Solved: Computer has been infected! Vista 64 W/logs

miller330i · 19-Oct-2009, 10:31 PM #1

DDS (Ver_09-10-13.01) - NTFSx86 NETWORK
Run by Desktop at 11:52:29.18 on Sun 10/18/2009
Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_16
Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.1.1033.18.4093.2182 [GMT -7:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeperUI.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMSvc.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Webroot\WebrootSecurity\SSU.EXE
C:\Users\Desktop\Desktop\dds.pif
C:\Windows\system32\wbem\wmiprvse.exe

Pseudo HJT Report

uStart Page = https://login.yahoo.com/config/login_verify2?&.src=ym
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files (x86)\adobe\/Adobe Contribute CS4/contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files (x86)\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)\google\googletoolbarnotifier\5.3.4501.1418\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files (x86)\adobe\/Adobe Contribute CS4/contributeieplugin.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [AdobeBridge]
uRun: [swg] "c:\program files (x86)\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [<NO NAME>]
mRun: [SBAMTray] "c:\program files (x86)\sunbelt software\vipre\SBAMTray.exe"
mRun: [SpySweeper] "c:\program files (x86)\webroot\webrootsecurity\SpySweeperUI.exe" /startintray
mRunOnce: [InnoSetupRegFile.0000000001] "c:\windows\is-M883O.exe" /REG
mRunOnce: [Malwarebytes' Anti-Malware] "c:\program files (x86)\malwarebytes' anti-malware\mbamgui.exe" /install /silent
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: Google Sidewiki... - c:\program files (x86)\google\google toolbar\component\GoogleToolbarDynamic_mui_en_674125AABFE11C21.dll/cmsidewiki.html
IE: {E59EB121-F339-4851-A3BA-FE49C35617C2} - c:\program files (x86)\icq6.5\ICQ.exe
IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files (x86)\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files (x86)\skype\toolbars\internet explorer\SkypeIEPlugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~2\common~1\skype\SKYPE4~1.DLL
SEH: {F552DDE6-2090-4bf4-B924-6141E87789A5} - No File

================= FIREFOX ===================

FF - ProfilePath - c:\users\desktop\appdata\roaming\mozilla\firefox\profiles\kwgeslrt.default\
FF - prefs.js: browser.search.selectedEngine - Sky Web Search
FF - prefs.js: browser.startup.homepage -
FF - plugin: c:\program files (x86)\download manager\npfpdlm.dll
FF - plugin: c:\program files (x86)\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files (x86)\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files (x86)\vistacodecpack\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files (x86)\vistacodecpack\rm\browser\plugins\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R0 PxHlpa64;PxHlpa64;c:\windows\system32\drivers\pxhlpa64.sys --> c:\windows\system32\drivers\PxHlpa64.sys [?]
R0 ssfs0bbc;ssfs0bbc;c:\windows\system32\drivers\ssfs0bbc.sys --> c:\windows\system32\drivers\ssfs0bbc.sys [?]
R1 sbtis;sbtis;c:\windows\system32\drivers\sbtis.sys --> c:\windows\system32\drivers\sbtis.sys [?]
R1 StarPortLite;StarPort Storage Controller (Lite);c:\windows\system32\drivers\starportlite.sys --> c:\windows\system32\drivers\StarPortLite.sys [?]
R2 SBAMSvc;VIPRE Antivirus + Antispyware;c:\program files (x86)\sunbelt software\vipre\SBAMSvc.exe [2009-9-7 1012040]
R2 WRConsumerService;Webroot Client Service;c:\program files (x86)\webroot\webrootsecurity\WRConsumerService.exe [2009-10-18 1201640]
R3 AmdLLD64;AMD Low Level Device Driver;c:\windows\system32\drivers\amdlld64.sys --> c:\windows\system32\drivers\AmdLLD64.sys [?]
S1 AmdTools;AMD Special Tools Driver;c:\windows\system32\drivers\amdtools64.sys --> c:\windows\system32\drivers\AmdTools64.sys [?]
S2 LVPrcS64;Process Monitor;c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe [2009-4-30 190488]
S2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys --> c:\windows\system32\drivers\sbapifs.sys [?]
S3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\atihdmi.sys --> c:\windows\system32\drivers\AtiHdmi.sys [?]
S3 atillk64;atillk64;c:\program files (x86)\ati technologies\amd gpu clock tool\atillk64.sys [2007-5-29 14608]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe [2009-8-3 89920]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\drivers\lvpr2m64.sys --> c:\windows\system32\drivers\LVPr2M64.sys [?]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\mpnwmon.sys --> c:\windows\system32\drivers\MpNWMon.sys [?]
S3 PerfHost;Performance Counter DLL Host;c:\windows\syswow64\perfhost.exe [2009-8-3 19968]
S3 RivaTuner64;RivaTuner64;c:\program files (x86)\rivatuner v2.24\RivaTuner64.sys [2009-2-25 19952]
S4 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\VersionCueCS4.exe [2008-8-15 284016]
S4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe --> c:\windows\system32\atiesrxx.exe [?]
S4 AODService;AODService;c:\program files (x86)\amd\overdrive\AODAssist.exe [2009-5-5 124256]
S4 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\common files\macrovision shared\flexnet publisher\FNPLicensingService64.exe [2009-8-12 1038088]
S4 gupdate1ca148920d17d96;Google Update Service (gupdate1ca148920d17d96);c:\program files (x86)\google\update\GoogleUpdate.exe [2009-8-3 133104]
S4 LicCtrlService;LicCtrl Service;c:\windows\Runservice.exe [2009-8-12 2560]
S4 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;c:\program files (x86)\common files\creative labs shared\service\XMBLicensing.exe [2009-8-2 79360]

2009-10-18 11:00 <DIR> --d----- c:\users\desktop\appdata\roaming\Malwarebytes
2009-10-18 11:00 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-18 11:00 <DIR> --d----- c:\programdata\Malwarebytes
2009-10-18 11:00 <DIR> --d----- c:\program files (x86)\Malwarebytes' Anti-Malware
2009-10-18 11:00 <DIR> --d----- c:\progra~3\Malwarebytes
2009-10-18 00:27 775,168 a------- c:\windows\is-M883O.exe
2009-10-18 00:27 10,194 a------- c:\windows\is-M883O.msg
2009-10-18 00:27 317 a------- c:\windows\is-M883O.lst
2009-10-18 00:26 <DIR> --d----- c:\program files (x86)\MSSOAP
2009-10-18 00:26 <DIR> --d----- c:\program files (x86)\common files\MSSoap
2009-10-18 00:26 1,563,008 a------- c:\windows\WRSetup.dll
2009-10-18 00:26 <DIR> --d----- c:\users\desktop\appdata\roaming\Webroot
2009-10-18 00:26 <DIR> --d----- c:\programdata\Webroot
2009-10-18 00:26 <DIR> --d----- c:\program files (x86)\Webroot
2009-10-18 00:26 <DIR> --d----- c:\progra~3\Webroot
2009-10-18 00:24 164 a------- c:\windows\install.dat
2009-10-17 23:07 91 a------- c:\users\desktop\appdata\roaming\netstat.bat
2009-10-17 22:46 <DIR> --d----- c:\users\desktop\appdata\roaming\Sunbelt
2009-10-17 22:46 <DIR> --d----- c:\programdata\Sunbelt
2009-10-17 22:46 <DIR> --d----- c:\progra~3\Sunbelt
2009-10-17 22:30 <DIR> --d----- c:\program files (x86)\Sunbelt Software
2009-10-17 22:21 <DIR> --d----- C:\sbtemp
2009-10-17 22:10 <DIR> --d----- c:\program files (x86)\Trend Micro
2009-10-17 10:44 0 a------- c:\windows\win32k.sys
2009-10-17 08:55 <DIR> a-d----- c:\programdata\TEMP
2009-10-17 08:55 <DIR> --d----- c:\users\desktop\appdata\roaming\Any DVD Converter Professional
2009-10-17 08:55 <DIR> --d----- c:\program files (x86)\Any DVD Converter Professional
2009-10-16 08:48 <DIR> --d----- c:\program files (x86)\ICQ6.5
2009-10-15 14:12 <DIR> --d----- c:\users\desktop\appdata\roaming\FastStone
2009-10-15 14:12 <DIR> --d----- c:\program files (x86)\FastStone Photo Resizer
2009-10-15 08:40 <DIR> --d----- c:\program files (x86)\uTorrent
2009-10-14 12:06 <DIR> --d----- c:\programdata\ATI
2009-10-13 23:34 <DIR> --d----- c:\users\desktop\Tracing
2009-10-13 23:32 <DIR> --d----- c:\program files (x86)\Microsoft
2009-10-13 23:26 <DIR> --d----- c:\program files (x86)\common files\Windows Live
2009-10-13 23:03 <DIR> --d----- c:\windows\system32\xlive
2009-10-13 23:03 <DIR> --d----- c:\program files (x86)\Microsoft Games for Windows - LIVE
2009-10-13 22:58 834,048 a------- c:\windows\system32\wininet.dll
2009-10-13 22:58 78,336 a------- c:\windows\system32\ieencode.dll
2009-10-13 22:58 604,672 a------- c:\windows\system32\WMSPDMOD.DLL
2009-10-13 22:58 218,624 a------- c:\windows\system32\msv1_0.dll
2009-10-13 22:57 60,928 a------- c:\windows\system32\msasn1.dll
2009-10-13 16:59 2,146,304 a------- c:\windows\system32\GPhotos.scr
2009-10-13 09:52 <DIR> --d----- c:\windows\pss
2009-10-13 09:13 <DIR> --d----- c:\program files (x86)\Microsoft Games
2009-10-13 09:13 <DIR> --d----- c:\programdata\Microsoft Games
2009-10-13 09:13 <DIR> --d----- c:\progra~3\Microsoft Games
2009-10-13 09:12 <DIR> --d----- c:\users\desktop\appdata\roaming\Microsoft Game Studios
2009-10-13 09:07 255,552 a------- c:\windows\system32\drivers\mcdbus.sys
2009-10-13 09:07 <DIR> --d----- c:\program files (x86)\MagicDisc
2009-10-03 10:29 <DIR> --d----- c:\programdata\LogiShrd
2009-10-01 23:16 <DIR> --d----- c:\program files (x86)\Microsoft CAPICOM 2.1.0.2
2009-10-01 16:26 <DIR> --d----- c:\program files (x86)\Microsoft Antimalware
2009-09-23 13:46 180,224 a------- c:\windows\system32\cnvshell.dll
2009-09-23 13:46 <DIR> --d----- c:\program files (x86)\ImageConverter Plus
2009-09-23 12:52 <DIR> --d----- c:\program files (x86)\iTunes
2009-09-23 12:09 704,282 a------- c:\program files (x86)\unins000.exe
2009-09-23 12:09 18,052 a------- c:\program files (x86)\unins000.dat
2009-09-23 11:09 <DIR> --d----- c:\program files (x86)\505games
2009-09-22 09:30 <DIR> --d----- c:\users\desktop\appdata\roaming\Wargaming.Net
2009-09-22 09:29 <DIR> --d----- c:\windows\system32\AGEIA

2009-10-14 11:59 51,200 a------- c:\windows\inf\infpub.dat
2009-10-14 11:59 143,360 a------- c:\windows\inf\infstrng.dat
2009-10-14 11:59 86,016 a------- c:\windows\inf\infstor.dat
2009-10-12 17:13 189,184 a------- c:\windows\system32\PnkBstrB.exe
2009-09-02 13:40 29,584 a------- c:\windows\system32\drivers\regguard.sys
2009-08-28 19:42 331,776 a------- c:\windows\apppatch\apppatch64\AcLayers.dll
2009-08-28 19:42 284,672 a------- c:\windows\apppatch\apppatch64\AcGenral.dll
2009-08-28 19:42 100,352 a------- c:\windows\apppatch\apppatch64\acspecfc.dll
2009-08-28 19:30 173,056 a------- c:\windows\apppatch\AcXtrnal.dll
2009-08-28 19:30 458,752 a------- c:\windows\apppatch\AcSpecfc.dll
2009-08-28 19:30 2,159,616 a------- c:\windows\apppatch\AcGenral.dll
2009-08-28 19:30 542,720 a------- c:\windows\apppatch\AcLayers.dll
2009-08-28 17:27 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-28 17:14 28,672 a------- c:\windows\system32\Apphlpdm.dll
2009-08-22 02:19 278,528 a------- c:\users\desktop\ATIInfo.exe
2009-08-21 12:10 411,368 a------- c:\windows\system32\deploytk.dll
2009-08-14 08:53 17,920 a------- c:\windows\system32\netevent.dll
2009-08-14 06:49 9,728 a------- c:\windows\system32\TCPSVCS.EXE
2009-08-14 06:49 17,920 a------- c:\windows\system32\ROUTE.EXE
2009-08-14 06:49 11,264 a------- c:\windows\system32\MRINFO.EXE
2009-08-14 06:49 27,136 a------- c:\windows\system32\NETSTAT.EXE
2009-08-14 06:49 19,968 a------- c:\windows\system32\ARP.EXE
2009-08-14 06:49 8,704 a------- c:\windows\system32\HOSTNAME.EXE
2009-08-14 06:49 10,240 a------- c:\windows\system32\finger.exe
2009-08-14 06:48 105,984 a------- c:\windows\system32\netiohlp.dll
2009-08-13 19:13 356,352 a------- c:\windows\system32\atipdlxx.dll
2009-08-13 19:13 274,432 a------- c:\windows\system32\Oemdspif.dll
2009-08-13 19:13 43,520 a------- c:\windows\system32\ati2edxx.dll
2009-08-13 19:10 2,896,896 a------- c:\windows\system32\atidxx32.dll
2009-08-13 18:55 3,578,368 a------- c:\windows\system32\atiumdag.dll
2009-08-13 18:44 12,916,224 a------- c:\windows\system32\atioglxx.dll
2009-08-13 18:37 2,829,824 a------- c:\windows\system32\atiumdva.dll
2009-08-13 18:25 52,224 a------- c:\windows\system32\atimpc32.dll
2009-08-13 18:25 52,224 a------- c:\windows\system32\amdpcom32.dll
2009-08-13 18:24 200,704 a------- c:\windows\system32\atiadlxy.dll
2009-08-13 18:22 53,248 a------- c:\windows\system32\aticalrt.dll
2009-08-13 18:22 53,248 a------- c:\windows\system32\aticalcl.dll
2009-08-13 18:21 3,481,600 a------- c:\windows\system32\aticaldd.dll
2009-08-12 20:21 75,064 a------- c:\windows\system32\PnkBstrA.exe
2009-08-12 18:50 682,280 a------- c:\windows\system32\pbsvc.exe
2009-08-12 14:35 48,640 a------- c:\windows\mmfs.dll
2009-08-12 14:35 2,560 a------- c:\windows\Runservice.exe
2009-08-09 23:14 99,384 a------- c:\users\desktop\appdata\roaming\inst.exe
2009-08-09 23:14 82,816 a------- c:\users\desktop\appdata\roaming\pcouffin.sys
2009-08-07 19:51 15,308,424 a------- c:\windows\system32\xlive.dll
2009-08-07 19:51 13,642,888 a------- c:\windows\system32\xlivefnt.dll
2009-08-06 13:06 59,904 a------- c:\windows\system32\zlib1.dll
2009-08-06 13:02 286,720 a------- c:\windows\system32\libcurl.dll
2009-08-06 13:02 1,028,096 a------- c:\windows\system32\libeay32.dll
2009-08-06 13:02 196,608 a------- c:\windows\system32\ssleay32.dll
2009-08-06 13:02 143,360 a------- c:\windows\system32\libexpatw.dll
2009-08-03 21:40 178,800 a------- c:\windows\system32\CmdLineExt_x64.dll
2009-08-03 15:35 665,600 a------- c:\windows\inf\drvindex.dat
2009-08-03 15:18 174 a--sh--- c:\program files (x86)\desktop.ini
2009-08-03 15:06 101,888 a------- c:\windows\system32\ifxcardm.dll
2009-08-03 15:06 82,432 a------- c:\windows\system32\axaltocm.dll
2009-08-03 10:36 7,680 a------- c:\windows\system32\kbd106n.dll
2009-08-03 10:23 145,920 a------- c:\windows\apppatch\apppatch64\iebrshim.dll
2009-08-03 10:23 52,736 a------- c:\windows\apppatch\iebrshim.dll
2009-08-03 10:21 675,152 a------- c:\windows\system32\gpprefcl.dll
2009-08-03 10:02 41,984 a------- c:\windows\system32\netfxperf.dll
2009-08-03 00:25 2,048 a------- c:\windows\system32\msxml3r.dll
2009-08-03 00:23 623,616 a------- c:\windows\system32\localspl.dll
2009-08-03 00:22 677,376 a------- c:\windows\system32\rpcrt4.dll
2009-08-03 00:20 37,888 a------- c:\windows\system32\printcom.dll
2009-08-03 00:11 2,048 a------- c:\windows\system32\msxml6r.dll
2009-08-03 00:06 84,480 a------- c:\windows\system32\INETRES.dll
2009-08-02 23:55 289,792 a------- c:\windows\system32\atmfd.dll
2009-08-02 23:55 156,672 a------- c:\windows\system32\t2embed.dll
2009-08-02 23:55 34,304 a------- c:\windows\system32\atmlib.dll
2009-08-02 23:55 23,552 a------- c:\windows\system32\lpk.dll
2009-08-02 23:55 72,704 a------- c:\windows\system32\fontsub.dll
2009-08-02 23:55 10,240 a------- c:\windows\system32\dciman32.dll
2009-08-02 23:53 72,704 a------- c:\windows\system32\admparse.dll
2009-08-02 23:53 48,128 a------- c:\windows\system32\mshtmler.dll
2009-08-02 23:14 83,456 a------- c:\windows\system32\wudriver.dll
2009-08-02 23:14 162,064 a------- c:\windows\system32\wuwebv.dll
2009-08-02 23:14 31,232 a------- c:\windows\system32\wuapp.exe
2009-08-02 22:19 413,696 a------- c:\windows\system32\wrap_oal.dll
2009-08-02 22:19 110,592 a------- c:\windows\system32\OpenAL32.dll
2009-07-20 23:52 499,712 a------- c:\windows\system32\msvcp71.dll
2009-07-20 23:52 348,160 a------- c:\windows\system32\msvcr71.dll
2006-11-02 08:14 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 08:14 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 08:14 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 08:14 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 03:52 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 03:52 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 03:52 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 03:52 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 11:55:57.60 ===============
Running processes:
C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeperUI.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/config/login_verify2?&.src=ym
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SBAMTray] "C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMTray.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeperUI.exe" /startintray
O4 - HKLM\..\RunOnce: [InnoSetupRegFile.0000000001] "C:\Windows\is-M883O.exe" /REG
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent
O4 - HKLM\..\RunOnce: [GrpConv] grpconv -o
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_674125AABFE11C21.dll/cmsidewiki.html
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files (x86)\Canon\CAL\CALMAIN.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VIPRE Antivirus + Antispyware (SBAMSvc) - Sunbelt Software - C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMSvc.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe
DDS (Ver_09-10-13.01)

Microsoft® Windows Vista™ Ultimate
Boot Device: \Device\HarddiskVolume2
Install Date: 8/2/2009 5:26:50 PM
System Uptime: 10/18/2009 3:19:04 AM (8 hours ago)

Motherboard: ASUSTeK Computer INC. | | Crosshair III Formula
Processor: AMD Phenom(tm) II X4 955 Processor | AM3 | 3600/200mhz

miller330i · 19-Oct-2009, 10:34 PM #2

Just wanted to get all the logs in. If you need any more info please ask. I just had this thing running like I wanted it. Last time i do a risky favor for someone! Jeff

miller330i · 22-Oct-2009, 02:52 AM #3

with webroot, and a couple other programs ai have killed off most of the viruses and trojans, but i still have an adware problem. Please look at the log and tell me what to do! Thanks! jeffrey

emeraldnzl · 22-Oct-2009, 06:06 PM #4

Hello miller330i,

Welcome to TSG.

You may have used Malwarebytes before. If you have, and still have it on your machine, please update and run. Post the scan report back here.

If you do not have Malwarebytes please download from Here

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Next

Download OTL to your desktop.
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Under the Standard Registry box change it to All.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

So when you return please post
MBAM log

the two OTL logs - OTL.txt and Extras.txt

Note: Unless otherwise instructed always post the logs in the forum. If reports don't fit on one post. It might be necessary to break the logs up to get them on the forum. Just use as many posts as you need, that's fine.

miller330i · 22-Oct-2009, 08:22 PM #5

OTL logfile created on: 10/22/2009 4:20:05 PM - Run 1
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Users\Desktop\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.20 Gb Available Physical Memory | 55.15% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279.46 Gb Total Space | 155.83 Gb Free Space | 55.76% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 279.45 Gb Total Space | 10.30 Gb Free Space | 3.69% Space Free | Partition Type: NTFS
Drive F: | 3.83 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DESKTOP1
Current User Name: Desktop
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
OTL Extras logfile created on: 10/22/2009 4:20:05 PM - Run 1
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Users\Desktop\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.20 Gb Available Physical Memory | 55.15% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279.46 Gb Total Space | 155.83 Gb Free Space | 55.76% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 279.45 Gb Total Space | 10.30 Gb Free Space | 3.69% Space Free | Partition Type: NTFS
Drive F: | 3.83 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DESKTOP1
Current User Name: Desktop
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
Malwarebytes' Anti-Malware 1.41
Database version: 3013
Windows 6.0.6002 Service Pack 2

10/22/2009 3:58:35 PM
mbam-log-2009-10-22 (15-58-35).txt

Scan type: Quick Scan
Objects scanned: 85472
Time elapsed: 2 minute(s), 25 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

emeraldnzl · 22-Oct-2009, 08:39 PM #6

Hello

Unless I am missing something that OTL log got cut off right at the start.

Please post the rest and the Extras log too if you have it.

miller330i · 22-Oct-2009, 11:25 PM #7

========== Files/Folders - Created Within 30 Days ==========

[2 C:\Windows\SysWow64\*.tmp files]
[1 C:\Windows\*.tmp files]
[2009/10/20 23:12:51 | 00,000,000 | -H-D | C] -- C:\ProgramData\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
[2009/10/14 12:06:06 | 00,000,000 | ---D | C] -- C:\ProgramData\ATI
[2009/10/21 11:18:11 | 00,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2009/10/03 10:29:12 | 00,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2009/10/18 11:00:30 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/10/13 09:13:21 | 00,000,000 | ---D | C] -- C:\ProgramData\Microsoft Games
[2009/10/20 23:38:59 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2009/10/17 22:46:01 | 00,000,000 | ---D | C] -- C:\ProgramData\Sunbelt
[2009/10/17 08:55:20 | 00,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2009/10/18 23:31:31 | 00,000,000 | ---D | C] -- C:\ProgramData\WebRoot
[2009/10/17 08:55:09 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Any DVD Converter Professional
[2009/10/07 20:09:00 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Canon
[2009/10/15 14:12:17 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\FastStone
[2009/10/16 08:48:55 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\ICQ
[2009/10/18 11:00:34 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Malwarebytes
[2009/10/13 09:12:55 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Microsoft Game Studios
[2009/10/17 22:46:11 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Sunbelt
[2009/10/11 21:54:08 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\vlc
[2009/10/19 00:28:44 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Roaming\Webroot
[1 C:\Users\Desktop\AppData\Local\*.tmp files]
[2009/10/21 12:49:00 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Local\Apple
[2009/10/03 10:29:33 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Local\LogiShrd
[2009/10/13 09:13:25 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Local\Microsoft Game Studios
[2009/10/22 14:35:45 | 00,000,000 | ---D | C] -- C:\Users\Desktop\AppData\Local\Visual Business Cards
[1 C:\Users\Desktop\AppData\Local\*.tmp files]
[2009/10/19 19:25:30 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MSSoap
[2009/10/13 23:26:31 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2009/09/23 11:09:27 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\505games
[2009/10/17 08:55:05 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Any DVD Converter Professional
[2009/10/15 14:12:13 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\FastStone Photo Resizer
[2009/10/16 08:48:42 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6.5
[2009/09/23 13:46:30 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\ImageConverter Plus
[2009/09/23 12:52:36 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2009/10/21 11:18:11 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2009/10/13 09:07:29 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\MagicDisc
[2009/10/18 11:00:30 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2009/10/13 23:32:29 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2009/10/01 16:26:26 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Antimalware
[2009/10/01 23:16:39 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2009/10/13 09:13:42 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games
[2009/10/13 23:03:01 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2009/10/02 10:49:26 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2009/10/19 19:25:30 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\MSSOAP
[2009/10/20 23:38:59 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2009/10/18 17:46:08 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster
[2009/10/17 22:30:05 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Sunbelt Software
[2009/10/17 22:10:52 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2009/10/15 08:40:29 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2009/10/22 14:32:23 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Visual Business Cards
[2009/10/18 00:26:21 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Webroot
[2009/10/03 10:27:16 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd
[2009/10/14 11:57:11 | 00,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2009/09/23 12:52:37 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/09/23 12:52:36 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/10/01 16:26:17 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2009/10/22 14:35:46 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Documents\Visual Business Cards
[2009/10/21 11:19:47 | 00,069,152 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys
[2009/10/19 21:25:42 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2009/10/19 21:25:40 | 00,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2009/10/19 19:25:19 | 00,078,088 | ---- | C] (Privacyware/PWI, Inc.) -- C:\Windows\SysNative\drivers\pwipf6.sys
[2009/10/19 19:25:11 | 01,563,008 | ---- | C] (Webroot Software, Inc.) -- C:\Windows\WRSetup.dll
[2009/10/19 19:22:24 | 00,078,088 | ---- | C] (Privacyware/PWI, Inc.) -- C:\Windows\SysWow64\drivers\pwipf6.sys
[2009/10/18 12:06:58 | 00,000,000 | --SD | C] -- C:\TheHammer3533T
[2009/10/18 12:06:26 | 00,000,000 | --SD | C] -- C:\TheHammer
[2009/10/18 12:06:26 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/10/17 22:21:11 | 00,000,000 | ---D | C] -- C:\sbtemp
[2009/10/17 10:17:17 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Documents\OJOsoft Corporation
[2009/10/17 08:55:21 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Documents\Any DVD Converter Professional
[2009/10/13 23:32:20 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2009/10/13 23:03:07 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2009/10/13 22:58:55 | 05,690,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.dll
[2009/10/13 22:58:53 | 07,006,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieframe.dll
[2009/10/13 22:58:52 | 01,426,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\urlmon.dll
[2009/10/13 22:58:52 | 01,032,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll
[2009/10/13 22:58:51 | 03,599,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll
[2009/10/13 22:58:51 | 01,176,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\urlmon.dll
[2009/10/13 22:58:51 | 00,834,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2009/10/13 22:58:50 | 06,079,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieframe.dll
[2009/10/13 22:58:48 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2009/10/13 22:58:47 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieencode.dll
[2009/10/13 22:58:47 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieencode.dll
[2009/10/13 22:58:45 | 00,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2009/10/13 22:58:45 | 00,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2009/10/13 22:58:34 | 04,698,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2009/10/13 22:58:33 | 00,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL
[2009/10/13 22:58:33 | 00,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL
[2009/10/13 22:58:32 | 00,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msv1_0.dll
[2009/10/13 22:58:32 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msv1_0.dll
[2009/10/13 22:57:46 | 00,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\srv2.sys
[2009/10/13 22:57:45 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2009/10/13 22:57:45 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msasn1.dll
[2009/10/13 16:59:22 | 02,146,304 | ---- | C] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr
[2009/10/13 09:52:53 | 00,000,000 | ---D | C] -- C:\Windows\pss
[2009/10/13 09:07:30 | 00,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysWow64\drivers\mcdbus.sys
[2009/10/13 09:07:30 | 00,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysNative\drivers\mcdbus.sys
[2009/10/12 20:08:55 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Desktop\Halo.2.XP-TheBabeLover
[2009/10/03 12:38:47 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Documents\SightSpeed Recordings
[2009/10/01 16:40:24 | 00,238,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MpSigStub.exe
[2009/09/23 13:46:35 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\ImageConverter Plus
[2009/09/23 13:46:34 | 00,180,224 | ---- | C] (fCoder Group International) -- C:\Windows\SysWow64\cnvshell.dll
[2009/09/23 13:46:34 | 00,000,000 | ---D | C] -- C:\Users\Desktop\Documents\Image Converter Plus
[2009/08/09 23:14:51 | 00,082,816 | ---- | C] (VSO Software) -- C:\Users\Desktop\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2 C:\Windows\SysWow64\*.tmp files]
[1 C:\Windows\*.tmp files]
[1 C:\Users\Desktop\AppData\Local\*.tmp files]
[2009/10/22 19:05:50 | 00,690,960 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009/10/22 19:05:50 | 00,595,446 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009/10/22 19:05:50 | 00,101,144 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009/10/22 18:59:34 | 00,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009/10/22 18:59:26 | 00,001,377 | -HS- | M] () -- C:\Windows\SysWow64\mmf.sys
[2009/10/22 18:59:18 | 00,004,176 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/10/22 18:59:18 | 00,004,176 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/10/22 18:59:16 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/10/22 18:59:12 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/10/22 18:35:00 | 00,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009/10/22 14:05:49 | 05,305,898 | -H-- | M] () -- C:\Users\Desktop\AppData\Local\IconCache.db
[2009/10/21 11:13:28 | 02,842,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2009/10/20 23:16:49 | 00,000,680 | ---- | M] () -- C:\Users\Desktop\AppData\Local\d3d9caps.dat
[2009/10/20 00:00:07 | 00,001,698 | ---- | M] () -- C:\Windows\tasks\wrSpySweeper_L592D3875AA694C63B4900DCF28BFD983.job
[2009/10/19 22:52:14 | 00,001,684 | ---- | M] () -- C:\Windows\tasks\wrSpySweeper_L7E41AE94A7394FECBDA9B88F3EFB8F6A.job
[2009/10/19 19:25:12 | 00,017,264 | ---- | M] () -- C:\Windows\SysNative\SsiEfr.exe
[2009/10/19 19:22:58 | 00,000,164 | ---- | M] () -- C:\Windows\install.dat
[2009/10/19 19:22:24 | 00,078,088 | ---- | M] (Privacyware/PWI, Inc.) -- C:\Windows\SysWow64\drivers\pwipf6.sys
[2009/10/19 19:22:24 | 00,078,088 | ---- | M] (Privacyware/PWI, Inc.) -- C:\Windows\SysNative\drivers\pwipf6.sys
[2009/10/19 19:05:56 | 00,000,732 | ---- | M] () -- C:\Users\Desktop\AppData\Local\d3d9caps64.dat
[2009/10/19 00:24:55 | 00,000,164 | ---- | M] () -- C:\install.dat
[2009/10/13 16:59:22 | 02,146,304 | ---- | M] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr
[2009/10/12 21:16:04 | 00,000,133 | ---- | M] () -- C:\Users\Desktop\AppData\Roaming\default.pls
[2009/10/12 17:13:49 | 00,189,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2009/10/12 17:13:49 | 00,189,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2009/10/12 11:36:22 | 00,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2009/10/04 22:31:38 | 00,000,412 | ---- | M] () -- C:\Windows\tasks\SmartDefrag.job
[2009/10/02 11:40:19 | 26,575,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mrt.exe
[2009/10/01 10:29:14 | 00,238,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MpSigStub.exe
[2009/09/23 12:11:33 | 00,018,052 | ---- | M] () -- C:\Program Files (x86)\unins000.dat
[2009/09/23 12:11:28 | 00,704,282 | ---- | M] () -- C:\Program Files (x86)\unins000.exe
[2009/09/23 05:55:23 | 00,069,152 | ---- | M] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys

========== Files - No Company Name ==========
[2009/10/22 14:05:49 | 05,305,898 | -H-- | C] () -- C:\Users\Desktop\AppData\Local\IconCache.db
[2009/10/21 17:14:19 | 00,015,688 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe
[2009/10/20 23:20:09 | 00,001,840 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_vcredistMSI3C6B.txt
[2009/10/20 23:20:04 | 00,012,862 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_vcredistUI3C6B.txt
[2009/10/19 20:58:52 | 00,001,698 | ---- | C] () -- C:\Windows\tasks\wrSpySweeper_L592D3875AA694C63B4900DCF28BFD983.job
[2009/10/19 20:58:51 | 00,001,684 | ---- | C] () -- C:\Windows\tasks\wrSpySweeper_L7E41AE94A7394FECBDA9B88F3EFB8F6A.job
[2009/10/19 19:25:15 | 00,017,264 | ---- | C] () -- C:\Windows\SysNative\SsiEfr.exe
[2009/10/19 19:22:57 | 00,000,164 | ---- | C] () -- C:\Windows\install.dat
[2009/10/18 23:23:57 | 00,000,164 | ---- | C] () -- C:\install.dat
[2009/10/18 21:43:33 | 00,000,680 | ---- | C] () -- C:\Users\Desktop\AppData\Local\d3d9caps.dat
[2009/10/12 11:36:22 | 00,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2009/10/01 23:15:42 | 00,231,562 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL90SP1_KB973924MSI6C8A.txt
[2009/10/01 23:15:41 | 00,014,524 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL90SP1_KB973924UI6C8A.txt
[2009/10/01 23:15:11 | 00,557,508 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL80SP1_KB973923MSI6C25.txt
[2009/10/01 23:15:10 | 00,014,540 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL80SP1_KB973923UI6C25.txt
[2009/10/01 23:14:50 | 00,541,238 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL80SP1_KB973923MSI6BD6.txt
[2009/10/01 23:14:46 | 00,014,492 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_ATL80SP1_KB973923UI6BD6.txt
[2009/09/23 12:09:15 | 00,704,282 | ---- | C] () -- C:\Program Files (x86)\unins000.exe
[2009/09/23 12:09:15 | 00,018,052 | ---- | C] () -- C:\Program Files (x86)\unins000.dat
[2009/09/18 12:18:50 | 00,000,612 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/08/15 09:27:07 | 00,016,384 | ---- | C] () -- C:\Users\Desktop\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/12 14:35:43 | 00,001,377 | -HS- | C] () -- C:\Windows\SysWow64\mmf.sys
[2009/08/12 14:35:41 | 00,048,640 | ---- | C] () -- C:\Windows\mmfs.dll
[2009/08/11 18:59:20 | 00,000,133 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\default.pls
[2009/08/10 09:22:01 | 00,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2009/08/09 23:15:35 | 00,000,034 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\pcouffin.log
[2009/08/09 23:14:51 | 00,099,384 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\inst.exe
[2009/08/09 23:14:51 | 00,007,859 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\pcouffin.cat
[2009/08/09 23:14:51 | 00,001,167 | ---- | C] () -- C:\Users\Desktop\AppData\Roaming\pcouffin.inf
[2009/08/07 19:51:34 | 00,178,430 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009/08/06 13:06:48 | 00,059,904 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll
[2009/08/06 13:02:40 | 00,286,720 | ---- | C] () -- C:\Windows\SysWow64\libcurl.dll
[2009/08/06 13:02:22 | 00,143,360 | ---- | C] () -- C:\Windows\SysWow64\libexpatw.dll
[2009/08/03 18:57:18 | 00,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/08/03 16:03:41 | 00,598,240 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_vcredistMSI2007.txt
[2009/08/03 16:03:39 | 00,020,488 | ---- | C] () -- C:\Users\Desktop\AppData\Local\dd_vcredistUI2007.txt
[2009/08/03 15:22:47 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/08/03 15:22:28 | 00,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/08/03 14:50:59 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2009/08/03 14:39:34 | 00,000,327 | ---- | C] () -- C:\Windows\RefreshLock.ini
[2009/08/03 10:30:45 | 00,000,000 | ---- | C] () -- C:\Windows\LCDMedia.INI
[2009/08/02 22:36:17 | 00,040,960 | ---- | C] () -- C:\Windows\SysWow64\IPPCPUID.DLL
[2009/08/02 22:35:19 | 00,011,776 | ---- | C] () -- C:\Windows\SysWow64\pmsbfn32.dll
[2009/08/02 22:33:44 | 00,000,428 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2009/08/02 22:28:02 | 00,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2009/08/02 22:28:02 | 00,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2009/08/02 22:28:00 | 00,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2009/08/02 22:28:00 | 00,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2009/08/02 22:19:34 | 00,000,989 | ---- | C] () -- C:\Windows\FF08_not_Spk_Hp.ini
[2009/08/02 22:19:34 | 00,000,928 | ---- | C] () -- C:\Windows\FF08_Render_Spk_Hp.ini
[2009/08/02 22:19:12 | 00,069,120 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2009/08/02 22:19:11 | 00,127,488 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2009/08/02 21:03:00 | 00,041,125 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2009/08/02 21:02:40 | 00,034,721 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009/08/02 21:02:40 | 00,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2009/08/02 21:00:48 | 00,051,960 | ---- | C] () -- C:\Users\Desktop\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/08/02 21:00:30 | 00,000,732 | ---- | C] () -- C:\Users\Desktop\AppData\Local\d3d9caps64.dat
[2009/06/02 18:11:16 | 00,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009/05/29 16:52:26 | 00,204,800 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009/05/29 16:47:06 | 00,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009/04/21 18:26:56 | 00,031,088 | ---- | C] () -- C:\Windows\SysWow64\wrLZMA.dll
[2008/10/07 09:13:30 | 00,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 09:13:22 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2008/09/12 16:21:02 | 00,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2007/09/04 12:56:10 | 00,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2007/02/05 20:05:26 | 00,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006/11/02 08:24:55 | 00,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini
[2006/11/02 08:24:55 | 00,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini
[2006/11/02 05:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 05:34:27 | 00,000,144 | ---- | C] () -- C:\Windows\win.ini

========== LOP Check ==========

[2009/10/19 00:28:44 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming
[2009/08/06 20:00:07 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\Ahead
[2009/10/17 08:55:20 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\Any DVD Converter Professional
[2009/08/03 07:49:43 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\ATI
[2009/10/07 20:09:00 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\Canon
[2009/08/09 09:55:53 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\DAEMON Tools Lite
[2009/08/05 09:54:51 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\Download Manager
[2009/08/07 19:11:21 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\DzSoft
[2009/10/16 10:26:09 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\ICQ
[2009/09/23 11:36:52 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\IGN_DLM
[2009/08/03 15:46:02 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\IObit
[2006/11/02 08:06:33 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\Media Center Programs
[2009/08/12 13:34:34 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\NewSoft
[2009/08/09 08:42:28 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\RegRun
[2009/08/02 22:33:39 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\ScanSoft
[2009/08/06 08:28:22 | 00,000,000 | RH-D | M] -- C:\Users\Desktop\AppData\Roaming\SecuROM
[2009/09/10 08:30:29 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\teamspeak2
[2009/10/22 19:07:25 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\uTorrent
[2009/08/09 18:28:00 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\VistaCodecs
[2009/08/09 23:15:35 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\Vso
[2009/09/22 10:04:39 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\Wargaming.Net
[2009/10/22 18:59:34 | 00,000,894 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2009/10/22 18:35:00 | 00,000,898 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2009/10/22 18:59:16 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/10/22 18:58:13 | 00,018,656 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/10/04 22:31:38 | 00,000,412 | ---- | M] () -- C:\Windows\Tasks\SmartDefrag.job
[2009/10/20 00:00:07 | 00,001,698 | ---- | M] () -- C:\Windows\Tasks\wrSpySweeper_L592D3875AA694C63B4900DCF28BFD983.job
[2009/10/19 22:52:14 | 00,001,684 | ---- | M] () -- C:\Windows\Tasks\wrSpySweeper_L7E41AE94A7394FECBDA9B88F3EFB8F6A.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:FB1B13D8
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5C321E34
< End of report >
------------------------------------------------------------------------

miller330i · 22-Oct-2009, 11:27 PM #8

Malwarebytes' Anti-Malware 1.41
Database version: 3013
Windows 6.0.6002 Service Pack 2

10/22/2009 7:12:26 PM
mbam-log-2009-10-22 (19-12-26).txt

Scan type: Quick Scan
Objects scanned: 84876
Time elapsed: 45 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
OTL logfile created on: 10/22/2009 7:14:18 PM - Run 3
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Users\Desktop\Desktop\icons
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.47 Gb Available Physical Memory | 61.67% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279.46 Gb Total Space | 155.92 Gb Free Space | 55.79% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 279.45 Gb Total Space | 10.30 Gb Free Space | 3.69% Space Free | Partition Type: NTFS
Drive F: | 3.83 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DESKTOP1
Current User Name: Desktop
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Program Files (x86)\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe (Webroot Software, Inc. (www.webroot.com))
PRC - C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeperUI.exe (Webroot Software, Inc.)
PRC - C:\Program Files (x86)\Webroot\WebrootSecurity\SSU.EXE (Webroot Software, Inc. (www.webroot.com))
PRC - C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe (Webroot Software, Inc. )
PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Users\Desktop\Desktop\icons\OTL.exe (OldTimer Tools)
PRC - C:\Windows\DAODx.exe ()
PRC - C:\Windows\runservice.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Windows\sysWOW64\wbem\wmiprvse.exe (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (Adobe Version Cue CS4 [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated)
SRV - (AODService [Disabled | Stopped]) -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe ()
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Bonjour Service [Disabled | Stopped]) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (CCALib8 [Auto | Running]) -- C:\Program Files (x86)\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_64 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CTAudSvcService [Disabled | Stopped]) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (ehRecvr [On_Demand | Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [On_Demand | Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (ehstart [Auto | Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
SRV - (FLEXnet Licensing Service [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (gupdate1ca148920d17d96 [Disabled | Stopped]) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (KeyIso [On_Demand | Stopped]) -- C:\Windows\SysWow64\keyiso.dll (Microsoft Corporation)
SRV - (Lavasoft Ad-Aware Service [Auto | Stopped]) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (LicCtrlService [Auto | Running]) -- C:\Windows\runservice.exe ()
SRV - (LightScribeService [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (MSDTC [Unknown | Stopped]) -- C:\Windows\SysWow64\Msdtc [2006/11/02 06:34:14 | 00,000,000 | ---D | M]
SRV - (Nero BackItUp Scheduler 3 [Disabled | Stopped]) -- C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe (Nero AG)
SRV - (Netlogon [On_Demand | Stopped]) -- C:\Windows\SysWow64\netlogon.dll (Microsoft Corporation)
SRV - (NMIndexingService [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe (Nero AG)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (PLFlash DeviceIoControl Service [Disabled | Stopped]) -- C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.)
SRV - (PnkBstrA [Auto | Running]) -- C:\Windows\SysWow64\PnkBstrA.exe ()
SRV - (SBSDWSCService [Auto | Running]) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (Sound Blaster X-Fi MB Licensing Service [Disabled | Stopped]) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe (Creative Labs)
SRV - (vds [On_Demand | Stopped]) -- C:\Windows\SysWow64\Wbem\vds.mof ()
SRV - (VSS [On_Demand | Stopped]) -- C:\Windows\SysWow64\Wbem\vss.mof ()
SRV - (WebrootSpySweeperService [Auto | Running]) -- C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe (Webroot Software, Inc. (www.webroot.com))
SRV - (WRConsumerService [Auto | Running]) -- C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe (Webroot Software, Inc. )
SRV:64bit: - (AEADIFilters [Disabled | Stopped]) -- C:\Windows\SysNative\AEADISRV.EXE (Andrea Electronics Corporation)
SRV:64bit: - (AMD External Events Utility [Auto | Running]) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt [On_Demand | Stopped]) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (CscService [Auto | Running]) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (Fax [On_Demand | Stopped]) -- C:\Windows\SysNative\fxssvc.exe (Microsoft Corporation)
SRV:64bit: - (FLEXnet Licensing Service 64 [Disabled | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV:64bit: - (iPod Service [On_Demand | Stopped]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV:64bit: - (LVPrcS64 [Auto | Running]) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV:64bit: - (MsMpSvc [Auto | Running]) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (UmRdpService [On_Demand | Stopped]) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (wbengine [On_Demand | Stopped]) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend [Auto | Stopped]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (adfs [Auto | Running]) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (AsIO [System | Running]) -- C:\Windows\SysWow64\drivers\AsIO.sys ()
DRV - (atillk64 [On_Demand | Stopped]) -- C:\Program Files (x86)\ATI Technologies\AMD GPU Clock Tool\atillk64.sys (ATI Technologies Inc.)
DRV - (CSC [System | Running]) -- C:\Windows\CSC [2009/08/02 17:24:44 | 00,000,000 | ---D | M]
DRV - (mcdbus [On_Demand | Running]) -- C:\Windows\SysWow64\DRIVERS\mcdbus.sys (MagicISO, Inc.)
DRV - (mpsdrv [On_Demand | Running]) -- C:\Windows\SysWow64\Wbem\mpsdrv.mof ()
DRV - (Partizan [Boot | Stopped]) -- C:\Windows\SysWow64\Partizan.RRI ()
DRV - (pwipf6 [System | Running]) -- C:\Windows\SysWow64\DRIVERS\pwipf6.sys (Privacyware/PWI, Inc.)
DRV - (RegGuard [On_Demand | Stopped]) -- C:\Windows\SysWow64\Drivers\regguard.sys (Greatis Software)
DRV - (RivaTuner64 [On_Demand | Stopped]) -- C:\Program Files (x86)\RivaTuner v2.24\RivaTuner64.sys ()
DRV - (Tcpip [Boot | Running]) -- C:\Windows\SysWow64\Wbem\tcpip.mof ()
DRV:64bit: - (adfs [Auto | Running]) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.)
DRV:64bit: - (ADIHdAudAddService [On_Demand | Running]) -- C:\Windows\SysNative\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV:64bit: - (AmdLLD64 [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\AmdLLD64.sys (Advanced Micro Devices)
DRV:64bit: - (AmdTools [System | Stopped]) -- C:\Windows\SysNative\DRIVERS\AmdTools64.sys (AMD, Inc.)
DRV:64bit: - (AtiHdmiService [On_Demand | Running]) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (atikmdag [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (AtiPcie [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys (ATI Technologies Inc.)
DRV:64bit: - (CSC [System | Running]) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (fvevol [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\fvevol.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (HdAudAddService [On_Demand | Stopped]) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)
DRV:64bit: - (Lbd [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\Lbd.sys (Lavasoft AB)
DRV:64bit: - (LVPr2M64 [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys ()
DRV:64bit: - (LVPr2Mon [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys ()
DRV:64bit: - (mcdbus [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\mcdbus.sys (MagicISO, Inc.)
DRV:64bit: - (MpFilter [System | Running]) -- C:\Windows\SysNative\DRIVERS\MpFilter.sys (Microsoft Corporation)
DRV:64bit: - (MpNWMon [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\MpNWMon.sys (Microsoft Corporation)
DRV:64bit: - (MTsensor [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\ASACPI.sys ()
DRV:64bit: - (PID_0928 [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\LV561V64.SYS (Logitech Inc.)
DRV:64bit: - (pwipf6 [System | Running]) -- C:\Windows\SysNative\DRIVERS\pwipf6.sys (Privacyware/PWI, Inc.)
DRV:64bit: - (PxHlpa64 [Boot | Running]) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (RTL8169 [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek )
DRV:64bit: - (sptd [Boot | Running]) -- C:\Windows\SysNative\Drivers\sptd.sys ()
DRV:64bit: - (ssfs0bbc [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\ssfs0bbc.sys (Webroot Software, Inc. (www.webroot.com))
DRV:64bit: - (ssidrv [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\ssidrv.sys (Webroot Software, Inc. (www.webroot.com))
DRV:64bit: - (StarPortLite [System | Running]) -- C:\Windows\SysNative\DRIVERS\StarPortLite.sys (Rocket Division Software)
DRV:64bit: - (WpdUsb [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/config/login_verify2?&.src=ym
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Sky Web Search"
FF - prefs.js..browser.search.selectedEngine: "Sky Web Search"
FF - prefs.js..browser.startup.homepage: " "
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/03 12:48:32 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009/09/30 22:19:50 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009/10/14 12:40:10 | 00,000,000 | ---D | M]

[2009/08/08 09:45:48 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\mozilla\Extensions
[2009/08/08 09:45:48 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/10/22 08:02:46 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\mozilla\Firefox\Profiles\kwgeslrt.default\ extensions
[2009/09/23 13:54:59 | 00,000,000 | ---D | M] -- C:\Users\Desktop\AppData\Roaming\mozilla\Firefox\Profiles\kwgeslrt.default\ extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/10/19 18:25:46 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2009/09/30 22:19:50 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/08/21 12:10:23 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009/08/24 13:15:25 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browserdirprovider.dll
[2009/08/24 13:15:26 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\brwsrcmp.dll
[2009/07/13 17:16:26 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\mozilla firefox\plugins\libdivx.dll
[2009/08/21 12:10:15 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeploytk.dll
[2009/07/13 17:15:48 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdivx32.dll
[2009/07/13 17:15:58 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2009/08/24 13:15:27 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll
[2009/02/27 13:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll
[2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll
[2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll
[2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll
[2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll
[2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll
[2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll
[2009/09/09 13:45:39 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll
[2009/07/13 17:16:26 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\mozilla firefox\plugins\ssldivx.dll
[2009/08/24 11:45:46 | 00,001,394 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom.xml
[2009/08/24 11:45:46 | 00,002,193 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml
[2009/08/24 11:45:46 | 00,001,534 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml
[2009/08/24 11:45:46 | 00,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay.xml
[2009/08/24 11:45:46 | 00,002,371 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2009/08/24 11:45:46 | 00,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia.xml
[2009/08/24 11:45:46 | 00,000,792 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo.xml

miller330i · 22-Oct-2009, 11:29 PM #9

O1 HOSTS File: (794 bytes) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg64.dll (Google Inc.)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS4\contributeieplugin.dll (Adobe Systems Incorporated.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS4\contributeieplugin.dll (Adobe Systems Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [SpySweeper] C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeperUI.exe (Webroot Software, Inc.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboa rd\ExceptionFormats: CF_DIBV5 = 17
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_674125AABFE11C21.dll (Google Inc.)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_674125AABFE11C21.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\NLAapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\napinsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWow64\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWow64\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWow64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWow64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWow64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.76.182 68.87.78.134
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\msvidctl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\msvidctl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWow64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWow64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWow64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - application/octet-stream - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - application/x-complus - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - application/x-msdownload - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - deflate - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - gzip - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/octet-stream - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-complus - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-msdownload - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\SysNative\shell32.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\SysNative\sysdm.cpl (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\SysWow64\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\SysWow64\sysdm.cpl (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysNative\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)
O22:64bit: - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\SysNative\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\SysWow64\browseui.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {F552DDE6-2090-4bf4-B924-6141E87789A5} - Reg Error: Key error. File not found
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/30 15:36:56 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/10/29 10:18:56 | 00,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/06/25 06:29:25 | 00,000,045 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{71927353-afab-11de-b56d-002618359de8}\Shell - "" = AutoRun
O33 - MountPoints2\{71927353-afab-11de-b56d-002618359de8}\Shell\AutoRun\command - "" = F:\Startup.exe -- [2007/05/07 03:15:11 | 01,705,336 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

emeraldnzl · 23-Oct-2009, 12:27 AM **#10**

Hello again miller330i,

Question: Did you choose to use Sky Web Search as your default browser? Tell me when you come back.

Meantime

It is a pretty big download at 28mb's but is very useful at detecting\cleaning rootkits or whatever it finds.

Please click here to download AVP Tool by Kaspersky.

Save it to your desktop.
Reboot your computer into SafeMode.

You can do this by restarting your computer and continually tapping the F8 key until a menu appears.
Use your up arrow key to highlight SafeMode then hit enter.
Double click the setup file to run it.
Click Next to continue.
It will by default install it to your desktop folder.Click Next.
Hit ok at the prompt for scanning in Safe Mode.
It will then open a box There will be a tab that says Automatic scan.
Under Automatic scan make sure these are checked.

System Memory

Startup Objects

Disk Boot Sectors.

My Computer.

Also any other drives (Removable that you may have)

After that click on Security level then choose Customize then click on the tab that says Heuristic Analyzer then choose Enable Deep rootkit search then choose ok.
Then choose OK again then you are back to the main screen.

Then click on Scan at the to right hand Corner.
It will automatically Neutralize any objects found.
If some objects are left un-neutralized then click the button that says Neutralize all
If it says it cannot be Neutralized then chooose The delete option when prompted.
After that is done click on the reports button at the bottom and save it to file, name it Kas.
Save it somewhere convenient like your desktop and just post only the detected Virus\malware in the report it will be at the very top under Detected post those results in your next reply.

Note: This tool will self uninstall when you close it so please save the log before closing it.

miller330i · 23-Oct-2009, 01:46 AM **#11**

*Sky Web Search* I have no idea what that is, it justs opens to yahoo mail when i click on explorer. I also use firefox. When firefox opens, it is just blank. The homepage for exploere is yahoo and it says so in the tools section. Downloading what you recomended bow and also doing a Panda scan. At 26% it is showing 5 infected files. When i run the others nothing shows up. Thanks for the help! How do i get rid of SKY WEB SEARCH? Jeffrey

emeraldnzl · 23-Oct-2009, 02:46 AM **#12**

Quote:

How do i get rid of SKY WEB SEARCH? Jeffrey

We will deal with that after the Kaspersky AVP scan.

Quote:

also doing a Panda scan

Let's just carry out the things I have told you. Other things can get in the way and mislead us. Having said that you may as well post the results.

Go on with the Kaspersky one though. It is better designed for your machine.

miller330i · 23-Oct-2009, 02:51 PM **#13**

Scan
----
Scanned: 3733687
Detected: 16
Untreated: 0
Start time: 10/22/2009 10:06:26 PM
Duration: 09:53:46
Finish time: 10/23/2009 8:00:12 AM

Detected
--------
Status Object
------ ------
deleted: Trojan program Packed.Win32.Black.a File: C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{0BB51A05-ADA5-78A3-EEBF-22F9ABE5B8BF}-keymaker.exe//PE-Crypt.XorPE
deleted: Trojan program Packed.Win32.Krap.ag File: C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{10A5CE66-BDBF-1246-4F33-C99B3A7C9AAA}-msa.exe//PE-Crypt.XorPE
deleted: Trojan program Packed.Win32.Krap.ag File: C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{1CD4ACB7-3F1C-7F0B-7CC0-846423BEBE1C}-msa.exe//PE-Crypt.XorPE
deleted: Trojan program Packed.Win32.Krap.ag File: C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{237D92F5-3BA5-B805-8AC9-2E56D7EC9968}-msa.exe//PE-Crypt.XorPE
deleted: Trojan program Packed.Win32.Krap.ag File: C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{2D0498E8-0038-DE76-1EE6-15717366B211}-msa.exe//PE-Crypt.XorPE
deleted: Trojan program Packed.Win32.Krap.ag File: C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{2FC2514E-79F9-E95E-E309-CF7EC6A854CD}-msa.exe//PE-Crypt.XorPE
deleted: Trojan program Packed.Win32.Krap.ag File: C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{34C15DE0-CA4A-E5AF-F753-164D5625D67D}-msa.exe//PE-Crypt.XorPE
deleted: Trojan program Packed.Win32.Krap.ag File: C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{62A2B143-C1D6-50BA-8193-6BDC8FD3D860}-msa.exe//PE-Crypt.XorPE
deleted: Trojan program Packed.Win32.Krap.ag File: C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{6FBF14CE-90F8-246E-1C1F-C9271F26EAEC}-msa.exe//PE-Crypt.XorPE
deleted: Trojan program Packed.Win32.Krap.ag File: C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{810C4545-D94C-3E63-6EE3-D232E131D061}-msa.exe//PE-Crypt.XorPE
deleted: Trojan program Packed.Win32.Krap.ag File: C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{99DE39A1-3B3B-BA43-0B74-2862D1C17BD3}-msa.exe//PE-Crypt.XorPE
deleted: Trojan program Packed.Win32.Krap.ag File: C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{EBE97D09-08A7-FBFB-39CC-C6532239686B}-msa.exe//PE-Crypt.XorPE
deleted: Trojan program Packed.Win32.Krap.ag File: C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{EC619B8C-DFF1-6762-0BDE-1430B65E5B6C}-msa.exe//PE-Crypt.XorPE
deleted: Trojan program Packed.Win32.Krap.ag File: C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{EE004E8D-8656-E4A3-5ED0-E5C817F8A0CC}-msa.exe//PE-Crypt.XorPE
deleted: Trojan program Packed.Win32.Krap.ag File: C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{F95D12D2-5609-56CB-D0E3-227EB89804B2}-msa.exe//PE-Crypt.XorPE
deleted: Trojan program Trojan.Win32.Buzus.ccdm File: E:\cod\CompanyOfHeroesv2.600ANDCompanyOfHeroesOpposingFrontsv2.600ANDCompan YOfHeroesTalesOfValorv2.600Trainer.zip/Company of Heroes Promo Trainer.exe

Events
------
Time Name Status Reason
---- ---- ------ ------
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\WRConsumerService.exe ok scanned
10/22/2009 10:06:32 PM File: C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\ntdll.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\SysWOW64\ntdll.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\kernel32.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\syswow64\kernel32.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\SETUPAPI.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\syswow64\SETUPAPI.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\msvcrt.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\syswow64\msvcrt.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\ADVAPI32.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\syswow64\ADVAPI32.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\RPCRT4.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\syswow64\RPCRT4.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\Secur32.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\syswow64\Secur32.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\GDI32.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\syswow64\GDI32.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\USER32.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\syswow64\USER32.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\OLEAUT32.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\syswow64\OLEAUT32.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\ole32.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\syswow64\ole32.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\iphlpapi.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\iphlpapi.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\dhcpcsvc.DLL ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\dhcpcsvc.DLL ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\DNSAPI.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\DNSAPI.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\WS2_32.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\syswow64\WS2_32.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\NSI.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\syswow64\NSI.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\WINNSI.DLL ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\WINNSI.DLL ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\dhcpcsvc6.DLL ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\dhcpcsvc6.DLL ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\WTSAPI32.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\WTSAPI32.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\SHELL32.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\syswow64\SHELL32.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\SHLWAPI.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\syswow64\SHLWAPI.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\MSVCR80.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4016_no ne_d0893820442e7fe4\MSVCR80.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\dbghelp.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Program Files (x86)\Webroot\WebrootSecurity\dbghelp.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\MSVCP80.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4016_no ne_d0893820442e7fe4\MSVCP80.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\USERENV.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\USERENV.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\WINHTTP.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\WINHTTP.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\VERSION.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\VERSION.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\WININET.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\syswow64\WININET.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\Normaliz.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\syswow64\Normaliz.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\iertutil.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\syswow64\iertutil.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\IMM32.DLL ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\IMM32.DLL ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\MSCTF.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\syswow64\MSCTF.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\LPK.DLL ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\syswow64\LPK.DLL ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\USP10.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\syswow64\USP10.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\comctl32.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\PROPSYS.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\PROPSYS.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\apphelp.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\apphelp.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\CLBCatQ.DLL ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\syswow64\CLBCatQ.DLL ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\PSAPI.DLL ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\syswow64\PSAPI.DLL ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\urlmon.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\SysWOW64\urlmon.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\NTMARTA.DLL ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\NTMARTA.DLL ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\WLDAP32.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\syswow64\WLDAP32.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\SAMLIB.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\SAMLIB.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\WINSTA.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\WINSTA.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\rasadhlp.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\rasadhlp.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\wbemprox.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\wbem\wbemprox.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\wbemcomn.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\wbemcomn.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\rsaenh.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\rsaenh.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\wscisvif.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\wscisvif.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\WSCAPI.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\WSCAPI.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\wscproxystub.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\wscproxystub.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\wbemsvc.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\wbem\wbemsvc.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\fastprox.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\wbem\fastprox.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\NTDSAPI.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\NTDSAPI.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\NETAPI32.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\NETAPI32.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\wmiutils.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\wbem\wmiutils.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\WmiPerfInst.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\SysWOW64\wbem\WmiPerfInst.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\pdh.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\pdh.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\perfproc.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\system32\perfproc.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\capicom.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\SysWow64\capicom.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\MSSIGN32.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\SysWow64\MSSIGN32.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\CRYPT32.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\SysWow64\CRYPT32.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\MSASN1.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\SysWow64\MSASN1.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\WINTRUST.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\SysWow64\WINTRUST.dll ok scanned
10/22/2009 10:06:32 PM Running module: WRConsumerService.exe\imagehlp.dll ok scanned
10/22/2009 10:06:32 PM File: C:\Windows\syswow64\imagehlp.dll ok scanned
10/22/2009 10:06:32 PM Running module: AAWService.exe\AAWService.exe ok scanned
10/22/2009 10:06:33 PM File: C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\ntdll.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\SysWOW64\ntdll.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\kernel32.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\syswow64\kernel32.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\ADVAPI32.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\syswow64\ADVAPI32.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\RPCRT4.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\syswow64\RPCRT4.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\Secur32.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\syswow64\Secur32.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\PSAPI.DLL ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\syswow64\PSAPI.DLL ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\USERENV.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\system32\USERENV.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\msvcrt.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\syswow64\msvcrt.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\USER32.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\syswow64\USER32.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\GDI32.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\syswow64\GDI32.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\VERSION.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\system32\VERSION.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\RPAPI.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Program Files (x86)\Lavasoft\Ad-Aware\RPAPI.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\SHELL32.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\syswow64\SHELL32.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\SHLWAPI.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\syswow64\SHLWAPI.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\MSVCP90.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_ e163563597edeada\MSVCP90.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\MSVCR90.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_ e163563597edeada\MSVCR90.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\CRYPT32.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\system32\CRYPT32.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\MSASN1.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\system32\MSASN1.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\WINTRUST.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\system32\WINTRUST.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\imagehlp.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\syswow64\imagehlp.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\FLTLIB.DLL ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\system32\FLTLIB.DLL ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\ole32.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\syswow64\ole32.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\OLEAUT32.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\syswow64\OLEAUT32.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\WININET.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\syswow64\WININET.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\Normaliz.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\syswow64\Normaliz.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\iertutil.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\syswow64\iertutil.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\IMM32.DLL ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\system32\IMM32.DLL ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\MSCTF.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\syswow64\MSCTF.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\LPK.DLL ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\syswow64\LPK.DLL ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\USP10.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\syswow64\USP10.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\comctl32.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\Resources.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Program Files (x86)\Lavasoft\Ad-Aware\Resources.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\NTMARTA.DLL ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\system32\NTMARTA.DLL ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\WLDAP32.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\syswow64\WLDAP32.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\WS2_32.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\syswow64\WS2_32.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\NSI.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\syswow64\NSI.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\SAMLIB.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\system32\SAMLIB.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\WINSTA.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\system32\WINSTA.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\CLBCatQ.DLL ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\syswow64\CLBCatQ.DLL ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\taskschd.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\SysWOW64\taskschd.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\XmlLite.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\SysWOW64\XmlLite.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\mstask.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\System32\mstask.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\NTDSAPI.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\System32\NTDSAPI.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\DNSAPI.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\System32\DNSAPI.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\NETAPI32.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\System32\NETAPI32.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\COMDLG32.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\syswow64\COMDLG32.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\lavalicense.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Program Files (x86)\Lavasoft\Ad-Aware\lavalicense.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\rsaenh.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\SysWOW64\rsaenh.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\wbemprox.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\system32\wbem\wbemprox.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\wbemcomn.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\SysWOW64\wbemcomn.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\wbemsvc.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\system32\wbem\wbemsvc.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\fastprox.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\system32\wbem\fastprox.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\ceapi.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Program Files (x86)\Lavasoft\Ad-Aware\ceapi.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\lavamessage.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Program Files (x86)\Lavasoft\Ad-Aware\lavamessage.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\ncrypt.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\SysWOW64\ncrypt.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\BCRYPT.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\system32\BCRYPT.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\GPAPI.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\SysWOW64\GPAPI.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\slc.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\SysWOW64\slc.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\cryptnet.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\SysWOW64\cryptnet.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\SensApi.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\SysWOW64\SensApi.dll ok scanned
10/22/2009 10:06:33 PM Running module: AAWService.exe\Cabinet.dll ok scanned
10/22/2009 10:06:33 PM File: C:\Windows\SysWOW64\Cabinet.dll ok scanned

miller330i · 23-Oct-2009, 03:00 PM **#14**

10/22/2009 10:06:34 PM File: C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll ok scanned
10/22/2009 10:06:34 PM Running module: WmiPrvSE.exe\perfcounter.dll ok scanned
10/22/2009 10:06:34 PM File: C:\Windows\Microsoft.NET\Framework\v2.0.50727\perfcounter.dll ok scanned
10/22/2009 10:06:34 PM Running module: WmiPrvSE.exe\MSVCR80.dll ok scanned
10/22/2009 10:06:34 PM File: C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4016_no ne_d0893820442e7fe4\MSVCR80.dll ok scanned
10/22/2009 10:06:34 PM Running module: WmiPrvSE.exe\mscorwks.dll ok scanned
10/22/2009 10:06:34 PM File: C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll ok scanned
10/22/2009 10:06:34 PM Running module: WmiPrvSE.exe\CorperfmonExt.dll ok scanned
10/22/2009 10:06:34 PM File: C:\Windows\Microsoft.NET\Framework\v2.0.50727\CorperfmonExt.dll ok scanned
10/22/2009 10:06:34 PM Running module: WmiPrvSE.exe\esentprf.dll ok scanned
10/22/2009 10:06:34 PM File: C:\Windows\system32\esentprf.dll ok scanned
10/22/2009 10:06:34 PM Running module: WmiPrvSE.exe\msdtcuiu.DLL ok scanned
10/22/2009 10:06:34 PM File: C:\Windows\system32\msdtcuiu.DLL ok scanned
10/22/2009 10:06:34 PM Running module: WmiPrvSE.exe\ATL.DLL ok scanned
10/22/2009 10:06:34 PM File: C:\Windows\system32\ATL.DLL ok scanned
10/22/2009 10:06:34 PM Running module: WmiPrvSE.exe\MSDTCPRX.dll ok scanned
10/22/2009 10:06:34 PM File: C:\Windows\system32\MSDTCPRX.dll ok scanned
10/22/2009 10:06:34 PM Running module: WmiPrvSE.exe\MTXCLU.DLL ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\MTXCLU.DLL ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\CLUSAPI.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\CLUSAPI.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\cryptdll.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\cryptdll.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\ACTIVEDS.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\ACTIVEDS.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\adsldpc.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\adsldpc.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\credui.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\credui.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\SHELL32.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\syswow64\SHELL32.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\RESUTILS.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\RESUTILS.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\USERENV.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\USERENV.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\VERSION.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\VERSION.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\bcrypt.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\bcrypt.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\ktmw32.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\ktmw32.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\msscntrs.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\msscntrs.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\perfdisk.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\perfdisk.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\perfnet.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\perfnet.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\perfos.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\perfos.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\perfproc.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\perfproc.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\pacerprf.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\pacerprf.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\TRAFFIC.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\TRAFFIC.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\IPHLPAPI.DLL ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\IPHLPAPI.DLL ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\dhcpcsvc.DLL ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\dhcpcsvc.DLL ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\WINNSI.DLL ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\WINNSI.DLL ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\dhcpcsvc6.DLL ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\dhcpcsvc6.DLL ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\rasctrs.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\rasctrs.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\rasman.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\rasman.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\winspool.drv ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\winspool.drv ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\tapiperf.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\tapiperf.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\Perfctrs.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\Perfctrs.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\perfts.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\perfts.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\WINSTA.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\WINSTA.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\UTILDLL.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\UTILDLL.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\SETUPAPI.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\syswow64\SETUPAPI.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\usbperf.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\usbperf.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\tquery.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\tquery.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\PROPSYS.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\PROPSYS.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\WINTRUST.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\WINTRUST.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\CRYPT32.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\CRYPT32.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\MSASN1.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\MSASN1.dll ok scanned
10/22/2009 10:06:35 PM Running module: WmiPrvSE.exe\imagehlp.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\syswow64\imagehlp.dll ok scanned
10/22/2009 10:06:35 PM Running module: AAWWSC.exe\AAWWSC.exe ok scanned
10/22/2009 10:06:35 PM File: C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWWSC.exe ok scanned
10/22/2009 10:06:35 PM Running module: AAWWSC.exe\ntdll.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\SysWOW64\ntdll.dll ok scanned
10/22/2009 10:06:35 PM Running module: AAWWSC.exe\kernel32.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\syswow64\kernel32.dll ok scanned
10/22/2009 10:06:35 PM Running module: AAWWSC.exe\SHELL32.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\syswow64\SHELL32.dll ok scanned
10/22/2009 10:06:35 PM Running module: AAWWSC.exe\msvcrt.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\syswow64\msvcrt.dll ok scanned
10/22/2009 10:06:35 PM Running module: AAWWSC.exe\GDI32.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\syswow64\GDI32.dll ok scanned
10/22/2009 10:06:35 PM Running module: AAWWSC.exe\USER32.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\syswow64\USER32.dll ok scanned
10/22/2009 10:06:35 PM Running module: AAWWSC.exe\ADVAPI32.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\syswow64\ADVAPI32.dll ok scanned
10/22/2009 10:06:35 PM Running module: AAWWSC.exe\RPCRT4.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\syswow64\RPCRT4.dll ok scanned
10/22/2009 10:06:35 PM Running module: AAWWSC.exe\Secur32.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\syswow64\Secur32.dll ok scanned
10/22/2009 10:06:35 PM Running module: AAWWSC.exe\SHLWAPI.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\syswow64\SHLWAPI.dll ok scanned
10/22/2009 10:06:35 PM Running module: AAWWSC.exe\ole32.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\syswow64\ole32.dll ok scanned
10/22/2009 10:06:35 PM Running module: AAWWSC.exe\MSVCP90.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_ e163563597edeada\MSVCP90.dll ok scanned
10/22/2009 10:06:35 PM Running module: AAWWSC.exe\MSVCR90.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_ e163563597edeada\MSVCR90.dll ok scanned
10/22/2009 10:06:35 PM Running module: AAWWSC.exe\PSAPI.DLL ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\syswow64\PSAPI.DLL ok scanned
10/22/2009 10:06:35 PM Running module: AAWWSC.exe\OLEAUT32.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\syswow64\OLEAUT32.dll ok scanned
10/22/2009 10:06:35 PM Running module: AAWWSC.exe\IMM32.DLL ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\system32\IMM32.DLL ok scanned
10/22/2009 10:06:35 PM Running module: AAWWSC.exe\MSCTF.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\syswow64\MSCTF.dll ok scanned
10/22/2009 10:06:35 PM Running module: AAWWSC.exe\LPK.DLL ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\syswow64\LPK.DLL ok scanned
10/22/2009 10:06:35 PM Running module: AAWWSC.exe\USP10.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\syswow64\USP10.dll ok scanned
10/22/2009 10:06:35 PM Running module: AAWWSC.exe\comctl32.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll ok scanned
10/22/2009 10:06:35 PM Running module: AAWWSC.exe\Resources.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Program Files (x86)\Lavasoft\Ad-Aware\Resources.dll ok scanned
10/22/2009 10:06:35 PM Running module: AAWWSC.exe\WSCUpdate.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Program Files (x86)\Lavasoft\Ad-Aware\WSCUpdate.dll ok scanned
10/22/2009 10:06:35 PM Running module: AAWTray.exe\AAWTray.exe ok scanned
10/22/2009 10:06:35 PM File: C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe ok scanned
10/22/2009 10:06:35 PM Running module: AAWTray.exe\ntdll.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\SysWOW64\ntdll.dll ok scanned
10/22/2009 10:06:35 PM Running module: AAWTray.exe\kernel32.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\syswow64\kernel32.dll ok scanned
10/22/2009 10:06:35 PM Running module: AAWTray.exe\USER32.dll ok scanned
10/22/2009 10:06:35 PM File: C:\Windows\syswow64\USER32.dll ok scanned
10/22/2009 10:06:35 PM Running module: AAWTray.exe\GDI32.dll ok scanned
10/22/2009 10:06:36 PM File: C:\Windows\syswow64\GDI32.dll ok scanned
10/22/2009 10:06:36 PM Running module: AAWTray.exe\ADVAPI32.dll ok scanned
10/22/2009 10:06:36 PM File: C:\Windows\syswow64\ADVAPI32.dll ok scanned
10/22/2009 10:06:36 PM Running module: AAWTray.exe\RPCRT4.dll ok scanned
10/22/2009 10:06:36 PM File: C:\Windows\syswow64\RPCRT4.dll ok scanned
10/22/2009 10:06:36 PM Running module: AAWTray.exe\Secur32.dll ok scanned
10/22/2009 10:06:36 PM File: C:\Windows\syswow64\Secur32.dll ok scanned
10/22/2009 10:06:36 PM Running module: AAWTray.exe\SHELL32.dll ok scanned
10/22/2009 10:06:36 PM File: C:\Windows\syswow64\SHELL32.dll ok scanned
10/22/2009 10:06:36 PM Running module: AAWTray.exe\msvcrt.dll ok scanned
10/22/2009 10:06:36 PM File: C:\Windows\syswow64\msvcrt.dll ok scanned
10/22/2009 10:06:36 PM Running module: AAWTray.exe\SHLWAPI.dll ok scanned
10/22/2009 10:06:36 PM File: C:\Windows\syswow64\SHLWAPI.dll ok scanned
10/22/2009 10:06:36 PM Running module: AAWTray.exe\MSVCP90.dll ok scanned
10/22/2009 10:06:36 PM File: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_ e163563597edeada\MSVCP90.dll ok scanned
10/22/2009 10:06:36 PM Running module: AAWTray.exe\MSVCR90.dll ok scanned
10/22/2009 10:06:36 PM File: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_ e163563597edeada\MSVCR90.dll ok scanned
10/22/2009 10:06:36 PM Running module: AAWTray.exe\PSAPI.DLL ok scanned
10/22/2009 10:06:36 PM File: C:\Windows\syswow64\PSAPI.DLL ok scanned
10/22/2009 10:06:36 PM Running module: AAWTray.exe\IMM32.DLL ok scanned
10/22/2009 10:06:36 PM File: C:\Windows\system32\IMM32.DLL ok scanned
10/22/2009 10:06:36 PM Running module: AAWTray.exe\MSCTF.dll ok scanned
10/22/2009 10:06:36 PM File: C:\Windows\syswow64\MSCTF.dll ok scanned
10/22/2009 10:06:36 PM Running module: AAWTray.exe\LPK.DLL ok scanned
10/22/2009 10:06:36 PM File: C:\Windows\syswow64\LPK.DLL ok scanned
10/22/2009 10:06:36 PM Running module: AAWTray.exe\USP10.dll ok scanned
10/22/2009 10:06:36 PM File: C:\Windows\syswow64\USP10.dll ok scanned
10/22/2009 10:06:36 PM Running module: AAWTray.exe\comctl32.dll ok scanned
10/22/2009 10:06:36 PM File: C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll ok scanned
10/22/2009 10:06:36 PM Running module: AAWTray.exe\Resources.dll ok scanned
10/22/2009 10:06:36 PM File: C:\Program Files (x86)\Lavasoft\Ad-Aware\Resources.dll ok scanned
10/22/2009 10:06:36 PM Running module: AAWTray.exe\ole32.dll ok scanned
10/22/2009 10:06:36 PM File: C:\Windows\syswow64\ole32.dll ok scanned
10/22/2009 10:06:36 PM Running module: AAWTray.exe\USERENV.dll ok scanned
10/22/2009 10:06:36 PM File: C:\Windows\system32\USERENV.dll ok scanned
10/22/2009 10:06:36 PM File: c:\windows\system32\cmd.exe ok scanned
10/22/2009 10:06:36 PM File: c:\windows\syswow64\mshta.exe ok scanned
10/22/2009 10:06:36 PM File: c:\windows\system32\notepad.exe ok scanned
10/22/2009 10:06:36 PM File: c:\windows\regedit.exe ok scanned
10/22/2009 10:06:36 PM File: C:\Windows\regedit.exe ok scanned
10/22/2009 10:06:36 PM File: c:\program files (x86)\adobe\acrobat 9.0\acrobat\acrobat.exe ok scanned
10/22/2009 10:06:36 PM File: c:\program files (x86)\adobe\adobe premiere pro cs4\adobe premiere pro.exe ok scanned
10/22/2009 10:06:36 PM File: c:\program files (x86)\windows media player\wmplayer.exe ok scanned
10/22/2009 10:06:36 PM File: c:\program files (x86)\adobe\adobe media encoder cs4\adobe media encoder.exe ok scanned
10/22/2009 10:06:37 PM File: c:\windows\system32\rundll32.exe ok scanned
10/22/2009 10:06:37 PM File: c:\windows\system32\cryptext.dll ok scanned
10/22/2009 10:06:37 PM File: C:\Windows\system32\cryptext.dll ok scanned
10/22/2009 10:06:37 PM File: c:\program files (x86)\windows mail\wab.exe ok scanned
10/22/2009 10:06:37 PM File: c:\program files (x86)\creative\mediasource5\ctcmsu.exe//# ok scanned
10/22/2009 10:06:37 PM File: c:\program files (x86)\creative\mediasource5\ctcmsu.exe ok scanned
10/22/2009 10:06:38 PM File: c:\program files (x86)\adobe\adobe contribute cs4\contribute.exe ok scanned
10/22/2009 10:06:38 PM File: c:\program files (x86)\vso\convertx\3\convertxtodvd.exe ok scanned
10/22/2009 10:06:38 PM File: c:\progra~2\damnnf~1\damnnf~1.exe packed file ASPack
10/22/2009 10:06:39 PM File: c:\progra~2\damnnf~1\damnnf~1.exe//ASPack ok scanned
10/22/2009 10:06:39 PM File: c:\progra~2\damnnf~1\damnnf~1.exe ok scanned
10/22/2009 10:06:39 PM File: c:\program files (x86)\divx\divx player\divx player.exe packed file PE_Patch.PECompact
10/22/2009 10:06:39 PM File: c:\program files (x86)\divx\divx player\divx player.exe//PE_Patch.PECompact packed file PecBundle
10/22/2009 10:06:39 PM File: c:\program files (x86)\divx\divx player\divx player.exe//PE_Patch.PECompact//PecBundle packed file PECompact
10/22/2009 10:06:39 PM File: c:\program files (x86)\divx\divx player\divx player.exe//PE_Patch.PECompact//PecBundle//PECompact ok scanned
10/22/2009 10:06:39 PM File: c:\program files (x86)\divx\divx player\divx player.exe//PE_Patch.PECompact//PecBundle ok scanned
10/22/2009 10:06:39 PM File: c:\program files (x86)\divx\divx player\divx player.exe//PE_Patch.PECompact ok scanned
10/22/2009 10:06:39 PM File: c:\program files (x86)\divx\divx player\divx player.exe ok scanned
10/22/2009 10:06:39 PM File: c:\program files (x86)\download manager\dlm.exe ok scanned
10/22/2009 10:06:39 PM File: c:\windows\system32\mspaint.exe ok scanned
10/22/2009 10:06:39 PM File: c:\windows\explorer.exe ok scanned
10/22/2009 10:06:39 PM File: c:\windows\system32\fontview.exe ok scanned
10/22/2009 10:06:39 PM File: c:\program files (x86)\internet explorer\iexplore.exe ok scanned
10/22/2009 10:06:39 PM File: c:\windows\winhlp32.exe ok scanned
10/22/2009 10:06:40 PM File: c:\program files (x86)\windows photo gallery\photoviewer.dll ok scanned
10/22/2009 10:06:40 PM File: c:\program files (x86)\java\jre6\bin\javaw.exe ok scanned
10/22/2009 10:06:40 PM File: c:\program files (x86)\java\jre6\bin\javaws.exe ok scanned
10/22/2009 10:06:40 PM File: c:\windows\system32\wscript.exe ok scanned
10/22/2009 10:06:40 PM File: c:\program files (x86)\adobe\adobe utilities\extendscript toolkit cs4\extendscript toolkit.exe ok scanned
10/22/2009 10:06:41 PM File: c:\program files (x86)\mediamonkey\mediamonkey.exe ok scanned
10/22/2009 10:06:42 PM File: c:\program files (x86)\adobe\adobe after effects cs4\mocha\bin\mocha for after effects.exe ok scanned
10/22/2009 10:06:42 PM File: c:\windows\system32\mmc.exe ok scanned
10/22/2009 10:06:42 PM File: c:\windows\system32\msinfo32.exe ok scanned
10/22/2009 10:06:42 PM File: c:\windows\system32\shell32.dll ok scanned
10/22/2009 10:06:42 PM File: c:\windows\system32\desk.cpl ok scanned
10/22/2009 10:06:42 PM File: c:\windows\system32\rasphone.exe ok scanned
10/22/2009 10:06:42 PM File: c:\windows\system32\perfmon.msc ok scanned
10/22/2009 10:06:44 PM File: c:\program files\adobe\adobe photoshop cs4 (64 bit)\photoshop.exe ok scanned
10/22/2009 10:06:44 PM File: c:\windows\system32\msrating.dll ok scanned
10/22/2009 10:06:44 PM File: C:\Windows\system32\rundll32.exe ok scanned
10/22/2009 10:06:44 PM File: C:\Windows\system32\msrating.dll ok scanned
10/22/2009 10:06:44 PM File: c:\program files (x86)\windows nt\accessories\wordpad.exe ok scanned
10/22/2009 10:06:44 PM File: c:\windows\syswow64\notepad.exe ok scanned
10/22/2009 10:06:44 PM File: c:\program files (x86)\spybot - search & destroy\blindman.exe ok scanned
10/22/2009 10:06:45 PM File: c:\program files (x86)\spybot - search & destroy\spybotsd.exe ok scanned
10/22/2009 10:06:45 PM File: c:\windows\system32\wpnpinst.exe ok scanned
10/22/2009 10:06:46 PM File: c:\progra~2\winzip\winzip32.exe ok scanned
10/22/2009 10:06:46 PM File: c:\progra~2\micros~1\office11\wordview.exe ok scanned
10/22/2009 10:06:46 PM File: c:\windows\system32\eventvwr.exe ok scanned
10/22/2009 10:06:47 PM File: c:\windows\system32\migwiz\migwiz.exe ok scanned
10/22/2009 10:06:47 PM File: c:\windows\system32\sdclt.exe ok scanned
10/22/2009 10:06:47 PM File: c:\program files\7-zip\7zfm.exe ok scanned
10/22/2009 10:06:48 PM File: c:\program files (x86)\adobe\adobe dreamweaver cs4\dreamweaver.exe ok scanned
10/22/2009 10:06:48 PM File: C:\Windows\system32\shell32.dll ok scanned
10/22/2009 10:06:48 PM File: C:\Windows\explorer.exe ok scanned
10/22/2009 10:06:48 PM File: c:\windows\system32\userinit.exe ok scanned
10/22/2009 10:06:48 PM File: c:\program files\microsoft security essentials\msseces.exe ok scanned
10/22/2009 10:06:48 PM File: c:\program files (x86)\windows sidebar\sidebar.exe ok scanned
10/22/2009 10:06:48 PM File: c:\windows\system32\oobefldr.dll ok scanned
10/22/2009 10:06:48 PM File: C:\Windows\system32\oobefldr.dll ok scanned
10/22/2009 10:06:48 PM File: c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe ok scanned
10/22/2009 10:06:48 PM File: c:\windows\system32\aelupsvc.dll ok scanned
10/22/2009 10:06:48 PM File: c:\windows\system32\appinfo.dll ok scanned
10/22/2009 10:06:48 PM File: c:\windows\system32\appmgmts.dll ok scanned
10/22/2009 10:06:48 PM File: c:\windows\system32\audiosrv.dll ok scanned
10/22/2009 10:06:48 PM File: c:\windows\system32\bfe.dll ok scanned
10/22/2009 10:06:48 PM File: c:\windows\system32\browser.dll ok scanned
10/22/2009 10:06:48 PM File: c:\windows\system32\certprop.dll ok scanned
10/22/2009 10:06:48 PM File: c:\windows\system32\cryptsvc.dll ok scanned
10/22/2009 10:06:48 PM File: c:\windows\system32\cscsvc.dll ok scanned
10/22/2009 10:06:49 PM File: c:\windows\system32\dhcpcsvc.dll ok scanned
10/22/2009 10:06:49 PM File: c:\windows\system32\dnsrslvr.dll ok scanned
10/22/2009 10:06:49 PM File: c:\windows\system32\dot3svc.dll ok scanned
10/22/2009 10:06:49 PM File: c:\windows\ehome\ehstart.dll ok scanned
10/22/2009 10:06:49 PM File: c:\windows\system32\emdmgmt.dll ok scanned
10/22/2009 10:06:49 PM File: c:\windows\system32\es.dll ok scanned
10/22/2009 10:06:49 PM File: c:\windows\system32\fdphost.dll ok scanned
10/22/2009 10:06:49 PM File: c:\windows\system32\fdrespub.dll ok scanned
10/22/2009 10:06:49 PM File: c:\windows\system32\hidserv.dll ok scanned
10/22/2009 10:06:49 PM File: c:\windows\system32\ikeext.dll ok scanned
10/22/2009 10:06:49 PM File: c:\windows\system32\ipbusenum.dll ok scanned
10/22/2009 10:06:49 PM File: c:\windows\system32\iphlpsvc.dll ok scanned
10/22/2009 10:06:49 PM File: c:\windows\system32\msdtckrm.dll ok scanned
10/22/2009 10:06:49 PM File: c:\windows\system32\srvsvc.dll ok scanned
10/22/2009 10:06:49 PM File: c:\windows\system32\wkssvc.dll ok scanned
10/22/2009 10:06:49 PM File: c:\windows\system32\lltdsvc.dll ok scanned
10/22/2009 10:06:49 PM File: c:\windows\system32\lmhsvc.dll ok scanned
10/22/2009 10:06:49 PM File: c:\windows\system32\mcx2svc.dll ok scanned
10/22/2009 10:06:49 PM File: c:\windows\system32\mmcss.dll ok scanned
10/22/2009 10:06:49 PM File: c:\windows\system32\mpssvc.dll ok scanned
10/22/2009 10:06:49 PM File: c:\windows\system32\iscsiexe.dll ok scanned
10/22/2009 10:06:49 PM File: c:\windows\system32\netman.dll ok scanned
10/22/2009 10:06:49 PM File: c:\windows\system32\netprofm.dll ok scanned
10/22/2009 10:06:49 PM File: c:\windows\system32\nlasvc.dll ok scanned
10/22/2009 10:06:49 PM File: c:\windows\system32\nsisvc.dll ok scanned
10/22/2009 10:06:49 PM File: c:\windows\system32\pcasvc.dll ok scanned
10/22/2009 10:06:50 PM File: c:\windows\system32\pla.dll ok scanned
10/22/2009 10:06:50 PM File: c:\windows\system32\umpnpmgr.dll ok scanned
10/22/2009 10:06:50 PM File: c:\windows\system32\p2psvc.dll ok scanned
10/22/2009 10:06:50 PM File: c:\windows\system32\ipsecsvc.dll ok scanned
10/22/2009 10:06:50 PM File: c:\windows\system32\profsvc.dll ok scanned
10/22/2009 10:06:50 PM File: c:\windows\system32\qwave.dll ok scanned
10/22/2009 10:06:50 PM File: c:\windows\system32\rasauto.dll ok scanned
10/22/2009 10:06:50 PM File: c:\windows\system32\rasmans.dll ok scanned
10/22/2009 10:06:50 PM File: c:\windows\system32\mprdim.dll ok scanned
10/22/2009 10:06:50 PM File: c:\windows\system32\regsvc.dll ok scanned
10/22/2009 10:06:50 PM File: c:\windows\system32\scardsvr.dll ok scanned
10/22/2009 10:06:50 PM File: c:\windows\system32\schedsvc.dll ok scanned
10/22/2009 10:06:50 PM File: c:\windows\system32\seclogon.dll ok scanned
10/22/2009 10:06:50 PM File: c:\windows\system32\sens.dll ok scanned
10/22/2009 10:06:50 PM File: c:\windows\system32\sessenv.dll ok scanned
10/22/2009 10:06:50 PM File: c:\windows\system32\ipnathlp.dll ok scanned
10/22/2009 10:06:50 PM File: c:\windows\system32\shsvcs.dll ok scanned
10/22/2009 10:06:50 PM File: c:\windows\system32\sluinotify.dll ok scanned
10/22/2009 10:06:50 PM File: c:\windows\system32\ssdpsrv.dll ok scanned
10/22/2009 10:06:50 PM File: c:\windows\system32\sstpsvc.dll ok scanned
10/22/2009 10:06:50 PM File: c:\windows\system32\swprv.dll ok scanned
10/22/2009 10:06:50 PM File: c:\windows\system32\sysmain.dll ok scanned
10/22/2009 10:06:51 PM File: c:\windows\system32\tabsvc.dll ok scanned
10/22/2009 10:06:51 PM File: c:\windows\system32\tapisrv.dll ok scanned
10/22/2009 10:06:51 PM File: c:\windows\system32\termsrv.dll ok scanned
10/22/2009 10:06:51 PM File: c:\windows\system32\umrdp.dll ok scanned
10/22/2009 10:06:51 PM File: c:\windows\system32\upnphost.dll ok scanned
10/22/2009 10:06:51 PM File: c:\windows\system32\uxsms.dll ok scanned
10/22/2009 10:06:51 PM File: c:\windows\system32\w32time.dll ok scanned
10/22/2009 10:06:51 PM File: c:\windows\system32\wcncsvc.dll ok scanned
10/22/2009 10:06:51 PM File: c:\windows\system32\wcspluginservice.dll ok scanned
10/22/2009 10:06:51 PM File: c:\windows\system32\webclnt.dll ok scanned
10/22/2009 10:06:51 PM File: c:\windows\system32\wecsvc.dll ok scanned
10/22/2009 10:06:51 PM File: c:\windows\system32\wercplsupport.dll ok scanned
10/22/2009 10:06:51 PM File: c:\windows\system32\winhttp.dll ok scanned
10/22/2009 10:06:51 PM File: c:\windows\system32\wbem\wmisvc.dll ok scanned
10/22/2009 10:06:51 PM File: c:\windows\system32\wsmsvc.dll ok scanned
10/22/2009 10:06:51 PM File: c:\windows\system32\wlansvc.dll ok scanned
10/22/2009 10:06:51 PM File: c:\windows\system32\wpdbusenum.dll ok scanned
10/22/2009 10:06:51 PM File: c:\windows\system32\wscsvc.dll ok scanned
10/22/2009 10:06:51 PM File: c:\windows\system32\wuaueng.dll ok scanned
10/22/2009 10:06:51 PM File: c:\windows\system32\wudfsvc.dll ok scanned
10/22/2009 10:06:51 PM File: C:\Windows\system32\winhttp.dll ok scanned
10/22/2009 10:06:51 PM File: c:\windows\system32\drivers\acpi.sys ok scanned
10/22/2009 10:06:52 PM File: c:\windows\system32\drivers\adihdaud.sys ok scanned
10/22/2009 10:06:52 PM File: c:\windows\system32\drivers\adp94xx.sys ok scanned

miller330i · 23-Oct-2009, 03:03 PM **#15**

\parport.sys ok scanned
10/22/2009 10:06:58 PM File: c:\windows\system32\drivers\partmgr.sys ok scanned
10/22/2009 10:06:58 PM File: c:\windows\system32\drivers\pci.sys ok scanned
10/22/2009 10:06:58 PM File: c:\windows\system32\drivers\pciide.sys ok scanned
10/22/2009 10:06:58 PM File: c:\windows\system32\drivers\pcmcia.sys ok scanned
10/22/2009 10:06:58 PM File: c:\windows\system32\drivers\pcouffin.sys ok scanned
10/22/2009 10:06:58 PM File: c:\windows\system32\drivers\peauth.sys ok scanned
10/22/2009 10:06:58 PM File: c:\windows\syswow64\perfhost.exe ok scanned
10/22/2009 10:06:58 PM File: c:\windows\system32\drivers\raspptp.sys ok scanned
10/22/2009 10:06:58 PM File: c:\windows\system32\drivers\processr.sys ok scanned
10/22/2009 10:06:58 PM File: c:\windows\system32\drivers\pacer.sys ok scanned
10/22/2009 10:06:58 PM File: c:\windows\system32\drivers\ql2300.sys ok scanned
10/22/2009 10:06:58 PM File: c:\windows\system32\drivers\ql40xx.sys ok scanned
10/22/2009 10:06:58 PM File: c:\windows\system32\drivers\qwavedrv.sys ok scanned
10/22/2009 10:06:58 PM File: c:\windows\system32\drivers\rasacd.sys ok scanned
10/22/2009 10:06:58 PM File: c:\windows\system32\drivers\rasl2tp.sys ok scanned
10/22/2009 10:06:58 PM File: c:\windows\system32\drivers\raspppoe.sys ok scanned
10/22/2009 10:06:58 PM File: c:\windows\system32\drivers\rassstp.sys ok scanned
10/22/2009 10:06:58 PM File: c:\windows\system32\drivers\rdbss.sys ok scanned
10/22/2009 10:06:58 PM File: c:\windows\system32\drivers\rdpcdd.sys ok scanned
10/22/2009 10:06:58 PM File: c:\windows\system32\drivers\rdpdr.sys ok scanned
10/22/2009 10:06:59 PM File: c:\windows\system32\drivers\rdpencdd.sys ok scanned
10/22/2009 10:06:59 PM File: c:\program files (x86)\rivatuner v2.24\rivatuner64.sys ok scanned
10/22/2009 10:06:59 PM File: c:\windows\system32\locator.exe ok scanned
10/22/2009 10:06:59 PM File: c:\windows\system32\drivers\rspndr.sys ok scanned
10/22/2009 10:06:59 PM File: c:\windows\system32\drivers\rtlh64.sys ok scanned
10/22/2009 10:06:59 PM File: c:\windows\system32\drivers\sbp2port.sys ok scanned
10/22/2009 10:06:59 PM File: c:\windows\system32\sdrsvc.dll ok scanned
10/22/2009 10:06:59 PM File: c:\windows\system32\drivers\serenum.sys ok scanned
10/22/2009 10:06:59 PM File: c:\windows\system32\drivers\serial.sys ok scanned
10/22/2009 10:06:59 PM File: c:\windows\system32\drivers\sermouse.sys ok scanned
10/22/2009 10:06:59 PM File: c:\windows\system32\drivers\sffdisk.sys ok scanned
10/22/2009 10:06:59 PM File: c:\windows\system32\drivers\sffp_mmc.sys ok scanned
10/22/2009 10:06:59 PM File: c:\windows\system32\drivers\sffp_sd.sys ok scanned
10/22/2009 10:06:59 PM File: c:\windows\system32\drivers\sfloppy.sys ok scanned
10/22/2009 10:06:59 PM File: c:\windows\system32\drivers\sisraid2.sys ok scanned
10/22/2009 10:06:59 PM File: c:\windows\system32\drivers\sisraid4.sys ok scanned
10/22/2009 10:06:59 PM File: c:\windows\system32\slsvc.exe ok scanned
10/22/2009 10:06:59 PM File: c:\windows\system32\drivers\smb.sys ok scanned
10/22/2009 10:06:59 PM File: c:\windows\system32\snmptrap.exe ok scanned
10/22/2009 10:06:59 PM File: c:\program files (x86)\common files\creative labs shared\service\xmblicensing.exe ok scanned
10/22/2009 10:06:59 PM File: c:\windows\system32\spoolsv.exe ok scanned
10/22/2009 10:06:59 PM File: c:\windows\system32\drivers\sptd.sys skipped locked
10/22/2009 10:06:59 PM File: c:\windows\system32\drivers\srv.sys ok scanned
10/22/2009 10:06:59 PM File: c:\windows\system32\drivers\srv2.sys ok scanned
10/22/2009 10:07:00 PM File: c:\windows\system32\drivers\srvnet.sys ok scanned
10/22/2009 10:07:00 PM File: c:\windows\system32\drivers\swenum.sys ok scanned
10/22/2009 10:07:00 PM File: c:\windows\system32\drivers\symc8xx.sys ok scanned
10/22/2009 10:07:00 PM File: c:\windows\system32\drivers\sym_hi.sys ok scanned
10/22/2009 10:07:00 PM File: c:\windows\system32\drivers\sym_u3.sys ok scanned
10/22/2009 10:07:00 PM File: c:\windows\system32\drivers\tcpip.sys ok scanned
10/22/2009 10:07:00 PM File: C:\Windows\system32\drivers\tcpip.sys ok scanned
10/22/2009 10:07:00 PM File: c:\windows\system32\drivers\tcpipreg.sys ok scanned
10/22/2009 10:07:00 PM File: c:\windows\system32\drivers\tdpipe.sys ok scanned
10/22/2009 10:07:00 PM File: c:\windows\system32\drivers\tdtcp.sys ok scanned
10/22/2009 10:07:00 PM File: c:\windows\system32\drivers\tdx.sys ok scanned
10/22/2009 10:07:00 PM File: c:\windows\system32\drivers\termdd.sys ok scanned
10/22/2009 10:07:00 PM File: c:\windows\system32\drivers\tssecsrv.sys ok scanned
10/22/2009 10:07:00 PM File: c:\windows\system32\drivers\tunmp.sys ok scanned
10/22/2009 10:07:00 PM File: c:\windows\system32\drivers\tunnel.sys ok scanned
10/22/2009 10:07:00 PM File: c:\windows\system32\drivers\uagp35.sys ok scanned
10/22/2009 10:07:00 PM File: c:\windows\system32\drivers\udfs.sys ok scanned
10/22/2009 10:07:00 PM File: c:\windows\system32\ui0detect.exe ok scanned
10/22/2009 10:07:00 PM File: c:\windows\system32\drivers\uliagpkx.sys ok scanned
10/22/2009 10:07:00 PM File: c:\windows\system32\drivers\uliahci.sys ok scanned
10/22/2009 10:07:00 PM File: c:\windows\system32\drivers\ulsata.sys ok scanned
10/22/2009 10:07:00 PM File: c:\windows\system32\drivers\ulsata2.sys ok scanned
10/22/2009 10:07:00 PM File: c:\windows\system32\drivers\umbus.sys ok scanned
10/22/2009 10:07:00 PM File: c:\windows\system32\drivers\usbccgp.sys ok scanned
10/22/2009 10:07:00 PM File: c:\windows\system32\drivers\usbcir.sys ok scanned
10/22/2009 10:07:00 PM File: c:\windows\system32\drivers\usbehci.sys ok scanned
10/22/2009 10:07:01 PM File: c:\windows\system32\drivers\usbhub.sys ok scanned
10/22/2009 10:07:01 PM File: c:\windows\system32\drivers\usbohci.sys ok scanned
10/22/2009 10:07:01 PM File: c:\windows\system32\drivers\usbprint.sys ok scanned
10/22/2009 10:07:01 PM File: c:\windows\system32\drivers\usbscan.sys ok scanned
10/22/2009 10:07:01 PM File: c:\windows\system32\drivers\usbstor.sys ok scanned
10/22/2009 10:07:01 PM File: c:\windows\system32\drivers\usbuhci.sys ok scanned
10/22/2009 10:07:01 PM File: c:\windows\system32\vds.exe ok scanned
10/22/2009 10:07:01 PM File: c:\windows\system32\drivers\vgapnp.sys ok scanned
10/22/2009 10:07:01 PM File: c:\windows\system32\drivers\vga.sys ok scanned
10/22/2009 10:07:01 PM File: c:\windows\system32\drivers\viaide.sys ok scanned
10/22/2009 10:07:01 PM File: c:\windows\system32\drivers\volmgr.sys ok scanned
10/22/2009 10:07:01 PM File: c:\windows\system32\drivers\volmgrx.sys ok scanned
10/22/2009 10:07:01 PM File: c:\windows\system32\drivers\volsnap.sys ok scanned
10/22/2009 10:07:01 PM File: c:\windows\system32\drivers\vsmraid.sys ok scanned
10/22/2009 10:07:01 PM File: c:\windows\system32\vssvc.exe ok scanned
10/22/2009 10:07:01 PM File: c:\windows\system32\drivers\wacompen.sys ok scanned
10/22/2009 10:07:01 PM File: c:\windows\system32\drivers\wanarp.sys ok scanned
10/22/2009 10:07:01 PM File: C:\Windows\system32\drivers\wanarp.sys ok scanned
10/22/2009 10:07:01 PM File: c:\windows\system32\wbengine.exe ok scanned
10/22/2009 10:07:01 PM File: c:\windows\system32\drivers\wd.sys ok scanned
10/22/2009 10:07:01 PM File: c:\windows\system32\drivers\wdf01000.sys ok scanned
10/22/2009 10:07:01 PM File: c:\windows\system32\drivers\wmiacpi.sys ok scanned
10/22/2009 10:07:01 PM File: c:\windows\system32\wbem\wmiapsrv.exe ok scanned
10/22/2009 10:07:02 PM File: c:\windows\system32\drivers\ws2ifsl.sys ok scanned
10/22/2009 10:07:02 PM File: c:\windows\system32\searchindexer.exe ok scanned
10/22/2009 10:07:02 PM File: c:\windows\system32\drivers\wudfrd.sys ok scanned
10/22/2009 10:07:02 PM File: C:\Windows\system32\drivers\acpi.sys ok scanned
10/22/2009 10:07:02 PM File: C:\Windows\system32\drivers\adihdaud.sys ok scanned
10/22/2009 10:07:02 PM File: c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe ok scanned
10/22/2009 10:07:02 PM File: C:\Windows\system32\drivers\amdlld64.sys ok scanned
10/22/2009 10:07:02 PM File: c:\windows\system32\drivers\amdtools64.sys ok scanned
10/22/2009 10:07:02 PM File: C:\Windows\syswow64\drivers\asio.sys ok scanned
10/22/2009 10:07:02 PM File: C:\Windows\system32\drivers\asyncmac.sys ok scanned
10/22/2009 10:07:02 PM File: C:\Windows\system32\drivers\atapi.sys ok scanned
10/22/2009 10:07:02 PM File: C:\Windows\system32\drivers\atihdmi.sys ok scanned
10/22/2009 10:07:02 PM File: C:\Windows\system32\drivers\atikmdag.sys ok scanned
10/22/2009 10:07:02 PM File: c:\windows\system32\drivers\atipcie.sys ok scanned
10/22/2009 10:07:02 PM File: C:\Windows\system32\drivers\bowser.sys ok scanned
10/22/2009 10:07:02 PM File: c:\program files (x86)\canon\cal\calmain.exe ok scanned
10/22/2009 10:07:02 PM File: C:\Windows\system32\drivers\cdfs.sys ok scanned
10/22/2009 10:07:02 PM File: C:\Windows\system32\drivers\cdrom.sys ok scanned
10/22/2009 10:07:02 PM File: C:\Windows\system32\clfs.sys ok scanned
10/22/2009 10:07:02 PM File: C:\Windows\system32\drivers\crcdisk.sys ok scanned
10/22/2009 10:07:02 PM File: C:\Windows\system32\drivers\csc.sys ok scanned
10/22/2009 10:07:02 PM File: C:\Windows\system32\drivers\dfsc.sys ok scanned
10/22/2009 10:07:02 PM File: C:\Windows\system32\drivers\disk.sys ok scanned
10/22/2009 10:07:02 PM File: C:\Windows\system32\drivers\drmkaud.sys ok scanned
10/22/2009 10:07:02 PM File: C:\Windows\system32\drivers\e1g6032e.sys ok scanned
10/22/2009 10:07:02 PM File: C:\Windows\system32\drivers\ecache.sys ok scanned
10/22/2009 10:07:02 PM File: C:\Windows\system32\drivers\fdc.sys ok scanned
10/22/2009 10:07:02 PM File: C:\Windows\system32\drivers\fileinfo.sys ok scanned
10/22/2009 10:07:02 PM File: C:\Windows\system32\drivers\filetrace.sys ok scanned
10/22/2009 10:07:02 PM File: c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe ok scanned
10/22/2009 10:07:02 PM File: c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice64.exe ok scanned
10/22/2009 10:07:02 PM File: C:\Windows\system32\drivers\flpydisk.sys ok scanned
10/22/2009 10:07:02 PM File: C:\Windows\system32\drivers\fltmgr.sys ok scanned
10/22/2009 10:07:02 PM File: C:\Windows\system32\drivers\fvevol.sys ok scanned
10/22/2009 10:07:02 PM File: C:\Windows\system32\drivers\gearaspiwdm.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\hdaudio.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\hdaudbus.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\hidusb.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\http.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\i8042prt.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\intelppm.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\ipfltdrv.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\ipnat.sys ok scanned
10/22/2009 10:07:03 PM File: c:\program files\ipod\bin\ipodservice.exe ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\irenum.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\msiscsi.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\kbdclass.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\kbdhid.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\ksecdd.sys ok scanned
10/22/2009 10:07:03 PM File: c:\program files (x86)\lavasoft\ad-aware\aawservice.exe ok scanned
10/22/2009 10:07:03 PM File: c:\windows\system32\drivers\lbd.sys ok scanned
10/22/2009 10:07:03 PM File: c:\windows\runservice.exe ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\lltdio.sys ok scanned
10/22/2009 10:07:03 PM File: c:\windows\system32\drivers\lvpr2m64.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\lvpr2m64.sys ok scanned
10/22/2009 10:07:03 PM File: c:\program files\common files\logishrd\lvmvfm\lvprcsrv.exe ok scanned
10/22/2009 10:07:03 PM File: c:\windows\system32\drivers\mcdbus.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\modem.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\monitor.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\mouclass.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\mouhid.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\mountmgr.sys ok scanned
10/22/2009 10:07:03 PM File: c:\windows\system32\drivers\mpfilter.sys ok scanned
10/22/2009 10:07:03 PM File: c:\windows\system32\drivers\mpnwmon.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\mpsdrv.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\mrxsmb.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\mrxsmb10.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\mrxsmb20.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\msisadrv.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\mskssrv.sys ok scanned
10/22/2009 10:07:03 PM File: c:\program files\microsoft security essentials\msmpeng.exe ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\mspclock.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\mspqm.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\mssmbios.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\mstee.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\asacpi.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\mup.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\nwifi.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\ndis.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\ndistapi.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\ndisuio.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\ndiswan.sys ok scanned
10/22/2009 10:07:03 PM File: c:\program files (x86)\nero\nero8\nero backitup\nbservice.exe ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\netbios.sys ok scanned
10/22/2009 10:07:03 PM File: C:\Windows\system32\drivers\netbt.sys ok scanned
10/22/2009 10:07:04 PM File: c:\program files (x86)\common files\nero\lib\nmindexingservice.exe ok scanned
10/22/2009 10:07:04 PM File: C:\Windows\system32\drivers\nsiproxy.sys ok scanned
10/22/2009 10:07:04 PM File: C:\Windows\system32\drivers\ohci1394.sys ok scanned
10/22/2009 10:07:04 PM File: c:\program files (x86)\common files\microsoft shared\source engine\ose.exe ok scanned
10/22/2009 10:07:04 PM File: C:\Windows\system32\drivers\partmgr.sys ok scanned
10/22/2009 10:07:04 PM File: c:\windows\system32\drivers\pavboot64.sys ok scanned
10/22/2009 10:07:04 PM File: C:\Windows\system32\drivers\pci.sys ok scanned
10/22/2009 10:07:04 PM File: C:\Windows\system32\drivers\pciide.sys ok scanned
10/22/2009 10:07:04 PM File: C:\Windows\system32\drivers\peauth.sys ok scanned
10/22/2009 10:07:04 PM File: c:\windows\system32\drivers\lv561v64.sys ok scanned
10/22/2009 10:07:04 PM File: c:\windows\syswow64\ioctlsvc.exe ok scanned
10/22/2009 10:07:04 PM File: C:\Windows\system32\drivers\raspptp.sys ok scanned
10/22/2009 10:07:04 PM File: C:\Windows\system32\drivers\processr.sys ok scanned
10/22/2009 10:07:04 PM File: C:\Windows\system32\drivers\pacer.sys ok scanned
10/22/2009 10:07:04 PM File: c:\windows\system32\drivers\pwipf6.sys ok scanned
10/22/2009 10:07:04 PM File: c:\windows\system32\drivers\pxhlpa64.sys ok scanned
10/22/2009 10:07:04 PM File: C:\Windows\system32\drivers\rasacd.sys ok scanned
10/22/2009 10:07:04 PM File: C:\Windows\system32\drivers\rasl2tp.sys ok scanned
10/22/2009 10:07:04 PM File: C:\Windows\system32\drivers\raspppoe.sys ok scanned
10/22/2009 10:07:04 PM File: C:\Windows\system32\drivers\rassstp.sys ok scanned
10/22/2009 10:07:04 PM File: C:\Windows\system32\drivers\rdbss.sys ok scanned
10/22/2009 10:07:04 PM File: C:\Windows\system32\drivers\rdpcdd.sys ok scanned
10/22/2009 10:07:04 PM File: C:\Windows\system32\drivers\rdpdr.sys ok scanned
10/22/2009 10:07:04 PM File: C:\Windows\system32\drivers\rdpencdd.sys ok scanned
10/22/2009 10:07:04 PM File: C:\Windows\system32\regsvc.dll ok scanned
10/22/2009 10:07:04 PM File: C:\Windows\system32\drivers\rspndr.sys ok scanned
10/22/2009 10:07:04 PM File: C:\Windows\system32\drivers\rtlh64.sys ok scanned
10/22/2009 10:07:04 PM File: c:\program files (x86)\spybot - search & destroy\sdwinsec.exe ok scanned
10/22/2009 10:07:04 PM File: C:\Windows\system32\sdrsvc.dll ok scanned
10/22/2009 10:07:04 PM File: C:\Windows\system32\drivers\smb.sys ok scanned
10/22/2009 10:07:04 PM File: C:\Windows\system32\drivers\sptd.sys skipped locked
10/22/2009 10:07:04 PM File: C:\Windows\system32\drivers\srv.sys ok scanned
10/22/2009 10:07:04 PM File: C:\Windows\system32\drivers\srv2.sys ok scanned
10/22/2009 10:07:04 PM File: C:\Windows\system32\drivers\srvnet.sys ok scanned
10/22/2009 10:07:05 PM File: c:\windows\system32\drivers\ssfs0bbc.sys ok scanned
10/22/2009 10:07:05 PM File: c:\windows\system32\drivers\ssidrv.sys ok scanned
10/22/2009 10:07:05 PM File: c:\windows\system32\drivers\starportlite.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\swenum.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\swprv.dll ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\tcpipreg.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\tdpipe.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\tdtcp.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\tdx.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\termdd.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\tssecsrv.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\tunmp.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\tunnel.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\udfs.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\umbus.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\usbccgp.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\usbehci.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\usbhub.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\usbohci.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\usbprint.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\usbscan.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\usbstor.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\usbuhci.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\vgapnp.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\volmgr.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\volmgrx.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\volsnap.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\wdf01000.sys ok scanned
10/22/2009 10:07:05 PM File: c:\program files (x86)\webroot\webrootsecurity\spysweeper.exe ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\wmiacpi.sys ok scanned
10/22/2009 10:07:05 PM File: c:\windows\system32\drivers\wpdusb.sys ok scanned
10/22/2009 10:07:05 PM File: c:\program files (x86)\webroot\webrootsecurity\wrconsumerservice.exe ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\wudfrd.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\amdtools64.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\atipcie.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\lbd.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\mcdbus.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\mpfilter.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\mpnwmon.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\lv561v64.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\pwipf6.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\pxhlpa64.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\ssfs0bbc.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\ssidrv.sys ok scanned
10/22/2009 10:07:05 PM File: C:\Windows\system32\drivers\starportlite.sys ok scanned
10/22/2009 10:07:06 PM File: C:\Windows\system32\drivers\wpdusb.sys ok scanned
10/22/2009 10:07:06 PM File: c:\windows\system32\autochk.exe ok scanned
10/22/2009 10:07:06 PM File: C:\Windows\system32\autochk.exe ok scanned
10/22/2009 10:07:06 PM File: c:\windows\system32\lsdelete.exe ok scanned
10/22/2009 10:07:06 PM File: C:\Windows\system32\lsdelete.exe ok scanned
10/22/2009 10:07:06 PM File: c:\windows\system32\unregmp2.exe ok scanned
10/22/2009 10:07:06 PM File: c:\windows\syswow64\ie4uinit.exe ok scanned
10/22/2009 10:07:06 PM File: c:\windows\system32\iedkcs32.dll ok scanned
10/22/2009 10:07:06 PM File: c:\windows\system32\regsvr32.exe ok scanned
10/22/2009 10:07:06 PM File: c:\windows\system32\themeui.dll ok scanned
10/22/2009 10:07:06 PM File: c:\program files (x86)\windows mail\winmail.exe ok scanned
10/22/2009 10:07:06 PM File: c:\windows\syswow64\rundll32.exe ok scanned
10/22/2009 10:07:06 PM File: c:\windows\syswow64\mscories.dll ok scanned
10/22/2009 10:07:06 PM File: c:\windows\system32\ie4uinit.exe ok scanned
10/22/2009 10:07:06 PM File: C:\Windows\system32\iedkcs32.dll ok scanned
10/22/2009 10:07:06 PM File: C:\Windows\system32\regsvr32.exe ok scanned
10/22/2009 10:07:06 PM File: c:\windows\system32\mscories.dll ok scanned
10/22/2009 10:07:06 PM File: c:\windows\system32\msrle32.dll ok scanned
10/22/2009 10:07:06 PM File: c:\windows\system32\msvidc32.dll ok scanned
10/22/2009 10:07:06 PM File: c:\windows\system32\imaadp32.acm ok scanned
10/22/2009 10:07:06 PM File: c:\windows\system32\msg711.acm ok scanned
10/22/2009 10:07:06 PM File: c:\windows\system32\msgsm32.acm ok scanned
10/22/2009 10:07:06 PM File: c:\windows\system32\msadp32.acm ok scanned
10/22/2009 10:07:06 PM File: c:\windows\system32\midimap.dll ok scanned
10/22/2009 10:07:07 PM File: c:\windows\system32\msacm32.drv ok scanned
10/22/2009 10:07:07 PM File: c:\windows\system32\msyuv.dll ok scanned
10/22/2009 10:07:07 PM File: C:\Windows\system32\msyuv.dll ok scanned
10/22/2009 10:07:07 PM File: c:\windows\system32\iyuv_32.dll ok scanned
10/22/2009 10:07:07 PM File: c:\windows\system32\tsbyuv.dll ok scanned
10/22/2009 10:07:07 PM File: c:\windows\syswow64\l3codeca.acm ok scanned
10/22/2009 10:07:07 PM File: c:\windows\system32\wdmaud.drv ok scanned
10/22/2009 10:07:07 PM File: C:\Windows\system32\wdmaud.drv ok scanned
10/22/2009 10:07:07 PM File: C:\Windows\system32\msrle32.dll ok scanned
10/22/2009 10:07:07 PM File: C:\Windows\system32\msvidc32.dll ok scanned
10/22/2009 10:07:07 PM File: C:\Windows\system32\imaadp32.acm ok scanned
10/22/2009 10:07:07 PM File: C:\Windows\system32\msg711.acm ok scanned
10/22/2009 10:07:07 PM File: C:\Windows\system32\msgsm32.acm ok scanned
10/22/2009 10:07:07 PM File: C:\Windows\system32\msadp32.acm ok scanned
10/22/2009 10:07:07 PM File: C:\Windows\system32\midimap.dll ok scanned
10/22/2009 10:07:07 PM File: C:\Windows\system32\msacm32.drv ok scanned
10/22/2009 10:07:07 PM File: C:\Windows\system32\iyuv_32.dll ok scanned
10/22/2009 10:07:07 PM File: c:\windows\system32\lvcod64.dll ok scanned
10/22/2009 10:07:07 PM File: C:\Windows\system32\tsbyuv.dll ok scanned
10/22/2009 10:07:07 PM File: c:\windows\system32\l3codeca.acm ok scanned
10/22/2009 10:07:07 PM File: c:\windows\system32\vfwwdm32.dll ok scanned
10/22/2009 10:07:07 PM File: C:\Windows\system32\vfwwdm32.dll ok scanned
10/22/2009 10:07:07 PM File: c:\windows\syswow64\logon.scr ok scanned
10/22/2009 10:07:07 PM File: c:\windows\system32\logon.scr ok scanned
10/22/2009 10:07:07 PM File: c:\windows\system32\browseui.dll ok scanned
10/22/2009 10:07:07 PM File: c:\windows\system32\shdocvw.dll ok scanned
10/22/2009 10:07:07 PM File: c:\windows\system32\dsuiext.dll ok scanned
10/22/2009 10:07:08 PM File: c:\windows\system32\dsquery.dll ok scanned
10/22/2009 10:07:08 PM File: c:\windows\system32\rshx32.dll ok scanned
10/22/2009 10:07:08 PM File: C:\Windows\system32\rshx32.dll ok scanned
10/22/2009 10:07:08 PM File: c:\windows\system32\propsys.dll ok scanned
10/22/2009 10:07:08 PM File: c:\windows\system32\ntshrui.dll ok scanned
10/22/2009 10:07:08 PM File: C:\Windows\system32\ntshrui.dll ok scanned
10/22/2009 10:07:08 PM File: c:\windows\system32\networkexplorer.dll ok scanned

Statistics
----------
Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted
------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ ---------
All objects 1042 0 0 0 0 0 4 0 0
System memory 615 0 0 0 0 0 0 0 0
Startup objects 427 0 0 0 0 0 4 0 0
Disk boot sectors 0 0 0 0 0 0 0 0 0
Documents 0 0 0 0 0 0 0 0 0
Mail databases 0 0 0 0 0 0 0 0 0
Computer 0 0 0 0 0 0 0 0 0
Local Disk (C

0 0 0 0 0 0 0 0 0

Settings
--------
Parameter Value
--------- -----
Security Level Recommended
Action Prompt for action when the scan is complete
Run mode Manually
File types Scan all files
Scan only new and changed files No
Scan archives All
Scan embedded OLE objects All
Skip if object is larger than No
Skip if scan takes longer than No
Parse email formats No
Scan password-protected archives No
Enable iChecker technology No
Enable iSwift technology No
Show detected threats on "Detected" tab Yes
Rootkits search Yes
Deep rootkits search No
Use heuristic analyzer Yes

Tag Cloud
access acer asus bios bsod computer crash drive driver drivers error ethernet excel freeze games gaming graphics hard drive hardware hdmi internet laptop malware memory monitor motherboard netgear network printer problem ram random registry router slow software sound trojan usb video virus vista wifi windows windows 7 windows 7 32 bit windows 7 64 bit windows xp wireless xbox

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Find the solution to yourcomputer problem!

Find the solution to your
computer problem!