BestTechie Forums: Computer bogged down, internet connection issues... - BestTechie Forums

Jump to content

Recommended Software

  • (2 Pages) +
  • 1
  • 2
  • You cannot start a new topic
  • You cannot reply to this topic

Computer bogged down, internet connection issues...


#16 User is offline   deocder 

  • Member
  • Pip
  • Group: Members
  • Posts: 14
  • Joined: 18-November 09

Posted 11 January 2010 - 11:00 PM

Hello,

Finally I have had a chance to work on this computer. However I had to do so remotely and cannot be in front of it.

In addition, I have been unable to restore the desktop wallpaper. I have tried several fixes to no avail.

The computer was having issues connecting to the internet. But once connected I tried to check the router it was connected to to make sure it was set up properly. I was unable to browse to the router (192.168.1.1). All other web browsing was fine, just unable to connect to the router's GUI. I have been able to connect to this in the past. I suspected that the browser was hijacked so I installed Spybot S&D and ran immunization. Then did a scan.

I have also updated Malwarebytes and run another scan.

In addition, another OTL scan.

All logs are below.....

Spybot Log:

MaxSecure.RegistryCleaner: [SBI $5AA2E7C9] Program directory (Directory, fixed)
C:\Program Files\Max Registry Cleaner\
MaxSecure.RegistryCleaner: [SBI $52C9D917] Program directory (Directory, fixed)
C:\Program Files\Max Registry Cleaner\Backup\
MaxSecure.RegistryCleaner: [SBI $E0207521] Program directory (Directory, fixed)
C:\Program Files\Max Registry Cleaner\BackupDB\
MaxSecure.RegistryCleaner: [SBI $BA545786] Program directory (Directory, fixed)
C:\Program Files\Max Registry Cleaner\Log\
MaxSecure.RegistryCleaner: [SBI $ACF07A50] Text file (File, fixed)
C:\Program Files\Max Registry Cleaner\Log\RCLiveupdateLog.txt
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E
MaxSecure.RegistryCleaner: [SBI $ACF07A50] Text file (File, fixed)
C:\Program Files\Max Registry Cleaner\Log\ScanLog.txt
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E
MaxSecure.RegistryCleaner: [SBI $ACF07A50] Text file (File, fixed)
C:\Program Files\Max Registry Cleaner\Log\VoucherLog.txt
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E
MaxSecure.RegistryCleaner: [SBI $44D17AEA] Program directory (Directory, fixed)
C:\Program Files\Max Registry Cleaner\setting\
MaxSecure.RegistryCleaner: [SBI $033A6FF0] Configuration file (File, fixed)
C:\Program Files\Max Registry Cleaner\setting\CurrentSettings.ini
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E
SpywareDetector: [SBI $3B9C51F2] Settings (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDNotify
SpywareDetector: [SBI $C90CC544] Program directory (Directory, fixed)
C:\WINDOWS\MaxSecureBackup\
SpywareDetector: [SBI $0D8F8637] Text file (File, fixed)
C:\MaxSignature.txt
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E
SpywareDetector: [SBI $879186E6] Library (File, fixed)
C:\WINDOWS\system32\GetHardDiskNo.dll
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E
Microsoft.Windows.ActiveDesktop: [SBI $377029D9] User settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-177391176-3013064915-1126896040-1009\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoHTMLWallPaper
Microsoft.Windows.Explorer: [SBI $1931FF4D] Settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-177391176-3013064915-1126896040-1009\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges
CoreMetrics: Tracking cookie (Internet Explorer: Jay Plesset) (Cookie, fixed)
DoubleClick: Tracking cookie (Internet Explorer: Jay Plesset) (Cookie, fixed)
CasaleMedia: Tracking cookie (Internet Explorer: Jay Plesset) (Cookie, fixed)
Right Media: Tracking cookie (Internet Explorer: Jay Plesset) (Cookie, fixed)
Statcounter: Tracking cookie (Internet Explorer: Jay Plesset) (Cookie, fixed)
MediaPlex: Tracking cookie (Internet Explorer: Jay Plesset) (Cookie, fixed)
HitBox: Tracking cookie (Internet Explorer: Jay Plesset) (Cookie, fixed)
HitBox: Tracking cookie (Internet Explorer: Jay Plesset) (Cookie, fixed)
MediaPlex: Tracking cookie (Internet Explorer: Jay Plesset) (Cookie, fixed)
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2010-01-11 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2009-10-08 Includes\Adware.sbi (*)
2010-01-05 Includes\AdwareC.sbi (*)
2009-01-22 Includes\Cookies.sbi (*)
2009-11-03 Includes\Dialer.sbi (*)
2010-01-05 Includes\DialerC.sbi (*)
2009-01-22 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2010-01-05 Includes\HijackersC.sbi (*)
2009-12-15 Includes\Keyloggers.sbi (*)
2010-01-05 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2009-12-30 Includes\Malware.sbi (*)
2010-01-05 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2010-01-05 Includes\PUPSC.sbi (*)
2009-01-22 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2010-01-05 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2009-11-03 Includes\Spyware.sbi (*)
2010-01-05 Includes\SpywareC.sbi (*)
2009-06-08 Includes\Tracks.uti
2009-12-08 Includes\Trojans.sbi (*)
2010-01-05 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll

MALWAREBYTES LOG:

Malwarebytes' Anti-Malware 1.44
Database version: 3545
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

1/11/2010 10:46:11 PM
mbam-log-2010-01-11 (22-46-11).txt

Scan type: Quick Scan
Objects scanned: 140870
Time elapsed: 9 minute(s), 7 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


OTL SCAN:

OTL logfile created on: 1/11/2010 10:47:46 PM - Run 4
OTL by OldTimer - Version 3.1.24.0 Folder = C:\Documents and Settings\Jay Plesset\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 484.00 Mb Available Physical Memory | 48.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 105.81 Gb Total Space | 63.66 Gb Free Space | 60.17% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SUES_LAPTOP
Current User Name: Jay Plesset
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/01/11 22:34:39 | 00,544,256 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jay Plesset\Desktop\OTL.exe
PRC - [2009/11/24 18:51:40 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/11/24 18:51:35 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/24 18:51:21 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/11/24 18:48:48 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/11/24 18:43:56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/09/28 19:34:22 | 00,116,032 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2009/09/28 19:34:16 | 00,378,176 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardian.exe
PRC - [2009/04/23 17:49:56 | 00,020,480 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2008/10/20 10:36:40 | 00,028,672 | ---- | M] (Lenovo Group Limited) -- c:\Program Files\Lenovo\System Update\SUService.exe
PRC - [2008/09/26 11:02:04 | 02,356,088 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
PRC - [2008/08/11 12:41:00 | 00,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2008/08/11 12:41:00 | 00,063,040 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/04 10:34:12 | 01,122,304 | ---- | M] (Lenovo Group Limited) -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
PRC - [2008/01/20 08:05:35 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/01/11 17:50:16 | 00,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007/08/10 02:21:56 | 16,384,000 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2007/08/03 19:10:46 | 00,644,408 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2007/07/05 18:05:04 | 00,065,536 | ---- | M] (Lenovo ) -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
PRC - [2007/07/05 18:04:18 | 00,114,688 | ---- | M] (Lenovo ) -- C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
PRC - [2007/07/05 18:03:32 | 00,184,320 | ---- | M] (Lenovo ) -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
PRC - [2007/04/08 20:24:32 | 00,054,832 | ---- | M] (Lenovo.) -- C:\Program Files\Lenovo\HOTKEY\FnF5svc.exe
PRC - [2007/03/16 08:26:22 | 00,057,344 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\PM Driver\PMSveH.exe
PRC - [2007/02/08 16:11:32 | 00,569,344 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
PRC - [2007/02/08 16:09:58 | 00,950,272 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
PRC - [2007/02/08 16:00:06 | 00,022,016 | ---- | M] () -- C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
PRC - [2007/01/29 22:01:26 | 00,108,080 | ---- | M] (Lenovo Group Limited) -- C:\WINDOWS\system32\IPSSVC.EXE
PRC - [2007/01/04 22:48:52 | 00,112,152 | ---- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/11/02 23:40:12 | 00,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2006/10/12 02:28:56 | 00,020,480 | ---- | M] () -- C:\WINDOWS\system32\WLTRYSVC.EXE
PRC - [2006/10/12 02:28:48 | 01,134,592 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\BCMWLTRY.EXE
PRC - [2006/05/24 00:08:06 | 00,622,700 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
PRC - [2006/05/19 00:51:16 | 00,774,233 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2006/05/18 19:24:06 | 00,196,696 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
PRC - [2005/11/10 16:03:52 | 00,036,975 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
PRC - [2004/08/04 07:00:00 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cidaemon.exe


========== Modules (SafeList) ==========

MOD - [2010/01/11 22:34:39 | 00,544,256 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jay Plesset\Desktop\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (FingerprintServer)
SRV - [2009/11/24 18:51:35 | 00,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/24 18:51:21 | 00,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/24 18:48:48 | 00,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/24 18:43:56 | 00,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/09/28 19:34:22 | 00,116,032 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2009/04/30 13:23:41 | 00,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/04/23 17:49:56 | 00,020,480 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/20 10:36:40 | 00,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2008/08/11 12:41:00 | 00,063,040 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2008/04/13 19:12:02 | 00,065,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\nwwks.dll -- (NWCWorkstation)
SRV - [2008/03/04 10:34:12 | 01,122,304 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe -- (TVT Scheduler)
SRV - [2008/01/11 17:50:16 | 00,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/08/03 19:10:46 | 00,644,408 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2007/07/05 18:05:04 | 00,065,536 | ---- | M] (Lenovo ) [Auto | Running] -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2007/07/05 18:03:32 | 00,184,320 | ---- | M] (Lenovo ) [Auto | Running] -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe -- (AcSvc)
SRV - [2007/05/24 07:08:44 | 00,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2007/04/08 20:24:32 | 00,054,832 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\FnF5svc.exe -- (FNF5SVC)
SRV - [2007/03/16 08:26:22 | 00,057,344 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\Lenovo\PM Driver\PMSveH.exe -- (PMSveH)
SRV - [2007/02/08 16:11:32 | 00,569,344 | ---- | M] () [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe -- (TVT Backup Protection Service)
SRV - [2007/02/08 16:09:58 | 00,950,272 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe -- (TVT Backup Service)
SRV - [2007/01/29 22:01:26 | 00,108,080 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\WINDOWS\system32\IPSSVC.EXE -- (IPSSVC)
SRV - [2007/01/04 22:48:52 | 00,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/11/02 23:40:12 | 00,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/10/26 17:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/10/12 02:28:56 | 00,020,480 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\WLTRYSVC.EXE -- (wltrysvc)
SRV - [2006/05/24 00:08:06 | 00,622,700 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper)
SRV - [2005/11/14 04:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.bing.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/11 21:34:00 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/11 21:33:51 | 00,000,000 | ---D | M]

[2010/01/11 21:34:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jay Plesset\Application Data\Mozilla\Extensions
[2010/01/11 21:46:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jay Plesset\Application Data\Mozilla\Firefox\Profiles\kqmnm4uk.default\extensions
[2010/01/11 21:33:51 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: (371817 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 12818 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (CPwmIEBrowserHelper Object) - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingA1658] C:\WINDOWS\System32\command.com ()
O4 - HKLM..\RunOnce: [SpybotDeletingA2135] C:\WINDOWS\System32\command.com ()
O4 - HKLM..\RunOnce: [SpybotDeletingA3373] C:\WINDOWS\System32\command.com ()
O4 - HKLM..\RunOnce: [SpybotDeletingA3897] C:\WINDOWS\System32\command.com ()
O4 - HKLM..\RunOnce: [SpybotDeletingC5390] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC5998] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC6777] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC8650] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingB269] C:\WINDOWS\System32\command.com ()
O4 - HKCU..\RunOnce: [SpybotDeletingB294] C:\WINDOWS\System32\command.com ()
O4 - HKCU..\RunOnce: [SpybotDeletingB7085] C:\WINDOWS\System32\command.com ()
O4 - HKCU..\RunOnce: [SpybotDeletingB9085] C:\WINDOWS\System32\command.com ()
O4 - HKCU..\RunOnce: [SpybotDeletingD1835] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD3451] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD6623] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD8889] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: NoActiveDesktopChanges = [binary data]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: NoActiveDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: NoSaveSettings = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: ClassicShell = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} http://www-307.ibm.c...pport/acpir.cab (IASRunner Class)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\intu-help-qb1 {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (TODO: <Company name>)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ACNotify: DllName - ACNotify.dll - C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll (Lenovo )
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Jay Plesset\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jay Plesset\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/04/30 02:13:35 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2007/11/27 22:30:07 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - C:\WINDOWS\system32\nwwks.dll (Microsoft Corporation)
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16892003295952896)

========== Files/Folders - Created Within 14 Days ==========

[2010/01/11 22:34:37 | 00,544,256 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jay Plesset\Desktop\OTL.exe
[2010/01/11 22:34:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jay Plesset\My Documents\Downloads
[2010/01/11 22:25:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jay Plesset\Local Settings\Application Data\PDF Writer
[2010/01/11 22:25:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jay Plesset\Application Data\PDF Writer
[2010/01/11 22:25:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PDF Writer
[2010/01/11 22:21:36 | 00,227,840 | ---- | C] (Bullzip) -- C:\WINDOWS\System32\bzFlRdr.dll
[2010/01/11 22:21:36 | 00,131,072 | ---- | C] (Bullzip) -- C:\WINDOWS\System32\bzpdfc.dll
[2010/01/11 22:21:36 | 00,103,424 | ---- | C] (Bullzip) -- C:\WINDOWS\System32\bzDCT.dll
[2010/01/11 22:21:36 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Bullzip
[2010/01/11 22:21:33 | 00,194,560 | ---- | C] (Bullzip) -- C:\WINDOWS\System32\bzpdf.dll
[2010/01/11 22:21:28 | 00,000,000 | ---D | C] -- C:\Program Files\Bullzip
[2010/01/11 21:34:35 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/01/11 21:34:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/01/11 21:33:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jay Plesset\Local Settings\Application Data\Mozilla
[2010/01/11 21:33:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jay Plesset\Application Data\Mozilla
[2010/01/11 21:31:18 | 16,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\Jay Plesset\Desktop\spybotsd162.exe
[2010/01/06 23:01:15 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Jay Plesset\Recent
[2010/01/06 22:57:26 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/01/06 22:25:02 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Jay Plesset\IECompatCache
[2010/01/06 22:23:45 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Jay Plesset\PrivacIE
[2010/01/06 22:21:49 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Jay Plesset\IETldCache
[2010/01/06 22:17:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/01/06 22:15:45 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/01/06 22:14:12 | 00,000,000 | -H-D | C] -- C:\WINDOWS\msdownld.tmp
[2010/01/06 21:29:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2009/12/30 22:29:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
[2009/12/30 00:23:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ICS
[2009/12/29 23:59:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jay Plesset\Local Settings\Application Data\LogMeIn
[2009/12/29 23:59:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2009/12/29 23:59:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\ICS
[2009/12/29 23:59:22 | 00,083,288 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2009/12/29 23:59:22 | 00,047,640 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\LMIRfsDriver.sys
[2009/12/29 23:59:22 | 00,028,984 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[2009/12/29 23:59:14 | 00,087,352 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2009/12/29 23:58:47 | 00,000,000 | ---D | C] -- C:\Program Files\LogMeIn
[2009/12/29 23:54:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jay Plesset\Local Settings\Application Data\Deployment
[2009/09/02 17:19:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Intuit
[2009/07/22 00:02:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/02/27 14:19:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Intuit
[2009/02/14 06:53:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2008/12/15 21:07:41 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2008/12/15 21:07:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2008/11/25 20:59:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2007/12/15 03:10:42 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010/01/11 22:48:44 | 06,815,744 | ---- | M] () -- C:\Documents and Settings\Jay Plesset\NTUSER.DAT
[2010/01/11 22:34:39 | 00,544,256 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jay Plesset\Desktop\OTL.exe
[2010/01/11 22:25:21 | 00,015,596 | ---- | M] () -- C:\Documents and Settings\Jay Plesset\Desktop\Spybot - Search & Destroy scan report.pdf
[2010/01/11 22:21:40 | 00,001,716 | ---- | M] () -- C:\WINDOWS\System32\BioPdf.PdfWriter.Lib.tlb
[2010/01/11 22:11:39 | 00,000,359 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010/01/11 22:06:01 | 00,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2010/01/11 21:41:52 | 00,371,817 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/01/11 21:34:02 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/01/11 21:33:54 | 00,001,609 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/01/11 21:31:18 | 16,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\Jay Plesset\Desktop\spybotsd162.exe
[2010/01/11 21:04:26 | 00,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/11 20:46:04 | 00,025,269 | ---- | M] () -- C:\WINDOWS\System32\PROCDB.INI
[2010/01/11 20:45:48 | 00,000,380 | ---- | M] () -- C:\WINDOWS\System32\IPSCtrl.INI
[2010/01/11 20:45:39 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/11 20:45:32 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/11 20:45:30 | 10,637,02528 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/11 20:44:46 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Jay Plesset\ntuser.ini
[2010/01/10 15:51:47 | 04,792,240 | -H-- | M] () -- C:\Documents and Settings\Jay Plesset\Local Settings\Application Data\IconCache.db
[2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/01/07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/01/07 00:12:09 | 00,001,710 | ---- | M] () -- C:\Documents and Settings\Jay Plesset\Desktop\wallpaperenable.reg
[2010/01/06 23:18:31 | 00,000,881 | ---- | M] () -- C:\Documents and Settings\Jay Plesset\Desktop\fixreg.zip
[2010/01/06 23:01:57 | 00,039,710 | ---- | M] () -- C:\Documents and Settings\Jay Plesset\My Documents\cc_20100106_230151.reg
[2010/01/06 22:35:02 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/01/06 22:35:02 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/01/06 22:35:02 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/01/06 22:35:02 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/01/06 22:35:02 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/01/06 22:35:01 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/01/06 21:40:23 | 00,444,750 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/01/06 21:40:23 | 00,072,460 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/12/30 22:23:10 | 00,591,718 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/12/29 23:59:14 | 00,001,024 | ---- | M] () -- C:\.rnd
[2009/12/29 23:40:01 | 90,042,970 | ---- | M] () -- C:\Documents and Settings\Jay Plesset\My Documents\registry_backup.reg
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/01/11 22:25:21 | 00,015,596 | ---- | C] () -- C:\Documents and Settings\Jay Plesset\Desktop\Spybot - Search & Destroy scan report.pdf
[2010/01/11 22:21:40 | 00,001,716 | ---- | C] () -- C:\WINDOWS\System32\BioPdf.PdfWriter.Lib.tlb
[2010/01/11 22:21:37 | 00,006,144 | ---- | C] () -- C:\WINDOWS\System32\BioPdf.PdfWriter.Lib.dll
[2010/01/11 22:11:38 | 00,000,359 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/01/11 21:34:02 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/01/11 21:33:54 | 00,001,609 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/01/07 00:12:09 | 00,001,710 | ---- | C] () -- C:\Documents and Settings\Jay Plesset\Desktop\wallpaperenable.reg
[2010/01/06 23:18:31 | 00,000,881 | ---- | C] () -- C:\Documents and Settings\Jay Plesset\Desktop\fixreg.zip
[2010/01/06 23:01:54 | 00,039,710 | ---- | C] () -- C:\Documents and Settings\Jay Plesset\My Documents\cc_20100106_230151.reg
[2009/12/30 00:32:23 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\Startup.cpl
[2009/12/29 23:59:13 | 00,001,024 | ---- | C] () -- C:\.rnd
[2009/12/29 23:39:50 | 90,042,970 | ---- | C] () -- C:\Documents and Settings\Jay Plesset\My Documents\registry_backup.reg
[2009/01/05 15:44:10 | 00,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2008/04/23 21:40:33 | 00,003,140 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/04/23 21:40:33 | 00,000,088 | RHS- | C] () -- C:\WINDOWS\System32\F908CF7746.sys
[2007/12/21 13:59:55 | 00,000,165 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2007/11/27 23:26:04 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/11/27 23:08:13 | 00,004,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\IBMBLDID.sys
[2007/11/27 22:58:05 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2007/11/27 22:58:05 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2007/11/27 22:58:05 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2007/11/27 22:58:05 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2007/11/27 22:58:05 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2007/11/27 22:58:05 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2007/11/27 22:53:03 | 00,701,840 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2007/11/27 22:53:03 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4785.dll
[2007/11/27 22:52:51 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2007/11/27 22:52:50 | 00,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2007/11/27 22:51:50 | 00,012,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS
[2007/11/27 22:50:25 | 00,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2007/08/16 05:28:38 | 00,025,269 | ---- | C] () -- C:\WINDOWS\System32\PROCDB.INI
[2007/08/16 05:28:27 | 00,000,380 | ---- | C] () -- C:\WINDOWS\System32\IPSCtrl.INI
[2007/02/09 14:54:36 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/04/30 02:31:51 | 00,004,670 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/04/30 02:22:10 | 00,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini

========== LOP Check ==========

[2007/11/27 23:03:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Borland
[2009/02/27 09:11:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2009/05/17 08:24:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lenovo
[2009/12/29 23:59:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2010/01/11 22:25:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PDF Writer
[2007/11/27 23:20:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2007/12/30 21:00:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jay Plesset\Application Data\InterVideo
[2008/11/22 09:12:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jay Plesset\Application Data\Leadertech
[2009/05/17 08:24:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jay Plesset\Application Data\Lenovo
[2009/12/12 08:52:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jay Plesset\Application Data\MSNInstaller
[2008/08/16 06:50:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jay Plesset\Application Data\Opera
[2010/01/11 22:25:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jay Plesset\Application Data\PDF Writer
[2010/01/11 22:06:01 | 00,000,256 | ---- | M] () -- C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2004/08/04 07:00:00 | 18,738,937 | ---- | M] () .cab file -- C:\I386\sp2.cab:AGP440.sys
[2004/08/04 07:00:00 | 18,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009/03/01 19:00:15 | 23,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009/03/01 19:00:15 | 23,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 13:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 13:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 01:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 07:00:00 | 18,738,937 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys
[2004/08/04 07:00:00 | 18,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009/03/01 19:00:15 | 23,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009/03/01 19:00:15 | 23,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2007/04/03 05:39:42 | 00,096,384 | ---- | M] (Microsoft Corporation) MD5=2218E3FD674DC284CE98C807086CAB14 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2007/04/03 05:39:42 | 00,096,384 | ---- | M] (Microsoft Corporation) MD5=2218E3FD674DC284CE98C807086CAB14 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 19:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 19:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 07:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: IASTOR.SYS >
[2007/02/11 23:36:54 | 00,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\drivers\other\iastor.sys
[2007/02/11 23:36:54 | 00,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\SWTOOLS\DRIVERS\IMSM\iastor.sys
[2007/02/12 12:36:54 | 00,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\WINDOWS\system32\drivers\iaStor.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 19:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 19:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 07:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/04 07:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 19:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 19:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >
< End of report >

#17 User is offline   schrauber 

  • Malware Remover
  • Group: Trusted Helpers
  • Posts: 68
  • Joined: 10-January 09
  • Location:Germany

Posted 13 January 2010 - 02:06 PM

How is your browser working? The logs looking good. Can you explain that problem with the wallpaper please?
  • (2 Pages) +
  • 1
  • 2
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users