Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Removing antimalware doctor


  • This topic is locked This topic is locked
1 reply to this topic

#1 bobbydobson

bobbydobson

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:04:35 AM

Posted 30 April 2010 - 01:46 AM

Hi there

I have tried removing antimalware doctor with malwarebytes but it didnīt work in safe mode. It has got rid of most of the bad stuff and my computer is pretty functional, but the program still re-appears on each new start-up.
I was on another website and tried following a similar process to the one you describe. As a result I have the GMER log and a thing called an OTS log which I imagine is similar to the DDS one that you desrcibe. If you really need the DDS log to help me then I can do it.
So attached is the GMER log and hereīs the OTS log:
CODE
OTS logfile created on: 29/04/2010 15:08:19 - Run 1
OTS by OldTimer - Version 3.1.30.0     Folder = C:\Documents and Settings\Nathan Dobson\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

502.00 Mb Total Physical Memory | 284.00 Mb Available Physical Memory | 57.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 89.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 26.27 Gb Total Space | 5.33 Gb Free Space | 20.29% Space Free | Partition Type: FAT32
Drive D: | 26.66 Gb Total Space | 26.66 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
Drive E: | 1.87 Gb Total Space | 1.86 Gb Free Space | 99.74% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ACER-AC84C68AD2
Current User Name: Nathan Dobson
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 90 Days

[Processes - Safe List]
ots.exe -> C:\Documents and Settings\Nathan Dobson\Desktop\OTS.exe -> [2010/04/29 15:03:38 | 000,639,488 | ---- | M] (OldTimer Tools)
clpsls.exe -> C:\Program Files\Comodo\COMODO livePCsupport\CLPSLS.exe -> [2010/02/12 19:23:32 | 000,148,744 | ---- | M] (COMODO)
firefox.exe -> C:\Program Files\Mozilla Firefox\firefox.exe -> [2009/04/14 09:54:06 | 000,307,704 | ---- | M] (Mozilla Corporation)
explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 01:12:20 | 001,033,728 | ---- | M] (Microsoft Corporation)

[Modules - Safe List]
ots.exe -> C:\Documents and Settings\Nathan Dobson\Desktop\OTS.exe -> [2010/04/29 15:03:38 | 000,639,488 | ---- | M] (OldTimer Tools)
guard32.dll -> C:\WINDOWS\system32\guard32.dll -> [2010/04/13 07:12:06 | 000,277,240 | ---- | M] (COMODO)

[Win32 Services - Safe List]
(Automatic LiveUpdate Scheduler) Automatic LiveUpdate Scheduler [Auto | Stopped] ->  -> File not found
(cmdAgent) COMODO Internet Security Helper Service [Auto | Stopped] -> C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -> [2010/04/13 07:11:28 | 001,769,216 | ---- | M] ()
(RapportMgmtService) Rapport Management Service [Auto | Stopped] -> C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -> [2010/03/15 13:47:22 | 000,779,496 | ---- | M] (Trusteer Ltd.)
(CLPSLS) COMODO livePCsupport Service [Auto | Running] -> C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe -> [2010/02/12 19:23:32 | 000,148,744 | ---- | M] (COMODO)
(anbmService) Notebook Manager Service [Auto | Stopped] -> C:\Acer\eManager\anbmServ.exe -> [2004/08/16 15:17:20 | 001,287,168 | ---- | M] (OSA Technologies Inc.)

[Driver Services - Safe List]
(cmdGuard) COMODO Internet Security Sandbox Driver [File_System | System | Stopped] -> C:\WINDOWS\system32\drivers\cmdGuard.sys -> [2010/04/13 07:12:04 | 000,225,344 | ---- | M] (COMODO)
(Inspect) COMODO Internet Security Firewall Driver [Kernel | Boot | Running] -> C:\WINDOWS\System32\DRIVERS\inspect.sys -> [2010/04/13 07:12:04 | 000,086,800 | ---- | M] (COMODO)
(cmdHlp) COMODO Internet Security Helper Driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\cmdhlp.sys -> [2010/04/13 07:12:04 | 000,025,240 | ---- | M] (COMODO)
(cmderd) COMODO Internet Security Eradication Driver [File_System | System | Running] -> C:\WINDOWS\system32\drivers\cmderd.sys -> [2010/04/13 07:12:04 | 000,015,464 | ---- | M] (COMODO)
(RapportPG) RapportPG [Kernel | System | Stopped] -> C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -> [2010/03/15 13:47:30 | 000,116,328 | ---- | M] (Trusteer Ltd.)
(RapportKELL) RapportKELL [Kernel | System | Stopped] -> C:\Program Files\Trusteer\Rapport\bin\RapportKELL.sys -> [2010/03/15 13:47:30 | 000,058,984 | ---- | M] (Trusteer Ltd.)
(tap0901) TAP-Win32 Adapter V9 [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\tap0901.sys -> [2009/10/14 19:08:32 | 000,032,000 | ---- | M] (The OpenVPN Project)
(mfehidk) McAfee Inc. mfehidk [Kernel | System | Stopped] -> C:\WINDOWS\system32\drivers\mfehidk.sys -> [2009/09/16 10:22:48 | 000,214,664 | ---- | M] (McAfee, Inc.)
(mfeavfk) McAfee Inc. mfeavfk [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\mfeavfk.sys -> [2009/09/16 10:22:48 | 000,079,816 | ---- | M] (McAfee, Inc.)
(mfesmfk) McAfee Inc. mfesmfk [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\mfesmfk.sys -> [2009/09/16 10:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.)
(mfebopk) McAfee Inc. mfebopk [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\mfebopk.sys -> [2009/09/16 10:22:48 | 000,035,272 | ---- | M] (McAfee, Inc.)
(mferkdk) McAfee Inc. mferkdk [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\mferkdk.sys -> [2009/09/16 10:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.)
(NSCIRDA) NSC Infrared Device Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\nscirda.sys -> [2008/04/13 19:54:36 | 000,028,672 | ---- | M] (National Semiconductor Corporation)
(usbsermpt) Motorola USB Modem Driver for MPT [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\usbsermpt.sys -> [2006/06/25 22:59:12 | 000,022,768 | ---- | M] (Microsoft Corporation)
(NTIDrvr) Upper Class Filter Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\NTIDrvr.sys -> [2005/03/30 12:23:44 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.)
(EpmShd) Acer EPM System Hardware Driver [Kernel | Auto | Stopped] -> C:\WINDOWS\system32\drivers\epm-shd.sys -> [2005/03/24 16:54:08 | 000,078,208 | ---- | M] (Acer Value Labs, USA)
(osaio) osaio [Kernel | Auto | Stopped] -> C:\WINDOWS\system32\drivers\osaio.sys -> [2005/03/04 16:37:26 | 000,008,704 | ---- | M] (Avocent/OSA Technologies Inc.)
(tifm21) tifm21 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\tifm21.sys -> [2005/02/10 09:52:36 | 000,157,056 | ---- | M] (Texas Instruments)
(HSF_DPV) HSF_DPV [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\HSF_DPV.sys -> [2005/01/24 23:27:14 | 001,038,208 | ---- | M] (Conexant Systems, Inc.)
(HSFHWICH) HSFHWICH [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\HSFHWICH.sys -> [2005/01/24 23:26:36 | 000,207,616 | ---- | M] (Conexant Systems, Inc.)
(winachsf) winachsf [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\HSF_CNXT.sys -> [2005/01/24 23:26:28 | 000,703,616 | ---- | M] (Conexant Systems, Inc.)
(osanbm) osanbm [Kernel | Auto | Stopped] -> C:\WINDOWS\system32\drivers\osanbm.sys -> [2005/01/14 15:57:16 | 000,004,010 | ---- | M] (Windows (R) 2000 DDK provider)
(int15.sys) int15.sys [Kernel | On_Demand | Stopped] -> C:\Program Files\acer\eRecovery\int15.sys -> [2005/01/13 14:46:16 | 000,069,632 | ---- | M] ()
(AR5211) Atheros Wireless Network Adapter Service [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ar5211.sys -> [2005/01/10 00:47:14 | 000,449,888 | ---- | M] (Atheros Communications, Inc.)
(UBHelper) UBHelper [Kernel | System | Stopped] -> C:\WINDOWS\system32\drivers\UBHelper.sys -> [2004/12/17 17:14:44 | 000,013,952 | ---- | M] ()
(DKbFltr) Dritek HotKey Keyboard Filter Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\DKbFltr.SYS -> [2004/12/08 14:10:00 | 000,016,896 | ---- | M] (Dritek System Inc.)
(w29n51) Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\w29n51.sys -> [2004/10/29 18:48:10 | 003,222,784 | ---- | M] (IntelŪ Corporation)
(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\SynTP.sys -> [2004/10/07 23:33:46 | 000,185,824 | ---- | M] (Synaptics, Inc.)
(EpmPsd) Acer EPM Power Scheme Driver [Kernel | Auto | Stopped] -> C:\WINDOWS\system32\drivers\epm-psd.sys -> [2004/07/19 13:10:00 | 000,004,096 | ---- | M] (Acer Value Labs, USA)
(CAMCHALA) CAMCHALA [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\camchal.sys -> [2004/06/24 23:31:00 | 000,276,480 | ---- | M] (Conexant Systems Inc.)
(CAMCAUD) Conexant AMC Audio [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\camcaud.sys -> [2004/06/24 23:29:00 | 000,034,048 | ---- | M] (Conexant Systems Inc.)
(pfc) Padus ASPI Shell [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\pfc.sys -> [2003/12/05 03:46:36 | 000,010,368 | ---- | M] (Padus, Inc.)
(bcm4sbxp) Broadcom 440x 10/100 Integrated Controller XP Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\bcm4sbxp.sys -> [2003/09/25 19:41:12 | 000,044,032 | ---- | M] (Broadcom Corporation)
(b57w2k) Broadcom NetXtreme Gigabit Ethernet [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\b57xp32.sys -> [2003/05/21 19:47:12 | 000,175,360 | ---- | M] (Broadcom Corporation)

[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://www.pucuy.com/ ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-4040331678-2490374350-1798654716-1005\] > -> ->
HKEY_USERS\S-1-5-21-4040331678-2490374350-1798654716-1005\: Main\\"Start Page" -> http://www.pucuy.com/ ->
HKEY_USERS\S-1-5-21-4040331678-2490374350-1798654716-1005\: SearchURL\\"provider" -> gogl ->
HKEY_USERS\S-1-5-21-4040331678-2490374350-1798654716-1005\: "ProxyEnable" -> 0 ->
< FireFox Settings [Prefs.js] > -> C:\Documents and Settings\Nathan Dobson\Application Data\Mozilla\FireFox\Profiles\yxd7hm9f.default\prefs.js ->
browser.search.update -> false ->
browser.startup.homepage -> "http://www.bbc.co.uk/" ->
extensions.enabledItems -> Hotbar@Hotbar.com:11.0.0.0 ->
network.proxy.no_proxies_on -> "*.local" ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions ->  ->
HKLM\software\mozilla\Firefox\Extensions\\Hotbar@Hotbar.com -> C:\PROGRAM FILES\HOTBAR\BIN\11.0.120.0\FIREFOX\EXTENSIONS ->
HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions ->  ->
HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2008/07/04 22:38:14 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2008/07/04 22:38:14 | 000,000,000 | ---D | M]
< FireFox Extensions [User Folders] > ->
  -> C:\Documents and Settings\Nathan Dobson\Application Data\Mozilla\Extensions -> [2008/07/04 22:38:36 | 000,000,000 | ---D | M]
  -> C:\Documents and Settings\Nathan Dobson\Application Data\Mozilla\Firefox\Profiles\yxd7hm9f.default\extensions -> [2008/07/04 22:38:36 | 000,000,000 | ---D | M]
< FireFox Extensions [Program Folders] > ->
  -> C:\Program Files\Mozilla Firefox\extensions -> [2008/07/04 22:38:14 | 000,000,000 | ---D | M]
< HOSTS File > ([2004/08/04 05:00:00 | 000,000,734 | ---- | M] - 19 lines) -> C:\WINDOWS\system32\drivers\etc\hosts ->
Reset Hosts
127.0.0.1       localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2009/02/27 12:07:32 | 000,061,816 | ---- | M] (Adobe Systems Incorporated)
{22BF413B-C6D2-4d91-82A9-A0F997BA588C} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (mastermind)] -> [2009/08/04 15:47:42 | 001,586,472 | ---- | M] (Skype Technologies S.A.)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll [SSVHelper Class] -> [2006/12/15 03:23:24 | 000,440,056 | ---- | M] (Sun Microsystems, Inc.)
{C7B76B90-3455-4AE6-A752-EAC4D19689E5} [HKLM] -> C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll [EoBHO Class] -> File not found
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"" [HKLM] -> Reg Error: Key error. [Reg Error: Value error.] -> File not found
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-4040331678-2490374350-1798654716-1005\] > -> HKEY_USERS\S-1-5-21-4040331678-2490374350-1798654716-1005\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"AVFX Engine" -> C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe [C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe] -> File not found
"COMODO Internet Security" -> C:\Program Files\COMODO\COMODO Internet Security\cfp.exe ["C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h] -> [2010/04/13 07:11:40 | 002,029,456 | ---- | M] (COMODO)
"EoEngine" -> C:\Program Files\EoRezo\EoEngine.exe ["C:\Program Files\EoRezo\EoEngine.exe"] -> File not found
"eRecoveryService" -> C:\WINDOWS\system32\Check.exe [C:\Windows\System32\Check.exe] -> [2005/03/23 10:01:12 | 000,245,760 | ---- | M] (acer Inc.)
"HotbarSA" -> C:\Program Files\Hotbar\bin\11.0.120.0\HotbarSA.exe ["C:\Program Files\Hotbar\bin\11.0.120.0\HotbarSA.exe"] -> File not found
"IMJPMIG8.1" -> C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE ["C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32] -> [2004/08/04 05:00:00 | 000,208,952 | ---- | M] (Microsoft Corporation)
"KernelFaultCheck" ->  [%systemroot%\system32\dumprep 0 -k] -> File not found
"LaunchApp" -> C:\WINDOWS\Alaunch.exe [Alaunch] -> [2004/11/02 19:07:30 | 000,499,712 | ---- | M] (Acer Inc.)
"LManager" -> C:\Program Files\Launch Manager\QtZgAcer.EXE [C:\Program Files\Launch Manager\QtZgAcer.EXE] -> [2005/03/28 12:20:00 | 000,319,488 | ---- | M] (Dritek System Inc.)
"MSPY2002" -> C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe [C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC] -> [2004/08/04 05:00:00 | 000,059,392 | ---- | M] ()
"PHIME2002A" -> C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE [C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName] -> [2004/08/04 05:00:00 | 000,455,168 | ---- | M] (Microsoft Corporation)
"PHIME2002ASync" -> C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE [C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC] -> [2004/08/04 05:00:00 | 000,455,168 | ---- | M] (Microsoft Corporation)
"SoftwareHelper" -> C:\Documents and Settings\Nathan Dobson\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe [C:\Documents and Settings\Nathan Dobson\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe] -> File not found
"SunJavaUpdateSched" -> C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe ["C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"] -> [2006/12/15 03:23:28 | 000,075,520 | ---- | M] (Sun Microsystems, Inc.)
"SynTPLpr" -> C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [C:\Program Files\Synaptics\SynTP\SynTPLpr.exe] -> [2004/10/07 23:44:24 | 000,098,394 | ---- | M] (Synaptics, Inc.)
"TkBellExe" -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe ["C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot] -> [2007/12/03 13:58:24 | 000,185,632 | ---- | M] (RealNetworks, Inc.)
"WinampAgent" -> C:\Program Files\Winamp\winampa.exe ["C:\Program Files\Winamp\winampa.exe"] -> File not found
< Run [HKEY_USERS\S-1-5-21-4040331678-2490374350-1798654716-1005\] > -> HKEY_USERS\S-1-5-21-4040331678-2490374350-1798654716-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Livestation" -> C:\Program Files\Livestation\AppStart.exe [C:\Program Files\Livestation\AppStart.exe -nosplash -systemstartup] -> File not found
"newupdate1142C.exe" -> C:\Documents and Settings\Nathan Dobson\Application Data\B842FDCA20727E3105CCE153642E103D\newupdate1142C.exe [C:\Documents and Settings\Nathan Dobson\Application Data\B842FDCA20727E3105CCE153642E103D\newupdate1142C.exe] -> [2010/04/28 21:37:20 | 000,730,624 | ---- | M] ()
"WeatherDPA" -> C:\Program Files\Hotbar\bin\11.0.120.0\Weather.exe ["C:\Program Files\Hotbar\bin\11.0.120.0\Weather.exe" -auto] -> File not found
< Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup ->
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE -> [1999/02/17 21:05:56 | 000,065,588 | ---- | M] (Microsoft Corporation)
< Nathan Dobson Startup Folder > -> C:\Documents and Settings\Nathan Dobson\Start Menu\Programs\Startup ->
C:\Documents and Settings\Nathan Dobson\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk -> C:\Program Files\ERUNT\AUTOBACK.EXE -> [2005/10/20 12:04:08 | 000,038,912 | ---- | M] ()
< Administrator Startup Folder > -> C:\Documents and Settings\Administrator\Start Menu\Programs\Startup ->
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"HonorAutoRunSetting" ->  [1] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-4040331678-2490374350-1798654716-1005] > -> HKEY_USERS\S-1-5-21-4040331678-2490374350-1798654716-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-21-4040331678-2490374350-1798654716-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC} [HKLM] -> C:\Program Files\Java\jre1.5.0_11\bin\NPJPI150_11.dll [Menu: Sun Java Console] -> [2006/12/15 03:23:26 | 000,075,528 | ---- | M] (Sun Microsystems, Inc.)
{5067A26B-1337-4436-8AFE-EE169C2DA79F}:{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Menu: Skype add-on for Internet Explorer] -> [2009/08/04 15:47:42 | 001,586,472 | ---- | M] (Skype Technologies S.A.)
{77BF5300-1474-4EC7-9980-D32B190E9B07}:{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Button: Skype] -> [2009/08/04 15:47:42 | 001,586,472 | ---- | M] (Skype Technologies S.A.)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Button: Messenger] -> File not found
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Menu: Windows Messenger] -> File not found
< Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> C:\Program Files\Java\jre1.5.0_11\bin\NPJPI150_11.dll [Sun Java Console] -> [2006/12/15 03:23:26 | 000,075,528 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\"{5067A26B-1337-4436-8AFE-EE169C2DA79F}" [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on for Internet Explorer] -> [2009/08/04 15:47:42 | 001,586,472 | ---- | M] (Skype Technologies S.A.)
CmdMapping\\"{77BF5300-1474-4EC7-9980-D32B190E9B07}" [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (button)] -> [2009/08/04 15:47:42 | 001,586,472 | ---- | M] (Skype Technologies S.A.)
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Messenger] -> File not found
< Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> C:\Program Files\Java\jre1.5.0_11\bin\NPJPI150_11.dll [Sun Java Console] -> [2006/12/15 03:23:26 | 000,075,528 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\"{5067A26B-1337-4436-8AFE-EE169C2DA79F}" [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on for Internet Explorer] -> [2009/08/04 15:47:42 | 001,586,472 | ---- | M] (Skype Technologies S.A.)
CmdMapping\\"{77BF5300-1474-4EC7-9980-D32B190E9B07}" [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (button)] -> [2009/08/04 15:47:42 | 001,586,472 | ---- | M] (Skype Technologies S.A.)
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Messenger] -> File not found
< Internet Explorer Extensions [HKEY_USERS\S-1-5-21-4040331678-2490374350-1798654716-1005\] > -> HKEY_USERS\S-1-5-21-4040331678-2490374350-1798654716-1005\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> C:\Program Files\Java\jre1.5.0_11\bin\NPJPI150_11.dll [Sun Java Console] -> [2006/12/15 03:23:26 | 000,075,528 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\"{5067A26B-1337-4436-8AFE-EE169C2DA79F}" [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on for Internet Explorer] -> [2009/08/04 15:47:42 | 001,586,472 | ---- | M] (Skype Technologies S.A.)
CmdMapping\\"{77BF5300-1474-4EC7-9980-D32B190E9B07}" [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (button)] -> [2009/08/04 15:47:42 | 001,586,472 | ---- | M] (Skype Technologies S.A.)
CmdMapping\\"{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}" [HKLM] ->  [Reg Error: Key error.] -> File not found
CmdMapping\\"{C2A80015-C447-4dc4-82DD-AED83D6ED57E}" [HKLM] ->  [Reg Error: Key error.] -> File not found
CmdMapping\\"{ED98F8D1-09AC-4107-B2FF-91DBE011B0C5}" [HKLM] ->  [Reg Error: Key error.] -> File not found
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Messenger] -> File not found
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-4040331678-2490374350-1798654716-1005\] > -> HKEY_USERS\S-1-5-21-4040331678-2490374350-1798654716-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-4040331678-2490374350-1798654716-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-4040331678-2490374350-1798654716-1005\] > -> HKEY_USERS\S-1-5-21-4040331678-2490374350-1798654716-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-4040331678-2490374350-1798654716-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab [Shockwave ActiveX Control] ->
{4F1E5B1A-2A80-42CA-8532-2D05CB959537} [HKLM] -> http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab [MSN Photo Upload Tool] ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586-jc.cab [Java Plug-in 1.5.0_11] ->
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab [Reg Error: Key error.] ->
{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab [Java Plug-in 1.5.0_11] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab [Java Plug-in 1.5.0_11] ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab [Shockwave Flash Object] ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
DhcpNameServer -> 192.168.1.1 ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{0C825A4F-AB77-4E78-A192-3C4FC4E0AF71}\\NameServer -> 156.154.70.22,156.154.71.22   (Intel(R) PRO/Wireless 2200BG Network Connection) ->
{5056137B-4372-47F5-BCAB-B3A8681EDD2F}\\DhcpNameServer -> 192.168.1.1   (Broadcom NetXtreme Gigabit Ethernet) ->
IE Styles -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles
"MaxScriptStatements" -> Reg Error: Invalid data type.
< AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs ->
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls ->
C:\WINDOWS\system32\guard32.dll -> C:\WINDOWS\system32\guard32.dll -> [2010/04/13 07:12:06 | 000,277,240 | ---- | M] (COMODO)
*MultiFile Done* -> ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 01:12:20 | 001,033,728 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Winlogon settings [HKEY_USERS\S-1-5-21-4040331678-2490374350-1798654716-1005] > -> HKEY_USERS\S-1-5-21-4040331678-2490374350-1798654716-1005\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_USERS\S-1-5-21-4040331678-2490374350-1798654716-1005\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/14 01:12:20 | 001,033,728 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
igfxcui -> C:\WINDOWS\System32\igfxsrvc.dll -> [2005/02/08 10:32:16 | 000,348,160 | ---- | M] (Intel Corporation)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
"C:\PROGRAM FILES\LIVESTATION\1.0.77.3\LIVESTATION.EXE" -> C:\Program Files\Livestation\1.0.77.3\Livestation.exe [C:\Program Files\Livestation\1.0.77.3\Livestation.exe] -> File not found
"C:\Program Files\Windows Live\Messenger\livecall.exe" -> C:\Program Files\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> File not found
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> File not found
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
"C:\Documents and Settings\Nathan Dobson\My Documents\My Games\fm.exe" -> C:\Documents and Settings\Nathan Dobson\My Documents\My Games\fm.exe [C:\Documents and Settings\Nathan Dobson\My Documents\My Games\fm.exe:*:Disabled:Football Manager 2008] -> File not found
"C:\Program Files\DealBook 360\DealBook 360.exe" -> C:\Program Files\DealBook 360\DealBook 360.exe [C:\Program Files\DealBook 360\DealBook 360.exe:*:Enabled:DealBook 360] -> File not found
"C:\Program Files\iTunes\iTunes.exe" -> C:\Program Files\iTunes\iTunes.exe [C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes] -> [2006/06/14 16:48:00 | 014,276,608 | ---- | M] (Apple Computer, Inc.)
"C:\Program Files\Kontiki\KService.exe" -> C:\Program Files\Kontiki\KService.exe [C:\Program Files\Kontiki\KService.exe:*:Enabled:Delivery Manager Service] -> File not found
"C:\PROGRAM FILES\LIVESTATION\1.0.77.3\LIVESTATION.EXE" -> C:\Program Files\Livestation\1.0.77.3\Livestation.exe [C:\Program Files\Livestation\1.0.77.3\Livestation.exe] -> File not found
"C:\Program Files\Messenger\MSMSGS.EXE" -> C:\Program Files\Messenger\MSMSGS.EXE [C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger] -> File not found
"C:\Program Files\Mozilla Firefox\firefox.exe" -> C:\Program Files\Mozilla Firefox\firefox.exe [C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox] -> [2009/04/14 09:54:06 | 000,307,704 | ---- | M] (Mozilla Corporation)
"C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe" -> C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe [C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:*:Disabled:Football Manager 2008] -> File not found
"C:\Program Files\Spotify\spotify.exe" -> C:\Program Files\Spotify\spotify.exe [C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify] -> [2010/03/25 15:06:28 | 002,902,864 | ---- | M] (Spotify AB)
"C:\Program Files\TVUPlayer\TVUPlayer.exe" -> C:\Program Files\TVUPlayer\TVUPlayer.exe [C:\Program Files\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component] -> File not found
"C:\Program Files\Windows Live\Messenger\livecall.exe" -> C:\Program Files\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> File not found
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> File not found
"C:\WINDOWS\System32\ppshell.exe" -> C:\WINDOWS\System32\ppshell.exe [C:\WINDOWS\System32\ppshell.exe:*:Enabled:ppshell] -> File not found
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM Driver ->
"ImagePath" ->  [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > ->  ->
C:\AUTOEXEC.BAT [PATH=%PATH%;C:\PROGRA~1\COMMON~1\MUVEET~1\030625 | ] -> C:\AUTOEXEC.BAT [ FAT32 ] -> [2005/03/30 12:23:20 | 000,000,050 | ---- | M] ()
E:\autorun.inf [[AutoRun] | open=p3vwxx.exe | shell\open\Command=p3vwxx.exe | ] -> E:\autorun.inf [ FAT ] -> [2010/03/03 19:28:52 | 000,000,059 | RHS- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
< File Associations - Select to Repair > -> HKEY_USERS\S-1-5-21-4040331678-2490374350-1798654716-1005\SOFTWARE\Classes\<extension>\ ->
.exe [@ = exefile] -> Reg Error: Key error. -> File not found

[Registry - Additional Scans - Safe List]
< Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 ->
"msacm.iac2" -> C:\WINDOWS\system32\iac25_32.ax [C:\WINDOWS\system32\iac25_32.ax] -> [2008/04/14 01:12:42 | 000,199,680 | ---- | M] (Intel Corporation)
"msacm.l3acm" -> C:\WINDOWS\system32\l3codeca.acm [C:\WINDOWS\system32\l3codeca.acm] -> [2010/01/29 16:43:40 | 000,307,260 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS)
"msacm.sl_anet" -> C:\WINDOWS\System32\sl_anet.acm [sl_anet.acm] -> [2008/04/14 01:10:50 | 000,086,016 | ---- | M] (Sipro Lab Telecom Inc.)
"msacm.trspch" -> C:\WINDOWS\System32\tssoft32.acm [tssoft32.acm] -> [2004/08/04 05:00:00 | 000,008,192 | ---- | M] (DSP GROUP, INC.)
"MSVideo8" -> C:\WINDOWS\System32\vfwwdm32.dll [VfWWDM32.dll] -> [2008/04/14 01:12:08 | 000,053,760 | ---- | M] (Microsoft Corporation)
"vidc.cvid" -> C:\WINDOWS\System32\iccvid.dll [iccvid.dll] -> [2008/04/14 01:11:54 | 000,080,384 | ---- | M] (Radius Inc.)
"vidc.iv31" -> C:\WINDOWS\System32\ir32_32.dll [ir32_32.dll] -> [2004/08/04 05:00:00 | 000,199,168 | ---- | M] ()
"vidc.iv32" -> C:\WINDOWS\System32\ir32_32.dll [ir32_32.dll] -> [2004/08/04 05:00:00 | 000,199,168 | ---- | M] ()
"vidc.iv41" -> C:\WINDOWS\System32\ir41_32.ax [ir41_32.ax] -> [2008/04/14 01:12:42 | 000,848,384 | ---- | M] (Intel Corporation)
"vidc.iv50" -> C:\WINDOWS\System32\ir50_32.dll [ir50_32.dll] -> [2008/04/14 01:11:56 | 000,755,200 | ---- | M] (Intel Corporation)
< Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ ->
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2008/03/28 23:37:44 | 000,779,568 | ---- | M] (Apple Inc.)
{4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2008/03/28 23:37:44 | 000,779,568 | ---- | M] (Apple Inc.)
{67DABFBF-D0AB-41FA-9C46-CC0F21721616} [HKLM] -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [DivXBrowserPlugin Object] -> [2009/11/14 01:47:26 | 002,471,224 | ---- | M] (DivX,Inc.)
{69725738-CD68-4f36-8D02-8C43722EE5DA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{A3E67DAA-DA01-4da5-98BE-3088B554A11E} [HKLM] -> C:\Program Files\Hotbar\bin\11.0.120.0\HotbarSAAX.dll [Hotbar UserProfiles Class] -> File not found
{CB927D12-4FF7-4A9E-A169-56E4B8A75598} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [Behavior Object] -> [2008/03/28 23:37:44 | 000,779,568 | ---- | M] (Apple Inc.)
{D95C7240-0282-4c01-93F5-673BCA03DA86} [HKLM] -> C:\Program Files\Hotbar\bin\11.0.120.0\HotbarSAAX.dll [Hotbar Info Class] -> File not found
{DFEAF541-F3E1-4c24-ACAC-99C30715084A} [HKLM] -> C:\Program Files\Microsoft Silverlight\3.0.50106.0\npctrl.dll [Microsoft Silverlight] -> [2010/01/06 00:33:56 | 000,876,872 | ---- | M] ( Microsoft Corporation)
< Ext (Settings) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\ ->
{BDD307C3-7BC0-4542-9F8F-A9611FE6C1BF} [HKLM] -> C:\WINDOWS\system32\proctexe.ocx [Additive Surface] -> [2008/04/14 01:10:36 | 000,081,920 | ---- | M] (Intel Corporation)
< Ext (Stats) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\ ->
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2008/03/28 23:37:44 | 000,779,568 | ---- | M] (Apple Inc.)
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2009/02/27 12:07:32 | 000,061,816 | ---- | M] (Adobe Systems Incorporated)
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> Reg Error: Key error. [Reg Error: Value error.] -> File not found
{17DDDB41-B9AD-0832-0A4E-2B16CE3DFDFE} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{1EB0FE44-B210-47FE-BADE-04D617312B39} [HKLM] -> C:\Program Files\Veetle\plugins\Veetle.ocx [Veetle TV Core] -> [2010/03/18 01:35:48 | 000,886,808 | ---- | M] (Veetle Inc)
{22BF413B-C6D2-4D91-82A9-A0F997BA588C} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (mastermind)] -> [2009/08/04 15:47:42 | 001,586,472 | ---- | M] (Skype Technologies S.A.)
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> C:\WINDOWS\system32\Macromed\Director\SwDir.dll [Shockwave ActiveX Control] -> [2006/09/03 23:10:30 | 000,054,960 | ---- | M] (Adobe Systems, Inc.)
{3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} [HKLM] -> C:\Program Files\TVUPlayer\npTVUAx.dll [CTVUAxCtrl Object] -> File not found
{4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2008/03/28 23:37:44 | 000,779,568 | ---- | M] (Apple Inc.)
{474F00F5-3853-492C-AC3A-476512BBC336} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{4F1E5B1A-2A80-42CA-8532-2D05CB959537} [HKLM] -> C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll [MSN Photo Upload Tool] -> [2006/06/20 15:44:04 | 000,379,704 | ---- | M] ()
{5067A26B-1337-4436-8AFE-EE169C2DA79F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{6F68E97B-8687-4683-B996-002DEB768270} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll [SSVHelper Class] -> [2006/12/15 03:23:24 | 000,440,056 | ---- | M] (Sun Microsystems, Inc.)
{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (button)] -> [2009/08/04 15:47:42 | 001,586,472 | ---- | M] (Skype Technologies S.A.)
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{8A4227BF-0CC2-4EEF-B076-DAFFF941EEA5} [HKLM] -> C:\Program Files\Veetle\Player\axvlc.dll [Veetle TV Player 0.9.17] -> [2010/03/23 01:40:08 | 000,208,408 | ---- | M] ()
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{A57462DE-ED2A-4B41-B55B-A0463AAE3E66} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{B91B0A7A-B6E9-476d-8560-4ACA2E3C01B1} [HKLM] -> C:\Program Files\Veetle\VLCBroadcast\axvbp.dll [Veetle Broadcaster Plugin 0.9.17] -> [2010/03/23 01:40:08 | 000,747,032 | ---- | M] ()
{C7B76B90-3455-4AE6-A752-EAC4D19689E5} [HKLM] -> C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll [EoBHO Class] -> File not found
{CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll [Adobe PDF Reader] -> [2009/02/27 12:07:48 | 000,660,840 | ---- | M] (Adobe Systems, Inc.)
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} [HKLM] -> C:\WINDOWS\system32\rmoc3260.dll [RealPlayer G2 Control] -> [2007/12/03 13:59:02 | 000,185,688 | ---- | M] (RealNetworks, Inc.)
{D2517915-48CE-4286-970F-921E881B8C5C} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx [Shockwave Flash Object] -> [2009/02/03 03:07:18 | 003,866,528 | R--- | M] (Adobe Systems, Inc.)
{D719897A-B07A-4C0C-AEA9-9B663A28DFCB} [HKLM] -> C:\Program Files\iTunes\ITDetector.ocx [iTunesDetector Class] -> [2004/03/08 14:07:14 | 000,049,152 | ---- | M] ()
{DFEAF541-F3E1-4C24-ACAC-99C30715084A} [HKLM] -> C:\Program Files\Microsoft Silverlight\3.0.50106.0\npctrl.dll [Microsoft Silverlight] -> [2010/01/06 00:33:56 | 000,876,872 | ---- | M] ( Microsoft Corporation)
{E2E2DD38-D088-4134-82B7-F2BA38496583} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{E9FAB13D-4600-49E1-90D1-EE961C859D39} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{ED98F8D1-09AC-4107-B2FF-91DBE011B0C5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{FB5F1910-F110-11D2-BB9E-00C04F795683} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{FCD61199-E187-4ADD-88E5-9AF238486D11} [HKLM] -> C:\WINDOWS\System32\forcetv.dll [ForceP2PPlayer Object] -> File not found
< Internet Explorer Bars [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ ->
{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358} [HKEY_LOCAL_MACHINE] -> C:\Program Files\Hotbar\bin\11.0.120.0\HostIE.dll [Hotbar Information Window] -> File not found
< Internet Explorer Bars [HKEY_USERS\S-1-5-21-4040331678-2490374350-1798654716-1005\] > -> HKEY_USERS\S-1-5-21-4040331678-2490374350-1798654716-1005\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ ->
{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358} [HKEY_LOCAL_MACHINE] -> C:\Program Files\Hotbar\bin\11.0.120.0\HostIE.dll [Hotbar Information Window] -> File not found
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> ->
*netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs ->
6to4 ->  -> File not found
Ias -> C:\WINDOWS\system32\ias -> [2005/03/30 11:40:26 | 000,000,000 | ---D | M]
Iprip ->  -> File not found
NWCWorkstation ->  -> File not found
Nwsapagent ->  -> File not found
Wmi -> C:\WINDOWS\system32\wmi.dll -> [2008/04/14 01:11:16 | 000,005,632 | ---- | M] (Microsoft Corporation)
WmdmPmSp ->  -> File not found
SSHNAS ->  -> File not found
*MultiFile Done* -> ->
< SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ ->
{36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
{4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
{4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
{4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
{4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
{4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
{4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
{4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
{4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
{4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
{4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
{533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy
{71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
Base -> Driver Group
Boot Bus Extender -> Driver Group
Boot file system -> Driver Group
CLPSLS -> C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe -> [2010/02/12 19:23:32 | 000,148,744 | ---- | M] (COMODO)
File system -> Driver Group
Filter -> Driver Group
mcmscsvc -> Service
MCODS -> Service
PCI Configuration -> Driver Group
PNP Filter -> Driver Group
Primary disk -> Driver Group
SCSI Class -> Driver Group
sermouse.sys -> Driver
System Bus Extender -> Driver Group
vds -> Service
vga.sys -> Driver
< SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ ->
{36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
{4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
{4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
{4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
{4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
{4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
{4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
{4D36E972-E325-11CE-BFC1-08002BE10318} -> Net
{4D36E973-E325-11CE-BFC1-08002BE10318} -> NetClient
{4D36E974-E325-11CE-BFC1-08002BE10318} -> NetService
{4D36E975-E325-11CE-BFC1-08002BE10318} -> NetTrans
{4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
{4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
{4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
{4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
{71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
Base -> Driver Group
Boot Bus Extender -> Driver Group
Boot file system -> Driver Group
CLPSLS -> C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe -> [2010/02/12 19:23:32 | 000,148,744 | ---- | M] (COMODO)
File system -> Driver Group
Filter -> Driver Group
mcmscsvc -> Service
MCODS -> Service
MpfService -> Service
NDIS Wrapper -> Driver Group
NetBIOSGroup -> Driver Group
NetDDEGroup -> Driver Group
Network -> Driver Group
NetworkProvider -> Driver Group
PCI Configuration -> Driver Group
PNP Filter -> Driver Group
PNP_TDI -> Driver Group
Primary disk -> Driver Group
SCSI Class -> Driver Group
sermouse.sys -> Driver
Streams Drivers -> Driver Group
System Bus Extender -> Driver Group
TDI -> Driver Group
vga.sys -> Driver

[Files/Folders - Created Within 90 Days]
OTS.exe -> C:\Documents and Settings\Nathan Dobson\Desktop\OTS.exe -> [2010/04/29 15:03:36 | 000,639,488 | ---- | C] (OldTimer Tools)
ERDNT -> C:\WINDOWS\ERDNT -> [2010/04/29 15:02:57 | 000,000,000 | ---D | C]
ERUNT -> C:\Program Files\ERUNT -> [2010/04/29 15:01:56 | 000,000,000 | ---D | C]
Adobe -> C:\Documents and Settings\NetworkService\Application Data\Adobe -> [2010/04/29 00:50:41 | 000,000,000 | ---D | C]
Malwarebytes -> C:\Documents and Settings\Nathan Dobson\Application Data\Malwarebytes -> [2010/04/29 00:15:38 | 000,000,000 | ---D | C]
mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2010/04/29 00:14:49 | 000,038,224 | ---- | C] (Malwarebytes Corporation)
Malwarebytes -> C:\Documents and Settings\All Users\Application Data\Malwarebytes -> [2010/04/29 00:14:39 | 000,000,000 | ---D | C]
mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2010/04/29 00:14:37 | 000,020,824 | ---- | C] (Malwarebytes Corporation)
Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2010/04/29 00:14:34 | 000,000,000 | ---D | C]
mapp.bat -> C:\Documents and Settings\Nathan Dobson\Desktop\mapp.bat -> [2010/04/28 23:56:22 | 005,918,776 | ---- | C] (Malwarebytes Corporation                                    )
Intel -> C:\Program Files\Intel -> [2010/04/28 22:02:55 | 000,000,000 | ---D | C]
B842FDCA20727E3105CCE153642E103D -> C:\Documents and Settings\Nathan Dobson\Application Data\B842FDCA20727E3105CCE153642E103D -> [2010/04/28 21:37:16 | 000,000,000 | ---D | C]
Microsoft Silverlight -> C:\Program Files\Microsoft Silverlight -> [2010/04/22 09:43:02 | 000,000,000 | ---D | C]
VritualRoot -> C:\VritualRoot -> [2010/04/13 20:14:11 | 000,000,000 | -H-D | C]
Veetle -> C:\Program Files\Veetle -> [2010/03/31 22:00:29 | 000,000,000 | ---D | C]
vlc -> C:\Documents and Settings\Nathan Dobson\Application Data\vlc -> [2010/03/21 22:16:48 | 000,000,000 | ---D | C]
TVU Networks -> C:\Documents and Settings\Nathan Dobson\Local Settings\Application Data\TVU Networks -> [2010/03/21 21:48:25 | 000,000,000 | ---D | C]
TVU Networks -> C:\Documents and Settings\All Users\Application Data\TVU Networks -> [2010/03/21 21:48:25 | 000,000,000 | ---D | C]
Trusteer -> C:\Documents and Settings\NetworkService\Application Data\Trusteer -> [2010/03/21 11:36:57 | 000,000,000 | ---D | C]
Trusteer -> C:\Documents and Settings\Nathan Dobson\Application Data\Trusteer -> [2010/03/11 13:02:18 | 000,000,000 | ---D | C]
Trusteer -> C:\Program Files\Trusteer -> [2010/03/11 13:01:39 | 000,000,000 | ---D | C]
Trusteer -> C:\Documents and Settings\All Users\Application Data\Trusteer -> [2010/03/11 12:59:14 | 000,000,000 | ---D | C]
RapportSetup.exe -> C:\Documents and Settings\Nathan Dobson\Desktop\RapportSetup.exe -> [2010/03/11 12:58:53 | 000,152,808 | ---- | C] (Trusteer Ltd.)
moviemk.exe -> C:\WINDOWS\System32\dllcache\moviemk.exe -> [2010/03/10 13:14:02 | 003,558,912 | ---- | C] (Microsoft Corporation)
browseui.dll -> C:\WINDOWS\System32\dllcache\browseui.dll -> [2010/03/10 06:33:38 | 001,025,024 | ---- | C] (Microsoft Corporation)
Sandbox -> C:\Sandbox -> [2010/03/08 09:54:24 | 000,000,000 | -H-D | C]
COMODO -> C:\Documents and Settings\All Users\Application Data\COMODO -> [2010/03/08 09:52:55 | 000,000,000 | ---D | C]
Comodo -> C:\Documents and Settings\Nathan Dobson\Application Data\Comodo -> [2010/03/08 09:29:19 | 000,000,000 | ---D | C]
tap0901.sys -> C:\WINDOWS\System32\drivers\tap0901.sys -> [2010/03/08 09:29:01 | 000,032,000 | ---- | C] (The OpenVPN Project)
Comodo -> C:\Program Files\Comodo -> [2010/03/08 09:29:00 | 000,000,000 | ---D | C]
Comodo Downloader -> C:\Documents and Settings\All Users\Application Data\Comodo Downloader -> [2010/03/08 09:23:25 | 000,000,000 | ---D | C]
browserchoice.exe -> C:\WINDOWS\System32\browserchoice.exe -> [2010/03/05 17:01:22 | 000,293,376 | ---- | C] (Microsoft Corporation)
Real -> C:\Documents and Settings\All Users\Application Data\Real -> [2010/03/04 16:42:24 | 000,000,000 | ---D | C]
Socialeconomy -> C:\Documents and Settings\Nathan Dobson\My Documents\Socialeconomy -> [2010/03/03 18:32:15 | 000,000,000 | ---D | C]
iepeers.dll -> C:\WINDOWS\System32\dllcache\iepeers.dll -> [2010/02/26 07:43:54 | 000,251,904 | ---- | C] (Microsoft Corporation)
6to4svc.dll -> C:\WINDOWS\System32\dllcache\6to4svc.dll -> [2010/02/12 06:33:11 | 000,100,864 | ---- | C] (Microsoft Corporation)
perlou -> C:\Documents and Settings\Nathan Dobson\Desktop\perlou -> [2010/02/02 15:28:15 | 000,000,000 | ---D | C]
4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->
4 C:\Documents and Settings\Nathan Dobson\My Documents\*.tmp files -> C:\Documents and Settings\Nathan Dobson\My Documents\*.tmp ->
1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp ->
1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->
1 C:\Documents and Settings\Nathan Dobson\*.tmp files -> C:\Documents and Settings\Nathan Dobson\*.tmp ->

[Files/Folders - Modified Within 90 Days]
OTS.exe -> C:\Documents and Settings\Nathan Dobson\Desktop\OTS.exe -> [2010/04/29 15:03:38 | 000,639,488 | ---- | M] (OldTimer Tools)
ERUNT AutoBackup.lnk -> C:\Documents and Settings\Nathan Dobson\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk -> [2010/04/29 15:02:00 | 000,000,675 | ---- | M] ()
NTREGOPT.lnk -> C:\Documents and Settings\Nathan Dobson\Desktop\NTREGOPT.lnk -> [2010/04/29 15:01:58 | 000,000,519 | ---- | M] ()
ERUNT.lnk -> C:\Documents and Settings\Nathan Dobson\Desktop\ERUNT.lnk -> [2010/04/29 15:01:58 | 000,000,500 | ---- | M] ()
The_Comedian.exe -> C:\Documents and Settings\Nathan Dobson\Desktop\The_Comedian.exe -> [2010/04/29 15:01:08 | 000,794,112 | ---- | M] ()
wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2010/04/29 14:59:24 | 000,001,158 | ---- | M] ()
bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2010/04/29 14:58:40 | 000,002,048 | --S- | M] ()
SA.DAT -> C:\WINDOWS\tasks\SA.DAT -> [2010/04/29 14:57:20 | 000,000,006 | -H-- | M] ()
NTUSER.DAT -> C:\Documents and Settings\Nathan Dobson\NTUSER.DAT -> [2010/04/29 14:57:16 | 006,291,456 | -H-- | M] ()
ntuser.ini -> C:\Documents and Settings\Nathan Dobson\ntuser.ini -> [2010/04/29 14:57:16 | 000,000,178 | -HS- | M] ()
lsrslt.ini -> C:\WINDOWS\lsrslt.ini -> [2010/04/29 14:57:08 | 000,001,566 | ---- | M] ()
IconCache.db -> C:\Documents and Settings\Nathan Dobson\Local Settings\Application Data\IconCache.db -> [2010/04/29 14:57:04 | 003,240,486 | -H-- | M] ()
eRLog.ini -> C:\WINDOWS\System32\eRLog.ini -> [2010/04/29 14:46:00 | 000,000,706 | ---- | M] ()
Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/04/29 12:59:26 | 000,000,643 | ---- | M] ()
AppleSoftwareUpdate.job -> C:\WINDOWS\tasks\AppleSoftwareUpdate.job -> [2010/04/29 12:45:02 | 000,000,284 | ---- | M] ()
RIiYj0K8 -> C:\Documents and Settings\Nathan Dobson\Local Settings\Application Data\RIiYj0K8 -> [2010/04/29 11:39:46 | 000,006,774 | -HS- | M] ()
RIiYj0K8 -> C:\Documents and Settings\All Users\Application Data\RIiYj0K8 -> [2010/04/29 11:39:46 | 000,006,774 | -HS- | M] ()
mapp.bat -> C:\Documents and Settings\Nathan Dobson\Desktop\mapp.bat -> [2010/04/28 23:52:28 | 005,918,776 | ---- | M] (Malwarebytes Corporation                                    )
Yvyroa.exe -> C:\WINDOWS\Yvyroa.exe -> [2010/04/28 21:37:20 | 000,161,280 | ---- | M] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Nathan Dobson\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010/04/28 19:20:48 | 000,066,560 | ---- | M] ()
Old websites (Socecon France).doc -> C:\Documents and Settings\Nathan Dobson\My Documents\Old websites (Socecon France).doc -> [2010/04/25 11:07:20 | 000,079,360 | ---- | M] ()
Old websites.doc -> C:\Documents and Settings\Nathan Dobson\My Documents\Old websites.doc -> [2010/04/24 15:07:14 | 000,039,936 | ---- | M] ()
080925_mschandbook.pdf -> C:\Documents and Settings\Nathan Dobson\Desktop\080925_mschandbook.pdf -> [2010/04/20 14:13:10 | 001,207,785 | ---- | M] ()
imsins.BAK -> C:\WINDOWS\imsins.BAK -> [2010/04/15 08:53:38 | 000,001,374 | ---- | M] ()
for french blog.doc -> C:\Documents and Settings\Nathan Dobson\My Documents\for french blog.doc -> [2010/04/13 11:44:46 | 000,025,600 | ---- | M] ()
Notepad (2).lnk -> C:\Documents and Settings\Nathan Dobson\Desktop\Notepad (2).lnk -> [2010/04/08 11:57:56 | 000,001,415 | ---- | M] ()
Skype.lnk -> C:\Documents and Settings\All Users\Desktop\Skype.lnk -> [2010/04/05 10:36:42 | 000,002,265 | ---- | M] ()
mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation)
mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2010/03/30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation)
FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2010/03/28 12:58:36 | 000,182,632 | ---- | M] ()
playlog.xml -> C:\WINDOWS\System32\playlog.xml -> [2010/03/21 22:31:38 | 000,000,324 | ---- | M] ()
vlc-1.0.5-win32.exe -> C:\Documents and Settings\Nathan Dobson\Desktop\vlc-1.0.5-win32.exe -> [2010/03/21 22:07:02 | 018,499,623 | ---- | M] ()
RapportSetup.exe -> C:\Documents and Settings\Nathan Dobson\Desktop\RapportSetup.exe -> [2010/03/11 12:58:52 | 000,152,808 | ---- | M] (Trusteer Ltd.)
shdocvw.dll -> C:\WINDOWS\System32\dllcache\shdocvw.dll -> [2010/03/10 06:33:42 | 001,509,888 | ---- | M] (Microsoft Corporation)
browseui.dll -> C:\WINDOWS\System32\dllcache\browseui.dll -> [2010/03/10 06:33:38 | 001,025,024 | ---- | M] (Microsoft Corporation)
vbscript.dll -> C:\WINDOWS\System32\vbscript.dll -> [2010/03/09 13:09:18 | 000,430,080 | ---- | M] (Microsoft Corporation)
vbscript.dll -> C:\WINDOWS\System32\dllcache\vbscript.dll -> [2010/03/09 13:09:18 | 000,430,080 | ---- | M] (Microsoft Corporation)
sfi.dat -> C:\WINDOWS\System32\drivers\sfi.dat -> [2010/03/08 09:52:46 | 000,000,272 | ---- | M] ()
COMODO Internet Security.lnk -> C:\Documents and Settings\All Users\Desktop\COMODO Internet Security.lnk -> [2010/03/08 09:34:30 | 000,001,653 | ---- | M] ()
MRT.INI -> C:\WINDOWS\System32\MRT.INI -> [2010/03/06 10:52:08 | 000,000,118 | ---- | M] ()
PPPOE.lnk -> C:\Documents and Settings\All Users\Desktop\PPPOE.lnk -> [2010/03/05 16:29:12 | 000,000,534 | ---- | M] ()
wininet.dll -> C:\WINDOWS\System32\dllcache\wininet.dll -> [2010/02/26 07:43:58 | 000,667,136 | ---- | M] (Microsoft Corporation)
urlmon.dll -> C:\WINDOWS\System32\dllcache\urlmon.dll -> [2010/02/26 07:43:58 | 000,627,712 | ---- | M] (Microsoft Corporation)
mshtml.dll -> C:\WINDOWS\System32\dllcache\mshtml.dll -> [2010/02/26 07:43:56 | 003,073,024 | ---- | M] (Microsoft Corporation)
tdc.ocx -> C:\WINDOWS\System32\dllcache\tdc.ocx -> [2010/02/26 07:43:56 | 000,061,952 | ---- | M] (Microsoft Corporation)
iepeers.dll -> C:\WINDOWS\System32\iepeers.dll -> [2010/02/26 07:43:54 | 000,251,904 | ---- | M] (Microsoft Corporation)
iepeers.dll -> C:\WINDOWS\System32\dllcache\iepeers.dll -> [2010/02/26 07:43:54 | 000,251,904 | ---- | M] (Microsoft Corporation)
ieencode.dll -> C:\WINDOWS\System32\ieencode.dll -> [2010/02/26 07:43:54 | 000,081,920 | ---- | M] (Microsoft Corporation)
ieencode.dll -> C:\WINDOWS\System32\dllcache\ieencode.dll -> [2010/02/26 07:43:54 | 000,081,920 | ---- | M] (Microsoft Corporation)
html.iec -> C:\WINDOWS\System32\html.iec -> [2010/02/25 13:17:24 | 000,369,664 | ---- | M] (Microsoft Corporation)
mrxsmb.sys -> C:\WINDOWS\System32\dllcache\mrxsmb.sys -> [2010/02/24 15:11:08 | 000,455,680 | ---- | M] (Microsoft Corporation)
ntoskrnl.exe -> C:\WINDOWS\System32\ntoskrnl.exe -> [2010/02/17 09:10:28 | 002,189,952 | ---- | M] (Microsoft Corporation)
ntoskrnl.exe -> C:\WINDOWS\System32\dllcache\ntoskrnl.exe -> [2010/02/17 09:10:28 | 002,189,952 | ---- | M] (Microsoft Corporation)
ntkrnlmp.exe -> C:\WINDOWS\System32\dllcache\ntkrnlmp.exe -> [2010/02/16 16:08:50 | 002,146,304 | ---- | M] (Microsoft Corporation)
ntkrnlpa.exe -> C:\WINDOWS\System32\ntkrnlpa.exe -> [2010/02/16 15:25:04 | 002,066,816 | ---- | M] (Microsoft Corporation)
ntkrnlpa.exe -> C:\WINDOWS\System32\dllcache\ntkrnlpa.exe -> [2010/02/16 15:25:04 | 002,066,816 | ---- | M] (Microsoft Corporation)
ntkrpamp.exe -> C:\WINDOWS\System32\dllcache\ntkrpamp.exe -> [2010/02/16 15:25:04 | 002,024,448 | ---- | M] (Microsoft Corporation)
browserchoice.exe -> C:\WINDOWS\System32\browserchoice.exe -> [2010/02/12 11:03:04 | 000,293,376 | ---- | M] (Microsoft Corporation)
6to4svc.dll -> C:\WINDOWS\System32\dllcache\6to4svc.dll -> [2010/02/12 06:33:12 | 000,100,864 | ---- | M] (Microsoft Corporation)
tcpip6.sys -> C:\WINDOWS\System32\drivers\tcpip6.sys -> [2010/02/11 14:02:16 | 000,226,880 | ---- | M] (Microsoft Corporation)
tcpip6.sys -> C:\WINDOWS\System32\dllcache\tcpip6.sys -> [2010/02/11 14:02:16 | 000,226,880 | ---- | M] (Microsoft Corporation)
4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->
4 C:\Documents and Settings\Nathan Dobson\My Documents\*.tmp files -> C:\Documents and Settings\Nathan Dobson\My Documents\*.tmp ->
19 C:\Documents and Settings\Nathan Dobson\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Nathan Dobson\Local Settings\Temp\*.tmp ->
19 C:\Documents and Settings\Nathan Dobson\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Nathan Dobson\Local Settings\Temp\*.tmp ->
100 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp ->
100 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp ->
100 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp ->
1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp ->
1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->
1 C:\Documents and Settings\Nathan Dobson\*.tmp files -> C:\Documents and Settings\Nathan Dobson\*.tmp ->

[Files - No Company Name]
ERUNT AutoBackup.lnk -> C:\Documents and Settings\Nathan Dobson\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk -> [2010/04/29 15:01:59 | 000,000,675 | ---- | C] ()
NTREGOPT.lnk -> C:\Documents and Settings\Nathan Dobson\Desktop\NTREGOPT.lnk -> [2010/04/29 15:01:57 | 000,000,519 | ---- | C] ()
ERUNT.lnk -> C:\Documents and Settings\Nathan Dobson\Desktop\ERUNT.lnk -> [2010/04/29 15:01:57 | 000,000,500 | ---- | C] ()
The_Comedian.exe -> C:\Documents and Settings\Nathan Dobson\Desktop\The_Comedian.exe -> [2010/04/29 15:01:05 | 000,794,112 | ---- | C] ()
lsrslt.ini -> C:\WINDOWS\lsrslt.ini -> [2010/04/29 12:49:10 | 000,001,566 | ---- | C] ()
Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/04/29 00:15:02 | 000,000,643 | ---- | C] ()
verfile.tic -> C:\WINDOWS\System32\drivers\verfile.tic -> [2010/04/28 22:02:57 | 000,000,013 | ---- | C] ()
RIiYj0K8 -> C:\Documents and Settings\Nathan Dobson\Local Settings\Application Data\RIiYj0K8 -> [2010/04/28 21:38:44 | 000,006,774 | -HS- | C] ()
RIiYj0K8 -> C:\Documents and Settings\All Users\Application Data\RIiYj0K8 -> [2010/04/28 21:38:44 | 000,006,774 | -HS- | C] ()
Yvyroa.exe -> C:\WINDOWS\Yvyroa.exe -> [2010/04/28 21:37:43 | 000,161,280 | ---- | C] ()
Old websites (Socecon France).doc -> C:\Documents and Settings\Nathan Dobson\My Documents\Old websites (Socecon France).doc -> [2010/04/25 11:07:18 | 000,079,360 | ---- | C] ()
080925_mschandbook.pdf -> C:\Documents and Settings\Nathan Dobson\Desktop\080925_mschandbook.pdf -> [2010/04/20 14:13:10 | 001,207,785 | ---- | C] ()
for french blog.doc -> C:\Documents and Settings\Nathan Dobson\My Documents\for french blog.doc -> [2010/04/13 11:44:43 | 000,025,600 | ---- | C] ()
playlog.xml -> C:\WINDOWS\System32\playlog.xml -> [2010/03/21 22:24:18 | 000,000,324 | ---- | C] ()
vlc-1.0.5-win32.exe -> C:\Documents and Settings\Nathan Dobson\Desktop\vlc-1.0.5-win32.exe -> [2010/03/21 22:06:09 | 018,499,623 | ---- | C] ()
Old websites.doc -> C:\Documents and Settings\Nathan Dobson\My Documents\Old websites.doc -> [2010/03/21 10:41:12 | 000,039,936 | ---- | C] ()
sfi.dat -> C:\WINDOWS\System32\drivers\sfi.dat -> [2010/03/08 09:52:44 | 000,000,272 | ---- | C] ()
COMODO Internet Security.lnk -> C:\Documents and Settings\All Users\Desktop\COMODO Internet Security.lnk -> [2010/03/08 09:34:28 | 000,001,653 | ---- | C] ()
MRT.INI -> C:\WINDOWS\System32\MRT.INI -> [2010/03/06 10:52:07 | 000,000,118 | ---- | C] ()
PPPOE.lnk -> C:\Documents and Settings\All Users\Desktop\PPPOE.lnk -> [2010/03/05 16:29:11 | 000,000,534 | ---- | C] ()
cdplayer.ini -> C:\WINDOWS\cdplayer.ini -> [2007/12/03 14:02:25 | 000,000,099 | ---- | C] ()
ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2006/09/19 09:40:22 | 000,000,376 | ---- | C] ()
GlobalUserInterface.CompositeFont -> C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont -> [2006/06/29 14:58:52 | 000,030,808 | ---- | C] ()
GlobalSansSerif.CompositeFont -> C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont -> [2006/06/29 14:53:56 | 000,026,489 | ---- | C] ()
eRLog.ini -> C:\WINDOWS\System32\eRLog.ini -> [2006/05/09 11:55:52 | 000,000,706 | ---- | C] ()
GlobalSerif.CompositeFont -> C:\WINDOWS\Fonts\GlobalSerif.CompositeFont -> [2006/04/18 15:39:28 | 000,029,779 | ---- | C] ()
GlobalMonospace.CompositeFont -> C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont -> [2006/04/18 15:39:28 | 000,026,040 | ---- | C] ()
fpprintmon.dll -> C:\WINDOWS\System32\fpprintmon.dll -> [2005/06/11 11:47:00 | 000,045,056 | ---- | C] ()
smscfg.ini -> C:\WINDOWS\smscfg.ini -> [2005/03/30 13:05:21 | 000,000,061 | ---- | C] ()
Acer.ini -> C:\WINDOWS\Acer.ini -> [2005/03/30 12:59:27 | 000,000,033 | ---- | C] ()
uninstall.ini -> C:\WINDOWS\uninstall.ini -> [2005/03/30 12:59:26 | 000,000,313 | ---- | C] ()
NTIBUN4.dll -> C:\WINDOWS\System32\NTIBUN4.dll -> [2005/03/30 12:23:43 | 000,001,024 | RH-- | C] ()
NTIMPEG2.dll -> C:\WINDOWS\System32\NTIMPEG2.dll -> [2005/03/30 12:22:49 | 000,001,024 | RH-- | C] ()
NTIMP3.dll -> C:\WINDOWS\System32\NTIMP3.dll -> [2005/03/30 12:22:49 | 000,001,024 | RH-- | C] ()
NTIFCD3.dll -> C:\WINDOWS\System32\NTIFCD3.dll -> [2005/03/30 12:22:49 | 000,001,024 | RH-- | C] ()
NTICDMK7.dll -> C:\WINDOWS\System32\NTICDMK7.dll -> [2005/03/30 12:22:49 | 000,001,024 | RH-- | C] ()
oeminfo.ini -> C:\WINDOWS\System32\oeminfo.ini -> [2005/03/30 11:59:38 | 000,037,776 | ---- | C] ()
fxsperf.ini -> C:\WINDOWS\System32\fxsperf.ini -> [2005/03/30 11:51:12 | 000,001,793 | ---- | C] ()
UBHelper.sys -> C:\WINDOWS\System32\drivers\UBHelper.sys -> [2004/12/17 17:14:44 | 000,013,952 | ---- | C] ()
tifmicon.dll -> C:\WINDOWS\System32\tifmicon.dll -> [2004/01/13 03:46:34 | 000,172,032 | ---- | C] ()
libeay32.dll -> C:\WINDOWS\System32\libeay32.dll -> [2003/11/20 15:28:00 | 000,651,264 | ---- | C] ()
ssleay32.dll -> C:\WINDOWS\System32\ssleay32.dll -> [2003/11/20 15:28:00 | 000,147,456 | ---- | C] ()
multiplex_vcd.dll -> C:\WINDOWS\System32\multiplex_vcd.dll -> [2001/12/26 16:12:30 | 000,065,536 | R--- | C] ()
Hmpg12.dll -> C:\WINDOWS\System32\Hmpg12.dll -> [2001/09/03 23:46:38 | 000,110,592 | R--- | C] ()
HMPV2_ENC.dll -> C:\WINDOWS\System32\HMPV2_ENC.dll -> [2001/07/30 16:33:56 | 000,118,784 | R--- | C] ()
HMPV2_ENC_MMX.dll -> C:\WINDOWS\System32\HMPV2_ENC_MMX.dll -> [2001/07/23 22:04:36 | 000,118,784 | R--- | C] ()
MSRTEDIT.DLL -> C:\WINDOWS\System32\MSRTEDIT.DLL -> [1999/01/22 19:46:58 | 000,065,536 | ---- | C] ()
ANTIV.INI -> C:\WINDOWS\ANTIV.INI -> [1980/01/01 00:00:00 | 000,002,790 | ---- | C] ()
ALaunch.ini -> C:\WINDOWS\ALaunch.ini -> [1980/01/01 00:00:00 | 000,000,089 | ---- | C] ()

[File - Lop Check]
Trusteer -> C:\Documents and Settings\Default User\Application Data\Trusteer -> [2010/03/20 20:02:48 | 000,000,000 | ---D | M]
Prism -> C:\Documents and Settings\All Users\Application Data\Prism -> [2006/07/10 22:37:12 | 000,000,000 | ---D | M]
NtiDvdCopy -> C:\Documents and Settings\All Users\Application Data\NtiDvdCopy -> [2006/07/19 21:10:28 | 000,000,000 | ---D | M]
Kontiki -> C:\Documents and Settings\All Users\Application Data\Kontiki -> [2008/03/22 13:04:44 | 000,000,000 | ---D | M]
Trusteer -> C:\Documents and Settings\All Users\Application Data\Trusteer -> [2010/03/11 12:59:16 | 000,000,000 | ---D | M]
Trusteer -> C:\Documents and Settings\NetworkService\Application Data\Trusteer -> [2010/03/21 11:36:58 | 000,000,000 | ---D | M]
My Games -> C:\Documents and Settings\Nathan Dobson\Application Data\My Games -> [2007/06/08 19:05:34 | 000,000,000 | ---D | M]
Sports Interactive -> C:\Documents and Settings\Nathan Dobson\Application Data\Sports Interactive -> [2007/11/06 23:14:12 | 000,000,000 | ---D | M]
MSNInstaller -> C:\Documents and Settings\Nathan Dobson\Application Data\MSNInstaller -> [2008/06/23 12:24:20 | 000,000,000 | ---D | M]
TweetDeckFast.F9107117265DB7542C1A806C8DB837742CE14C21.1 -> C:\Documents and Settings\Nathan Dobson\Application Data\TweetDeckFast.F9107117265DB7542C1A806C8DB837742CE14C21.1 -> [2009/03/06 10:56:18 | 000,000,000 | ---D | M]
EoRezo -> C:\Documents and Settings\Nathan Dobson\Application Data\EoRezo -> [2009/03/12 17:32:42 | 000,000,000 | ---D | M]
Spotify -> C:\Documents and Settings\Nathan Dobson\Application Data\Spotify -> [2009/10/29 17:21:10 | 000,000,000 | ---D | M]
Trusteer -> C:\Documents and Settings\Nathan Dobson\Application Data\Trusteer -> [2010/03/11 13:02:20 | 000,000,000 | ---D | M]
B842FDCA20727E3105CCE153642E103D -> C:\Documents and Settings\Nathan Dobson\Application Data\B842FDCA20727E3105CCE153642E103D -> [2010/04/28 21:37:18 | 000,000,000 | ---D | M]
Trusteer -> C:\Documents and Settings\Administrator\Application Data\Trusteer -> [2010/03/20 20:02:48 | 000,000,000 | ---D | M]

[File - Purity Scan]

< End of report >

Attached Files

  • Attached File  ark.log   412.71KB   2 downloads


BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,817 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:12:35 PM

Posted 03 May 2010 - 01:35 PM

Hello,

I observed you are already receiving help at GeekstoGo, In order to avoid confusion, and make the best use of the limited amount of malware removal helpers and their own limited amount of time, this topic is closed. Please do not post in more than one forum, and if you have more topics open elsewhere, please ask that they be closed. Thank you for your cooperation and understanding.

Bleeping Computer Staff

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users