After many hours, the ESET online scanner reports finding 17 'threats'.
My computer seems to be OK (normal). Even my USB flash drive is now recognized.
ESET online scanner.txt **************************
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=6
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6050
# api_version=3.0.2
# EOSSerial=8144943f8425704e8d923f0f8d5a95c0
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2009-09-26 10:57:30
# local_time=2009-09-26 04:57:30 (-0600, Central Standard Time)
# country="United States"
# lang=1033
# osver=5.0.2195 NT Service Pack 4
# compatibility_mode=1281 63 100 99 2896584633728
# compatibility_mode=3585 63 50 0 0
# compatibility_mode=4355 63 655 0 0
# compatibility_mode=4354 63 655 0 0
# compatibility_mode=8449 63 655 0 0
# scanned=216856
# found=17
# cleaned=17
# scan_time=47403
C:\Documents and Settings\fmeadmin\My Documents\Downloads\MagicISO v5.3 (Build 0213).rar a variant of Win32/HackTool.Patcher.A application (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\fmeadmin\My Documents\Downloads\Windows Xp 9 In 1 (Pro Home Media Center Oem, Retail, Corp, Upgrade).iso a variant of Win32/HackTool.Patcher.C trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\fmeadmin\My Documents\Downloads\Symantec Norton Ghost10 BOOTABLE.ISO\NORTONGHOST10.0.iso probably a variant of Win32/Adware.Agent application (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\fmeadmin.DELLOPTIPLEX\Desktop\torrents\Win XP PRO SP3 (5503) VistaVG Ultimate Style + SATA-RAID (03-19-2008)\Win XP PRO SP3 (5503) VistaVG Ultimate Style + SATA-RAID (03-19-2008).iso Win32/CloseApp.A application (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\onyx\Norton2008-360-keygen.exe a variant of MSIL/TrojanDropper.Agent.E trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\onyx\Desktop\Cleanup Tools\SmitfraudFix\Process.exe Win32/PrcView application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\onyx\Desktop\Cleanup Tools\SmitfraudFix\restart.exe Win32/Shutdown.NAA application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\onyx\My Documents\TEX progs\WinEdt54\WinEdt[1].v5.4.20050701 Crack.rar a variant of Win32/HackTool.Patcher.A application (deleted - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Microsoft Update Engine\stub_1.exe a variant of Win32/Injector.PZ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Microsoft Update Engine\stub_2.exe probably unknown NewHeur_PE virus (deleted - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\Microsoft Update Engine\stub_3.exe a variant of Win32/Injector.PZ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Faronics\Deep Freeze 6 Enterprise\DF6WksSeedRaw.dat probably a variant of Win32/Genetik trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Malwarebytes' Anti-Malware\The patch for ( Malwarebytes' Anti-Malware 1.34 )\m.bytes'.anti-malware.v1.34-patch.exe probably a variant of Win32/HackTool.Patcher.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINNT\system32\drivers\UACcjcfpxxthl.sys.vir a variant of Win32/Olmarik.HI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\shared\Windows XP Ultimate Edition (by Johnny) [February2008-R3.6].iso probably a variant of Win32/Agent trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\WINNT\Downloaded Installations\{82557381-A09A-407F-AAC8-9B05F0E3A655}\PC MightyMax v9.msi Win32/Adware.PCMightyMax application (deleted - quarantined) 00000000000000000000000000000000 C
C:\_OTMoveIt\MovedFiles\07312008_173642\Documents and Settings\onyx\Desktop\software\NOD32.Antivirus.System.2.70.39.Incl.Fix-Emzky\NOD32.Antivirus.System.2.70.39.Incl.Fix-Emzky.rar Win32/HackAV.G application (deleted - quarantined) 00000000000000000000000000000000 C
DDS.txt****************************
DDS (Ver_09-07-30.01) - NTFSx86
Run by onyx at 9:58:32.68 on Sat 09/26/2009
Internet Explorer: 6.0.2800.1106
Microsoft Windows 2000 Professional 5.0.2195.4.1252.1.1033.18.510.107 [GMT -6:00]
============== Running Processes ===============
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINNT\system32\hasplms.exe
C:\WINNT\system32\hidserv.exe
C:\Program Files\iPod Access for Windows\iPAHelper.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\Fastream IQ Web FTP Server Engine\IQWebFTPServerEngine.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\SiteAdvisor\6261\SAService.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\vmnetdhcp.exe
C:\Program Files\VMware\VMware Player\vmware-authd.exe
C:\WINNT\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINNT\system32\igfxtray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
C:\WINNT\system32\wuauclt.exe
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe
C:\Documents and Settings\fmeadmin.DELLOPTIPLEX\Desktop\utorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
C:\WINNT\system32\NOTEPAD.EXE
C:\Documents and Settings\onyx\Desktop\software2\dds.pif
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.com/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {089fd14d-132b-48fc-8861-0048ae113215} - c:\program files\siteadvisor\6261\SiteAdv.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2009\ievkbd.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
TB: McAfee SiteAdvisor: {0bf43445-2f28-4351-9252-17fe6e806aa0} - c:\program files\siteadvisor\6261\SiteAdv.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar4.dll
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
TB: {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - No File
EB: Media Band: {32683183-48a0-441b-a342-7c2a440a9478} - %SystemRoot%\system32\browseui.dll
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [ctfmon.exe] ctfmon.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Synchronization Manager] mobsync.exe /logon
mRun: [IgfxTray] c:\winnt\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\winnt\system32\hkcmd.exe
mRun: [PDF Converter Registry Controller] "c:\program files\scansoft\pdf converter\RegistryController.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
dRunOnce: [^SetupICWDesktop] c:\program files\internet explorer\connection wizard\icwconn1.exe /desktop
mExplorerRun: [Explorer Options2] w
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hp digital imaging monitor.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hp image zone fast start.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\symantec fax starter edition port.lnk - c:\program files\microsoft office\office\1033\OLFSNT40.EXE
IE: Add to Banner Ad Blocker - c:\program files\kaspersky lab\kaspersky internet security 2009\ie_banner_deny.htm
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Open PDF in Word - c:\program files\scansoft\pdf converter\IEShellExt.dll /100
IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - c:\program files\kaspersky lab\kaspersky internet security 2009\SCIEPlgn.dll
LSP: c:\program files\vmware\vmware player\vsocklib.dll
DPF: DirectAnimation Java Classes - file://c:\winnt\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java
DPF: {31564D57-0000-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/wmvax.cab
DPF: {32564D57-0000-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/wmv8ax.cab
DPF: {33564D57-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/D/0/D/D0DD87DA-994F-4334-8B55-AF2E4D98ED0C/wmv9dmo.cab
DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {7823A620-9DD9-11CF-A662-00AA00C066D2} - hxxp://tcapps.selu.edu/timecentre/Common/iemenu.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38458.7024884259
DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - hxxp://www.crucial.com/controls/cpcScanner.cab
DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - hxxp://www.superadblocker.com/activex/sabspx.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {E9C9692E-F93C-11D1-ABB0-0040054FC6FB} - hxxp://tcapps.selu.edu/timecentre/Common/pvdt80.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - c:\program files\siteadvisor\6261\SiteAdv.dll
Notify: klogon - c:\winnt\system32\klogon.dll
Notify: NavLogon - c:\winnt\system32\NavLogon.dll
Notify: WRNotifier - WRLogonNTF.dll
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\onyx\applic~1\mozilla\firefox\profiles\5alwvt2f.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.selu.edu/|http://www.selu.edu/
FF - component: c:\program files\siteadvisor\6261\ff\components\FFHook.dll
FF - plugin: c:\program files\real\realarcade\plugins\mozilla\npracplug.dll
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "
https://www.google.com/loc/json");
============= SERVICES / DRIVERS ===============
R0 kl1;Kl1;c:\winnt\system32\drivers\kl1.sys [2008-4-16 112144]
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\winnt\system32\drivers\klbg.sys [2008-1-29 33808]
R0 Lbd;Lbd;c:\winnt\system32\drivers\Lbd.sys [2009-5-11 64160]
R0 stcp2v30;stcp2v30 Driver;c:\winnt\system32\drivers\stcp2v30.sys [2008-12-1 64960]
R1 FSLX;FSLX;c:\winnt\system32\drivers\fslx.sys [2008-7-21 192256]
R1 KLIF;Kaspersky Lab Driver;c:\winnt\system32\drivers\klif.sys [2009-5-12 215824]
R2 AVP;Kaspersky Internet Security;c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe [2008-4-25 201992]
R2 hasplms;HASP License Manager;c:\winnt\system32\hasplms.exe -run --> c:\winnt\system32\hasplms.exe -run [?]
R2 NFService;Fastream IQ Web/FTP Server;c:\progra~1\fastream iq web ftp server engine\IQWebFTPServerEngine.exe [2008-10-4 3220992]
R2 vmci;VMware vmci;c:\winnt\system32\drivers\vmci.sys [2009-3-26 54960]
R3 EL90BC;3Com EtherLink XL B/C Adapter Driver;c:\winnt\system32\drivers\el90xbc5.sys [2005-4-16 61712]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\winnt\system32\drivers\klfltdev.sys [2008-3-13 23312]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\winnt\system32\drivers\klim5.sys [2008-3-25 24592]
S1 SASKUTIL;SASKUTIL;\??\c:\program files\superantispyware\saskutil.sys --> c:\program files\superantispyware\SASKUTIL.sys [?]
S1 SAVRT;SAVRT;\??\c:\program files\symantec antivirus\savrt.sys --> c:\program files\symantec antivirus\savrt.sys [?]
S1 SAVRTPEL;SAVRTPEL;\??\c:\program files\symantec antivirus\savrtpel.sys --> c:\program files\symantec antivirus\Savrtpel.sys [?]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\program files\lavasoft\ad-aware\aawservice.exe" --> c:\program files\lavasoft\ad-aware\AAWService.exe [?]
S3 DfSdkS;Defragmentation-Service;c:\program files\ashampoo\ashampoo winoptimizer 6\DfSdkS.exe [2008-12-27 410976]
S3 DigimHID;DigimHID;c:\winnt\system32\drivers\DigimHID.SYS [2008-8-18 5248]
S3 NAVENG;NAVENG;c:\progra~1\common~1\symantec shared\virusdefs\20070820.048\naveng.sys [2008-8-8 81232]
S3 NAVEX15;NAVEX15;c:\progra~1\common~1\symantec shared\virusdefs\20070820.048\navex15.sys [2008-8-8 865904]
S3 SavRoam;SAVRoam;"c:\program files\symantec antivirus\savroam.exe" --> c:\program files\symantec antivirus\SavRoam.exe [?]
S4 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2007-5-29 192104]
S4 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2007-5-29 169576]
S4 IntuitUpdateService;Intuit Update Service;c:\program files\common files\intuit\update service\IntuitUpdateService.exe [2008-10-10 13088]
S4 Symantec AntiVirus;Symantec AntiVirus;"c:\program files\symantec antivirus\rtvscan.exe" --> c:\program files\symantec antivirus\Rtvscan.exe [?]
============== File Associations ===============
JSEFile=NOTEPAD.EXE %1
=============== Created Last 30 ================
2009-09-26 09:58 16,384 a------t c:\winnt\system32\Perflib_Perfdata_428.dat
2009-09-25 15:20 <DIR> --d----- c:\program files\ESET
2009-09-25 11:43 16,384 a------t c:\winnt\system32\Perflib_Perfdata_45c.dat
2009-09-25 10:10 16,384 a------t c:\winnt\system32\Perflib_Perfdata_460.dat
2009-09-25 00:01 16,384 a------t c:\winnt\system32\Perflib_Perfdata_494.dat
2009-09-24 23:00 16,384 a------t c:\winnt\system32\Perflib_Perfdata_498.dat
2009-09-24 15:39 16,384 a------t c:\winnt\system32\Perflib_Perfdata_444.dat
2009-09-24 15:27 1,843,684 ----h--- c:\winnt\ShellIconCache
2009-09-24 13:53 16,384 a------t c:\winnt\system32\Perflib_Perfdata_450.dat
2009-09-24 10:36 229,888 a------- c:\winnt\PEV.exe
2009-09-24 10:36 161,792 a------- c:\winnt\SWREG.exe
2009-09-24 10:36 98,816 a------- c:\winnt\sed.exe
2009-09-23 15:19 1,538 a------- c:\winnt\system32\%LocalXml%
2009-09-23 07:55 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{EF63305C-BAD7-4144-9208-D65528260864}
2009-09-22 21:30 0 a--sh--- c:\winnt\klif.spi
2009-09-18 18:31 <DIR> --d----- C:\usr
2009-09-17 23:53 42,192 ac------ c:\winnt\system32\dllcache\atibt829.sys
==================== Find3M ====================
2009-09-22 20:29 33,808 a------- c:\winnt\system32\drivers\klbg.sys
2009-09-22 20:29 107,547 a------- c:\winnt\system32\drivers\klin.dat
2009-09-22 20:29 95,259 a------- c:\winnt\system32\drivers\klick.dat
2009-09-10 14:54 38,224 a------- c:\winnt\system32\drivers\mbamswissarmy.sys
2009-09-10 14:53 18,520 a------- c:\winnt\system32\drivers\mbam.sys
2009-05-11 22:01 9,673,395 a------- c:\documents and settings\onyx\ATT_SST_Installer.exe
2007-11-22 12:31 21,952 ----h--- c:\program files\folder.htt
2007-11-22 12:31 271 ----h--- c:\program files\desktop.ini
2006-07-22 23:26 774,144 a------- c:\program files\RngInterstitial.dll
1999-12-07 06:00 32,528 a------- c:\winnt\inf\wbfirdma.sys
1998-12-08 20:53 186,368 a------- c:\program files\common files\IRAREG.DLL
1998-12-08 20:53 99,840 a------- c:\program files\common files\IRAABOUT.DLL
1998-12-08 20:53 70,144 a------- c:\program files\common files\IRAMDMTR.DLL
1998-12-08 20:53 48,640 a------- c:\program files\common files\IRALPTTR.DLL
1998-12-08 20:53 31,744 a------- c:\program files\common files\IRAWEBTR.DLL
1998-12-08 20:53 17,920 a------- c:\program files\common files\IRASRIAL.DLL
============= FINISH: 10:00:45.45 ===============
DDS attach.txt********************************************
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-07-30.01)
Microsoft Windows 2000 Professional
Boot Device: \Device\Harddisk0\Partition1
Install Date:
System Uptime: 9/25/2009 5:41:48 AM (29 hours ago)
Motherboard: Dell Computer Corporation | | OptiPlex GX150
Processor: Intel Pentium III processor | Microprocessor | 996/133mhz
==== Disk Partitions =========================
A: is Removable
C: is FIXED (NTFS) - 112 GiB total, 36.372 GiB free.
D: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID: {36FC9E60-C465-11CF-8056-444553540000}
Description: USB Mass Storage Device
Device ID: USB\VID_12F7&PID_1E23\077B132E1A6D
Manufacturer: Microsoft
Name: USB Mass Storage Device
PNP Device ID: USB\VID_12F7&PID_1E23\077B132E1A6D
Service: USBSTOR
==== System Restore Points ===================
No restore point in system.
==== Installed Programs ======================
A-PDF Merger 2.3
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.3
AnswerWorks 5.0 English Runtime
Ashampoo WinOptimizer 6.01
ATT-PRT22
Belarc Advisor 7.2
Bullzip PDF Printer 4.0.0.463
CCleaner (remove only)
ConTEXT
CP_AtenaShokunin1Config
CP_CalendarTemplates1
CP_Package_Basic1
CP_Panorama1Config
CueTour
DeviceFunctionQFolder
Diner Dash 2
DocumentViewer
DocumentViewerQFolder
Easy File Sharing Web Server 4.2
ESET Online Scanner v3
EVEREST Home Edition v2.20
ExactFile 1.0.0.15
FloorPlan 3D v11
Free Pascal 2.0.4
FullDPAppQFolder
Google Earth
HijackThis 2.0.2
HP Document Viewer 5.3
HP Image Zone 5.3
HP Imaging Device Functions 5.3
HP Product Assistant
HP PSC & OfficeJet 5.3.B
InstantShareDevices
iPod Access for Windows v4.2.2
Kaspersky Internet Security 2009
Malwarebytes' Anti-Malware
Malwarebytes' RogueRemover
Micro Logic Info Select 2007
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Visual C++ 2005 Redistributable
Money Manager Ex 0.9.4.2
Move Networks Media Player for Internet Explorer
Mozilla Firefox (3.5.3)
NX Client for Windows 3.2.0-13
PanoStandAlone
PhotoGallery
ProductContext
Quicken 2009
RandMap
ResumeMaker Professional
Scan
SkinsHP1
SmartDraw 2009
Software Virtualization Agent
Sonic_PrimoSDK
Spybot - Search & Destroy
TeXnicCenter Version 1 Beta 7.01 (Greengrass)
TI-SmartView™ - Trial
Tina 8 - Industrial
TurboFLOORPLAN Home & Landscape Pro
TurboTax 2008
TurboTax 2008 WinPerFedFormset
TurboTax 2008 WinPerProgramHelp
TurboTax 2008 WinPerReleaseEngine
TurboTax 2008 WinPerTaxSupport
TurboTax 2008 WinPerUserEducation
TurboTax 2008 wlaiper
TurboTax 2008 wrapper
UltraEdit 14.20
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VMware Player
WinEdt
WinSCP 4.1.7
==== End Of File ===========================