Author Topic: Malware Removal help (Read 17157 times)

evilstar · « **on:** July 16, 2010, 06:11:34 AM »

Hello this is evilstar... i need help removing spyware... my ISP keep blocking my laptop from accessing the internet sometimes, sending me a message saying that my laptop is spamming... for some reason my laptop has no viruses but full of spywares... can someone help me remove this spywares and solve my misery... thanks in advanced

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/16/2010 at 00:55 AM

Application Version : 4.40.1002

Core Rules Database Version : 5206
Trace Rules Database Version: 3018

Scan type : Complete Scan
Total Scan Time : 02:49:50

Memory items scanned : 607
Memory threats detected : 0
Registry items scanned : 7832
Registry threats detected : 0
File items scanned : 57578
File threats detected : 255

Adware.Flash Tracking Cookie
   C:\Documents and Settings\LENOVO\Application Data\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GHM5J7YS\142.MEMECOUNTER.COM
   C:\Documents and Settings\LENOVO\Application Data\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GHM5J7YS\IA.MEDIA-IMDB.COM
   C:\Documents and Settings\LENOVO\Application Data\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GHM5J7YS\MEDIA.MTVNSERVICES.COM
   C:\Documents and Settings\LENOVO\Application Data\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GHM5J7YS\MEDIA1.BREAK.COM
   C:\Documents and Settings\LENOVO\Application Data\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GHM5J7YS\UDN.SPECIFICCLICK.NET
   C:\Documents and Settings\LENOVO\Application Data\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GHM5J7YS\SECURE-US.IMRWORLDWIDE.COM

Adware.Tracking Cookie
   142.memecounter.com [ C:\Documents and Settings\LENOVO\Application Data\Macromedia\Flash Player\#SharedObjects\GHM5J7YS ]
   cdn4.specificclick.net [ C:\Documents and Settings\LENOVO\Application Data\Macromedia\Flash Player\#SharedObjects\GHM5J7YS ]
   cdn5.specificclick.net [ C:\Documents and Settings\LENOVO\Application Data\Macromedia\Flash Player\#SharedObjects\GHM5J7YS ]
   cloud.video.unrulymedia.com [ C:\Documents and Settings\LENOVO\Application Data\Macromedia\Flash Player\#SharedObjects\GHM5J7YS ]
   ia.media-imdb.com [ C:\Documents and Settings\LENOVO\Application Data\Macromedia\Flash Player\#SharedObjects\GHM5J7YS ]
   media.mtvnservices.com [ C:\Documents and Settings\LENOVO\Application Data\Macromedia\Flash Player\#SharedObjects\GHM5J7YS ]
   media.scanscout.com [ C:\Documents and Settings\LENOVO\Application Data\Macromedia\Flash Player\#SharedObjects\GHM5J7YS ]
   media.y8.com [ C:\Documents and Settings\LENOVO\Application Data\Macromedia\Flash Player\#SharedObjects\GHM5J7YS ]
   media1.break.com [ C:\Documents and Settings\LENOVO\Application Data\Macromedia\Flash Player\#SharedObjects\GHM5J7YS ]
   secure-us.imrworldwide.com [ C:\Documents and Settings\LENOVO\Application Data\Macromedia\Flash Player\#SharedObjects\GHM5J7YS ]
   udn.specificclick.net [ C:\Documents and Settings\LENOVO\Application Data\Macromedia\Flash Player\#SharedObjects\GHM5J7YS ]
   .revsci.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   www8.addfreestats.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   rotator.adjuggler.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .collective-media.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .kontera.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .premiumtv.122.2o7.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .islamicfinder.org [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .islamicfinder.org [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   www.islamicfinder.org [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   www.islamicfinder.org [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .tacoda.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .islamicfinder.org [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .islamicfinder.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .islamicfinder.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   www.islamicfinder.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   www.islamicfinder.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .islamicfinder.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .atdmt.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .adtech.de [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .imrworldwide.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .imrworldwide.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .paypal.112.2o7.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .tsleducation.112.2o7.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   cdn5.specificclick.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .atdmt.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   cdn5.specificclick.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .eb.adbureau.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   www7.addfreestats.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .eb.adbureau.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .advertising.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .mediakey.dk [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .mediakey.dk [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .mediakey.dk [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .tripod.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   cdn4.specificclick.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   cdn4.specificclick.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   cdn4.specificclick.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   *Blocked Russian URL* [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   *Blocked Russian URL* [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   *Blocked Russian URL* [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   o.m.e.cltomedia.info [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   cltomedia.info [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .cltomedia.info [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .chitika.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   www.skyscanner.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   www.skyscanner.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .skyscanner.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .interclick.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .realmedia.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .realmedia.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .realmedia.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .trafficmp.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .trafficmp.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .trafficmp.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .trafficmp.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .interclick.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .interclick.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .invitemedia.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .invitemedia.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .farecastcom.122.2o7.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .adserver.adtechus.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   uk.sitestat.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   uk.sitestat.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   rotator.adjuggler.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .eb.adbureau.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .eb.adbureau.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .eb.adbureau.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .richmedia.yahoo.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   beacon.dmsinsights.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   beacon.dmsinsights.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .trvlnet.adbureau.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .trvlnet.adbureau.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .traveladvertising.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .atdmt.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .atdmt.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   www.skyscanner.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .skyscanner.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .skyscanner.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .skyscanner.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   www.skyscanner.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .skyscanner.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .skyscanner.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   server.iad.liveperson.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   server.iad.liveperson.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .247realmedia.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .247realmedia.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   s03.flagcounter.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .questionmarket.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .2o7.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .2o7.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   m1.webstats.motigo.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   eas.apm.emediate.eu [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   eas.apm.emediate.eu [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   eas.apm.emediate.eu [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   track.freewebs.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   track.freewebs.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .2o7.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   www.googleadservices.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .revenue.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .clickaider.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .gostats.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .gostats.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .web-stat.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .web-stat.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .web-stat.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   www.3dstats.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   server.iad.liveperson.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .liveperson.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .liveperson.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .revsci.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .revsci.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .revsci.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .revsci.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .advertising.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   click.onlinepaysys.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   click.onlinepaysys.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   click.onlinepaysys.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   ad.yieldmanager.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   account.nokia.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   account.nokia.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .doubleclick.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   ad.yieldmanager.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .advertising.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .at.atwola.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .at.atwola.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .specificmedia.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   cdn4.specificclick.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   cdn4.specificclick.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   cdn4.specificclick.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .tacoda.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .tacoda.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .tacoda.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .tacoda.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .tacoda.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .content.yieldmanager.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .azjmp.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .azjmp.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .server.cpmstar.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .bs.serving-sys.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .serving-sys.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .serving-sys.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .serving-sys.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .serving-sys.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .serving-sys.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .serving-sys.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .serving-sys.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .server.cpmstar.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   fl01.ct2.comclick.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .tradedoubler.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .adbrite.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .adbrite.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .adbrite.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .adbrite.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .adbrite.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   fl01.ct2.comclick.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   fl01.ct2.comclick.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   fl01.ct2.comclick.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .tradedoubler.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .tradedoubler.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .clicksor.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .clicksor.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .clicksor.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .myroitracking.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .clicksor.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .clicksor.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .clicksor.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .adbrite.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .adbrite.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .adecn.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .hearstdigital.122.2o7.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .bluestreak.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .revsci.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .eyewonder.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .ads.pointroll.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .pointroll.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .adinterax.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .adinterax.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .ads.pointroll.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .pointroll.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .ads.pointroll.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .ads.pointroll.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .ads.pointroll.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .ads.pointroll.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .ads.pointroll.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .ads.pointroll.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .revsci.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .adlegend.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .burstnet.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .www.burstnet.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .burstnet.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .advertising.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   gr.burstnet.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .advertising.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .advertising.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .casalemedia.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .casalemedia.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .casalemedia.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .casalemedia.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .casalemedia.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .casalemedia.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   www.burstnet.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .apmebf.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .kontera.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .kontera.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .revsci.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .revsci.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .revsci.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .revsci.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   www.counter160.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .fastclick.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .fastclick.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .fastclick.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .fastclick.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   ad.yieldmanager.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   ad.yieldmanager.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   adply.plymedia.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .statcounter.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .tribalfusion.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .specificclick.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .specificclick.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .specificclick.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .specificclick.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .specificclick.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .specificclick.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .bwincom.122.2o7.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .viacom.adbureau.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .viacom.adbureau.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .viacom.adbureau.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .content.yieldmanager.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .2o7.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .overture.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .overture.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .viacom.adbureau.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   .viacom.adbureau.net [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   ad.yieldmanager.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   ad.yieldmanager.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   ad.yieldmanager.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
   ad.yieldmanager.com [ C:\Documents and Settings\LENOVO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4316

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

16/07/2010 01:20:51 ?
mbam-log-2010-07-16 (13-20-51).txt

Scan type: Quick scan
Objects scanned: 133313
Time elapsed: 11 minute(s), 58 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 01:20:09 ?, on 16/07/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Emsisoft\Online Armor\OAcat.exe
C:\Program Files\Emsisoft\Online Armor\oasrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\QSTART.SYS\config\DVMExportService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\WINDOWS\system32\SearchIndexer.exe
c:\program files\lenovo\system update\suservice.exe
C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Lenovo\VeriFaceIII\PManage.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Citrix\ICA Client\wfcrun32.exe
C:\Program Files\Emsisoft\Online Armor\oaui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Emsisoft\Online Armor\OAhlp.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Philips\VOIP321\VOIP321.exe
C:\PROGRA~1\Lenovo\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = barQ
R3 - URLSearchHook: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe
O4 - HKLM\..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TVT Scheduler Proxy] c:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files\Lenovo\VeriFaceIII\PManage.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Emsisoft\Online Armor\oaui.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: VOIP321.lnk = C:\Program Files\Philips\VOIP321\VOIP321.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.1.66.0.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C9C6FCC8-28FF-4A41-9A61-F32750696601}: NameServer = 198.192.1.59,198.192.1.60
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O20 - AppInit_DLLs:
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: PicNotify - PicNotify.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM - C:\QSTART.SYS\config\DVMExportService.exe
O23 - Service: Google Update Service (gupdate1ca069ef740d86) (gupdate1ca069ef740d86) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Online Armor Helper Service (OAcat) - Unknown owner - C:\Program Files\Emsisoft\Online Armor\OAcat.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Unknown owner - C:\Program Files\Emsisoft\Online Armor\oasrv.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe

--
End of file - 12013 bytes

[recovering disk space - old attachment deleted by admin]

Sneakyone · « **Reply #1 on:** July 17, 2010, 10:40:54 PM »

Hi, Welcome to Computerhope!

Please download OTL to your Desktop. (If you already have it downloaded, then just follow the instructions below).

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Under the Custom Scan box paste this in

%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.sys
%systemroot%\system32\drivers\*.dll
%systemroot%\system32\drivers\*.ini
%systemroot%\system32\drivers\*.exe
%SYSTEMDRIVE%\*.*
%PROGRAMFILES%\*.
%appdata%\*.*
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
disk.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
usbstor.sys
/md5stop
CREATERESTOREPOINT
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) and paste (Edit->Paste) the contents of these files, one at a time

Note: in the event that OTL fails to run, please use alternate download links to try again:

http://oldtimer.geekstogo.com/OTL.com
http://oldtimer.geekstogo.com/OTL.scr

evilstar · « **Reply #2 on:** July 19, 2010, 04:11:34 AM »

Extras.Txt

OTL Extras logfile created on: 19/07/2010 12:45:21 ã - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\LENOVO\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00004001 | Country: Qatar | Language: ARQ | Date Format: dd/MM/yyyy

1,014.00 Mb Total Physical Memory | 343.00 Mb Available Physical Memory | 34.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146.63 Gb Total Space | 116.72 Gb Free Space | 79.60% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LENOVO-D4F96F23
Current User Name: LENOVO
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"7753:TCP" = 7753:TCP:*:Enabled:BitComet 7753 TCP
"7753:UDP" = 7753:UDP:*:Enabled:BitComet 7753 UDP

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\livecall.exe" = C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\livecall.exe" = C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"D:\speedtouch\STHIW\stInstall.exe" = D:\speedtouch\STHIW\stInstall.exe:*:Enabled:SpeedTouch Home Install Wizard -- File not found
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Google\Chrome\Application\chrome.exe" = C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
"C:\Documents and Settings\LENOVO\My Documents\My Data Sources\utorrent.exe" = C:\Documents and Settings\LENOVO\My Documents\My Data Sources\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe -- File not found
"C:\Documents and Settings\LENOVO\Desktop\ica32pkg.msi" = C:\Documents and Settings\LENOVO\Desktop\ica32pkg.msi:*:Enabled:ica32pkg -- File not found
"C:\Program Files\TVAnts\Tvants.exe" = C:\Program Files\TVAnts\Tvants.exe:*:Enabled:TVAnts -- File not found
"C:\Program Files\StreamTorrent 1.0\StreamTorrent.exe" = C:\Program Files\StreamTorrent 1.0\StreamTorrent.exe:*:Enabled:StreamTorrent Media Player -- File not found

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{023D64D7-E7B4-47C7-BE6E-B7C2E8960D08}" = Citrix online plug-in (Web)
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2D4F6BE3-6FEF-4FE9-9D01-1406B220D08C}" = Windows Live Photo Gallery
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C0C88F5-72EE-464C-AC78-A118367FB322}" = VOIP321
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F8EAC65-314D-4D86-9557-BC9312AACCB0}" = Citrix online plug-in (USB)
"{808E299D-B223-4B06-ACB7-68F3705D9EC6}" = Lenovo Quick Start
"{8144262B-25B4-44F6-8204-FCC8EF50179F}" = Citrix online plug-in (DV)
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update
"{8991E763-21F5-4DEA-A938-5D9D77DCB488}" = Broadcom WLAN
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}" = Energy Management
"{B023185F-F1EF-4F97-B0BD-AE6D802226D1}" = NVIDIA WDM Drivers
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C6876FE6-A314-4628-B0D7-F3EE5E35C4B4}" = Windows Live Toolbar
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D10CB652-9332-4242-B7A9-2D61570144F7}" = Realtek Card Reader
"{DB71210F-8314-4AE3-B7A7-EBAF85BD30E9}" = Wallpapers
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EA74A293-3FAC-4D1B-AE3A-3BD47FADDC20}" = Citrix online plug-in (HDX)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1362843-0E0E-4F74-8662-724CF101ADCE}" = Skype web features
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F7FC9307-374E-4017-8E9D-DE1154780480}" = System Requirements Lab for Intel
"{F870B987-18BC-45FC-9BE8-35C02DCDA10F}" = Broadcom Gigabit Integrated Controller
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"avast5" = avast! Free Antivirus
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"CCleaner" = CCleaner
"CitrixOnlinePluginPackWeb" = Citrix online plug-in - web
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Etisalat 3.5G USB Modem" = Etisalat 3.5G USB Modem
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft DirectX SDK (February 2010)" = Microsoft DirectX SDK (February 2010)
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OnlineArmor_is1" = Online Armor 4.0
"PC-Doctor 5 for Windows" = PC-Doctor 5 for Windows
"PROHYBRIDR" = 2007 Microsoft Office system
"RealPlayer 6.0" = RealPlayer
"Softonic-Eng7 Toolbar" = Softonic-Eng7 Toolbar
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"VeriFace III" = VeriFace III
"Windows Live Toolbar" = Windows Live Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

Error: Unable to start EventLog service!

< End of report >

OTL.Txt

OTL logfile created on: 19/07/2010 12:45:21 ã - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\LENOVO\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00004001 | Country: Qatar | Language: ARQ | Date Format: dd/MM/yyyy

1,014.00 Mb Total Physical Memory | 343.00 Mb Available Physical Memory | 34.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146.63 Gb Total Space | 116.72 Gb Free Space | 79.60% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LENOVO-D4F96F23
Current User Name: LENOVO
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/07/19 12:40:10 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\LENOVO\My Documents\Downloads\OTL.exe
PRC - [2010/07/07 12:52:58 | 003,065,160 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft\Online Armor\oahlp.exe
PRC - [2010/07/07 12:52:54 | 006,854,984 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft\Online Armor\oaui.exe
PRC - [2010/06/29 13:33:20 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/06/28 23:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/03/11 00:22:04 | 000,599,408 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\wfcrun32.exe
PRC - [2010/03/11 00:21:16 | 000,300,400 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\concentr.exe
PRC - [2010/03/11 00:10:32 | 001,918,320 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\wfica32.exe
PRC - [2009/12/03 20:20:15 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/04/21 05:02:55 | 000,323,584 | ---- | M] () -- C:\Program Files\Lenovo\VeriFaceIII\PManage.exe
PRC - [2009/01/17 03:56:42 | 001,456,768 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
PRC - [2009/01/17 03:56:42 | 000,604,776 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
PRC - [2008/08/29 01:10:18 | 001,283,984 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\Energy Management.exe
PRC - [2008/07/10 02:21:20 | 004,456,448 | ---- | M] (Lenovo(Beijing)Limited) -- C:\Program Files\Lenovo\Energy Management\utility.exe
PRC - [2008/05/26 22:19:14 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
PRC - [2008/04/14 15:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/04 20:34:20 | 000,487,424 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
PRC - [2006/07/13 15:28:18 | 000,770,560 | ---- | M] (PHILIPS) -- C:\Program Files\Philips\VOIP321\VOIP321.exe

========== Modules (SafeList) ==========

MOD - [2010/07/19 12:40:10 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\LENOVO\My Documents\Downloads\OTL.exe
MOD - [2010/07/07 12:52:56 | 000,947,016 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft\Online Armor\oawatch.dll
MOD - [2009/01/17 03:55:26 | 000,094,273 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\BtMmHook.dll
MOD - [2009/01/17 03:53:32 | 000,069,697 | ---- | M] () -- C:\Program Files\Lenovo\Bluetooth Software\BTKeyInd.dll
MOD - [2008/04/14 15:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008/04/14 15:00:00 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2008/04/14 15:00:00 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008/04/14 15:00:00 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2008/04/14 15:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll

========== Win32 Services (SafeList) ==========

========== Driver Services (SafeList) ==========

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = barQ

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/29 13:33:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/29 13:33:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2010/04/04 06:12:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LENOVO\Application Data\Mozilla\Extensions
[2010/07/18 21:18:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LENOVO\Application Data\Mozilla\Firefox\Profiles\dm5ycs8e.default\extensions
[2010/04/04 06:14:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\LENOVO\Application Data\Mozilla\Firefox\Profiles\dm5ycs8e.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/18 21:18:08 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/15 21:18:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/03/11 00:01:02 | 000,124,272 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\CCMSDK.dll
[2010/03/11 00:02:52 | 000,070,512 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\CgpCore.dll
[2010/03/11 00:01:48 | 000,091,504 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\confmgr.dll
[2010/03/11 00:01:24 | 000,022,384 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\ctxlogging.dll
[2010/07/15 21:17:32 | 000,423,656 | ---- | M] (Oracle) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/03/11 00:40:56 | 000,423,248 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npicaN.dll
[2010/03/11 00:02:48 | 000,023,920 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\TcpPServ.dll
[2010/04/01 19:56:49 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/04/01 19:56:50 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/04/01 19:56:50 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/04/01 19:56:50 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2010/06/14 16:34:36 | 000,404,365 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1   www.007guard.com
O1 - Hosts: 127.0.0.1   007guard.com
O1 - Hosts: 127.0.0.1   008i.com
O1 - Hosts: 127.0.0.1   www.008k.com
O1 - Hosts: 127.0.0.1   008k.com
O1 - Hosts: 127.0.0.1   www.00hq.com
O1 - Hosts: 127.0.0.1   00hq.com
O1 - Hosts: 127.0.0.1   010402.com
O1 - Hosts: 127.0.0.1   www.032439.com
O1 - Hosts: 127.0.0.1   032439.com
O1 - Hosts: 127.0.0.1   www.0scan.com
O1 - Hosts: 127.0.0.1   0scan.com
O1 - Hosts: 127.0.0.1   1000gratisproben.com
O1 - Hosts: 127.0.0.1   www.1000gratisproben.com
O1 - Hosts: 127.0.0.1   1001namen.com
O1 - Hosts: 127.0.0.1   www.1001namen.com
O1 - Hosts: 127.0.0.1   100888290cs.com
O1 - Hosts: 127.0.0.1   www.100888290cs.com
O1 - Hosts: 127.0.0.1   www.100sexlinks.com
O1 - Hosts: 127.0.0.1   100sexlinks.com
O1 - Hosts: 127.0.0.1   10sek.com
O1 - Hosts: 127.0.0.1   www.10sek.com
O1 - Hosts: 127.0.0.1   www.1-2005-search.com
O1 - Hosts: 127.0.0.1   1-2005-search.com
O1 - Hosts: 13983 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic-Eng7 Toolbar) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files\Emsisoft\Online Armor\oaui.exe (Emsi Software GmbH)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo(Beijing)Limited)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TVT Scheduler Proxy] c:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files\Lenovo\VeriFaceIII\PManage.exe ()
O4 - HKCU..\Run: [BitComet] C:\Program Files\BitComet\BitComet.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\LENOVO\Start Menu\Programs\Startup\VOIP321.lnk = C:\Program Files\Philips\VOIP321\VOIP321.exe (PHILIPS)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab (SysInfo Class)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.1.66.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\PicNotify: DllName - PicNotify.dll - C:\WINDOWS\System32\PicNotify.dll ()
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Emsisoft\Online Armor\oaevent.dll (Emsi Software GmbH)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/07/21 22:16:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{db0e3952-7c51-11de-9d25-002100e7b10e}\Shell - "" = AutoRun
O33 - MountPoints2\{db0e3952-7c51-11de-9d25-002100e7b10e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{db0e3952-7c51-11de-9d25-002100e7b10e}\Shell\AutoRun\command - "" = D:\AutoRun.exe -- File not found
O33 - MountPoints2\{db47555c-7c4c-11de-9d23-002100e7b10e}\Shell - "" = AutoRun
O33 - MountPoints2\{db47555c-7c4c-11de-9d23-002100e7b10e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{db47555c-7c4c-11de-9d23-002100e7b10e}\Shell\AutoRun\command - "" = D:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/07/17 19:27:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LENOVO\Desktop\Ahmed
[2010/07/16 13:26:46 | 000,000,000 | -H-D | C] -- C:\dvmexp
[2010/07/15 21:57:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LENOVO\Application Data\SUPERAntiSpyware.com
[2010/07/15 21:57:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/07/15 21:57:03 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/07/15 21:22:47 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/07/15 21:20:47 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/07/15 21:19:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/07/15 21:18:24 | 000,073,728 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javacpl.cpl
[2010/07/15 21:18:22 | 000,153,376 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javaws.exe
[2010/07/15 21:18:22 | 000,145,184 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javaw.exe
[2010/07/15 21:18:22 | 000,145,184 | ---- | C] (Oracle) -- C:\WINDOWS\System32\java.exe
[2010/07/15 21:17:00 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/07/15 21:06:43 | 000,000,000 | ---D | C] -- C:\Program Files\superspyware
[2010/07/15 21:05:19 | 000,000,000 | ---D | C] -- C:\Program Files\New Folder (5)
[2010/07/15 21:05:17 | 000,000,000 | ---D | C] -- C:\Program Files\New Folder (4)
[2010/07/15 21:05:04 | 000,000,000 | ---D | C] -- C:\Program Files\New Folder (3)
[2010/07/15 21:04:57 | 000,000,000 | ---D | C] -- C:\Program Files\New Folder (2)
[2010/07/15 21:04:31 | 000,000,000 | ---D | C] -- C:\Program Files\New Folder
[2010/07/15 21:01:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LENOVO\Application Data\OnlineArmor
[2010/07/15 21:01:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\OnlineArmor
[2010/07/15 20:59:44 | 000,022,600 | ---- | C] (Emsisoft) -- C:\WINDOWS\System32\drivers\OAmon.sys
[2010/07/15 20:59:43 | 000,028,232 | ---- | C] (Emsisoft) -- C:\WINDOWS\System32\drivers\OAnet.sys
[2010/07/15 20:59:42 | 000,236,104 | ---- | C] (Emsisoft) -- C:\WINDOWS\System32\drivers\OADriver.sys
[2010/07/15 20:59:28 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft
[2010/07/15 20:57:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LENOVO\Application Data\Malwarebytes
[2010/07/15 20:56:56 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/07/15 20:56:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/07/15 20:56:47 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/07/15 20:56:46 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/07/15 20:52:07 | 000,165,456 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/07/15 20:52:07 | 000,017,744 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/07/15 20:52:05 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/07/15 20:52:03 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/07/15 20:51:59 | 000,100,176 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/07/15 20:51:59 | 000,094,544 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/07/15 20:51:57 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/07/15 20:51:10 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010/07/15 20:51:07 | 000,165,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/07/15 20:50:45 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/07/15 20:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/07/15 20:45:39 | 000,000,000 | ---D | C] -- C:\swshare
[2010/07/15 19:51:01 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/07/07 23:59:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LENOVO\Application Data\StreamTorrent
[2010/06/22 18:23:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010/06/22 17:56:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010/06/22 17:56:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2010/06/22 17:55:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2010/06/20 15:25:07 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll
[2010/06/20 14:49:10 | 000,000,000 | ---D | C] -- C:\ATI
[5 C:\Documents and Settings\LENOVO\Desktop\*.tmp files -> C:\Documents and Settings\LENOVO\Desktop\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/07/19 12:52:05 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/19 12:50:56 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{5257A20B-12A7-4819-AFB2-043DF76F23B7}.job
[2010/07/18 22:59:05 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/07/18 22:21:00 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2010/07/18 21:21:51 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/18 21:21:47 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/07/18 21:21:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/07/18 21:21:15 | 1063,702,528 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/18 21:19:57 | 009,699,328 | -H-- | M] () -- C:\Documents and Settings\LENOVO\NTUSER.DAT
[2010/07/18 21:19:57 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\LENOVO\ntuser.ini
[2010/07/18 21:19:48 | 000,000,268 | -H-- | M] () -- C:\sqmdata18.sqm
[2010/07/18 21:19:48 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2010/07/18 15:03:48 | 000,000,268 | -H-- | M] () -- C:\sqmdata17.sqm
[2010/07/18 15:03:48 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2010/07/18 07:13:53 | 000,000,268 | -H-- | M] () -- C:\sqmdata16.sqm
[2010/07/18 07:13:53 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2010/07/17 20:54:16 | 000,002,449 | ---- | M] () -- C:\Documents and Settings\LENOVO\Desktop\HiJackThis.lnk
[2010/07/17 19:45:38 | 000,000,012 | -H-- | M] () -- C:\dvmexp.idx
[2010/07/17 19:29:33 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\LENOVO\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/17 03:29:51 | 000,000,268 | -H-- | M] () -- C:\sqmdata15.sqm
[2010/07/17 03:29:51 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2010/07/16 13:24:48 | 000,000,268 | -H-- | M] () -- C:\sqmdata14.sqm
[2010/07/16 13:24:48 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2010/07/16 11:30:12 | 000,000,268 | -H-- | M] () -- C:\sqmdata13.sqm
[2010/07/16 11:30:12 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2010/07/15 21:57:10 | 000,001,685 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/07/15 21:35:44 | 000,000,268 | -H-- | M] () -- C:\sqmdata12.sqm
[2010/07/15 21:35:42 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2010/07/15 21:23:04 | 000,000,689 | ---- | M] () -- C:\Documents and Settings\LENOVO\Desktop\CCleaner.lnk
[2010/07/15 21:17:21 | 000,153,376 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javaws.exe
[2010/07/15 21:17:21 | 000,145,184 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javaw.exe
[2010/07/15 21:17:20 | 000,145,184 | ---- | M] (Oracle) -- C:\WINDOWS\System32\java.exe
[2010/07/15 21:17:20 | 000,073,728 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javacpl.cpl
[2010/07/15 21:17:15 | 000,423,656 | ---- | M] (Oracle) -- C:\WINDOWS\System32\deployJava1.dll
[2010/07/15 21:00:27 | 000,506,250 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/07/15 21:00:27 | 000,095,004 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/07/15 20:57:00 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/15 20:52:08 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/07/15 20:52:00 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/07/15 07:37:30 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/07/15 05:37:04 | 001,335,152 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2010/07/14 22:32:14 | 000,000,268 | -H-- | M] () -- C:\sqmdata11.sqm
[2010/07/14 22:32:14 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2010/07/14 20:33:48 | 000,000,158 | ---- | M] () -- C:\WINDOWS\cavscan.INI
[2010/07/11 23:21:30 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm
[2010/07/11 23:21:30 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2010/07/09 13:29:01 | 000,000,268 | -H-- | M] () -- C:\sqmdata09.sqm
[2010/07/09 13:29:01 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2010/07/08 22:51:41 | 000,000,268 | -H-- | M] () -- C:\sqmdata08.sqm
[2010/07/08 22:51:41 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2010/07/08 00:03:21 | 000,000,268 | -H-- | M] () -- C:\sqmdata07.sqm
[2010/07/08 00:03:20 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2010/07/07 12:25:58 | 000,022,600 | ---- | M] (Emsisoft) -- C:\WINDOWS\System32\drivers\OAmon.sys
[2010/07/07 12:25:42 | 000,028,232 | ---- | M] (Emsisoft) -- C:\WINDOWS\System32\drivers\OAnet.sys
[2010/07/07 12:25:38 | 000,236,104 | ---- | M] (Emsisoft) -- C:\WINDOWS\System32\drivers\OADriver.sys
[2010/07/04 10:09:05 | 000,000,268 | -H-- | M] () -- C:\sqmdata06.sqm
[2010/07/04 10:09:05 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2010/07/03 23:26:43 | 000,000,268 | -H-- | M] () -- C:\sqmdata05.sqm
[2010/07/03 23:26:43 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2010/07/03 07:34:55 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm
[2010/07/03 07:34:55 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2010/07/02 10:53:47 | 000,001,820 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2010/07/01 16:11:12 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm
[2010/07/01 16:11:11 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2010/06/30 22:32:03 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2010/06/30 22:32:03 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2010/06/30 16:00:44 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
[2010/06/30 16:00:44 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2010/06/28 23:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010/06/28 23:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/06/28 23:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/06/28 23:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/06/28 23:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/06/28 23:32:45 | 000,100,176 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/06/28 23:32:42 | 000,094,544 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/06/28 23:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/06/28 23:32:16 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/06/28 21:56:46 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2010/06/28 21:56:46 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2010/06/25 23:30:56 | 000,000,268 | -H-- | M] () -- C:\sqmdata19.sqm
[2010/06/25 23:30:56 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2010/06/24 05:38:11 | 000,601,124 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[5 C:\Documents and Settings\LENOVO\Desktop\*.tmp files -> C:\Documents and Settings\LENOVO\Desktop\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/07/16 15:35:54 | 000,000,012 | -H-- | C] () -- C:\dvmexp.idx
[2010/07/15 21:57:10 | 000,001,685 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/07/15 21:23:04 | 000,000,689 | ---- | C] () -- C:\Documents and Settings\LENOVO\Desktop\CCleaner.lnk
[2010/07/15 21:20:48 | 000,002,449 | ---- | C] () -- C:\Documents and Settings\LENOVO\Desktop\HiJackThis.lnk
[2010/07/15 20:57:00 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/15 20:52:08 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/06/25 23:30:56 | 000,000,268 | -H-- | C] () -- C:\sqmdata19.sqm
[2010/06/25 23:30:56 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt19.sqm
[2010/06/24 22:22:34 | 000,000,268 | -H-- | C] () -- C:\sqmdata18.sqm
[2010/06/24 22:22:34 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt18.sqm
[2010/06/24 13:57:30 | 000,000,268 | -H-- | C] () -- C:\sqmdata17.sqm
[2010/06/24 13:57:30 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt17.sqm
[2010/06/23 17:20:04 | 000,000,268 | -H-- | C] () -- C:\sqmdata16.sqm
[2010/06/23 17:20:04 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt16.sqm
[2010/06/22 21:26:03 | 000,000,268 | -H-- | C] () -- C:\sqmdata15.sqm
[2010/06/22 21:26:03 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt15.sqm
[2010/06/22 17:46:59 | 000,000,268 | -H-- | C] () -- C:\sqmdata14.sqm
[2010/06/22 17:46:58 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt14.sqm
[2010/06/21 22:45:52 | 000,000,268 | -H-- | C] () -- C:\sqmdata13.sqm
[2010/06/21 22:45:52 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt13.sqm
[2010/06/21 16:34:23 | 000,000,268 | -H-- | C] () -- C:\sqmdata12.sqm
[2010/06/21 16:34:23 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt12.sqm
[2010/06/20 22:35:02 | 000,000,268 | -H-- | C] () -- C:\sqmdata11.sqm
[2010/06/20 22:35:01 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt11.sqm
[2010/06/20 16:26:51 | 000,000,268 | -H-- | C] () -- C:\sqmdata10.sqm
[2010/06/20 16:26:51 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt10.sqm
[2010/06/20 15:22:15 | 000,000,268 | -H-- | C] () -- C:\sqmdata09.sqm
[2010/06/20 15:22:15 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt09.sqm
[2010/06/20 14:21:42 | 000,000,268 | -H-- | C] () -- C:\sqmdata08.sqm
[2010/06/20 14:21:42 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt08.sqm
[2010/05/30 16:22:43 | 000,123,614 | ---- | C] () -- C:\WINDOWS\System32\drivers\NVCAP.SYS
[2010/05/14 16:25:31 | 000,000,158 | ---- | C] () -- C:\WINDOWS\cavscan.INI
[2010/04/25 20:52:57 | 000,000,103 | ---- | C] () -- C:\WINDOWS\ae2kgmaud.ini
[2010/04/25 15:15:35 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A6W.INI
[2009/04/21 18:49:50 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/04/21 05:02:59 | 009,338,880 | ---- | C] () -- C:\WINDOWS\System32\Facev.dll
[2009/04/21 05:02:59 | 000,491,520 | ---- | C] () -- C:\WINDOWS\System32\picn.dll
[2009/04/21 05:02:59 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\image.dll
[2009/04/21 05:02:58 | 000,655,360 | ---- | C] () -- C:\WINDOWS\System32\EncIcons.dll
[2009/04/21 05:02:58 | 000,241,752 | ---- | C] () -- C:\WINDOWS\System32\IcnOvrly.dll
[2009/04/21 05:02:58 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\FunFrm.dll
[2009/04/21 05:02:57 | 000,507,904 | ---- | C] () -- C:\WINDOWS\System32\SimpleExt.dll
[2009/04/21 05:02:57 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\SetDev.dll
[2009/04/21 05:02:57 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\VideoOp.dll
[2009/04/21 05:02:56 | 009,502,720 | ---- | C] () -- C:\WINDOWS\System32\FaceVerify.dll
[2009/04/21 05:02:56 | 001,974,272 | ---- | C] () -- C:\WINDOWS\System32\Imagereog.dll
[2009/04/21 05:02:56 | 001,564,672 | ---- | C] () -- C:\WINDOWS\System32\MainOp.dll
[2009/04/21 05:02:56 | 001,167,360 | ---- | C] () -- C:\WINDOWS\System32\PicNotify.dll
[2009/04/21 05:02:56 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Momo.dll
[2009/04/21 05:02:56 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\DevFilt.dll
[2009/04/21 05:02:55 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\Apblend.dll
[2009/04/21 05:02:53 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\3DImageRenderer.dll
[2009/04/21 04:54:53 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2009/01/17 03:55:38 | 002,854,976 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2008/12/02 04:32:30 | 000,012,240 | ---- | C] () -- C:\WINDOWS\System32\dvmio.sys
[2008/07/22 00:08:39 | 000,004,670 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2005/02/17 21:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005/02/17 21:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001/11/14 22:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== Custom Scans ==========

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.exe /lockedfiles >
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >
[2010/07/18 21:21:51 | 000,000,882 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2010/07/19 12:52:05 | 000,000,886 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008/07/21 15:08:42 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008/07/21 15:08:42 | 001,064,960 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008/07/21 15:08:42 | 000,917,504 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.sys >
[2008/04/14 15:00:00 | 000,009,029 | ---- | M] () -- C:\WINDOWS\system32\ansi.sys
[2008/04/14 15:00:00 | 000,027,097 | ---- | M] () -- C:\WINDOWS\system32\country.sys
[2008/12/02 04:32:30 | 000,012,240 | ---- | M] () -- C:\WINDOWS\system32\dvmio.sys
[2008/04/14 15:00:00 | 000,004,768 | ---- | M] () -- C:\WINDOWS\system32\himem.sys
[2008/04/14 15:00:00 | 000,042,809 | ---- | M] () -- C:\WINDOWS\system32\key01.sys
[2008/04/14 15:00:00 | 000,042,537 | ---- | M] () -- C:\WINDOWS\system32\keyboard.sys
[2008/04/14 15:00:00 | 000,027,866 | ---- | M] () -- C:\WINDOWS\system32\ntdos.sys
[2008/04/14 15:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos404.sys
[2008/04/14 15:00:00 | 000,029,370 | ---- | M] () -- C:\WINDOWS\system32\ntdos411.sys
[2008/04/14 15:00:00 | 000,029,274 | ---- | M] () -- C:\WINDOWS\system32\ntdos412.sys
[2008/04/14 15:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos804.sys
[2008/04/14 15:00:00 | 000,033,840 | ---- | M] () -- C:\WINDOWS\system32\ntio.sys
[2008/04/14 15:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio404.sys
[2008/04/14 15:00:00 | 000,035,648 | ---- | M] () -- C:\WINDOWS\system32\ntio411.sys
[2008/04/14 15:00:00 | 000,035,424 | ---- | M] () -- C:\WINDOWS\system32\ntio412.sys
[2008/04/14 15:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio804.sys
[2008/04/14 15:00:00 | 000,017,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\watchdog.sys
[2010/05/02 08:22:50 | 001,851,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k.sys
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.dll >

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >

< %SYSTEMDRIVE%\*.* >
[2008/07/21 22:16:20 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2008/11/13 18:53:03 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2008/07/21 22:16:20 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/07/17 19:45:38 | 000,000,012 | -H-- | M] () -- C:\dvmexp.idx
[2010/07/19 12:31:28 | 000,383,258 | ---- | M] () -- C:\HeadNotify.log
[2010/07/18 21:21:15 | 1063,702,528 | -HS- | M] () -- C:\hiberfil.sys
[2008/07/21 22:16:20 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/07/15 21:19:50 | 000,000,871 | ---- | M] () -- C:\JavaRa.log
[2008/07/21 22:16:20 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/04/14 15:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/14 15:00:00 | 000,250,048 | RHS- | M] () -- C:\NTLDR
[2010/07/18 21:21:10 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys
[2009/04/21 04:53:54 | 000,001,621 | ---- | M] () -- C:\RHDSetup.log
[2009/06/09 13:29:22 | 000,000,061 | -H-- | M] () -- C:\splash.idx
[2010/06/28 21:56:46 | 000,000,268 | -H-- | M] ()

Sneakyone · « **Reply #3 on:** July 20, 2010, 03:51:46 PM »

Hi,

Please download ComboFix

from BleepingComputer.com

Alternate link: GeeksToGo.com

Alternate link: Forospyware.com

Rename ComboFix.exe to commy.exe before you save it to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
Click Start>Run then copy paste the following command into the Run box & click OK "%userprofile%\desktop\commy.exe" /stepdel
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console

Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.

Computer Hope Forum

News:

Author Topic: Malware Removal help (Read 17157 times)

evilstar

Malware Removal help

Sneakyone

Re: Malware Removal help

evilstar

Re: Malware Removal help

Sneakyone

Re: Malware Removal help