SUPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 04/11/2012 at 09:40 PM
Application Version : 5.0.1146
Core Rules Database Version : 8445
Trace Rules Database Version: 6257
Scan type : Complete Scan
Total Scan Time : 00:36:47
Operating System Information
Windows Vista Home Basic 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User
Memory items scanned : 548
Memory threats detected : 0
Registry items scanned : 34404
Registry threats detected : 0
File items scanned : 110403
File threats detected : 132
Adware.Tracking Cookie
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\2MAZM7JS.txt [ /imrworldwide.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\T89D52DT.txt [ /ru4.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\QT4C81IJ.txt [ /fastclick.net ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\SN9L0RR1.txt [ /stats.townnews.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\4PC5CUU7.txt [ /zedo.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\H6FBSSCB.txt [ /nakedsecurity.sophos.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\9UXPYEB3.txt [ /dmtracker.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\WDWZNQKB.txt [ /mediaplex.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\TDVAXJN7.txt [ /tacoda.at.atwola.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\G74YB4DG.txt [ /pointroll.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\I08F58IA.txt [ /media6degrees.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\ZDALF2ZO.txt [ /ar.atwola.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\XM4QC0XF.txt [ /adserver.zonemedia.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\SBQV623J.txt [ /ad.yieldmanager.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\2KVFEYJD.txt [ /revsci.net ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\CADBJ1E9.txt [ /atwola.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\C82X5QA4.txt [ /a1.interclick.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\M1OKWWZM.txt [ /invitemedia.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\GHA4CR89.txt [ /atdmt.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\YBJ0U8JQ.txt [ /serving-sys.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\0QDM4BB2.txt [ /doubleclick.net ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\2JRXP33I.txt [ /interclick.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\8Q5HSULM.txt [ /newsday.122.2o7.net ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\MW7SJ0HA.txt [ /lucidmedia.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\7DX58I2E.txt [ /adinterax.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\MP8EH22L.txt [ /collective-media.net ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\4RWUJZYK.txt [ /accounts.google.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\I2COENIA.txt [ /ads.pointroll.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\VM4K3QWO.txt [ /kanoodle.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\5PUZWJPV.txt [ /amazon-adsystem.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\QJQSZ5WC.txt [ /at.atwola.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\9Z82S17M.txt [ /insightexpressai.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\QMJY3756.txt [ /adbrite.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\S8TTJTTF.txt [ /yieldmanager.net ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\4UOMO1YQ.txt [ /apmebf.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\R5SEG09N.txt [ /adxpose.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\HDW1PYIC.txt [ /legolas-media.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\ZSH8I88R.txt [ /bs.serving-sys.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\78K6I2EB.txt [ /pro-market.net ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\352VNXX5.txt [ /statse.webtrendslive.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\HGIXVXNG.txt [ /kontera.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\VE9UFXAX.txt [ /questionmarket.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\Q0XTVIUY.txt [ /adserver.adtechus.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\YVQL8L2D.txt [ /tribalfusion.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\NU0QFF4H.txt [ /statcounter.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\6M9QXOXZ.txt [ /usnews.122.2o7.net ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\PUG75BBI.txt [ /adtech.de ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\FNO286LW.txt [ /walmartstores.112.2o7.net ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\K23VD2LN.txt [ /ads.nba.com ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\X3FSS2TF.txt [ /2o7.net ]
C:\Users\Bijeaux Family\AppData\Roaming\Microsoft\Windows\Cookies\9O9FMYR2.txt [ /advertising.com ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\H7SE1IUI.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\BHOWQC7E.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\7U8XZV4G.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\ULD2TFFU.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\M85AARY1.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\6PJI5DX1.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\Q3I6ERA2.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\UBWP19IC.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\51HBR3PV.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\PN5O96TM.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\O70CCWI5.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\510OAGFU.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\SO892DXH.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\ABWNGB8Z.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\AppData\Roaming\Microsoft\Windows\Cookies\EFB99AKD.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\Cookies\H7SE1IUI.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\Cookies\BHOWQC7E.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\Cookies\7U8XZV4G.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\Cookies\ULD2TFFU.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\Cookies\M85AARY1.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\Cookies\6PJI5DX1.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\Cookies\Q3I6ERA2.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\Cookies\UBWP19IC.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\Cookies\51HBR3PV.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\Cookies\PN5O96TM.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\Cookies\O70CCWI5.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\Cookies\510OAGFU.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\Cookies\SO892DXH.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\Cookies\ABWNGB8Z.txt [ Cookie:
[email protected]/ ]
C:\USERS\ADMINISTRATOR\Cookies\EFB99AKD.txt [ Cookie:
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\F3RM4PGC.txt [ Cookie:bijeaux
[email protected]/adserving ]
C:\USERS\BIJEAUX FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\ZKF5C9NQ.txt [ Cookie:bijeaux
[email protected]/click/ ]
C:\USERS\BIJEAUX FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\UQV5FVK5.txt [ Cookie:bijeaux
[email protected]/servlet/ajrotator/track/pt737014 ]
C:\USERS\BIJEAUX FAMILY\Cookies\2MAZM7JS.txt [ Cookie:bijeaux
[email protected]/cgi-bin ]
C:\USERS\BIJEAUX FAMILY\Cookies\T89D52DT.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\QT4C81IJ.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\SN9L0RR1.txt [ Cookie:bijeaux
[email protected]/iberianet.com/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\H6FBSSCB.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\9UXPYEB3.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\TDVAXJN7.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\G74YB4DG.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\I08F58IA.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\ZDALF2ZO.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\2KVFEYJD.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\C82X5QA4.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\F3RM4PGC.txt [ Cookie:bijeaux
[email protected]/adserving ]
C:\USERS\BIJEAUX FAMILY\Cookies\GHA4CR89.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\0QDM4BB2.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\MW7SJ0HA.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\7DX58I2E.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\MP8EH22L.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\I2COENIA.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\VM4K3QWO.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\5PUZWJPV.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\QMJY3756.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\S8TTJTTF.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\4UOMO1YQ.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\R5SEG09N.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\ZSH8I88R.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\78K6I2EB.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\352VNXX5.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\HGIXVXNG.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\VE9UFXAX.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\Q0XTVIUY.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\YVQL8L2D.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\NU0QFF4H.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\6M9QXOXZ.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\PUG75BBI.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\ZKF5C9NQ.txt [ Cookie:bijeaux
[email protected]/click/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\X3FSS2TF.txt [ Cookie:bijeaux
[email protected]/ ]
C:\USERS\BIJEAUX FAMILY\Cookies\UQV5FVK5.txt [ Cookie:bijeaux
[email protected]/servlet/ajrotator/track/pt737014 ]
C:\USERS\BIJEAUX FAMILY\Cookies\9O9FMYR2.txt [ Cookie:bijeaux
[email protected]/ ]
core.insightexpressai.com [ C:\USERS\BIJEAUX FAMILY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\9LUUG7MW ]
picayune.uclick.com [ C:\USERS\BIJEAUX FAMILY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\9LUUG7MW ]
s0.2mdn.net [ C:\USERS\BIJEAUX FAMILY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\9LUUG7MW ]
secure-us.imrworldwide.com [ C:\USERS\BIJEAUX FAMILY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\9LUUG7MW ]
PUP.CNETInstaller
C:\USERS\BIJEAUX FAMILY\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\A2A77H75\CNET2_SPYWARETERMINATORSETUP_EXE.EXE
C:\USERS\BIJEAUX FAMILY\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\XNLZTRS4\CNET2_SOPHOS CONFICKER CLEANUP TOOL_MSI.EXE
C:\USERS\BIJEAUX FAMILY\APPDATA\LOCAL\TEMP\ICREINSTALL\CNET2_SOPHOS CONFICKER CLEANUP TOOL_MSI.EXE
C:\USERS\BIJEAUX FAMILY\APPDATA\LOCAL\TEMP\ICREINSTALL\CNET2_SPYWARETERMINATORSETUP_EXE.EXE
Rogue.Agent/Gen-Nullo[BIN]
C:\WINDOWS\SYSTEM32\REGHIVEDATA.BIN
Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.orgDatabase version: v2012.04.12.01
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Bijeaux Family :: BIJEAUXFAMIL-PC [administrator]
Protection: Disabled
4/11/2012 10:41:06 PM
mbam-log-2012-04-11 (22-41-06).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 301492
Time elapsed: 24 minute(s), 46 second(s)
Memory Processes Detected: 1
C:\Windows\Temp\6f9ffa35191f0666 (Rootkit.TDSS) -> 2992 -> Delete on reboot.
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 9
C:\Windows\Temp\6f9ffa35191f0666 (Rootkit.TDSS) -> Delete on reboot.
C:\Users\Bijeaux Family\AppData\LocalLow\DotSpot_2kEI\Installr\Cache\01C4ECD7.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Users\Bijeaux Family\AppData\LocalLow\GamingWonderlandEI\Installr\Cache\00BD85A6.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
c:\windows\syshost.exe (Trojan.Downloader) -> Delete on reboot.
c:\users\administrator\appdata\local\temp\syshost.exe (Spyware.Agent) -> Delete on reboot.
c:\users\bijeaux family\appdata\local\temp\syshost.exe (Spyware.Agent) -> Delete on reboot.
c:\windows\serviceprofiles\localservice\appdata\local\temp\syshost.exe (Spyware.Agent) -> Delete on reboot.
c:\windows\serviceprofiles\networkservice\appdata\local\temp\syshost.exe (Spyware.Agent) -> Delete on reboot.
c:\windows\temp\syshost.exe (Spyware.Agent) -> Delete on reboot.
(end)
ComboFix 12-04-11.03 - Bijeaux Family 04/11/2012 23:23:08.1.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3069.2159 [GMT -5:00]
Running from: c:\users\Bijeaux Family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GNXLD7QY\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Bijeaux Family\AppData\Roaming\log.txt
c:\users\Bijeaux Family\Documents\ShopToWin
c:\windows\system32\drivers\a635242095ee24.sys . . . . Failed to delete
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_syshost32
-------\Legacy_a635242095ee24
-------\Service_a635242095ee24
.
.
((((((((((((((((((((((((( Files Created from 2012-03-12 to 2012-04-12 )))))))))))))))))))))))))))))))
.
.
2012-04-12 02:46 . 2012-04-12 02:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-04-12 02:46 . 2012-04-04 20:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-12 01:53 . 2012-04-12 01:53 -------- d-----w- c:\users\Bijeaux Family\AppData\Roaming\SUPERAntiSpyware.com
2012-04-12 01:53 . 2012-04-12 01:53 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-04-12 01:53 . 2012-04-12 01:53 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-04-12 01:37 . 2012-04-12 01:37 -------- d-----w- c:\program files\Java
2012-04-11 23:56 . 2012-04-11 23:56 101391 ----a-w- c:\programdata\1334188428.bdinstall.bin
2012-04-11 23:56 . 2012-04-11 23:56 -------- d-----w- c:\program files\Bitdefender
2012-04-11 23:45 . 2012-04-11 23:45 -------- d-----w- c:\program files\Google
2012-04-11 23:45 . 2012-03-06 23:01 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-04-11 23:45 . 2012-03-06 23:03 337880 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-04-11 23:45 . 2012-03-06 23:02 35672 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-04-11 23:45 . 2012-03-06 23:01 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-04-11 23:45 . 2012-03-06 23:03 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-04-11 23:45 . 2012-03-06 23:01 57688 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-04-11 23:44 . 2012-03-06 23:15 41184 ----a-w- c:\windows\avastSS.scr
2012-04-11 23:44 . 2012-03-06 23:15 201352 ----a-w- c:\windows\system32\aswBoot.exe
2012-04-11 23:44 . 2012-04-11 23:44 -------- d-----w- c:\programdata\AVAST Software
2012-04-11 23:44 . 2012-04-11 23:44 -------- d-----w- c:\program files\AVAST Software
2012-04-11 21:25 . 2012-04-11 21:25 -------- d-----w- c:\windows\Sun
2012-04-11 21:14 . 2012-04-11 21:15 213210 ----a-w- c:\programdata\1334171976.bdinstall.bin
2012-04-11 20:21 . 2012-04-11 20:21 -------- d-----w- c:\programdata\BDLogging
2012-04-11 19:32 . 2012-04-11 19:32 -------- d-----w- c:\users\Bijeaux Family\AppData\Roaming\QuickScan
2012-04-11 19:09 . 2012-04-11 23:56 -------- d-----w- c:\program files\Common Files\Bitdefender
2012-04-11 17:07 . 2012-04-11 17:07 65536 ----a-r- c:\users\Bijeaux Family\AppData\Roaming\Microsoft\Installer\{2c557f98-ef74-4a1e-a856-9df2f633b41f}\gui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2012-04-11 17:07 . 2012-04-11 17:07 65536 ----a-r- c:\users\Bijeaux Family\AppData\Roaming\Microsoft\Installer\{2c557f98-ef74-4a1e-a856-9df2f633b41f}\gui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2012-04-11 17:07 . 2012-04-11 17:07 65536 ----a-r- c:\users\Bijeaux Family\AppData\Roaming\Microsoft\Installer\{2c557f98-ef74-4a1e-a856-9df2f633b41f}\ARPPRODUCTICON.exe
2012-04-11 17:07 . 2012-04-11 17:07 -------- d-----w- c:\program files\Sophos
2012-04-11 15:30 . 2012-04-11 15:30 -------- d-----w- c:\windows\system32\MpEngineStore
2012-04-11 06:44 . 2012-04-11 06:44 -------- d-----w- c:\program files\COMODO
2012-04-11 05:27 . 2012-04-11 05:27 -------- d-----w- c:\programdata\RegSERVO
2012-04-11 05:26 . 2012-04-11 05:26 -------- d-----w- c:\program files\REGSERVO
2012-04-11 04:59 . 2012-04-11 06:04 -------- d-----w- c:\programdata\SecTaskMan
2012-04-11 04:59 . 2012-04-11 04:59 -------- d-----w- c:\program files\Security Task Manager
2012-04-11 03:26 . 2012-04-11 03:24 1081112 ----a-w- c:\windows\system32\wuaueng (1).dll
2012-04-11 03:14 . 2012-04-11 03:14 0 ----a-w- c:\windows\system32\reset.cmd
2012-04-11 02:03 . 2011-06-21 16:24 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2012-04-11 02:02 . 2012-04-11 19:52 -------- d-----w- c:\program files\Spyware Terminator
2012-04-11 00:47 . 2012-04-11 00:49 -------- d-----w- C:\6222442e9022c34053a88e
2012-04-11 00:33 . 2012-04-11 19:52 -------- d-----w- c:\windows\MATS
2012-04-11 00:33 . 2012-04-11 19:52 -------- d-----w- c:\program files\Microsoft Fix it Center
2012-03-30 01:38 . 2012-03-30 01:38 18944 ----a-r- c:\users\Bijeaux Family\AppData\Roaming\Microsoft\Installer\{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}\IconBB6A16301.exe
2012-03-30 01:38 . 2012-03-30 01:38 -------- d-----w- c:\users\Bijeaux Family\AppData\Local\I Want This
2012-03-27 20:22 . 2012-04-11 01:59 -------- d-----w- C:\temp
2012-03-27 20:22 . 2012-03-27 20:27 -------- d-----w- c:\windows\SystemRepair
2012-03-27 20:22 . 2012-03-27 20:22 -------- d-----w- c:\users\Bijeaux Family\AppData\Roaming\AOL
2012-03-27 20:21 . 2012-04-11 00:05 -------- d-----w- c:\program files\AOL Computer Checkup
2012-03-27 00:00 . 2012-03-27 00:00 -------- d-----w- c:\users\Bijeaux Family\AppData\Roaming\Floodlight Games
2012-03-27 00:00 . 2012-03-27 00:00 -------- d-----w- c:\programdata\Floodlight Games
2012-03-22 20:50 . 2012-04-09 05:05 -------- d--h--w- c:\program files\InstallShield Installation Information
2012-03-22 20:50 . 2012-03-22 20:52 -------- d-----w- c:\program files\GMATPrep
2012-03-21 22:24 . 2012-03-21 22:24 -------- d-----w- c:\programdata\GameTap Web Player
2012-03-21 02:03 . 2012-03-21 02:03 -------- d-----w- c:\users\Bijeaux Family\AppData\Roaming\FamilyVacationCalifornia
2012-03-19 18:56 . 2012-03-19 18:56 -------- d-----w- c:\users\Bijeaux Family\AppData\Roaming\PlayFirst
2012-03-19 18:56 . 2012-03-19 18:56 -------- d-----w- c:\programdata\PlayFirst
2012-03-19 04:52 . 2012-03-19 04:52 -------- d-----w- c:\users\Bijeaux Family\AppData\Roaming\PeerNetworking
2012-03-18 20:00 . 2012-03-18 20:00 -------- d-----w- c:\users\Bijeaux Family\AppData\Roaming\Virtual Prophecy
2012-03-14 23:13 . 2012-03-14 23:13 -------- d-----w- c:\users\Bijeaux Family\AppData\Roaming\HitPoint Studios
2012-03-14 23:13 . 2012-03-14 23:13 -------- d-----w- c:\programdata\HitPoint Studios
2012-03-14 22:55 . 2012-03-15 00:19 -------- d-----w- c:\users\Bijeaux Family\AppData\Roaming\Freshy
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-12 01:37 . 2012-02-14 04:30 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-05 22:30 . 2012-01-21 19:02 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-19 19:08 . 2012-02-19 19:07 300187612 ----a-w- c:\program files\reg.reg
2012-02-19 18:54 . 2012-02-19 18:54 1329 ----a-w- c:\program files\reset.cmd
2012-02-19 18:54 . 2012-02-19 18:54 379392 ----a-w- c:\program files\subinacl.msi
2012-02-19 16:06 . 2012-02-19 16:06 512992 ----a-w- c:\program files\sdsetup_revwire207.exe
2012-02-17 21:45 . 2012-02-17 21:45 447208 ----a-w- c:\windows\system32\drivers\avckf.sys
2012-02-15 17:08 . 2012-02-15 17:08 348256 ----a-w- c:\programdata\Microsoft\VSTAHost\CorelPHOTOPAINT\9.0\1033\ResourceCache.dll
2012-02-15 17:07 . 2012-02-15 17:07 348256 ----a-w- c:\programdata\Microsoft\VSTAHost\CorelDRAW\9.0\1033\ResourceCache.dll
2012-02-15 17:06 . 2012-02-15 17:06 416 ----a-w- c:\programdata\Microsoft\MSDN\9.0\1033\ResourceCache.dll
2012-02-01 02:26 . 2012-02-01 04:18 131194 ----a-w- C:\steambackup.exe
2012-01-28 15:07 . 2012-01-28 15:07 86528 ----a-w- c:\windows\system32\iesysprep.dll
2012-01-28 15:07 . 2012-01-28 15:07 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-01-28 15:07 . 2012-01-28 15:07 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-01-28 15:07 . 2012-01-28 15:07 63488 ----a-w- c:\windows\system32\tdc.ocx
2012-01-28 15:07 . 2012-01-28 15:07 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-01-28 15:07 . 2012-01-28 15:07 161792 ----a-w- c:\windows\system32\msls31.dll
2012-01-28 15:07 . 2012-01-28 15:07 1127424 ----a-w- c:\windows\system32\wininet.dll
2012-01-28 15:07 . 2012-01-28 15:07 74752 ----a-w- c:\windows\system32\iesetup.dll
2012-01-28 15:07 . 2012-01-28 15:07 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-01-28 15:07 . 2012-01-28 15:07 367104 ----a-w- c:\windows\system32\html.iec
2012-01-28 15:07 . 2012-01-28 15:07 35840 ----a-w- c:\windows\system32\imgutil.dll
2012-01-28 15:07 . 2012-01-28 15:07 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-01-28 15:07 . 2012-01-28 15:07 23552 ----a-w- c:\windows\system32\licmgr10.dll
2012-01-28 15:07 . 2012-01-28 15:07 1798144 ----a-w- c:\windows\system32\jscript9.dll
2012-01-28 15:07 . 2012-01-28 15:07 152064 ----a-w- c:\windows\system32\wextract.exe
2012-01-28 15:07 . 2012-01-28 15:07 150528 ----a-w- c:\windows\system32\iexpress.exe
2012-01-28 15:07 . 2012-01-28 15:07 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-01-28 15:07 . 2012-01-28 15:07 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2012-01-28 15:07 . 2012-01-28 15:07 11776 ----a-w- c:\windows\system32\mshta.exe
2012-01-28 15:07 . 2012-01-28 15:07 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-01-28 15:07 . 2012-01-28 15:07 101888 ----a-w- c:\windows\system32\admparse.dll
2012-01-28 15:05 . 2012-01-28 15:05 98816 ----a-w- c:\windows\system32\mfps.dll
2012-01-28 15:05 . 2012-01-28 15:05 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2012-01-28 15:05 . 2012-01-28 15:05 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2012-01-28 15:05 . 2012-01-28 15:05 302592 ----a-w- c:\windows\system32\mfmp4src.dll
2012-01-28 15:05 . 2012-01-28 15:05 2873344 ----a-w- c:\windows\system32\mf.dll
2012-01-28 15:05 . 2012-01-28 15:05 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
2012-01-28 15:05 . 2012-01-28 15:05 586240 ----a-w- c:\windows\system32\stobject.dll
2012-01-28 15:05 . 2012-01-28 15:05 209920 ----a-w- c:\windows\system32\mfplat.dll
2012-01-28 15:05 . 2012-01-28 15:05 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2012-01-28 15:05 . 2012-01-28 15:05 847360 ----a-w- c:\windows\system32\OpcServices.dll
2012-01-28 15:05 . 2012-01-28 15:05 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-01-28 15:05 . 2012-01-28 15:05 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2012-01-28 15:05 . 2012-01-28 15:05 638336 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-01-28 15:05 . 2012-01-28 15:05 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2012-01-28 15:05 . 2012-01-28 15:05 478720 ----a-w- c:\windows\system32\dxgi.dll
2012-01-28 15:05 . 2012-01-28 15:05 37376 ----a-w- c:\windows\system32\cdd.dll
2012-01-28 15:05 . 2012-01-28 15:05 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2012-01-28 15:05 . 2012-01-28 15:05 258048 ----a-w- c:\windows\system32\winspool.drv
2012-01-28 15:05 . 2012-01-28 15:05 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-01-28 15:05 . 2012-01-28 15:05 189952 ----a-w- c:\windows\system32\d3d10core.dll
2012-01-28 15:05 . 2012-01-28 15:05 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-01-28 15:05 . 2012-01-28 15:05 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-01-28 15:05 . 2012-01-28 15:05 1029120 ----a-w- c:\windows\system32\d3d10.dll
2012-01-28 15:05 . 2012-01-28 15:05 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2012-01-28 15:05 . 2012-01-28 15:05 4096 ----a-w- c:\windows\system32\drivers\en-US\dxgkrnl.sys.mui
2012-01-28 15:05 . 2012-01-28 15:05 519680 ----a-w- c:\windows\system32\d3d11.dll
2012-01-28 15:05 . 2012-01-28 15:05 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2012-01-28 15:05 . 2012-01-28 15:05 252928 ----a-w- c:\windows\system32\dxdiag.exe
2012-01-28 15:05 . 2012-01-28 15:05 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2012-01-28 15:05 . 2012-01-28 15:05 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2012-01-28 15:05 . 2012-01-28 15:05 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2012-01-28 15:05 . 2012-01-28 15:05 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2012-01-27 06:21 . 2012-01-22 15:13 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-24 14:28 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2012-01-24 14:28 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2012-01-23 14:58 . 2012-01-23 14:58 411648 ----a-w- c:\windows\system32\drivers\http.sys
2012-01-23 14:58 . 2012-01-23 14:58 36864 ----a-w- c:\windows\system32\drivers\en-US\http.sys.mui
2012-01-23 14:58 . 2012-01-23 14:58 30720 ----a-w- c:\windows\system32\httpapi.dll
2012-01-23 14:58 . 2012-01-23 14:58 24064 ----a-w- c:\windows\system32\nshhttp.dll
2012-01-22 18:12 . 2012-01-22 18:12 23552 ----a-w- c:\windows\system32\lpk.dll
2012-01-22 18:12 . 2012-01-22 18:12 10240 ----a-w- c:\windows\system32\dciman32.dll
2012-01-22 18:09 . 2012-01-22 18:09 61440 ----a-w- c:\windows\system32\winipsec.dll
2012-01-22 18:09 . 2012-01-22 18:09 272896 ----a-w- c:\windows\system32\polstore.dll
2012-01-22 18:03 . 2012-01-22 18:03 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2012-01-22 18:03 . 2012-01-22 18:03 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2012-01-22 18:03 . 2012-01-22 18:03 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2012-01-22 18:03 . 2012-01-22 18:03 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2012-01-22 18:03 . 2012-01-22 18:03 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2012-01-22 18:03 . 2012-01-22 18:03 105984 ----a-w- c:\windows\system32\netiohlp.dll
2012-01-22 18:03 . 2012-01-22 18:03 10240 ----a-w- c:\windows\system32\finger.exe
2012-01-22 18:03 . 2012-01-22 18:03 19968 ----a-w- c:\windows\system32\ARP.EXE
2012-01-22 18:00 . 2012-01-22 18:00 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2012-01-22 18:00 . 2012-01-22 18:00 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2012-01-22 18:00 . 2012-01-22 18:00 65024 ----a-w- c:\windows\system32\wlanapi.dll
2012-01-22 18:00 . 2012-01-22 18:00 513536 ----a-w- c:\windows\system32\wlansvc.dll
2012-01-22 18:00 . 2012-01-22 18:00 302592 ----a-w- c:\windows\system32\wlansec.dll
2012-01-22 18:00 . 2012-01-22 18:00 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2012-01-22 18:00 . 2012-01-22 18:00 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs
2012-01-22 17:59 . 2012-01-22 17:59 2048 ----a-w- c:\windows\system32\msxml3r.dll
2012-01-22 17:59 . 2012-01-22 17:59 1401856 ----a-w- c:\windows\system32\msxml6.dll
2012-01-22 17:59 . 2012-01-22 17:59 2048 ----a-w- c:\windows\system32\msxml6r.dll
2012-01-22 17:57 . 2012-01-22 17:57 218624 ----a-w- c:\windows\system32\msv1_0.dll
2012-01-22 17:54 . 2012-01-22 17:54 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2012-01-22 17:54 . 2012-01-22 17:54 24576 ----a-w- c:\windows\system32\mfpmp.exe
2012-01-22 17:54 . 2012-01-22 17:54 2048 ----a-w- c:\windows\system32\mferror.dll
2012-01-22 17:49 . 2012-01-22 17:49 71680 ----a-w- c:\windows\system32\atl.dll
2012-01-22 17:41 . 2012-01-22 17:41 160256 ----a-w- c:\windows\system32\wkssvc.dll
2012-01-22 17:40 . 2012-01-22 17:40 53248 ----a-w- c:\windows\system32\tsgqec.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"lxdnmon.exe"="c:\program files\Lexmark 2600 Series\lxdnmon.exe" [2010-02-04 660136]
"EzPrint"="c:\program files\Lexmark 2600 Series\ezprint.exe" [2010-02-04 107176]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-17 4907008]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2012-01-29 421888]
"MakiwaraNotify"="c:\program files\AOL Computer Checkup\sdccont.exe" [2012-01-20 816536]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_SZ
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 253600]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-05 77824]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - A635242095EE24
*NewlyCreated* - WS2IFSL
*Deregistered* - a635242095ee24
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 22:30]
.
2012-03-28 c:\windows\Tasks\MainUIModule_AOL_Computer Checkup_{BDA49F87-1626-484F-AB5B-41EA29B28AD7}.job
- c:\program files\AOL Computer Checkup\sdccont.exe [2012-01-20 10:54]
.
2012-04-11 c:\windows\Tasks\RegSERVO.job
- c:\program files\REGSERVO\RegSERVO.exe [2010-08-19 16:45]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: Lookup on Merriam Webster
IE: Lookup on Wikipedia
IE: Search the Web - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
TCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{f92a9fe4-2850-4198-b9d5-279880e49b16} - (no file)
URLSearchHooks-{e4878b45-e2c0-4307-b6e8-734922f92f5b} - (no file)
Toolbar-10 - (no file)
WebBrowser-{F92A9FE4-2850-4198-B9D5-279880E49B16} - (no file)
WebBrowser-{D1C40BDF-7D78-4F25-8751-E772413A6CF0} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{E4878B45-E2C0-4307-B6E8-734922F92F5B} - (no file)
WebBrowser-{CD3FEA81-A221-4E47-983E-F7DA6E62B59D} - (no file)
HKCU-Run-Comp_isv - c:\programdata\comprver.dll
MSConfigStartUp-ApnUpdater - c:\program files\Ask.com\Updater\Updater.exe
.
.
.
**************************************************************************
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files:
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\a635242095ee24]
"ImagePath"="\SystemRoot\System32\Drivers\a635242095ee24.sys"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\syshost32]
"ImagePath"="\"c:\windows\Installer\{B06C668B-58C3-BE66-7ED1-74E15E7E28A3}\syshost.exe\" /service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5
977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,07,ba,d6,2e,49,22,65,48,86,75,6e,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839
E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,07,ba,d6,2e,49,22,65,48,86,75,6e,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\atiesrxx.exe
c:\program files\AOL Computer Checkup\SDCService.exe
c:\windows\system32\atieclxx.exe
c:\windows\system32\lxdncoms.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\windows\system32\locator.exe
c:\windows\RtHDVCpl.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\windows\TEMP\6f9ffa35191f0666
.
**************************************************************************
.
Completion time: 2012-04-11 23:34:45 - machine was rebooted
ComboFix-quarantined-files.txt 2012-04-12 04:34
.
Pre-Run: 736,278,319,104 bytes free
Post-Run: 736,419,139,584 bytes free
.
- - End Of File - - E5882730A36942FA1A1174ACA06F3AAE