Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Lots of pop-ups along with AVG warnings popping up all over

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Lots of pop-ups along with AVG warnings popping up all over

Unread postby gabebeck15 » November 18th, 2009, 9:42 pm

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:36:28 PM, on 11/18/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Lexmark 5200 series\lxbtbmon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Steam\Steam.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {16591C0D-F1DC-4D92-9CDF-46DBAECCB422} - C:\WINDOWS\System32\browsewm32.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Lexmark 5200 series] "C:\Program Files\Lexmark 5200 series\lxbtbmgr.exe"
O4 - HKLM\..\Run: [LXBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [A00F3ED469.exe] C:\DOCUME~1\Baby\LOCALS~1\Temp\_A00F3ED469.exe
O4 - HKUS\S-1-5-18\..\Run: [tempo-setup2.exe] C:\WINDOWS\system32\tempo-setup2.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [tempo-setup2.exe] C:\WINDOWS\system32\tempo-setup2.exe (User 'Default user')
O8 - Extra context menu item: &Search - ?p=GR
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw/object/Dldrv.ocx
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3AF95B21-65E6-4814-AA48-6E6A7A7B4B6F}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{6B27D414-1E1F-4CDF-8AF0-0553625F2120}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{3AF95B21-65E6-4814-AA48-6E6A7A7B4B6F}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\..\{3AF95B21-65E6-4814-AA48-6E6A7A7B4B6F}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: blocker.dll,C:\WINDOWS\System32\bidispl32.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: e06f763a700 - C:\WINDOWS\System32\bidispl32.dll
O20 - Winlogon Notify: __c00DB6F0 - C:\WINDOWS\system32\__c00DB6F0.dat
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate1ca131e49790036) (gupdate1ca131e49790036) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxbt_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbtcoms.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max Design 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Viewpoint Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 12398 bytes
gabebeck15
Active Member
 
Posts: 8
Joined: November 18th, 2009, 9:39 pm
Advertisement
Register to Remove

Re: Lots of pop-ups along with AVG warnings popping up all over

Unread postby shinybeast » November 20th, 2009, 1:18 pm

Hello and welcome to Malware Removal Forums

My handle is shinybeast and I will be assisting you in the removal of malware your computer may have.

Please follow these guidelines as we work to clean your computer.
  • Read through the instructions before you perform them and if you have questions please ask before you perform them. Please do not guess. I will be happy to clarify or explain.
  • Perform all instructions in the order given.
  • Stick with the process until I give you an "all clean." If the symptoms are gone, it does not necessarily mean your computer is safe and secure.
  • The instructions assume you are using an account with administrator privileges.
  • Do not run any other tools to remove malware while we are working.
  • Post all responses in a reply to this topic - Please do not start a new topic.
  • If your security software throws up warnings about some of these tools, please allow these tools to run, they are safe.
  • If you have not done so, please take time to read the Malware Removal Forum Guidelines and Rules where the conditions for receiving help at this forum are explained.

NOTE: I am in training here at Malware Removal University.
I must get my replies to you approved by a malware expert which means it could take slightly longer to get back to you.
Your patience is appreciated. :)


Installed Program List

I would be helpful to see a list of programs installed on your computer.

  • Please start Hijackthis
  • Click the Open the Misc Tools section button
  • Click the Open Uninstall Manager... under System Tools

You will see a list of programs installed on your computer.
Please click the Save List... button and specify where you would like to save the list.
Once you click Save, the list will open in Notepad. Simply copy and paste the entire contents of Notepad in your next post.

Please post back with uninstall list and a new HijackThis log.
User avatar
shinybeast
Retired Graduate
 
Posts: 1187
Joined: October 29th, 2008, 6:56 pm
Location: -5 hrs GMT (EST)

Re: Lots of pop-ups along with AVG warnings popping up all over

Unread postby gabebeck15 » November 20th, 2009, 9:29 pm

Here is the uninstall list:

7-Zip 4.60 beta
Acrobat.com
Acrobat.com
Ad-Aware
Ad-Aware
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.1.2
Age of Empires III
Age of Empires III - The Asian Dynasties
Age of Empires III - The WarChiefs
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AquaNox
Autodesk 3ds Max Design 2009 32-bit
Autodesk 3ds Max Design 2009 32-bit Additional Maps and Material Libraries
Autodesk 3ds Max Design 2009 32-bit Architectural Materials Library
Autodesk 3ds Max Design 2009 32-bit Movies
Autodesk 3ds Max Design 2009 32-bit ProMaterials™ Library
Autodesk 3ds Max Design 2009 32-bit Vault 2008 Plug-In
Autodesk 3ds Max Design 2009 32-bit Vault 2009 Plug-In
Autodesk Backburner 2008.1
AVG 9.0
AVG Free 8.5
Bluerock Technologies Flight Studio 3ds Max Design 2009 32-bit
Bonjour
Caesar IV
Choice Guard
Combat Arms
Doomsday Engine 1.9.0-beta6.5
Electronic Arts Game Updater
Enable S3 for USB Device
Finale NotePad 2009
Finale Reader 2009
GIMP 2.6.6
Google Chrome
Google Earth
Google Update Helper
Google Updater
GTK+ Runtime 2.12.8 rev a (remove only)
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
iTunes
Java(TM) 6 Update 14
Java(TM) 6 Update 4
Java(TM) 6 Update 7
Junk Mail filter update
LCleaner
Lexmark 5200 Series
LightScribe System Software 1.17.90.1
LimeWire 5.1.3
LucasArts' X-Wing Alliance
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Expression Web
Microsoft Expression Web
Microsoft Expression Web MUI (English)
Microsoft Expression Web Service Pack 1 (SP1)
Microsoft Games for Windows - LIVE Redistributable
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Project 2007 Service Pack 2 (SP2)
Microsoft Office Project 2007 Service Pack 2 (SP2)
Microsoft Office Project MUI (English) 2007
Microsoft Office Project Professional 2007
Microsoft Office Project Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
Microsoft Office Visio 2007 Service Pack 2 (SP2)
Microsoft Office Visio 2007 Service Pack 2 (SP2)
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Visio Professional 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft WSE 3.0 Runtime
Morrowind
Mozilla Firefox (3.5.5)
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6.0 Parser (KB925673)
Musicnotes Software Suite 1.1
MySQL Connector/ODBC 3.51
NASA World Wind 1.4
Need for Speed™ Undercover
NFSNation Undercover Save Editor
NVIDIA Drivers
Oblivion
Pando Media Booster
Pidgin
PowerDVD
PowerISO
PunkBuster Services
Python 2.5.2
Python 2.6.2
QuickTime
Rally Trophy
RealPlayer
Realtek AC'97 Audio
Roxio Creator Audio
Roxio Creator Basic v9
Roxio Creator Copy
Roxio Creator Data
Roxio Creator Tools
Roxio Drag-to-Disc
Roxio Express Labeler 3
Roxio MyDVD Basic v9
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB973704)
Security Update for Microsoft Office Excel 2007 (KB973593)
Security Update for Microsoft Office Outlook 2007 (KB972363)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB969693)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB969604)
Segoe UI
Sid Meier's Civilization 4
Sid Meier's Civilization 4 - Beyond the Sword
Sid Meier's Civilization 4 - Warlords
Skype™ 3.8
Sonic Activation Module
SPORE™
Spybot - Search & Destroy
Star Wars(R) Knights of the Old Republic(R) II: The Sith Lords(TM)
Steam
TBS WMP Plug-in
TeamSpeak 2 RC2
TES Construction Set
Texporter v3.5.23.11_x86
Turbo Squid Tentacles 3ds Max 2009 32-bit
Update for 2007 Microsoft Office System (KB967642)
Update for 2007 Microsoft Office System (KB967642)
Update for 2007 Microsoft Office System (KB967642)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Outlook 2007 Junk Email Filter (kb975960)
Viewpoint Media Player
VLC media player 0.9.6
WinBlueSoft
Windows Internet Explorer 7
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows Presentation Foundation
wxPython 2.8.7.1 (ansi) for Python 2.5

And the new HijackThis report:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:28:56 PM, on 11/20/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\notepad.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {0E9C5A00-DF21-4EBD-ACCA-D9382FE9C923} - C:\WINDOWS\System32\browsewm32.dll
O2 - BHO: (no name) - {16591C0D-F1DC-4D92-9CDF-46DBAECCB422} - C:\WINDOWS\System32\browsewm32.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Lexmark 5200 series] "C:\Program Files\Lexmark 5200 series\lxbtbmgr.exe"
O4 - HKLM\..\Run: [LXBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [A00F3ED469.exe] C:\DOCUME~1\Baby\LOCALS~1\Temp\_A00F3ED469.exe
O4 - HKUS\S-1-5-18\..\Run: [tempo-setup2.exe] C:\WINDOWS\system32\tempo-setup2.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [tempo-setup2.exe] C:\WINDOWS\system32\tempo-setup2.exe (User 'Default user')
O8 - Extra context menu item: &Search - ?p=GR
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw/object/Dldrv.ocx
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3AF95B21-65E6-4814-AA48-6E6A7A7B4B6F}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{6B27D414-1E1F-4CDF-8AF0-0553625F2120}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{3AF95B21-65E6-4814-AA48-6E6A7A7B4B6F}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\..\{3AF95B21-65E6-4814-AA48-6E6A7A7B4B6F}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: blocker.dll,C:\WINDOWS\System32\bidispl32.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: e06f763a700 - C:\WINDOWS\System32\bidispl32.dll
O20 - Winlogon Notify: __c00310D7 - C:\WINDOWS\system32\__c00310D7.dat
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgemc.exe (file missing)
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate1ca131e49790036) (gupdate1ca131e49790036) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxbt_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbtcoms.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max Design 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Viewpoint Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

Thanks for your help and I hope you can work your magic through me.

--
End of file - 12173 bytes
gabebeck15
Active Member
 
Posts: 8
Joined: November 18th, 2009, 9:39 pm

Re: Lots of pop-ups along with AVG warnings popping up all over

Unread postby shinybeast » November 23rd, 2009, 4:41 pm

Hello gabedeck15,

Apologies for the delay


P2P Software

IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

BitTorrent DNA
LimeWire 5.1.3


I'd like you to read the Guidelines for P2P Programs where this forum's policy is explained.

If you would like to continue, you must go to Control Panel > Add/Remove Programs and uninstall the programs listed above in red.
Warning: Any existing remnants of the program may be removed during cleaning.


Scan with CKScanner

Click here to download CKScanner
Important - Save it to your desktop.
Doubleclick CKScanner.exe and click Search For Files.
After a very short time, when the cursor hourglass disappears, click Save List To File.
A message box will verify the file saved.
Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

Please reply with the CKScanner report and a new uninstall list from HijackThis.
User avatar
shinybeast
Retired Graduate
 
Posts: 1187
Joined: October 29th, 2008, 6:56 pm
Location: -5 hrs GMT (EST)

Re: Lots of pop-ups along with AVG warnings popping up all over

Unread postby gabebeck15 » November 23rd, 2009, 11:43 pm

Ok, I un-installed both of the above-mentioned programs. I don't really use them anyways.

Now I do the CKScan, and will post it up. I just saw that it registered my executable Age of Empires III:The Asian Dynasties. This was a crack I had to get several years back due to the fact I lost my disc. But again, I've had it for years and it has never caused problems, not to mention, when I got it, I scoured it with all sorts of virus scans. However, I have no idea what the Macromedia flash programs are all about. Anyways here's the two lists you wanted....

Un-Install List

7-Zip 4.60 beta
Acrobat.com
Acrobat.com
Ad-Aware
Ad-Aware
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.1.2
Age of Empires III
Age of Empires III - The Asian Dynasties
Age of Empires III - The WarChiefs
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AquaNox
Autodesk Backburner 2008.1
AVG 9.0
AVG Free 8.5
Bonjour
Caesar IV
Choice Guard
Combat Arms
Doomsday Engine 1.9.0-beta6.5
Electronic Arts Game Updater
Enable S3 for USB Device
Finale NotePad 2009
Finale Reader 2009
Google Chrome
Google Earth
Google Update Helper
Google Updater
GTK+ Runtime 2.12.8 rev a (remove only)
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
iTunes
Java(TM) 6 Update 14
Java(TM) 6 Update 4
Java(TM) 6 Update 7
Junk Mail filter update
LCleaner
Lexmark 5200 Series
LightScribe System Software 1.17.90.1
LucasArts' X-Wing Alliance
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Expression Web
Microsoft Expression Web
Microsoft Expression Web MUI (English)
Microsoft Expression Web Service Pack 1 (SP1)
Microsoft Games for Windows - LIVE Redistributable
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Project 2007 Service Pack 2 (SP2)
Microsoft Office Project 2007 Service Pack 2 (SP2)
Microsoft Office Project MUI (English) 2007
Microsoft Office Project Professional 2007
Microsoft Office Project Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
Microsoft Office Visio 2007 Service Pack 2 (SP2)
Microsoft Office Visio 2007 Service Pack 2 (SP2)
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Visio Professional 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft WSE 3.0 Runtime
Morrowind
Mozilla Firefox (3.5.5)
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6.0 Parser (KB925673)
MySQL Connector/ODBC 3.51
NASA World Wind 1.4
Need for Speed™ Undercover
NFSNation Undercover Save Editor
NVIDIA Drivers
Oblivion
Pidgin
PowerDVD
PowerISO
PunkBuster Services
QuickTime
RealPlayer
Realtek AC'97 Audio
Roxio Creator Audio
Roxio Creator Basic v9
Roxio Creator Copy
Roxio Creator Data
Roxio Creator Tools
Roxio Drag-to-Disc
Roxio Express Labeler 3
Roxio MyDVD Basic v9
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB973704)
Security Update for Microsoft Office Excel 2007 (KB973593)
Security Update for Microsoft Office Outlook 2007 (KB972363)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB969693)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB969604)
Segoe UI
Sonic Activation Module
SPORE™
Spybot - Search & Destroy
Steam
TBS WMP Plug-in
TeamSpeak 2 RC2
TES Construction Set
Turbo Squid Tentacles 3ds Max 2009 32-bit
Update for 2007 Microsoft Office System (KB967642)
Update for 2007 Microsoft Office System (KB967642)
Update for 2007 Microsoft Office System (KB967642)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Outlook 2007 Junk Email Filter (kb975960)
Viewpoint Media Player
VLC media player 0.9.6
WinBlueSoft
Windows Internet Explorer 7
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows Presentation Foundation


CkScanner List

CKScanner - Additional Security Risks - These are not necessarily bad
c:\documents and settings\baby\recent\age_of_empires_iii_-_the_asian_dynasties_-_crack_only.3858135.tpb.lnk
c:\documents and settings\parents\application data\macromedia\flash player\#sharedobjects\8lu2fx9k\www.crackle.com\cracklesettings.sol
c:\documents and settings\parents\application data\macromedia\flash player\#sharedobjects\8lu2fx9k\www.crackle.com\tracking.sol
c:\documents and settings\parents\application data\macromedia\flash player\macromedia.com\support\flashplayer\sys\#www.crackle.com\settings.sol
scanner sequence 3.BB.11
----- EOF -----
gabebeck15
Active Member
 
Posts: 8
Joined: November 18th, 2009, 9:39 pm

Re: Lots of pop-ups along with AVG warnings popping up all over

Unread postby shinybeast » November 24th, 2009, 6:08 pm

Hi gabebeck15,

You have cracked version of Age of Empires III - The Asian Dynasties on your computer. You need to remove Age of Empires III - The Asian Dynasties before we can continue any further. Please remove this from your system. You will find this forum's rules here: Malware Removal Forum Guidelines and Rules. Here is quote from it:

Any time the helper detects that you may have illegal software on your machine, that helper may stop assisting you immediately until you can demonstrate that you have rectified the situation. We will not support fixing machines with pirated or otherwise illegal software.


Regardless of whether you got it to replace a lost disc or not, I must still ask that you uninstall it per the forum rules.

Remove Programs

  • Click Start, click Run...
  • Type appwiz.cpl then click OK
  • Find and click on each instance of:

    Age of Empires III - The Asian Dynasties

  • Click Remove then follow the prompts to remove it



Scan with OTL

Click here to download OTL by OldTimer and save it to your Desktop
  • Double-click OTL.exe to start OTL
  • Ensure Scan All Users is checked
  • Under Output, ensure that Minimal Output is selected
  • On the left side of OTL window, ensure that Use SafeList is selected for all 5 items.
  • Click Run Scan in upper left of window.
  • When the scan is finished, two logs will open:
    OTL.Txt <-- Will be opened
    Extras.Txt <-- Will be minimized
  • Please post the contents of these two logs in your next reply.
User avatar
shinybeast
Retired Graduate
 
Posts: 1187
Joined: October 29th, 2008, 6:56 pm
Location: -5 hrs GMT (EST)

Re: Lots of pop-ups along with AVG warnings popping up all over

Unread postby gabebeck15 » November 24th, 2009, 10:52 pm

Well, Age of Empires III: The Asian Dynasties has been completely uninstalled.

Extras.txt is right here.

OTL Extras logfile created on: 11/24/2009 6:41:14 PM - Run 1
OTL by OldTimer - Version 3.1.8.0 Folder = C:\Documents and Settings\Baby\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.27 Gb Available Physical Memory | 63.36% Memory free
4.00 Gb Paging File | 3.39 Gb Available in Paging File | 84.73% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 58.07 Gb Free Space | 51.95% Space Free | Partition Type: NTFS
Drive D: | 186.31 Gb Total Space | 154.90 Gb Free Space | 83.14% Space Free | Partition Type: NTFS
Drive E: | 654.11 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BABY
Current User Name: Baby
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1606980848-1563985344-1417001333-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"D:\Baby\My Games\Combat Arms\CombatArms.exe" = D:\Baby\My Games\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"D:\Baby\My Games\Combat Arms\Engine.exe" = D:\Baby\My Games\Combat Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- File not found
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- File not found
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- File not found
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
"C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe" = C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe:*:Enabled:Age of Empires III - The Asian Dynasties -- File not found
"C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe" = C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe:*:Enabled:Age of Empires III - The WarChiefs -- File not found
"C:\Program Files\EA Games\Command and Conquer Generals\patchget.dat" = C:\Program Files\EA Games\Command and Conquer Generals\patchget.dat:*:Enabled:patchgrabber -- File not found
"C:\Program Files\Stardock Games\Sins of a Solar Empire\Sins of a Solar Empire.exe" = C:\Program Files\Stardock Games\Sins of a Solar Empire\Sins of a Solar Empire.exe:*:Enabled:Sins of a Solar Empire -- File not found
"C:\Program Files\Firefly Studios\Stronghold 2\Stronghold2.exe" = C:\Program Files\Firefly Studios\Stronghold 2\Stronghold2.exe:*:Enabled:Stronghold 2 -- File not found
"C:\Program Files\America's Army Deploy Client\AADeployClient.exe" = C:\Program Files\America's Army Deploy Client\AADeployClient.exe:*:Enabled:AADeployClient -- File not found
"C:\Program Files\America's Army\System\ArmyOps.exe" = C:\Program Files\America's Army\System\ArmyOps.exe:*:Enabled:ArmyOps -- File not found
"C:\Program Files\Hamachi\hamachi.exe" = C:\Program Files\Hamachi\hamachi.exe:*:Disabled:Hamachi Client -- File not found
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\Autodesk\Backburner\monitor.exe" = C:\Program Files\Autodesk\Backburner\monitor.exe:*:Enabled:backburner 2.3 monitor -- File not found
"C:\Program Files\Autodesk\Backburner\manager.exe" = C:\Program Files\Autodesk\Backburner\manager.exe:*:Enabled:backburner 2.3 manager -- File not found
"C:\Program Files\Autodesk\Backburner\server.exe" = C:\Program Files\Autodesk\Backburner\server.exe:*:Enabled:backburner 2.3 server -- File not found
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"D:\Baby\My Games\Combat Arms\CombatArms.exe" = D:\Baby\My Games\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"D:\Baby\My Games\Combat Arms\Engine.exe" = D:\Baby\My Games\Combat Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon)
"D:\Baby\My Games\Combat Arms\NMService.exe" = D:\Baby\My Games\Combat Arms\NMService.exe:*:Enabled:Nexon Messenger Core -- (Nexon Corp.)
"C:\Program Files\UrbanTerror\ioUrbanTerror.exe" = C:\Program Files\UrbanTerror\ioUrbanTerror.exe:*:Enabled:ioUrbanTerror -- File not found
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Windows Explorer -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0CB3C535-1171-4A20-B549-E2CB5DEB9723}" = MySQL Connector/ODBC 3.51
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 14
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Red Alert™ 3
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java(TM) 6 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C52E7DA-C431-4239-B66B-1BF703D5B194}" = Windows Live Photo Gallery
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{76CD2979-09C0-493A-84B3-8FD97EF4BCEA}" = Windows Live Family Safety
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7A046E1F-BEB7-49C8-83E2-78E1F1C65C60}" = Turbo Squid Tentacles 3ds Max 2009 32-bit
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PRJPRO_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_VISPRO_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_WebDesigner_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PRJPRO_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_VISPRO_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_WebDesigner_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PRJPRO_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_VISPRO_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_WebDesigner_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0026-0000-0000-0000000FF1CE}" = Microsoft Expression Web
"{90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{9037FDA8-8383-4B6F-859D-D49C3C625225}" = Microsoft Expression Web Service Pack 1 (SP1)
"{90120000-0026-0409-0000-0000000FF1CE}" = Microsoft Expression Web MUI (English)
"{90120000-0026-0409-0000-0000000FF1CE}_WebDesigner_{E1044ED2-E4AD-4B39-B500-31109750F6B4}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2007
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{9E73617F-2F38-4864-BD61-BB2DDFE43323}" = Microsoft Office Project 2007 Service Pack 2 (SP2)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{0FD405D3-CAF8-4CA6-8BFD-911D2F8A6585}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2007
"{90120000-0054-0409-0000-0000000FF1CE}_VISPRO_{519D9F45-CBF4-4E57-B419-11F196CCA8AE}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_PRJPRO_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_VISPRO_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_WebDesigner_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2007
"{90120000-00B4-0409-0000-0000000FF1CE}_PRJPRO_{27A9D316-D332-433B-8EB1-1D93EE49F26D}" = Microsoft Office Project 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_PRJPRO_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_VISPRO_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_WebDesigner_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}" = Microsoft Games for Windows - LIVE Redistributable
"{938B1CD7-7C60-491E-AA90-1F1888168240}" = Roxio MyDVD Basic v9
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.2
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B607C354-CD79-4D22-86D1-92DC94153F42}" = Apple Application Support
"{B7666229-351B-47D9-AA6F-DF777CF04BBF}" = Caesar IV
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C325F588-D6B1-4A7F-B6A2-914C75DDA348}" = Morrowind
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{CB16F6D9-EBC9-4BC6-B917-7AF53E99C067}" = LightScribe System Software 1.17.90.1
"{CC016F21-3970-11DE-B878-005056806466}" = Google Earth
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}" = iTunes
"{DB3C800B-081B-4146-B4E3-EFB5B77AA913}" = TES Construction Set
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"7-Zip" = 7-Zip 4.60 beta
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AquaNox" = AquaNox
"AVG8Uninstall" = AVG Free 8.5
"AVG9Uninstall" = AVG 9.0
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Combat Arms" = Combat Arms
"Doomsday Engine_is1" = Doomsday Engine 1.9.0-beta6.5
"Electronic Arts Game Updater" = Electronic Arts Game Updater
"Enable S3 for USB Device" = Enable S3 for USB Device
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Finale NotePad 2009" = Finale NotePad 2009
"Finale Reader" = Finale Reader 2009
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"GTK 2.0" = GTK+ Runtime 2.12.8 rev a (remove only)
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"LCleaner" = LCleaner
"Lexmark 5200 Series" = Lexmark 5200 Series
"LucasArts' X-Wing Alliance" = LucasArts' X-Wing Alliance
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NASA World Wind 1.4" = NASA World Wind 1.4
"NFSNationUCSaveEditor" = NFSNation Undercover Save Editor
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Pidgin" = Pidgin
"PowerISO" = PowerISO
"PRJPRO" = Microsoft Office Project Professional 2007
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 12.0" = RealPlayer
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"ViewpointMediaPlayer" = Viewpoint Media Player
"VISPRO" = Microsoft Office Visio Professional 2007
"VLC media player" = VLC media player 0.9.6
"WebDesigner" = Microsoft Expression Web
"WinBlueSoft" = WinBlueSoft
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1606980848-1563985344-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/22/2009 1:17:55 PM | Computer Name = BABY | Source = Application Hang | ID = 1002
Description = Hanging application explorer.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/22/2009 1:21:16 PM | Computer Name = BABY | Source = Application Hang | ID = 1002
Description = Hanging application explorer.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/22/2009 1:22:45 PM | Computer Name = BABY | Source = Application Hang | ID = 1002
Description = Hanging application explorer.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/23/2009 10:53:17 AM | Computer Name = BABY | Source = Application Error | ID = 1000
Description = Faulting application ctfmon.exe, version 5.1.2600.5512, faulting module
unknown, version 0.0.0.0, fault address 0x77124ba2.

Error - 11/23/2009 10:55:53 AM | Computer Name = BABY | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.9.1.3593, faulting module
unknown, version 0.0.0.0, fault address 0x00000000.

Error - 11/23/2009 11:03:16 AM | Computer Name = BABY | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.9.1.3593, faulting module
shlwapi.dll, version 6.0.2900.5512, fault address 0x000141c5.

Error - 11/23/2009 11:05:42 AM | Computer Name = BABY | Source = Application Error | ID = 1000
Description = Faulting application ctfmon.exe, version 5.1.2600.5512, faulting module
unknown, version 0.0.0.0, fault address 0x77124ba2.

Error - 11/23/2009 7:52:19 PM | Computer Name = BABY | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 11/23/2009 11:20:07 PM | Computer Name = BABY | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.16915, faulting
module ieframe.dll, version 7.0.6000.16915, fault address 0x000cf5ee.

Error - 11/23/2009 11:22:14 PM | Computer Name = BABY | Source = Application Error | ID = 1000
Description = Faulting application ctfmon.exe, version 5.1.2600.5512, faulting module
unknown, version 0.0.0.0, fault address 0x77124ba2.

[ System Events ]
Error - 11/23/2009 11:24:01 PM | Computer Name = BABY | Source = Service Control Manager | ID = 7034
Description = The PnkBstrA service terminated unexpectedly. It has done this 1
time(s).

Error - 11/23/2009 11:24:02 PM | Computer Name = BABY | Source = Service Control Manager | ID = 7034
Description = The SeaPort service terminated unexpectedly. It has done this 1 time(s).

Error - 11/23/2009 11:24:16 PM | Computer Name = BABY | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 11/23/2009 11:24:18 PM | Computer Name = BABY | Source = Service Control Manager | ID = 7034
Description = The iPod Service service terminated unexpectedly. It has done this
1 time(s).

Error - 11/23/2009 11:29:25 PM | Computer Name = BABY | Source = Service Control Manager | ID = 7034
Description = The SeaPort service terminated unexpectedly. It has done this 2 time(s).

Error - 11/23/2009 11:29:27 PM | Computer Name = BABY | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 2 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 11/23/2009 11:29:32 PM | Computer Name = BABY | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Display Driver Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 11/23/2009 11:29:36 PM | Computer Name = BABY | Source = Service Control Manager | ID = 7034
Description = The Bonjour Service service terminated unexpectedly. It has done
this 1 time(s).

Error - 11/23/2009 11:29:44 PM | Computer Name = BABY | Source = Service Control Manager | ID = 7031
Description = The Lavasoft Ad-Aware Service service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 5000
milliseconds: Restart the service.

Error - 11/23/2009 11:29:44 PM | Computer Name = BABY | Source = Service Control Manager | ID = 7034
Description = The Viewpoint Service service terminated unexpectedly. It has done
this 1 time(s).


< End of report >


It won't allow me to put both texts in, so I'll make another post.
gabebeck15
Active Member
 
Posts: 8
Joined: November 18th, 2009, 9:39 pm

Re: Lots of pop-ups along with AVG warnings popping up all over

Unread postby gabebeck15 » November 24th, 2009, 10:57 pm

OTL logfile created on: 11/24/2009 6:41:14 PM - Run 1
OTL by OldTimer - Version 3.1.8.0 Folder = C:\Documents and Settings\Baby\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.27 Gb Available Physical Memory | 63.36% Memory free
4.00 Gb Paging File | 3.39 Gb Available in Paging File | 84.73% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 58.07 Gb Free Space | 51.95% Space Free | Partition Type: NTFS
Drive D: | 186.31 Gb Total Space | 154.90 Gb Free Space | 83.14% Space Free | Partition Type: NTFS
Drive E: | 654.11 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BABY
Current User Name: Baby
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Baby\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe (Roxio)
PRC - C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
PRC - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
PRC - C:\WINDOWS\system32\wbem\unsecapp.exe (Microsoft Corporation)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Baby\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\bidispl32.dll ()
MOD - C:\Program Files\Real\RealPlayer\browserrecord\chrome\hook\rpchromebrowserrecordhelper.dll (RealPlayer)
MOD - C:\WINDOWS\system32\msvcp71.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msvcr71.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\dsound.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\wbem\framedyn.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (avg8emc) -- File not found
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (PnkBstrA) -- C:\WINDOWS\system32\PnkBstrA.exe ()
SRV - (iPod Service) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (avg8wd) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (gupdate1ca131e49790036) Google Update Service (gupdate1ca131e49790036) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (gusvc) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (Bonjour Service) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (LightScribeService) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (odserv) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (Microsoft Office Groove Audit Service) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (idsvc) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (aspnet_state) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (NVSvc) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (helpsvc) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll (Microsoft Corporation)
SRV - (Viewpoint Service) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (RoxMediaDB9) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe (Sonic Solutions)
SRV - (stllssvr) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (MicroVision Development, Inc.)
SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (lxbt_device) -- C:\WINDOWS\System32\lxbtcoms.exe (Lexmark International, Inc.)


========== Driver Services (SafeList) ==========

DRV - (Avgfwfd) -- C:\WINDOWS\system32\drivers\avgfwdx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgfwdx) -- C:\WINDOWS\system32\drivers\avgfwdx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (AvgLdx86) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (GEARAspiWDM) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (AvgTdiX) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (USBAAPL) -- C:\WINDOWS\system32\drivers\usbaapl.sys (Apple, Inc.)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (SCDEmu) -- C:\WINDOWS\system32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows (R) 2000 DDK provider)
DRV - (SiFilter) -- C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys (Silicon Image, Inc)
DRV - (SiRemFil) -- C:\WINDOWS\system32\DRIVERS\SiRemFil.sys (Silicon Image, Inc)
DRV - (Si3112) -- C:\WINDOWS\system32\DRIVERS\SI3112.sys (Silicon Image, Inc)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (AmdPPM) -- C:\WINDOWS\system32\drivers\AmdPPM.sys (Advanced Micro Devices)
DRV - (DRVNDDM) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS (Roxio)
DRV - (DLARTL_M) -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS (Roxio)
DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Roxio)
DRV - (DLADResM) -- C:\WINDOWS\system32\DLA\DLADResM.SYS (Roxio)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Roxio)
DRV - (DLABMFSM) -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS (Roxio)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Roxio)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Roxio)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Roxio)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Roxio)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Roxio)
DRV - (PxHelp20) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (DRVMCDB) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (ALCXSENS) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS (Sensaura Ltd)
DRV - (RTL8023) -- C:\WINDOWS\system32\drivers\Rtlnic51.sys (Realtek Semiconductor Corporation )
DRV - (nvatabus) -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys (NVIDIA Corporation)
DRV - (NVENET) -- C:\WINDOWS\system32\drivers\NVENET.sys (NVIDIA Corporation)
DRV - (nv_agp) -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys (NVIDIA Corporation)
DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 00 5A 9C 0E 21 DF BD 4E AC CA D9 38 2F E9 C9 23 [binary data]
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 00 5A 9C 0E 21 DF BD 4E AC CA D9 38 2F E9 C9 23 [binary data]
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 00 5A 9C 0E 21 DF BD 4E AC CA D9 38 2F E9 C9 23 [binary data]

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 00 5A 9C 0E 21 DF BD 4E AC CA D9 38 2F E9 C9 23 [binary data]

IE - HKU\S-1-5-21-1606980848-1563985344-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1606980848-1563985344-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-21-1606980848-1563985344-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\S-1-5-21-1606980848-1563985344-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 00 5A 9C 0E 21 DF BD 4E AC CA D9 38 2F E9 C9 23 [binary data]
IE - HKU\S-1-5-21-1606980848-1563985344-1417001333-1003\S-1-5-21-1606980848-1563985344-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1606980848-1563985344-1417001333-1003\S-1-5-21-1606980848-1563985344-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: anycolor.pavlos256@gmail.com:0.3.0
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.701
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:3.9.2
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}:6.0.04
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {9bce1fc3-89ad-4f5f-a3b7-5997f7c1a852}:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5


FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/03/14 21:24:02 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/02 02:00:25 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord\firefox\ext [2009/09/27 16:18:44 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2009/11/20 13:20:06 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/06 08:00:32 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/23 19:03:37 | 00,000,000 | ---D | M]

[2009/05/25 18:33:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Baby\Application Data\Mozilla\Extensions
[2008/09/14 18:25:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Baby\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/25 18:33:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Baby\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2009/11/24 18:36:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Baby\Application Data\Mozilla\Firefox\Profiles\ny4wu4h7.default\extensions
[2009/06/21 16:00:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Baby\Application Data\Mozilla\Firefox\Profiles\ny4wu4h7.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2009/09/02 16:47:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Baby\Application Data\Mozilla\Firefox\Profiles\ny4wu4h7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/11/24 18:29:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Baby\Application Data\Mozilla\Firefox\Profiles\ny4wu4h7.default\extensions\{9bce1fc3-89ad-4f5f-a3b7-5997f7c1a852}
[2009/05/03 08:12:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Baby\Application Data\Mozilla\Firefox\Profiles\ny4wu4h7.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2009/06/21 15:59:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Baby\Application Data\Mozilla\Firefox\Profiles\ny4wu4h7.default\extensions\anycolor.pavlos256@gmail.com
[2009/11/23 19:26:31 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/11/06 08:00:32 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/09/15 19:25:50 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
[2008/11/04 12:41:44 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/03/14 21:24:14 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/04/12 16:53:20 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/06/15 17:20:16 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009/11/06 08:00:26 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009/11/06 08:00:26 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2007/04/10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2009/05/21 10:33:58 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2009/02/06 11:44:28 | 01,447,296 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
[2009/11/06 08:00:26 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2006/10/26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
[2009/02/27 11:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2009/09/27 16:18:37 | 00,140,864 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2009/09/23 17:46:57 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2009/09/23 17:46:57 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2009/09/23 17:46:57 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2009/09/23 17:46:57 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2009/09/23 17:46:57 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2009/09/23 17:46:57 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2009/09/23 17:46:57 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2009/09/27 16:18:50 | 00,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
[2009/09/27 16:18:35 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2009/10/11 10:34:09 | 00,221,184 | ---- | M] (CNN) -- C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll
[2009/07/29 23:24:20 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/07/29 23:24:20 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2009/07/29 23:24:20 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/07/29 23:24:20 | 00,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2009/07/29 23:24:20 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/07/29 23:24:20 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2009/07/29 23:24:20 | 00,000,792 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: (356699 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 12236 more lines...
O2 - BHO: (no name) - {0E9C5A00-DF21-4EBD-ACCA-D9382FE9C923} - C:\WINDOWS\system32\browsewm32.dll ()
O2 - BHO: (no name) - {16591C0D-F1DC-4D92-9CDF-46DBAECCB422} - C:\WINDOWS\system32\browsewm32.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1606980848-1563985344-1417001333-1003\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe File not found
O4 - HKLM..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe File not found
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Lexmark 5200 series] C:\Program Files\Lexmark 5200 series\lxbtbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [LXBTCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBTtime.DLL (Lexmark International, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe (Roxio)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\.DEFAULT..\Run: [tempo-setup2.exe] C:\WINDOWS\System32\tempo-setup2.exe File not found
O4 - HKU\S-1-5-18..\Run: [tempo-setup2.exe] C:\WINDOWS\System32\tempo-setup2.exe File not found
O4 - HKU\S-1-5-21-1606980848-1563985344-1417001333-1003..\Run: [A00F3ED469.exe] C:\DOCUME~1\Baby\LOCALS~1\Temp\_A00F3ED469.exe File not found
O4 - HKU\S-1-5-21-1606980848-1563985344-1417001333-1003..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe File not found
O4 - HKU\S-1-5-21-1606980848-1563985344-1417001333-1003..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKU\S-1-5-21-1606980848-1563985344-1417001333-1003..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1606980848-1563985344-1417001333-1003..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-1606980848-1563985344-1417001333-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\Parents\Start Menu\Programs\Startup\OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1606980848-1563985344-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1606980848-1563985344-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O8 - Extra context menu item: &Search - File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1606980848-1563985344-1417001333-1003\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} http://download.gigabyte.com.tw/object/Dldrv.ocx (Dldrv2 Control)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resourc ... oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.13.115.12 64.13.46.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (blocker.dll) - File not found
O20 - AppInit_DLLs: (C:\WINDOWS\System32\bidispl32.dll) - C:\WINDOWS\system32\bidispl32.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\__c0014C6D: DllName - C:\WINDOWS\system32\__c0014C6D.dat - C:\WINDOWS\System32\__c0014C6D.dat File not found
O20 - Winlogon\Notify\__c004835E: DllName - C:\WINDOWS\system32\__c004835E.dat - C:\WINDOWS\system32\__c004835E.dat (AIMP DevTeam)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\e06f763a700: DllName - C:\WINDOWS\System32\bidispl32.dll - C:\WINDOWS\system32\bidispl32.dll ()
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/09/14 17:06:06 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/08/31 11:56:53 | 00,126,976 | R--- | M] () - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2006/08/10 06:04:34 | 00,000,047 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{b02ea712-82c4-11dd-9cee-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{b02ea712-82c4-11dd-9cee-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b02ea712-82c4-11dd-9cee-806d6172696f}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2006/08/31 11:56:53 | 00,126,976 | R--- | M] ()
O33 - MountPoints2\{b4b0ee41-827d-11dd-8907-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{b4b0ee41-827d-11dd-8907-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b4b0ee41-827d-11dd-8907-806d6172696f}\Shell\AutoRun\command - "" = D:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/11/24 18:40:33 | 00,529,920 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Baby\Desktop\OTL.exe
[2009/11/23 18:14:04 | 00,028,160 | ---- | C] (Terra Informatica Software, Inc., British Columbia, Canada.) -- C:\WINDOWS\System32\__c006D93A.dat
[2009/11/20 13:19:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Baby\Application Data\AVG8
[2009/11/20 12:42:16 | 00,093,360 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2009/11/20 12:06:26 | 00,000,000 | ---D | C] -- C:\Config.Msi
[2009/11/19 07:17:56 | 00,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/11/19 07:13:48 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
[2009/11/19 07:12:06 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2009/11/19 06:40:23 | 00,050,968 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgfwdx.dll
[2009/11/19 06:40:23 | 00,030,104 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgfwdx.sys
[2009/11/19 06:40:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009/11/18 21:20:11 | 77,086,488 | ---- | C] (Lavasoft ) -- C:\Documents and Settings\Baby\Desktop\Ad-AwareInstallation.exe
[2009/11/18 21:20:11 | 00,891,192 | ---- | C] (AVG Technologies) -- C:\Documents and Settings\Baby\Desktop\avg_iswt_stb_all_9_40.exe
[2009/11/18 07:19:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Baby\Application Data\WinRAR
[2009/11/18 07:19:17 | 00,000,000 | -HSD | C] -- C:\WINDOWS\System32\SysWoW32
[2009/11/18 07:17:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1381831005
[2009/11/18 07:17:25 | 00,005,609 | -HS- | C] () -- C:\Documents and Settings\Baby\Application Data\02000000f892ab57700C.manifest
[2009/11/18 07:17:25 | 00,002,086 | -HS- | C] () -- C:\Documents and Settings\Baby\Application Data\02000000f892ab57700P.manifest
[2009/11/18 07:17:25 | 00,000,626 | -HS- | C] () -- C:\Documents and Settings\Baby\Application Data\02000000f892ab57700O.manifest
[2009/11/18 07:17:25 | 00,000,011 | -HS- | C] () -- C:\Documents and Settings\Baby\Application Data\02000000f892ab57700S.manifest
[2009/11/06 16:41:24 | 00,000,000 | ---D | C] -- C:\Program Files\NFSNation
[2009/11/04 18:06:02 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/11/03 20:34:58 | 00,000,000 | ---D | C] -- D:\Baby\NFS Undercover
[2009/11/03 19:25:04 | 00,000,000 | ---D | C] -- C:\Program Files\EA Games
[2009/11/02 19:02:14 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DirectX
[2009/11/02 18:57:14 | 00,000,000 | ---D | C] -- C:\Program Files\JoWooD
[2009/11/02 08:53:39 | 01,580,708 | -H-- | C] () -- C:\Documents and Settings\Baby\Local Settings\Application Data\IconCache.db
[2009/11/01 18:37:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Baby\Application Data\AquaNox
[2009/11/01 18:34:35 | 00,000,000 | ---D | C] -- C:\Program Files\AquaNox
[2009/11/01 13:20:47 | 00,000,000 | ---D | C] -- C:\Program Files\EACom
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009/12/27 23:22:03 | 00,016,246 | ---- | M] () -- C:\WINDOWS\System32\z94eadd5are1699.exe
[2009/12/27 23:04:00 | 00,016,397 | ---- | M] () -- C:\WINDOWS\System32\853threaz9599.cpl
[2009/12/25 19:24:43 | 00,010,050 | ---- | M] () -- C:\WINDOWS\92452zack5ool583.dll
[2009/12/25 18:03:34 | 00,013,369 | ---- | M] () -- C:\WINDOWS\System32\156s9y2z95.ocx
[2009/12/25 10:25:46 | 00,013,901 | ---- | M] () -- C:\WINDOWS\10579spz592.ocx
[2009/12/23 09:03:47 | 00,005,745 | ---- | M] () -- C:\WINDOWS\7c41s59az2668.exe
[2009/12/23 04:59:21 | 00,013,095 | ---- | M] () -- C:\WINDOWS\System32\29694v5rus9zb.dll
[2009/12/22 23:38:58 | 00,017,139 | ---- | M] () -- C:\WINDOWS\System32\15105spam9ot4d1z.exe
[2009/12/21 16:36:43 | 00,009,068 | ---- | M] () -- C:\WINDOWS\System32\3cb05ackdoor95z.dll
[2009/12/21 15:53:52 | 00,015,032 | ---- | M] () -- C:\WINDOWS\z5580wo9m36f.dll
[2009/12/20 18:39:41 | 00,006,602 | ---- | M] () -- C:\WINDOWS\System32\1589zhief554.ocx
[2009/12/20 17:48:50 | 00,003,260 | ---- | M] () -- C:\WINDOWS\System32\25619ot-a-vi5zs29.bin
[2009/12/20 14:42:50 | 00,011,607 | ---- | M] () -- C:\WINDOWS\System32\3z095hacktool99e.bin
[2009/12/20 02:34:41 | 00,011,219 | ---- | M] () -- C:\WINDOWS\System32\559c9ddwaze1835.exe
[2009/12/19 20:10:33 | 00,014,065 | ---- | M] () -- C:\WINDOWS\System32\22548szambo97da5.ocx
[2009/12/19 14:07:04 | 00,010,396 | ---- | M] () -- C:\WINDOWS\4d3cztea957.dll
[2009/12/19 02:34:46 | 00,016,444 | ---- | M] () -- C:\WINDOWS\System32\52972spambot1cz.dll
[2009/12/18 10:33:10 | 00,005,720 | ---- | M] () -- C:\WINDOWS\68f5backdoorz892.exe
[2009/12/18 07:36:01 | 00,003,032 | ---- | M] () -- C:\WINDOWS\69z5spyware1201.exe
[2009/12/17 15:30:59 | 00,006,489 | ---- | M] () -- C:\WINDOWS\System32\30993nzt5a-virus95f.ocx
[2009/12/17 12:36:10 | 00,005,724 | ---- | M] () -- C:\WINDOWS\System32\f9fthrzat95043.ocx
[2009/12/17 06:50:34 | 00,012,765 | ---- | M] () -- C:\WINDOWS\5512spz7169.ocx
[2009/12/16 13:39:27 | 00,016,981 | ---- | M] () -- C:\WINDOWS\4a749ackd5or2z19.ocx
[2009/12/15 13:47:02 | 00,014,828 | ---- | M] () -- C:\WINDOWS\314zor9625.dll
[2009/12/15 12:10:48 | 00,013,926 | ---- | M] () -- C:\WINDOWS\95109spamzot45b.bin
[2009/12/15 01:57:02 | 00,012,289 | ---- | M] () -- C:\WINDOWS\System32\183719irus5z3.ocx
[2009/12/14 20:17:58 | 00,006,242 | ---- | M] () -- C:\WINDOWS\20z05spambot4b59.bin
[2009/12/13 23:33:32 | 00,011,459 | ---- | M] () -- C:\WINDOWS\System32\117z0v5rus9cc.bin
[2009/12/13 22:28:16 | 00,007,563 | ---- | M] () -- C:\WINDOWS\System32\2f42vir25z9.exe
[2009/12/13 19:41:46 | 00,002,551 | ---- | M] () -- C:\WINDOWS\System32\4172bz5kdo9r2774.bin
[2009/12/13 11:18:53 | 00,011,305 | ---- | M] () -- C:\WINDOWS\System32\31z55vi9us312.bin
[2009/12/13 07:03:53 | 00,018,177 | ---- | M] () -- C:\WINDOWS\System32\15a0v9z1269.dll
[2009/12/13 05:24:57 | 00,007,461 | ---- | M] () -- C:\WINDOWS\17981hacktool1fz5.cpl
[2009/12/13 03:13:56 | 00,007,473 | ---- | M] () -- C:\WINDOWS\System32\7708wor9562z.dll
[2009/12/12 19:53:01 | 00,006,564 | ---- | M] () -- C:\WINDOWS\7277bacz9oo53081.ocx
[2009/12/12 17:29:21 | 00,017,579 | ---- | M] () -- C:\WINDOWS\System32\21z005acktool9f.ocx
[2009/12/11 19:24:06 | 00,015,286 | ---- | M] () -- C:\WINDOWS\System32\35765tezl3295.ocx
[2009/12/11 05:31:50 | 00,015,752 | ---- | M] () -- C:\WINDOWS\34419tez5169.exe
[2009/12/11 03:02:25 | 00,005,014 | ---- | M] () -- C:\WINDOWS\2359zvi5us4b5.ocx
[2009/12/10 13:13:03 | 00,013,319 | ---- | M] () -- C:\WINDOWS\5995spamzot55.cpl
[2009/12/09 21:46:49 | 00,005,749 | ---- | M] () -- C:\WINDOWS\284cszeal5399.exe
[2009/12/09 15:51:05 | 00,007,508 | ---- | M] () -- C:\WINDOWS\System32\2956doznloader1025.ocx
[2009/12/09 12:24:50 | 00,006,950 | ---- | M] () -- C:\WINDOWS\System32\8158spamb9t28z5.bin
[2009/12/09 08:38:07 | 00,011,449 | ---- | M] () -- C:\WINDOWS\5859zi5468.ocx
[2009/12/09 06:58:46 | 00,011,343 | ---- | M] () -- C:\WINDOWS\System32\3398thzef549.ocx
[2009/12/09 02:35:26 | 00,006,972 | ---- | M] () -- C:\WINDOWS\z8d4b5ckd9or516.dll
[2009/12/09 01:54:02 | 00,016,367 | ---- | M] () -- C:\WINDOWS\103wo597ez.ocx
[2009/12/08 03:20:09 | 00,009,524 | ---- | M] () -- C:\WINDOWS\System32\35411spambo95fbz.exe
[2009/12/07 22:59:36 | 00,006,351 | ---- | M] () -- C:\WINDOWS\8369troz551.bin
[2009/12/07 18:55:57 | 00,017,202 | ---- | M] () -- C:\WINDOWS\65a1spywzre3969.exe
[2009/12/07 13:22:42 | 00,009,493 | ---- | M] () -- C:\WINDOWS\System32\98bbaddwar51059z.exe
[2009/12/07 08:16:09 | 00,002,813 | ---- | M] () -- C:\WINDOWS\955z3troj5c5.exe
[2009/12/07 07:26:42 | 00,017,554 | ---- | M] () -- C:\WINDOWS\9343stza53212.cpl
[2009/12/06 08:08:08 | 00,009,319 | ---- | M] () -- C:\WINDOWS\59735izus783.cpl
[2009/12/06 05:12:53 | 00,014,445 | ---- | M] () -- C:\WINDOWS\System32\1987za9kdoor5147.exe
[2009/12/06 03:39:01 | 00,003,540 | ---- | M] () -- C:\WINDOWS\System32\18590hazktool7fc.dll
[2009/12/05 09:35:25 | 00,018,364 | ---- | M] () -- C:\WINDOWS\System32\6053zir25969.bin
[2009/12/04 19:17:53 | 00,013,148 | ---- | M] () -- C:\WINDOWS\System32\25121not-a-viz9s655.dll
[2009/12/04 00:53:02 | 00,013,366 | ---- | M] () -- C:\WINDOWS\79975pz27a9.bin
[2009/12/03 17:02:57 | 00,004,543 | ---- | M] () -- C:\WINDOWS\System32\537at95eat1z628.cpl
[2009/12/03 00:13:30 | 00,002,705 | ---- | M] () -- C:\WINDOWS\System32\z3626v9rus515.ocx
[2009/12/02 13:37:22 | 00,011,491 | ---- | M] () -- C:\WINDOWS\5be9th5zat6001.cpl
[2009/11/28 11:59:25 | 00,004,134 | ---- | M] () -- C:\WINDOWS\System32\13z35spy559.cpl
[2009/11/28 09:16:04 | 00,007,958 | ---- | M] () -- C:\WINDOWS\System32\536szambot589.exe
[2009/11/27 22:23:25 | 00,009,390 | ---- | M] () -- C:\WINDOWS\8z82h5ck9ool467.dll
[2009/11/27 13:57:56 | 00,003,651 | ---- | M] () -- C:\WINDOWS\z46s9ea5693.cpl
[2009/11/26 10:23:16 | 00,009,704 | ---- | M] () -- C:\WINDOWS\System32\8789pz5se1831.cpl
[2009/11/26 06:58:03 | 00,016,806 | ---- | M] () -- C:\WINDOWS\24465ow9zoader1942.ocx
[2009/11/25 14:19:19 | 00,004,955 | ---- | M] () -- C:\WINDOWS\252605orm99z.dll
[2009/11/25 03:57:48 | 00,004,901 | ---- | M] () -- C:\WINDOWS\System32\6195t5zef3239.bin
[2009/11/24 19:14:18 | 00,006,145 | ---- | M] () -- C:\WINDOWS\System32\148799ot-a-vzr5s1a6.ocx
[2009/11/24 18:45:06 | 00,002,086 | -HS- | M] () -- C:\Documents and Settings\Baby\Application Data\02000000f892ab57700P.manifest
[2009/11/24 18:42:38 | 00,000,817 | ---- | M] () -- C:\WINDOWS\System32\1617917498
[2009/11/24 18:40:39 | 00,529,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Baby\Desktop\OTL.exe
[2009/11/24 18:31:20 | 00,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2009/11/24 18:31:03 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009/11/24 18:29:16 | 00,032,256 | ---- | M] () -- C:\WINDOWS\System32\__c004835E.dat
[2009/11/24 18:12:08 | 00,005,609 | -HS- | M] () -- C:\Documents and Settings\Baby\Application Data\02000000f892ab57700C.manifest
[2009/11/24 14:02:10 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/11/23 19:30:25 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/11/23 19:19:32 | 14,155,776 | -H-- | M] () -- C:\Documents and Settings\Baby\ntuser.dat
[2009/11/23 18:48:41 | 00,437,248 | ---- | M] () -- C:\Documents and Settings\Baby\Desktop\CKScanner.exe
[2009/11/23 18:14:39 | 00,028,160 | ---- | M] (Terra Informatica Software, Inc., British Columbia, Canada.) -- C:\WINDOWS\System32\__c006D93A.dat
[2009/11/23 18:12:04 | 00,000,626 | -HS- | M] () -- C:\Documents and Settings\Baby\Application Data\02000000f892ab57700O.manifest
[2009/11/23 18:11:59 | 00,001,355 | -HS- | M] () -- C:\WINDOWS\System32\809444970
[2009/11/23 18:11:57 | 00,190,661 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/11/23 18:11:51 | 00,000,011 | -HS- | M] () -- C:\Documents and Settings\Baby\Application Data\02000000f892ab57700S.manifest
[2009/11/23 18:05:10 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/11/23 16:32:41 | 00,016,879 | ---- | M] () -- C:\WINDOWS\596fthreat31353z.bin
[2009/11/23 16:28:37 | 00,013,856 | ---- | M] () -- C:\WINDOWS\59z6backdoor1775.cpl
[2009/11/23 16:14:57 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/11/23 16:14:52 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/11/23 15:45:25 | 00,356,699 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/11/23 15:40:58 | 00,005,130 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2009/11/23 15:11:02 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Baby\ntuser.ini
[2009/11/23 10:47:05 | 00,003,531 | ---- | M] () -- C:\WINDOWS\System32\423adown5oa9zr852.exe
[2009/11/22 13:25:23 | 00,003,405 | ---- | M] () -- C:\WINDOWS\65e2ba9kdzor2443.bin
[2009/11/22 10:12:18 | 00,014,092 | ---- | M] () -- C:\WINDOWS\41czthie9555.cpl
[2009/11/22 01:17:31 | 00,000,125 | ---- | M] () -- C:\xcrashdump.dat
[2009/11/21 20:32:25 | 00,000,779 | ---- | M] () -- C:\Documents and Settings\Baby\Desktop\Shortcut to age3y.lnk
[2009/11/21 16:36:39 | 00,014,336 | ---- | M] () -- C:\Documents and Settings\Baby\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/21 05:52:56 | 00,004,360 | ---- | M] () -- C:\WINDOWS\63daspar5e18z9.bin
[2009/11/20 19:34:06 | 00,138,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/11/20 19:33:41 | 00,183,112 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009/11/20 16:05:07 | 00,013,246 | ---- | M] () -- C:\WINDOWS\58549spambzt937.bin
[2009/11/20 12:42:11 | 00,093,360 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2009/11/20 07:04:31 | 00,231,694 | ---- | M] () -- C:\Documents and Settings\Baby\Desktop\[Free-scores.com]_ostijn-willy-piece-concert-pour-alto-sax-orchestre-solo-alto-11661.pdf
[2009/11/20 07:01:54 | 00,726,546 | ---- | M] () -- C:\Documents and Settings\Baby\Desktop\[Free-scores.com]_ostijn-willy-piece-concert-pour-alto-sax-orchestre-11661.pdf
[2009/11/19 07:13:34 | 00,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/11/19 06:40:23 | 00,050,968 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgfwdx.dll
[2009/11/19 06:40:23 | 00,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgfwdx.sys
[2009/11/19 01:54:28 | 45,435,094 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/11/19 01:54:28 | 00,095,267 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/11/18 22:00:25 | 77,086,488 | ---- | M] (Lavasoft ) -- C:\Documents and Settings\Baby\Desktop\Ad-AwareInstallation.exe
[2009/11/18 21:20:36 | 00,891,192 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\Baby\Desktop\avg_iswt_stb_all_9_40.exe
[2009/11/18 12:02:08 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/11/18 07:27:41 | 00,001,903 | ---- | M] () -- C:\WINDOWS\GnuHashes.ini
[2009/11/18 07:19:44 | 00,004,443 | ---- | M] () -- C:\WINDOWS\System32\952zthief487.bin
[2009/11/18 07:17:50 | 00,203,776 | -HS- | M] () -- C:\WINDOWS\System32\unrar.exe
[2009/11/18 07:17:26 | 00,187,904 | ---- | M] () -- C:\WINDOWS\System32\browsewm32.dll
[2009/11/18 07:17:23 | 00,122,368 | ---- | M] () -- C:\WINDOWS\System32\bidispl32.dll
[2009/11/18 03:56:48 | 00,003,726 | ---- | M] () -- C:\WINDOWS\6574add9are36z.dll
[2009/11/18 03:11:48 | 00,017,711 | ---- | M] () -- C:\WINDOWS\ee8add9arz754.ocx
[2009/11/18 02:57:24 | 00,013,109 | ---- | M] () -- C:\WINDOWS\3ab9thizf2054.dll
[2009/11/17 19:51:11 | 00,016,568 | ---- | M] () -- C:\WINDOWS\System32\47fezpyw5re9014.exe
[2009/11/17 13:44:57 | 00,009,045 | ---- | M] () -- C:\WINDOWS\z895sp556e.dll
[2009/11/17 09:08:12 | 00,012,560 | ---- | M] () -- C:\WINDOWS\95ddvir1984z.dll
[2009/11/16 20:06:21 | 00,008,080 | ---- | M] () -- C:\WINDOWS\System32\25390s9ambo564z.bin
[2009/11/16 19:11:17 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/11/15 08:16:41 | 00,008,496 | ---- | M] () -- C:\WINDOWS\System32\2zf4backdo951148.ocx
[2009/11/14 22:12:44 | 00,015,654 | ---- | M] () -- C:\WINDOWS\System32\14850hacktzol52b9.cpl
[2009/11/14 07:49:31 | 00,015,662 | ---- | M] () -- C:\WINDOWS\549zsparse1299.dll
[2009/11/14 06:47:42 | 00,003,333 | ---- | M] () -- C:\WINDOWS\5735zteal9869.cpl
[2009/11/13 04:58:28 | 00,017,115 | ---- | M] () -- C:\WINDOWS\System32\305z9spambot599.exe
[2009/11/12 20:41:06 | 00,007,872 | ---- | M] () -- C:\WINDOWS\68ees9ezl5738.dll
[2009/11/12 20:10:36 | 00,016,406 | ---- | M] () -- C:\WINDOWS\27135hac9tooz600.exe
[2009/11/12 18:24:25 | 00,015,021 | ---- | M] () -- C:\WINDOWS\System32\d2ad9wnloade53061z.exe
[2009/11/11 16:25:28 | 00,004,523 | ---- | M] () -- C:\WINDOWS\954spy7z9.cpl
[2009/11/11 12:37:44 | 00,013,161 | ---- | M] () -- C:\WINDOWS\System32\6529hackto5lzf2.cpl
[2009/11/11 09:55:41 | 00,018,125 | ---- | M] () -- C:\WINDOWS\System32\7198wzr54f6.cpl
[2009/11/11 09:25:32 | 00,016,470 | ---- | M] () -- C:\WINDOWS\9772vi59sz22.dll
[2009/11/11 09:07:15 | 00,015,952 | ---- | M] () -- C:\WINDOWS\System32\30940s5ambot583z.exe
[2009/11/11 05:45:38 | 00,017,975 | ---- | M] () -- C:\WINDOWS\System32\17665zy5449.dll
[2009/11/11 04:32:27 | 00,008,847 | ---- | M] () -- C:\WINDOWS\250a9ir818z.bin
[2009/11/11 03:18:08 | 00,379,240 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/11/10 21:25:19 | 00,008,746 | ---- | M] () -- C:\WINDOWS\55399ackdooz3028.dll
[2009/11/10 04:14:38 | 00,014,286 | ---- | M] () -- C:\WINDOWS\System32\z2967spambo53c.cpl
[2009/11/09 19:39:00 | 00,016,294 | ---- | M] () -- C:\WINDOWS\z2126h5c9tool7a4.exe
[2009/11/08 04:13:32 | 00,015,788 | ---- | M] () -- C:\WINDOWS\System32\699zthreat1895.ocx
[2009/11/07 20:46:30 | 00,015,774 | ---- | M] () -- C:\WINDOWS\System32\z35619irus45c.cpl
[2009/11/06 22:20:37 | 00,008,767 | ---- | M] () -- C:\WINDOWS\System32\398fthizf654.cpl
[2009/11/06 20:49:16 | 00,013,304 | ---- | M] () -- C:\WINDOWS\System32\43459hiefz701.bin
[2009/11/06 16:42:01 | 00,110,576 | ---- | M] () -- C:\Documents and Settings\Baby\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/11/06 14:54:40 | 00,012,112 | ---- | M] () -- C:\WINDOWS\System32\119z0t59j10c.ocx
[2009/11/06 14:40:42 | 00,009,121 | ---- | M] () -- C:\WINDOWS\System32\75f6thi5f1399z.ocx
[2009/11/06 14:36:56 | 00,015,139 | ---- | M] () -- C:\WINDOWS\5987zac5doo990.dll
[2009/11/05 12:39:37 | 00,066,872 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009/11/05 09:36:22 | 26,768,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/11/04 22:37:22 | 00,002,668 | ---- | M] () -- C:\WINDOWS\System32\169z55irus31b.exe
[2009/11/04 04:50:25 | 00,008,229 | ---- | M] () -- C:\WINDOWS\14521ha9ktoolz09.dll
[2009/11/03 19:43:29 | 00,006,944 | ---- | M] () -- C:\WINDOWS\System32\ealregsnapshot1.reg
[2009/11/03 19:41:44 | 00,001,833 | ---- | M] () -- C:\Documents and Settings\Baby\Desktop\Need for Speed™ Undercover.lnk
[2009/11/03 03:25:19 | 01,580,708 | -H-- | M] () -- C:\Documents and Settings\Baby\Local Settings\Application Data\IconCache.db
[2009/11/03 03:09:22 | 00,000,063 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2009/11/03 03:02:09 | 00,000,582 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/11/02 19:01:09 | 00,021,840 | ---- | M] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009/11/02 19:01:09 | 00,017,212 | ---- | M] () -- C:\WINDOWS\System32\SIntf32.dll
[2009/11/02 19:01:09 | 00,012,067 | ---- | M] () -- C:\WINDOWS\System32\SIntf16.dll
[2009/11/02 07:14:54 | 00,016,311 | ---- | M] () -- C:\WINDOWS\System32\5z5c9teal922.dll
[2009/11/01 14:15:50 | 00,001,117 | ---- | M] () -- C:\WINDOWS\eReg.dat
[2009/11/01 13:53:52 | 00,435,592 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/11/01 13:53:52 | 00,068,504 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/11/01 13:53:51 | 00,512,960 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/10/31 23:29:31 | 00,005,512 | ---- | M] () -- C:\WINDOWS\5b20v9z19555.bin
[2009/10/28 16:52:41 | 00,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2009/10/27 06:15:17 | 00,010,193 | ---- | M] () -- C:\WINDOWS\System32\5bf1st5z98.exe
[2009/10/27 01:35:51 | 00,012,541 | ---- | M] () -- C:\WINDOWS\System32\1395threaz51959.bin
[2009/10/26 01:30:36 | 00,009,132 | ---- | M] () -- C:\WINDOWS\System32\11115not-a-viru9z56.ocx
[2009/10/25 21:51:07 | 00,008,805 | ---- | M] () -- C:\WINDOWS\System32\9b1as5ywarez734.cpl
[2009/10/25 19:22:40 | 00,008,401 | ---- | M] () -- C:\WINDOWS\36635p92bz.bin
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/12/27 23:22:03 | 00,016,246 | ---- | C] () -- C:\WINDOWS\System32\z94eadd5are1699.exe
[2009/12/27 23:04:00 | 00,016,397 | ---- | C] () -- C:\WINDOWS\System32\853threaz9599.cpl
[2009/12/25 19:24:43 | 00,010,050 | ---- | C] () -- C:\WINDOWS\92452zack5ool583.dll
[2009/12/25 18:03:34 | 00,013,369 | ---- | C] () -- C:\WINDOWS\System32\156s9y2z95.ocx
[2009/12/25 10:25:46 | 00,013,901 | ---- | C] () -- C:\WINDOWS\10579spz592.ocx
[2009/12/23 09:03:47 | 00,005,745 | ---- | C] () -- C:\WINDOWS\7c41s59az2668.exe
[2009/12/23 04:59:21 | 00,013,095 | ---- | C] () -- C:\WINDOWS\System32\29694v5rus9zb.dll
[2009/12/22 23:38:58 | 00,017,139 | ---- | C] () -- C:\WINDOWS\System32\15105spam9ot4d1z.exe
[2009/12/21 16:36:43 | 00,009,068 | ---- | C] () -- C:\WINDOWS\System32\3cb05ackdoor95z.dll
[2009/12/21 15:53:52 | 00,015,032 | ---- | C] () -- C:\WINDOWS\z5580wo9m36f.dll
[2009/12/20 18:39:41 | 00,006,602 | ---- | C] () -- C:\WINDOWS\System32\1589zhief554.ocx
[2009/12/20 17:48:50 | 00,003,260 | ---- | C] () -- C:\WINDOWS\System32\25619ot-a-vi5zs29.bin
[2009/12/20 14:42:50 | 00,011,607 | ---- | C] () -- C:\WINDOWS\System32\3z095hacktool99e.bin
[2009/12/20 02:34:41 | 00,011,219 | ---- | C] () -- C:\WINDOWS\System32\559c9ddwaze1835.exe
[2009/12/19 20:10:33 | 00,014,065 | ---- | C] () -- C:\WINDOWS\System32\22548szambo97da5.ocx
[2009/12/19 14:07:04 | 00,010,396 | ---- | C] () -- C:\WINDOWS\4d3cztea957.dll
[2009/12/19 02:34:46 | 00,016,444 | ---- | C] () -- C:\WINDOWS\System32\52972spambot1cz.dll
[2009/12/18 10:33:10 | 00,005,720 | ---- | C] () -- C:\WINDOWS\68f5backdoorz892.exe
[2009/12/18 07:36:01 | 00,003,032 | ---- | C] () -- C:\WINDOWS\69z5spyware1201.exe
[2009/12/17 15:30:59 | 00,006,489 | ---- | C] () -- C:\WINDOWS\System32\30993nzt5a-virus95f.ocx
[2009/12/17 12:36:10 | 00,005,724 | ---- | C] () -- C:\WINDOWS\System32\f9fthrzat95043.ocx
[2009/12/17 06:50:34 | 00,012,765 | ---- | C] () -- C:\WINDOWS\5512spz7169.ocx
[2009/12/16 13:39:27 | 00,016,981 | ---- | C] () -- C:\WINDOWS\4a749ackd5or2z19.ocx
[2009/12/15 13:47:02 | 00,014,828 | ---- | C] () -- C:\WINDOWS\314zor9625.dll
[2009/12/15 12:10:48 | 00,013,926 | ---- | C] () -- C:\WINDOWS\95109spamzot45b.bin
[2009/12/15 01:57:02 | 00,012,289 | ---- | C] () -- C:\WINDOWS\System32\183719irus5z3.ocx
[2009/12/14 20:17:58 | 00,006,242 | ---- | C] () -- C:\WINDOWS\20z05spambot4b59.bin
[2009/12/13 23:33:32 | 00,011,459 | ---- | C] () -- C:\WINDOWS\System32\117z0v5rus9cc.bin
[2009/12/13 22:28:16 | 00,007,563 | ---- | C] () -- C:\WINDOWS\System32\2f42vir25z9.exe
[2009/12/13 19:41:46 | 00,002,551 | ---- | C] () -- C:\WINDOWS\System32\4172bz5kdo9r2774.bin
[2009/12/13 11:18:53 | 00,011,305 | ---- | C] () -- C:\WINDOWS\System32\31z55vi9us312.bin
[2009/12/13 07:03:53 | 00,018,177 | ---- | C] () -- C:\WINDOWS\System32\15a0v9z1269.dll
[2009/12/13 05:24:57 | 00,007,461 | ---- | C] () -- C:\WINDOWS\17981hacktool1fz5.cpl
[2009/12/13 03:13:56 | 00,007,473 | ---- | C] () -- C:\WINDOWS\System32\7708wor9562z.dll
[2009/12/12 19:53:01 | 00,006,564 | ---- | C] () -- C:\WINDOWS\7277bacz9oo53081.ocx
[2009/12/12 17:29:21 | 00,017,579 | ---- | C] () -- C:\WINDOWS\System32\21z005acktool9f.ocx
[2009/12/11 19:24:06 | 00,015,286 | ---- | C] () -- C:\WINDOWS\System32\35765tezl3295.ocx
[2009/12/11 05:31:50 | 00,015,752 | ---- | C] () -- C:\WINDOWS\34419tez5169.exe
[2009/12/11 03:02:25 | 00,005,014 | ---- | C] () -- C:\WINDOWS\2359zvi5us4b5.ocx
[2009/12/10 13:13:03 | 00,013,319 | ---- | C] () -- C:\WINDOWS\5995spamzot55.cpl
[2009/12/09 21:46:49 | 00,005,749 | ---- | C] () -- C:\WINDOWS\284cszeal5399.exe
[2009/12/09 15:51:05 | 00,007,508 | ---- | C] () -- C:\WINDOWS\System32\2956doznloader1025.ocx
[2009/12/09 12:24:50 | 00,006,950 | ---- | C] () -- C:\WINDOWS\System32\8158spamb9t28z5.bin
[2009/12/09 08:38:07 | 00,011,449 | ---- | C] () -- C:\WINDOWS\5859zi5468.ocx
[2009/12/09 06:58:46 | 00,011,343 | ---- | C] () -- C:\WINDOWS\System32\3398thzef549.ocx
[2009/12/09 02:35:26 | 00,006,972 | ---- | C] () -- C:\WINDOWS\z8d4b5ckd9or516.dll
[2009/12/09 01:54:02 | 00,016,367 | ---- | C] () -- C:\WINDOWS\103wo597ez.ocx
[2009/12/08 03:20:09 | 00,009,524 | ---- | C] () -- C:\WINDOWS\System32\35411spambo95fbz.exe
[2009/12/07 22:59:36 | 00,006,351 | ---- | C] () -- C:\WINDOWS\8369troz551.bin
[2009/12/07 18:55:57 | 00,017,202 | ---- | C] () -- C:\WINDOWS\65a1spywzre3969.exe
[2009/12/07 13:22:42 | 00,009,493 | ---- | C] () -- C:\WINDOWS\System32\98bbaddwar51059z.exe
[2009/12/07 08:16:09 | 00,002,813 | ---- | C] () -- C:\WINDOWS\955z3troj5c5.exe
[2009/12/07 07:26:42 | 00,017,554 | ---- | C] () -- C:\WINDOWS\9343stza53212.cpl
[2009/12/06 08:08:08 | 00,009,319 | ---- | C] () -- C:\WINDOWS\59735izus783.cpl
[2009/12/06 05:12:53 | 00,014,445 | ---- | C] () -- C:\WINDOWS\System32\1987za9kdoor5147.exe
[2009/12/06 03:39:01 | 00,003,540 | ---- | C] () -- C:\WINDOWS\System32\18590hazktool7fc.dll
[2009/12/05 09:35:25 | 00,018,364 | ---- | C] () -- C:\WINDOWS\System32\6053zir25969.bin
[2009/12/04 19:17:53 | 00,013,148 | ---- | C] () -- C:\WINDOWS\System32\25121not-a-viz9s655.dll
[2009/12/04 00:53:02 | 00,013,366 | ---- | C] () -- C:\WINDOWS\79975pz27a9.bin
[2009/12/03 17:02:57 | 00,004,543 | ---- | C] () -- C:\WINDOWS\System32\537at95eat1z628.cpl
[2009/12/03 00:13:30 | 00,002,705 | ---- | C] () -- C:\WINDOWS\System32\z3626v9rus515.ocx
[2009/12/02 13:37:22 | 00,011,491 | ---- | C] () -- C:\WINDOWS\5be9th5zat6001.cpl
[2009/11/28 11:59:25 | 00,004,134 | ---- | C] () -- C:\WINDOWS\System32\13z35spy559.cpl
[2009/11/28 09:16:04 | 00,007,958 | ---- | C] () -- C:\WINDOWS\System32\536szambot589.exe
[2009/11/27 22:23:25 | 00,009,390 | ---- | C] () -- C:\WINDOWS\8z82h5ck9ool467.dll
[2009/11/27 13:57:56 | 00,003,651 | ---- | C] () -- C:\WINDOWS\z46s9ea5693.cpl
[2009/11/26 10:23:16 | 00,009,704 | ---- | C] () -- C:\WINDOWS\System32\8789pz5se1831.cpl
[2009/11/26 06:58:03 | 00,016,806 | ---- | C] () -- C:\WINDOWS\24465ow9zoader1942.ocx
[2009/11/25 14:19:19 | 00,004,955 | ---- | C] () -- C:\WINDOWS\252605orm99z.dll
[2009/11/25 03:57:48 | 00,004,901 | ---- | C] () -- C:\WINDOWS\System32\6195t5zef3239.bin
[2009/11/24 19:14:18 | 00,006,145 | ---- | C] () -- C:\WINDOWS\System32\148799ot-a-vzr5s1a6.ocx
[2009/11/24 18:27:47 | 00,032,256 | ---- | C] () -- C:\WINDOWS\System32\__c004835E.dat
[2009/11/23 18:48:37 | 00,437,248 | ---- | C] () -- C:\Documents and Settings\Baby\Desktop\CKScanner.exe
[2009/11/23 16:32:41 | 00,016,879 | ---- | C] () -- C:\WINDOWS\596fthreat31353z.bin
[2009/11/23 16:28:37 | 00,013,856 | ---- | C] () -- C:\WINDOWS\59z6backdoor1775.cpl
[2009/11/23 10:47:05 | 00,003,531 | ---- | C] () -- C:\WINDOWS\System32\423adown5oa9zr852.exe
[2009/11/22 13:25:23 | 00,003,405 | ---- | C] () -- C:\WINDOWS\65e2ba9kdzor2443.bin
[2009/11/22 10:12:18 | 00,014,092 | ---- | C] () -- C:\WINDOWS\41czthie9555.cpl
[2009/11/21 16:31:23 | 00,000,779 | ---- | C] () -- C:\Documents and Settings\Baby\Desktop\Shortcut to age3y.lnk
[2009/11/21 05:52:56 | 00,004,360 | ---- | C] () -- C:\WINDOWS\63daspar5e18z9.bin
[2009/11/20 16:05:07 | 00,013,246 | ---- | C] () -- C:\WINDOWS\58549spambzt937.bin
[2009/11/20 07:04:31 | 00,231,694 | ---- | C] () -- C:\Documents and Settings\Baby\Desktop\[Free-scores.com]_ostijn-willy-piece-concert-pour-alto-sax-orchestre-solo-alto-11661.pdf
[2009/11/20 07:01:54 | 00,726,546 | ---- | C] () -- C:\Documents and Settings\Baby\Desktop\[Free-scores.com]_ostijn-willy-piece-concert-pour-alto-sax-orchestre-11661.pdf
[2009/11/19 07:19:05 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/11/19 07:13:34 | 00,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/11/18 17:40:56 | 00,000,125 | ---- | C] () -- C:\xcrashdump.dat
[2009/11/18 07:27:41 | 00,001,903 | ---- | C] () -- C:\WINDOWS\GnuHashes.ini
[2009/11/18 07:20:24 | 00,001,355 | -HS- | C] () -- C:\WINDOWS\System32\809444970
[2009/11/18 07:20:22 | 00,000,817 | ---- | C] () -- C:\WINDOWS\System32\1617917498
[2009/11/18 07:19:44 | 00,004,443 | ---- | C] () -- C:\WINDOWS\System32\952zthief487.bin
[2009/11/18 07:17:50 | 00,203,776 | -HS- | C] () -- C:\WINDOWS\System32\unrar.exe
[2009/11/18 07:17:26 | 00,187,904 | ---- | C] () -- C:\WINDOWS\System32\browsewm32.dll
[2009/11/18 07:17:25 | 00,005,609 | -HS- | C] () -- C:\Documents and Settings\Baby\Application Data\02000000f892ab57700C.manifest
[2009/11/18 07:17:25 | 00,002,086 | -HS- | C] () -- C:\Documents and Settings\Baby\Application Data\02000000f892ab57700P.manifest
[2009/11/18 07:17:25 | 00,000,626 | -HS- | C] () -- C:\Documents and Settings\Baby\Application Data\02000000f892ab57700O.manifest
[2009/11/18 07:17:25 | 00,000,011 | -HS- | C] () -- C:\Documents and Settings\Baby\Application Data\02000000f892ab57700S.manifest
[2009/11/18 07:17:23 | 00,122,368 | ---- | C] () -- C:\WINDOWS\System32\bidispl32.dll
[2009/11/18 03:56:48 | 00,003,726 | ---- | C] () -- C:\WINDOWS\6574add9are36z.dll
[2009/11/18 03:11:48 | 00,017,711 | ---- | C] () -- C:\WINDOWS\ee8add9arz754.ocx
[2009/11/18 02:57:24 | 00,013,109 | ---- | C] () -- C:\WINDOWS\3ab9thizf2054.dll
[2009/11/17 19:51:11 | 00,016,568 | ---- | C] () -- C:\WINDOWS\System32\47fezpyw5re9014.exe
[2009/11/17 13:44:57 | 00,009,045 | ---- | C] () -- C:\WINDOWS\z895sp556e.dll
[2009/11/17 09:08:12 | 00,012,560 | ---- | C] () -- C:\WINDOWS\95ddvir1984z.dll
[2009/11/16 20:06:21 | 00,008,080 | ---- | C] () -- C:\WINDOWS\System32\25390s9ambo564z.bin
[2009/11/15 08:16:41 | 00,008,496 | ---- | C] () -- C:\WINDOWS\System32\2zf4backdo951148.ocx
[2009/11/14 22:12:44 | 00,015,654 | ---- | C] () -- C:\WINDOWS\System32\14850hacktzol52b9.cpl
[2009/11/14 07:49:31 | 00,015,662 | ---- | C] () -- C:\WINDOWS\549zsparse1299.dll
[2009/11/14 06:47:42 | 00,003,333 | ---- | C] () -- C:\WINDOWS\5735zteal9869.cpl
[2009/11/13 04:58:28 | 00,017,115 | ---- | C] () -- C:\WINDOWS\System32\305z9spambot599.exe
[2009/11/12 20:41:06 | 00,007,872 | ---- | C] () -- C:\WINDOWS\68ees9ezl5738.dll
[2009/11/12 20:10:36 | 00,016,406 | ---- | C] () -- C:\WINDOWS\27135hac9tooz600.exe
[2009/11/12 18:24:25 | 00,015,021 | ---- | C] () -- C:\WINDOWS\System32\d2ad9wnloade53061z.exe
[2009/11/11 16:25:28 | 00,004,523 | ---- | C] () -- C:\WINDOWS\954spy7z9.cpl
[2009/11/11 12:37:44 | 00,013,161 | ---- | C] () -- C:\WINDOWS\System32\6529hackto5lzf2.cpl
[2009/11/11 09:55:41 | 00,018,125 | ---- | C] () -- C:\WINDOWS\System32\7198wzr54f6.cpl
[2009/11/11 09:25:32 | 00,016,470 | ---- | C] () -- C:\WINDOWS\9772vi59sz22.dll
[2009/11/11 09:07:15 | 00,015,952 | ---- | C] () -- C:\WINDOWS\System32\30940s5ambot583z.exe
[2009/11/11 05:45:38 | 00,017,975 | ---- | C] () -- C:\WINDOWS\System32\17665zy5449.dll
[2009/11/11 04:32:27 | 00,008,847 | ---- | C] () -- C:\WINDOWS\250a9ir818z.bin
[2009/11/10 21:25:19 | 00,008,746 | ---- | C] () -- C:\WINDOWS\55399ackdooz3028.dll
[2009/11/10 04:14:38 | 00,014,286 | ---- | C] () -- C:\WINDOWS\System32\z2967spambo53c.cpl
[2009/11/09 19:39:00 | 00,016,294 | ---- | C] () -- C:\WINDOWS\z2126h5c9tool7a4.exe
[2009/11/08 04:13:32 | 00,015,788 | ---- | C] () -- C:\WINDOWS\System32\699zthreat1895.ocx
[2009/11/07 20:46:30 | 00,015,774 | ---- | C] () -- C:\WINDOWS\System32\z35619irus45c.cpl
[2009/11/07 17:14:33 | 00,001,833 | ---- | C] () -- C:\Documents and Settings\Baby\Desktop\Need for Speed™ Undercover.lnk
[2009/11/06 22:20:37 | 00,008,767 | ---- | C] () -- C:\WINDOWS\System32\398fthizf654.cpl
[2009/11/06 20:49:16 | 00,013,304 | ---- | C] () -- C:\WINDOWS\System32\43459hiefz701.bin
[2009/11/06 14:54:40 | 00,012,112 | ---- | C] () -- C:\WINDOWS\System32\119z0t59j10c.ocx
[2009/11/06 14:40:42 | 00,009,121 | ---- | C] () -- C:\WINDOWS\System32\75f6thi5f1399z.ocx
[2009/11/06 14:36:56 | 00,015,139 | ---- | C] () -- C:\WINDOWS\5987zac5doo990.dll
[2009/11/04 22:37:22 | 00,002,668 | ---- | C] () -- C:\WINDOWS\System32\169z55irus31b.exe
[2009/11/04 18:06:37 | 00,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/11/04 04:50:25 | 00,008,229 | ---- | C] () -- C:\WINDOWS\14521ha9ktoolz09.dll
[2009/11/02 19:01:09 | 00,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009/11/02 19:01:09 | 00,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2009/11/02 19:01:09 | 00,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2009/11/02 08:53:39 | 01,580,708 | -H-- | C] () -- C:\Documents and Settings\Baby\Local Settings\Application Data\IconCache.db
[2009/11/02 07:14:54 | 00,016,311 | ---- | C] () -- C:\WINDOWS\System32\5z5c9teal922.dll
[2009/10/31 23:29:31 | 00,005,512 | ---- | C] () -- C:\WINDOWS\5b20v9z19555.bin
[2009/10/27 06:15:17 | 00,010,193 | ---- | C] () -- C:\WINDOWS\System32\5bf1st5z98.exe
[2009/10/27 01:35:51 | 00,012,541 | ---- | C] () -- C:\WINDOWS\System32\1395threaz51959.bin
[2009/10/26 01:30:36 | 00,009,132 | ---- | C] () -- C:\WINDOWS\System32\11115not-a-viru9z56.ocx
[2009/10/25 21:51:07 | 00,008,805 | ---- | C] () -- C:\WINDOWS\System32\9b1as5ywarez734.cpl
[2009/10/25 19:22:40 | 00,008,401 | ---- | C] () -- C:\WINDOWS\36635p92bz.bin
[2009/10/13 11:07:50 | 00,010,408 | ---- | C] () -- C:\WINDOWS\System32\3fa3zpy59re284.dll
[2009/10/12 23:16:45 | 00,006,847 | ---- | C] () -- C:\WINDOWS\15569iru5zba.dll
[2009/10/07 17:15:21 | 00,013,753 | ---- | C] () -- C:\WINDOWS\29z37worm815.dll
[2009/10/06 12:38:30 | 00,010,733 | ---- | C] () -- C:\WINDOWS\5z52threat16191.dll
[2009/10/01 03:04:42 | 00,003,122 | ---- | C] () -- C:\WINDOWS\System32\26818worz99d5.dll
[2009/09/30 17:17:45 | 00,003,059 | ---- | C] () -- C:\WINDOWS\8876not-a9vi5zs5e1.dll
[2009/09/28 01:54:04 | 00,002,738 | ---- | C] () -- C:\WINDOWS\System32\146925z96c0.dll
[2009/09/26 00:31:21 | 00,002,550 | ---- | C] () -- C:\WINDOWS\System32\29502notza-v5rus483.dll
[2009/09/25 17:36:48 | 00,013,244 | ---- | C] () -- C:\WINDOWS\System32\391zthie9851.dll
[2009/09/22 13:47:28 | 00,009,804 | ---- | C] () -- C:\WINDOWS\495cthzef402.dll
[2009/09/19 18:33:46 | 00,008,230 | ---- | C] () -- C:\WINDOWS\3z323tr9j356.dll
[2009/09/18 15:38:39 | 00,014,377 | ---- | C] () -- C:\WINDOWS\22596viruz9c4.dll
[2009/09/18 13:10:59 | 00,004,589 | ---- | C] () -- C:\WINDOWS\System32\18466wo5947z.dll
[2009/09/16 18:12:41 | 00,015,198 | ---- | C] () -- C:\WINDOWS\System32\5b55zddwar92798.dll
[2009/09/15 21:50:56 | 00,018,001 | ---- | C] () -- C:\WINDOWS\z3149sp5mbot51f.dll
[2009/09/14 09:38:52 | 00,013,555 | ---- | C] () -- C:\WINDOWS\System32\z087s5ywa9e159.dll
[2009/09/11 11:37:00 | 00,013,346 | ---- | C] () -- C:\WINDOWS\1z819tr95774.dll
[2009/09/08 22:31:02 | 00,005,433 | ---- | C] () -- C:\WINDOWS\System32\2f859ir50z5.dll
[2009/09/08 16:52:40 | 00,016,364 | ---- | C] () -- C:\WINDOWS\5228v5r9s7za.dll
[2009/09/05 13:19:52 | 00,006,620 | ---- | C] () -- C:\WINDOWS\325f5hrezt19408.dll
[2009/09/03 09:42:27 | 00,010,902 | ---- | C] () -- C:\WINDOWS\System32\19b5downlzader1845.dll
[2009/09/03 05:50:15 | 00,009,391 | ---- | C] () -- C:\WINDOWS\56z5t9ief1759.dll
[2009/09/02 22:46:07 | 00,003,963 | ---- | C] () -- C:\WINDOWS\System32\1d95thre5t413z.dll
[2009/08/18 20:38:44 | 00,011,283 | ---- | C] () -- C:\WINDOWS\System32\91030not-azviru5441.dll
[2009/08/18 19:35:40 | 00,007,245 | ---- | C] () -- C:\WINDOWS\System32\157z9spy474.dll
[2009/08/18 18:34:30 | 00,006,783 | ---- | C] () -- C:\WINDOWS\System32\9124z5pambot21d.dll
[2009/08/17 09:47:20 | 00,005,038 | ---- | C] () -- C:\WINDOWS\421zno9-a-vi5us225.dll
[2009/08/16 10:35:18 | 00,139,152 | ---- | C] () -- C:\Documents and Settings\Baby\Application Data\PnkBstrK.sys
[2009/08/13 07:25:56 | 00,014,044 | ---- | C] () -- C:\WINDOWS\System32\759fz95al1317.dll
[2009/08/10 21:44:32 | 00,003,496 | ---- | C] () -- C:\WINDOWS\System32\30z9not-9-vir5s137.dll
[2009/08/08 10:34:11 | 00,015,626 | ---- | C] () -- C:\WINDOWS\25396hack5ooz237.dll
[2009/08/07 02:12:32 | 00,014,138 | ---- | C] () -- C:\WINDOWS\19157s95ze.dll
[2009/08/05 11:15:28 | 00,015,926 | ---- | C] () -- C:\WINDOWS\5295vir9z4d6.dll
[2009/08/05 05:04:18 | 00,010,020 | ---- | C] () -- C:\WINDOWS\System32\zd25t9i5f1710.dll
[2009/08/01 23:35:44 | 00,013,056 | ---- | C] () -- C:\WINDOWS\System32\7007spar592z12.dll
[2009/07/28 11:39:47 | 00,015,915 | ---- | C] () -- C:\WINDOWS\System32\zc95sparse1474.dll
[2009/07/23 21:17:37 | 00,002,688 | ---- | C] () -- C:\WINDOWS\985z5irus449.dll
[2009/07/17 17:25:46 | 00,003,356 | ---- | C] () -- C:\WINDOWS\9z97sp5m9ot3cf.dll
[2009/07/13 09:47:35 | 00,015,435 | ---- | C] () -- C:\WINDOWS\System32\512z2troj5c9.dll
[2009/07/12 23:10:15 | 00,008,235 | ---- | C] () -- C:\WINDOWS\20a4spa9se3596z.dll
[2009/07/12 18:51:02 | 00,006,912 | ---- | C] () -- C:\WINDOWS\System32\2355z9py13a.dll
[2009/07/02 12:34:56 | 00,013,792 | ---- | C] () -- C:\WINDOWS\System32\93709spam5ot172z.dll
[2009/06/30 16:13:48 | 00,006,144 | ---- | C] () -- C:\WINDOWS\d7faddwa952z22.dll
[2009/06/25 03:38:22 | 00,012,409 | ---- | C] () -- C:\WINDOWS\422c5ownlzad9r370.dll
[2009/06/24 03:51:52 | 00,007,218 | ---- | C] () -- C:\WINDOWS\2z76v5r2965.dll
[2009/06/19 10:38:06 | 00,018,416 | ---- | C] () -- C:\WINDOWS\7550a9dwarz2672.dll
[2009/06/18 00:57:10 | 00,017,512 | ---- | C] () -- C:\WINDOWS\System32\1z7evir16905.dll
[2009/06/17 20:21:09 | 00,006,135 | ---- | C] () -- C:\WINDOWS\7za5steal3297.dll
[2009/06/17 08:19:01 | 00,004,757 | ---- | C] () -- C:\WINDOWS\System32\192z8tr5j4b.dll
[2009/06/14 00:34:37 | 00,015,798 | ---- | C] () -- C:\WINDOWS\236559zrm42.dll
[2009/06/10 20:34:47 | 00,011,061 | ---- | C] () -- C:\WINDOWS\9549sparse1950z.dll
[2009/06/10 10:25:21 | 00,006,619 | ---- | C] () -- C:\WINDOWS\59035not-a-virzs313.dll
[2009/06/10 06:53:25 | 00,015,259 | ---- | C] () -- C:\WINDOWS\System32\45ccbaz9doo5352.dll
[2009/06/08 17:04:10 | 00,005,436 | ---- | C] () -- C:\WINDOWS\5z54thief869.dll
[2009/06/06 21:41:22 | 00,006,008 | ---- | C] () -- C:\WINDOWS\7653vz9619.dll
[2009/06/05 03:53:20 | 00,017,131 | ---- | C] () -- C:\WINDOWS\39zspy175.dll
[2009/06/03 03:31:04 | 00,013,698 | ---- | C] () -- C:\WINDOWS\System32\27159wozm53.dll
[2009/06/02 07:34:41 | 00,015,706 | ---- | C] () -- C:\WINDOWS\951z8v5rus737.dll
[2009/06/01 17:14:17 | 00,018,212 | ---- | C] () -- C:\WINDOWS\System32\6749back5oor85z.dll
[2009/06/01 17:14:17 | 00,018,111 | ---- | C] () -- C:\WINDOWS\6c4795ckdoor27z7.dll
[2009/06/01 17:14:17 | 00,017,131 | ---- | C] () -- C:\WINDOWS\5da0s59zl985.dll
[2009/06/01 17:14:17 | 00,015,921 | ---- | C] () -- C:\WINDOWS\zc75add9are8255.dll
[2009/06/01 17:14:17 | 00,015,683 | ---- | C] () -- C:\WINDOWS\9c1zo5nloader858.dll
[2009/06/01 17:14:17 | 00,013,882 | ---- | C] () -- C:\WINDOWS\System32\19516not-a9vir5s3c3z.dll
[2009/06/01 17:14:17 | 00,012,231 | ---- | C] () -- C:\WINDOWS\29555spamboz602.dll
[2009/06/01 17:14:17 | 00,012,189 | ---- | C] () -- C:\WINDOWS\System32\50669pzmbot2c3.dll
[2009/06/01 17:14:17 | 00,011,786 | ---- | C] () -- C:\WINDOWS\System32\475fzpars92804.dll
[2009/06/01 17:14:17 | 00,011,171 | ---- | C] () -- C:\WINDOWS\System32\32119virus6z65.dll
[2009/06/01 17:14:17 | 00,010,825 | ---- | C] () -- C:\WINDOWS\f60v9r5z0.dll
[2009/06/01 17:14:17 | 00,010,296 | ---- | C] () -- C:\WINDOWS\System32\59fbthzef2694.dll
[2009/06/01 17:14:17 | 00,007,366 | ---- | C] () -- C:\WINDOWS\15520vizus619.dll
[2009/06/01 17:14:17 | 00,007,160 | ---- | C] () -- C:\WINDOWS\4205spywzr92398.dll
[2009/06/01 17:14:17 | 00,005,430 | ---- | C] () -- C:\WINDOWS\System32\7czfvir95.dll
[2009/06/01 17:14:17 | 00,004,961 | ---- | C] () -- C:\WINDOWS\35d59ackdzor1357.dll
[2009/06/01 17:14:17 | 00,004,351 | ---- | C] () -- C:\WINDOWS\91z72troj5d5.dll
[2009/06/01 17:14:17 | 00,003,251 | ---- | C] () -- C:\WINDOWS\System32\27585szy39c.dll
[2009/06/01 17:14:16 | 00,015,715 | ---- | C] () -- C:\WINDOWS\z9459spy479.dll
[2009/06/01 17:14:16 | 00,014,457 | ---- | C] () -- C:\WINDOWS\2a98sp5warez9.dll
[2009/06/01 17:14:16 | 00,007,087 | ---- | C] () -- C:\WINDOWS\4de7downloaze51975.dll
[2009/06/01 17:14:16 | 00,006,041 | ---- | C] () -- C:\WINDOWS\7999thzeat10865.dll
[2009/06/01 17:14:16 | 00,005,144 | ---- | C] () -- C:\WINDOWS\443dad9warz1555.dll
[2009/06/01 17:14:16 | 00,004,383 | ---- | C] () -- C:\WINDOWS\System32\6397haczto5l160.dll
[2009/06/01 14:07:53 | 00,003,965 | ---- | C] () -- C:\WINDOWS\System32\5821nzt-a-vi9us5d.dll
[2009/06/01 06:20:11 | 00,017,944 | ---- | C] () -- C:\WINDOWS\System32\28377virus5a9z.dll
[2009/06/01 02:24:12 | 00,016,951 | ---- | C] () -- C:\WINDOWS\2991spy9are3125z.dll
[2009/05/25 11:51:37 | 00,017,881 | ---- | C] () -- C:\WINDOWS\4422sp9mbotz55.dll
[2009/05/25 11:51:37 | 00,016,275 | ---- | C] () -- C:\WINDOWS\702z95r519.dll
[2009/05/25 11:51:37 | 00,014,341 | ---- | C] () -- C:\WINDOWS\6670sp56z79.dll
[2009/05/25 11:51:37 | 00,014,030 | ---- | C] () -- C:\WINDOWS\23z5sp9ware2883.dll
[2009/05/25 11:51:37 | 00,013,243 | ---- | C] () -- C:\WINDOWS\30b9s5eal201z.dll
[2009/05/25 11:51:37 | 00,013,178 | ---- | C] () -- C:\WINDOWS\System32\5e1bdow9loadez2885.dll
[2009/05/25 11:51:37 | 00,011,784 | ---- | C] () -- C:\WINDOWS\System32\25206hackz9ol255.dll
[2009/05/25 11:51:37 | 00,011,253 | ---- | C] () -- C:\WINDOWS\307159ckdoorz887.dll
[2009/05/25 11:51:37 | 00,011,199 | ---- | C] () -- C:\WINDOWS\27295troz6f2.dll
[2009/05/25 11:51:37 | 00,010,081 | ---- | C] () -- C:\WINDOWS\System32\75745ot-a9viruzb2.dll
[2009/05/25 11:51:37 | 00,009,741 | ---- | C] () -- C:\WINDOWS\5841spyz90.dll
[2009/05/25 11:51:37 | 00,009,196 | ---- | C] () -- C:\WINDOWS\184z5hief9057.dll
[2009/05/25 11:51:37 | 00,008,808 | ---- | C] () -- C:\WINDOWS\15492virzsed5.dll
[2009/05/25 11:51:37 | 00,008,260 | ---- | C] () -- C:\WINDOWS\19930z95ktool621.dll
[2009/05/25 11:51:37 | 00,008,166 | ---- | C] () -- C:\WINDOWS\System32\2z093hackto9l1e5.dll
[2009/05/25 11:51:37 | 00,006,774 | ---- | C] () -- C:\WINDOWS\12296zac5tool243.dll
[2009/05/25 11:51:37 | 00,006,223 | ---- | C] () -- C:\WINDOWS\5539a9dwzre1054.dll
[2009/05/25 11:51:37 | 00,006,126 | ---- | C] () -- C:\WINDOWS\599spyw5rz1854.dll
[2009/05/25 11:51:37 | 00,005,791 | ---- | C] () -- C:\WINDOWS\System32\25290hacktooz36e.dll
[2009/05/25 11:51:37 | 00,004,738 | ---- | C] () -- C:\WINDOWS\System32\1913zsp9252.dll
[2009/05/25 11:51:37 | 00,003,388 | ---- | C] () -- C:\WINDOWS\System32\93d65ackdoor2z23.dll
[2009/05/25 11:51:36 | 00,015,615 | ---- | C] () -- C:\WINDOWS\5fzc5ddwa9e2805.dll
[2009/05/24 15:17:38 | 00,008,437 | ---- | C] () -- C:\WINDOWS\3077spy5a9e25z6.dll
[2009/05/24 09:45:34 | 00,000,024 | ---- | C] () -- C:\Documents and Settings\Baby\Local Settings\Application Data\73648-88365-27475-00IP7-22847
[2009/05/23 06:01:24 | 00,005,018 | ---- | C] () -- C:\WINDOWS\29003s5y7d3z.dll
[2009/05/22 03:21:27 | 00,005,855 | ---- | C] () -- C:\WINDOWS\6929vir57z.dll
[2009/05/21 20:42:06 | 00,018,311 | ---- | C] () -- C:\WINDOWS\z959hacktool90c.dll
[2009/05/15 19:08:59 | 00,007,586 | ---- | C] () -- C:\WINDOWS\System32\9139nzt-a-vir5s7b5.dll
[2009/05/12 02:42:11 | 00,006,216 | ---- | C] () -- C:\WINDOWS\791c5ownlzader523.dll
[2009/05/11 07:14:16 | 00,008,040 | ---- | C] () -- C:\WINDOWS\System32\6e59v9z2505.dll
[2009/05/06 08:48:33 | 00,002,952 | ---- | C] () -- C:\WINDOWS\System32\45c3zo59loader2789.dll
[2009/05/06 05:14:14 | 00,011,327 | ---- | C] () -- C:\WINDOWS\56919troj993z.dll
[2009/04/27 04:26:59 | 00,010,108 | ---- | C] () -- C:\WINDOWS\System32\zc3fstea91452.dll
[2009/04/25 23:56:59 | 00,005,400 | ---- | C] () -- C:\WINDOWS\6a29bzckdoor547.dll
[2009/04/25 08:47:06 | 00,013,544 | ---- | C] () -- C:\WINDOWS\152z6not-a-viru97e2.dll
[2009/04/24 00:17:02 | 00,008,088 | ---- | C] () -- C:\WINDOWS\5b395ddware1410z.dll
[2009/04/22 12:56:10 | 00,016,490 | ---- | C] () -- C:\WINDOWS\System32\295spy5zb9.dll
[2009/04/21 04:20:08 | 00,005,830 | ---- | C] () -- C:\WINDOWS\System32\3058zspy697.dll
[2009/04/21 03:48:53 | 00,006,077 | ---- | C] () -- C:\WINDOWS\zb9csparse355.dll
[2009/04/20 17:14:28 | 00,013,334 | ---- | C] () -- C:\WINDOWS\z625v593023.dll
[2009/04/20 01:46:00 | 00,012,953 | ---- | C] () -- C:\WINDOWS\System32\28419zambot5975.dll
[2009/04/08 09:09:42 | 00,006,587 | ---- | C] () -- C:\WINDOWS\System32\5d7zvir9297.dll
[2009/04/07 09:27:12 | 00,009,959 | ---- | C] () -- C:\WINDOWS\15913spy31z.dll
[2009/04/07 03:57:07 | 00,007,506 | ---- | C] () -- C:\WINDOWS\75abzownloade52099.dll
[2009/04/05 21:43:18 | 00,011,010 | ---- | C] () -- C:\WINDOWS\System32\zd05steal1095.dll
[2009/04/02 22:14:04 | 00,012,199 | ---- | C] () -- C:\WINDOWS\System32\5c97downloaderz928.dll
[2009/03/28 11:06:54 | 00,015,726 | ---- | C] () -- C:\WINDOWS\559fvirz649.dll
[2009/03/25 06:44:37 | 00,003,164 | ---- | C] () -- C:\WINDOWS\System32\a59vzr2929.dll
[2009/03/19 21:43:43 | 00,010,312 | ---- | C] () -- C:\WINDOWS\System32\1994tzoj7c5.dll
[2009/03/14 00:27:26 | 00,016,840 | ---- | C] () -- C:\WINDOWS\f46s9y5arz3157.dll
[2009/03/11 23:43:55 | 00,017,779 | ---- | C] () -- C:\WINDOWS\18726spa5bot1z39.dll
[2009/03/08 11:12:33 | 00,014,310 | ---- | C] () -- C:\WINDOWS\554zw9rm508.dll
[2009/03/05 14:14:34 | 00,004,777 | ---- | C] () -- C:\WINDOWS\System32\20521szam9ot59d.dll
[2009/03/04 03:26:59 | 00,011,532 | ---- | C] () -- C:\WINDOWS\15961zo5-a-9irus400.dll
[2009/02/24 00:15:27 | 00,004,893 | ---- | C] () -- C:\WINDOWS\1z905vi5us5d6.dll
[2009/02/17 12:39:25 | 00,006,294 | ---- | C] () -- C:\WINDOWS\System32\z7960t5oj69.dll
[2009/02/16 15:04:24 | 00,003,643 | ---- | C] () -- C:\WINDOWS\23459zambot753.dll
[2009/02/12 06:22:28 | 00,015,791 | ---- | C] () -- C:\WINDOWS\System32\113549iruz2d7.dll
[2009/02/11 13:33:25 | 00,016,207 | ---- | C] () -- C:\WINDOWS\z529addwa5e286.dll
[2009/02/11 05:50:29 | 00,006,492 | ---- | C] () -- C:\WINDOWS\System32\8549noz-a-vir953fc.dll
[2009/01/23 23:31:17 | 00,006,080 | ---- | C] () -- C:\WINDOWS\System32\23148hac59oolz9.dll
[2009/01/12 01:12:02 | 00,013,091 | ---- | C] () -- C:\WINDOWS\794azhre5t889.dll
[2009/01/06 17:46:02 | 00,017,587 | ---- | C] () -- C:\WINDOWS\System32\93425spy235z.dll
[2009/01/05 14:44:10 | 00,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2009/01/04 22:10:59 | 00,008,446 | ---- | C] () -- C:\WINDOWS\System32\3695virus3cz9.dll
[2009/01/02 10:58:14 | 00,002,989 | ---- | C] () -- C:\WINDOWS\System32\5089sz9al1456.dll
[2009/01/01 18:58:37 | 00,138,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008/12/25 18:04:57 | 00,014,037 | ---- | C] () -- C:\WINDOWS\6e5zthief9937.dll
[2008/12/25 05:43:53 | 00,004,209 | ---- | C] () -- C:\WINDOWS\System32\2a94szarse11415.dll
[2008/12/23 03:03:55 | 00,009,736 | ---- | C] () -- C:\WINDOWS\7b83s5ywaze937.dll
[2008/12/21 11:37:56 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/12/21 10:18:01 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Baby\Local Settings\Application Data\rx_image.Cache
[2008/12/18 23:56:03 | 00,008,666 | ---- | C] () -- C:\WINDOWS\84z0viru5695.dll
[2008/12/17 18:24:40 | 00,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008/12/17 14:50:49 | 00,010,335 | ---- | C] () -- C:\WINDOWS\69fcdow5loadez3233.dll
[2008/12/15 21:46:39 | 00,014,320 | ---- | C] () -- C:\WINDOWS\System32\1682downlo5ze91153.dll
[2008/12/15 13:40:35 | 00,017,694 | ---- | C] () -- C:\WINDOWS\23677ha5ktool9abz.dll
[2008/12/15 04:58:31 | 00,015,748 | ---- | C] () -- C:\WINDOWS\System32\69ezv9r265.dll
[2008/12/14 13:55:03 | 00,009,598 | ---- | C] () -- C:\WINDOWS\System32\6274s9arze6845.dll
[2008/12/14 12:13:47 | 00,014,268 | ---- | C] () -- C:\WINDOWS\fz459r1761.dll
[2008/12/12 06:45:15 | 00,016,297 | ---- | C] () -- C:\WINDOWS\24z9vir2537.dll
[2008/12/03 15:29:41 | 00,014,139 | ---- | C] () -- C:\WINDOWS\System32\23546sz59bot1d7.dll
[2008/11/22 23:58:20 | 00,013,458 | ---- | C] () -- C:\WINDOWS\System32\55149roz5035.dll
[2008/11/21 08:41:00 | 00,004,199 | ---- | C] () -- C:\WINDOWS\System32\120z1vir956eb.dll
[2008/11/20 19:52:36 | 00,003,247 | ---- | C] () -- C:\WINDOWS\System32\11350spamb9t438z.dll
[2008/11/20 09:02:41 | 00,007,542 | ---- | C] () -- C:\WINDOWS\6f54vi9319z.dll
[2008/11/14 12:51:17 | 00,010,042 | ---- | C] () -- C:\WINDOWS\6c30zteal594.dll
[2008/11/13 22:37:33 | 00,000,162 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/11/12 22:31:57 | 00,003,755 | ---- | C] () -- C:\WINDOWS\System32\3988ste5l14z99.dll
[2008/11/12 00:11:06 | 00,009,636 | ---- | C] () -- C:\WINDOWS\257z9sp9mbot30a.dll
[2008/11/11 21:30:07 | 00,017,763 | ---- | C] () -- C:\WINDOWS\6584b9czdoor2335.dll
[2008/11/10 09:12:49 | 00,006,944 | ---- | C] () -- C:\WINDOWS\System32\8bcbz9kdoor1285.dll
[2008/10/25 10:18:38 | 00,007,032 | ---- | C] () -- C:\WINDOWS\System32\52f6download5r1z90.dll
[2008/10/15 10:34:57 | 00,016,160 | ---- | C] () -- C:\WINDOWS\228299ot-a5vzrusdb.dll
[2008/10/15 09:09:31 | 00,016,299 | ---- | C] () -- C:\WINDOWS\24952spa5bzt50c.dll
[2008/10/13 11:25:19 | 00,017,979 | ---- | C] () -- C:\WINDOWS\System32\17901s5yd8z.dll
[2008/10/06 18:30:45 | 00,014,613 | ---- | C] () -- C:\WINDOWS\System32\3b05zackd9or1531.dll
[2008/10/05 13:59:12 | 00,010,483 | ---- | C] () -- C:\WINDOWS\31723s5amboz3f39.dll
[2008/10/01 19:44:22 | 00,010,830 | ---- | C] () -- C:\WINDOWS\1e13azdwa5e359.dll
[2008/09/24 21:19:23 | 00,012,465 | ---- | C] () -- C:\WINDOWS\196259pamb5tz7e.dll
[2008/09/23 20:43:42 | 00,005,676 | ---- | C] () -- C:\WINDOWS\System32\163189ro55z9.dll
[2008/09/21 20:19:41 | 00,009,817 | ---- | C] () -- C:\WINDOWS\597zdownloa9er1388.dll
[2008/09/20 02:03:45 | 00,016,849 | ---- | C] () -- C:\WINDOWS\System32\23455v9z5s7d9.dll
[2008/09/16 20:27:54 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbtvs.dll
[2008/09/16 20:27:53 | 00,151,552 | ---- | C] () -- C:\WINDOWS\System32\lxbthwdf.dll
[2008/09/16 20:27:53 | 00,139,264 | ---- | C] () -- C:\WINDOWS\System32\lxbtcoin.dll
[2008/09/16 20:27:53 | 00,126,976 | ---- | C] () -- C:\WINDOWS\System32\lxbtsnls.dll
[2008/09/16 20:27:53 | 00,001,832 | ---- | C] () -- C:\WINDOWS\System32\lxbtprod.ini
[2008/09/16 17:35:03 | 00,014,336 | ---- | C] () -- C:\Documents and Settings\Baby\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/09/15 19:42:02 | 00,000,004 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameF.txt
[2008/09/15 19:21:25 | 00,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2008/09/15 18:43:13 | 00,110,576 | ---- | C] () -- C:\Documents and Settings\Baby\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/09/14 18:09:08 | 00,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2008/09/14 18:09:08 | 00,005,130 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/09/14 17:41:18 | 00,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2008/09/14 17:19:41 | 00,032,768 | R--- | C] () -- C:\WINDOWS\System32\idecoi.dll
[2008/09/14 17:17:35 | 00,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2008/09/14 17:10:51 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Baby\Application Data\desktop.ini
[2008/09/14 17:06:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2008/09/14 17:02:36 | 00,000,063 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2008/09/14 17:02:36 | 00,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2008/09/14 17:02:05 | 00,013,223 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2008/09/14 17:02:04 | 00,001,931 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2008/09/14 09:56:45 | 00,512,960 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008/09/14 09:56:44 | 00,004,328 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/09/14 09:56:20 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2008/09/08 06:54:46 | 00,017,849 | ---- | C] () -- C:\WINDOWS\System32\19945zpambot6f6.dll
[2008/09/05 07:37:17 | 00,003,401 | ---- | C] () -- C:\WINDOWS\System32\279449zcktool355.dll
[2008/09/04 13:39:30 | 00,014,375 | ---- | C] () -- C:\WINDOWS\System32\7144n9t-a-vir5szd.dll
[2008/09/01 15:40:17 | 00,013,663 | ---- | C] () -- C:\WINDOWS\System32\5637adzwa9e1146.dll
[2008/08/28 13:31:10 | 00,009,477 | ---- | C] () -- C:\WINDOWS\System32\15acaddwa5e289z.dll
[2008/08/26 08:10:25 | 00,013,561 | ---- | C] () -- C:\WINDOWS\3989spyware51z7.dll
[2008/08/23 05:11:40 | 00,013,209 | ---- | C] () -- C:\WINDOWS\System32\157799pz4a5.dll
[2008/08/21 11:55:00 | 00,004,047 | ---- | C] () -- C:\WINDOWS\System32\59cbspyware1z44.dll
[2008/08/20 09:21:07 | 00,012,975 | ---- | C] () -- C:\WINDOWS\22d5b9c5zoor1202.dll
[2008/08/19 00:23:47 | 00,017,407 | ---- | C] () -- C:\WINDOWS\3c29zhi5f1108.dll
[2008/08/18 12:04:45 | 00,017,167 | ---- | C] () -- C:\WINDOWS\7f95tzief1759.dll
[2008/08/12 04:10:36 | 00,018,118 | ---- | C] () -- C:\WINDOWS\System32\58dcbackzoor2599.dll
[2008/08/11 21:37:28 | 00,005,330 | ---- | C] () -- C:\WINDOWS\System32\1955zworm1db.dll
[2008/08/04 18:50:06 | 00,003,060 | ---- | C] () -- C:\WINDOWS\7fdbthre5t99z.dll
[2008/08/03 22:13:31 | 00,014,076 | ---- | C] () -- C:\WINDOWS\z2993not-a-vir5s186.dll
[2008/08/03 03:43:58 | 00,006,910 | ---- | C] () -- C:\WINDOWS\System32\31505zr1943.dll
[2008/07/26 06:52:40 | 00,009,933 | ---- | C] () -- C:\WINDOWS\292465irzs139.dll
[2008/07/25 11:12:46 | 00,007,862 | ---- | C] () -- C:\WINDOWS\System32\29160spz355.dll
[2008/07/23 10:54:07 | 00,003,884 | ---- | C] () -- C:\WINDOWS\5557spzwar92557.dll
[2008/07/19 00:56:39 | 00,010,198 | ---- | C] () -- C:\WINDOWS\5240azdw5re1239.dll
[2008/07/15 04:48:57 | 00,010,706 | ---- | C] () -- C:\WINDOWS\System32\5d115hiefz39.dll
[2008/07/15 03:20:00 | 00,018,093 | ---- | C] () -- C:\WINDOWS\System32\22985hacktooz250.dll
[2008/07/13 17:18:50 | 00,017,170 | ---- | C] () -- C:\WINDOWS\56938hac9tool49z.dll
[2008/07/12 06:44:56 | 00,015,327 | ---- | C] () -- C:\WINDOWS\25045spambzt39f.dll
[2008/07/03 05:45:22 | 00,008,674 | ---- | C] () -- C:\WINDOWS\6d75za9se774.dll
[2008/06/24 07:23:33 | 00,002,647 | ---- | C] () -- C:\WINDOWS\System32\18591not-a-virusez.dll
[2008/06/23 10:05:18 | 00,003,128 | ---- | C] () -- C:\WINDOWS\5badownloaz9r1354.dll
[2008/06/22 07:09:18 | 00,007,560 | ---- | C] () -- C:\WINDOWS\34cdtzief1915.dll
[2008/06/12 00:36:51 | 00,007,204 | ---- | C] () -- C:\WINDOWS\z827395rmed.dll
[2008/06/07 08:35:39 | 00,013,117 | ---- | C] () -- C:\WINDOWS\System32\2d89addwzr59232.dll
[2008/06/07 00:50:36 | 00,003,132 | ---- | C] () -- C:\WINDOWS\z719thie5579.dll
[2008/06/05 18:42:57 | 00,014,756 | ---- | C] () -- C:\WINDOWS\System32\4z9aadd9ar53095.dll
[2008/05/31 16:31:25 | 00,015,964 | ---- | C] () -- C:\WINDOWS\10839virus5z65.dll
[2008/05/27 22:49:04 | 00,018,066 | ---- | C] () -- C:\WINDOWS\System32\z9559tro9655.dll
[2008/05/23 09:37:22 | 00,012,686 | ---- | C] () -- C:\WINDOWS\29efdowzloader2508.dll
[2008/05/22 16:20:05 | 00,002,667 | ---- | C] () -- C:\WINDOWS\22919zi5us118.dll
[2008/05/22 07:25:26 | 00,015,236 | ---- | C] () -- C:\WINDOWS\223045pa9bot204z.dll
[2008/05/21 22:01:39 | 00,011,607 | ---- | C] () -- C:\WINDOWS\59199spz746.dll
[2008/05/16 13:01:00 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/05/16 13:01:00 | 01,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/05/16 13:01:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/05/16 13:01:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/05/16 13:01:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/05/15 07:03:37 | 00,003,554 | ---- | C] () -- C:\WINDOWS\System32\4ac95zief1727.dll
[2008/05/13 10:42:51 | 00,002,883 | ---- | C] () -- C:\WINDOWS\2994not-azvir95396.dll
[2008/05/12 21:26:36 | 00,011,898 | ---- | C] () -- C:\WINDOWS\System32\23995zro91c8.dll
[2008/05/04 21:53:36 | 00,016,743 | ---- | C] () -- C:\WINDOWS\90590spa5boz5df.dll
[2008/05/01 05:59:39 | 00,013,162 | ---- | C] () -- C:\WINDOWS\System32\31z95irus67a.dll
[2008/04/26 09:45:59 | 00,003,818 | ---- | C] () -- C:\WINDOWS\System32\2z5169py270.dll
[2008/04/24 16:19:33 | 00,003,995 | ---- | C] () -- C:\WINDOWS\System32\16729zpy55e.dll
[2008/04/24 06:20:11 | 00,003,685 | ---- | C] () -- C:\WINDOWS\196z2hacktoolfc5.dll
[2008/04/19 01:21:32 | 00,009,339 | ---- | C] () -- C:\WINDOWS\System32\9554th5ef9z3.dll
[2008/04/17 23:27:35 | 00,016,519 | ---- | C] () -- C:\WINDOWS\System32\21z01sp9m5ot28e.dll
[2008/04/14 04:42:06 | 00,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2008/04/14 04:42:04 | 01,291,264 | ---- | C] () -- C:\WINDOWS\System32\quartz.dll
[2008/04/14 04:42:04 | 00,562,176 | ---- | C] () -- C:\WINDOWS\System32\qedit.dll
[2008/04/14 04:42:04 | 00,386,048 | ---- | C] () -- C:\WINDOWS\System32\qdvd.dll
[2008/04/14 04:42:04 | 00,279,040 | ---- | C] () -- C:\WINDOWS\System32\qdv.dll
[2008/04/14 04:42:04 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\qcap.dll
[2008/04/14 04:42:00 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2008/04/14 04:41:58 | 00,035,328 | ---- | C] () -- C:\WINDOWS\System32\mciqtz32.dll
[2008/04/14 04:41:54 | 00,498,742 | ---- | C] () -- C:\WINDOWS\System32\dxmasf.dll
[2008/04/14 04:41:54 | 00,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2008/04/14 04:41:52 | 00,252,928 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll
[2008/04/14 04:41:52 | 00,059,904 | ---- | C] () -- C:\WINDOWS\System32\devenum.dll
[2008/04/14 04:41:50 | 00,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2008/04/14 04:40:10 | 00,004,126 | ---- | C] () -- C:\WINDOWS\System32\msdxmlc.dll
[2008/04/13 21:51:34 | 00,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2008/04/13 21:20:56 | 00,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2008/04/13 21:19:44 | 00,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2008/04/13 21:19:44 | 00,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2008/04/13 21:19:42 | 00,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2008/04/13 21:19:40 | 00,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2008/04/13 21:19:40 | 00,033,840 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2008/04/12 21:29:54 | 00,004,579 | ---- | C] () -- C:\WINDOWS\System32\32210not-a-59zus776.dll
[2008/04/05 17:58:21 | 00,014,495 | ---- | C] () -- C:\WINDOWS\13137zro95a6.dll
[2008/04/05 11:52:10 | 00,005,664 | ---- | C] () -- C:\WINDOWS\System32\27992sp550bz.dll
[2008/04/04 12:26:32 | 00,010,824 | ---- | C] () -- C:\WINDOWS\z7a85par9e748.dll
[2008/04/02 01:20:21 | 00,009,445 | ---- | C] () -- C:\WINDOWS\6dz4threat35889.dll
[2008/04/01 10:43:15 | 00,008,578 | ---- | C] () -- C:\WINDOWS\59dzback9oor3095.dll
[2008/03/24 18:51:59 | 00,007,125 | ---- | C] () -- C:\WINDOWS\30989h59ktoolz62.dll


========== Alternate Data Streams ==========

@Alternate Data Stream - 487 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
< End of report >
gabebeck15
Active Member
 
Posts: 8
Joined: November 18th, 2009, 9:39 pm

Re: Lots of pop-ups along with AVG warnings popping up all over

Unread postby shinybeast » November 25th, 2009, 7:26 pm

Hi gabedeck15,

I notice you recently installed Ad-Aware. Although it is a decent program, it is not terribly effective against current threats. Also, it may interfere with our attempts to clean your computer. Please uninstall Ad-Aware. After we are finished you may re-install it if you wish.


Uninstall Programs

Click Start, click Run...
Type appwiz.cpl and press Enter to open Add or Remove Programs
For each of the programs listed below, highlight them in the list and click Remove

Ad-Aware

Once finished, close Add or Remove Programs window


Download and Run Malwarebytes' Anti-Malware

Please download the free version of Malwarebytes' Anti-Malware and save to a convenient location.
Double-click the mbam-setup.exe file that you download to start the installation
Go through the install screens and before you click finish ensure that the two check boxes below are checked.
  • Update Malwarebytes' Anti-Malware
  • Launch Malwarebytes' Anti-Malware

The program will then check for updates. If you have a firewall installed and it throws up a warning, please allow Malwarebytes through.
  • Once it checks for and gets any updates tick Perform full scan
  • If you are asked to select drives to be scanned, leave all the drives selected and click Scan
  • The scan could take quite some time to complete, please be patient.
  • When it finishes, click OK in the window that pops up and then click Show Results in the main window
  • Check all items except items in the C:\System Volume Information folder... then click on Remove Selected.
  • When the removal is complete, a logfile will open. Please copy and paste the entire contents of the logfile in your next reply. See NOTE below
  • If necessary, the logfile can also be accessed by running Malwarebytes' and clicking the Log tab. Double-click the current log to open it.
NOTE: If Malwarebytes' encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let it proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent Malwarebytes' from removing all the malware.


In your next post, please include:
Malwarebytes' log
Info on how computer is behaving
User avatar
shinybeast
Retired Graduate
 
Posts: 1187
Joined: October 29th, 2008, 6:56 pm
Location: -5 hrs GMT (EST)

Re: Lots of pop-ups along with AVG warnings popping up all over

Unread postby gabebeck15 » November 26th, 2009, 1:12 am

Malwarebytes' Anti-Malware 1.41
Database version: 3235
Windows 5.1.2600 Service Pack 3

11/25/2009 9:06:26 PM
mbam-log-2009-11-25 (21-06-26).txt

Scan type: Full Scan (A:\|C:\|D:\|E:\|F:\|G:\|)
Objects scanned: 258606
Time elapsed: 1 hour(s), 15 minute(s), 20 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 6
Registry Keys Infected: 30
Registry Values Infected: 1
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 23

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\6C.tmp (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\Baby\Local Settings\Temp\25.tmp (Trojan.Dropper) -> Delete on reboot.
C:\WINDOWS\system32\browsewm32.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\__c001C400.dat (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\__c004835E.dat (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\bidispl32.dll (Trojan.Agent) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0e9c5a00-df21-4ebd-acca-d9382fe9c923} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0e9c5a00-df21-4ebd-acca-d9382fe9c923} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{16591c0d-f1dc-4d92-9cdf-46dbaeccb422} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{16591c0d-f1dc-4d92-9cdf-46dbaeccb422} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0e9c5a00-df21-4ebd-acca-d9382fe9c923} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{16591c0d-f1dc-4d92-9cdf-46dbaeccb422} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0ed403e8-470a-4a8a-85a4-d7688cfe39a3} (Adware.Gamevance) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f02fabcb-92dd-475a-98af-14217bd50746} (Adware.Gamevance) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gtk 2.0 (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c001c400 (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\gxvxc (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c0014c6d (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinBlueSoft (Rogue.WinBlueSoft) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\gxvxcserv.sys (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\e06f763a700 (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f3ed469.exe (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Agent) -> Data: c:\windows\system32\bidispl32.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Agent) -> Data: system32\bidispl32.dll -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\browsewm32.dll (Trojan.BHO.H) -> Delete on reboot.
C:\WINDOWS\system32\6C.tmp (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\Baby\Local Settings\Temp\25.tmp (Trojan.Dropper) -> Delete on reboot.
C:\Documents and Settings\Baby\Local Settings\Temp\16.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Baby\Local Settings\Temp\1E.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Baby\Local Settings\Temp\20.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Baby\Local Settings\Temp\22.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Baby\Local Settings\Temp\2B.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Baby\Local Settings\Temp\61.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Baby\Local Settings\Temp\E6.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Baby\Local Settings\Temporary Internet Files\Content.IE5\A2O9AYYA\installer.70159[1].exe (Rogue.AntivirusPlus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Parents\Local Settings\Temp\F3.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\GTK\2.0\uninst.exe (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Windows Live\Messenger\msimg32.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Windows Live\Messenger\riched20.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2003A281-AD1E-4C11-8658-C944BF25576D}\RP529\A0141922.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\12B.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\13.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\__c001C400.dat (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\__c004835E.dat (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\__c006D93A.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\GnuHashes.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bidispl32.dll (Trojan.Agent) -> Delete on reboot.
gabebeck15
Active Member
 
Posts: 8
Joined: November 18th, 2009, 9:39 pm

Re: Lots of pop-ups along with AVG warnings popping up all over

Unread postby shinybeast » November 27th, 2009, 12:37 pm

Hello gabedeck15,

How is the computer behaving now?


Scan with GMER

Please download GMER Rootkit Scanner from here.
  • Double click the randomly named .exe file. If asked to allow gmer.sys driver to load, please consent
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO

    Image[
    Click the image to enlarge it
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Drives/Partition other than Systemdrive (typically C:\)
    • Show All (don't miss this one)
  • Then click the Scan button and wait for it to finish
  • Once done click on the Save.. button at lower right, and in the File name area, type in "Gmer.txt" (include the quotes) or it will save as a .log file
  • Save it where you can easily find it, such as your desktop, and post it in reply
**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Note: Do not run any programs while Gmer is running.


Then run OTL again. Click Run Scan in upper left of window.

This time it should only produce OTL.txt.

Please post the contents of the new OTL.txt and the GMER log (gmer.txt) in your next reply.
User avatar
shinybeast
Retired Graduate
 
Posts: 1187
Joined: October 29th, 2008, 6:56 pm
Location: -5 hrs GMT (EST)

Re: Lots of pop-ups along with AVG warnings popping up all over

Unread postby shinybeast » November 30th, 2009, 1:50 pm

Hello gabedeck15,
It has been 3 days since my last post to you.
  • Do you still need help with this problem?
  • Do you need more time?
  • Are you having problems understanding or following the instructions?
Please let me know what's going on otherwise...
After 24 hrs., if you have not replied to this thread... it will be closed!
User avatar
shinybeast
Retired Graduate
 
Posts: 1187
Joined: October 29th, 2008, 6:56 pm
Location: -5 hrs GMT (EST)

Re: Lots of pop-ups along with AVG warnings popping up all over

Unread postby NonSuch » December 5th, 2009, 1:19 am

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 291 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware