Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My Computer just doesn't work


  • This topic is locked This topic is locked
2 replies to this topic

#1 peetee15

peetee15

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:22 AM

Posted 25 September 2009 - 07:37 PM

Here are the basics of what is going on. First, it started when i was redirected to virus sites when i would type something and search in google. in addition, i would have random audio ads that would start up, but there was no way to close them (at this point, that hasn't happened in a few days). then, my computer restarted and when it came back up, my background would come up, but none of my desktop icons, start menu, nothing else would come up. i'm still actually having to just press ctrl alt delete and run everything through taskmanager. also, when i try to run malwarebytes or just about any other program, it may run for a few seconds or minutes, but it always shuts down whatever program i'm trying to run and then it locks me out of it by saying "windows cannot access the specified device, path, or file. you may not have appropriate permissions to access the item" whenever i try to run the program again after it has been shutdown. and yes, i've already tried renaming the programs to get them to run but it still shuts those down as well.


here's an otl log


OTL logfile created on: 9/24/2009 9:48:51 PM - Run 1
OTL by OldTimer - Version 3.0.14.0 Folder = D:\Documents and Settings\Ian\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 234.87 Mb Available Physical Memory | 45.96% Memory free
1.22 Gb Paging File | 0.66 Gb Available in Paging File | 54.16% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files
Drive C: | 36.51 Gb Total Space | 20.03 Gb Free Space | 54.87% Space Free | Partition Type: NTFS
Drive D: | 37.25 Gb Total Space | 8.31 Gb Free Space | 22.30% Space Free | Partition Type: NTFS
Drive E: | 74.46 Gb Total Space | 46.27 Gb Free Space | 62.15% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 241.97 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive R: | 753.05 Mb Total Space | 746.69 Mb Free Space | 99.16% Space Free | Partition Type: NTFS

Computer Name: HOME
Current User Name: Ian
NOT logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2006/03/03 21:03:10 | 00,069,632 | ---- | M] (HP) -- C:\WINNT\System32\HPZipm12.exe
PRC - [2008/04/13 19:12:41 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\wscntfy.exe
PRC - [2009/07/22 22:44:50 | 01,181,064 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2009/04/15 18:37:11 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/09/24 21:37:30 | 00,514,560 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Ian\Desktop\OTL.exe
PRC - [2008/04/13 19:12:37 | 00,135,680 | ---- | M] (Microsoft Corporation) -- C:\WINNT\System32\taskmgr.exe
PRC - [2008/04/13 19:12:29 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINNT\notepad.exe

========== Win32 Services (SafeList) ==========


========== Driver Services (SafeList) ==========


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3945725102-565274025-4042124420-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://inside.msfc.nasa.gov
IE - HKU\S-1-5-21-3945725102-565274025-4042124420-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\system32\blank.htm
IE - HKU\S-1-5-21-3945725102-565274025-4042124420-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-3945725102-565274025-4042124420-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-3945725102-565274025-4042124420-1013\S-1-5-21-3945725102-565274025-4042124420-1013\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official"

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/04/17 18:36:53 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINNT\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/02 03:00:57 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/08/23 14:52:48 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/08/30 01:03:48 | 00,000,000 | ---D | M]

[2009/04/30 09:29:53 | 00,000,000 | ---D | M] -- D:\Documents and Settings\Ian\Application Data\mozilla\Firefox\Profiles\751mth4y.default\extensions
[2009/09/09 16:13:53 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/08/14 18:00:27 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/04/17 18:37:17 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/08/14 17:59:59 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/08/14 18:00:00 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2004/09/09 00:03:50 | 00,049,152 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2009/04/17 18:36:50 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/03/12 15:16:54 | 00,155,648 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\mozilla firefox\plugins\npEModelPlugin.dll
[2009/05/20 01:49:50 | 00,083,376 | ---- | M] (NHN USA Inc.) -- C:\Program Files\mozilla firefox\plugins\npijjiautoinstallpluginff.dll
[2009/08/14 18:00:15 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2003/07/14 22:56:52 | 00,013,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL
[2005/09/23 21:44:16 | 00,077,824 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009/06/04 19:33:33 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/06/04 19:33:33 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/06/04 19:33:33 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/06/04 19:33:33 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/06/04 19:33:34 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/06/04 19:33:34 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/06/04 19:33:34 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2009/04/17 16:53:29 | 03,771,296 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll
[2009/04/23 19:39:08 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/04/23 19:39:08 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/04/23 19:39:08 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/04/23 19:39:08 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/04/23 19:39:08 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/04/23 19:39:08 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/04/23 19:39:08 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (306581 bytes) - C:\WINNT\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 209.44.111.62 prosecure.microsoft.com
O1 - Hosts: 209.44.111.62 antivir-prof.com
O1 - Hosts: 209.44.111.62 www.antivir-prof.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 10578 more lines...
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-3945725102-565274025-4042124420-1013\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe File not found
O4 - HKLM..\Run: [BCMSMMSG] C:\WINNT\BCMSMMSG.exe (Broadcom Corporation)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe ()
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe ()
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINNT\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINNT\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINNT\System32\nwiz.exe ()
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [SolidWorks_CheckForUpdates] C:\Program Files\Common Files\SolidWorks Installation Manager\Scheduler\sldIMScheduler.exe (Dassault Systèmes SolidWorks Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TLogonPath] C:\Program Files\Timbuktu Pro\tb2logon.exe (Netopia, Inc.)
O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
O4 - HKU\S-1-5-21-3945725102-565274025-4042124420-1013..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] H:\New Folder (2)\Malwarebytes' Anti-Malware\mbamgui.exe File not found
O4 - HKU\S-1-5-21-3945725102-565274025-4042124420-1013..\RunOnce: [FlashPlayerUpdate] C:\WINNT\System32\Macromed\Flash\FlashUtil10b.exe (Adobe Systems, Inc.)
O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: nodrivetypeautorun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disablecad = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\S-1-5-21-3945725102-565274025-4042124420-1013\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3945725102-565274025-4042124420-1013\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\S-1-5-21-3945725102-565274025-4042124420-1013\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINNT\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINNT\System32\rsvpsp.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 50 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-3945725102-565274025-4042124420-1013\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} http://download.macromedia.com/pub/shockwa...are/awswaxf.cab (Macromedia Authorware Web Player Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownlo...sreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/...b?1122054005666 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {AB6633A8-60A9-4F5D-B66C-ABE268CC3227} http://www.solidworks.com/sw/support/subsc...dimdownload.cab (SolidWorks Installation Manager Contol)
O16 - DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} http://www.yoyogames.com/downloads/activex/YoYo.cab (YYGInstantPlay Control)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flash...ent/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 69.1.30.43 69.1.30.42
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\winnt\system32\wuhomuro.dll) - C:\WINNT\System32\wuhomuro.dll File not found
O20 - AppInit_DLLs: (c:\winnt\system32\tovebogi.dll) - C:\WINNT\System32\tovebogi.dll File not found
O20 - AppInit_DLLs: (joretido.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINNT\Explorer.exe ()
O20 - HKLM Winlogon: Shell - (rundll32.exe) - File not found
O20 - HKLM Winlogon: Shell - (tftp.msc) - C:\WINNT\System32\tftp.msc ()
O20 - HKLM Winlogon: Shell - (beforegllav) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - H:\New Folder\SASWINLO.dll - H:\New Folder\SASWINLO.dll File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINNT\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINNT\system32\NavLogon.dll - C:\WINNT\System32\NavLogon.dll (Symantec Corporation)
O20 - Winlogon\Notify\Timbuktu Pro: DllName - C:\Program Files\Timbuktu Pro\Hook32.dll - C:\Program Files\Timbuktu Pro\Hook32.dll (Netopia, Inc.)
O21 - SSODL: nusizusot - {9c9ec39d-3ca4-4bfc-a25f-66b34a258a30} - CLSID or File not found.
O22 - SharedTaskScheduler: {9c9ec39d-3ca4-4bfc-a25f-66b34a258a30} - kupuhivus - Reg Error: Value error. File not found
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - H:\New Folder\SASSEH.DLL File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2005/04/07 07:27:15 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/04/04 10:16:03 | 00,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{3912b9fb-56e7-11de-aaee-000cf1836818}\Shell\autorun\command - "" = H:\CA_EdgeLitemobile.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINNT\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/09/24 21:37:27 | 00,514,560 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\Ian\Desktop\OTL.exe
[2009/09/23 15:58:42 | 00,047,616 | ---- | C] () -- D:\Documents and Settings\Ian\Desktop\klj.exe
[2009/09/20 15:53:32 | 00,000,000 | ---D | C] -- D:\Documents and Settings\Ian\Application Data\SUPERAntiSpyware.com
[2009/09/15 22:29:45 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/09/15 22:28:28 | 00,000,406 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/09/15 20:23:52 | 00,000,000 | ---D | C] -- C:\Program Files\aASAFSD
[2009/09/15 20:08:34 | 00,000,000 | -H-D | C] -- C:\WINNT\PIF
[2009/09/15 18:27:13 | 00,000,000 | ---D | C] -- C:\Program Files\12
[2009/09/14 17:46:49 | 00,000,000 | ---D | C] -- C:\Program Files\New Folder
[2009/09/14 16:52:53 | 00,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/09/13 14:47:16 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbamswissarmy.sys
[2009/09/13 14:47:14 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbam.sys
[2009/09/12 16:35:41 | 00,001,210 | ---- | C] () -- D:\Documents and Settings\Ian\My Documents\safeboot.reg
[2009/09/12 13:25:15 | 00,000,000 | -H-D | C] -- D:\Documents and Settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}
[2009/09/12 13:22:04 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/09/12 13:11:07 | 00,000,000 | ---D | C] -- C:\Program Files\Yues
[2009/09/12 12:16:22 | 00,025,088 | ---- | C] () -- C:\WINNT\System32\tftp.msc
[2009/09/11 16:57:07 | 00,161,808 | ---- | C] () -- C:\WINNT\System32\counters
[2009/09/11 06:40:14 | 00,000,004 | ---- | C] () -- C:\WINNT\System32\bincd32.dat
[2009/09/10 19:59:12 | 00,159,600 | ---- | C] (PC Tools) -- C:\WINNT\System32\drivers\pctgntdi.sys
[2009/09/10 19:59:01 | 00,206,256 | ---- | C] (PC Tools) -- C:\WINNT\System32\drivers\PCTCore.sys
[2009/09/10 19:59:01 | 00,086,888 | ---- | C] (PC Tools) -- C:\WINNT\System32\drivers\PCTAppEvent.sys
[2009/09/10 19:59:01 | 00,007,396 | ---- | C] () -- C:\WINNT\System32\drivers\pctcore.cat
[2009/09/10 19:58:53 | 00,001,537 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2009/09/10 19:58:48 | 00,064,392 | ---- | C] (PC Tools) -- C:\WINNT\System32\drivers\pctplsg.sys
[2009/09/10 19:58:48 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2009/09/10 19:58:32 | 00,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\PC Tools
[2009/09/10 19:58:32 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2009/09/10 19:58:29 | 00,000,632 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Registry Mechanic.lnk
[2009/09/10 19:58:27 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\STKIT432.DLL
[2009/09/10 19:58:17 | 00,000,000 | ---D | C] -- C:\Program Files\Registry Mechanic
[2009/09/10 19:57:55 | 00,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\TEMP
[2009/09/10 19:50:43 | 00,008,547 | ---- | C] () -- C:\WINNT\System32\wispex.html
[2009/09/10 19:50:43 | 00,000,000 | ---D | C] -- C:\WINNT\System32\images
[2009/09/10 19:43:18 | 00,000,000 | ---D | C] -- C:\Program Files\Mallywdar
[2009/09/10 19:28:34 | 00,019,078 | ---- | C] () -- C:\WINNT\System32\zoha.db
[2009/09/10 19:28:34 | 00,017,023 | ---- | C] () -- C:\WINNT\qawexewe.bin
[2009/09/10 19:28:34 | 00,016,652 | ---- | C] () -- C:\WINNT\mycolawaky.lib
[2009/09/10 19:28:33 | 00,016,903 | ---- | C] () -- C:\WINNT\igysawyxev.exe
[2009/09/10 19:28:33 | 00,016,283 | ---- | C] () -- C:\WINNT\cimo._sy
[2009/09/10 19:28:33 | 00,015,933 | ---- | C] () -- C:\WINNT\System32\yzunipega.com
[2009/09/10 19:28:33 | 00,015,639 | ---- | C] () -- C:\WINNT\System32\buzulozoja.scr
[2009/09/10 19:28:33 | 00,012,959 | ---- | C] () -- C:\Program Files\Common Files\cugese.reg
[2009/09/10 19:28:33 | 00,012,081 | ---- | C] () -- C:\Program Files\Common Files\focavo.pif
[2009/09/10 19:28:33 | 00,011,594 | ---- | C] () -- C:\WINNT\ewicuqysyl.lib
[2009/09/10 19:28:33 | 00,010,931 | ---- | C] () -- C:\WINNT\System32\miwyca.exe
[2009/09/10 19:28:33 | 00,010,330 | ---- | C] () -- C:\WINNT\kexebipy.pif
[2009/09/10 18:51:05 | 00,001,382 | ---- | C] () -- C:\WINNT\System32\onhelp.htm
[2009/09/10 18:45:37 | 00,000,382 | ---- | C] () -- C:\Program Files\Shortcut to Program Files.lnk
[2009/09/10 18:31:26 | 00,000,058 | ---- | C] () -- C:\WINNT\ppp4.dat
[2009/09/10 18:31:26 | 00,000,003 | ---- | C] () -- C:\WINNT\ppp3.dat
[2009/09/10 18:31:24 | 00,000,036 | ---- | C] () -- C:\WINNT\System32\sysnet.dat
[2009/09/10 18:31:24 | 00,000,009 | ---- | C] () -- C:\WINNT\System32\bennuar.old
[2009/09/10 18:31:23 | 00,000,032 | ---- | C] () -- C:\WINNT\System32\sonhelp.htm
[2009/09/10 17:36:43 | 00,014,928 | ---- | C] () -- C:\WINNT\System32\oxyl.exe
[2009/09/10 17:36:43 | 00,013,908 | ---- | C] () -- C:\Program Files\Common Files\alyreqexad.exe
[2009/09/10 17:36:43 | 00,011,243 | ---- | C] () -- C:\Program Files\Common Files\yfivosuly._dl
[2009/09/10 17:36:43 | 00,011,212 | ---- | C] () -- C:\WINNT\amigeh.bat
[2009/09/10 17:36:42 | 00,019,497 | ---- | C] () -- C:\WINNT\gida.dat
[2009/09/10 17:36:41 | 00,015,985 | ---- | C] () -- C:\WINNT\zerazob.pif
[2009/09/10 17:36:41 | 00,014,416 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\ozudetel.dll
[2009/09/10 17:36:41 | 00,011,389 | ---- | C] () -- C:\WINNT\adygysyp.vbs
[2009/09/10 17:00:56 | 00,227,840 | ---- | C] (Legal Corporation) -- C:\WINNT\System32\_scui.cpl
[2009/09/09 21:22:50 | 00,000,000 | ---- | C] () -- C:\WINNT\System32\41.exe
[2009/09/09 21:15:32 | 00,025,088 | ---- | C] () -- C:\WINNT\System32\tapi.nfo
[2009/09/09 21:15:00 | 00,000,046 | ---- | C] () -- C:\p2hhr.bat
[2009/09/09 21:13:46 | 00,000,000 | ---- | C] () -- C:\WINNT\System32\drivers\e09b46c2.sys
[2009/09/09 21:12:55 | 00,000,000 | ---D | C] -- C:\spoolerlogs
[2009/09/09 21:12:30 | 00,017,920 | ---- | C] () -- C:\fjmpqp.exe
[2009/09/09 21:12:29 | 00,049,664 | ---- | C] () -- C:\scmhux.exe
[2009/09/09 21:12:27 | 00,022,016 | ---- | C] () -- C:\udtcnn.exe
[2009/09/09 21:12:26 | 00,009,728 | ---- | C] () -- C:\kqbvc.exe
[2009/09/09 21:12:14 | 00,047,104 | ---- | C] () -- C:\WINNT\System32\~.exe
[2009/09/09 21:01:59 | 00,070,656 | ---- | C] () -- C:\WINNT\System32\drivers\vsipfvornmxxxiqd.sys
[2009/09/09 21:01:52 | 00,000,198 | -H-- | C] () -- C:\WINNT\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
[2009/09/09 21:01:47 | 00,000,246 | -H-- | C] () -- C:\WINNT\tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job
[2009/09/05 21:03:01 | 00,000,000 | ---D | C] -- D:\Documents and Settings\Ian\Application Data\Windows Desktop Search
[2009/09/05 21:01:42 | 00,000,000 | ---D | C] -- D:\Documents and Settings\Ian\Application Data\IM
[2009/08/30 01:11:02 | 00,001,976 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\DWGeditor.lnk
[2009/08/30 01:07:52 | 00,000,000 | ---- | C] () -- C:\WINNT\eDrawingOfficeAutomator.INI
[2009/08/30 01:06:08 | 00,001,730 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\SolidWorks eDrawings 2009.lnk
[2009/08/30 00:46:07 | 00,000,023 | -H-- | C] () -- C:\WINNT\yacht.xws
[2009/08/30 00:37:22 | 00,002,249 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\SolidWorks 2009 SP3.0.lnk
[2009/08/30 00:12:19 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SolidWorks Shared
[2009/08/30 00:10:01 | 00,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2009/08/30 00:09:53 | 00,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\SolidWorks
[2009/08/30 00:09:53 | 00,000,000 | ---D | C] -- C:\Program Files\SolidWorks Corp
[2009/08/30 00:04:08 | 00,001,647 | ---- | C] () -- D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Desktop Search.lnk
[2009/08/30 00:03:36 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2009/08/30 00:01:34 | 00,000,000 | ---D | C] -- C:\Program Files\MSECache
[2009/08/29 23:59:15 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2009/08/29 23:59:14 | 00,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Microsoft Help
[2009/08/29 23:02:22 | 00,000,000 | ---D | C] -- C:\SolidWorks Data
[2009/08/29 22:59:58 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SolidWorks Installation Manager
[2009/08/29 22:59:03 | 00,000,000 | ---D | C] -- C:\WINNT\SolidWorks
[2009/08/11 21:44:39 | 00,000,000 | ---- | C] () -- C:\WINNT\RingtoneMaker.INI
[2009/08/11 21:19:39 | 00,002,770 | ---- | C] () -- C:\WINNT\mgxoschk.ini
[2009/07/30 00:19:56 | 00,000,069 | ---- | C] () -- C:\WINNT\NeroDigital.ini
[2009/07/23 15:09:43 | 00,000,039 | ---- | C] () -- C:\WINNT\Irremote.ini
[2009/06/15 18:45:57 | 00,037,888 | -HS- | C] () -- C:\WINNT\System32\vovugesi.dll
[2009/06/14 16:11:38 | 00,050,176 | -HS- | C] () -- C:\WINNT\System32\wiziwera.dll
[2009/06/14 16:10:34 | 00,037,376 | -HS- | C] () -- C:\WINNT\System32\pupamawe.dll
[2009/06/14 16:10:32 | 00,050,176 | -HS- | C] () -- C:\WINNT\System32\jazijase.dll
[2009/06/13 19:08:36 | 00,038,400 | -HS- | C] () -- C:\WINNT\System32\zidoyowi.dll
[2009/06/12 12:14:16 | 00,037,376 | -HS- | C] () -- C:\WINNT\System32\pojezija.dll
[2009/06/11 17:41:39 | 00,037,376 | -HS- | C] () -- C:\WINNT\System32\merunime.dll
[2009/06/10 15:52:03 | 00,037,376 | -HS- | C] () -- C:\WINNT\System32\risowupa.dll
[2009/06/10 15:52:01 | 00,050,176 | -HS- | C] () -- C:\WINNT\System32\lawalasi.dll
[2009/06/09 21:21:29 | 00,037,888 | -HS- | C] () -- C:\WINNT\System32\gijotoda.dll
[2009/06/02 20:36:29 | 00,027,648 | ---- | C] () -- C:\WINNT\System32\AVSredirect.dll
[2009/05/18 22:17:33 | 00,061,440 | ---- | C] () -- C:\WINNT\System32\drivers\zwndsrw.sys
[2009/05/18 21:12:02 | 00,001,152 | ---- | C] () -- C:\WINNT\System32\windrv.sys
[2009/04/16 08:03:17 | 00,077,824 | R--- | C] () -- C:\WINNT\System32\HPZIDS01.dll
[2009/04/14 19:05:25 | 00,000,523 | ---- | C] () -- C:\WINNT\ATICIM.INI
[2008/05/16 14:01:00 | 01,703,936 | ---- | C] () -- C:\WINNT\System32\nvwdmcpl.dll
[2008/05/16 14:01:00 | 01,486,848 | ---- | C] () -- C:\WINNT\System32\nview.dll
[2008/05/16 14:01:00 | 01,019,904 | ---- | C] () -- C:\WINNT\System32\nvwimg.dll
[2008/05/16 14:01:00 | 00,466,944 | ---- | C] () -- C:\WINNT\System32\nvshell.dll
[2008/05/16 14:01:00 | 00,286,720 | ---- | C] () -- C:\WINNT\System32\nvnt4cpl.dll
[2007/01/03 11:24:36 | 00,020,698 | ---- | C] () -- C:\WINNT\System32\idxcntrs.ini
[2007/01/03 11:22:46 | 00,030,628 | ---- | C] () -- C:\WINNT\System32\gsrvctr.ini
[2007/01/03 11:22:14 | 00,031,698 | ---- | C] () -- C:\WINNT\System32\gthrctr.ini
[2006/04/06 11:15:43 | 00,000,064 | ---- | C] () -- C:\WINNT\msfcinfo.ini
[2005/08/18 07:56:27 | 00,001,368 | ---- | C] () -- C:\WINNT\System32\oeminfo.ini
[2005/05/20 13:30:28 | 00,000,061 | ---- | C] () -- C:\WINNT\smscfg.ini
[2005/04/08 10:20:57 | 00,065,536 | ---- | C] ( ) -- C:\WINNT\System32\A3d.dll
[2005/04/07 13:13:20 | 00,000,000 | ---- | C] () -- C:\WINNT\VPC32.INI
[2005/04/07 10:45:32 | 00,000,370 | ---- | C] () -- C:\WINNT\ODBC.INI
[2005/04/07 07:41:28 | 00,139,264 | ---- | C] () -- C:\WINNT\System32\e1000msg.dll
[2004/08/04 01:56:44 | 00,061,952 | ---- | C] () -- C:\WINNT\System32\eventlog.dll
[2003/07/08 13:41:48 | 00,047,616 | ---- | C] () -- C:\WINNT\System32\P16X.dll
[2003/07/02 13:54:08 | 00,010,752 | ---- | C] () -- C:\WINNT\System32\xsavesig.dll
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINNT\System32\OUTLPERF.INI
[2001/08/23 07:00:00 | 00,000,857 | ---- | C] () -- C:\WINNT\win.ini
[2001/08/23 07:00:00 | 00,000,227 | ---- | C] () -- C:\WINNT\system.ini
[2001/07/07 03:00:00 | 00,003,399 | ---- | C] () -- C:\WINNT\System32\hptcpmon.ini
[1997/05/12 02:10:00 | 00,097,280 | ---- | C] () -- C:\WINNT\System32\ZIPDLL.DLL
[1997/05/12 02:10:00 | 00,089,088 | ---- | C] ( ) -- C:\WINNT\System32\UNZDLL.DLL

========== Files - Modified Within 30 Days ==========

[2009/09/24 21:37:30 | 00,514,560 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Ian\Desktop\OTL.exe
[2009/09/24 21:27:31 | 00,000,246 | -H-- | M] () -- C:\WINNT\tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job
[2009/09/24 21:26:00 | 00,000,006 | -H-- | M] () -- C:\WINNT\tasks\SA.DAT
[2009/09/24 21:25:36 | 00,002,206 | ---- | M] () -- C:\WINNT\System32\wpa.dbl
[2009/09/24 21:25:19 | 00,002,048 | --S- | M] () -- C:\WINNT\bootstat.dat
[2009/09/23 20:00:00 | 00,000,198 | -H-- | M] () -- C:\WINNT\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
[2009/09/23 15:58:42 | 00,047,616 | ---- | M] () -- D:\Documents and Settings\Ian\Desktop\klj.exe
[2009/09/22 20:35:00 | 00,000,472 | ---- | M] () -- C:\WINNT\tasks\Ad-Aware Update (Weekly).job
[2009/09/15 22:32:37 | 00,000,406 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/09/15 21:31:10 | 00,000,227 | ---- | M] () -- C:\WINNT\system.ini
[2009/09/15 19:19:59 | 00,011,168 | -H-- | M] () -- C:\WINNT\System32\viweyune
[2009/09/15 18:45:58 | 00,037,888 | -HS- | M] () -- C:\WINNT\System32\vovugesi.dll
[2009/09/14 16:11:08 | 00,050,176 | -HS- | M] () -- C:\WINNT\System32\jazijase.dll
[2009/09/14 16:10:35 | 00,037,376 | -HS- | M] () -- C:\WINNT\System32\pupamawe.dll
[2009/09/13 19:08:37 | 00,038,400 | -HS- | M] () -- C:\WINNT\System32\zidoyowi.dll
[2009/09/12 16:35:41 | 00,001,210 | ---- | M] () -- D:\Documents and Settings\Ian\My Documents\safeboot.reg
[2009/09/12 12:14:49 | 00,000,370 | ---- | M] () -- C:\WINNT\ODBC.INI
[2009/09/12 12:14:19 | 00,037,376 | -HS- | M] () -- C:\WINNT\System32\pojezija.dll
[2009/09/12 12:14:16 | 00,025,088 | ---- | M] () -- C:\WINNT\System32\tftp.msc
[2009/09/11 23:34:07 | 00,000,284 | ---- | M] () -- C:\WINNT\tasks\AppleSoftwareUpdate.job
[2009/09/11 17:41:40 | 00,037,376 | -HS- | M] () -- C:\WINNT\System32\merunime.dll
[2009/09/11 16:57:07 | 00,161,808 | ---- | M] () -- C:\WINNT\System32\counters
[2009/09/11 15:56:16 | 00,000,058 | ---- | M] () -- C:\WINNT\ppp4.dat
[2009/09/11 15:56:16 | 00,000,003 | ---- | M] () -- C:\WINNT\ppp3.dat
[2009/09/11 15:45:21 | 00,000,000 | ---- | M] () -- C:\WINNT\System32\drivers\e09b46c2.sys
[2009/09/11 15:29:39 | 00,001,382 | ---- | M] () -- C:\WINNT\System32\onhelp.htm
[2009/09/11 06:40:14 | 00,000,004 | ---- | M] () -- C:\WINNT\System32\bincd32.dat
[2009/09/11 00:08:34 | 00,227,840 | ---- | M] (Legal Corporation) -- C:\WINNT\System32\_scui.cpl
[2009/09/10 19:58:53 | 00,001,537 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2009/09/10 19:58:29 | 00,000,632 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Registry Mechanic.lnk
[2009/09/10 19:49:40 | 00,000,009 | ---- | M] () -- C:\WINNT\System32\bennuar.old
[2009/09/10 19:28:41 | 00,000,000 | ---- | M] () -- C:\WINNT\System32\41.exe
[2009/09/10 19:28:34 | 00,019,078 | ---- | M] () -- C:\WINNT\System32\zoha.db
[2009/09/10 19:28:34 | 00,017,023 | ---- | M] () -- C:\WINNT\qawexewe.bin
[2009/09/10 19:28:34 | 00,016,652 | ---- | M] () -- C:\WINNT\mycolawaky.lib
[2009/09/10 19:28:33 | 00,016,903 | ---- | M] () -- C:\WINNT\igysawyxev.exe
[2009/09/10 19:28:33 | 00,016,283 | ---- | M] () -- C:\WINNT\cimo._sy
[2009/09/10 19:28:33 | 00,015,933 | ---- | M] () -- C:\WINNT\System32\yzunipega.com
[2009/09/10 19:28:33 | 00,015,639 | ---- | M] () -- C:\WINNT\System32\buzulozoja.scr
[2009/09/10 19:28:33 | 00,012,959 | ---- | M] () -- C:\Program Files\Common Files\cugese.reg
[2009/09/10 19:28:33 | 00,012,081 | ---- | M] () -- C:\Program Files\Common Files\focavo.pif
[2009/09/10 19:28:33 | 00,011,594 | ---- | M] () -- C:\WINNT\ewicuqysyl.lib
[2009/09/10 19:28:33 | 00,010,931 | ---- | M] () -- C:\WINNT\System32\miwyca.exe
[2009/09/10 19:28:33 | 00,010,330 | ---- | M] () -- C:\WINNT\kexebipy.pif
[2009/09/10 19:20:29 | 00,047,104 | ---- | M] () -- C:\WINNT\System32\~.exe
[2009/09/10 18:45:37 | 00,000,382 | ---- | M] () -- C:\Program Files\Shortcut to Program Files.lnk
[2009/09/10 18:31:24 | 00,000,036 | ---- | M] () -- C:\WINNT\System32\sysnet.dat
[2009/09/10 18:31:23 | 00,000,032 | ---- | M] () -- C:\WINNT\System32\sonhelp.htm
[2009/09/10 18:28:58 | 00,186,097 | ---- | M] () -- C:\WINNT\System32\nvapps.xml
[2009/09/10 17:36:43 | 00,014,928 | ---- | M] () -- C:\WINNT\System32\oxyl.exe
[2009/09/10 17:36:43 | 00,013,908 | ---- | M] () -- C:\Program Files\Common Files\alyreqexad.exe
[2009/09/10 17:36:43 | 00,011,243 | ---- | M] () -- C:\Program Files\Common Files\yfivosuly._dl
[2009/09/10 17:36:43 | 00,011,212 | ---- | M] () -- C:\WINNT\amigeh.bat
[2009/09/10 17:36:42 | 00,019,497 | ---- | M] () -- C:\WINNT\gida.dat
[2009/09/10 17:36:41 | 00,015,985 | ---- | M] () -- C:\WINNT\zerazob.pif
[2009/09/10 17:36:41 | 00,014,416 | ---- | M] () -- D:\Documents and Settings\All Users\Application Data\ozudetel.dll
[2009/09/10 17:36:41 | 00,011,389 | ---- | M] () -- C:\WINNT\adygysyp.vbs
[2009/09/10 15:52:33 | 00,050,176 | -HS- | M] () -- C:\WINNT\System32\lawalasi.dll
[2009/09/10 15:52:04 | 00,053,248 | -HS- | M] () -- C:\WINNT\System32\lekegafu.exe
[2009/09/10 15:52:04 | 00,037,376 | -HS- | M] () -- C:\WINNT\System32\risowupa.dll
[2009/09/10 14:54:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbamswissarmy.sys
[2009/09/10 14:53:50 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINNT\System32\drivers\mbam.sys
[2009/09/09 21:21:31 | 00,044,970 | -HS- | M] () -- C:\WINNT\System32\wowafuha.exe
[2009/09/09 21:21:30 | 00,037,888 | -HS- | M] () -- C:\WINNT\System32\gijotoda.dll
[2009/09/09 21:15:00 | 00,000,046 | ---- | M] () -- C:\p2hhr.bat
[2009/09/09 21:12:38 | 00,025,088 | ---- | M] () -- C:\WINNT\System32\tapi.nfo
[2009/09/09 21:12:35 | 00,049,664 | ---- | M] () -- C:\scmhux.exe
[2009/09/09 21:12:35 | 00,017,920 | ---- | M] () -- C:\fjmpqp.exe
[2009/09/09 21:12:28 | 00,022,016 | ---- | M] () -- C:\udtcnn.exe
[2009/09/09 21:12:27 | 00,009,728 | ---- | M] () -- C:\kqbvc.exe
[2009/09/09 21:01:59 | 00,070,656 | ---- | M] () -- C:\WINNT\System32\drivers\vsipfvornmxxxiqd.sys
[2009/09/09 03:02:01 | 00,001,355 | ---- | M] () -- C:\WINNT\imsins.BAK
[2009/09/05 21:04:47 | 00,072,704 | ---- | M] () -- D:\Documents and Settings\Ian\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/09/02 18:40:29 | 00,000,000 | -H-- | M] () -- C:\WINNT\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2009/08/30 16:43:37 | 00,002,249 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\SolidWorks 2009 SP3.0.lnk
[2009/08/30 09:25:03 | 00,239,144 | ---- | M] () -- C:\WINNT\System32\FNTCACHE.DAT
[2009/08/30 01:11:02 | 00,001,976 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\DWGeditor.lnk
[2009/08/30 01:07:52 | 00,000,000 | ---- | M] () -- C:\WINNT\eDrawingOfficeAutomator.INI
[2009/08/30 01:06:08 | 00,001,730 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\SolidWorks eDrawings 2009.lnk
[2009/08/30 00:46:07 | 00,000,023 | -H-- | M] () -- C:\WINNT\yacht.xws
[2009/08/30 00:04:08 | 00,001,647 | ---- | M] () -- D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Desktop Search.lnk
[2009/08/30 00:03:46 | 00,547,118 | ---- | M] () -- C:\WINNT\System32\PerfStringBackup.INI
[2009/08/30 00:03:46 | 00,465,072 | ---- | M] () -- C:\WINNT\System32\perfh009.dat
[2009/08/30 00:03:46 | 00,078,958 | ---- | M] () -- C:\WINNT\System32\perfc009.dat
[2009/08/26 21:43:54 | 04,843,168 | -H-- | M] () -- D:\Documents and Settings\Ian\Local Settings\Application Data\IconCache.db
[2009/08/26 02:24:45 | 00,008,547 | ---- | M] () -- C:\WINNT\System32\wispex.html

========== Alternate Data Streams ==========

@Alternate Data Stream - 60 bytes -> C:\WINNT\System32\shellext.dll:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\WINNT\System32\ntlog.dll:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\WINNT\System32\nsldapssl32v30.dll:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\WINNT\System32\cbkhdlr.exe:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\Program Files\Timbuktu Pro\tb2logon.exe:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\Program Files\Timbuktu Pro\Hook32.dll:AFP_AfpInfo
@Alternate Data Stream - 155 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 149 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
< End of report >

BC AdBot (Login to Remove)

 


#2 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:04:22 PM

Posted 12 October 2009 - 11:07 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE
regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#3 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:04:22 PM

Posted 20 October 2009 - 12:27 PM

Due to the lack of feedback, this topic is now closed.
If you need this topic reopened, please PM a staff member and we will reopen it for you (include the address of this thread in your request). This applies to the original topic starter only. Everyone else with similar problems, please start a new topic.
regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users