sorry it has taken me so long to reply. here are the logs requested, except for the last part with security check by screen317, i was unable to get a log from that.
superantispyware log:SUPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 09/15/2010 at 10:32 PM
Application Version : 4.43.1000
Core Rules Database Version : 5508
Trace Rules Database Version: 3320
Scan type : Complete Scan
Total Scan Time : 01:46:02
Memory items scanned : 514
Memory threats detected : 1
Registry items scanned : 6918
Registry threats detected : 23
File items scanned : 49179
File threats detected : 91
Trojan.Agent/Gen-Virut
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
[AzMixerSel] C:\PROGRAM FILES\REALTEK\AUDIO\DRIVERS\AZMIXERSEL.EXE
C:\PROGRAM FILES\REALTEK\AUDIO\DRIVERS\AZMIXERSEL.EXE
[SynTPEnh] C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE
[LManager] C:\PROGRA~1\LAUNCH~1\QTZGACER.EXE
C:\PROGRA~1\LAUNCH~1\QTZGACER.EXE
[eRecoveryService] C:\ACER\EMPOWERING TECHNOLOGY\ERECOVERY\ERAGENT.EXE
C:\ACER\EMPOWERING TECHNOLOGY\ERECOVERY\ERAGENT.EXE
[SSBkgdUpdate] C:\PROGRAM FILES\COMMON FILES\SCANSOFT SHARED\SSBKGDUPDATE\SSBKGDUPDATE.EXE
C:\PROGRAM FILES\COMMON FILES\SCANSOFT SHARED\SSBKGDUPDATE\SSBKGDUPDATE.EXE
[ISUSScheduler] C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISSCH.EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISSCH.EXE
[DNS7reminder] C:\PROGRAM FILES\NUANCE\NATURALLYSPEAKING10\EREG\EREG.EXE
C:\PROGRAM FILES\NUANCE\NATURALLYSPEAKING10\EREG\EREG.EXE
[cctray] C:\PROGRAM FILES\CA\CA INTERNET SECURITY SUITE\CCTRAY\CCTRAY.EXE
C:\PROGRAM FILES\CA\CA INTERNET SECURITY SUITE\CCTRAY\CCTRAY.EXE
[CAVRID] C:\PROGRAM FILES\CA\CA INTERNET SECURITY SUITE\CA ANTI-VIRUS\CAVRID.EXE
C:\PROGRAM FILES\CA\CA INTERNET SECURITY SUITE\CA ANTI-VIRUS\CAVRID.EXE
[capfasem] C:\PROGRAM FILES\CA\CA INTERNET SECURITY SUITE\CA PERSONAL FIREWALL\CAPFASEM.EXE
C:\PROGRAM FILES\CA\CA INTERNET SECURITY SUITE\CA PERSONAL FIREWALL\CAPFASEM.EXE
[capfupgrade] C:\PROGRAM FILES\CA\CA INTERNET SECURITY SUITE\CA PERSONAL FIREWALL\CAPFUPGRADE.EXE
C:\PROGRAM FILES\CA\CA INTERNET SECURITY SUITE\CA PERSONAL FIREWALL\CAPFUPGRADE.EXE
[QOELOADER] C:\PROGRAM FILES\CA\CA INTERNET SECURITY SUITE\CA ANTI-SPAM\QSP-6.0.1.33\QOELOADER.EXE
C:\PROGRAM FILES\CA\CA INTERNET SECURITY SUITE\CA ANTI-SPAM\QSP-6.0.1.33\QOELOADER.EXE
[iTunesHelper] C:\PROGRAM FILES\ITUNES\ITUNESHELPER.EXE
C:\PROGRAM FILES\ITUNES\ITUNESHELPER.EXE
[swg] C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBARNOTIFIER\GOOGLETOOLBARNOTIFIER.EXE
C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBARNOTIFIER\GOOGLETOOLBARNOTIFIER.EXE
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\LManager.EXE
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\LManager.EXE#Path
C:\PROGRAM FILES\LAUNCH MANAGER\QTZGACER.EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK.EXE
C:\WINDOWS\FONTS\7PHXWQW2.COM
C:\WINDOWS\TEMP\UGBA\SETUP.EXE
C:\WINDOWS\Prefetch\7PHXWQW2.COM-14C6C4CE.pf
C:\WINDOWS\Prefetch\AZMIXERSEL.EXE-00A97C62.pf
C:\WINDOWS\Prefetch\CAPFASEM.EXE-0D6535ED.pf
C:\WINDOWS\Prefetch\CAPFUPGRADE.EXE-350B5C6F.pf
C:\WINDOWS\Prefetch\CAVRID.EXE-3844A8DC.pf
C:\WINDOWS\Prefetch\CCTRAY.EXE-05A38028.pf
C:\WINDOWS\Prefetch\ERAGENT.EXE-0C495853.pf
C:\WINDOWS\Prefetch\EREG.EXE-379A868B.pf
C:\WINDOWS\Prefetch\GOOGLETOOLBARNOTIFIER.EXE-0047A1C5.pf
C:\WINDOWS\Prefetch\ISSCH.EXE-3AC1D446.pf
C:\WINDOWS\Prefetch\ITUNESHELPER.EXE-0A1B0F2C.pf
C:\WINDOWS\Prefetch\QOELOADER.EXE-334E5C35.pf
C:\WINDOWS\Prefetch\QTTASK .EXE-0813B5E0.pf
C:\WINDOWS\Prefetch\QTTASK .EXE-1CA4659F.pf
C:\WINDOWS\Prefetch\QTTASK .EXE-1F17A010.pf
C:\WINDOWS\Prefetch\QTTASK .EXE-2AEB2148.pf
C:\WINDOWS\Prefetch\QTTASK .EXE-213A88B9.pf
C:\WINDOWS\Prefetch\QTTASK .EXE-01444BFF.pf
C:\WINDOWS\Prefetch\QTTASK .EXE-2A835E82.pf
C:\WINDOWS\Prefetch\QTTASK .EXE-32F537AF.pf
C:\WINDOWS\Prefetch\QTTASK .EXE-0A89F0A0.pf
C:\WINDOWS\Prefetch\QTTASK.EXE-1876A1A1.pf
C:\WINDOWS\Prefetch\QTZGACER.EXE-36077454.pf
C:\WINDOWS\Prefetch\SETUP.EXE-09CB7E1C.pf
C:\WINDOWS\Prefetch\SSBKGDUPDATE.EXE-3153B5F9.pf
C:\WINDOWS\Prefetch\SYNTPENH.EXE-2B70B91C.pf
Adware.Gamevance
HKU\S-1-5-21-2343346937-3917718565-1111921911-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0ED403E8-470A-4A8A-85A4-D7688CFE39A3}
HKCR\CLSID\{0ED403E8-470A-4A8A-85A4-D7688CFE39A3}
HKU\S-1-5-21-2343346937-3917718565-1111921911-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BEAC7DC8-E106-4C6A-931E-5A42E7362883}
HKCR\CLSID\{BEAC7DC8-E106-4C6A-931E-5A42E7362883}
Adware.Tracking Cookie
C:\Documents and Settings\M1\Cookies\m1@questionmarket[2].txt
media.mtvnservices.com [ C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\#SharedObjects\DHL5U2L5 ]
secure-us.imrworldwide.com [ C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\#SharedObjects\DHL5U2L5 ]
cdn.eyewonder.com [ C:\Documents and Settings\M1\Application Data\Macromedia\Flash Player\#SharedObjects\QXC94KBF ]
cdn4.specificclick.net [ C:\Documents and Settings\M1\Application Data\Macromedia\Flash Player\#SharedObjects\QXC94KBF ]
core.insightexpressai.com [ C:\Documents and Settings\M1\Application Data\Macromedia\Flash Player\#SharedObjects\QXC94KBF ]
crackle.com [ C:\Documents and Settings\M1\Application Data\Macromedia\Flash Player\#SharedObjects\QXC94KBF ]
media.mtvnservices.com [ C:\Documents and Settings\M1\Application Data\Macromedia\Flash Player\#SharedObjects\QXC94KBF ]
media.scanscout.com [ C:\Documents and Settings\M1\Application Data\Macromedia\Flash Player\#SharedObjects\QXC94KBF ]
media1.break.com [ C:\Documents and Settings\M1\Application Data\Macromedia\Flash Player\#SharedObjects\QXC94KBF ]
secure-us.imrworldwide.com [ C:\Documents and Settings\M1\Application Data\Macromedia\Flash Player\#SharedObjects\QXC94KBF ]
www.naiadsystems.com [ C:\Documents and Settings\M1\Application Data\Macromedia\Flash Player\#SharedObjects\QXC94KBF ]
C:\Documents and Settings\M1\Cookies\m1@petsex[1].txt
C:\Documents and Settings\M1\Cookies\m1@pornhub[1].txt
C:\Documents and Settings\M1\Cookies\
[email protected][2].txt
C:\Documents and Settings\M1\Cookies\
[email protected][1].txt
cdn.eyewonder.com [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\ZC5Z6ZS6 ]
media.heavy.com [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\ZC5Z6ZS6 ]
media.mtvnservices.com [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\ZC5Z6ZS6 ]
media.scanscout.com [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\ZC5Z6ZS6 ]
media1.break.com [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\ZC5Z6ZS6 ]
objects.tremormedia.com [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\ZC5Z6ZS6 ]
s0.2mdn.net [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\ZC5Z6ZS6 ]
secure-us.imrworldwide.com [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\ZC5Z6ZS6 ]
C:\Documents and Settings\NetworkService\Cookies\system@atdmt[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@liveperson[1].txt
Malware.Trace
HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER#NOFOLDEROPTIONS
HKU\S-1-5-21-2343346937-3917718565-1111921911-1006\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER#NOFOLDEROPTIONS
HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER#NOFOLDEROPTIONS
MalwareBytes log:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.orgDatabase version: 4650
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
9/19/2010 8:06:08 PM
mbam-log-2010-09-19 (20-06-08).txt
Scan type: Full scan (C:\|)
Objects scanned: 182304
Time elapsed: 1 hour(s), 10 minute(s), 1 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 30
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 3
Files Infected: 5
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0ed403e8-470a-4a8a-85a4-d7688cfe39a3} (Adware.Gamevance) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0ed403e8-470a-4a8a-85a4-d7688cfe39a3} (Adware.Gamevance) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> Delete on reboot.
Files Infected:
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\Uninstall Fun Web Products.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Hijack log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:26:47 PM, on 9/19/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfsem.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\agent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\Light\CAGlobalLight.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=0&o=xph&d=0309&m=aoa150R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://go.microsoft.com/fwlink/?LinkId=74005O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (filesize 75128 bytes, MD5 5CF6190CD875DA6B35256FEE573E7908)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (filesize 403840 bytes, MD5 D46ED7D33E847CD9E78E9F02910536B5)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (filesize 259696 bytes, MD5 B2A3EE0D6570BAE9BD90892E0009A6AB)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (filesize 842296 bytes, MD5 085940DBB5DB03B0C60774D193A3B48D)
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (filesize 470512 bytes, MD5 E35BCCB1D1D96F8E5B09C72AF70EC3F6)
O2 - BHO: CA Toolbar Helper - {FBF2401B-7447-4727-BE5D-C19B2075CA84} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\Toolbar\CallingIDIE.dll (filesize 275896 bytes, MD5 32E35BCC54F54D5E94078F87F4F582CE)
O3 - Toolbar: CA Toolbar - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\Toolbar\CallingIDIE.dll (filesize 275896 bytes, MD5 32E35BCC54F54D5E94078F87F4F582CE)
O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\PROGRA~1\TEXTAL~1\TAForIE.dll (filesize 658432 bytes, MD5 1BFA26409E68EDEC9E84147D9315513C)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (filesize 259696 bytes, MD5 B2A3EE0D6570BAE9BD90892E0009A6AB)
O4 - HKLM\..\Run: [LaunchApp] Alaunch (filesize 524288 bytes, MD5 90697BE8C7B127DD4AE9E01BC3FF1D44)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 (filesize 208952 bytes, MD5 7BBE4CF421AECC7F0226EDD75F12079F)
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC (filesize 455168 bytes, MD5 024DC0F68DF5FD6AE9DD82DFBAF479D6)
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName (filesize 455168 bytes, MD5 024DC0F68DF5FD6AE9DD82DFBAF479D6)
O4 - HKLM\..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe
O4 - HKLM\..\Run: [cafw] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe -cl (filesize 771312 bytes, MD5 ADEADCD30EF7B161F42E68B5BD648459)
O4 - HKLM\..\Run: [ISUSPM Startup] c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime (filesize 421888 bytes, MD5 CC065D46387E4A7E6FF99D7BB5C1769D)
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW (filesize 1164584 bytes, MD5 8BF167D30A11F4F06FB14BC6874192B2)
O4 - HKLM\..\RunOnce: [MyWebSearch bar Uninstall] rundll32 C:\PROGRA~1\UNINST~1.DLL,O -3
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MKWPtRc] C:\WINDOWS\TEMP\skauk24u.exe
O4 - HKCU\..\Run: [MKWPtpf] C:\WINDOWS\TEMP\iexplarer.exe
O4 - HKCU\..\Run: [MKWPiih] C:\WINDOWS\TEMP\yn2qnxt1y.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (filesize 123904 bytes, MD5 B5C9F63C01FCFEC3F64EC6A0940A1825)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Save Web Page to askSam 7... - C:\Program Files\askSam\asksam7\ASAdd.htm (filesize 1334 bytes, MD5 BA3D0F7E5493C2E0050595A3DD83EB88)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm (filesize 2773 bytes, MD5 4C0E542CD640E957D91B32FFEA28BE12)
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (filesize 187224 bytes, MD5 19737BD6606A96AB311BBC87659626AC)
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (filesize 187224 bytes, MD5 19737BD6606A96AB311BBC87659626AC)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (filesize 39464 bytes, MD5 AEF204E782BFA2C8448CB43A58960744)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (filesize 558080 bytes, MD5 AAC1D4EE39DF138C5D30AC5883E3B59F)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (filesize 558080 bytes, MD5 AAC1D4EE39DF138C5D30AC5883E3B59F)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (filesize 1695232 bytes, MD5 3E930C641079443D4DE036167A69CAA2)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (filesize 1695232 bytes, MD5 3E930C641079443D4DE036167A69CAA2)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/SmileyCentralInitialSetup1.0.1.1.cabO16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) -
https://connect.yumaregional.org/CitrixSessionInit/ICAWEB/icaweb.cabO16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) -
http://download.divx.com/player/DivXBrowserPlugin.cabO16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) -
http://utilities.pcpitstop.com/optimize2/pcpitstop2.dllO18 - Protocol: asksam7 - {7176DE82-982D-4F2B-A562-9D0BBE96DEBC} - C:\Program Files\askSam\asksam7\AS7_AIPP.dll (filesize 307400 bytes, MD5 11CB67EBDFFEE475857F6D5853127A1F)
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (filesize 470512 bytes, MD5 E35BCCB1D1D96F8E5B09C72AF70EC3F6)
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLLC:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exeC:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exeC:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exeC:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeC:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exeC:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeC:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exeC:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exeC:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: PPCtlPriv - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exeC:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
O23 - Service: HIPS Event Manager (UmxAgent) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exeC:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
O23 - Service: HIPS Configuration Interpreter (UmxCfg) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exeC:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
O23 - Service: HIPS Firewall Helper (UmxFwHlp) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exeC:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
O23 - Service: HIPS Policy Manager (UmxPol) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exeC:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exeC:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
--
End of file - 12508 bytes