,234 | ---- | C] () -- C:\Program Files\Common Files\ypuzovib.reg

[2008/11/10 23:11:06 | 00,010,679 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\udoqimoc._dl

[2008/11/08 01:56:40 | 08,443,378 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\202-spiral_tribe-connector-def.mp3

[2008/11/08 01:30:03 | 89,371,711 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Spiral-Tribe-Respect-To-The-Hardcore-Mother-Earth--EXPRSPICD--2CD-2008-DEF.part2.rar

[2008/11/08 01:01:27 | 00,048,588 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\spiraltribe.JPG

[2008/11/08 00:49:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\Spiral_Tribe-Respect_To_The_Hardcore_Mother_Earth-(EXPRSPICD)-2CD-2008-DEF

[2008/11/08 00:20:31 | 10,485,7600 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Spiral_Tribe-Respect_To_The_Hardcore_Mother_Earth-_EXPRSPICD_-2CD-2008-DEF.part1.rar

[2008/11/07 16:29:56 | 00,188,594 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Fire-Jericho.jpg

[2008/11/07 16:25:05 | 07,117,535 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\jericho.rar

[2008/11/07 15:17:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\jericho

[2008/11/07 01:04:10 | 04,338,978 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\organux_demo.zip

[2008/11/06 23:09:02 | 06,810,747 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\7up.xrns

[2008/11/06 20:27:08 | 94,954,427 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Most_Wanted_Old_Skool_Acapellas__02.rar

[2008/11/06 02:02:50 | 00,001,774 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\LoadDown.lnk

[2008/11/06 02:02:49 | 00,000,000 | ---D | C] -- C:\Program Files\UIC Phoenxsoftware

[2008/11/06 01:56:15 | 00,000,000 | ---D | C] -- C:\Program Files\EasySleep

[2008/11/05 21:39:44 | 00,127,768 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys

[2008/11/05 11:12:27 | 00,019,491 | ---- | C] () -- C:\WINDOWS\lyzifebi.lib

[2008/11/05 11:12:27 | 00,019,490 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\sydifyniqu.sys

[2008/11/05 11:12:27 | 00,019,401 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\xidi.pif

[2008/11/05 11:12:27 | 00,018,549 | ---- | C] () -- C:\WINDOWS\sopy.dl

[2008/11/05 11:12:27 | 00,018,247 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\pemohaqoxu.dat

[2008/11/05 11:12:27 | 00,017,573 | ---- | C] () -- C:\Program Files\Common Files\sydupi.dl

[2008/11/05 11:12:27 | 00,017,274 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\gico.lib

[2008/11/05 11:12:27 | 00,016,584 | ---- | C] () -- C:\WINDOWS\pebyho.lib

[2008/11/05 11:12:27 | 00,015,263 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\cifuka.bat

[2008/11/05 11:12:27 | 00,014,019 | ---- | C] () -- C:\WINDOWS\qataboju.scr

[2008/11/05 11:12:27 | 00,012,182 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\qanama.scr

[2008/11/05 11:12:26 | 00,019,223 | ---- | C] () -- C:\Program Files\Common Files\emyham.sys

[2008/11/05 11:12:26 | 00,018,023 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\juza._dl

[2008/11/05 11:12:26 | 00,014,711 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\ulotawura.dl

[2008/11/05 11:12:26 | 00,014,381 | ---- | C] () -- C:\Program Files\Common Files\jodotut.reg

[2008/11/05 11:12:26 | 00,013,531 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\uqodi.inf

[2008/11/05 11:12:26 | 00,013,109 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\ocazyro._sy

[2008/11/05 11:12:26 | 00,012,640 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\dovuresozy.bat

[2008/11/05 11:12:26 | 00,012,431 | ---- | C] () -- C:\WINDOWS\otyviko._dl

[2008/11/05 11:12:26 | 00,012,338 | ---- | C] () -- C:\WINDOWS\System32\nyxozurul.scr

[2008/11/05 11:12:26 | 00,012,271 | ---- | C] () -- C:\WINDOWS\cedebuhe.lib

[2008/11/05 11:12:26 | 00,010,384 | ---- | C] () -- C:\WINDOWS\wowuv.inf

[2008/11/04 17:35:53 | 00,010,235 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\spunge.JPG

[2008/11/01 17:19:48 | 00,441,306 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\angle.bmp

[2008/11/01 16:59:27 | 02,313,910 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\wings 96style remix.xrns

[2008/10/31 18:12:06 | 00,043,605 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\sway.JPG

[2008/10/31 17:31:44 | 00,052,628 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\bm.JPG

[2008/10/30 22:21:29 | 00,056,035 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\dstyles.JPG

[2008/10/30 20:45:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\346346_Backups

[2008/10/30 16:57:32 | 05,604,355 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\346346.xrns

[2008/10/29 20:25:15 | 10,099,1815 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\MOV00136.MPG

[2008/10/29 16:11:59 | 04,905,796 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\raveyard.mp3

[2008/10/29 16:10:33 | 43,253,626 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\raveyard.wav

[2008/10/28 23:40:36 | 06,341,165 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\orch.xrns

[2008/10/28 18:19:17 | 04,300,844 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\blacksheepclip.wav

[2008/10/28 16:03:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\3 Feet High & Rising

[2008/10/28 00:22:04 | 00,015,443 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\experience.jpg

[2008/10/27 18:10:17 | 00,273,204 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\burndub.wav

[2008/10/27 17:46:58 | 00,038,205 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\What_U_Waitin_4.rm

[2008/10/27 16:41:02 | 04,137,562 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\wicked.xrns

[2008/10/27 16:19:26 | 21,816,238 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Debonaire - Name That Toon (12'') (1988).zip

[2008/10/27 00:40:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\Company Flow - Funcrusher Plus ( 1997 )

[2008/10/26 21:46:37 | 03,479,722 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Drum_rolls.zip

[2008/10/26 13:19:39 | 02,458,019 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\teatime.xrns

[2008/10/25 11:33:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\797_Backups

[2008/10/25 01:24:40 | 02,120,407 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\797.xrns

[2008/10/24 17:01:44 | 11,503,3010 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Needs_More_Bombscare-Nov_7.MP3

[2008/10/24 16:53:51 | 00,136,194 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\isotonik.JPG

[2008/10/24 16:05:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\Eminem-Infinite-1996-KSi

[2008/10/24 14:43:29 | 00,567,098 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\reaplugs112.zip

[2008/10/24 00:40:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\909_Backups

[2008/10/23 19:12:25 | 00,182,578 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\rr.JPG

[2008/10/23 16:20:04 | 06,504,117 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\909.xrns

[2008/10/23 15:56:57 | 04,891,269 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\xperience.rar

[2008/10/23 15:56:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\xperience

[2008/10/23 11:18:08 | 24,711,212 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\raggamuffin-hiphop_rub-a-dub-apella.wav

[2008/10/23 09:48:23 | 11,444,9748 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Thumbzo-92-93_Mix-Sept_08.MP3

[2008/10/22 15:17:35 | 20,709,934 | ---- | C] () -- C:\frg008.wav

[2008/10/22 15:17:16 | 00,040,520 | ---- | C] () -- C:\frg008.sfk

[2008/10/21 15:28:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\14TLP

[2008/10/18 12:01:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Local Settings\Application Data\TVU Networks

[2008/10/18 12:01:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TVU Networks

[2008/10/15 22:00:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Application Data\Lexmark Productivity Studio

[2008/10/15 21:47:55 | 00,000,000 | ---D | C] -- C:\Program Files\Lexmark Toolbar

[2008/10/15 21:47:25 | 00,000,000 | ---D | C] -- C:\Program Files\Lx_cats

[2008/10/15 21:44:44 | 00,000,000 | ---D | C] -- C:\logs

[2008/10/15 21:44:07 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdjvs.dll

[2008/10/15 21:44:02 | 00,348,160 | ---- | C] () -- C:\WINDOWS\System32\lxdjcoin.dll

[2008/10/15 21:43:37 | 00,000,749 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Lexmark Imaging Studio - 1400 Series.LNK

[2008/10/15 21:42:44 | 00,000,060 | ---- | C] () -- C:\WINDOWS\System32\lxdjrwrd.ini

[2008/10/15 21:42:30 | 00,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjinpa.dll

[2008/10/15 21:42:30 | 00,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjiesc.dll

[2008/10/15 21:42:30 | 00,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjhcp.dll

[2008/10/15 21:42:30 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\lxdjinst.dll

[2008/10/15 21:42:29 | 01,232,896 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjserv.dll

[2008/10/15 21:42:29 | 00,999,424 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjusb1.dll

[2008/10/15 21:42:29 | 00,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjpmui.dll

[2008/10/15 21:42:29 | 00,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjlmpm.dll

[2008/10/15 21:42:29 | 00,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjprox.dll

[2008/10/15 21:42:29 | 00,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjpplc.dll

[2008/10/15 21:42:28 | 00,722,917 | ---- | C] () -- C:\WINDOWS\System32\lxdjhelp.chm

[2008/10/15 21:42:28 | 00,385,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjih.exe

[2008/10/15 21:42:27 | 00,983,121 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lxdjgf.dll

[2008/10/15 21:42:27 | 00,700,416 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjhbn3.dll

[2008/10/15 21:42:27 | 00,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdjgrd.dll

[2008/10/15 21:42:26 | 00,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjcomc.dll

[2008/10/15 21:42:26 | 00,537,520 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjcoms.exe

[2008/10/15 21:42:26 | 00,425,984 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjcomm.dll

[2008/10/15 21:42:26 | 00,394,160 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjcfg.exe

[2008/10/15 21:42:26 | 00,077,906 | ---- | C] (Lexmark International) -- C:\WINDOWS\System32\lxdjcfg.dll

[2008/10/15 21:42:25 | 00,070,824 | ---- | C] () -- C:\WINDOWS\System32\LexFiles.ulf

[2008/10/15 21:42:25 | 00,001,828 | ---- | C] () -- C:\WINDOWS\System32\lxdj.loc

[2008/10/15 21:42:19 | 00,000,000 | ---D | C] -- C:\Program Files\Lexmark 1400 Series

[2008/10/14 14:53:06 | 00,001,612 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nero Express.lnk

[2008/10/14 14:52:47 | 00,368,640 | ---- | C] (Pegasus Imaging Corporation) -- C:\WINDOWS\System32\TwnLib4.dll

[2008/10/14 14:52:45 | 00,000,000 | ---D | C] -- C:\Program Files\Nero

[2008/10/14 14:52:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nero

[2008/10/14 14:41:48 | 00,015,129 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\BNLAudio1.nra

========== Files - Modified Within 30 Days ==========

[8 C:\WINDOWS\System32\*.tmp files]

[3 C:\WINDOWS\*.tmp files]

[9 C:\Documents and Settings\All Users\Application Data\*.tmp files]

[2008/11/12 16:27:59 | 00,352,932 | -H-- | M] () -- C:\WINDOWS\System32\vsconfig.xml

[2008/11/12 16:27:42 | 00,000,434 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics

[2008/11/12 16:27:07 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2008/11/12 16:27:00 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2008/11/12 16:24:43 | 00,001,743 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\HijackThis.lnk

[2008/11/12 16:19:51 | 00,000,924 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000004-00000000-00000001-00001102-00000004-40021102}.rfx

[2008/11/12 16:19:51 | 00,000,924 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000004-00000000-00000001-00001102-00000004-40021102}.rfx

[2008/11/12 16:19:51 | 00,000,384 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000004-00000000-00000001-00001102-00000004-40021102}.dat

[2008/11/12 16:19:51 | 00,000,384 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000004-00000000-00000001-00001102-00000004-40021102}.dat

[2008/11/12 16:19:51 | 00,000,064 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000004-00000000-00000001-00001102-00000004-40021102}.rfx

[2008/11/12 16:19:51 | 00,000,064 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000004-00000000-00000001-00001102-00000004-40021102}.rfx

[2008/11/12 16:14:53 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Mike\Desktop\JTInstall.exe

[2008/11/12 16:04:35 | 00,175,648 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\activescan2_en.exe

[2008/11/12 15:57:53 | 00,000,942 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Spybot - Search & Destroy.lnk

[2008/11/12 15:54:43 | 15,083,520 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\Mike\Desktop\spybotsd160.exe

[2008/11/12 15:39:53 | 00,021,380 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\fail.JPG

[2008/11/12 13:33:08 | 00,075,272 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys

[2008/11/12 13:33:07 | 22,984,560 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm

[2008/11/12 13:33:07 | 00,096,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys

[2008/11/12 13:33:07 | 00,026,184 | ---- | M] (GRISOFT, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys

[2008/11/12 13:32:58 | 05,618,689 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg

[2008/11/12 13:32:58 | 00,786,367 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg

[2008/11/12 13:32:58 | 00,057,347 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg

[2008/11/12 13:32:56 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll

[2008/11/12 13:32:56 | 00,001,516 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 8.0.lnk

[2008/11/12 12:38:27 | 00,000,802 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Watch.lnk

[2008/11/12 12:38:27 | 00,000,802 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk

[2008/11/12 11:24:58 | 23,804,784 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\ppp2008.exe

[2008/11/12 11:12:20 | 00,418,304 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTListIt.exe

[2008/11/12 03:00:00 | 00,000,486 | ---- | M] () -- C:\WINDOWS\tasks\SpywareBot Scheduled Scan.job

[2008/11/12 02:58:15 | 00,061,440 | ---- | M] () -- C:\WINDOWS\System32\drivers\nrxe.sys

[2008/11/12 01:52:03 | 00,000,585 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\My Sharing Folders.lnk

[2008/11/12 00:09:36 | 00,000,874 | ---- | M] () -- C:\WINDOWS\win.ini

[2008/11/12 00:09:36 | 00,000,269 | ---- | M] () -- C:\WINDOWS\system.ini

[2008/11/12 00:09:36 | 00,000,211 | RHS- | M] () -- C:\boot.ini

[2008/11/11 23:33:35 | 03,049,294 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\malwarebytes.anti-malware.v1.29.multilingual.winall.incl.keygen-crd.rar

[2008/11/11 23:31:15 | 00,000,573 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2008/11/11 23:30:27 | 02,372,472 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Mike\Desktop\mbam-setup(4).exe

[2008/11/11 23:12:03 | 07,642,792 | ---- | M] (Simply Super Software ) -- C:\Documents and Settings\Mike\Desktop\trsetup.exe

[2008/11/11 18:18:56 | 00,000,704 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RogueRemover FREE.lnk

[2008/11/11 18:18:20 | 00,690,568 | ---- | M] (Malwarebytes ) -- C:\Documents and Settings\Mike\Desktop\rr-free-setup.exe

[2008/11/11 17:42:43 | 00,000,732 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2008/11/11 16:43:35 | 09,212,096 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Spyhunter-Detection-Utility-Install.exe

[2008/11/11 15:40:11 | 02,372,472 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Mike\Desktop\mbam-setup(2).exe

[2008/11/11 13:18:42 | 00,031,240 | ---- | M] () -- C:\WINDOWS\Sysvxd.exe

[2008/11/11 12:19:02 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2008/11/11 10:29:43 | 02,372,472 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Mike\Desktop\mbam-setup_130.exe

[2008/11/11 10:27:47 | 02,372,472 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Mike\Desktop\mbam-setup.exe

[2008/11/11 10:20:54 | 00,000,684 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Trojan Killer.lnk

[2008/11/11 10:20:36 | 04,713,897 | ---- | M] (GridinSoft, Inc. ) -- C:\Documents and Settings\Mike\Desktop\trojankiller-setup.exe

[2008/11/11 10:15:00 | 00,066,098 | ---- | M] () -- C:\WINDOWS\System32\CTHELPER.RPT

[2008/11/11 01:08:59 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2008/11/10 23:18:59 | 00,019,742 | ---- | M] () -- C:\WINDOWS\System32\iqenaxokuw.bat

[2008/11/10 23:18:59 | 00,019,411 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\benegosov.dll

[2008/11/10 23:18:59 | 00,018,925 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\pyvy._dl

[2008/11/10 23:18:59 | 00,018,511 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\utot._sy

[2008/11/10 23:18:59 | 00,018,504 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\aqywerax.dll

[2008/11/10 23:18:59 | 00,017,865 | ---- | M] () -- C:\WINDOWS\ipavokahib.dl

[2008/11/10 23:18:59 | 00,016,978 | ---- | M] () -- C:\WINDOWS\System32\atoramefo.bin

[2008/11/10 23:18:59 | 00,016,679 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\vovocax.pif

[2008/11/10 23:18:59 | 00,016,554 | ---- | M] () -- C:\WINDOWS\xydyc.reg

[2008/11/10 23:18:59 | 00,016,285 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\tufome.ban

[2008/11/10 23:18:59 | 00,016,259 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\izitibecyp.bin

[2008/11/10 23:18:59 | 00,016,029 | ---- | M] () -- C:\WINDOWS\System32\urucam.inf

[2008/11/10 23:18:59 | 00,015,976 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\zizi.dll

[2008/11/10 23:18:59 | 00,015,957 | ---- | M] () -- C:\WINDOWS\System32\ixohewu.scr

[2008/11/10 23:18:59 | 00,014,311 | ---- | M] () -- C:\Program Files\Common Files\jeqycy.dat

[2008/11/10 23:18:59 | 00,013,998 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\pypisawy.db

[2008/11/10 23:18:59 | 00,013,427 | ---- | M] () -- C:\WINDOWS\System32\ytapafuxi.scr

[2008/11/10 23:18:59 | 00,013,053 | ---- | M] () -- C:\WINDOWS\redahydumu.bat

[2008/11/10 23:18:59 | 00,012,538 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\axiqekitu.db

[2008/11/10 23:18:59 | 00,011,251 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\onomujamet.sys

[2008/11/10 23:18:59 | 00,011,034 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\apehiryp.db

[2008/11/10 23:11:06 | 00,019,361 | ---- | M] () -- C:\WINDOWS\System32\ocuhecyqor.bin

[2008/11/10 23:11:06 | 00,019,336 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\niqev.com

[2008/11/10 23:11:06 | 00,018,473 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\sybaw._dl

[2008/11/10 23:11:06 | 00,018,066 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\nydoson._dl

[2008/11/10 23:11:06 | 00,017,735 | ---- | M] () -- C:\Program Files\Common Files\opuhy.inf

[2008/11/10 23:11:06 | 00,017,080 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\nuji.bat

[2008/11/10 23:11:06 | 00,016,057 | ---- | M] () -- C:\WINDOWS\jorykamuhu.vbs

[2008/11/10 23:11:06 | 00,015,972 | ---- | M] () -- C:\WINDOWS\tytekicojy.scr

[2008/11/10 23:11:06 | 00,015,048 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\ybur.db

[2008/11/10 23:11:06 | 00,014,524 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\xilebewy.pif

[2008/11/10 23:11:06 | 00,013,541 | ---- | M] () -- C:\WINDOWS\System32\ginelygy.reg

[2008/11/10 23:11:06 | 00,013,318 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\cotyf.exe

[2008/11/10 23:11:06 | 00,012,870 | ---- | M] () -- C:\Program Files\Common Files\vepezenih._sy

[2008/11/10 23:11:06 | 00,012,824 | ---- | M] () -- C:\WINDOWS\exumu.scr

[2008/11/10 23:11:06 | 00,012,587 | ---- | M] () -- C:\WINDOWS\emibiqili.scr

[2008/11/10 23:11:06 | 00,012,573 | ---- | M] () -- C:\WINDOWS\System32\imodon.ban

[2008/11/10 23:11:06 | 00,012,266 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\bunuve.pif

[2008/11/10 23:11:06 | 00,012,157 | ---- | M] () -- C:\WINDOWS\samyzedy.dl

[2008/11/10 23:11:06 | 00,011,938 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\tawuguduwi.dat

[2008/11/10 23:11:06 | 00,011,234 | ---- | M] () -- C:\Program Files\Common Files\ypuzovib.reg

[2008/11/10 23:11:06 | 00,010,679 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\udoqimoc._dl

[2008/11/10 23:02:09 | 04,313,120 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat

[2008/11/10 23:02:09 | 00,053,708 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx

[2008/11/10 15:50:48 | 08,443,378 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\202-spiral_tribe-connector-def.mp3

[2008/11/08 01:45:10 | 89,371,711 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Spiral-Tribe-Respect-To-The-Hardcore-Mother-Earth--EXPRSPICD--2CD-2008-DEF.part2.rar

[2008/11/08 01:01:27 | 00,048,588 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\spiraltribe.JPG

[2008/11/08 00:46:42 | 10,485,7600 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Spiral_Tribe-Respect_To_The_Hardcore_Mother_Earth-_EXPRSPICD_-2CD-2008-DEF.part1.rar

[2008/11/08 00:05:06 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2008/11/07 18:27:48 | 06,810,747 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\7up.xrns

[2008/11/07 16:29:57 | 00,188,594 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Fire-Jericho.jpg

[2008/11/07 16:25:08 | 07,117,535 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\jericho.rar

[2008/11/07 01:04:48 | 04,338,978 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\organux_demo.zip

[2008/11/06 21:07:56 | 94,954,427 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Most_Wanted_Old_Skool_Acapellas__02.rar

[2008/11/06 17:42:47 | 00,000,641 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Renoise.lnk

[2008/11/06 02:02:50 | 00,001,774 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\LoadDown.lnk

[2008/11/05 21:44:05 | 00,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat

[2008/11/05 17:07:26 | 00,000,031 | ---- | M] () -- C:\WINDOWS\custvoic.ini

[2008/11/05 11:12:27 | 00,019,491 | ---- | M] () -- C:\WINDOWS\lyzifebi.lib

[2008/11/05 11:12:27 | 00,019,490 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\sydifyniqu.sys

[2008/11/05 11:12:27 | 00,019,401 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\xidi.pif

[2008/11/05 11:12:27 | 00,018,549 | ---- | M] () -- C:\WINDOWS\sopy.dl

[2008/11/05 11:12:27 | 00,018,247 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\pemohaqoxu.dat

[2008/11/05 11:12:27 | 00,017,573 | ---- | M] () -- C:\Program Files\Common Files\sydupi.dl

[2008/11/05 11:12:27 | 00,017,274 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\gico.lib

[2008/11/05 11:12:27 | 00,016,584 | ---- | M] () -- C:\WINDOWS\pebyho.lib

[2008/11/05 11:12:27 | 00,015,263 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\cifuka.bat

[2008/11/05 11:12:27 | 00,014,019 | ---- | M] () -- C:\WINDOWS\qataboju.scr

[2008/11/05 11:12:27 | 00,012,182 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\qanama.scr

[2008/11/05 11:12:26 | 00,019,223 | ---- | M] () -- C:\Program Files\Common Files\emyham.sys

[2008/11/05 11:12:26 | 00,018,023 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\juza._dl

[2008/11/05 11:12:26 | 00,014,711 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\ulotawura.dl

[2008/11/05 11:12:26 | 00,014,381 | ---- | M] () -- C:\Program Files\Common Files\jodotut.reg

[2008/11/05 11:12:26 | 00,013,531 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\uqodi.inf

[2008/11/05 11:12:26 | 00,013,109 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\ocazyro._sy

[2008/11/05 11:12:26 | 00,012,640 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\dovuresozy.bat

[2008/11/05 11:12:26 | 00,012,431 | ---- | M] () -- C:\WINDOWS\otyviko._dl

[2008/11/05 11:12:26 | 00,012,338 | ---- | M] () -- C:\WINDOWS\System32\nyxozurul.scr

[2008/11/05 11:12:26 | 00,012,271 | ---- | M] () -- C:\WINDOWS\cedebuhe.lib

[2008/11/05 11:12:26 | 00,010,384 | ---- | M] () -- C:\WINDOWS\wowuv.inf

[2008/11/05 10:58:27 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2008/11/02 01:02:55 | 02,313,910 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\wings 96style remix.xrns

[2008/11/01 17:19:48 | 00,441,306 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\angle.bmp

[2008/10/31 18:12:07 | 00,043,605 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\sway.JPG

[2008/10/31 17:31:45 | 00,052,628 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\bm.JPG

[2008/10/30 22:34:42 | 05,604,355 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\346346.xrns

[2008/10/30 22:21:29 | 00,056,035 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\dstyles.JPG

[2008/10/29 21:58:24 | 00,025,088 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008/10/29 21:19:44 | 10,099,1815 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\MOV00136.MPG

[2008/10/29 16:12:09 | 04,905,796 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\raveyard.mp3

[2008/10/29 16:10:17 | 43,253,626 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\raveyard.wav

[2008/10/29 02:37:18 | 00,002,473 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Microsoft Word.lnk

[2008/10/29 02:03:34 | 06,341,165 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\orch.xrns

[2008/10/28 18:19:17 | 04,300,844 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\blacksheepclip.wav

[2008/10/28 00:22:05 | 00,015,443 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\experience.jpg

[2008/10/27 22:26:47 | 11,444,9748 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Thumbzo-92-93_Mix-Sept_08.MP3

[2008/10/27 22:25:41 | 00,136,194 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\isotonik.JPG

[2008/10/27 18:10:07 | 00,273,204 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\burndub.wav

[2008/10/27 17:46:58 | 00,038,205 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\What_U_Waitin_4.rm

[2008/10/27 16:57:02 | 04,137,562 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\wicked.xrns

[2008/10/27 16:22:44 | 21,816,238 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Debonaire - Name That Toon (12'') (1988).zip

[2008/10/27 00:43:53 | 11,503,3010 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Needs_More_Bombscare-Nov_7.MP3

[2008/10/26 21:47:09 | 03,479,722 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Drum_rolls.zip

[2008/10/26 20:42:54 | 00,397,560 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2008/10/26 20:42:53 | 00,059,780 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2008/10/26 20:42:51 | 00,464,860 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2008/10/26 13:25:58 | 02,458,019 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\teatime.xrns

[2008/10/25 11:48:53 | 02,120,407 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\797.xrns

[2008/10/25 00:11:02 | 06,504,117 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\909.xrns

[2008/10/24 14:43:35 | 00,567,098 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\reaplugs112.zip

[2008/10/23 19:12:25 | 00,182,578 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\rr.JPG

[2008/10/23 15:56:59 | 04,891,269 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\xperience.rar

[2008/10/23 11:18:11 | 24,711,212 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\raggamuffin-hiphop_rub-a-dub-apella.wav

[2008/10/22 16:10:38 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2008/10/22 16:10:22 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2008/10/22 15:17:35 | 20,709,934 | ---- | M] () -- C:\frg008.wav

[2008/10/22 15:17:16 | 00,040,520 | ---- | M] () -- C:\frg008.sfk

[2008/10/21 19:00:26 | 00,015,958 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\crude.nfo

[2008/10/15 21:47:16 | 00,070,824 | ---- | M] () -- C:\WINDOWS\System32\LexFiles.ulf

[2008/10/15 21:44:29 | 00,025,416 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

[2008/10/15 21:43:37 | 00,000,749 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Lexmark Imaging Studio - 1400 Series.LNK

[2008/10/15 16:57:55 | 00,332,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netapi32.dll

[2008/10/15 16:57:55 | 00,332,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll

[2008/10/15 13:40:33 | 00,133,280 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2008/10/15 02:08:55 | 00,006,310 | ---- | M] () -- C:\WINDOWS\cdplayer.ini

[2008/10/14 14:53:06 | 00,001,612 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nero Express.lnk

[2008/10/14 14:41:48 | 00,015,129 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\BNLAudio1.nra

[2008/10/14 14:30:16 | 78,506,3264 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\Image.nrg

< End of report >

ihateviruses2009 · November 12, 2008

EXTRAS:

OTListIt Extras logfile created on: 11/12/2008 16:40:28 - Run

OTListIt by OldTimer - Version 1.0.12.0 Folder = C:\Documents and Settings\Mike\Desktop

Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: M/d/yyyy

1023.47 Mb Total Physical Memory | 615.41 Mb Available Physical Memory | 60.13% Memory free

2.40 Gb Paging File | 2.00 Gb Available in Paging File | 83.12% Paging File free

Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 74.54 Gb Total Space | 1.35 Gb Free Space | 1.81% Space Free | Partition Type: NTFS

Drive D: | 84.74 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

Drive G: | 465.76 Gb Total Space | 396.74 Gb Free Space | 85.18% Space Free | Partition Type: NTFS

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: MIKESPC

Current User Name: Mike

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Whitelist: On

File Age = 30 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"AntiVirusDisableNotify" = 1

"FirewallDisableNotify" = 1

"UpdatesDisableNotify" = 1

"AntiVirusOverride" = 1

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

"DisableMonitoring" = 1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

"EnableFirewall" = 0

"DoNotAllowExceptions" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\IcmpSettings]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

File not found -- C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)

[2007/01/19 11:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1

[2007/01/04 15:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)

[2007/07/24 22:39:48 | 00,758,704 | ---- | M] (Skinkers Communications) -- C:\Program Files\The Eagle\TheEagle.exe

[2007/06/21 07:28:44 | 00,029,360 | ---- | M] () -- C:\Program Files\Lexmark 1400 Series\App4R.exe:*:Enabled:Printing Application

[2006/10/10 12:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

File not found -- C:\Program Files\Grisoft\AVG Free\avginet.exe:*:Enabled:avginet.exe

[2004/10/13 16:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger

File not found -- C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)

File not found -- C:\Program Files\Grisoft\AVG Free\avgamsvr.exe:*:Enabled:avgamsvr.exe

File not found -- C:\Program Files\Grisoft\AVG Free\avgcc.exe:*:Enabled:avgcc.exe

[2007/02/09 16:00:48 | 25,388,584 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype

[2007/01/19 11:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1

[2007/01/04 15:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)

[2007/07/24 22:39:48 | 00,758,704 | ---- | M] (Skinkers Communications) -- C:\Program Files\The Eagle\TheEagle.exe

File not found -- C:\Program Files\Kontiki\KService.exe:*:Enabled:Delivery Manager Service

[2008/11/12 13:32:57 | 00,796,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe

[2008/11/12 13:32:42 | 00,902,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe

[2008/04/22 17:23:02 | 00,098,488 | ---- | M] (SiSoftware) -- G:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service

[2008/04/22 17:22:52 | 01,253,568 | ---- | M] (SiSoftware) -- G:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service

[2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour

[2008/10/01 17:57:04 | 14,258,472 | ---- | M] (Apple Inc.) -- G:\Program Files\iTunes.exe:*:Enabled:iTunes

[2007/04/30 20:19:53 | 00,020,480 | ---- | M] () -- C:\Program Files\Lexmark 1400 Series\lxdjamon.exe:*:Enabled:Lexmark Device Monitor

[2007/06/11 23:17:58 | 00,394,160 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdjcfg.exe:*:Enabled:

[2007/06/11 23:18:00 | 00,537,520 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdjcoms.exe:*:Enabled:Lexmark Communications System

[2007/06/21 07:29:55 | 03,756,720 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1400 Series\Wireless\lxdjwpss.exe:*:Enabled:

[2007/06/11 23:17:55 | 00,291,760 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjpswx.exe:*:Enabled:

[2007/06/11 23:17:56 | 00,398,256 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjjswx.exe:*:Enabled:

[2007/06/11 23:17:50 | 00,082,864 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdjtime.exe:*:Enabled:

[2006/10/10 12:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium

"{00120409-78E1-11D2-B60F-006097C998E7}" = Microsoft FrontPage 2000

"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar

"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate

"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{2604C0F9-BFD3-4BA0-9EB5-22537C648F03}" = MobileMe Control Panel

"{2C0A655C-61E7-428A-8ED2-23A3D20E7DD2}" = Data Lifeguard Tools

"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6

"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}" = Macromedia Flash MX

"{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}" = Skype Plugin Manager

"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe

Raid · November 12, 2008

I'd just like to also say i have a new problem, every link on google is "go.google" which sends me to spam websites, the only way i can get around this is by clicking Cached or using this PC.

No doubt. I found what your issue is likely to be caused from, and then I found this as well:

[2008/11/11 23:33:09 | 03,049,294 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\malwarebytes.anti-malware.v1.29.multilingual.winall.incl.keygen-crd.rar

I can't stop you from bootlegging our software, but i'll be damned if I'm going to do you any favors to help you out at this point either. Except to say that I'm glad your infected, you most certainly got what you deserve. If you learn nothing else from this, pirating small apps like ours really isn't that smart; we're here to help you, and this is how you repay us for it?

Sign In

i've got that damn antivirus2009 thingy

Recommended Posts

ihateviruses2009

Link to post

Share on other sites

Raid

Link to post

Share on other sites

ihateviruses2009

Link to post

Share on other sites

ihateviruses2009

Link to post

Share on other sites

ihateviruses2009

Link to post

Share on other sites

Raid

Link to post

Share on other sites

Recently Browsing 0 members

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information