|
-
July 3rd, 2010, 06:48 PM
#16
"{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}" = Microsoft SQL Server Compact 3.5 ENU
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CAA376AF-0DE8-4FCA-942E-C6AC579B94B3}" = Microsoft Windows SDK for Visual Studio 2008 Tools
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D6B25B8D-0566-42B1-A23D-7576138435D6}" = Y!TunnelPro 2.5
"{D7DAD1E4-45F4-3B2B-899A-EA728167EC4F}" = Microsoft Visual Studio 2008 Professional Edition - ENU
"{DB0BB9FA-1B60-4036-8E29-3D56D8085256}" = WOT for Internet Explorer
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}" = Microsoft .NET Compact Framework 2.0 SP2
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FB98D390-54A4-4CD1-93D3-FBC96A6F07A3}" = DesignPro 5
"53F13DB4D9611FD63BE580F06F0729BF236ABE68" = Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"ACDSee Trial" = ACDSee Trial
"Adobe Acrobat 8 Professional - English, Français, Deutsch" = Adobe Acrobat 8.2.3 Professional
"Adobe Acrobat 8 Professional - English, Français, Deutsch_823" = Adobe Acrobat 8.2.3 - CPSID_83708
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Atomic Clock Sync" = Atomic Clock Sync
"BitComet" = BitComet 1.21
"BlackBerry_{205A5182-EFC8-4C25-B61D-C164F8FF4048}" = BlackBerry Desktop Software 5.0.1
"Build-a-lot" = Build-a-lot
"CDex" = CDex extraction audio
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab 7_is1" = DVDFab 7.0.6.9 Beta (04/06/2010)
"F3B506E1FDAEA4DC6669B53B2D3F0B68FBA20C2D" = Windows Driver Package - AMD System (04/06/2006 1.0.1.0)
"Farm Frenzy" = Farm Frenzy
"Halo" = Microsoft Halo
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"ie8" = Windows Internet Explorer 8
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"InstallShield_{FB98D390-54A4-4CD1-93D3-FBC96A6F07A3}" = DesignPro 5
"InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010
"iuVCR_is1" = iuVCR
"LimeWire" = LimeWire 5.5.8
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Document Explorer 2008" = Microsoft Document Explorer 2008
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Microsoft Visual Studio 2008 Professional Edition - ENU" = Microsoft Visual Studio 2008 Professional Edition - ENU
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PROR" = Microsoft Office Professional 2007
"RAR Sequence Checker" = RAR Sequence Checker
"Revo Uninstaller" = Revo Uninstaller 1.89
"RipIt4Me" = RipIt4Me
"SecondLifeViewer2" = SecondLifeViewer2 (remove only)
"Starcraft" = Starcraft
"Steam App 10" = Counter-Strike
"Steam App 100" = Counter-Strike: Condition Zero Deleted Scenes
"Steam App 130" = Half-Life: Blue Shift
"Steam App 20" = Team Fortress Classic
"Steam App 240" = Counter-Strike: Source
"Steam App 30" = Day of Defeat
"Steam App 300" = Day of Defeat: Source
"Steam App 320" = Half-Life 2: Deathmatch
"Steam App 340" = Half-Life 2: Lost Coast
"Steam App 40" = Deathmatch Classic
"Steam App 50" = Half-Life: Opposing Force
"Steam App 60" = Ricochet
"Steam App 80" = Counter-Strike: Condition Zero
"UltraISO_is1" = UltraISO V7.65 ME
"uTorrent" = µTorrent
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"VisualWebDeveloper" = Microsoft Visual Studio Web Authoring Component
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WinAce Archiver 2.0" = WinAce Archiver 2.0
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"World of Warcraft" = World of Warcraft
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Messenger" = Yahoo! Messenger
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Google Chrome" = Google Chrome
"Sansa Updater" = Sansa Updater
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 7/2/2010 2:17:25 PM | Computer Name = GAMINGMACHINE | Source = ESENT | ID = 489
Description = wuauclt (3588) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log"
for read only access failed with system error 32 (0x00000020): "The process cannot
access the file because it is being used by another process. ". The open file
operation will fail with error -1032 (0xfffffbf8).
Error - 7/2/2010 2:17:25 PM | Computer Name = GAMINGMACHINE | Source = ESENT | ID = 455
Description = wuaueng.dll (3588) SUS20ClientDataStore: Error -1032 (0xfffffbf8)
occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log.
Error - 7/2/2010 2:17:36 PM | Computer Name = GAMINGMACHINE | Source = ESENT | ID = 489
Description = wuauclt (3544) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log"
for read only access failed with system error 32 (0x00000020): "The process cannot
access the file because it is being used by another process. ". The open file
operation will fail with error -1032 (0xfffffbf8).
Error - 7/2/2010 2:17:36 PM | Computer Name = GAMINGMACHINE | Source = ESENT | ID = 455
Description = wuaueng.dll (3544) SUS20ClientDataStore: Error -1032 (0xfffffbf8)
occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log.
Error - 7/2/2010 2:17:46 PM | Computer Name = GAMINGMACHINE | Source = ESENT | ID = 489
Description = wuauclt (3544) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log"
for read only access failed with system error 32 (0x00000020): "The process cannot
access the file because it is being used by another process. ". The open file
operation will fail with error -1032 (0xfffffbf8).
Error - 7/2/2010 2:17:46 PM | Computer Name = GAMINGMACHINE | Source = ESENT | ID = 455
Description = wuaueng.dll (3544) SUS20ClientDataStore: Error -1032 (0xfffffbf8)
occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log.
Error - 7/2/2010 2:17:57 PM | Computer Name = GAMINGMACHINE | Source = ESENT | ID = 489
Description = wuauclt (6072) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log"
for read only access failed with system error 32 (0x00000020): "The process cannot
access the file because it is being used by another process. ". The open file
operation will fail with error -1032 (0xfffffbf8).
Error - 7/2/2010 2:17:57 PM | Computer Name = GAMINGMACHINE | Source = ESENT | ID = 455
Description = wuaueng.dll (6072) SUS20ClientDataStore: Error -1032 (0xfffffbf8)
occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log.
Error - 7/2/2010 2:18:07 PM | Computer Name = GAMINGMACHINE | Source = ESENT | ID = 489
Description = wuauclt (6072) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log"
for read only access failed with system error 32 (0x00000020): "The process cannot
access the file because it is being used by another process. ". The open file
operation will fail with error -1032 (0xfffffbf8).
Error - 7/2/2010 2:18:07 PM | Computer Name = GAMINGMACHINE | Source = ESENT | ID = 455
Description = wuaueng.dll (6072) SUS20ClientDataStore: Error -1032 (0xfffffbf8)
occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log.
[ System Events ]
Error - 7/3/2010 4:11:32 PM | Computer Name = GAMINGMACHINE | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
LAPTOP that believes that it is the master browser for the domain on transport NetBT_Tcpip_{BAE08E72-DDB3-4A22-B6.
The
master browser is stopping or an election is being forced.
Error - 7/3/2010 4:30:05 PM | Computer Name = GAMINGMACHINE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher
9 service to connect.
Error - 7/3/2010 4:31:31 PM | Computer Name = GAMINGMACHINE | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
nvata
Error - 7/3/2010 4:33:42 PM | Computer Name = GAMINGMACHINE | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
LAPTOP that believes that it is the master browser for the domain on transport NetBT_Tcpip_{BAE08E72-DDB3-4A22-B6.
The
master browser is stopping or an election is being forced.
Error - 7/3/2010 4:48:36 PM | Computer Name = GAMINGMACHINE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher
9 service to connect.
Error - 7/3/2010 4:50:03 PM | Computer Name = GAMINGMACHINE | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
nvata
Error - 7/3/2010 5:18:01 PM | Computer Name = GAMINGMACHINE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher
9 service to connect.
Error - 7/3/2010 5:19:31 PM | Computer Name = GAMINGMACHINE | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
nvata
Error - 7/3/2010 5:31:45 PM | Computer Name = GAMINGMACHINE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher
9 service to connect.
Error - 7/3/2010 5:33:16 PM | Computer Name = GAMINGMACHINE | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
nvata
< End of report >
-
July 3rd, 2010, 06:51 PM
#17
OTL logfile created on: 7/3/2010 5:39:29 PM - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\infexus\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 60.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.08 Gb Total Space | 228.27 Gb Free Space | 76.58% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 479.48 Gb Free Space | 51.47% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: GAMINGMACHINE
Current User Name: infexus
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/07/03 17:18:08 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\infexus\Desktop\OTL.exe
PRC - [2010/06/16 17:20:50 | 000,624,056 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
PRC - [2010/05/12 06:45:42 | 001,238,352 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2010/05/05 07:29:11 | 000,079,872 | ---- | M] (SanDisk Corporation) -- C:\Documents and Settings\infexus\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe
PRC - [2010/03/10 22:32:26 | 000,648,536 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
PRC - [2010/02/24 07:56:47 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2009/10/20 20:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
PRC - [2009/09/30 20:58:42 | 000,026,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2009/09/18 02:18:18 | 000,652,288 | ---- | M] () -- C:\Program Files\HPC\wmicon.exe
PRC - [2009/08/03 17:48:14 | 004,322,656 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Ghost\Agent\VProSvc.exe
PRC - [2009/08/03 17:48:14 | 002,250,088 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Ghost\Agent\VProTray.exe
PRC - [2009/07/24 16:05:24 | 000,139,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2009/07/21 04:09:49 | 000,868,352 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2009/07/01 12:28:12 | 001,562,096 | ---- | M] (Symantec) -- C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe
PRC - [2009/05/27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2009/03/30 17:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009/03/30 17:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2008/11/24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008/11/24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2008/10/24 10:14:36 | 000,206,112 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2008/05/26 23:19:14 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
PRC - [2008/05/02 02:44:08 | 000,805,392 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2008/05/02 02:40:56 | 000,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/08 20:55:41 | 000,603,648 | ---- | M] () -- C:\Program Files\ASUS\AASP\1.00.33\aaCenter.exe
PRC - [2007/09/04 20:25:44 | 000,131,072 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
PRC - [2007/08/09 11:33:20 | 000,303,104 | ---- | M] (Giant Telecom Ltd.) -- C:\Program Files\SkyLink\SKYLINK 2-in-1 Phone Utility\SKYLINK 2-in-1 Phone Utility.exe
PRC - [2007/08/03 13:51:18 | 001,422,632 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2007/08/03 13:51:06 | 000,202,024 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
PRC - [2007/05/09 11:38:46 | 002,130,432 | ---- | M] (ASUS) -- C:\Program Files\ASUS\PC Probe II\Probe2.exe
PRC - [2004/06/17 11:46:48 | 000,524,288 | ---- | M] (Chaos Software Group, Inc.) -- C:\Program Files\Atomic Clock Sync\Atomic.exe
========== Modules (SafeList) ==========
MOD - [2010/07/03 17:18:08 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\infexus\Desktop\OTL.exe
MOD - [2009/07/12 02:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2008/05/02 02:42:50 | 000,045,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll
MOD - [2008/04/14 07:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2010/02/24 07:56:47 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/10/20 20:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP)
SRV - [2009/08/03 17:48:14 | 004,322,656 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Ghost\Agent\VProSvc.exe -- (Norton Ghost)
SRV - [2009/07/24 16:05:24 | 000,139,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2009/07/01 12:28:12 | 001,562,096 | ---- | M] (Symantec) [On_Demand | Running] -- C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe -- (SymSnapService)
SRV - [2009/05/27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS)
SRV - [2009/03/30 17:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008/11/24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008/11/24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008/11/24 22:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2008/05/02 02:42:06 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2007/11/07 08:58:18 | 003,004,416 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon90)
SRV - [2007/09/12 19:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007/09/04 20:25:44 | 000,131,072 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2010/06/22 16:31:30 | 000,697,328 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/02/24 06:37:15 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2010/02/17 10:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/17 10:15:58 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 10:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/01/11 23:03:33 | 010,276,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009/11/26 18:02:34 | 001,136,128 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2860.sys -- (RT80x86)
DRV - [2009/10/14 21:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg)
DRV - [2009/10/02 19:39:44 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/09/14 14:42:46 | 000,032,272 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2009/09/01 15:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2009/07/24 16:05:24 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2009/07/21 04:09:49 | 000,392,960 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2009/07/21 04:09:49 | 000,293,888 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2009/07/01 12:28:16 | 000,138,464 | ---- | M] (StorageCraft) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symsnap.sys -- (symsnap)
DRV - [2009/06/30 18:31:00 | 000,164,896 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts)
DRV - [2008/08/13 18:07:20 | 000,038,112 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\v2imount.sys -- (v2imount)
DRV - [2008/04/14 07:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/04/14 01:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/02/29 03:13:24 | 000,036,880 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008/02/29 03:13:16 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2008/01/19 21:12:42 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2008/01/19 20:40:16 | 000,015,088 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vproeventmonitor.sys -- (VProEventMonitor)
DRV - [2007/12/17 18:14:06 | 000,012,400 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2007/09/04 20:26:32 | 000,029,696 | ---- | M] (NVidia Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\nvoclock.sys -- (NVR0Dev)
DRV - [2006/09/11 20:45:38 | 000,019,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/09/11 20:45:36 | 000,057,856 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006/08/21 19:24:28 | 000,105,344 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006/07/01 23:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/08/23 14:20:06 | 000,158,720 | ---- | M] ( ) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\a347bus.sys -- (a347bus)
DRV - [2004/08/13 11:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004/04/30 10:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\a347scsi.sys -- (a347scsi)
DRV - [2002/07/17 10:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2010/02/24 06:37:42 | 000,000,000 | ---D | M]
[2010/04/05 20:27:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\infexus\Application Data\Mozilla\Extensions
[2010/04/05 20:27:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\infexus\Application Data\Mozilla\Extensions\[email protected]
-
July 3rd, 2010, 06:53 PM
#18
O1 HOSTS File: ([2010/07/03 16:29:36 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - Reg Error: Value error. File not found
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Atomic.exe] C:\Program Files\Atomic Clock Sync\Atomic.exe (Chaos Software Group, Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Launch PC Probe II] C:\Program Files\ASUS\PC Probe II\Probe2.exe (ASUS)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [Norton Ghost 14.0] C:\Program Files\Norton Ghost\Agent\VProTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [wmicon] C:\Program Files\HPC\wmicon.exe ()
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [NVIDIA nTune] C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
O4 - HKCU..\Run: [SansaDispatch] C:\Documents and Settings\infexus\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation)
O4 - HKCU..\Run: [SKYLINK 2-in-1 Phone Utility] C:\Program Files\SkyLink\SKYLINK 2-in-1 Phone Utility\SKYLINK 2-in-1 Phone Utility.exe (Giant Telecom Ltd.)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm ()
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O16 - DPF: {34B453C6-CFE8-4806-B0F0-A0E06FFEBF5E} https://iportal.west.com/krbApplican...rification.ocx (WAHSystemVerification.axVerify)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsu...?1266997534031 (WUWebControl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/...Uploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01...l/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.116.2.50 24.116.2.34
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\amddragonwallGREEN1440.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\amddragonwallGREEN1440.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/02/24 00:33:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2010/06/10 09:21:55 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: aux - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux3 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux4 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi3 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi4 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\WINDOWS\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer3 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer4 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer5 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer6 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer7 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer8 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer9 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imaadpcm - C:\WINDOWS\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\WINDOWS\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\WINDOWS\System32\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\WINDOWS\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - C:\WINDOWS\System32\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\WINDOWS\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.IYUV - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.M261 - C:\WINDOWS\System32\msh261.drv (Microsoft Corporation)
Drivers32: vidc.M263 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.mrle - C:\WINDOWS\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\WINDOWS\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: VIDC.UYVY - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YUY2 - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.YVU9 - C:\WINDOWS\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave3 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave4 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave5 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave6 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave7 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave8 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave9 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\WINDOWS\System32\msacm32.drv (Microsoft Corporation)
-
July 3rd, 2010, 06:54 PM
#19
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902053519425536)
========== Files/Folders - Created Within 90 Days ==========
[2010/07/03 17:18:07 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\infexus\Desktop\OTL.exe
[2010/07/03 16:20:47 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010/07/03 15:21:00 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/07/03 14:53:51 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/07/03 14:53:51 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/07/03 14:53:51 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/07/03 14:53:51 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/07/03 14:53:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/07/03 14:48:27 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/07/02 07:31:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/07/02 03:07:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/07/02 03:07:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\infexus\Application Data\SUPERAntiSpyware.com
[2010/07/02 03:07:18 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/07/02 02:54:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\infexus\Application Data\Malwarebytes
[2010/07/02 02:54:10 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/07/02 02:54:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/07/02 02:54:07 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/07/02 02:54:07 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/07/01 02:46:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Performance
[2010/07/01 02:46:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\infexus\Local Settings\Application Data\Microsoft Corporation
[2010/06/30 18:31:51 | 000,070,656 | ---- | C] (Blizzard Entertainment) -- C:\WINDOWS\ScUnin.exe
[2010/06/30 18:31:44 | 000,000,000 | ---D | C] -- C:\Program Files\Starcraft
[2010/06/30 00:12:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\DAEMON Tools Images
[2010/06/29 14:30:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\infexus\My Documents\My Games
[2010/06/29 14:26:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games
[2010/06/28 02:52:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\infexus\My Documents\Camtasia Studio
[2010/06/28 02:51:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\QuickTime
[2010/06/28 02:51:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2010/06/28 02:51:08 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/06/28 02:51:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TechSmith Shared
[2010/06/28 02:51:00 | 000,000,000 | ---D | C] -- C:\Program Files\TechSmith
[2010/06/22 16:52:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\infexus\Application Data\DAEMON Tools Lite
[2010/06/22 16:52:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/06/22 16:31:30 | 000,697,328 | ---- | C] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/06/22 16:31:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\infexus\Application Data\DAEMON Tools Pro
[2010/06/22 16:31:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2010/06/14 18:09:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/06/14 18:07:38 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/06/14 16:03:11 | 000,000,000 | ---D | C] -- C:\Program Files\DVD Decrypter
[2010/06/07 15:04:34 | 000,000,000 | ---D | C] -- C:\Program Files\Patrick Project Software
[2010/06/07 15:04:18 | 000,299,520 | ---- | C] (InstallShield Corporation, Inc.) -- C:\WINDOWS\uninst.exe
[2010/06/07 15:03:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\infexus\WINDOWS
[2010/06/02 19:40:28 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/05/29 03:21:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\infexus\Application Data\Avery
[2010/05/29 03:19:38 | 000,000,000 | ---D | C] -- C:\Program Files\Avery Dennison
[2010/05/29 03:19:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avery
[2010/05/22 03:29:36 | 000,000,000 | ---D | C] -- C:\Downloads
[2010/05/22 03:29:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\infexus\Application Data\BitComet
[2010/05/22 03:29:19 | 000,000,000 | ---D | C] -- C:\Program Files\BitComet
[2010/05/12 06:45:21 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2010/05/11 12:47:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\infexus\My Documents\Alcohol 120%
[2010/05/05 07:03:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\infexus\Application Data\SanDisk
[2010/04/30 22:59:58 | 000,000,000 | ---D | C] -- C:\Program Files\CDex_170b2
[2010/04/30 16:16:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogiShrd
[2010/04/30 16:08:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd
[2010/04/27 17:46:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\infexus\My Documents\Coby Media Manager
[2010/04/27 17:46:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\infexus\Application Data\Coby Media Manager
[2010/04/18 23:10:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\infexus\Desktop\VIP Pictures
[2010/04/18 16:29:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\infexus\Application Data\Digital Asphyxia
[2010/04/18 16:29:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Digital Asphyxia
[2010/04/18 16:28:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2010/04/18 16:28:40 | 000,000,000 | ---D | C] -- C:\Program Files\Digital Asphyxia
[2010/04/16 04:12:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2010/04/14 20:45:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\infexus\My Documents\Downloads
[2010/04/14 20:43:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\infexus\Local Settings\Application Data\Temp
[2010/04/14 20:43:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\infexus\Local Settings\Application Data\Google
[2010/04/13 05:27:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\SQLTools9_KB970892_ENU
[2010/04/13 05:25:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\SQL9_KB970892_ENU
[2010/04/11 23:48:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\infexus\Local Settings\Application Data\assembly
[2010/04/11 19:03:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\js
[2010/04/11 19:03:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\html
[2010/04/11 19:03:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\css
[2010/04/11 19:03:04 | 000,000,000 | ---D | C] -- C:\Program Files\Business Objects
[2010/04/11 18:58:20 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2010/04/11 18:55:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2010/04/11 18:55:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Device Emulator
[2010/04/11 18:54:25 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Mobile 5.0 SDK R2
[2010/04/11 18:53:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2010/04/11 18:53:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010/04/11 18:47:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PreEmptive Solutions
[2010/04/11 18:44:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\symbols
[2010/04/11 18:43:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 9.0
[2010/04/11 18:43:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
[2010/04/11 18:43:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Merge Modules
[2010/04/11 18:43:27 | 000,000,000 | ---D | C] -- C:\Program Files\HTML Help Workshop
[2010/04/11 18:43:27 | 000,000,000 | ---D | C] -- C:\Program Files\CE Remote Tools
[2010/04/11 18:42:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Web Designer Tools
[2010/04/11 18:40:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\infexus\My Documents\Visual Studio 2008
[2010/04/09 02:53:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\infexus\Application Data\HpUpdate
[2010/04/09 02:52:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Hewlett-Packard
[2010/04/06 18:43:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\infexus\Local Settings\Application Data\SecondLife
[2010/04/06 18:43:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\infexus\Application Data\SecondLife
[2010/04/06 18:32:36 | 000,000,000 | ---D | C] -- C:\Program Files\SecondLifeViewer2
[2010/04/05 20:27:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\infexus\My Documents\LimeWire
[2010/04/05 20:27:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\infexus\Application Data\Mozilla
[2010/04/05 20:26:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\infexus\Application Data\LimeWire
[2010/04/05 20:26:09 | 000,000,000 | ---D | C] -- C:\Program Files\LimeWire
[2010/02/24 03:55:59 | 000,158,720 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys
[2010/02/24 03:55:59 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys
========== Files - Modified Within 90 Days ==========
[2010/07/03 17:18:08 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\infexus\Desktop\OTL.exe
[2010/07/03 16:33:19 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/07/03 16:30:01 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/07/03 16:29:41 | 000,271,490 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/07/03 16:29:36 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/07/03 16:29:31 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/07/03 16:29:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/07/03 16:28:45 | 005,767,168 | -H-- | M] () -- C:\Documents and Settings\infexus\NTUSER.DAT
[2010/07/03 15:21:04 | 000,000,293 | RHS- | M] () -- C:\boot.ini
[2010/07/03 15:16:47 | 003,726,255 | R--- | M] () -- C:\Documents and Settings\infexus\Desktop\ComboFix.exe
[2010/07/02 19:55:40 | 000,002,300 | ---- | M] () -- C:\Documents and Settings\infexus\Desktop\Google Chrome.lnk
[2010/07/02 19:55:40 | 000,002,278 | ---- | M] () -- C:\Documents and Settings\infexus\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/07/02 14:50:19 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\infexus\Application Data\Microsoft\Internet Explorer\Quick Launch\Skype.lnk
[2010/07/02 04:48:06 | 000,136,976 | ---- | M] () -- C:\Documents and Settings\infexus\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/07/02 04:42:55 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\infexus\ntuser.ini
[2010/07/02 03:13:25 | 000,460,432 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/07/02 03:11:32 | 003,708,562 | -H-- | M] () -- C:\Documents and Settings\infexus\Local Settings\Application Data\IconCache.db
[2010/07/02 03:07:19 | 000,000,780 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/07/02 02:54:12 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malware Bytes.lnk
[2010/07/02 02:42:11 | 000,100,864 | ---- | M] () -- C:\Documents and Settings\infexus\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/01 06:36:02 | 000,000,312 | ---- | M] () -- C:\Documents and Settings\infexus\Desktop\Curse Client.appref-ms
[2010/06/30 18:36:21 | 000,032,593 | ---- | M] () -- C:\WINDOWS\scunin.dat
[2010/06/30 18:36:20 | 000,070,656 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\ScUnin.exe
[2010/06/30 18:36:20 | 000,001,576 | ---- | M] () -- C:\Documents and Settings\infexus\Desktop\Starcraft - Brood War.lnk
[2010/06/30 18:36:20 | 000,000,967 | ---- | M] () -- C:\WINDOWS\ScUnin.pif
[2010/06/30 04:57:32 | 000,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/06/29 14:28:31 | 000,001,708 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Halo.lnk
[2010/06/28 02:51:09 | 000,000,893 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Camtasia Studio 6.lnk
[2010/06/26 15:24:17 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\infexus\Desktop\Revo Uninstaller.lnk
[2010/06/23 12:44:21 | 000,600,814 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/06/23 12:44:21 | 000,512,110 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/23 12:44:21 | 000,096,804 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/06/22 16:31:30 | 000,697,328 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/06/22 14:46:40 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\infexus\Desktop\MS Word.lnk
[2010/06/14 16:03:12 | 000,001,653 | ---- | M] () -- C:\Documents and Settings\infexus\Application Data\Microsoft\Internet Explorer\Quick Launch\DVD Decrypter.lnk
[2010/06/14 15:23:26 | 000,000,636 | ---- | M] () -- C:\Documents and Settings\infexus\Application Data\Microsoft\Internet Explorer\Quick Launch\DVDFab 7.lnk
[2010/06/11 04:44:24 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/06/10 09:14:59 | 000,000,330 | ---- | M] () -- C:\WINDOWS\tasks\Kickin it.job
[2010/06/10 09:14:55 | 000,000,330 | ---- | M] () -- C:\WINDOWS\tasks\Copy of Kickin it.job
[2010/06/06 14:38:47 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BitComet.lnk
[2010/06/06 07:05:41 | 000,688,128 | ---- | M] () -- C:\Documents and Settings\infexus\Desktop\XcessoriZ.accdb
[2010/05/30 05:59:22 | 000,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin
[2010/05/30 05:42:44 | 001,075,286 | ---- | M] () -- C:\Documents and Settings\infexus\My Documents\LoaderBackup-(2010-05-30)-1.ipd
[2010/05/30 04:20:04 | 001,598,288 | ---- | M] () -- C:\Documents and Settings\infexus\My Documents\LoaderBackup-(2010-05-30).ipd
[2010/05/12 06:50:26 | 000,000,213 | ---- | M] () -- C:\Documents and Settings\infexus\Desktop\Counter-Strike Source.url
[2010/05/12 06:47:23 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Steam.lnk
[2010/05/05 01:37:52 | 000,113,933 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010/05/05 01:37:52 | 000,097,549 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010/04/30 22:59:59 | 000,000,672 | ---- | M] () -- C:\Documents and Settings\infexus\Desktop\CDex.lnk
[2010/04/30 16:09:15 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
[2010/04/30 16:08:58 | 000,001,687 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/28 15:28:00 | 001,070,014 | ---- | M] () -- C:\Documents and Settings\infexus\My Documents\LoaderBackup-(2010-04-28).ipd
[2010/04/26 15:58:12 | 000,256,512 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2010/04/25 14:35:15 | 059,382,976 | ---- | M] () -- C:\Documents and Settings\infexus\My Documents\Untitled-1.psd
[2010/04/22 10:10:46 | 003,241,257 | ---- | M] () -- C:\Documents and Settings\infexus\My Documents\LoaderBackup-(2010-04-22)-1.ipd
[2010/04/22 10:03:16 | 003,241,107 | ---- | M] () -- C:\Documents and Settings\infexus\My Documents\LoaderBackup-(2010-04-22).ipd
[2010/04/18 16:28:42 | 000,000,979 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Y!TunnelPro 2.5.lnk
[2010/04/11 19:03:35 | 000,000,172 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010/04/11 18:48:39 | 000,001,059 | ---- | M] () -- C:\Documents and Settings\infexus\Desktop\Microsoft Visual Studio 2008.lnk
[2010/04/06 18:33:05 | 000,000,807 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Second Life Viewer 2.lnk
[2010/04/05 20:26:35 | 000,001,578 | ---- | M] () -- C:\Documents and Settings\infexus\Desktop\LimeWire 5.5.8.lnk
-
July 3rd, 2010, 06:55 PM
#20
========== Files Created - No Company Name ==========
[2010/07/03 15:21:04 | 000,000,223 | ---- | C] () -- C:\Boot.bak
[2010/07/03 15:21:01 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/07/03 14:53:52 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/07/03 14:53:51 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/07/03 14:53:51 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/07/03 14:53:51 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/07/03 14:53:51 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/07/03 14:45:02 | 003,726,255 | R--- | C] () -- C:\Documents and Settings\infexus\Desktop\ComboFix.exe
[2010/07/02 03:07:19 | 000,000,780 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/07/02 02:54:12 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malware Bytes.lnk
[2010/07/01 06:46:52 | 000,259,192 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/06/30 18:39:56 | 000,001,576 | ---- | C] () -- C:\Documents and Settings\infexus\Desktop\Starcraft - Brood War.lnk
[2010/06/30 18:31:52 | 000,032,593 | ---- | C] () -- C:\WINDOWS\scunin.dat
[2010/06/30 18:31:51 | 000,000,967 | ---- | C] () -- C:\WINDOWS\ScUnin.pif
[2010/06/29 14:28:31 | 000,001,708 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Halo.lnk
[2010/06/28 02:51:09 | 000,000,893 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Camtasia Studio 6.lnk
[2010/06/14 16:03:12 | 000,001,653 | ---- | C] () -- C:\Documents and Settings\infexus\Application Data\Microsoft\Internet Explorer\Quick Launch\DVD Decrypter.lnk
[2010/05/30 05:42:44 | 001,075,286 | ---- | C] () -- C:\Documents and Settings\infexus\My Documents\LoaderBackup-(2010-05-30)-1.ipd
[2010/05/30 04:20:04 | 001,598,288 | ---- | C] () -- C:\Documents and Settings\infexus\My Documents\LoaderBackup-(2010-05-30).ipd
[2010/05/22 03:29:24 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BitComet.lnk
[2010/05/13 16:38:53 | 000,688,128 | ---- | C] () -- C:\Documents and Settings\infexus\Desktop\XcessoriZ.accdb
[2010/05/12 06:50:26 | 000,000,213 | ---- | C] () -- C:\Documents and Settings\infexus\Desktop\Counter-Strike Source.url
[2010/05/12 06:45:22 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Steam.lnk
[2010/05/07 07:30:26 | 000,000,330 | ---- | C] () -- C:\WINDOWS\tasks\Copy of Kickin it.job
[2010/05/07 07:21:58 | 000,000,330 | ---- | C] () -- C:\WINDOWS\tasks\Kickin it.job
[2010/04/30 22:59:59 | 000,000,672 | ---- | C] () -- C:\Documents and Settings\infexus\Desktop\CDex.lnk
[2010/04/30 16:09:15 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
[2010/04/28 15:28:00 | 001,070,014 | ---- | C] () -- C:\Documents and Settings\infexus\My Documents\LoaderBackup-(2010-04-28).ipd
[2010/04/25 14:35:08 | 059,382,976 | ---- | C] () -- C:\Documents and Settings\infexus\My Documents\Untitled-1.psd
[2010/04/22 10:10:46 | 003,241,257 | ---- | C] () -- C:\Documents and Settings\infexus\My Documents\LoaderBackup-(2010-04-22)-1.ipd
[2010/04/22 10:03:16 | 003,241,107 | ---- | C] () -- C:\Documents and Settings\infexus\My Documents\LoaderBackup-(2010-04-22).ipd
[2010/04/18 16:28:42 | 000,000,979 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Y!TunnelPro 2.5.lnk
[2010/04/14 20:44:23 | 000,002,300 | ---- | C] () -- C:\Documents and Settings\infexus\Desktop\Google Chrome.lnk
[2010/04/14 20:44:23 | 000,002,278 | ---- | C] () -- C:\Documents and Settings\infexus\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/04/11 23:44:53 | 000,001,059 | ---- | C] () -- C:\Documents and Settings\infexus\Desktop\Microsoft Visual Studio 2008.lnk
[2010/04/11 19:03:35 | 000,000,172 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/04/06 18:33:05 | 000,000,807 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Second Life Viewer 2.lnk
[2010/04/05 20:26:35 | 000,001,578 | ---- | C] () -- C:\Documents and Settings\infexus\Desktop\LimeWire 5.5.8.lnk
[2010/02/24 22:37:44 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/02/24 18:08:54 | 000,215,144 | R--- | C] () -- C:\WINDOWS\patchw32.dll
[2010/02/24 18:07:37 | 000,215,144 | R--- | C] () -- C:\WINDOWS\pw32a.dll
[2010/02/24 04:32:02 | 000,335,872 | ---- | C] () -- C:\WINDOWS\System32\ldf252.dll
[2010/02/24 02:32:34 | 000,012,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2010/02/24 02:32:34 | 000,010,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2010/02/24 02:19:33 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2010/02/24 02:19:33 | 000,012,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2010/02/24 00:56:21 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\WLNdis50.sys
[2009/10/04 11:42:17 | 000,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/08/20 19:26:52 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2007/08/20 19:26:52 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2007/08/15 17:33:14 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/08/15 17:30:26 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/03/12 13:01:30 | 000,217,088 | ---- | C] () -- C:\WINDOWS\NVGfxOgl.dll
========== LOP Check ==========
[2010/05/29 03:19:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avery
[2010/06/22 16:52:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/06/22 16:31:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2010/04/18 16:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Digital Asphyxia
[2010/03/05 00:41:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2010/04/11 18:47:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PreEmptive Solutions
[2010/02/24 02:01:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ralink Driver
[2010/03/25 18:29:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2010/04/18 16:28:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2010/06/28 02:51:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2010/03/28 01:18:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp
[2010/02/24 04:32:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\infexus\Application Data\ACD Systems
[2010/02/24 04:30:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\infexus\Application Data\ACDInTouch
[2010/05/29 03:21:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\infexus\Application Data\Avery
[2010/07/02 02:52:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\infexus\Application Data\BitComet
[2010/04/27 19:49:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\infexus\Application Data\Coby Media Manager
[2010/06/25 03:31:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\infexus\Application Data\DAEMON Tools Lite
[2010/06/22 16:39:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\infexus\Application Data\DAEMON Tools Pro
[2010/04/18 16:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\infexus\Application Data\Digital Asphyxia
[2010/03/22 13:48:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\infexus\Application Data\DVDFab
[2010/07/01 04:57:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\infexus\Application Data\LimeWire
[2010/02/24 19:15:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\infexus\Application Data\Research In Motion
[2010/06/14 17:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\infexus\Application Data\RipIt4Me
[2010/05/05 07:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\infexus\Application Data\SanDisk
[2010/04/06 18:44:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\infexus\Application Data\SecondLife
[2010/04/05 20:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\infexus\Application Data\uTorrent
[2010/06/14 15:23:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\infexus\Application Data\Vso
[2010/02/24 03:20:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\infexus\Application Data\Windows Desktop Search
[2010/03/24 06:44:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\infexus\Application Data\Windows Search
[2010/06/10 09:14:55 | 000,000,330 | ---- | M] () -- C:\WINDOWS\Tasks\Copy of Kickin it.job
[2010/06/10 09:14:59 | 000,000,330 | ---- | M] () -- C:\WINDOWS\Tasks\Kickin it.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2010/02/24 00:33:03 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/02/24 02:18:54 | 000,000,223 | ---- | M] () -- C:\Boot.bak
[2010/07/03 15:21:04 | 000,000,293 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
[2010/07/03 16:35:55 | 000,023,713 | ---- | M] () -- C:\ComboFix.txt
[2010/02/24 00:33:03 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/02/24 00:33:03 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/06/14 18:04:26 | 000,006,346 | ---- | M] () -- C:\JavaRa.log
[2010/07/02 02:55:17 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2010/02/24 00:33:03 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/04/14 07:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/14 07:00:00 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/07/03 16:29:25 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2008/07/06 07:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2009/04/16 15:08:20 | 000,312,832 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpfpp70v.dll
[2006/10/26 20:58:12 | 000,030,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
< %systemroot%\system32\*.wt >
< %systemroot%\system32\*.ruy >
< %systemroot%\Fonts\*.com >
[2006/04/18 16:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 15:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 16:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 15:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\system32\spool\prtprocs\w32x86\*.tmp >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2008/04/14 07:00:00 | 001,267,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\comsvcs.dll
[2008/04/14 07:00:00 | 001,384,479 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msvbvm60.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2010/02/23 18:21:27 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010/02/23 18:21:27 | 001,089,536 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010/02/23 18:21:26 | 000,929,792 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\user32.dll /md5 >
[2008/04/14 07:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\user32.dll
< %systemroot%\system32\ws2_32.dll /md5 >
[2008/04/14 07:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\system32\ws2help.dll /md5 >
[2008/04/14 07:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=9789E95E1D88EEB4B922BF3EA7779C28 -- C:\WINDOWS\system32\ws2help.dll
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-06-23 17:45:42
< End of report >
-
July 3rd, 2010, 06:57 PM
#21
Wow. Now THOSE are some loooooong log files. lol
-
July 3rd, 2010, 07:09 PM
#22
Haha...
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
Code:
:OTL
DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - Reg Error: Value error. File not found
:Services
:Reg
:Files
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
[Reboot]
- Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
- You will get a log that shows the results of the fix. Please post it.
-
July 3rd, 2010, 07:23 PM
#23
All processes killed
========== OTL ==========
Service catchme stopped successfully!
Service catchme deleted successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: infexus
->Temp folder emptied: 82701 bytes
->Temporary Internet Files folder emptied: 607652 bytes
->Java cache emptied: 11580 bytes
->Google Chrome cache emptied: 44433258 bytes
->Flash cache emptied: 1990198 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 16384 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 56473 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 45.00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: infexus
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0.00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.7.0 log created on 07032010_181329
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temp\Perflib_Perfdata_b0c.dat not found!
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_6b0.dat not found!
C:\WINDOWS\temp\Perflib_Perfdata_950.dat moved successfully.
Registry entries deleted on Reboot...
-
July 3rd, 2010, 07:29 PM
#24
Very good 
1. Download Temp File Cleaner (TFC)
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.
2. Go to Kaspersky website and perform an online antivirus scan.
1. Disable your active antivirus program.
2. Read through the requirements and privacy statement and click on Accept button.
3. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
4. When the downloads have finished, click on Settings.
5. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
- Spyware, Adware, Dialers, and other potentially dangerous programs
- Archives
- Mail databases
6. Click on My Computer under Scan.
7. Once the scan is complete, it will display the results. Click on View Scan Report.
8. You will see a list of infected items there. Click on Save Report As....
9. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.
-
July 3rd, 2010, 07:50 PM
#25
Hey Broni, got another suggestion for an online scanner? I have KIS 8.0 already installed, and the online 7.0 scanner won't run since I do.
-
July 3rd, 2010, 07:52 PM
#26
Oh sure, sorry for that...
Please run a free online scan with the ESET Online Scanner
- Disable your antivirus program
- Tick the box next to YES, I accept the Terms of Use
- Click Start
- Accept any security warnings from your browser.
- Check Scan archives
- Click Start
- ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
- When the scan completes, push List of found threats
- Push Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
-
July 3rd, 2010, 11:38 PM
#27
-
July 3rd, 2010, 11:49 PM
#28
By the way, what have you seen so far in my logs? What ended up infecting my system? Just curious.
-
July 4th, 2010, 11:14 AM
#29
What ended up infecting my system?
There is no way to answer your question. Nothing really major was found.
Combofix removed some stuff, including one trojan and that's about it.
OTL Clean-Up
Clean up with OTL:
* Double-click OTL.exe to start the program.
* Close all other programs apart from OTL as this step will require a reboot
* On the OTL main screen, press the CLEANUP button
* Say Yes to the prompt and then allow the program to reboot your computer.
If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.
==============================================================
Your computer is clean 
1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point.
Turn off System Restore:
- Windows XP:
1. Click Start.
2. Right-click the My Computer icon, and then click Properties.
3. Click the System Restore tab.
4. Check "Turn off System Restore".
5. Click Apply.
6. When turning off System Restore, the existing restore points will be deleted. Click Yes to do this.
7. Click OK.
- Windows Vista and 7:
1. Click Start.
2. Right-click the Computer icon, and then click Properties.
3. Click on System Protection under the Tasks column on the left side
4. Click on Continue on the "User Account Control" window that pops up
5. Under the System Protection tab, find Available Disks
6. Uncheck the box for any drive you wish to disable system restore on (in most cases, drive "C:")
7. When turning off System Restore, the existing restore points will be deleted. Click "Turn System Restore Off" on the popup window to do this.
8. Click OK
2. Restart computer.
3. Turn System Restore on.
4. Make sure, Windows Updates are current.
5. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!
6. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.
7. Run defrag at your convenience.
8. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
9. Please, let me know, how is your computer doing.
-
July 4th, 2010, 04:03 PM
#30
Done and done. I don't use System Restore anyways, so that's kewl. Thanks Broni, I really appreciate your time and help.
Windows 7 Professional 64bit
AMD Athlon64 X2 6000+ @ 3.0Ghz
4GB Corsair Performance RAM
Asus M2N-E Mainboard
Coolermaster NV690 NVidia SE case
Ultra Modular PSU @ 500W
WD 320GB SATAHDD (system)
WD 1.0TB SATAHDD (backup)
Plextor SATA DVDMultiwrite
LiteOn SATA DVDRW
Ultra 3.5 floppy w/USB Multi-Card reader
EVGA GeForceFX 8600GTS PCI-e w/512MB
TRENDnet Wireless N-Draft
6x 120mm Coolermaster high-flow green LED fans
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
