nvosdamage321

Members
  • Content Count

    12
  • Joined

  • Last visited

Community Reputation

0 Neutral

About nvosdamage321

  • Rank
    Member
  1. OTL logfile created on: 3/2/2010 6:48:43 PM - Run 1 OTL by OldTimer - Version 3.1.30.3 Folder = C:\Documents and Settings\Administrator\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 894.00 Mb Total Physical Memory | 458.00 Mb Available Physical Memory | 51.00% Memory free 2.00 Gb Paging File | 1.00 Gb Available in Paging File | 71.00% Paging File free Paging file location(s): C:\pagefile.sys 1344 2688 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37.26 Gb Total Space | 29.80 Gb Free Space | 79.97% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 298.09 Gb Total Space | 222.44 Gb Free Space | 74.62% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ARTIGO-B Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal [color="#E56717"]========== Processes (SafeList) ==========[/color] PRC - C:\Documents and Settings\Administrator\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Sandboxie\SbieCtrl.exe (tzuk) PRC - C:\Program Files\Sandboxie\SbieSvc.exe (tzuk) PRC - C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe (Motorola) PRC - C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe () PRC - C:\Program Files\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) PRC - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender SRL) PRC - C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe (BitDefender S.R.L.) PRC - C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company) PRC - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe (BitDefender S. R. L.) PRC - C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe () PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Program Files\CDBurnerXP\NMSAccessU.exe () PRC - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe (SRS Labs, Inc.) PRC - C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe (VIA Technologies, Inc.) PRC - C:\WINDOWS\system32\VTTimer.exe (S3 Graphics, Inc.) PRC - C:\WINDOWS\system32\VTTrayp.exe (S3 Graphics Co., Ltd.) PRC - C:\WINDOWS\system32\VNICMon.exe () [color="#E56717"]========== Modules (SafeList) ==========[/color] MOD - C:\Documents and Settings\Administrator\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_47\midas32.dll (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_47\plugin_net.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_47\plugin_extra.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_47\plugin_base.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_47\plugin_fragments.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_47\plugin_nt.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_47\plugin_registry.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Documents and Settings\Administrator\Desktop\framedyn.dll (Microsoft Corporation) [color="#E56717"]========== Win32 Services (SafeList) ==========[/color] SRV - (SbieSvc) -- C:\Program Files\Sandboxie\SbieSvc.exe (tzuk) SRV - (MotoConnect Service) -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe () SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (scan) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll (S.C. BitDefender S.R.L) SRV - (LIVESRV) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender SRL) SRV - (LightScribeService) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company) SRV - (VSSERV) -- C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe (BitDefender S. R. L.) SRV - (NMSAccessU) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe () SRV - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.) SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation) [color="#E56717"]========== Driver Services (SafeList) ==========[/color] DRV - (catchme) -- File not found DRV - (SbieDrv) -- C:\Program Files\Sandboxie\SbieDrv.sys (tzuk) DRV - (AvgLdx86) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.) DRV - (AvgMfx86) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.) DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (StarOpen) -- C:\WINDOWS\system32\drivers\StarOpen.sys () DRV - (motport) -- C:\WINDOWS\system32\drivers\motport.sys (Motorola) DRV - (motmodem) -- C:\WINDOWS\system32\drivers\motmodem.sys (Motorola) DRV - (bdfm) -- C:\WINDOWS\system32\drivers\bdfm.sys (BitDefender S.R.L. Bucharest, ROMANIA) DRV - (motccgp) -- C:\WINDOWS\system32\drivers\motccgp.sys (Motorola) DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys () DRV - (MotDev) -- C:\WINDOWS\system32\drivers\motodrv.sys (Motorola Inc) DRV - (cdrbsdrv) -- C:\WINDOWS\system32\drivers\CDRBSDRV.SYS (B.H.A Corporation) DRV - (bdfsfltr) -- C:\WINDOWS\system32\drivers\bdfsfltr.sys (BitDefender S.R.L. Bucharest, ROMANIA) DRV - (Trufos) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys (BitDefender S.R.L.) DRV - (motccgpfl) -- C:\WINDOWS\system32\drivers\motccgpfl.sys (Motorola) DRV - (BDSelfPr) -- C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys (BitDefender S.R.L.) DRV - (Profos) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys () DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.) DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.) DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.) DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.) DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider) DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.) DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.) DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.) DRV - (SRS_SSCFilter) SRS Labs Audio Sandbox (WDM) -- C:\WINDOWS\system32\drivers\SRS_SSCFilter_i386.sys () DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\viahduaa.sys (VIA Technologies, Inc.) DRV - (viagfx) -- C:\WINDOWS\system32\drivers\vtmini.sys (Copyright © VIA/S3 Graphics Co, Ltd.) DRV - (FETND5BV) -- C:\WINDOWS\system32\drivers\fetnd5bv.sys (VIA Technologies, Inc. ) DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\aspi32.sys (Adaptec) DRV - (videX32) -- C:\WINDOWS\system32\DRIVERS\videX32.sys (VIA Technologies, Inc.) DRV - (vulfntrs) -- C:\WINDOWS\System32\Drivers\vulfntr.sys (VIA Technologies, Inc.) DRV - (vulfnths) -- C:\WINDOWS\System32\Drivers\vulfnth.sys (VIA Technologies, Inc.) DRV - (VNICPKT5) -- C:\WINDOWS\system32\VNICPKT5.sys ( ) [color="#E56717"]========== Standard Registry (All) ==========[/color] [color="#E56717"]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft.com/fwlink/?LinkId=69157[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft.com/fwlink/?LinkId=69157[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = [url="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"]http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [url="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"]http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm[/url] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [url="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"]http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch[/url] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.com/webhp?hl=en"]http://www.google.com/webhp?hl=en[/url] IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2010/02/27 12:51:18 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe (BitDefender S.R.L.) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe (VIA Technologies, Inc.) O4 - HKLM..\Run: [NIC Monitor] File not found O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe () O4 - HKLM..\Run: [VTTimer] File not found O4 - HKLM..\Run: [VTTrayp] File not found O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (tzuk) O4 - HKCU..\Run: [SRS Audio Sandbox] C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe (SRS Labs, Inc.) O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10a.exe (Adobe Systems, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMFUprogramsList = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries0000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries0000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries0000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries0000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries0000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries0000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries0000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries0000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries0000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries0000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries0000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries0000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries0000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries0000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries0000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries0000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} [url="http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab"]http://download.microsoft.com/download/e/2...78f/wvc1dmo.cab[/url] (Reg Error: Key error.) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} [url="http://go.divx.com/plugin/DivXBrowserPlugin.cab"]http://go.divx.com/plugin/DivXBrowserPlugin.cab[/url] (DivXBrowserPlugin Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.10.30 192.168.1.254 O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\httpx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\httpsx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ippx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaippx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - File not found O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: UIHost - (logonui.exe) - File not found O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com) O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - File not found O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - File not found O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - File not found O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - File not found O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - File not found O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - File not found O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - File not found O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - File not found O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - File not found O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - File not found O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O24 - Desktop Components:0 (My Current Home Page) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - File not found O29 - HKLM SecurityProviders - (msapsspc.dll) - File not found O29 - HKLM SecurityProviders - (schannel.dll) - File not found O29 - HKLM SecurityProviders - (digest.dll) - File not found O29 - HKLM SecurityProviders - (msnsspc.dll) - File not found O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/11 12:52:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2008/04/04 23:26:42 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* [color="#E56717"]========== Files/Folders - Created Within 30 Days ==========[/color] [2010/03/01 00:00:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent [2010/02/28 14:01:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\languages [2010/02/28 14:01:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\custom matrices [2010/02/27 12:50:57 | 000,000,000 | ---D | C] -- C:\Program Files\xerox [2010/02/27 12:50:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom [2010/02/27 12:50:41 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage [2010/02/27 12:24:00 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2010/02/27 12:24:00 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2010/02/27 12:24:00 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2010/02/27 12:24:00 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2010/02/27 12:23:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2010/02/27 12:17:56 | 000,000,000 | ---D | C] -- C:\Qoobox [2010/02/27 11:56:33 | 000,549,888 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe [2010/02/21 20:28:11 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Administrator\Desktop\framedyn.dll [2010/02/21 20:22:58 | 000,632,832 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTS.exe [2010/02/17 13:18:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6} [2010/02/16 21:13:08 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos [2010/02/16 19:17:21 | 000,000,000 | ---D | C] -- C:\Temp [2010/02/16 17:57:48 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2010/02/09 20:45:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\VS Revo Group [2010/02/08 16:36:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallShield [2010/02/08 15:19:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\dvdisaster [2010/02/08 15:17:30 | 000,000,000 | ---D | C] -- C:\Program Files\dvdisaster [2010/02/08 14:38:36 | 000,000,000 | R--D | C] -- C:\Sandbox [2010/02/08 14:37:52 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie [2010/02/08 13:49:45 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IECompatCache [2010/02/07 22:42:52 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Administrator\Application Data\pcouffin.sys [2010/02/07 22:42:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Vso [2010/02/07 22:42:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\PcSetup [2010/02/07 22:08:15 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\PrivacIE [2010/02/07 22:04:30 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache [2010/02/07 21:48:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2010/02/07 21:47:14 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2010/02/07 21:45:32 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2010/02/07 16:54:18 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola [2010/02/01 02:02:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com [2010/02/01 00:58:03 | 000,000,000 | ---D | C] -- C:\Program Files\WIBU-SYSTEMS [2010/01/31 23:17:31 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll [2010/01/31 23:16:11 | 000,023,936 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motport.sys [2010/01/31 23:16:10 | 000,023,936 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motmodem.sys [2010/01/31 23:16:09 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfcoinstaller01007.dll [2010/01/31 23:16:09 | 000,019,712 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motccgp.sys [2010/01/31 23:16:09 | 000,008,320 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motccgpfl.sys [2010/01/31 23:16:09 | 000,006,400 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motswch.sys [2010/01/31 23:16:05 | 000,042,752 | ---- | C] (Motorola Inc) -- C:\WINDOWS\System32\drivers\motodrv.sys [2010/01/31 23:15:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared [2010/01/31 21:27:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\DVD Flick [2010/01/31 21:25:59 | 000,040,960 | ---- | C] (vbAccelerator) -- C:\WINDOWS\System32\ssubtmr6.dll [2010/01/31 21:25:59 | 000,036,864 | ---- | C] (Robdogg Inc.) -- C:\WINDOWS\System32\trayicon_handler.ocx [2010/01/31 21:25:58 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscomct2.ocx [2010/01/31 21:25:58 | 000,609,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comctl32.ocx [2010/01/31 21:25:58 | 000,164,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comct232.ocx [2010/01/31 21:25:58 | 000,028,672 | ---- | C] (-) -- C:\WINDOWS\System32\mousewheel.ocx [2010/01/31 21:25:57 | 000,212,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\richtx32.ocx [2010/01/31 21:25:56 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscomctl.ocx [2010/01/31 21:25:56 | 000,000,000 | ---D | C] -- C:\Program Files\DVD Flick [2010/01/31 21:17:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Canneverbe Limited [2010/01/15 12:03:16 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft [2010/01/15 12:03:16 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft [2010/01/15 12:03:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft [2010/01/15 12:03:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft [2009/03/22 18:09:58 | 000,016,066 | ---- | C] ( ) -- C:\WINDOWS\System32\VNICPKT5.sys [2009/03/22 18:09:57 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\VNICPKT.DLL [2004/11/24 12:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color="#E56717"]========== Files - Modified Within 30 Days ==========[/color] [2010/03/02 16:29:56 | 000,000,634 | ---- | M] () -- C:\WINDOWS\system.ini [2010/03/02 15:21:30 | 056,532,882 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2010/02/28 15:43:33 | 000,010,752 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/02/28 14:03:55 | 003,407,872 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT [2010/02/28 14:02:03 | 000,047,228 | ---- | M] () -- C:\WINDOWS\System32\unins000.dat [2010/02/28 13:59:32 | 001,182,799 | ---- | M] () -- C:\WINDOWS\System32\unins000.exe [2010/02/27 12:51:18 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010/02/27 12:50:50 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/02/27 12:50:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/02/27 12:50:37 | 938,004,480 | -HS- | M] () -- C:\hiberfil.sys [2010/02/27 12:48:33 | 000,081,984 | ---- | M] () -- C:\WINDOWS\System32\bdod.bin [2010/02/27 12:48:30 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini [2010/02/27 12:23:03 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/02/27 12:15:54 | 003,874,477 | R--- | M] () -- C:\Documents and Settings\Administrator\Desktop\ComboFix.exe [2010/02/27 11:56:35 | 000,549,888 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe [2010/02/26 22:24:44 | 000,612,342 | ---- | M] () -- C:\WINDOWS\System32\libmplayer.dll [2010/02/26 20:04:56 | 003,671,040 | ---- | M] () -- C:\WINDOWS\System32\ffdshow.ax [2010/02/26 19:33:36 | 004,911,697 | ---- | M] () -- C:\WINDOWS\System32\libavcodec.dll [2010/02/25 14:46:05 | 000,837,451 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\setfsb.exe [2010/02/23 18:14:07 | 000,001,484 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini [2010/02/21 20:23:03 | 000,632,832 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTS.exe [2010/02/19 20:08:32 | 000,097,792 | ---- | M] () -- C:\WINDOWS\System32\ffvdub.vdf [2010/02/19 20:08:10 | 000,100,864 | ---- | M] () -- C:\WINDOWS\System32\ff_wmv9.dll [2010/02/19 20:07:36 | 000,085,504 | ---- | M] () -- C:\WINDOWS\System32\ff_vfw.dll [2010/02/19 18:05:44 | 001,656,320 | ---- | M] () -- C:\WINDOWS\System32\ffmpegmt.dll [2010/02/16 20:32:01 | 000,000,537 | ---- | M] () -- C:\WINDOWS\win.ini [2010/02/09 20:53:59 | 000,000,121 | ---- | M] () -- C:\WINDOWS\bdagent.INI [2010/02/07 22:42:52 | 000,047,360 | ---- | M] (VSO Software) -- C:\Documents and Settings\Administrator\Application Data\pcouffin.sys [2010/02/07 22:42:52 | 000,007,887 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\pcouffin.cat [2010/02/07 22:42:52 | 000,001,144 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\pcouffin.inf [2010/02/07 22:07:47 | 000,000,849 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\P2kCommander.lnk [2010/01/31 23:27:10 | 000,436,250 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/01/31 23:27:09 | 000,515,688 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/01/31 23:27:09 | 000,070,270 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/01/31 23:17:53 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motport_01007.Wdf [2010/01/31 23:17:49 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motmodem_01007.Wdf [2010/01/31 23:17:43 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgpfl_01007.Wdf [2010/01/31 23:17:42 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgp_01007.Wdf [2010/01/31 23:17:40 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010/01/31 23:17:40 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf [2010/01/31 21:26:11 | 000,001,577 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\DVD.lnk [2010/01/31 21:16:57 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\CDBurnerXP.lnk [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color="#E56717"]========== Files Created - No Company Name ==========[/color] [2010/02/28 14:01:55 | 000,001,708 | ---- | C] () -- C:\WINDOWS\System32\openIE.js [2010/02/28 14:01:55 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ffdshow.ax.manifest [2010/02/28 14:01:54 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2010/02/28 14:01:54 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\ffvdub.vdf [2010/02/28 14:01:53 | 003,671,040 | ---- | C] () -- C:\WINDOWS\System32\ffdshow.ax [2010/02/28 14:01:53 | 000,324,096 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll [2010/02/28 14:01:53 | 000,145,408 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll [2010/02/28 14:01:52 | 000,957,491 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll [2010/02/28 14:01:52 | 000,895,656 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010/02/28 14:01:52 | 000,484,864 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll [2010/02/28 14:01:52 | 000,248,320 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll [2010/02/28 14:01:52 | 000,183,296 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll [2010/02/28 14:01:52 | 000,178,688 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll [2010/02/28 14:01:52 | 000,146,944 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll [2010/02/28 14:01:52 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll [2010/02/28 14:01:51 | 001,656,320 | ---- | C] () -- C:\WINDOWS\System32\ffmpegmt.dll [2010/02/28 14:01:51 | 000,612,342 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2010/02/28 14:01:51 | 000,257,024 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll [2010/02/28 14:01:51 | 000,142,848 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll [2010/02/28 14:01:50 | 004,911,697 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2010/02/28 14:01:50 | 001,182,799 | ---- | C] () -- C:\WINDOWS\System32\unins000.exe [2010/02/28 14:01:50 | 000,047,228 | ---- | C] () -- C:\WINDOWS\System32\unins000.dat [2010/02/28 13:30:29 | 000,061,440 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\FLVExtract.exe [2010/02/28 13:30:29 | 000,040,960 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\FLVExtractCL.exe [2010/02/27 12:24:00 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe [2010/02/27 12:24:00 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2010/02/27 12:24:00 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2010/02/27 12:24:00 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2010/02/27 12:24:00 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2010/02/27 12:15:43 | 003,874,477 | R--- | C] () -- C:\Documents and Settings\Administrator\Desktop\ComboFix.exe [2010/02/08 14:38:02 | 000,001,484 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini [2010/02/07 22:42:53 | 000,000,055 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\pcouffin.log [2010/02/07 22:42:52 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\pcouffin.cat [2010/02/07 22:42:52 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\pcouffin.inf [2010/02/07 18:19:35 | 000,000,849 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\P2kCommander.lnk [2010/02/01 01:14:38 | 000,022,486 | ---- | C] () -- C:\WINDOWS\System32\msu.ico [2010/01/31 23:17:53 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motport_01007.Wdf [2010/01/31 23:17:49 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motmodem_01007.Wdf [2010/01/31 23:17:43 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgpfl_01007.Wdf [2010/01/31 23:17:42 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgp_01007.Wdf [2010/01/31 23:17:40 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf [2010/01/31 21:26:11 | 000,001,577 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\DVD.lnk [2010/01/31 21:16:52 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2009/10/04 12:11:55 | 000,000,265 | ---- | C] () -- C:\WINDOWS\sys409c1.ini [2009/07/12 18:08:37 | 000,000,804 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2009/06/14 14:59:37 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat [2009/06/11 14:33:56 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009/06/11 12:47:02 | 000,000,322 | ---- | C] () -- C:\WINDOWS\CSACBAT1.INI [2009/06/11 12:47:01 | 000,005,161 | ---- | C] () -- C:\WINDOWS\CS32BA11.INI [2009/05/28 12:13:26 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009/05/27 18:23:18 | 000,064,776 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2009/03/28 16:50:46 | 000,047,360 | R--- | C] () -- C:\WINDOWS\System32\drivers\Surroundhp_kern_i386.sys [2009/03/28 16:50:46 | 000,047,104 | R--- | C] () -- C:\WINDOWS\System32\drivers\tshd4_kern_i386.sys [2009/03/28 16:50:46 | 000,042,112 | R--- | C] () -- C:\WINDOWS\System32\drivers\csiidecoder_kern_i386.sys [2009/03/28 16:50:46 | 000,039,808 | R--- | C] () -- C:\WINDOWS\System32\drivers\SRS_SSCFilter_i386.sys [2009/03/28 16:11:21 | 000,010,752 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/03/26 10:09:40 | 000,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI [2009/03/25 21:32:57 | 000,000,268 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\CMCPaper.dat [2009/03/25 21:30:13 | 000,003,932 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\CMLayout.dat [2009/03/25 21:29:46 | 000,000,179 | ---- | C] () -- C:\WINDOWS\System32\CM_SUPPORT.INI [2009/03/22 18:17:14 | 000,061,440 | R--- | C] () -- C:\WINDOWS\System32\vuins32.dll [2009/03/22 18:10:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\vusetup.dll [2008/12/17 10:22:48 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2008/12/11 04:27:02 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2008/10/09 15:31:54 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\txmlutil.dll [2008/09/02 06:25:26 | 002,854,912 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll [2008/04/14 04:00:00 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\CopyToSendTo.dll [2007/01/31 13:50:32 | 000,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll [2005/02/17 11:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest [2005/02/17 11:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest [2003/09/23 06:40:34 | 000,394,240 | ---- | C] () -- C:\WINDOWS\System32\HMTCD.dll [2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll [color="#E56717"]========== LOP Check ==========[/color] [2010/01/15 12:16:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\AVG9 [2009/04/25 20:39:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\BitDefender [2010/01/31 21:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Canneverbe Limited [2009/06/11 14:45:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Canneverbe_Limited [2009/05/05 14:26:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Canon [2010/02/08 15:20:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\dvdisaster [2010/02/28 13:31:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\FLV Extract [2009/03/29 19:46:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Foxit [2009/05/19 20:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ImgBurn [2009/05/20 17:02:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mirkes.de [2009/04/23 21:54:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Pegasys Inc [2010/02/25 20:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\uTorrent [2010/02/07 22:42:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Vso [2010/01/15 12:05:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9 [2009/04/26 18:04:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BitDefender [2009/05/05 13:00:29 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ [2009/07/12 18:01:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeRIP [2009/05/28 09:40:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe [2009/03/28 16:51:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SRS Labs [2010/02/17 13:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6} [color="#E56717"]========== Purity Check ==========[/color] < End of report >
  2. OTL logfile created on: 3/2/2010 6:48:43 PM - Run 1 OTL by OldTimer - Version 3.1.30.3 Folder = C:\Documents and Settings\Administrator\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 894.00 Mb Total Physical Memory | 458.00 Mb Available Physical Memory | 51.00% Memory free 2.00 Gb Paging File | 1.00 Gb Available in Paging File | 71.00% Paging File free Paging file location(s): C:\pagefile.sys 1344 2688 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37.26 Gb Total Space | 29.80 Gb Free Space | 79.97% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 298.09 Gb Total Space | 222.44 Gb Free Space | 74.62% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ARTIGO-B Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal [color="#E56717"]========== Processes (SafeList) ==========[/color] PRC - C:\Documents and Settings\Administrator\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Sandboxie\SbieCtrl.exe (tzuk) PRC - C:\Program Files\Sandboxie\SbieSvc.exe (tzuk) PRC - C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe (Motorola) PRC - C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe () PRC - C:\Program Files\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) PRC - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender SRL) PRC - C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe (BitDefender S.R.L.) PRC - C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company) PRC - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe (BitDefender S. R. L.) PRC - C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe () PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Program Files\CDBurnerXP\NMSAccessU.exe () PRC - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe (SRS Labs, Inc.) PRC - C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe (VIA Technologies, Inc.) PRC - C:\WINDOWS\system32\VTTimer.exe (S3 Graphics, Inc.) PRC - C:\WINDOWS\system32\VTTrayp.exe (S3 Graphics Co., Ltd.) PRC - C:\WINDOWS\system32\VNICMon.exe () [color="#E56717"]========== Modules (SafeList) ==========[/color] MOD - C:\Documents and Settings\Administrator\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_47\midas32.dll (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_47\plugin_net.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_47\plugin_extra.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_47\plugin_base.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_47\plugin_fragments.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_47\plugin_nt.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Program Files\BitDefender\BitDefender 2009\BitDefender InnerFire\midas32-v1.5_47\plugin_registry.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Documents and Settings\Administrator\Desktop\framedyn.dll (Microsoft Corporation) [color="#E56717"]========== Win32 Services (SafeList) ==========[/color] SRV - (SbieSvc) -- C:\Program Files\Sandboxie\SbieSvc.exe (tzuk) SRV - (MotoConnect Service) -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe () SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (scan) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll (S.C. BitDefender S.R.L) SRV - (LIVESRV) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender SRL) SRV - (LightScribeService) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company) SRV - (VSSERV) -- C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe (BitDefender S. R. L.) SRV - (NMSAccessU) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe () SRV - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.) SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation) [color="#E56717"]========== Driver Services (SafeList) ==========[/color] DRV - (catchme) -- File not found DRV - (SbieDrv) -- C:\Program Files\Sandboxie\SbieDrv.sys (tzuk) DRV - (AvgLdx86) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.) DRV - (AvgMfx86) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.) DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (StarOpen) -- C:\WINDOWS\system32\drivers\StarOpen.sys () DRV - (motport) -- C:\WINDOWS\system32\drivers\motport.sys (Motorola) DRV - (motmodem) -- C:\WINDOWS\system32\drivers\motmodem.sys (Motorola) DRV - (bdfm) -- C:\WINDOWS\system32\drivers\bdfm.sys (BitDefender S.R.L. Bucharest, ROMANIA) DRV - (motccgp) -- C:\WINDOWS\system32\drivers\motccgp.sys (Motorola) DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys () DRV - (MotDev) -- C:\WINDOWS\system32\drivers\motodrv.sys (Motorola Inc) DRV - (cdrbsdrv) -- C:\WINDOWS\system32\drivers\CDRBSDRV.SYS (B.H.A Corporation) DRV - (bdfsfltr) -- C:\WINDOWS\system32\drivers\bdfsfltr.sys (BitDefender S.R.L. Bucharest, ROMANIA) DRV - (Trufos) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys (BitDefender S.R.L.) DRV - (motccgpfl) -- C:\WINDOWS\system32\drivers\motccgpfl.sys (Motorola) DRV - (BDSelfPr) -- C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys (BitDefender S.R.L.) DRV - (Profos) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys () DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.) DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.) DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.) DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.) DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider) DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.) DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.) DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.) DRV - (SRS_SSCFilter) SRS Labs Audio Sandbox (WDM) -- C:\WINDOWS\system32\drivers\SRS_SSCFilter_i386.sys () DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\viahduaa.sys (VIA Technologies, Inc.) DRV - (viagfx) -- C:\WINDOWS\system32\drivers\vtmini.sys (Copyright © VIA/S3 Graphics Co, Ltd.) DRV - (FETND5BV) -- C:\WINDOWS\system32\drivers\fetnd5bv.sys (VIA Technologies, Inc. ) DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\aspi32.sys (Adaptec) DRV - (videX32) -- C:\WINDOWS\system32\DRIVERS\videX32.sys (VIA Technologies, Inc.) DRV - (vulfntrs) -- C:\WINDOWS\System32\Drivers\vulfntr.sys (VIA Technologies, Inc.) DRV - (vulfnths) -- C:\WINDOWS\System32\Drivers\vulfnth.sys (VIA Technologies, Inc.) DRV - (VNICPKT5) -- C:\WINDOWS\system32\VNICPKT5.sys ( ) [color="#E56717"]========== Standard Registry (All) ==========[/color] [color="#E56717"]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft.com/fwlink/?LinkId=69157[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft.com/fwlink/?LinkId=69157[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = [url="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"]http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [url="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"]http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm[/url] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [url="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"]http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch[/url] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.com/webhp?hl=en"]http://www.google.com/webhp?hl=en[/url] IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2010/02/27 12:51:18 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe (BitDefender S.R.L.) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe (VIA Technologies, Inc.) O4 - HKLM..\Run: [NIC Monitor] File not found O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe () O4 - HKLM..\Run: [VTTimer] File not found O4 - HKLM..\Run: [VTTrayp] File not found O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (tzuk) O4 - HKCU..\Run: [SRS Audio Sandbox] C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe (SRS Labs, Inc.) O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10a.exe (Adobe Systems, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMFUprogramsList = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries0000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries0000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries0000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries0000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries0000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries0000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries0000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries0000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries0000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries0000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries0000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries0000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries0000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries0000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries0000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries0000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} [url="http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab"]http://download.microsoft.com/download/e/2...78f/wvc1dmo.cab[/url] (Reg Error: Key error.) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} [url="http://go.divx.com/plugin/DivXBrowserPlugin.cab"]http://go.divx.com/plugin/DivXBrowserPlugin.cab[/url] (DivXBrowserPlugin Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.10.30 192.168.1.254 O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\httpx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\httpsx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ippx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaippx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - File not found O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: UIHost - (logonui.exe) - File not found O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com) O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - File not found O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - File not found O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - File not found O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - File not found O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - File not found O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - File not found O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - File not found O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - File not found O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - File not found O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - File not found O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O24 - Desktop Components:0 (My Current Home Page) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - File not found O29 - HKLM SecurityProviders - (msapsspc.dll) - File not found O29 - HKLM SecurityProviders - (schannel.dll) - File not found O29 - HKLM SecurityProviders - (digest.dll) - File not found O29 - HKLM SecurityProviders - (msnsspc.dll) - File not found O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/11 12:52:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2008/04/04 23:26:42 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* [color="#E56717"]========== Files/Folders - Created Within 30 Days ==========[/color] [2010/03/01 00:00:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent [2010/02/28 14:01:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\languages [2010/02/28 14:01:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\custom matrices [2010/02/27 12:50:57 | 000,000,000 | ---D | C] -- C:\Program Files\xerox [2010/02/27 12:50:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom [2010/02/27 12:50:41 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage [2010/02/27 12:24:00 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2010/02/27 12:24:00 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2010/02/27 12:24:00 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2010/02/27 12:24:00 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2010/02/27 12:23:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2010/02/27 12:17:56 | 000,000,000 | ---D | C] -- C:\Qoobox [2010/02/27 11:56:33 | 000,549,888 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe [2010/02/21 20:28:11 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Administrator\Desktop\framedyn.dll [2010/02/21 20:22:58 | 000,632,832 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTS.exe [2010/02/17 13:18:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6} [2010/02/16 21:13:08 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos [2010/02/16 19:17:21 | 000,000,000 | ---D | C] -- C:\Temp [2010/02/16 17:57:48 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2010/02/09 20:45:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\VS Revo Group [2010/02/08 16:36:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallShield [2010/02/08 15:19:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\dvdisaster [2010/02/08 15:17:30 | 000,000,000 | ---D | C] -- C:\Program Files\dvdisaster [2010/02/08 14:38:36 | 000,000,000 | R--D | C] -- C:\Sandbox [2010/02/08 14:37:52 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie [2010/02/08 13:49:45 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IECompatCache [2010/02/07 22:42:52 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Administrator\Application Data\pcouffin.sys [2010/02/07 22:42:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Vso [2010/02/07 22:42:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\PcSetup [2010/02/07 22:08:15 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\PrivacIE [2010/02/07 22:04:30 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache [2010/02/07 21:48:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2010/02/07 21:47:14 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2010/02/07 21:45:32 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2010/02/07 16:54:18 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola [2010/02/01 02:02:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com [2010/02/01 00:58:03 | 000,000,000 | ---D | C] -- C:\Program Files\WIBU-SYSTEMS [2010/01/31 23:17:31 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll [2010/01/31 23:16:11 | 000,023,936 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motport.sys [2010/01/31 23:16:10 | 000,023,936 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motmodem.sys [2010/01/31 23:16:09 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfcoinstaller01007.dll [2010/01/31 23:16:09 | 000,019,712 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motccgp.sys [2010/01/31 23:16:09 | 000,008,320 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motccgpfl.sys [2010/01/31 23:16:09 | 000,006,400 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motswch.sys [2010/01/31 23:16:05 | 000,042,752 | ---- | C] (Motorola Inc) -- C:\WINDOWS\System32\drivers\motodrv.sys [2010/01/31 23:15:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared [2010/01/31 21:27:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\DVD Flick [2010/01/31 21:25:59 | 000,040,960 | ---- | C] (vbAccelerator) -- C:\WINDOWS\System32\ssubtmr6.dll [2010/01/31 21:25:59 | 000,036,864 | ---- | C] (Robdogg Inc.) -- C:\WINDOWS\System32\trayicon_handler.ocx [2010/01/31 21:25:58 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscomct2.ocx [2010/01/31 21:25:58 | 000,609,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comctl32.ocx [2010/01/31 21:25:58 | 000,164,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comct232.ocx [2010/01/31 21:25:58 | 000,028,672 | ---- | C] (-) -- C:\WINDOWS\System32\mousewheel.ocx [2010/01/31 21:25:57 | 000,212,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\richtx32.ocx [2010/01/31 21:25:56 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscomctl.ocx [2010/01/31 21:25:56 | 000,000,000 | ---D | C] -- C:\Program Files\DVD Flick [2010/01/31 21:17:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Canneverbe Limited [2010/01/15 12:03:16 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft [2010/01/15 12:03:16 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft [2010/01/15 12:03:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft [2010/01/15 12:03:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft [2009/03/22 18:09:58 | 000,016,066 | ---- | C] ( ) -- C:\WINDOWS\System32\VNICPKT5.sys [2009/03/22 18:09:57 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\VNICPKT.DLL [2004/11/24 12:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color="#E56717"]========== Files - Modified Within 30 Days ==========[/color] [2010/03/02 16:29:56 | 000,000,634 | ---- | M] () -- C:\WINDOWS\system.ini [2010/03/02 15:21:30 | 056,532,882 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2010/02/28 15:43:33 | 000,010,752 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/02/28 14:03:55 | 003,407,872 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT [2010/02/28 14:02:03 | 000,047,228 | ---- | M] () -- C:\WINDOWS\System32\unins000.dat [2010/02/28 13:59:32 | 001,182,799 | ---- | M] () -- C:\WINDOWS\System32\unins000.exe [2010/02/27 12:51:18 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010/02/27 12:50:50 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/02/27 12:50:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/02/27 12:50:37 | 938,004,480 | -HS- | M] () -- C:\hiberfil.sys [2010/02/27 12:48:33 | 000,081,984 | ---- | M] () -- C:\WINDOWS\System32\bdod.bin [2010/02/27 12:48:30 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini [2010/02/27 12:23:03 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/02/27 12:15:54 | 003,874,477 | R--- | M] () -- C:\Documents and Settings\Administrator\Desktop\ComboFix.exe [2010/02/27 11:56:35 | 000,549,888 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe [2010/02/26 22:24:44 | 000,612,342 | ---- | M] () -- C:\WINDOWS\System32\libmplayer.dll [2010/02/26 20:04:56 | 003,671,040 | ---- | M] () -- C:\WINDOWS\System32\ffdshow.ax [2010/02/26 19:33:36 | 004,911,697 | ---- | M] () -- C:\WINDOWS\System32\libavcodec.dll [2010/02/25 14:46:05 | 000,837,451 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\setfsb.exe [2010/02/23 18:14:07 | 000,001,484 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini [2010/02/21 20:23:03 | 000,632,832 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTS.exe [2010/02/19 20:08:32 | 000,097,792 | ---- | M] () -- C:\WINDOWS\System32\ffvdub.vdf [2010/02/19 20:08:10 | 000,100,864 | ---- | M] () -- C:\WINDOWS\System32\ff_wmv9.dll [2010/02/19 20:07:36 | 000,085,504 | ---- | M] () -- C:\WINDOWS\System32\ff_vfw.dll [2010/02/19 18:05:44 | 001,656,320 | ---- | M] () -- C:\WINDOWS\System32\ffmpegmt.dll [2010/02/16 20:32:01 | 000,000,537 | ---- | M] () -- C:\WINDOWS\win.ini [2010/02/09 20:53:59 | 000,000,121 | ---- | M] () -- C:\WINDOWS\bdagent.INI [2010/02/07 22:42:52 | 000,047,360 | ---- | M] (VSO Software) -- C:\Documents and Settings\Administrator\Application Data\pcouffin.sys [2010/02/07 22:42:52 | 000,007,887 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\pcouffin.cat [2010/02/07 22:42:52 | 000,001,144 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\pcouffin.inf [2010/02/07 22:07:47 | 000,000,849 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\P2kCommander.lnk [2010/01/31 23:27:10 | 000,436,250 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/01/31 23:27:09 | 000,515,688 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/01/31 23:27:09 | 000,070,270 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/01/31 23:17:53 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motport_01007.Wdf [2010/01/31 23:17:49 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motmodem_01007.Wdf [2010/01/31 23:17:43 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgpfl_01007.Wdf [2010/01/31 23:17:42 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgp_01007.Wdf [2010/01/31 23:17:40 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010/01/31 23:17:40 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf [2010/01/31 21:26:11 | 000,001,577 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\DVD.lnk [2010/01/31 21:16:57 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\CDBurnerXP.lnk [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color="#E56717"]========== Files Created - No Company Name ==========[/color] [2010/02/28 14:01:55 | 000,001,708 | ---- | C] () -- C:\WINDOWS\System32\openIE.js [2010/02/28 14:01:55 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ffdshow.ax.manifest [2010/02/28 14:01:54 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2010/02/28 14:01:54 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\ffvdub.vdf [2010/02/28 14:01:53 | 003,671,040 | ---- | C] () -- C:\WINDOWS\System32\ffdshow.ax [2010/02/28 14:01:53 | 000,324,096 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll [2010/02/28 14:01:53 | 000,145,408 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll [2010/02/28 14:01:52 | 000,957,491 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll [2010/02/28 14:01:52 | 000,895,656 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010/02/28 14:01:52 | 000,484,864 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll [2010/02/28 14:01:52 | 000,248,320 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll [2010/02/28 14:01:52 | 000,183,296 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll [2010/02/28 14:01:52 | 000,178,688 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll [2010/02/28 14:01:52 | 000,146,944 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll [2010/02/28 14:01:52 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll [2010/02/28 14:01:51 | 001,656,320 | ---- | C] () -- C:\WINDOWS\System32\ffmpegmt.dll [2010/02/28 14:01:51 | 000,612,342 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2010/02/28 14:01:51 | 000,257,024 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll [2010/02/28 14:01:51 | 000,142,848 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll [2010/02/28 14:01:50 | 004,911,697 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2010/02/28 14:01:50 | 001,182,799 | ---- | C] () -- C:\WINDOWS\System32\unins000.exe [2010/02/28 14:01:50 | 000,047,228 | ---- | C] () -- C:\WINDOWS\System32\unins000.dat [2010/02/28 13:30:29 | 000,061,440 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\FLVExtract.exe [2010/02/28 13:30:29 | 000,040,960 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\FLVExtractCL.exe [2010/02/27 12:24:00 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe [2010/02/27 12:24:00 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2010/02/27 12:24:00 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2010/02/27 12:24:00 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2010/02/27 12:24:00 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2010/02/27 12:15:43 | 003,874,477 | R--- | C] () -- C:\Documents and Settings\Administrator\Desktop\ComboFix.exe [2010/02/08 14:38:02 | 000,001,484 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini [2010/02/07 22:42:53 | 000,000,055 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\pcouffin.log [2010/02/07 22:42:52 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\pcouffin.cat [2010/02/07 22:42:52 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\pcouffin.inf [2010/02/07 18:19:35 | 000,000,849 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\P2kCommander.lnk [2010/02/01 01:14:38 | 000,022,486 | ---- | C] () -- C:\WINDOWS\System32\msu.ico [2010/01/31 23:17:53 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motport_01007.Wdf [2010/01/31 23:17:49 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motmodem_01007.Wdf [2010/01/31 23:17:43 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgpfl_01007.Wdf [2010/01/31 23:17:42 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_motccgp_01007.Wdf [2010/01/31 23:17:40 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf [2010/01/31 21:26:11 | 000,001,577 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\DVD.lnk [2010/01/31 21:16:52 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2009/10/04 12:11:55 | 000,000,265 | ---- | C] () -- C:\WINDOWS\sys409c1.ini [2009/07/12 18:08:37 | 000,000,804 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2009/06/14 14:59:37 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat [2009/06/11 14:33:56 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009/06/11 12:47:02 | 000,000,322 | ---- | C] () -- C:\WINDOWS\CSACBAT1.INI [2009/06/11 12:47:01 | 000,005,161 | ---- | C] () -- C:\WINDOWS\CS32BA11.INI [2009/05/28 12:13:26 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009/05/27 18:23:18 | 000,064,776 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2009/03/28 16:50:46 | 000,047,360 | R--- | C] () -- C:\WINDOWS\System32\drivers\Surroundhp_kern_i386.sys [2009/03/28 16:50:46 | 000,047,104 | R--- | C] () -- C:\WINDOWS\System32\drivers\tshd4_kern_i386.sys [2009/03/28 16:50:46 | 000,042,112 | R--- | C] () -- C:\WINDOWS\System32\drivers\csiidecoder_kern_i386.sys [2009/03/28 16:50:46 | 000,039,808 | R--- | C] () -- C:\WINDOWS\System32\drivers\SRS_SSCFilter_i386.sys [2009/03/28 16:11:21 | 000,010,752 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/03/26 10:09:40 | 000,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI [2009/03/25 21:32:57 | 000,000,268 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\CMCPaper.dat [2009/03/25 21:30:13 | 000,003,932 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\CMLayout.dat [2009/03/25 21:29:46 | 000,000,179 | ---- | C] () -- C:\WINDOWS\System32\CM_SUPPORT.INI [2009/03/22 18:17:14 | 000,061,440 | R--- | C] () -- C:\WINDOWS\System32\vuins32.dll [2009/03/22 18:10:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\vusetup.dll [2008/12/17 10:22:48 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2008/12/11 04:27:02 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2008/10/09 15:31:54 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\txmlutil.dll [2008/09/02 06:25:26 | 002,854,912 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll [2008/04/14 04:00:00 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\CopyToSendTo.dll [2007/01/31 13:50:32 | 000,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll [2005/02/17 11:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest [2005/02/17 11:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest [2003/09/23 06:40:34 | 000,394,240 | ---- | C] () -- C:\WINDOWS\System32\HMTCD.dll [2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll [color="#E56717"]========== LOP Check ==========[/color] [2010/01/15 12:16:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\AVG9 [2009/04/25 20:39:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\BitDefender [2010/01/31 21:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Canneverbe Limited [2009/06/11 14:45:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Canneverbe_Limited [2009/05/05 14:26:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Canon [2010/02/08 15:20:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\dvdisaster [2010/02/28 13:31:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\FLV Extract [2009/03/29 19:46:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Foxit [2009/05/19 20:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ImgBurn [2009/05/20 17:02:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mirkes.de [2009/04/23 21:54:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Pegasys Inc [2010/02/25 20:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\uTorrent [2010/02/07 22:42:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Vso [2010/01/15 12:05:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9 [2009/04/26 18:04:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BitDefender [2009/05/05 13:00:29 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ [2009/07/12 18:01:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeRIP [2009/05/28 09:40:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe [2009/03/28 16:51:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SRS Labs [2010/02/17 13:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6} [color="#E56717"]========== Purity Check ==========[/color] < End of report >
  3. rjfaafsybpij.sys - this looks like some kind of c**p [attachment=7878:ComboFix.txt] [attachment=7879:OTL.Txt]
  4. If you are having trouble wiith this system, how about something like rapidshare?
  5. Not readable? What on earth are you trying to read it with, commodore vic-20? Downloaded fine for me. Checksums match, is readable.
  6. Is large for a log, seen much worse from compilers, good luck. I might not be infected, may even be leftover damage from something. Never seen a virus that only disables ad-aware, regcleaner, isobuster and hides from all scanners. Had to omit from custom scan due to crashing: c:\$recycle.bin\*.* /s CREATERESTOREPOINT [attachment=7849:OTS.Txt]
  7. [url="http://www.lavasoftsupport.com/index.php?showtopic=28521"]Please see this thread for the problem.[/url] Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 6:00:19 PM, on 2/16/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\Program Files\Sandboxie\SbieSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe C:\WINDOWS\system32\VNICMon.exe C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe C:\Program Files\Sandboxie\SbieCtrl.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft.com/fwlink/?LinkId=69157[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft.com/fwlink/?LinkId=69157[/url] O4 - HKLM\..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe -H O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1 O4 - HKLM\..\Run: [NIC Monitor] VNICMon.exe O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe" O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKCU\..\Run: [SRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe" O4 - HKLM\..\Policies\Explorer\Run: [ARTIGO-B] .vbe O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - [url="http://go.divx.com/plugin/DivXBrowserPlugin.cab"]http://go.divx.com/plugin/DivXBrowserPlugin.cab[/url] O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: MotoConnect Service - Unknown owner - C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe -- End of file -
  8. Gmer scans for awhile then crashes the windows logon process, causing a blue screen of death. Hijack this worked and has made a log, but I do not see anything worrying. A long time ago I used gmer and it did not crash then, this worrys me, [u][b]A LOT![/b][/u]
  9. [quote name='casey_boy' post='116698' date='Feb 16 2010, 03:38 AM']OK let's just try a clean reinstall. Download [url="http://revouninstaller.com/revo_uninstaller_free_download.html"]Revo (free)[/url], run and use to remove Ad-Aware. Let Revo remove any left over files or reg entries. Then try a reinstall. Casey[/quote] Tried that one before my first post. Also used regedit's search to nuke all keys that mentioned ad-aware. Regcleaner will load it's process and never show a window!???
  10. [quote name='casey_boy' post='116498' date='Feb 11 2010, 03:52 AM']OK, what operating system and service pack are you using? Also, do you have a system restore point say from last week? Casey[/quote] XP pro sp3. system restore will not work with some of the strange software I have installed. System is a customized Via PX10000G.
  11. [quote name='casey_boy' post='116471' date='Feb 10 2010, 03:04 PM']I would suggest reinstalling your C++ runtime. You can download the latest version here: [url="http://www.microsoft.com/downloads/details.aspx?familyid=A5C84275-3B97-4AB7-A40D-3802B2AF5FC2&displaylang=en"]http://www.microsoft.com/downloads/details...;displaylang=en[/url] Then try reinstalling Ad-Aware. Casey[/quote] Followed suggestion but no difference.
  12. Just before finishing installation, I encounter numerous (4-7) "Resources missing" error popups that look like : title bar= resources missing main message= failed to locate application resources button= ok They all say the same thing. Scanned my system with Bitdefender, AVG, malwarebytes-antimalware and super-antispyware. all returned clean and system acts normal with no slowdown, popups, UIPs or other anomalies, except that regcleaner and isobuster will not run or produce an error. looks like operating system damage to me. installation then completes as "successful". uninstall behaves the same way. trying to run the program produces a different error popup: title bar= error main message= couldn't load resource manager button= ok And to top it all off, ad-aware was running fine just last week. now what? (pulls hair out)