Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My antivirus says I have a Trojan Horse


  • This topic is locked This topic is locked
2 replies to this topic

#1 monday2626

monday2626

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:02:02 PM

Posted 13 December 2009 - 01:39 PM

My antivirus says I have a trojan horse that it can't get rid of. Please review my logs. I think it has something to do with syswow64

HiJackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:14:03 PM, on 12/13/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files (x86)\Maxtor\OneTouch Status\MaxMenuMgr.exe
C:\Program Files (x86)\AVG\AVG8\avgtray.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0346.1\mswinext.exe
C:\Program Files (x86)\AVG\AVG8\avgui.exe
C:\hp\kbd\kbd.exe


Attach log:


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 6/20/2008 8:45:12 PM
System Uptime: 12/12/2009 11:12:37 AM (24 hours ago)

Motherboard: OEM_MB | | NARRA3
Processor: AMD Athlon™ 64 X2 Dual Core Processor 5000+ | Socket AM2 | 2600/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 455 GiB total, 338.437 GiB free.
D: is FIXED (NTFS) - 11 GiB total, 1.497 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is Removable
K: is FIXED (NTFS) - 298 GiB total, 271.178 GiB free.

==== Disabled Device Manager Items =============

Class GUID:
Description: photosmart 7600 series
Device ID: USB\VID_03F0&PID_B202&MI_01\6&D175C3F&0&0001
Manufacturer:
Name: photosmart 7600 series
PNP Device ID: USB\VID_03F0&PID_B202&MI_01\6&D175C3F&0&0001
Service:

==== System Restore Points ===================


==== Installed Programs ======================


3ivx MPEG-4 5.0.3 (remove only)
Activation Assistant for the 2007 Microsoft Office suites
Ad-Aware
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.3
Adobe Shockwave Player 11.5
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Software Update
AVG Free 8.5
Backyard Football 2002
Cobian Backup 9
Combat Arms
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
CyberLink DVD Suite Deluxe
CyberLink PowerDirector
Disney Pirates of the Caribbean Online
Disney Toontown Online
Enhanced Multimedia Keyboard Solution
FlipShare
Free Realms Installer
GameSpy Arcade
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Updater
Hardware Diagnostic Tools
Hewlett-Packard Active Check for Health Check
Hewlett-Packard Asset Agent for Health Check
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP Customer Feedback
HP Picasso Media Center Add-In
HP Total Care Advisor
HP Update
HPTCSSetup
Java™ SE Runtime Environment 6 Update 1
LabelPrint
LightScribe System Software
LightScribeTemplateLabeler
Magic DVD Ripper V5.4.1
Maxtor Manager
ME2
Microsoft Default Manager
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Move Networks Media Player for Internet Explorer
MSN Toolbar
MSN Toolbar Platform
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee autoProducer 6.1
muvee Plugin 1.0
My HP Games
Nanovor
NASCAR Thunder TM 2003
Nicktoons Slimeball Multiplayer
Norton Security Scan
Pando Media Booster
Power2Go
Python 2.5
QuickTime
Realtek High Definition Audio Driver
Safari
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB973704)
Security Update for Microsoft Office Excel 2007 (KB973593)
Security Update for Microsoft Office Outlook 2007 (KB972363)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB969693)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
SIM Edit Tool
sp41119
sp41121
Spelling Dictionaries Support For Adobe Reader 8
SpongeBob SquarePants Obstacle Odyssey 2
TurboTax 2008
TurboTax 2008 WinPerFedFormset
TurboTax 2008 WinPerProgramHelp
TurboTax 2008 WinPerReleaseEngine
TurboTax 2008 WinPerTaxSupport
TurboTax 2008 WinPerUserEducation
TurboTax 2008 wrapper
TurboTax 2008 wsciper
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office InfoPath 2007 (KB976416)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 (KB974561)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (kb976884)
Visual C++ 8.0 Runtime Setup Package (x64)
Wizard101
Xilisoft DVD Ripper Platinum 4
Yahoo! Toolbar

==== End Of File ===========================

C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\AVG\AVG8\avgcsrvx.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files (x86)\Cobian Backup 9\Cobian.exe
C:\Program Files (x86)\Cobian Backup 9\cbInterface.exe
C:\Users\Morris\Desktop\SysProt\SysProt\SysProt.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cndt
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0346.1\npwinext.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0346.1\npwinext.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files (x86)\Maxtor\OneTouch Status\maxmenumgr.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MSN Toolbar] "C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0346.1\mswinext.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
O4 - HKCU\..\Run: [Google Update] "C:\Users\Morris\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files (x86)\Common Files\Adobe\Updater5\AdobeUpdater.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/...can8/oscan8.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eB...l_v1-0-27-0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flas...ent/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: FlipShare Service - Unknown owner - C:\Program Files (x86)\Pure Digital Technologies\FlipShare\FlipShareService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files (x86)\Maxtor\Sync\SyncServices.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio64.exe (file missing)

--
End of file - 13310 bytes


DDS log:


DDS (Ver_09-12-01.01) - NTFSX64
Run by Morris at 11:53:21.85 on Sun 12/13/2009
Internet Explorer: 8.0.6001.18865
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3966.1762 [GMT -5:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RAVCpl64.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files (x86)\Maxtor\OneTouch Status\MaxMenuMgr.exe
C:\Program Files (x86)\AVG\AVG8\avgtray.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0346.1\mswinext.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Pure Digital Technologies\FlipShare\FlipShareService.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\PROGRA~2\AVG\AVG8\avgrsa.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\PROGRA~2\AVG\AVG8\avgnsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\DRIVERS\xaudio64.exe
C:\PROGRA~2\AVG\AVG8\avgemc.exe
C:\Program Files (x86)\AVG\AVG8\avgcsrvx.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\mobsync.exe
C:\Program Files (x86)\AVG\AVG8\avgui.exe
C:\hp\kbd\kbd.exe
c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\AVG\AVG8\avgcsrvx.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files (x86)\Cobian Backup 9\Cobian.exe
C:\Program Files (x86)\Cobian Backup 9\cbInterface.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Morris\Downloads\dds.scr

============== Pseudo HJT Report ===============

uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cndt
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mStart Page = hxxp://www.yahoo.com
mDefault_Page_URL = hxxp://www.yahoo.com
mLocal Page = c:\windows\syswow64\blank.htm
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files (x86)\yahoo!\companion\installs\cpn\yt.dll
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files (x86)\avg\avg8\toolbar\IEToolbar.dll
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files (x86)\avg\avg8\toolbar\IEToolbar.dll
mWinlogon: Userinit=userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files (x86)\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files (x86)\avg\avg8\avgssie.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files (x86)\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files (x86)\java\jre1.6.0_01\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files (x86)\avg\avg8\toolbar\IEToolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files (x86)\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files (x86)\msn toolbar\platform\4.0.0346.1\npwinext.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files (x86)\yahoo!\companion\installs\cpn\yt.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\google toolbar\GoogleToolbar.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files (x86)\avg\avg8\toolbar\IEToolbar.dll
TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files (x86)\msn toolbar\platform\4.0.0346.1\npwinext.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [HPAdvisor] c:\program files (x86)\hewlett-packard\hp advisor\HPAdvisor.exe autorun=AUTORUN
uRun: [Google Update] "c:\users\morris\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [swg] "c:\program files (x86)\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [WMPNSCFG] c:\program files (x86)\windows media player\WMPNSCFG.exe
uRun: [AdobeUpdater] "c:\program files (x86)\common files\adobe\updater5\AdobeUpdater.exe"
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [KBD] c:\hp\kbd\KbdStub.EXE
mRun: [SunJavaUpdateSched] "c:\program files (x86)\java\jre1.6.0_01\bin\jusched.exe"
mRun: [<NO NAME>]
mRun: [mxomssmenu] "c:\program files (x86)\maxtor\onetouch status\maxmenumgr.exe"
mRun: [AVG8_TRAY] c:\progra~2\avg\avg8\avgtray.exe
mRun: [GrooveMonitor] "c:\program files (x86)\microsoft office\office12\GrooveMonitor.exe"
mRun: [AppleSyncNotifier] c:\program files (x86)\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [HP Software Update] c:\program files (x86)\hp\hp software update\HPWuSchd2.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "c:\program files (x86)\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files (x86)\itunes\iTunesHelper.exe"
mRun: [MSN Toolbar] "c:\program files (x86)\msn toolbar\platform\4.0.0346.1\mswinext.exe"
mRun: [Microsoft Default Manager] "c:\program files (x86)\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~2\micros~2\office12\EXCEL.EXE/3000
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC} - c:\program files (x86)\java\jre1.6.0_01\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~2\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~2\office12\REFIEBAR.DLL
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files (x86)\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files (x86)\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files (x86)\avg\avg8\avgpp.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg64.dll
TB-X64: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun-x64: [RtHDVCpl] RAVCpl64.exe
mRun-x64: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun-x64: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun-x64: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
AppInit_DLLs-X64: avgrssta.dll

============= SERVICES / DRIVERS ===============

R1 AvgLdx64;AVG Free AVI Loader Driver x64;c:\windows\system32\drivers\avgldx64.sys [2008-9-18 427016]
R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64;c:\windows\system32\drivers\avgmfx64.sys [2008-9-18 33416]
R1 AvgTdiA;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdia.sys [2009-2-6 133640]
R2 aawservice;Lavasoft Ad-Aware Service;c:\program files (x86)\lavasoft\ad-aware\aawservice.exe [2008-9-10 611664]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~2\avg\avg8\avgemc.exe [2008-9-18 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~2\avg\avg8\avgwdsvc.exe [2008-9-18 297752]
R3 CAXHWBS2;CAXHWBS2;c:\windows\system32\drivers\CAXHWBS2.sys [2008-5-8 411136]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe [2009-6-25 93184]
S3 PerfHost;Performance Counter DLL Host;c:\windows\syswow64\perfhost.exe [2008-1-20 19968]
S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl64.sys [2009-8-28 49152]

============== File Associations ===============

JSEFile=c:\windows\syswow64\WScript.exe "%1" %*

=============== Created Last 30 ================

2009-12-25 21:54:19 8075 ----a-w- c:\windows\55c7zir9255.exe
2009-12-25 16:11:11 4562 ----a-w- c:\windows\12a5b9ckdooz1295.dll
2009-12-24 21:19:01 15120 ----a-w- c:\windows\syswow64\9251vi95s14z.dll
2009-12-23 06:08:31 9023 ----a-w- c:\windows\syswow64\6a6fdownloa5er2329z.ocx
2009-12-23 01:14:13 7390 ----a-w- c:\windows\7492szy53b9.exe
2009-12-21 11:50:05 7767 ----a-w- c:\windows\syswow64\23741haczt5ol397.ocx
2009-12-19 15:18:16 16941 ----a-w- c:\windows\syswow64\23973not-a-z5rus391.cpl
2009-12-19 06:46:16 10384 ----a-w- c:\windows\5908thzea511390.cpl
2009-12-17 07:11:21 5234 ----a-w- c:\windows\5d99vir1682z.dll
2009-12-15 02:15:58 5564 ----a-w- c:\windows\1552szarse3089.cpl
2009-12-14 19:08:41 15256 ----a-w- c:\windows\syswow64\6790szea51159.ocx
2009-12-14 03:12:42 15225 ----a-w- c:\windows\syswow64\764dvi59001z.cpl
2009-12-13 16:27:11 0 d-----w- c:\programdata\Cobian
2009-12-13 16:26:55 0 d-----w- c:\program files (x86)\Cobian Backup 9
2009-12-13 16:03:27 9256 ----a-w- c:\windows\55c5threat91z52.bin
2009-12-13 10:02:23 15273 ----a-w- c:\windows\syswow64\2f5cspy9arz1683.cpl
2009-12-13 05:16:29 5339 ----a-w- c:\windows\265z95ir9s19e.exe
2009-12-12 15:39:19 0 d-----w- c:\program files (x86)\Trend Micro
2009-12-11 23:38:00 8884 ----a-w- c:\windows\55999ddware258z.ocx
2009-12-11 23:00:28 12633 ----a-w- c:\windows\26333hack5oo95zc.ocx
2009-12-11 11:33:00 7603 ----a-w- c:\windows\syswow64\28038vir5s14z9.dll
2009-12-10 08:00:32 32768 ----a-w- c:\windows\system32\nshhttp.dll
2009-12-10 08:00:32 24064 ----a-w- c:\windows\syswow64\nshhttp.dll
2009-12-10 08:00:28 610304 ----a-w- c:\windows\system32\drivers\http.sys
2009-12-10 08:00:28 33792 ----a-w- c:\windows\system32\httpapi.dll
2009-12-10 08:00:28 31232 ----a-w- c:\windows\syswow64\httpapi.dll
2009-12-10 06:18:50 8310 ----a-w- c:\windows\7a5athizf9975.dll
2009-12-10 05:48:12 4527 ----a-w- c:\windows\8908s5y5dz.exe
2009-12-07 10:33:35 2900 ----a-w- c:\windows\544spy18z9.cpl
2009-12-03 23:11:18 11568 ----a-w- c:\windows\syswow64\1z4asparse3965.exe
2009-12-03 08:32:15 7006 ----a-w- c:\windows\syswow64\11d7szyware1959.cpl
2009-12-02 19:45:43 18322 ----a-w- c:\windows\82s9a5zot2cb.bin
2009-12-02 19:31:38 6534 ----a-w- c:\windows\2598spz9be.cpl
2009-12-01 14:25:50 13698 ----a-w- c:\windows\3bz15hief119.cpl
2009-12-01 04:19:54 11180 ----a-w- c:\windows\17722spambot95z.exe
2009-11-28 08:38:27 4672 ----a-w- c:\windows\40b9s5yware2806z.cpl
2009-11-27 22:20:27 16116 ----a-w- c:\windows\syswow64\510cst9zl1318.ocx
2009-11-27 06:22:54 11712 ----a-w- c:\windows\193z7virus536.dll
2009-11-26 19:18:42 16601 ----a-w- c:\windows\syswow64\1891zspy55a.bin
2009-11-26 00:30:15 6463 ----a-w- c:\windows\syswow64\325eadzw9re2315.ocx
2009-11-25 23:45:53 15385 ----a-w- c:\windows\syswow64\25359hacktooz191.dll
2009-11-25 14:17:46 12805 ----a-w- c:\windows\217f5aczdoo92604.ocx
2009-11-25 08:02:21 2048 ----a-w- c:\windows\syswow64\tzres.dll
2009-11-25 08:02:21 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-25 00:13:27 1875456 ----a-w- c:\windows\system32\msxml3.dll
2009-11-25 00:13:27 1794560 ----a-w- c:\windows\system32\msxml6.dll
2009-11-25 00:13:26 1399296 ----a-w- c:\windows\syswow64\msxml6.dll
2009-11-25 00:13:26 1257472 ----a-w- c:\windows\syswow64\msxml3.dll
2009-11-25 00:13:17 880640 ----a-w- c:\windows\system32\timedate.cpl
2009-11-25 00:13:17 714240 ----a-w- c:\windows\syswow64\timedate.cpl
2009-11-24 19:36:52 4795 ----a-w- c:\windows\4502addwzre1895.ocx
2009-11-24 15:02:07 2617 ----a-w- c:\windows\syswow64\3z2w9rm5df.dll
2009-11-19 11:18:50 10656 ----a-w- c:\windows\5c41steal3z669.cpl
2009-11-18 19:10:18 15679 ----a-w- c:\windows\28906v5rus31z.bin
2009-11-17 23:16:30 0 d-----w- c:\programdata\Intenium
2009-11-17 23:15:13 0 d-----w- c:\program files (x86)\Microsoft
2009-11-17 23:15:10 0 d-----w- c:\program files (x86)\MSN Toolbar
2009-11-17 23:14:30 0 d-----w- c:\program files (x86)\MSN Toolbar Installer
2009-11-17 10:02:05 18429 ----a-w- c:\windows\syswow64\6944spamb5t6c4z.dll
2009-11-17 07:28:22 2770 ----a-w- c:\windows\syswow64\25z669py725.exe
2009-11-15 22:58:54 3557 ----a-w- c:\windows\syswow64\2654t9ojz01.exe
2009-11-15 08:04:22 15867 ----a-w- c:\windows\syswow64\30617spambotz95.dll
2009-11-15 03:07:37 15300 ----a-w- c:\windows\20593n9t-z-virus3c4.cpl
2009-11-15 00:21:32 7511 ----a-w- c:\windows\944zp5rse2695.dll

==================== Find3M ====================

2009-11-21 06:52:02 1147904 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:46:36 77312 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 06:46:36 132096 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 06:40:20 916480 ----a-w- c:\windows\syswow64\wininet.dll
2009-11-21 06:40:03 1208832 ----a-w- c:\windows\syswow64\urlmon.dll
2009-11-21 06:38:17 206848 ----a-w- c:\windows\syswow64\occache.dll
2009-11-21 06:35:43 5940736 ----a-w- c:\windows\syswow64\mshtml.dll
2009-11-21 06:35:38 594432 ----a-w- c:\windows\syswow64\msfeeds.dll
2009-11-21 06:35:38 55296 ----a-w- c:\windows\syswow64\msfeedsbs.dll
2009-11-21 06:34:58 25600 ----a-w- c:\windows\syswow64\jsproxy.dll
2009-11-21 06:34:39 71680 ----a-w- c:\windows\syswow64\iesetup.dll
2009-11-21 06:34:39 1985536 ----a-w- c:\windows\syswow64\iertutil.dll
2009-11-21 06:34:39 164352 ----a-w- c:\windows\syswow64\ieui.dll
2009-11-21 06:34:39 109056 ----a-w- c:\windows\syswow64\iesysprep.dll
2009-11-21 06:34:38 55808 ----a-w- c:\windows\syswow64\iernonce.dll
2009-11-21 06:34:38 184320 ----a-w- c:\windows\syswow64\iepeers.dll
2009-11-21 06:34:38 11069952 ----a-w- c:\windows\syswow64\ieframe.dll
2009-11-21 06:34:33 387584 ----a-w- c:\windows\syswow64\iedkcs32.dll
2009-11-21 05:07:24 162816 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-21 04:59:58 133632 ----a-w- c:\windows\syswow64\ieUnatt.exe
2009-11-21 04:59:52 173056 ----a-w- c:\windows\syswow64\ie4uinit.exe
2009-11-21 04:59:14 13312 ----a-w- c:\windows\syswow64\msfeedssync.exe
2009-11-13 16:08:32 10752 ----a-w- c:\windows\z2525ackt9ol485.dll
2009-11-13 04:49:14 15006 ----a-w- c:\windows\syswow64\3829spy595z.bin
2009-11-12 16:23:03 17771 ----a-w- c:\windows\syswow64\24705trzj194.dll
2009-11-11 11:17:48 4788 ----a-w- c:\windows\z950addware99.dll
2009-11-09 04:14:21 10309 ----a-w- c:\windows\syswow64\zdfback5oor4229.dll
2009-11-07 18:47:56 11772 ----a-w- c:\windows\syswow64\1za5thief1933.exe
2009-11-07 10:40:36 6195 ----a-w- c:\windows\syswow64\7e59zy5are843.exe
2009-11-04 14:48:06 18234 ----a-w- c:\windows\syswow64\31zathre5t7896.dll
2009-11-03 15:53:20 5065 ----a-w- c:\windows\syswow64\61e4threa918z325.dll
2009-11-03 01:42:06 226688 ------w- c:\windows\system32\MpSigStub.exe
2009-10-25 22:01:07 10027 ----a-w- c:\windows\syswow64\139z5sp52bc.dll
2009-10-21 07:45:22 17156 ----a-w- c:\windows\3f5cvirz972.exe
2009-10-20 12:22:16 7684 ----a-w- c:\windows\248645pzm9ot348.dll
2009-10-19 08:15:53 3352 ----a-w- c:\windows\79eet5zef1549.bin
2009-10-18 17:21:05 6225 ----a-w- c:\windows\7956spy5ar9169z.dll
2009-10-18 10:30:54 9228 ----a-w- c:\windows\syswow64\82z49roj256.bin
2009-10-18 07:10:00 8331 ----a-w- c:\windows\syswow64\6290thzeat58175.dll
2009-10-16 07:04:08 13210 ----a-w- c:\windows\syswow64\9597bazkdoo5636.dll
2009-10-14 14:47:31 17714 ----a-w- c:\windows\syswow64\8748t9oj3z5.dll
2009-10-13 21:06:05 86016 ----a-w- c:\windows\inf\infstor.dat
2009-10-13 21:06:05 51200 ----a-w- c:\windows\inf\infpub.dat
2009-10-13 21:06:05 143360 ----a-w- c:\windows\inf\infstrng.dat
2009-10-12 22:07:57 17515 ----a-w- c:\windows\95avir950z.bin
2009-10-10 08:39:36 2776 ----a-w- c:\windows\39e8downl5aderz579.dll
2009-10-09 00:41:43 10792 ----a-w- c:\windows\29342not-a-viru595z.bin
2009-10-08 14:39:36 9589 ----a-w- c:\windows\syswow64\z651059rus21d.dll
2009-10-07 12:57:40 280576 ----a-w- c:\windows\system32\rastls.dll
2009-10-07 12:57:38 295936 ----a-w- c:\windows\system32\raschap.dll
2009-10-07 12:41:32 244224 ----a-w- c:\windows\syswow64\rastls.dll
2009-10-07 12:41:31 281600 ----a-w- c:\windows\syswow64\raschap.dll
2009-10-06 18:29:22 14184 ----a-w- c:\windows\syswow64\1563zspambot59e5.dll
2009-10-06 03:24:03 6011 ----a-w- c:\windows\69zthreat19025.exe
2009-10-05 08:43:15 14266 ----a-w- c:\windows\syswow64\25228wozm7599.dll
2009-10-04 16:50:32 9144 ----a-w- c:\windows\885thie913z0.dll
2009-10-03 19:53:01 15795 ----a-w- c:\windows\syswow64\7421tzi9f592.exe
2009-10-02 02:53:44 9834 ----a-w- c:\windows\291955irzs299.bin
2009-10-01 00:05:33 12957 ----a-w- c:\windows\4a10th9ef13z15.exe
2009-09-27 17:20:48 10126 ----a-w- c:\windows\syswow64\1c18zh5e9t9556.exe
2009-09-24 02:40:57 5642 ----a-w- c:\windows\syswow64\935spamzo557c.dll
2009-09-22 19:24:15 3487 ----a-w- c:\windows\syswow64\754fspyware5293z.dll
2009-09-16 16:40:36 8301 ----a-w- c:\windows\syswow64\5e21ad9w5re1041z.dll
2008-07-13 17:24:27 665600 ----a-w- c:\windows\inf\drvindex.dat
2008-01-21 03:21:59 174 --sha-w- c:\program files\desktop.ini
2008-01-21 03:21:59 174 --sha-w- c:\program files (x86)\desktop.ini
2006-11-02 15:14:56 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 15:14:56 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 15:14:56 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 15:14:56 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 10:52:12 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 10:52:12 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 10:52:10 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 10:52:10 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-02-22 17:35:04 16384 --sha-w- c:\windows\temp\cookies\index.dat
2009-02-22 17:35:04 16384 --sha-w- c:\windows\temp\history\history.ie5\index.dat
2009-02-22 17:35:04 32768 --sha-w- c:\windows\temp\temporary internet files\content.ie5\index.dat

============= FINISH: 11:53:53.01 ===============
OTL Log

OTL logfile created on: 12/13/2009 12:56:55 PM - Run 1
OTL by OldTimer - Version 3.1.17.0 Folder = C:\Users\Morris\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.87 Gb Total Physical Memory | 1.35 Gb Available Physical Memory | 34.79% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454.59 Gb Total Space | 338.40 Gb Free Space | 74.44% Space Free | Partition Type: NTFS
Drive D: | 11.17 Gb Total Space | 1.50 Gb Free Space | 13.41% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 298.09 Gb Total Space | 271.18 Gb Free Space | 90.97% Space Free | Partition Type: NTFS

Computer Name: MORRIS-PC
Current User Name: Morris
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2009/12/13 12:56:27 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Users\Morris\Desktop\OTL.exe
PRC - [2009/12/13 12:14:38 | 00,145,408 | ---- | M] () -- C:\Users\Morris\Desktop\SysProt\SysProt\SysProt.exe
PRC - [2009/12/12 11:09:23 | 03,530,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgui.exe
PRC - [2009/12/12 11:09:23 | 02,043,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgtray.exe
PRC - [2009/12/12 10:39:19 | 00,396,288 | ---- | M] (Trend Micro Inc.) -- C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
PRC - [2009/11/01 00:59:48 | 00,240,992 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0346.1\mswinext.exe
PRC - [2009/10/28 20:21:26 | 00,141,600 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
PRC - [2009/08/27 18:55:31 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgcsrvx.exe
PRC - [2009/08/27 18:55:24 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgemc.exe
PRC - [2009/08/27 18:55:15 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgwdsvc.exe
PRC - [2009/08/07 17:15:06 | 00,311,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
PRC - [2009/08/07 17:15:06 | 00,242,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/07/17 22:12:12 | 00,257,440 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10c.exe
PRC - [2009/06/05 10:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/05/19 18:15:43 | 00,280,176 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser.exe
PRC - [2009/03/17 13:25:40 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
PRC - [2009/01/22 11:38:32 | 02,749,952 | ---- | M] (Luis Cobian) -- C:\Program Files (x86)\Cobian Backup 9\cbInterface.exe
PRC - [2009/01/22 11:38:26 | 00,579,584 | ---- | M] (Luis Cobian) -- C:\Program Files (x86)\Cobian Backup 9\Cobian.exe
PRC - [2009/01/12 11:27:06 | 00,972,344 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
PRC - [2008/11/13 13:17:38 | 00,439,616 | ---- | M] () -- C:\Program Files (x86)\Pure Digital Technologies\FlipShare\FlipShareService.exe
PRC - [2008/10/10 05:45:26 | 00,013,088 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2008/09/10 13:01:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2008/07/26 09:22:48 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2007/09/28 11:24:36 | 00,156,976 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Maxtor\Sync\SyncServices.exe
PRC - [2007/09/06 13:53:40 | 00,169,264 | ---- | M] (Maxtor Corporation) -- C:\Program Files (x86)\Maxtor\OneTouch Status\MaxMenuMgr.exe
PRC - [2007/05/08 16:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
PRC - [2007/04/18 10:01:34 | 00,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2005/02/02 10:44:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\hp\KBD\kbd.exe


========== Modules (SafeList) ==========

MOD - [2009/12/13 12:56:27 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Users\Morris\Desktop\OTL.exe
MOD - [2008/01/20 21:48:06 | 01,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/10/28 20:21:28 | 00,660,256 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV:64bit: - [2009/08/18 12:48:02 | 02,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:64bit: - [2008/01/20 21:47:32 | 00,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/10/18 10:37:22 | 00,412,672 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)
SRV - [2009/08/27 18:55:24 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2009/08/27 18:55:15 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2009/08/07 17:15:06 | 00,242,048 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/06/05 10:48:14 | 00,144,712 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/03/23 19:14:34 | 00,183,280 | ---- | M] (Google) [Auto | Stopped] -- C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/03/17 13:25:40 | 00,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/11/13 13:17:38 | 00,439,616 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Pure Digital Technologies\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2008/10/25 10:44:08 | 00,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008/10/10 05:45:26 | 00,013,088 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2008/09/10 13:01:28 | 00,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2008/07/27 13:01:49 | 00,093,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2008/03/14 20:31:38 | 00,094,208 | ---- | M] (Hewlett-Packard) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service)
SRV - [2007/12/04 19:41:34 | 00,181,784 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2007/09/28 11:24:36 | 00,156,976 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files (x86)\Maxtor\Sync\SyncServices.exe -- (Maxtor Sync Service)
SRV - [2006/11/02 08:34:14 | 00,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2006/11/02 01:35:15 | 00,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2006/11/02 01:35:15 | 00,055,846 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0346.1\Firefox [2009/11/17 18:15:10 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2009/11/17 18:15:15 | 00,000,000 | ---D | M]


O1 HOSTS File: (736 bytes) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg64.dll (Google Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0346.1\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0346.1\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4:64bit: - HKLM..\Run: [HP Health Check Scheduler] File not found
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL ()
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.DLL ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files (x86)\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSN Toolbar] C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0346.1\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [mxomssmenu] C:\Program Files (x86)\Maxtor\OneTouch Status\maxmenumgr.exe (Maxtor Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [AdobeUpdater] C:\Program Files (x86)\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Google Update] C:\Users\Morris\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [HPAdvisor] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard)
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe ()
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.1...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.0...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg.com/eps/wl/activex/eB...l_v1-0-27-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flas...ent/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.197.97.137 24.197.97.135
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - Reg Error: Key error. File not found
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20:64bit: - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/05/31 13:15:50 | 00,000,118 | ---- | M] () - K:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{45e2b095-f8dc-11dd-aa3e-001fc6dad135}\Shell - "" = AutoRun
O33 - MountPoints2\{45e2b095-f8dc-11dd-aa3e-001fc6dad135}\Shell\AutoRun\command - "" = L:\AutoRun.EXE -- File not found
O33 - MountPoints2\{6b782427-5117-11dd-8dce-001fc6dad135}\Shell\AutoRun\command - "" = .\Encryption Tool\MaxtorEncryption.exe
O33 - MountPoints2\{a86d9cc7-7c90-11de-b6b2-001fc6dad135}\Shell\AutoRun\command - "" = L:\Autorun.exe -- File not found
O33 - MountPoints2\{a86d9cc7-7c90-11de-b6b2-001fc6dad135}\Shell\Shell00\Command - "" = L:\Autorun.exe -- File not found
O33 - MountPoints2\{a86d9cc7-7c90-11de-b6b2-001fc6dad135}\Shell\Shell01\Command - "" = L:\Autorun.exe -- File not found
O33 - MountPoints2\{a86d9cc7-7c90-11de-b6b2-001fc6dad135}\Shell\Shell02\Command - "" = L:\Autorun.exe -- File not found
O33 - MountPoints2\{ec7c42af-cded-11dd-aa24-001fc6dad135}\Shell\AutoRun\command - "" = L:\Setup_FlipShare.exe -- File not found
O33 - MountPoints2\{ec7c42af-cded-11dd-aa24-001fc6dad135}\Shell\Setup FlipShare\command - "" = L:\Setup_FlipShare.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2009/12/13 12:56:17 | 00,538,112 | ---- | C] (OldTimer Tools) -- C:\Users\Morris\Desktop\OTL.exe
[2009/12/13 12:14:36 | 00,000,000 | ---D | C] -- C:\Users\Morris\Desktop\SysProt
[2009/12/13 12:00:37 | 00,472,064 | ---- | C] ( ) -- C:\Users\Morris\Desktop\RootRepeal.exe
[2009/12/13 11:27:11 | 00,000,000 | ---D | C] -- C:\ProgramData\Cobian
[2009/12/13 11:26:55 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Cobian Backup 9
[2009/12/12 10:39:19 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro

========== Files - Modified Within 14 Days ==========

[2009/12/25 16:54:19 | 00,008,075 | ---- | M] () -- C:\Windows\55c7zir9255.exe
[2009/12/25 11:11:11 | 00,004,562 | ---- | M] () -- C:\Windows\12a5b9ckdooz1295.dll
[2009/12/24 16:19:01 | 00,015,120 | ---- | M] () -- C:\Windows\SysWow64\9251vi95s14z.dll
[2009/12/23 01:08:31 | 00,009,023 | ---- | M] () -- C:\Windows\SysWow64\6a6fdownloa5er2329z.ocx
[2009/12/22 20:14:13 | 00,007,390 | ---- | M] () -- C:\Windows\7492szy53b9.exe
[2009/12/21 06:50:05 | 00,007,767 | ---- | M] () -- C:\Windows\SysWow64\23741haczt5ol397.ocx
[2009/12/19 10:18:16 | 00,016,941 | ---- | M] () -- C:\Windows\SysWow64\23973not-a-z5rus391.cpl
[2009/12/19 01:46:16 | 00,010,384 | ---- | M] () -- C:\Windows\5908thzea511390.cpl
[2009/12/17 02:11:21 | 00,005,234 | ---- | M] () -- C:\Windows\5d99vir1682z.dll
[2009/12/14 21:15:58 | 00,005,564 | ---- | M] () -- C:\Windows\1552szarse3089.cpl
[2009/12/14 14:08:41 | 00,015,256 | ---- | M] () -- C:\Windows\SysWow64\6790szea51159.ocx
[2009/12/13 22:12:42 | 00,015,225 | ---- | M] () -- C:\Windows\SysWow64\764dvi59001z.cpl
[2009/12/13 13:06:00 | 00,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{9E594783-DE8F-4088-A9D8-FB2618DE7F4D}.job
[2009/12/13 12:56:30 | 02,621,440 | -HS- | M] () -- C:\Users\Morris\NTUSER.DAT
[2009/12/13 12:56:27 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Users\Morris\Desktop\OTL.exe
[2009/12/13 12:24:01 | 00,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1387496747-1728012586-863705741-1000UA.job
[2009/12/13 12:14:08 | 00,354,396 | ---- | M] () -- C:\Users\Morris\Desktop\SysProt.zip
[2009/12/13 12:11:19 | 00,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/12/13 12:11:19 | 00,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/12/13 12:07:13 | 00,472,064 | ---- | M] ( ) -- C:\Users\Morris\Desktop\RootRepeal.exe
[2009/12/13 11:03:27 | 00,009,256 | ---- | M] () -- C:\Windows\55c5threat91z52.bin
[2009/12/13 10:47:57 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/12/13 10:12:48 | 46,570,310 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2009/12/13 10:12:48 | 00,123,708 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\microavi.avg
[2009/12/13 10:11:48 | 00,000,880 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2009/12/13 05:02:23 | 00,015,273 | ---- | M] () -- C:\Windows\SysWow64\2f5cspy9arz1683.cpl
[2009/12/13 00:16:29 | 00,005,339 | ---- | M] () -- C:\Windows\265z95ir9s19e.exe
[2009/12/12 13:24:03 | 00,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1387496747-1728012586-863705741-1000Core.job
[2009/12/12 12:10:36 | 00,081,288 | ---- | M] () -- C:\Users\Morris\Desktop\Muse ticket.pdf
[2009/12/12 11:21:26 | 00,690,960 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009/12/12 11:21:26 | 00,595,446 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009/12/12 11:21:26 | 00,101,144 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009/12/12 11:14:01 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/12/12 10:52:04 | 00,032,768 | ---- | M] () -- C:\Users\Morris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/12 10:39:20 | 00,001,930 | ---- | M] () -- C:\Users\Morris\Desktop\HijackThis.lnk
[2009/12/11 21:43:48 | 00,016,353 | ---- | M] () -- C:\Windows\SysWow64\99925rojz42.dll
[2009/12/11 21:43:48 | 00,014,769 | ---- | M] () -- C:\Windows\SysWow64\5b52tzief20749.bin
[2009/12/11 21:43:48 | 00,010,598 | ---- | M] () -- C:\Windows\92589hack5ool4zd.ocx
[2009/12/11 21:43:48 | 00,008,040 | ---- | M] () -- C:\Windows\4349sp9m5oz355.bin
[2009/12/11 21:43:47 | 00,018,128 | ---- | M] () -- C:\Windows\SysWow64\z957s59mbot513.exe
[2009/12/11 21:43:46 | 00,016,058 | ---- | M] () -- C:\Windows\SysWow64\1139zs9ambot659.cpl
[2009/12/11 21:43:46 | 00,010,258 | ---- | M] () -- C:\Windows\SysWow64\26631n9t-a-vi5us451z.ocx
[2009/12/11 21:43:46 | 00,005,068 | ---- | M] () -- C:\Windows\2e9zsp9rse1588.dll
[2009/12/11 21:43:45 | 00,009,761 | ---- | M] () -- C:\Windows\6ea1s5ywzre23469.ocx
[2009/12/11 21:43:45 | 00,004,796 | ---- | M] () -- C:\Windows\SysWow64\2099szywa5e2640.dll
[2009/12/11 21:43:45 | 00,003,226 | ---- | M] () -- C:\Windows\1a41zhrea511920.bin
[2009/12/11 21:43:44 | 00,003,890 | ---- | M] () -- C:\Windows\SysWow64\6857sp9rs512z7.cpl
[2009/12/11 21:43:43 | 00,017,383 | ---- | M] () -- C:\Windows\SysWow64\55fzdownload9r2594.dll
[2009/12/11 21:43:43 | 00,005,643 | ---- | M] () -- C:\Windows\SysWow64\59066virus2z9.ocx
[2009/12/11 21:43:42 | 00,013,325 | ---- | M] () -- C:\Windows\938z9spambo538.bin
[2009/12/11 21:43:42 | 00,011,146 | ---- | M] () -- C:\Windows\7998baczdoor859.exe
[2009/12/11 21:43:42 | 00,006,689 | ---- | M] () -- C:\Windows\SysWow64\38fathrez95594.bin
[2009/12/11 21:43:42 | 00,004,100 | ---- | M] () -- C:\Windows\3365worm6z99.dll
[2009/12/11 21:43:42 | 00,003,084 | ---- | M] () -- C:\Windows\SysWow64\5z37hack9ool708.exe
[2009/12/11 21:43:41 | 00,017,829 | ---- | M] () -- C:\Windows\SysWow64\4329zr5999.ocx
[2009/12/11 21:43:41 | 00,012,004 | ---- | M] () -- C:\Windows\SysWow64\5733a95ware2z95.cpl
[2009/12/11 21:43:41 | 00,011,429 | ---- | M] () -- C:\Windows\9590trzjc4.exe
[2009/12/11 21:43:41 | 00,009,559 | ---- | M] () -- C:\Windows\951005orm613z.cpl
[2009/12/11 21:43:41 | 00,005,133 | ---- | M] () -- C:\Windows\11236n5t-a-9iruz47c.dll
[2009/12/11 21:43:40 | 00,017,693 | ---- | M] () -- C:\Windows\SysWow64\555s9yz02.exe
[2009/12/11 21:43:40 | 00,017,477 | ---- | M] () -- C:\Windows\5z34th5e91566.bin
[2009/12/11 21:43:40 | 00,010,555 | ---- | M] () -- C:\Windows\z2935not-a-v9rus579.ocx
[2009/12/11 21:43:39 | 00,009,981 | ---- | M] () -- C:\Windows\SysWow64\9830zacktool385.exe
[2009/12/11 21:43:39 | 00,009,536 | ---- | M] () -- C:\Windows\38b9thiefz6175.exe
[2009/12/11 21:43:39 | 00,007,883 | ---- | M] () -- C:\Windows\SysWow64\z925v9rus532.cpl
[2009/12/11 21:43:39 | 00,003,576 | ---- | M] () -- C:\Windows\759dtzreat29233.ocx
[2009/12/11 21:43:38 | 00,011,091 | ---- | M] () -- C:\Windows\2z55s9arse711.bin
[2009/12/11 21:43:38 | 00,003,362 | ---- | M] () -- C:\Windows\36athr95z31015.cpl
[2009/12/11 21:43:37 | 00,015,998 | ---- | M] () -- C:\Windows\7db7addwar919z35.bin
[2009/12/11 21:43:37 | 00,015,352 | ---- | M] () -- C:\Windows\28752virus6z09.bin
[2009/12/11 21:43:37 | 00,002,564 | ---- | M] () -- C:\Windows\40ezvi5946.dll
[2009/12/11 21:43:36 | 00,018,009 | ---- | M] () -- C:\Windows\9z68s5arse2349.dll
[2009/12/11 21:43:36 | 00,011,910 | ---- | M] () -- C:\Windows\SysWow64\1z75ackdo9r1691.cpl
[2009/12/11 21:43:35 | 00,007,848 | ---- | M] () -- C:\Windows\6d5ethze9t504.ocx
[2009/12/11 21:43:34 | 00,010,467 | ---- | M] () -- C:\Windows\4c82thze5t22295.dll
[2009/12/11 21:43:34 | 00,008,278 | ---- | M] () -- C:\Windows\SysWow64\25541hzckt9olbd.dll
[2009/12/11 21:43:34 | 00,007,028 | ---- | M] () -- C:\Windows\1499steal1z35.bin
[2009/12/11 21:43:34 | 00,006,840 | ---- | M] () -- C:\Windows\SysWow64\395downlozder2446.exe
[2009/12/11 21:43:34 | 00,004,695 | ---- | M] () -- C:\Windows\SysWow64\28983virus53z9.bin
[2009/12/11 21:43:34 | 00,004,581 | ---- | M] () -- C:\Windows\7975viz790.cpl
[2009/12/11 21:43:33 | 00,018,105 | ---- | M] () -- C:\Windows\95897w5rm2za.exe
[2009/12/11 21:43:33 | 00,018,048 | ---- | M] () -- C:\Windows\24779w5rz53e.dll
[2009/12/11 21:43:33 | 00,016,987 | ---- | M] () -- C:\Windows\SysWow64\103z5irus729.exe
[2009/12/11 21:43:33 | 00,014,422 | ---- | M] () -- C:\Windows\SysWow64\59ccth5eat96921z.cpl
[2009/12/11 21:43:33 | 00,009,869 | ---- | M] () -- C:\Windows\SysWow64\5bb2v9z2570.cpl
[2009/12/11 21:43:33 | 00,007,730 | ---- | M] () -- C:\Windows\6906d5wnloader8z8.ocx
[2009/12/11 21:43:32 | 00,018,151 | ---- | M] () -- C:\Windows\3359zpambo57c89.ocx
[2009/12/11 21:43:32 | 00,013,822 | ---- | M] () -- C:\Windows\SysWow64\247955py52ez.ocx
[2009/12/11 21:43:32 | 00,003,352 | ---- | M] () -- C:\Windows\2205z9iru569c.exe
[2009/12/11 21:43:32 | 00,003,040 | ---- | M] () -- C:\Windows\13995sp55z1.bin
[2009/12/11 21:43:31 | 00,015,608 | ---- | M] () -- C:\Windows\3865sp96a5z.exe
[2009/12/11 21:43:31 | 00,006,624 | ---- | M] () -- C:\Windows\937z3viru5345.bin
[2009/12/11 21:43:30 | 00,017,979 | ---- | M] () -- C:\Windows\SysWow64\152529zrm453.exe
[2009/12/11 21:43:30 | 00,015,132 | ---- | M] () -- C:\Windows\SysWow64\24595irus60z.bin
[2009/12/11 21:43:30 | 00,004,330 | ---- | M] () -- C:\Windows\59e2addwz5e2352.ocx
[2009/12/11 21:43:29 | 00,012,253 | ---- | M] () -- C:\Windows\SysWow64\90c3zpywa5e738.ocx
[2009/12/11 21:43:29 | 00,010,864 | ---- | M] () -- C:\Windows\SysWow64\293795zrus478.cpl
[2009/12/11 21:43:29 | 00,010,090 | ---- | M] () -- C:\Windows\9384s594fz.ocx
[2009/12/11 21:43:28 | 00,017,990 | ---- | M] () -- C:\Windows\SysWow64\825z9o5m7c1.ocx
[2009/12/11 21:43:28 | 00,006,176 | ---- | M] () -- C:\Windows\242cazdw5re2991.exe
[2009/12/11 21:43:28 | 00,005,373 | ---- | M] () -- C:\Windows\50z61sp9126.exe
[2009/12/11 21:43:28 | 00,005,087 | ---- | M] () -- C:\Windows\6a0zsp9rse8275.exe
[2009/12/11 21:43:27 | 00,018,291 | ---- | M] () -- C:\Windows\SysWow64\6956vir5995z.dll
[2009/12/11 21:43:27 | 00,018,113 | ---- | M] () -- C:\Windows\10z095ro92d1.ocx
[2009/12/11 21:43:27 | 00,015,758 | ---- | M] () -- C:\Windows\718bdo5nloa9er5z0.dll
[2009/12/11 21:43:27 | 00,011,980 | ---- | M] () -- C:\Windows\SysWow64\45e9vzr312.cpl
[2009/12/11 21:43:27 | 00,009,581 | ---- | M] () -- C:\Windows\54309ozm632.dll
[2009/12/11 21:43:27 | 00,002,774 | ---- | M] () -- C:\Windows\SysWow64\15515w5rmzea9.ocx
[2009/12/11 21:43:26 | 00,017,356 | ---- | M] () -- C:\Windows\SysWow64\9955sparse25z7.exe
[2009/12/11 21:43:26 | 00,009,792 | ---- | M] () -- C:\Windows\29365wo9m35bz.dll
[2009/12/11 21:43:26 | 00,005,242 | ---- | M] () -- C:\Windows\8796hazkt5ol457.cpl
[2009/12/11 21:43:25 | 00,014,545 | ---- | M] () -- C:\Windows\646bstez525949.dll
[2009/12/11 21:43:25 | 00,014,096 | ---- | M] () -- C:\Windows\SysWow64\59684worm497z.exe
[2009/12/11 21:43:25 | 00,011,520 | ---- | M] () -- C:\Windows\SysWow64\6594thief2741z.dll
[2009/12/11 21:43:25 | 00,008,164 | ---- | M] () -- C:\Windows\6eabspzrs91528.dll
[2009/12/11 21:43:25 | 00,006,396 | ---- | M] () -- C:\Windows\SysWow64\27595spamb9t3a1z.cpl
[2009/12/11 21:43:25 | 00,003,000 | ---- | M] () -- C:\Windows\SysWow64\9c11st5al5z4.exe
[2009/12/11 21:43:24 | 00,007,595 | ---- | M] () -- C:\Windows\SysWow64\28zbs95al1938.ocx
[2009/12/11 21:43:24 | 00,007,244 | ---- | M] () -- C:\Windows\z4281virus9b15.ocx
[2009/12/11 21:43:24 | 00,005,362 | ---- | M] () -- C:\Windows\14d5szeal998.dll
[2009/12/11 21:43:24 | 00,002,769 | ---- | M] () -- C:\Windows\9988zo5m650.exe
[2009/12/11 21:43:23 | 00,009,193 | ---- | M] () -- C:\Windows\30593hackto5lzf9.cpl
[2009/12/11 21:43:23 | 00,005,293 | ---- | M] () -- C:\Windows\20609n9t-5-viruz2b7.bin
[2009/12/11 21:43:22 | 00,016,021 | ---- | M] () -- C:\Windows\5569virz115.ocx
[2009/12/11 21:43:22 | 00,012,327 | ---- | M] () -- C:\Windows\SysWow64\13542sz9788.dll
[2009/12/11 21:43:22 | 00,009,520 | ---- | M] () -- C:\Windows\SysWow64\3ad8th9ezt50092.bin
[2009/12/11 21:43:22 | 00,003,689 | ---- | M] () -- C:\Windows\SysWow64\2797s9ar5e1416z.dll
[2009/12/11 21:43:22 | 00,003,503 | ---- | M] () -- C:\Windows\SysWow64\198599roz6fd.ocx
[2009/12/11 21:43:21 | 00,011,891 | ---- | M] () -- C:\Windows\209355iruszd1.cpl
[2009/12/11 21:43:21 | 00,006,955 | ---- | M] () -- C:\Windows\5ab8thr9zt10447.dll
[2009/12/11 21:43:21 | 00,006,702 | ---- | M] () -- C:\Windows\SysWow64\974bzownloader1858.exe
[2009/12/11 21:43:20 | 00,009,519 | ---- | M] () -- C:\Windows\z10565py594.cpl
[2009/12/11 21:43:20 | 00,007,498 | ---- | M] () -- C:\Windows\2924spz6095.bin
[2009/12/11 21:43:20 | 00,002,822 | ---- | M] () -- C:\Windows\749dsparse19z5.cpl
[2009/12/11 21:43:19 | 00,017,415 | ---- | M] () -- C:\Windows\35cbbackdoo9397z.ocx
[2009/12/11 21:43:19 | 00,004,624 | ---- | M] () -- C:\Windows\SysWow64\98c2st5al8z5.ocx
[2009/12/11 21:43:18 | 00,012,106 | ---- | M] () -- C:\Windows\SysWow64\569zvir5583.exe
[2009/12/11 21:43:18 | 00,009,361 | ---- | M] () -- C:\Windows\SysWow64\39bcthrea5278z2.ocx
[2009/12/11 21:43:18 | 00,005,193 | ---- | M] () -- C:\Windows\693zv5r2508.bin
[2009/12/11 21:43:18 | 00,004,949 | ---- | M] () -- C:\Windows\SysWow64\5aeaa5dza9e1911.bin
[2009/12/11 21:43:18 | 00,004,612 | ---- | M] () -- C:\Windows\SysWow64\12259wor9zcb.ocx
[2009/12/11 21:43:18 | 00,002,868 | ---- | M] () -- C:\Windows\59e59teal8z8.dll
[2009/12/11 21:43:17 | 00,002,845 | ---- | M] () -- C:\Windows\15807t9oj45z.dll
[2009/12/11 21:43:16 | 00,017,416 | ---- | M] () -- C:\Windows\143969orm5z.ocx
[2009/12/11 21:43:16 | 00,015,896 | ---- | M] () -- C:\Windows\184959zy6b.cpl
[2009/12/11 21:43:16 | 00,003,289 | ---- | M] () -- C:\Windows\3574viruz695.exe
[2009/12/11 21:43:15 | 00,018,382 | ---- | M] () -- C:\Windows\725espz9a5e1690.dll
[2009/12/11 21:43:15 | 00,014,727 | ---- | M] () -- C:\Windows\3z400tro9750.ocx
[2009/12/11 21:43:15 | 00,014,088 | ---- | M] () -- C:\Windows\4e9zba5kdoor88.exe
[2009/12/11 21:43:15 | 00,011,885 | ---- | M] () -- C:\Windows\49bcdownlo95ez210.bin
[2009/12/11 21:43:14 | 00,017,317 | ---- | M] () -- C:\Windows\SysWow64\11b5viz3119.ocx
[2009/12/11 21:43:14 | 00,007,177 | ---- | M] () -- C:\Windows\36dzw9loa5er3102.exe
[2009/12/11 21:43:14 | 00,006,798 | ---- | M] () -- C:\Windows\5c0z9ownlo5der1990.bin
[2009/12/11 21:43:13 | 00,012,947 | ---- | M] () -- C:\Windows\SysWow64\352ethre9tz6218.bin
[2009/12/11 21:43:13 | 00,010,890 | ---- | M] () -- C:\Windows\5859spyz0.cpl
[2009/12/11 21:43:13 | 00,008,247 | ---- | M] () -- C:\Windows\SysWow64\2389a5zware869.dll
[2009/12/11 21:43:12 | 00,014,442 | ---- | M] () -- C:\Windows\SysWow64\51aedo5nloader2z639.cpl
[2009/12/11 21:43:12 | 00,012,186 | ---- | M] () -- C:\Windows\29314s5zmbotda.cpl
[2009/12/11 21:43:12 | 00,010,159 | ---- | M] () -- C:\Windows\51419spazbot299.dll
[2009/12/11 21:43:12 | 00,003,431 | ---- | M] () -- C:\Windows\SysWow64\5a9adownlo95erz519.dll
[2009/12/11 21:43:11 | 00,016,230 | ---- | M] () -- C:\Windows\17z8thie92587.dll
[2009/12/11 21:43:11 | 00,015,293 | ---- | M] () -- C:\Windows\1d31thrz5913545.dll
[2009/12/11 21:43:11 | 00,008,836 | ---- | M] () -- C:\Windows\SysWow64\590zvirus19.ocx
[2009/12/11 21:43:11 | 00,008,255 | ---- | M] () -- C:\Windows\18493nzt-a-9irus536.exe
[2009/12/11 21:43:10 | 00,013,539 | ---- | M] () -- C:\Windows\29fethre5t1z975.exe
[2009/12/11 21:43:10 | 00,012,117 | ---- | M] () -- C:\Windows\SysWow64\7995s5y55z.ocx
[2009/12/11 21:43:10 | 00,010,119 | ---- | M] () -- C:\Windows\SysWow64\7az9threat122995.bin
[2009/12/11 21:43:10 | 00,005,572 | ---- | M] () -- C:\Windows\5469zhief2255.cpl
[2009/12/11 21:43:09 | 00,011,878 | ---- | M] () -- C:\Windows\SysWow64\1z97s9yware28455.dll
[2009/12/11 21:43:08 | 00,007,251 | ---- | M] () -- C:\Windows\SysWow64\20796not-azvir5s737.ocx
[2009/12/11 21:43:08 | 00,006,792 | ---- | M] () -- C:\Windows\226355z9us452.bin
[2009/12/11 21:43:07 | 00,017,593 | ---- | M] () -- C:\Windows\SysWow64\1fzbadd9are30895.ocx
[2009/12/11 21:43:06 | 00,010,052 | ---- | M] () -- C:\Windows\SysWow64\56bfdownlozder599.cpl
[2009/12/11 21:43:06 | 00,006,937 | ---- | M] () -- C:\Windows\z5995troj695.cpl
[2009/12/11 21:43:06 | 00,002,942 | ---- | M] () -- C:\Windows\SysWow64\1013znot-a-vir5s23c9.exe
[2009/12/11 21:43:05 | 00,392,704 | ---- | M] () -- C:\Windows\SysWow64\liy8umxa.exe
[2009/12/11 21:43:05 | 00,007,842 | ---- | M] () -- C:\Windows\SysWow64\5b9fspazse2155.ocx
[2009/12/11 18:38:00 | 00,008,884 | ---- | M] () -- C:\Windows\55999ddware258z.ocx
[2009/12/11 18:01:05 | 00,000,584 | ---- | M] () -- C:\Windows\tasks\Norton Security Scan for Morris.job
[2009/12/11 18:00:28 | 00,012,633 | ---- | M] () -- C:\Windows\26333hack5oo95zc.ocx
[2009/12/11 06:33:00 | 00,007,603 | ---- | M] () -- C:\Windows\SysWow64\28038vir5s14z9.dll
[2009/12/10 03:23:24 | 00,524,288 | -HS- | M] () -- C:\Users\Morris\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms
[2009/12/10 03:23:24 | 00,065,536 | -HS- | M] () -- C:\Users\Morris\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf
[2009/12/10 03:22:36 | 02,437,220 | -H-- | M] () -- C:\Users\Morris\AppData\Local\IconCache.db
[2009/12/10 01:18:50 | 00,008,310 | ---- | M] () -- C:\Windows\7a5athizf9975.dll
[2009/12/10 00:48:12 | 00,004,527 | ---- | M] () -- C:\Windows\8908s5y5dz.exe
[2009/12/07 05:33:35 | 00,002,900 | ---- | M] () -- C:\Windows\544spy18z9.cpl
[2009/12/03 18:11:18 | 00,011,568 | ---- | M] () -- C:\Windows\SysWow64\1z4asparse3965.exe
[2009/12/03 03:32:15 | 00,007,006 | ---- | M] () -- C:\Windows\SysWow64\11d7szyware1959.cpl
[2009/12/02 14:45:43 | 00,018,322 | ---- | M] () -- C:\Windows\82s9a5zot2cb.bin
[2009/12/02 14:31:38 | 00,006,534 | ---- | M] () -- C:\Windows\2598spz9be.cpl
[2009/12/01 09:25:50 | 00,013,698 | ---- | M] () -- C:\Windows\3bz15hief119.cpl
[2009/11/30 23:19:54 | 00,011,180 | ---- | M] () -- C:\Windows\17722spambot95z.exe

========== Files Created - No Company Name ==========

[2009/12/25 16:54:19 | 00,008,075 | ---- | C] () -- C:\Windows\55c7zir9255.exe
[2009/12/25 11:11:11 | 00,004,562 | ---- | C] () -- C:\Windows\12a5b9ckdooz1295.dll
[2009/12/24 16:19:01 | 00,015,120 | ---- | C] () -- C:\Windows\SysWow64\9251vi95s14z.dll
[2009/12/23 01:08:31 | 00,009,023 | ---- | C] () -- C:\Windows\SysWow64\6a6fdownloa5er2329z.ocx
[2009/12/22 20:14:13 | 00,007,390 | ---- | C] () -- C:\Windows\7492szy53b9.exe
[2009/12/21 06:50:05 | 00,007,767 | ---- | C] () -- C:\Windows\SysWow64\23741haczt5ol397.ocx
[2009/12/19 10:18:16 | 00,016,941 | ---- | C] () -- C:\Windows\SysWow64\23973not-a-z5rus391.cpl
[2009/12/19 01:46:16 | 00,010,384 | ---- | C] () -- C:\Windows\5908thzea511390.cpl
[2009/12/17 02:11:21 | 00,005,234 | ---- | C] () -- C:\Windows\5d99vir1682z.dll
[2009/12/14 21:15:58 | 00,005,564 | ---- | C] () -- C:\Windows\1552szarse3089.cpl
[2009/12/14 14:08:41 | 00,015,256 | ---- | C] () -- C:\Windows\SysWow64\6790szea51159.ocx
[2009/12/13 22:12:42 | 00,015,225 | ---- | C] () -- C:\Windows\SysWow64\764dvi59001z.cpl
[2009/12/13 12:12:56 | 00,354,396 | ---- | C] () -- C:\Users\Morris\Desktop\SysProt.zip
[2009/12/13 11:03:27 | 00,009,256 | ---- | C] () -- C:\Windows\55c5threat91z52.bin
[2009/12/13 05:02:23 | 00,015,273 | ---- | C] () -- C:\Windows\SysWow64\2f5cspy9arz1683.cpl
[2009/12/13 00:16:29 | 00,005,339 | ---- | C] () -- C:\Windows\265z95ir9s19e.exe
[2009/12/12 12:10:36 | 00,081,288 | ---- | C] () -- C:\Users\Morris\Desktop\Muse ticket.pdf
[2009/12/12 10:39:20 | 00,001,930 | ---- | C] () -- C:\Users\Morris\Desktop\HijackThis.lnk
[2009/12/11 21:43:48 | 00,016,353 | ---- | C] () -- C:\Windows\SysWow64\99925rojz42.dll
[2009/12/11 21:43:48 | 00,014,769 | ---- | C] () -- C:\Windows\SysWow64\5b52tzief20749.bin
[2009/12/11 21:43:48 | 00,010,598 | ---- | C] () -- C:\Windows\92589hack5ool4zd.ocx
[2009/12/11 21:43:48 | 00,008,040 | ---- | C] () -- C:\Windows\4349sp9m5oz355.bin
[2009/12/11 21:43:47 | 00,018,128 | ---- | C] () -- C:\Windows\SysWow64\z957s59mbot513.exe
[2009/12/11 21:43:46 | 00,016,058 | ---- | C] () -- C:\Windows\SysWow64\1139zs9ambot659.cpl
[2009/12/11 21:43:46 | 00,010,258 | ---- | C] () -- C:\Windows\SysWow64\26631n9t-a-vi5us451z.ocx
[2009/12/11 21:43:46 | 00,005,068 | ---- | C] () -- C:\Windows\2e9zsp9rse1588.dll
[2009/12/11 21:43:45 | 00,009,761 | ---- | C] () -- C:\Windows\6ea1s5ywzre23469.ocx
[2009/12/11 21:43:45 | 00,004,796 | ---- | C] () -- C:\Windows\SysWow64\2099szywa5e2640.dll
[2009/12/11 21:43:45 | 00,003,226 | ---- | C] () -- C:\Windows\1a41zhrea511920.bin
[2009/12/11 21:43:44 | 00,003,890 | ---- | C] () -- C:\Windows\SysWow64\6857sp9rs512z7.cpl
[2009/12/11 21:43:43 | 00,017,383 | ---- | C] () -- C:\Windows\SysWow64\55fzdownload9r2594.dll
[2009/12/11 21:43:43 | 00,005,643 | ---- | C] () -- C:\Windows\SysWow64\59066virus2z9.ocx
[2009/12/11 21:43:42 | 00,013,325 | ---- | C] () -- C:\Windows\938z9spambo538.bin
[2009/12/11 21:43:42 | 00,011,146 | ---- | C] () -- C:\Windows\7998baczdoor859.exe
[2009/12/11 21:43:42 | 00,006,689 | ---- | C] () -- C:\Windows\SysWow64\38fathrez95594.bin
[2009/12/11 21:43:42 | 00,004,100 | ---- | C] () -- C:\Windows\3365worm6z99.dll
[2009/12/11 21:43:42 | 00,003,084 | ---- | C] () -- C:\Windows\SysWow64\5z37hack9ool708.exe
[2009/12/11 21:43:41 | 00,017,829 | ---- | C] () -- C:\Windows\SysWow64\4329zr5999.ocx
[2009/12/11 21:43:41 | 00,012,004 | ---- | C] () -- C:\Windows\SysWow64\5733a95ware2z95.cpl
[2009/12/11 21:43:41 | 00,011,429 | ---- | C] () -- C:\Windows\9590trzjc4.exe
[2009/12/11 21:43:41 | 00,009,559 | ---- | C] () -- C:\Windows\951005orm613z.cpl
[2009/12/11 21:43:41 | 00,005,133 | ---- | C] () -- C:\Windows\11236n5t-a-9iruz47c.dll
[2009/12/11 21:43:40 | 00,017,693 | ---- | C] () -- C:\Windows\SysWow64\555s9yz02.exe
[2009/12/11 21:43:40 | 00,017,477 | ---- | C] () -- C:\Windows\5z34th5e91566.bin
[2009/12/11 21:43:40 | 00,010,555 | ---- | C] () -- C:\Windows\z2935not-a-v9rus579.ocx
[2009/12/11 21:43:39 | 00,009,981 | ---- | C] () -- C:\Windows\SysWow64\9830zacktool385.exe
[2009/12/11 21:43:39 | 00,009,536 | ---- | C] () -- C:\Windows\38b9thiefz6175.exe
[2009/12/11 21:43:39 | 00,007,883 | ---- | C] () -- C:\Windows\SysWow64\z925v9rus532.cpl
[2009/12/11 21:43:39 | 00,003,576 | ---- | C] () -- C:\Windows\759dtzreat29233.ocx
[2009/12/11 21:43:38 | 00,011,091 | ---- | C] () -- C:\Windows\2z55s9arse711.bin
[2009/12/11 21:43:38 | 00,003,362 | ---- | C] () -- C:\Windows\36athr95z31015.cpl
[2009/12/11 21:43:37 | 00,015,998 | ---- | C] () -- C:\Windows\7db7addwar919z35.bin
[2009/12/11 21:43:37 | 00,015,352 | ---- | C] () -- C:\Windows\28752virus6z09.bin
[2009/12/11 21:43:37 | 00,002,564 | ---- | C] () -- C:\Windows\40ezvi5946.dll
[2009/12/11 21:43:36 | 00,018,009 | ---- | C] () -- C:\Windows\9z68s5arse2349.dll
[2009/12/11 21:43:36 | 00,011,910 | ---- | C] () -- C:\Windows\SysWow64\1z75ackdo9r1691.cpl
[2009/12/11 21:43:35 | 00,007,848 | ---- | C] () -- C:\Windows\6d5ethze9t504.ocx
[2009/12/11 21:43:34 | 00,010,467 | ---- | C] () -- C:\Windows\4c82thze5t22295.dll
[2009/12/11 21:43:34 | 00,008,278 | ---- | C] () -- C:\Windows\SysWow64\25541hzckt9olbd.dll
[2009/12/11 21:43:34 | 00,007,028 | ---- | C] () -- C:\Windows\1499steal1z35.bin
[2009/12/11 21:43:34 | 00,006,840 | ---- | C] () -- C:\Windows\SysWow64\395downlozder2446.exe
[2009/12/11 21:43:34 | 00,004,695 | ---- | C] () -- C:\Windows\SysWow64\28983virus53z9.bin
[2009/12/11 21:43:34 | 00,004,581 | ---- | C] () -- C:\Windows\7975viz790.cpl
[2009/12/11 21:43:33 | 00,018,105 | ---- | C] () -- C:\Windows\95897w5rm2za.exe
[2009/12/11 21:43:33 | 00,018,048 | ---- | C] () -- C:\Windows\24779w5rz53e.dll
[2009/12/11 21:43:33 | 00,016,987 | ---- | C] () -- C:\Windows\SysWow64\103z5irus729.exe
[2009/12/11 21:43:33 | 00,014,422 | ---- | C] () -- C:\Windows\SysWow64\59ccth5eat96921z.cpl
[2009/12/11 21:43:33 | 00,009,869 | ---- | C] () -- C:\Windows\SysWow64\5bb2v9z2570.cpl
[2009/12/11 21:43:33 | 00,007,730 | ---- | C] () -- C:\Windows\6906d5wnloader8z8.ocx
[2009/12/11 21:43:32 | 00,018,151 | ---- | C] () -- C:\Windows\3359zpambo57c89.ocx
[2009/12/11 21:43:32 | 00,013,822 | ---- | C] () -- C:\Windows\SysWow64\247955py52ez.ocx
[2009/12/11 21:43:32 | 00,003,352 | ---- | C] () -- C:\Windows\2205z9iru569c.exe
[2009/12/11 21:43:32 | 00,003,040 | ---- | C] () -- C:\Windows\13995sp55z1.bin
[2009/12/11 21:43:31 | 00,015,608 | ---- | C] () -- C:\Windows\3865sp96a5z.exe
[2009/12/11 21:43:31 | 00,006,624 | ---- | C] () -- C:\Windows\937z3viru5345.bin
[2009/12/11 21:43:30 | 00,017,979 | ---- | C] () -- C:\Windows\SysWow64\152529zrm453.exe
[2009/12/11 21:43:30 | 00,015,132 | ---- | C] () -- C:\Windows\SysWow64\24595irus60z.bin
[2009/12/11 21:43:30 | 00,004,330 | ---- | C] () -- C:\Windows\59e2addwz5e2352.ocx
[2009/12/11 21:43:29 | 00,012,253 | ---- | C] () -- C:\Windows\SysWow64\90c3zpywa5e738.ocx
[2009/12/11 21:43:29 | 00,010,864 | ---- | C] () -- C:\Windows\SysWow64\293795zrus478.cpl
[2009/12/11 21:43:29 | 00,010,090 | ---- | C] () -- C:\Windows\9384s594fz.ocx
[2009/12/11 21:43:28 | 00,017,990 | ---- | C] () -- C:\Windows\SysWow64\825z9o5m7c1.ocx
[2009/12/11 21:43:28 | 00,006,176 | ---- | C] () -- C:\Windows\242cazdw5re2991.exe
[2009/12/11 21:43:28 | 00,005,373 | ---- | C] () -- C:\Windows\50z61sp9126.exe
[2009/12/11 21:43:28 | 00,005,087 | ---- | C] () -- C:\Windows\6a0zsp9rse8275.exe
[2009/12/11 21:43:27 | 00,018,291 | ---- | C] () -- C:\Windows\SysWow64\6956vir5995z.dll
[2009/12/11 21:43:27 | 00,018,113 | ---- | C] () -- C:\Windows\10z095ro92d1.ocx
[2009/12/11 21:43:27 | 00,015,758 | ---- | C] () -- C:\Windows\718bdo5nloa9er5z0.dll
[2009/12/11 21:43:27 | 00,011,980 | ---- | C] () -- C:\Windows\SysWow64\45e9vzr312.cpl
[2009/12/11 21:43:27 | 00,009,581 | ---- | C] () -- C:\Windows\54309ozm632.dll
[2009/12/11 21:43:27 | 00,002,774 | ---- | C] () -- C:\Windows\SysWow64\15515w5rmzea9.ocx
[2009/12/11 21:43:26 | 00,017,356 | ---- | C] () -- C:\Windows\SysWow64\9955sparse25z7.exe
[2009/12/11 21:43:26 | 00,009,792 | ---- | C] () -- C:\Windows\29365wo9m35bz.dll
[2009/12/11 21:43:26 | 00,005,242 | ---- | C] () -- C:\Windows\8796hazkt5ol457.cpl
[2009/12/11 21:43:25 | 00,014,545 | ---- | C] () -- C:\Windows\646bstez525949.dll
[2009/12/11 21:43:25 | 00,014,096 | ---- | C] () -- C:\Windows\SysWow64\59684worm497z.exe
[2009/12/11 21:43:25 | 00,011,520 | ---- | C] () -- C:\Windows\SysWow64\6594thief2741z.dll
[2009/12/11 21:43:25 | 00,008,164 | ---- | C] () -- C:\Windows\6eabspzrs91528.dll
[2009/12/11 21:43:25 | 00,006,396 | ---- | C] () -- C:\Windows\SysWow64\27595spamb9t3a1z.cpl
[2009/12/11 21:43:25 | 00,003,000 | ---- | C] () -- C:\Windows\SysWow64\9c11st5al5z4.exe
[2009/12/11 21:43:24 | 00,007,595 | ---- | C] () -- C:\Windows\SysWow64\28zbs95al1938.ocx
[2009/12/11 21:43:24 | 00,007,244 | ---- | C] () -- C:\Windows\z4281virus9b15.ocx
[2009/12/11 21:43:24 | 00,005,362 | ---- | C] () -- C:\Windows\14d5szeal998.dll
[2009/12/11 21:43:24 | 00,002,769 | ---- | C] () -- C:\Windows\9988zo5m650.exe
[2009/12/11 21:43:23 | 00,009,193 | ---- | C] () -- C:\Windows\30593hackto5lzf9.cpl
[2009/12/11 21:43:23 | 00,005,293 | ---- | C] () -- C:\Windows\20609n9t-5-viruz2b7.bin
[2009/12/11 21:43:22 | 00,016,021 | ---- | C] () -- C:\Windows\5569virz115.ocx
[2009/12/11 21:43:22 | 00,012,327 | ---- | C] () -- C:\Windows\SysWow64\13542sz9788.dll
[2009/12/11 21:43:22 | 00,009,520 | ---- | C] () -- C:\Windows\SysWow64\3ad8th9ezt50092.bin
[2009/12/11 21:43:22 | 00,003,689 | ---- | C] () -- C:\Windows\SysWow64\2797s9ar5e1416z.dll
[2009/12/11 21:43:22 | 00,003,503 | ---- | C] () -- C:\Windows\SysWow64\198599roz6fd.ocx
[2009/12/11 21:43:21 | 00,011,891 | ---- | C] () -- C:\Windows\209355iruszd1.cpl
[2009/12/11 21:43:21 | 00,006,955 | ---- | C] () -- C:\Windows\5ab8thr9zt10447.dll
[2009/12/11 21:43:21 | 00,006,702 | ---- | C] () -- C:\Windows\SysWow64\974bzownloader1858.exe
[2009/12/11 21:43:20 | 00,009,519 | ---- | C] () -- C:\Windows\z10565py594.cpl
[2009/12/11 21:43:20 | 00,007,498 | ---- | C] () -- C:\Windows\2924spz6095.bin
[2009/12/11 21:43:20 | 00,002,822 | ---- | C] () -- C:\Windows\749dsparse19z5.cpl
[2009/12/11 21:43:19 | 00,017,415 | ---- | C] () -- C:\Windows\35cbbackdoo9397z.ocx
[2009/12/11 21:43:19 | 00,004,624 | ---- | C] () -- C:\Windows\SysWow64\98c2st5al8z5.ocx
[2009/12/11 21:43:18 | 00,012,106 | ---- | C] () -- C:\Windows\SysWow64\569zvir5583.exe
[2009/12/11 21:43:18 | 00,009,361 | ---- | C] () -- C:\Windows\SysWow64\39bcthrea5278z2.ocx
[2009/12/11 21:43:18 | 00,005,193 | ---- | C] () -- C:\Windows\693zv5r2508.bin
[2009/12/11 21:43:18 | 00,004,949 | ---- | C] () -- C:\Windows\SysWow64\5aeaa5dza9e1911.bin
[2009/12/11 21:43:18 | 00,004,612 | ---- | C] () -- C:\Windows\SysWow64\12259wor9zcb.ocx
[2009/12/11 21:43:18 | 00,002,868 | ---- | C] () -- C:\Windows\59e59teal8z8.dll
[2009/12/11 21:43:17 | 00,002,845 | ---- | C] () -- C:\Windows\15807t9oj45z.dll
[2009/12/11 21:43:16 | 00,017,416 | ---- | C] () -- C:\Windows\143969orm5z.ocx
[2009/12/11 21:43:16 | 00,015,896 | ---- | C] () -- C:\Windows\184959zy6b.cpl
[2009/12/11 21:43:16 | 00,003,289 | ---- | C] () -- C:\Windows\3574viruz695.exe
[2009/12/11 21:43:15 | 00,018,382 | ---- | C] () -- C:\Windows\725espz9a5e1690.dll
[2009/12/11 21:43:15 | 00,014,727 | ---- | C] () -- C:\Windows\3z400tro9750.ocx
[2009/12/11 21:43:15 | 00,014,088 | ---- | C] () -- C:\Windows\4e9zba5kdoor88.exe
[2009/12/11 21:43:15 | 00,011,885 | ---- | C] () -- C:\Windows\49bcdownlo95ez210.bin
[2009/12/11 21:43:14 | 00,017,317 | ---- | C] () -- C:\Windows\SysWow64\11b5viz3119.ocx
[2009/12/11 21:43:14 | 00,007,177 | ---- | C] () -- C:\Windows\36dzw9loa5er3102.exe
[2009/12/11 21:43:14 | 00,006,798 | ---- | C] () -- C:\Windows\5c0z9ownlo5der1990.bin
[2009/12/11 21:43:13 | 00,012,947 | ---- | C] () -- C:\Windows\SysWow64\352ethre9tz6218.bin
[2009/12/11 21:43:13 | 00,010,890 | ---- | C] () -- C:\Windows\5859spyz0.cpl
[2009/12/11 21:43:13 | 00,008,247 | ---- | C] () -- C:\Windows\SysWow64\2389a5zware869.dll
[2009/12/11 21:43:12 | 00,014,442 | ---- | C] () -- C:\Windows\SysWow64\51aedo5nloader2z639.cpl
[2009/12/11 21:43:12 | 00,012,186 | ---- | C] () -- C:\Windows\29314s5zmbotda.cpl
[2009/12/11 21:43:12 | 00,010,159 | ---- | C] () -- C:\Windows\51419spazbot299.dll
[2009/12/11 21:43:12 | 00,003,431 | ---- | C] () -- C:\Windows\SysWow64\5a9adownlo95erz519.dll
[2009/12/11 21:43:11 | 00,016,230 | ---- | C] () -- C:\Windows\17z8thie92587.dll
[2009/12/11 21:43:11 | 00,015,293 | ---- | C] () -- C:\Windows\1d31thrz5913545.dll
[2009/12/11 21:43:11 | 00,008,836 | ---- | C] () -- C:\Windows\SysWow64\590zvirus19.ocx
[2009/12/11 21:43:11 | 00,008,255 | ---- | C] () -- C:\Windows\18493nzt-a-9irus536.exe
[2009/12/11 21:43:10 | 00,013,539 | ---- | C] () -- C:\Windows\29fethre5t1z975.exe
[2009/12/11 21:43:10 | 00,012,117 | ---- | C] () -- C:\Windows\SysWow64\7995s5y55z.ocx
[2009/12/11 21:43:10 | 00,010,119 | ---- | C] () -- C:\Windows\SysWow64\7az9threat122995.bin
[2009/12/11 21:43:10 | 00,005,572 | ---- | C] () -- C:\Windows\5469zhief2255.cpl
[2009/12/11 21:43:09 | 00,011,878 | ---- | C] () -- C:\Windows\SysWow64\1z97s9yware28455.dll
[2009/12/11 21:43:08 | 00,007,251 | ---- | C] () -- C:\Windows\SysWow64\20796not-azvir5s737.ocx
[2009/12/11 21:43:08 | 00,006,792 | ---- | C] () -- C:\Windows\226355z9us452.bin
[2009/12/11 21:43:07 | 00,017,593 | ---- | C] () -- C:\Windows\SysWow64\1fzbadd9are30895.ocx
[2009/12/11 21:43:06 | 00,010,052 | ---- | C] () -- C:\Windows\SysWow64\56bfdownlozder599.cpl
[2009/12/11 21:43:06 | 00,006,937 | ---- | C] () -- C:\Windows\z5995troj695.cpl
[2009/12/11 21:43:06 | 00,002,942 | ---- | C] () -- C:\Windows\SysWow64\1013znot-a-vir5s23c9.exe
[2009/12/11 21:43:05 | 00,392,704 | ---- | C] () -- C:\Windows\SysWow64\liy8umxa.exe
[2009/12/11 21:43:05 | 00,007,842 | ---- | C] () -- C:\Windows\SysWow64\5b9fspazse2155.ocx
[2009/12/11 18:38:00 | 00,008,884 | ---- | C] () -- C:\Windows\55999ddware258z.ocx
[2009/12/11 18:00:28 | 00,012,633 | ---- | C] () -- C:\Windows\26333hack5oo95zc.ocx
[2009/12/11 06:33:00 | 00,007,603 | ---- | C] () -- C:\Windows\SysWow64\28038vir5s14z9.dll
[2009/12/10 03:00:32 | 00,032,768 | ---- | C] () -- C:\Windows\SysNative\nshhttp.dll
[2009/12/10 03:00:28 | 00,610,304 | ---- | C] () -- C:\Windows\SysNative\drivers\http.sys
[2009/12/10 03:00:28 | 00,033,792 | ---- | C] () -- C:\Windows\SysNative\httpapi.dll
[2009/12/10 01:18:50 | 00,008,310 | ---- | C] () -- C:\Windows\7a5athizf9975.dll
[2009/12/10 00:48:12 | 00,004,527 | ---- | C] () -- C:\Windows\8908s5y5dz.exe
[2009/12/09 08:02:45 | 00,442,368 | ---- | C] () -- C:\Windows\SysNative\winhttp.dll
[2009/12/09 08:02:41 | 12,462,080 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll
[2009/12/09 08:02:41 | 09,237,504 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll
[2009/12/09 08:02:38 | 02,334,208 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll
[2009/12/09 08:02:37 | 01,484,288 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll
[2009/12/09 08:02:37 | 01,147,904 | ---- | C] () -- C:\Windows\SysNative\wininet.dll
[2009/12/09 08:02:37 | 00,459,776 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll
[2009/12/09 08:02:36 | 01,538,560 | ---- | C] () -- C:\Windows\SysNative\inetcpl.cpl
[2009/12/09 08:02:36 | 00,700,928 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll
[2009/12/09 08:02:36 | 00,252,416 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll
[2009/12/09 08:02:36 | 00,243,712 | ---- | C] () -- C:\Windows\SysNative\occache.dll
[2009/12/09 08:02:36 | 00,219,136 | ---- | C] () -- C:\Windows\SysNative\ieui.dll
[2009/12/09 08:02:36 | 00,162,816 | ---- | C] () -- C:\Windows\SysNative\ieUnatt.exe
[2009/12/09 08:02:36 | 00,132,096 | ---- | C] () -- C:\Windows\SysNative\iesysprep.dll
[2009/12/09 08:02:36 | 00,072,192 | ---- | C] () -- C:\Windows\SysNative\iernonce.dll
[2009/12/09 08:02:36 | 00,071,680 | ---- | C] () -- C:\Windows\SysNative\msfeedsbs.dll
[2009/12/09 08:02:36 | 00,070,656 | ---- | C] () -- C:\Windows\SysNative\ie4uinit.exe
[2009/12/09 08:02:36 | 00,031,744 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll
[2009/12/09 08:02:36 | 00,012,288 | ---- | C] () -- C:\Windows\SysNative\msfeedssync.exe
[2009/12/09 08:02:35 | 01,638,912 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb
[2009/12/09 08:02:35 | 00,077,312 | ---- | C] () -- C:\Windows\SysNative\iesetup.dll
[2009/12/09 08:02:33 | 00,295,936 | ---- | C] () -- C:\Windows\SysNative\raschap.dll
[2009/12/09 08:02:33 | 00,280,576 | ---- | C] () -- C:\Windows\SysNative\rastls.dll
[2009/12/07 05:33:35 | 00,002,900 | ---- | C] () -- C:\Windows\544spy18z9.cpl
[2009/12/03 18:11:18 | 00,011,568 | ---- | C] () -- C:\Windows\SysWow64\1z4asparse3965.exe
[2009/12/03 03:32:15 | 00,007,006 | ---- | C] () -- C:\Windows\SysWow64\11d7szyware1959.cpl
[2009/12/02 14:45:43 | 00,018,322 | ---- | C] () -- C:\Windows\82s9a5zot2cb.bin
[2009/12/02 14:31:38 | 00,006,534 | ---- | C] () -- C:\Windows\2598spz9be.cpl
[2009/12/01 09:25:50 | 00,013,698 | ---- | C] () -- C:\Windows\3bz15hief119.cpl
[2009/11/30 23:19:54 | 00,011,180 | ---- | C] () -- C:\Windows\17722spambot95z.exe
[2009/11/27 01:22:54 | 00,011,712 | ---- | C] () -- C:\Windows\193z7virus536.dll
[2009/11/25 18:45:53 | 00,015,385 | ---- | C] () -- C:\Windows\SysWow64\25359hacktooz191.dll
[2009/11/24 10:02:07 | 00,002,617 | ---- | C] () -- C:\Windows\SysWow64\3z2w9rm5df.dll
[2009/11/17 05:02:05 | 00,018,429 | ---- | C] () -- C:\Windows\SysWow64\6944spamb5t6c4z.dll
[2009/11/15 03:04:22 | 00,015,867 | ---- | C] () -- C:\Windows\SysWow64\30617spambotz95.dll
[2009/11/14 19:21:32 | 00,007,511 | ---- | C] () -- C:\Windows\944zp5rse2695.dll
[2009/11/13 11:08:32 | 00,010,752 | ---- | C] () -- C:\Windows\z2525ackt9ol485.dll
[2009/11/12 11:23:03 | 00,017,771 | ---- | C] () -- C:\Windows\SysWow64\24705trzj194.dll
[2009/11/11 06:17:48 | 00,004,788 | ---- | C] () -- C:\Windows\z950addware99.dll
[2009/11/08 23:14:21 | 00,010,309 | ---- | C] () -- C:\Windows\SysWow64\zdfback5oor4229.dll
[2009/11/04 09:48:06 | 00,018,234 | ---- | C] () -- C:\Windows\SysWow64\31zathre5t7896.dll
[2009/11/03 10:53:20 | 00,005,065 | ---- | C] () -- C:\Windows\SysWow64\61e4threa918z325.dll
[2009/10/25 17:01:07 | 00,010,027 | ---- | C] () -- C:\Windows\SysWow64\139z5sp52bc.dll
[2009/10/20 07:22:16 | 00,007,684 | ---- | C] () -- C:\Windows\248645pzm9ot348.dll
[2009/10/18 12:21:05 | 00,006,225 | ---- | C] () -- C:\Windows\7956spy5ar9169z.dll
[2009/10/18 02:10:00 | 00,008,331 | ---- | C] () -- C:\Windows\SysWow64\6290thzeat58175.dll
[2009/10/16 02:04:08 | 00,013,210 | ---- | C] () -- C:\Windows\SysWow64\9597bazkdoo5636.dll
[2009/10/14 09:47:31 | 00,017,714 | ---- | C] () -- C:\Windows\SysWow64\8748t9oj3z5.dll
[2009/10/10 03:39:36 | 00,002,776 | ---- | C] () -- C:\Windows\39e8downl5aderz579.dll
[2009/10/08 09:39:36 | 00,009,589 | ---- | C] () -- C:\Windows\SysWow64\z651059rus21d.dll
[2009/10/06 13:29:22 | 00,014,184 | ---- | C] () -- C:\Windows\SysWow64\1563zspambot59e5.dll
[2009/10/05 03:43:15 | 00,014,266 | ---- | C] () -- C:\Windows\SysWow64\25228wozm7599.dll
[2009/10/04 11:50:32 | 00,009,144 | ---- | C] () -- C:\Windows\885thie913z0.dll
[2009/09/23 21:40:57 | 00,005,642 | ---- | C] () -- C:\Windows\SysWow64\935spamzo557c.dll
[2009/09/22 14:24:15 | 00,003,487 | ---- | C] () -- C:\Windows\SysWow64\754fspyware5293z.dll
[2009/09/16 11:40:36 | 00,008,301 | ---- | C] () -- C:\Windows\SysWow64\5e21ad9w5re1041z.dll
[2009/09/07 13:29:07 | 00,015,508 | ---- | C] () -- C:\Windows\SysWow64\3z58download9r1163.dll
[2009/08/14 09:00:28 | 00,000,732 | ---- | C] () -- C:\Users\Morris\AppData\Local\d3d9caps64.dat
[2009/08/08 02:39:13 | 00,012,843 | ---- | C] () -- C:\Windows\SysWow64\55a1thr9az7919.dll
[2009/08/07 12:31:45 | 00,004,683 | ---- | C] () -- C:\Windows\SysWow64\506dv5z949.dll
[2009/08/05 01:28:50 | 00,007,634 | ---- | C] () -- C:\Windows\SysWow64\8559troz35b.dll
[2009/07/18 09:39:36 | 00,004,174 | ---- | C] () -- C:\Windows\59885rojzc8.dll
[2009/07/14 22:26:18 | 00,018,071 | ---- | C] () -- C:\Windows\SysWow64\9240not-a9virzs57e.dll
[2009/07/12 12:14:40 | 00,009,511 | ---- | C] () -- C:\Windows\9z05s9amb5t650.dll
[2009/07/09 16:16:36 | 00,014,405 | ---- | C] () -- C:\Windows\27388vzr95216.dll
[2009/07/07 19:45:19 | 00,003,171 | ---- | C] () -- C:\Windows\395adownloader5893z.dll
[2009/07/07 01:56:00 | 00,002,641 | ---- | C] () -- C:\Windows\28269hack5ool5az.dll
[2009/07/04 14:53:12 | 00,017,780 | ---- | C] () -- C:\Windows\SysWow64\5e6spywzre129.dll
[2009/06/22 15:43:51 | 00,004,749 | ---- | C] () -- C:\Windows\SysWow64\31557zpambo963a.dll
[2009/06/18 16:50:54 | 00,000,577 | ---- | C] () -- C:\Windows\hegames.ini
[2009/06/05 14:28:07 | 00,016,027 | ---- | C] () -- C:\Windows\913cspazs5131.dll
[2009/06/03 06:16:06 | 00,009,524 | ---- | C] () -- C:\Windows\SysWow64\13119acktool1f5z.dll
[2009/05/23 23:14:25 | 00,008,139 | ---- | C] () -- C:\Windows\SysWow64\31124hac5tool2ze9.dll
[2009/05/23 13:07:41 | 00,015,929 | ---- | C] () -- C:\Windows\6aadsz5r9e1460.dll
[2009/05/13 18:35:33 | 00,007,610 | ---- | C] () -- C:\Windows\1661ad5zar93148.dll
[2009/05/01 19:10:41 | 00,004,072 | ---- | C] () -- C:\Windows\5f1bv9r6z.dll
[2009/04/27 16:59:09 | 00,010,069 | ---- | C] () -- C:\Windows\52b5zir2691.dll
[2009/04/27 15:17:51 | 00,005,845 | ---- | C] () -- C:\Windows\SysWow64\99z29r5j493.dll
[2009/04/26 19:30:44 | 00,018,063 | ---- | C] () -- C:\Windows\2ez5vir2909.dll
[2009/04/24 00:11:05 | 00,005,669 | ---- | C] () -- C:\Windows\SysWow64\3af8thiz51539.dll
[2009/04/17 05:00:34 | 00,012,760 | ---- | C] () -- C:\Windows\452zspyware819.dll
[2009/04/12 01:55:54 | 00,011,094 | ---- | C] () -- C:\Windows\21z09w5rm2e5.dll
[2009/04/09 01:32:34 | 00,004,857 | ---- | C] () -- C:\Windows\SysWow64\2825z9yware2285.dll
[2009/04/01 07:30:28 | 00,011,546 | ---- | C] () -- C:\Windows\SysWow64\24214vz59s712.dll
[2009/03/19 17:12:53 | 00,003,997 | ---- | C] () -- C:\Windows\15991vzru9d7.dll
[2009/03/13 22:30:46 | 00,003,515 | ---- | C] () -- C:\Windows\12432noz-59virus307.dll
[2009/03/13 09:59:22 | 00,003,059 | ---- | C] () -- C:\Windows\SysWow64\71s9arse1z53.dll
[2009/03/08 09:31:43 | 00,008,375 | ---- | C] () -- C:\Windows\7693v5r2519z.dll
[2009/03/06 13:12:33 | 00,005,950 | ---- | C] () -- C:\Windows\2490stzal5855.dll
[2009/02/23 17:51:52 | 00,015,532 | ---- | C] () -- C:\Windows\37z9w5rm6f6.dll
[2009/02/15 10:22:51 | 00,009,659 | ---- | C] () -- C:\Windows\5195spar5ez204.dll
[2009/02/10 13:04:53 | 00,017,332 | ---- | C] () -- C:\Windows\SysWow64\c7zspa95e2365.dll
[2009/02/08 01:18:14 | 00,014,941 | ---- | C] () -- C:\Windows\9925spambot39z.dll
[2009/01/25 05:40:25 | 00,014,596 | ---- | C] () -- C:\Windows\SysWow64\30531h95ztool8d.dll
[2009/01/05 14:44:10 | 00,000,453 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2008/12/19 23:54:09 | 00,011,233 | ---- | C] () -- C:\Windows\5053baz9door19705.dll
[2008/12/16 00:21:09 | 00,009,964 | ---- | C] () -- C:\Windows\SysWow64\503zw95m83.dll
[2008/12/01 22:08:51 | 00,002,758 | ---- | C] () -- C:\Windows\45379pywaze2159.dll
[2008/11/24 21:07:53 | 00,016,708 | ---- | C] () -- C:\Windows\59ezsparse2717.dll
[2008/11/21 12:43:37 | 00,009,338 | ---- | C] () -- C:\Windows\4092dow5loadez1531.dll
[2008/11/20 01:26:30 | 00,003,787 | ---- | C] () -- C:\Windows\354z4troj593.dll
[2008/11/15 20:22:46 | 00,044,544 | ---- | C] () -- C:\Windows\SysWow64\GIF89.DLL
[2008/11/09 10:43:46 | 00,003,636 | ---- | C] () -- C:\Windows\SysWow64\51301not9a-viruszb8.dll
[2008/11/05 18:25:57 | 00,000,449 | ---- | C] () -- C:\Windows\SIERRA.INI
[2008/10/26 22:34:34 | 00,006,672 | ---- | C] () -- C:\Windows\1117ztroj5b9.dll
[2008/10/22 21:14:28 | 00,005,893 | ---- | C] () -- C:\Windows\61db5ownl9zder2230.dll
[2008/10/21 19:12:16 | 00,013,040 | ---- | C] () -- C:\Windows\SysWow64\59d5backdoor9z0.dll
[2008/10/21 14:40:16 | 00,015,749 | ---- | C] () -- C:\Windows\SysWow64\523559yz31.dll
[2008/10/20 01:38:25 | 00,018,298 | ---- | C] () -- C:\Windows\SysWow64\96569spy632z.dll
[2008/10/18 16:42:22 | 00,017,625 | ---- | C] () -- C:\Windows\358zth5eat12259.dll
[2008/10/17 23:01:48 | 00,008,748 | ---- | C] () -- C:\Windows\22282notza5viru93a0.dll
[2008/10/17 04:04:54 | 00,008,878 | ---- | C] () -- C:\Windows\SysWow64\3b5zt5ief5729.dll
[2008/10/12 22:22:09 | 00,018,049 | ---- | C] () -- C:\Windows\SysWow64\5984spars5397z.dll
[2008/10/07 14:39:05 | 00,003,067 | ---- | C] () -- C:\Windows\2z7ft9reat555.dll
[2008/10/07 09:18:57 | 00,007,483 | ---- | C] () -- C:\Windows\254z9tr5j5129.dll
[2008/10/05 03:58:12 | 00,010,890 | ---- | C] () -- C:\Windows\5d8bthrea5971z9.dll
[2008/10/05 03:12:09 | 00,013,431 | ---- | C] () -- C:\Windows\SysWow64\259asteal6z7.dll
[2008/09/26 20:13:17 | 00,005,379 | ---- | C] () -- C:\Windows\SysWow64\5zfesteal19685.dll
[2008/09/26 18:41:02 | 00,009,887 | ---- | C] () -- C:\Windows\SysWow64\240635pz390.dll
[2008/09/24 16:33:15 | 00,000,000 | ---- | C] () -- C:\Users\Morris\AppData\Roaming\wklnhst.dat
[2008/09/21 15:20:45 | 00,014,466 | ---- | C] () -- C:\Windows\111z59rm55.dll
[2008/09/14 12:25:19 | 00,013,390 | ---- | C] () -- C:\Windows\SysWow64\657t9oj656z.dll
[2008/09/10 18:46:35 | 00,004,972 | ---- | C] () -- C:\Windows\SysWow64\2a8edo9nloa5er2952z.dll
[2008/08/27 21:28:49 | 00,015,143 | ---- | C] () -- C:\Windows\312downloa5zr2759.dll
[2008/08/20 07:51:11 | 00,004,195 | ---- | C] () -- C:\Windows\SysWow64\20z75not-a-v9rus20e.dll
[2008/08/18 05:03:55 | 00,006,745 | ---- | C] () -- C:\Windows\SysWow64\95f4addzare5394.dll
[2008/08/11 18:14:43 | 00,016,842 | ---- | C] () -- C:\Windows\SysWow64\1z589troj234.dll
[2008/08/11 12:47:56 | 00,011,777 | ---- | C] () -- C:\Windows\SysWow64\6eb9thizf1051.dll
[2008/08/11 03:48:23 | 00,014,458 | ---- | C] () -- C:\Windows\8435wor97za5.dll
[2008/08/05 23:15:11 | 00,006,005 | ---- | C] () -- C:\Windows\z975spa5se2891.dll
[2008/08/03 23:44:25 | 00,014,847 | ---- | C] () -- C:\Windows\SysWow64\5270szyware3953.dll
[2008/07/16 10:39:45 | 00,032,768 | ---- | C] () -- C:\Users\Morris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/07/15 02:24:32 | 00,003,495 | ---- | C] () -- C:\Windows\SysWow64\6e54thre9t255z3.dll
[2008/07/11 15:03:04 | 00,009,437 | ---- | C] () -- C:\Windows\4fzbdo9nloader1508.dll
[2008/07/10 01:48:37 | 00,017,120 | ---- | C] () -- C:\Windows\SysWow64\15c49teal239z.dll
[2008/07/08 03:47:25 | 00,016,502 | ---- | C] () -- C:\Windows\6693not-a-v9zu51e8.dll
[2008/07/07 18:12:59 | 00,015,164 | ---- | C] () -- C:\Windows\3c75spars588z9.dll
[2008/07/07 17:38:35 | 00,004,375 | ---- | C] () -- C:\Windows\5c74zackdoo9498.dll
[2008/07/05 10:21:38 | 00,004,742 | ---- | C] () -- C:\Windows\1591zs5y599.dll
[2008/07/05 05:24:17 | 00,015,525 | ---- | C] () -- C:\Windows\21590h5zktool395.dll
[2008/06/27 22:19:19 | 00,013,916 | ---- | C] () -- C:\Windows\SysWow64\16fathiefz597.dll
[2008/06/26 09:11:39 | 00,013,740 | ---- | C] () -- C:\Windows\7984spambot3z05.dll
[2008/06/22 02:09:39 | 00,015,907 | ---- | C] () -- C:\Windows\22183not-a5viruz6f9.dll
[2008/06/05 12:54:05 | 00,009,413 | ---- | C] () -- C:\Windows\SysWow64\z1597virus7695.dll
[2008/06/04 00:24:41 | 00,018,178 | ---- | C] () -- C:\Windows\SysWow64\96a9s5arsez70.dll
[2008/06/01 05:19:42 | 00,002,926 | ---- | C] () -- C:\Windows\43fz9teal25075.dll
[2008/05/24 18:48:42 | 00,003,458 | ---- | C] () -- C:\Windows\SysWow64\93955hacztool23a.dll
[2008/05/23 11:38:01 | 00,008,375 | ---- | C] () -- C:\Windows\SysWow64\9z27sp5rse1614.dll
[2008/05/18 21:28:55 | 00,002,650 | ---- | C] () -- C:\Windows\6ac9back5o9rz058.dll
[2008/05/17 17:26:17 | 00,008,002 | ---- | C] () -- C:\Windows\295e5te9z959.dll
[2008/05/17 12:14:20 | 00,002,904 | ---- | C] () -- C:\Windows\4zcead9wa5e3196.dll
[2008/05/16 12:51:52 | 00,327,680 | ---- | C] () -- C:\Windows\SysWow64\pythoncom25.dll
[2008/05/16 12:51:52 | 00,102,400 | ---- | C] () -- C:\Windows\SysWow64\pywintypes25.dll
[2008/05/11 17:16:42 | 00,002,521 | ---- | C] () -- C:\Windows\SysWow64\16799spy256z.dll
[2008/05/05 06:02:39 | 00,004,237 | ---- | C] () -- C:\Windows\59dzad5ware163.dll
[2008/05/05 03:44:15 | 00,011,760 | ---- | C] () -- C:\Windows\SysWow64\z5d69ir2335.dll
[2008/04/30 20:01:15 | 00,006,313 | ---- | C] () -- C:\Windows\SysWow64\3557v9z1764.dll
[2008/04/27 03:09:39 | 00,005,466 | ---- | C] () -- C:\Windows\9375spyware317z.dll
[2008/04/26 23:25:39 | 00,005,565 | ---- | C] () -- C:\Windows\SysWow64\6974ad5ware2z68.dll
[2008/04/16 05:36:26 | 00,009,668 | ---- | C] () -- C:\Windows\SysWow64\3501spywa9e268z.dll
[2008/04/15 14:48:13 | 00,009,893 | ---- | C] () -- C:\Windows\65269aczd5or1297.dll
[2008/04/06 11:06:24 | 00,014,717 | ---- | C] () -- C:\Windows\47d3s9zrse1351.dll
[2008/04/01 23:14:11 | 00,006,458 | ---- | C] () -- C:\Windows\12581zpy3945.dll
[2008/03/26 16:09:39 | 00,003,592 | ---- | C] () -- C:\Windows\9621tr5z49d.dll
[2008/03/26 02:31:29 | 00,010,099 | ---- | C] () -- C:\Windows\SysWow64\2206tro939z5.dll
[2008/03/20 21:51:49 | 00,015,754 | ---- | C] () -- C:\Windows\SysWow64\15587hzcktool7c99.dll
[2008/03/08 12:17:36 | 00,015,028 | ---- | C] () -- C:\Windows\SysWow64\z475t5ief30549.dll
[2008/03/07 22:06:42 | 00,015,968 | ---- | C] () -- C:\Windows\SysWow64\z54179py5c35.dll
[2008/02/19 01:33:34 | 00,446,352 | ---- | C] () -- C:\Windows\SysWow64\OpenQuicktimeLib.dll
[2008/02/16 04:13:09 | 00,007,899 | ---- | C] () -- C:\Windows\SysWow64\29959spy59z.dll
[2008/02/04 16:08:01 | 00,017,565 | ---- | C] () -- C:\Windows\9a95szyware2392.dll
[2008/02/04 13:25:23 | 00,004,590 | ---- | C] () -- C:\Windows\20z95spamb5t9a7.dll
[2008/01/20 21:50:05 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/20 21:49:49 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008/01/18 09:23:14 | 00,011,021 | ---- | C] () -- C:\Windows\25z51worm5189.dll
[2008/01/16 11:25:37 | 00,013,781 | ---- | C] () -- C:\Windows\SysWow64\9z354spyc1.dll
[2008/01/10 20:31:02 | 00,002,615 | ---- | C] () -- C:\Windows\5be3t5i9fz390.dll
[2008/01/09 20:21:50 | 00,002,676 | ---- | C] () -- C:\Windows\z5032s9y4ec.dll
[2008/01/04 19:35:50 | 00,009,920 | ---- | C] () -- C:\Windows\9323sp9zbot3915.dll
[2008/01/01 01:00:17 | 00,013,823 | ---- | C] () -- C:\Windows\156cthze96675.dll

========== LOP Check ==========

[2009/01/18 17:55:45 | 00,000,000 | ---D | M] -- C:\Users\Morris\AppData\Roaming\SBTT
[2008/09/24 16:33:16 | 00,000,000 | ---D | M] -- C:\Users\Morris\AppData\Roaming\Template
[2008/08/11 17:15:19 | 00,000,000 | ---D | M] -- C:\Users\Morris\AppData\Roaming\WildTangent
[2008/07/29 16:21:57 | 00,000,000 | ---D | M] -- C:\Users\Morris\AppData\Roaming\WinBatch
[2009/12/10 03:23:03 | 00,032,654 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/12/13 13:06:00 | 00,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{9E594783-DE8F-4088-A9D8-FB2618DE7F4D}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:DFF5CCE6
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:F3F95A98
< End of report >

BC AdBot (Login to Remove)

 


#2 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:08:02 PM

Posted 26 December 2009 - 03:58 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE
regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#3 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:08:02 PM

Posted 31 December 2009 - 07:05 AM

Due to the lack of feedback, this topic is now closed.
If you need this topic reopened, please PM a staff member and we will reopen it for you (include the address of this thread in your request). This applies to the original topic starter only. Everyone else with similar problems, please start a new topic.
regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users