Member Avatar for sharkie002

Vista Home Premium X64


I got a virus that seems to have messed up my OS pretty good. I clean my system regularly using MBAM and Super Anti Spy Ware, and was using Avast AV. But my system got a nasty virus. I currently can't explore my system files without having to open my downloads folder from firefox. When in Normal mode, system will eventually slow to a crawl, and give me a blue screen reboot. In safe mode, my start button disappeared, and can't run most things from my desktop. I have seen a "Whitesmoke Translater" icon pop up on my desktop. I've uninstalled it twice, but its probably still floating around somewhere on the system. Some things have been turned off such as system restore, add remove programs won't launch (although I can uninstall programs using CCleaner).

Anyways, here are the requested logs from the read me first thread, for some reason the GMER logs are blank, not sure why:


ATTACH:

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 3/14/2009 9:40:40 AM
System Uptime: 12/19/2010 5:42:30 PM (1 hours ago)

Motherboard: ASUSTeK Computer INC. | | P5Q-PRO
Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz | LGA 775 | 2499/333mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 466 GiB total, 257.096 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 932 GiB total, 356.582 GiB free.
F: is FIXED (FAT32) - 75 GiB total, 0.97 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================


==== Installed Programs ======================

Acrobat.com
Add or Remove Adobe Premiere Pro CS5
Adobe Acrobat 9 Pro - English, Français, Deutsch
Adobe Acrobat 9.3.0 - CPSID_52073
Adobe After Effects CS4
Adobe After Effects CS4 Presets
Adobe After Effects CS4 Third Party Content
Adobe AIR
Adobe Anchor Service CS3
Adobe Anchor Service CS4
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge CS4
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Color Video Profiles AE CS4
Adobe Community Help
Adobe Contribute CS4
Adobe Creative Suite 4 Master Collection
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS3
Adobe Dreamweaver CS3
Adobe Dreamweaver CS4
Adobe Dynamiclink Support
Adobe Encore CS4
Adobe Encore CS4 Codecs
Adobe ExtendScript Toolkit 2
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS3
Adobe Extension Manager CS4
Adobe Fireworks CS4
Adobe Flash CS3
Adobe Flash CS3 Professional
Adobe Flash CS4
Adobe Flash CS4 Extension - Flash Lite STI en
Adobe Flash CS4 STI-en
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Flash Video Encoder
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Illustrator CS4
Adobe InDesign CS4
Adobe InDesign CS4 Application Feature Set Files (Roman)
Adobe InDesign CS4 Common Base Files
Adobe InDesign CS4 Icon Handler
Adobe Linguistics CS3
Adobe Linguistics CS4
Adobe Media Encoder CS4
Adobe Media Encoder CS4 Additional Exporter
Adobe Media Encoder CS4 Exporter
Adobe Media Encoder CS4 Importer
Adobe Media Player
Adobe MotionPicture Color Files CS4
Adobe OnLocation CS4
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS3
Adobe Reader 9.2
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe SGM CS4
Adobe Shockwave Player 11.5
Adobe SING CS4
Adobe Soundbooth CS4
Adobe Soundbooth CS4 Codecs
Adobe Stock Photos CS3
Adobe Type Support CS4
Adobe Update Manager CS3
Adobe Update Manager CS4
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Apple Application Support
Apple Software Update
ArcSoft TotalMedia Theatre 3
Ashampoo ClipFinder HD 2.03
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
Boris Continuum Complete AE 6
Camtasia Studio 7
Canon MP Navigator EX 2.0
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Carmageddon 2
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center HydraVision Full
Catalyst Control Center InstallProxy
ccc-core-static
CCC Help English
CCleaner (remove only)
Connect
Coupon Printer for Windows
CuteFTP 8 Professional
CyberLink PhotoNow
CyberLink PowerDirector
CyberLink PowerProducer
DirectX 9 Runtime
Disk Heal
Dragon Age: Origins
DVRMSToolbox
Facebook Plug-In
FairStars Audio Converter 1.46
GDR 4053 for SQL Server Database Services 2005 ENU (KB970892)
GDR 4053 for SQL Server Tools and Workstation Components 2005 ENU (KB970892)
Gigabyte Wireless LAN Card
Google Earth Plug-in
Google Gears
Google Update Helper
Halo 2 for Windows Vista
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Jaadu VNC Connect
Jasc Paint Shop Pro 9
Java(TM) 6 Update 17
K-Lite Mega Codec Pack 6.4.0
kuler
Last.fm 1.5.4.27091
Lifextender
Magic ISO Maker v5.3 (build 0221)
Malwarebytes' Anti-Malware
Microsoft Choice Guard
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Professional Edition 2003
Microsoft Office Project 2007 Service Pack 2 (SP2)
Microsoft Office Project MUI (English) 2007
Microsoft Office Project Standard 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
Microsoft SQL Server 2005 Tools Express Edition
Microsoft SQL Server Setup Support Files (English)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mozilla Firefox (3.6.13)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Netflix in Windows Media Center
NVIDIA PhysX
Octoshape add-in for Adobe Flash Player
Orb
Orb Runtime libraries
PDF Settings CS4
Photoshop Camera Raw
Pixel Bender Toolkit
PocketControl
PowerISO
PxMergeModule
Quake 4(TM)
QuickTime
Realtek High Definition Audio Driver
Roxio Activation Module
Roxio BackOnTrack
Roxio CinePlayer
Roxio CinePlayer Decoder Pack
Roxio Creator 2009
Roxio File Backup
Roxio Update Manager
Safari
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
ShowAnalyzer
Skins
SmartSound Quicktracks Plugin
Spelling Dictionaries Support For Adobe Reader 9
Suite Shared Configuration CS4
SUPERAntiSpyware Free Edition
Total Recorder 7.1
Uninstall Mystical
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Vegas Movie Studio Platinum 9.0
Visual Studio 2008 x64 Redistributables
Winamp
Winamp Application Detect
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Player Firefox Plugin
World of Warcraft FREE Trial
Yahoo! Messenger
Yahoo! Software Update

==== End Of File ===========================


DDS:


DDS (Ver_10-12-12.02) - NTFS_AMD64 NETWORK
Run by Administrator at 18:35:21.28 on Sun 12/19/2010
Internet Explorer: 8.0.6001.18928 BrowserJavaVersion: 1.6.0_17
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.4094.3005 [GMT -5:00]

AV: avast! antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\mike.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\explorer.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\Taskmgr.exe
C:\Windows\system32\mmc.exe
C:\Users\Administrator\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uInternet Settings,ProxyOverride = <local>;*.local
uInternet Settings,ProxyServer = http=127.0.0.1:5555
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: {218042f9-fc69-f292-a8c8-d08a6c1fd09f} - C:\Windows\SysWow64\config\systemprofile\AppData\Local\asohediq.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
uRun: [AdobeBridge]
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
mRun: [<NO NAME>]
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
mRunServices: [exe1] C:\Users\ADMINI~1\AppData\Local\Temp\exe1.exe
mRunServices: [RoxWatch11FormatLoaderECDC8.0.0.47] c:\program files (x86)\common files\roxio shared\11.0\sharedcom\formatloadermdcroxshellviewbrowser.exe
mRunServices: [OrderPurchase] c:\program files (x86)\adobe\acrobat 9.0\designer 8.2\de\samples\forms\purchase order\images\orderpurchase.exe
mRunServices: [resourcesMicrosoft] "C:\Program Files (x86)\Microsoft Silverlight\4.0.50524.0\fr\mscorrcresources.exe"
mRunServices: [SUPERAntiSpywareUpdate1001040] c:\users\admini~1\appdata\local\temp\exe1.exe
mRunServices: [AdobeU3D8B4] "C:\Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\(AdobePSL plug-ins)\windows\fileformats\AdobeU3D8B.exe"
mRunServices: [PressCenter] c:\program files (x86)\adobe\adobe photoshop cs3\plug-ins\dreamsuite\effect presets\photopress\centerpress9848.exe
mRunServices: [InstallShieldobjectps] "C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\ObjectInstallShield.exe"
mRunServices: [Photoshop3DEnginePhotoshop3DEngine11.011.02008081320080813..44120080813020000] c:\program files (x86)\adobe\adobe after effects cs4\support files\(adobepsl plug-ins)\windows\fileformats\adobeu3d8b.exe
dRun: [MqmPiZ] C:\Windows\TEMP\ls5wpc.exe
dRun: [MqmPoc] C:\Windows\TEMP\debug.exe
dRun: [MqmPZP] C:\Windows\TEMP\gdi32.exe
dRun: [MqmPf] C:\Windows\TEMP\win.exe
dRun: [MqmPz9] C:\Windows\TEMP\nvsvc32.exe
dRun: [MqmPxb] C:\Windows\TEMP\sysedit.exe
dRun: [Mqsrc] C:\Windows\login.exe
dRun: [Mque] C:\Windows\user.exe
dRun: [Mqrtc] C:\Windows\hexdump.exe
dRun: [Mqutc] C:\Windows\sysedit.exe
dRun: [MqmPqg] C:\Windows\TEMP\hexdump.exe
dRun: [Mqqsc] C:\Windows\drweb.exe
dRun: [MqmPb] C:\Windows\TEMP\mdm.exe
dRun: [Mqrta] C:\Windows\install.exe
dRun: [MqmPxc] C:\Windows\TEMP\smss.exe
dRun: [Mqvpe] C:\Windows\winamp.exe
dRun: [MqrMc] C:\Windows\gdi32.exe
dRun: [MqmPY] C:\Windows\TEMP\cmd.exe
dRun: [MqmPsb] C:\Windows\TEMP\drweb.exe
dRun: [Mqvre] C:\Windows\wininst.exe
dRun: [Mquvc] C:\Windows\setup.exe
dRun: [Mqqoc] C:\Windows\debug.exe
dRun: [MqmPvZ] C:\Windows\TEMP\install.exe
dRun: [MqmPy19ows\TEMP\2801464912.exe] C:\Windows\TEMP\2801464912.exe
dRun: [MqmP12/ows\TEMP\2397748736.exe] C:\Windows\TEMP\2397748736.exe
dRun: [MqmPz1Aows\TEMP\4281299296.exe] C:\Windows\TEMP\4281299296.exe
dRun: [MqmP10/ows\TEMP\3299524848.exe] C:\Windows\TEMP\3299524848.exe
dRun: [MqmPrc] C:\Windows\TEMP\winamp.exe
dRun: [ehphihhq] C:\Windows\TEMP\roaamyqqq\kwtesnbaffm.exe
dRunOnce: [FlashPlayerUpdate] C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
dPolicies-system: DisableRegistryTools = 1 (0x1)
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
TB-X64: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun-x64: [RtHDVCpl] RAVCpl64.exe

================= FIREFOX ===================

FF - ProfilePath - C:\Users\ADMINI~1\AppData\Roaming\Mozilla\Firefox\Profiles\dhecvdft.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=
FF - prefs.js: browser.search.selectedEngine - Winamp Search
FF - prefs.js: browser.startup.homepage - hxxp://google.com
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query=
FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox\components\avgssff.dll
FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: C:\Program Files (x86)\Google\Google Gears\Firefox\lib\ff36\gears.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: C:\Users\Administrator\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: XULRunner: {F5B5829B-74DA-489F-834F-B010DDDFC2C8} - C:\Users\Administrator\AppData\Local\{F5B5829B-74DA-489F-834F-B010DDDFC2C8}
FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - C:\Program Files (x86)\AVG\AVG10\Firefox
FF - Ext: AVG Security Toolbar em:version=6.010.023.001 em:displayname=AVG Security Toolbar em:iconURL=chrome://tavgp/skin/logo.ico em:creator=AVG Technologies em:description=AVG Security Toolbar em:homepageURL=http://www.avg.com >: avg@igeared - C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared
FF - Ext: XULRunner: {B62A3DC8-8C77-46B8-BDAE-CD9440DCEE4B} - C:\Windows\system32\config\systemprofile\AppData\Local\{B62A3DC8-8C77-46B8-BDAE-CD9440DCEE4B}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: <?xmlversion=1.0?><RDF xmlns=http://www.w3.org/1999/02/22-rdf-syntax-ns# xmlns:em=http://www.mozilla.org/2004/em-rdf#><Description about=urn:mozilla:install-manifest><em:id>{43c35458-c907-439b-bcfd-07d373834689}: {43c35458-c907-439b-bcfd-07d373834689} - %profile%\extensions\{43c35458-c907-439b-bcfd-07d373834689}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

---- FIREFOX POLICIES ----
FF - user.js: browser.sessionstore.resume_from_crash - false
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============

R0 AVGIDSEH;AVGIDSEH;C:\Windows\System32\drivers\AVGIDSEH.sys [2010-9-13 27216]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2010-9-7 30288]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2009-3-27 55280]
R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2010-7-12 57696]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2010-11-9 382032]
R3 rt61x64;Gigabyte RT61 Wireless Driver for Windows Vista;C:\Windows\System32\drivers\netr6164.sys [2009-6-10 393216]
S1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2010-9-7 305232]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2010-9-7 41040]
S1 SASDIFSV;SASDIFSV;C:\Program Files (x86)\SUPERAntiSpyware\sasdifsv.sys [2010-2-17 12872]
S1 SASKUTIL;SASKUTIL;C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS [2010-5-6 67656]
S2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG10\avgfws.exe [2010-11-9 3229728]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-11-10 6127184]
S2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400]
S2 ftpsvc;Microsoft FTP Service;C:\Windows\system32\svchost.exe -k ftpsvc [2008-1-20 27648]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-9-29 133104]
S2 Roxio Upnp Server 11;Roxio Upnp Server 11;C:\Program Files (x86)\Roxio Creator 2009\Digital Home 11\RoxioUpnpService11.exe [2008-8-13 367088]
S2 RoxLiveShare11;LiveShare P2P Server 11;C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe [2008-8-13 309744]
S2 RoxWatch11;Roxio Hard Drive Watcher 11;C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe [2008-8-13 170480]
S2 SensticPocketService;Senstic Pocket Service;C:\Program Files (x86)\Senstic\PocketControl\SensticPocketServiceWin.exe [2010-3-3 61560]
S2 ServiceAceSpy;SCfortify;C:\Windows\SysWOW64\SCForte.exe --> C:\Windows\SysWOW64\SCForte.exe [?]
S2 uvnc_service;uvnc_service;C:\Program Files\UltraVNC\winvnc.exe [2009-11-3 1772472]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2010-12-8 517448]
S3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\AVGIDSDriver.sys [2010-8-19 133712]
S3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\AVGIDSFilter.sys [2010-8-19 35920]
S3 avshws;Senstic PocketCam;C:\Windows\System32\drivers\camsource64.sys [2010-3-3 31304]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2010-1-7 89920]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe [2010-3-4 25832]
S3 ENTECH64;ENTECH64;C:\Windows\System32\drivers\Entech64.sys [2009-3-14 12744]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2009-8-28 21504]
S3 NPF;NetGroup Packet Filter Driver;C:\Windows\System32\drivers\npf.sys [2009-11-22 40464]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 PocketAudio;Senstic PocketAudio (WDM);C:\Windows\System32\drivers\senaudio64.sys [2010-3-2 37192]
S3 Roxio UPnP Renderer 11;Roxio UPnP Renderer 11;C:\Program Files (x86)\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe [2008-8-13 313840]
S3 RoxMediaDB11;RoxMediaDB11;C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe [2009-3-3 1122304]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TotRec7;Total Recorder WDM audio driver;C:\Windows\System32\drivers\TotRec7.sys [2008-10-27 178696]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-4-19 50688]
S3 WMSvc;Web Management Service;C:\Windows\System32\inetsrv\WMSvc.exe [2008-1-20 12288]
S4 DTBService;DTBService;C:\Program Files (x86)\DVRMSToolbox\DTBFWService.exe [2009-10-20 20480]

=============== File Associations ===============

JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
VBEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
VBSFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*

=============== Created Last 30 ================

2010-12-18 23:03:48 -------- d-----w- C:\Users\ADMINI~1\AppData\Roaming\WhiteSmokeTranslator
2010-12-16 18:25:57 82434 ----a-w- C:\PROGRA~3\420O87fA.exe
2010-12-10 05:58:28 -------- d-----w- C:\Program Files (x86)\Disk Heal
2010-12-09 04:16:47 -------- d-----w- C:\Users\ADMINI~1\AppData\Local\AVG Security Toolbar
2010-12-09 03:01:49 749832 ----a-w- C:\PROGRA~3\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-6\SpotlightResources.dll
2010-12-09 02:44:54 -------- d--h--w- C:\$AVG
2010-12-09 02:14:03 -------- d-----w- C:\Users\ADMINI~1\AppData\Roaming\AVG10
2010-12-09 02:12:55 -------- d--h--w- C:\PROGRA~3\Common Files
2010-12-09 02:12:36 -------- d-----w- C:\PROGRA~3\AVG Security Toolbar
2010-12-09 02:12:06 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2010-12-09 02:11:25 -------- d-----w- C:\Windows\System32\drivers\AVG
2010-12-09 02:11:25 -------- d-----w- C:\PROGRA~3\AVG10
2010-12-09 02:09:13 -------- d-----w- C:\Program Files (x86)\AVG
2010-12-08 23:59:50 -------- d-----w- C:\PROGRA~3\MFAData
2010-12-08 05:25:07 3079168 ----a-w- C:\Windows\mike.exe
2010-12-08 03:58:42 -------- d-----w- C:\PROGRA~3\Alwil Software
2010-12-04 06:01:37 416128 ----a-w- C:\PROGRA~3\Microsoft\eHome\Packages\NetTV\Browse-4\NetTVResources.dll
2010-12-04 06:01:34 652296 ----a-w- C:\PROGRA~3\Microsoft\eHome\Packages\SportsTemplate\SportsTemplateCore-4\Microsoft.MediaCenter.Sports.UI.dll
2010-12-02 10:30:51 -------- d-----w- C:\Windows\SysWow64\AppLogs
2010-12-02 05:08:43 -------- d-----w- C:\Spiceworld Order_files

==================== Find3M ====================

2010-12-16 18:25:47 82434 ----a-w- C:\PROGRA~3\420O87fA.exe
2010-11-29 22:42:06 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-11-12 07:00:08 0 ----a-w- C:\Windows\SysWow64\lsp3BE5.tmp
2010-11-10 03:20:56 382032 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2010-11-02 22:14:10 37628360 ----a-w- C:\Windows\System32\mrt.exe
2010-10-17 06:38:17 114 ----a-w- C:\24339.bat
2003-05-16 13:01:38 9705984 ----a-w- C:\Program Files (x86)\DS.exe
2003-05-01 18:59:32 1413120 ----a-w- C:\Program Files (x86)\DS_PlugIn.8bf

============= FINISH: 18:36:11.02 ===============

MBAM:


Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Database version: 5309

Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 8.0.6001.18928

12/19/2010 11:49:28 AM
mbam-log-2010-12-19 (11-49-28).txt

Scan type: Quick scan
Objects scanned: 171832
Time elapsed: 2 minute(s), 42 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 36
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 22

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{B1B220C1-A503-59BD-F413-02B53A2C8954} (Trojan.ErtFor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B1B220C1-A503-59BD-F413-02B53A2C8954} (Trojan.ErtFor) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Gwukuw (Trojan.Hiloti) -> Value: Gwukuw -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{B1B220C1-A503-59BD-F413-02B53A2C8954} (Trojan.ErtFor) -> Value: {B1B220C1-A503-59BD-F413-02B53A2C8954} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{B1B220C1-A503-59BD-F413-02B53A2C8954} (Trojan.ErtFor) -> Value: {B1B220C1-A503-59BD-F413-02B53A2C8954} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPsd (Trojan.Downloader) -> Value: MqmPsd -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPsd (Trojan.Downloader) -> Value: MqmPsd -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPgP (Trojan.Downloader) -> Value: MqmPgP -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPgP (Trojan.Downloader) -> Value: MqmPgP -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqpe (Trojan.Downloader) -> Value: Mqpe -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mqpe (Trojan.Downloader) -> Value: Mqpe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqpSc (Trojan.Downloader.Gen) -> Value: MqpSc -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqpSc (Trojan.Downloader.Gen) -> Value: MqpSc -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mquse (Trojan.Agent) -> Value: Mquse -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mquse (Trojan.Agent) -> Value: Mquse -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPtPQ (Trojan.Downloader.Gen) -> Value: MqmPtPQ -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPtPQ (Trojan.Downloader.Gen) -> Value: MqmPtPQ -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\uPc+kt0NbhdCxl (Trojan.Downloader.Gen) -> Value: uPc+kt0NbhdCxl -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\uPc+kt0NbhdCxl (Trojan.Downloader.Gen) -> Value: uPc+kt0NbhdCxl -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqvPc (Trojan.Downloader) -> Value: MqvPc -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqvPcla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9) Gecko/2008052906 Firefox/3.0 (Trojan.Downloader) -> Value: MqvPcla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9) Gecko/2008052906 Firefox/3.0 -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqvPc (Trojan.Downloader) -> Value: MqvPc -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqvPcla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9) Gecko/2008052906 Firefox/3.0 (Trojan.Downloader) -> Value: MqvPcla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9) Gecko/2008052906 Firefox/3.0 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPeP (Trojan.Downloader.Gen) -> Value: MqmPeP -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPeP (Trojan.Downloader.Gen) -> Value: MqmPeP -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPqe (Trojan.Downloader.Gen) -> Value: MqmPqe -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPqe (Trojan.Downloader.Gen) -> Value: MqmPqe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPvc (Trojan.Downloader.Gen) -> Value: MqmPvc -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPvc (Trojan.Downloader.Gen) -> Value: MqmPvc -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPwe (Trojan.Downloader.Gen) -> Value: MqmPwe -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPwe (Trojan.Downloader.Gen) -> Value: MqmPwe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPtg (Trojan.Downloader.Gen) -> Value: MqmPtg -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPtg (Trojan.Downloader.Gen) -> Value: MqmPtg -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqsZ (Trojan.Downloader) -> Value: MqsZ -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqsZ (Trojan.Downloader) -> Value: MqsZ -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPd (Trojan.Downloader.Gen) -> Value: MqmPd -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqmPd (Trojan.Downloader.Gen) -> Value: MqmPd -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Xbonehisuket (Trojan.Agent.U) -> Value: Xbonehisuket -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
c:\Users\administrator\AppData\Roaming\whitesmoketranslator (PUP.WhiteSmoke) -> Not selected for removal.

Files Infected:
c:\Users\administrator\AppData\Local\anacmtUR.dll (Trojan.Hiloti) -> Quarantined and deleted successfully.
c:\Windows\SysWOW64\dgl4orpym.dll (Trojan.ErtFor) -> Quarantined and deleted successfully.
c:\Windows\Temp\fcmepok.exe (Trojan.Hiloti) -> Quarantined and deleted successfully.
c:\Windows\Temp\iexplorer.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
c:\Windows\Temp\660354609.exe (Trojan.FakeAlert.Gen) -> Quarantined and deleted successfully.
c:\Windows\Temp\805278609.exe (Trojan.FakeAlert.Gen) -> Quarantined and deleted successfully.
c:\Windows\Temp\taskmgr.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\Temp\win32.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\avp.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\avp32.exe (Trojan.Downloader.Gen) -> Quarantined and deleted successfully.
c:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\bmuq44of6.exe (Trojan.Downloader.Gen) -> Quarantined and deleted successfully.
c:\Windows\System32\ev8lqr8x.dll (Trojan.Downloader.Gen) -> Quarantined and deleted successfully.
c:\Windows\win16.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\Temp\avp32.exe (Trojan.Downloader.Gen) -> Quarantined and deleted successfully.
c:\Windows\Temp\login.exe (Trojan.Downloader.Gen) -> Quarantined and deleted successfully.
c:\Windows\Temp\user.exe (Trojan.Downloader.Gen) -> Quarantined and deleted successfully.
c:\Windows\Temp\setup.exe (Trojan.Downloader.Gen) -> Quarantined and deleted successfully.
c:\Windows\Temp\wininst.exe (Trojan.Downloader.Gen) -> Quarantined and deleted successfully.
c:\Windows\mdm.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\Temp\avp.exe (Trojan.Downloader.Gen) -> Quarantined and deleted successfully.
c:\Windows\System32\config\systemprofile\AppData\Local\asohediq.dll (Trojan.Agent.U) -> Quarantined and deleted successfully.

Thanks Everyone for your help on this..

  • 3 Contributors
  • 19 Replies
  • 381 Views
  • 1 Week Discussion Span
  • Latest Post Latest Post by crunchie
Member Avatar for jholland1964

The reason you are still seeing this Whitesmoke Translater on the computer is that it WAS shown to you in the MBA-M scan but was not marked by you for removal

Folders Infected:
c:\Users\administrator\AppData\Roaming\whitesmoketranslator (PUP.WhiteSmoke) -> Not selected for removal

Something designated as a PUP means Potentially Unwanted Program. Those should always be removed.
The Whitesmoke Translator purports to be a program which analyzes users' writing and provides suggestions for improved grammar, style, and spelling. It gets bad reviews and its own website is considered unsatisfactory and possibly dangerous for possible Phishing, scamming, malware and spyware. I don't see it listed in your list of installed programs but it evidently is on the computer, though not installed fully.

Your Malwarebytes' program was not updated before the run. Current database is 5359 and yours showed 5309 at the time of the run and it was run in Safe Mode.
You need to update Malwarebytes and run a Full Scan with it in Normal Mode.
While the program will run and remove, as you have seen, in Safe Mode it doesn't scan everything in Safe Mode so it always should be run in Normal Mode if possible.
I ask that you do update and run again in Normal Mode, have it remove EVERYTHING found this time, Reboot the computer after it is finished.
Then also run this scan

Run the ESET Online Scanner

http://www.eset.com/onlinescan/scanner.php?i_agree=14
* You can use Internet Explorer to complete this scan and you will need to allow an Active X to be installed or you may use Firefox
* You will need to temporarily Disable your current Anti-virus program.
* Be sure the option to Remove found threats is checked and the option to Scan unwanted applications is Checked.
* When you have completed that scan, a scanlog ought to have been created and located at C:\Program Files\EsetOnlineScanner\log.txt.

Reboot again and again run the DDS scanner. Post back here with all of those logs.
Judy

Member Avatar for sharkie002

Hi Judy. Thank you for all your help. Believe it or not, it took almost 20 hours to run the scans (MBAM took 19+ hours), my normal mode explorer is in bad shape. Anyway, I was pasting all my logs to the thread last night, and I lost internet access. I rebooted in normal and safe w/ networking, could not access the web. I will post the logs later from another machine (I am at work right now). Thanks again...

Member Avatar for jholland1964

Check your LAN settings on that infected computer. Make sure they are not configured to use a proxy which many of these infections change. That is so the only "proxy" that can be used is theirs.
Go to the Control Panel, Internet Options, Connections, press the LAN settings button and make sure there is no check mark in Use a Proxy Server.

Member Avatar for sharkie002

I got home and the internet is working again. But I will take the advice if it happens again. Anyways, here are my logs:

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Database version: 5359

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928

12/20/2010 6:50:29 PM
mbam-log-2010-12-20 (18-50-29).txt

Scan type: Full scan (C:\|)
Objects scanned: 533692
Time elapsed: 19 hour(s), 8 minute(s), 15 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
c:\Users\administrator\AppData\Roaming\whitesmoketranslator (PUP.WhiteSmoke) -> Delete on reboot.

Files Infected:
(No malicious items detected)


ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6419
# api_version=3.0.2
# EOSSerial=43606e86ead2d64893799ad49c7379f9
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2010-12-21 04:06:45
# local_time=2010-12-20 11:06:45 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=768 16777215 100 0 0 0 0 0
# compatibility_mode=1032 16777214 100 89 0 50466681 0 0
# compatibility_mode=5892 16776574 100 56 12985110 129495333 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=417516
# found=3
# cleaned=3
# scan_time=7778
C:\ProgramData\420O87fA.exe Win32/TrojanClicker.Agent.NEB trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Public\Documents\Server\hlp.dat Win32/Bamital.DZ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Windows\System32\Psniff.ocx probably a variant of Win32/IRCBot.TSLXMC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

DDS (Ver_10-12-12.02) - NTFS_AMD64 NETWORK
Run by Administrator at 0:11:44.20 on Tue 12/21/2010
BrowserJavaVersion: 1.6.0_17
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.4094.3282 [GMT -5:00]

AV: avast! antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\mike.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\explorer.exe
C:\Users\Administrator\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uInternet Settings,ProxyOverride = <local>;*.local
uInternet Settings,ProxyServer = http=127.0.0.1:5555
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: {218042f9-fc69-f292-a8c8-d08a6c1fd09f} - C:\Windows\SysWow64\config\systemprofile\AppData\Local\asohediq.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
uRun: [AdobeBridge]
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
mRun: [<NO NAME>]
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
mRun: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
mRunServices: [exe1] C:\Users\ADMINI~1\AppData\Local\Temp\exe1.exe
mRunServices: [RoxWatch11FormatLoaderECDC8.0.0.47] c:\program files (x86)\common files\roxio shared\11.0\sharedcom\formatloadermdcroxshellviewbrowser.exe
mRunServices: [OrderPurchase] c:\program files (x86)\adobe\acrobat 9.0\designer 8.2\de\samples\forms\purchase order\images\orderpurchase.exe
mRunServices: [resourcesMicrosoft] "C:\Program Files (x86)\Microsoft Silverlight\4.0.50524.0\fr\mscorrcresources.exe"
mRunServices: [SUPERAntiSpywareUpdate1001040] c:\users\admini~1\appdata\local\temp\exe1.exe
mRunServices: [AdobeU3D8B4] "C:\Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\(AdobePSL plug-ins)\windows\fileformats\AdobeU3D8B.exe"
mRunServices: [PressCenter] c:\program files (x86)\adobe\adobe photoshop cs3\plug-ins\dreamsuite\effect presets\photopress\centerpress9848.exe
mRunServices: [InstallShieldobjectps] "C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\ObjectInstallShield.exe"
mRunServices: [Photoshop3DEnginePhotoshop3DEngine11.011.02008081320080813..44120080813020000] c:\program files (x86)\adobe\adobe after effects cs4\support files\(adobepsl plug-ins)\windows\fileformats\adobeu3d8b.exe
dRun: [MqmPiZ] C:\Windows\TEMP\ls5wpc.exe
dRun: [MqmPoc] C:\Windows\TEMP\debug.exe
dRun: [MqmPZP] C:\Windows\TEMP\gdi32.exe
dRun: [MqmPf] C:\Windows\TEMP\win.exe
dRun: [MqmPz9] C:\Windows\TEMP\nvsvc32.exe
dRun: [MqmPxb] C:\Windows\TEMP\sysedit.exe
dRun: [Mqsrc] C:\Windows\login.exe
dRun: [Mque] C:\Windows\user.exe
dRun: [Mqrtc] C:\Windows\hexdump.exe
dRun: [Mqutc] C:\Windows\sysedit.exe
dRun: [MqmPqg] C:\Windows\TEMP\hexdump.exe
dRun: [Mqqsc] C:\Windows\drweb.exe
dRun: [MqmPb] C:\Windows\TEMP\mdm.exe
dRun: [Mqrta] C:\Windows\install.exe
dRun: [MqmPxc] C:\Windows\TEMP\smss.exe
dRun: [Mqvpe] C:\Windows\winamp.exe
dRun: [MqrMc] C:\Windows\gdi32.exe
dRun: [MqmPY] C:\Windows\TEMP\cmd.exe
dRun: [MqmPsb] C:\Windows\TEMP\drweb.exe
dRun: [Mqvre] C:\Windows\wininst.exe
dRun: [Mquvc] C:\Windows\setup.exe
dRun: [Mqqoc] C:\Windows\debug.exe
dRun: [MqmPvZ] C:\Windows\TEMP\install.exe
dRun: [MqmPy19ows\TEMP\2801464912.exe] C:\Windows\TEMP\2801464912.exe
dRun: [MqmP12/ows\TEMP\2397748736.exe] C:\Windows\TEMP\2397748736.exe
dRun: [MqmPz1Aows\TEMP\4281299296.exe] C:\Windows\TEMP\4281299296.exe
dRun: [MqmP10/ows\TEMP\3299524848.exe] C:\Windows\TEMP\3299524848.exe
dRun: [MqmPrc] C:\Windows\TEMP\winamp.exe
dRun: [ehphihhq] C:\Windows\TEMP\roaamyqqq\kwtesnbaffm.exe
dRunOnce: [FlashPlayerUpdate] C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
dPolicies-explorer: NOFOLDEROPTIONS = 1 (0x1)
dPolicies-system: DisableRegistryTools = 1 (0x1)
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
TB-X64: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun-x64: [RtHDVCpl] RAVCpl64.exe

================= FIREFOX ===================

FF - ProfilePath - C:\Users\ADMINI~1\AppData\Roaming\Mozilla\Firefox\Profiles\dhecvdft.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=
FF - prefs.js: browser.search.selectedEngine - Winamp Search
FF - prefs.js: browser.startup.homepage - hxxp://google.com
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query=
FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox\components\avgssff.dll
FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: C:\Program Files (x86)\Google\Google Gears\Firefox\lib\ff36\gears.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: C:\Users\Administrator\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Google Gears: {000a9d1c-beef-4f90-9363-039d445309b8} - C:\Program Files (x86)\Google\Google Gears\Firefox
FF - Ext: XULRunner: {F5B5829B-74DA-489F-834F-B010DDDFC2C8} - C:\Users\Administrator\AppData\Local\{F5B5829B-74DA-489F-834F-B010DDDFC2C8}
FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - C:\Program Files (x86)\AVG\AVG10\Firefox
FF - Ext: AVG Security Toolbar em:version=6.010.023.001 em:displayname=AVG Security Toolbar em:iconURL=chrome://tavgp/skin/logo.ico em:creator=AVG Technologies em:description=AVG Security Toolbar em:homepageURL=http://www.avg.com >: avg@igeared - C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared
FF - Ext: XULRunner: {B62A3DC8-8C77-46B8-BDAE-CD9440DCEE4B} - C:\Windows\system32\config\systemprofile\AppData\Local\{B62A3DC8-8C77-46B8-BDAE-CD9440DCEE4B}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: <?xmlversion=1.0?><RDF xmlns=http://www.w3.org/1999/02/22-rdf-syntax-ns# xmlns:em=http://www.mozilla.org/2004/em-rdf#><Description about=urn:mozilla:install-manifest><em:id>{43c35458-c907-439b-bcfd-07d373834689}: {43c35458-c907-439b-bcfd-07d373834689} - %profile%\extensions\{43c35458-c907-439b-bcfd-07d373834689}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

---- FIREFOX POLICIES ----
FF - user.js: browser.sessionstore.resume_from_crash - false
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============

R0 AVGIDSEH;AVGIDSEH;C:\Windows\System32\drivers\AVGIDSEH.sys [2010-9-13 27216]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2010-9-7 30288]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2009-3-27 55280]
R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2010-7-12 57696]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2010-11-9 382032]
R3 rt61x64;Gigabyte RT61 Wireless Driver for Windows Vista;C:\Windows\System32\drivers\netr6164.sys [2009-6-10 393216]
S1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2010-9-7 305232]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2010-9-7 41040]
S1 SASDIFSV;SASDIFSV;C:\Program Files (x86)\SUPERAntiSpyware\sasdifsv.sys [2010-2-17 12872]
S1 SASKUTIL;SASKUTIL;C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS [2010-5-6 67656]
S2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG10\avgfws.exe [2010-11-9 3229728]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-11-10 6127184]
S2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400]
S2 ftpsvc;Microsoft FTP Service;C:\Windows\system32\svchost.exe -k ftpsvc [2008-1-20 27648]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-9-29 133104]
S2 Roxio Upnp Server 11;Roxio Upnp Server 11;C:\Program Files (x86)\Roxio Creator 2009\Digital Home 11\RoxioUpnpService11.exe [2008-8-13 367088]
S2 RoxLiveShare11;LiveShare P2P Server 11;C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe [2008-8-13 309744]
S2 RoxWatch11;Roxio Hard Drive Watcher 11;C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe [2008-8-13 170480]
S2 SensticPocketService;Senstic Pocket Service;C:\Program Files (x86)\Senstic\PocketControl\SensticPocketServiceWin.exe [2010-3-3 61560]
S2 ServiceAceSpy;SCfortify;C:\Windows\SysWOW64\SCForte.exe --> C:\Windows\SysWOW64\SCForte.exe [?]
S2 uvnc_service;uvnc_service;C:\Program Files\UltraVNC\winvnc.exe [2009-11-3 1772472]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2010-12-8 517448]
S3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\AVGIDSDriver.sys [2010-8-19 133712]
S3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\AVGIDSFilter.sys [2010-8-19 35920]
S3 avshws;Senstic PocketCam;C:\Windows\System32\drivers\camsource64.sys [2010-3-3 31304]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2010-1-7 89920]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe [2010-3-4 25832]
S3 ENTECH64;ENTECH64;C:\Windows\System32\drivers\Entech64.sys [2009-3-14 12744]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2009-8-28 21504]
S3 NPF;NetGroup Packet Filter Driver;C:\Windows\System32\drivers\npf.sys [2009-11-22 40464]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 PocketAudio;Senstic PocketAudio (WDM);C:\Windows\System32\drivers\senaudio64.sys [2010-3-2 37192]
S3 Roxio UPnP Renderer 11;Roxio UPnP Renderer 11;C:\Program Files (x86)\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe [2008-8-13 313840]
S3 RoxMediaDB11;RoxMediaDB11;C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe [2009-3-3 1122304]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TotRec7;Total Recorder WDM audio driver;C:\Windows\System32\drivers\TotRec7.sys [2008-10-27 178696]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-4-19 50688]
S3 WMSvc;Web Management Service;C:\Windows\System32\inetsrv\WMSvc.exe [2008-1-20 12288]
S4 DTBService;DTBService;C:\Program Files (x86)\DVRMSToolbox\DTBFWService.exe [2009-10-20 20480]

=============== File Associations ===============

JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
VBEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
VBSFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*

=============== Created Last 30 ================

2010-12-21 01:43:33 -------- d-----w- C:\Program Files (x86)\ESET
2010-12-10 05:58:28 -------- d-----w- C:\Program Files (x86)\Disk Heal
2010-12-09 04:16:47 -------- d-----w- C:\Users\ADMINI~1\AppData\Local\AVG Security Toolbar
2010-12-09 03:01:49 749832 ----a-w- C:\PROGRA~3\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-6\SpotlightResources.dll
2010-12-09 02:44:54 -------- d--h--w- C:\$AVG
2010-12-09 02:14:03 -------- d-----w- C:\Users\ADMINI~1\AppData\Roaming\AVG10
2010-12-09 02:12:55 -------- d--h--w- C:\PROGRA~3\Common Files
2010-12-09 02:12:36 -------- d-----w- C:\PROGRA~3\AVG Security Toolbar
2010-12-09 02:12:06 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2010-12-09 02:11:25 -------- d-----w- C:\Windows\System32\drivers\AVG
2010-12-09 02:11:25 -------- d-----w- C:\PROGRA~3\AVG10
2010-12-09 02:09:13 -------- d-----w- C:\Program Files (x86)\AVG
2010-12-08 23:59:50 -------- d-----w- C:\PROGRA~3\MFAData
2010-12-08 05:25:07 3079168 ----a-w- C:\Windows\mike.exe
2010-12-08 03:58:42 -------- d-----w- C:\PROGRA~3\Alwil Software
2010-12-04 06:01:37 416128 ----a-w- C:\PROGRA~3\Microsoft\eHome\Packages\NetTV\Browse-4\NetTVResources.dll
2010-12-04 06:01:34 652296 ----a-w- C:\PROGRA~3\Microsoft\eHome\Packages\SportsTemplate\SportsTemplateCore-4\Microsoft.MediaCenter.Sports.UI.dll
2010-12-02 10:30:51 -------- d-----w- C:\Windows\SysWow64\AppLogs
2010-12-02 05:08:43 -------- d-----w- C:\Spiceworld Order_files

==================== Find3M ====================

2010-11-29 22:42:06 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-11-12 07:00:08 0 ----a-w- C:\Windows\SysWow64\lsp3BE5.tmp
2010-11-10 03:20:56 382032 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2010-10-17 06:38:17 114 ----a-w- C:\24339.bat
2003-05-16 13:01:38 9705984 ----a-w- C:\Program Files (x86)\DS.exe
2003-05-01 18:59:32 1413120 ----a-w- C:\Program Files (x86)\DS_PlugIn.8bf

============= FINISH: 0:14:20.44 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 3/14/2009 9:40:40 AM
System Uptime: 12/20/2010 11:15:30 PM (1 hours ago)

Motherboard: ASUSTeK Computer INC. | | P5Q-PRO
Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz | LGA 775 | 2499/333mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 466 GiB total, 256.487 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 932 GiB total, 356.582 GiB free.
F: is FIXED (FAT32) - 75 GiB total, 0.97 GiB free.
H: is NetworkDisk (NTFS) - 37 GiB total, 15.285 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================


==== Installed Programs ======================

Acrobat.com
Add or Remove Adobe Premiere Pro CS5
Adobe Acrobat 9 Pro - English, Français, Deutsch
Adobe Acrobat 9.3.0 - CPSID_52073
Adobe After Effects CS4
Adobe After Effects CS4 Presets
Adobe After Effects CS4 Third Party Content
Adobe AIR
Adobe Anchor Service CS3
Adobe Anchor Service CS4
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge CS4
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Color Video Profiles AE CS4
Adobe Community Help
Adobe Contribute CS4
Adobe Creative Suite 4 Master Collection
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS3
Adobe Dreamweaver CS3
Adobe Dreamweaver CS4
Adobe Dynamiclink Support
Adobe Encore CS4
Adobe Encore CS4 Codecs
Adobe ExtendScript Toolkit 2
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS3
Adobe Extension Manager CS4
Adobe Fireworks CS4
Adobe Flash CS3
Adobe Flash CS3 Professional
Adobe Flash CS4
Adobe Flash CS4 Extension - Flash Lite STI en
Adobe Flash CS4 STI-en
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Flash Video Encoder
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Illustrator CS4
Adobe InDesign CS4
Adobe InDesign CS4 Application Feature Set Files (Roman)
Adobe InDesign CS4 Common Base Files
Adobe InDesign CS4 Icon Handler
Adobe Linguistics CS3
Adobe Linguistics CS4
Adobe Media Encoder CS4
Adobe Media Encoder CS4 Additional Exporter
Adobe Media Encoder CS4 Exporter
Adobe Media Encoder CS4 Importer
Adobe Media Player
Adobe MotionPicture Color Files CS4
Adobe OnLocation CS4
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS3
Adobe Reader 9.2
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe SGM CS4
Adobe Shockwave Player 11.5
Adobe SING CS4
Adobe Soundbooth CS4
Adobe Soundbooth CS4 Codecs
Adobe Stock Photos CS3
Adobe Type Support CS4
Adobe Update Manager CS3
Adobe Update Manager CS4
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Apple Application Support
Apple Software Update
ArcSoft TotalMedia Theatre 3
Ashampoo ClipFinder HD 2.03
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
Boris Continuum Complete AE 6
Camtasia Studio 7
Canon MP Navigator EX 2.0
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Carmageddon 2
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center HydraVision Full
Catalyst Control Center InstallProxy
ccc-core-static
CCC Help English
CCleaner (remove only)
Connect
Coupon Printer for Windows
CuteFTP 8 Professional
CyberLink PhotoNow
CyberLink PowerDirector
CyberLink PowerProducer
DirectX 9 Runtime
Disk Heal
Dragon Age: Origins
DVRMSToolbox
ESET Online Scanner v3
Facebook Plug-In
FairStars Audio Converter 1.46
GDR 4053 for SQL Server Database Services 2005 ENU (KB970892)
GDR 4053 for SQL Server Tools and Workstation Components 2005 ENU (KB970892)
Gigabyte Wireless LAN Card
Google Earth Plug-in
Google Gears
Google Update Helper
Halo 2 for Windows Vista
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Jaadu VNC Connect
Jasc Paint Shop Pro 9
Java(TM) 6 Update 17
K-Lite Mega Codec Pack 6.4.0
kuler
Last.fm 1.5.4.27091
Lifextender
Magic ISO Maker v5.3 (build 0221)
Malwarebytes' Anti-Malware
Microsoft Choice Guard
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Professional Edition 2003
Microsoft Office Project 2007 Service Pack 2 (SP2)
Microsoft Office Project MUI (English) 2007
Microsoft Office Project Standard 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
Microsoft SQL Server 2005 Tools Express Edition
Microsoft SQL Server Setup Support Files (English)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mozilla Firefox (3.6.13)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Netflix in Windows Media Center
NVIDIA PhysX
Octoshape add-in for Adobe Flash Player
Orb
Orb Runtime libraries
PDF Settings CS4
Photoshop Camera Raw
Pixel Bender Toolkit
PocketControl
PowerISO
PxMergeModule
Quake 4(TM)
QuickTime
Realtek High Definition Audio Driver
Roxio Activation Module
Roxio BackOnTrack
Roxio CinePlayer
Roxio CinePlayer Decoder Pack
Roxio Creator 2009
Roxio File Backup
Roxio Update Manager
Safari
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
ShowAnalyzer
Skins
SmartSound Quicktracks Plugin
Spelling Dictionaries Support For Adobe Reader 9
Suite Shared Configuration CS4
SUPERAntiSpyware Free Edition
Total Recorder 7.1
Uninstall Mystical
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Vegas Movie Studio Platinum 9.0
Visual Studio 2008 x64 Redistributables
Winamp
Winamp Application Detect
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Player Firefox Plugin
World of Warcraft FREE Trial
Yahoo! Messenger
Yahoo! Software Update

==== End Of File ===========================

Member Avatar for jholland1964

Download OTL to your Desktop.

* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
* Under the Custom Scan box paste this in:


netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT

* Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

* When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
* Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

Edited by jholland1964 because: n/a
Member Avatar for sharkie002

Thanks for the reply. For some reason I cant post the logs. Is it because they are so big...? When I hit submit, my browser hangs for a while then I get a blank screen.. Has this happened to anyone else...? I tried posting one log at a time, then I cut the first log in half, still no dice.. I'll try again in a bit...

Member Avatar for jholland1964

Try again. But do post them one at a time. Don't put them all in one post.
If that doesn't work try to attach them.

Member Avatar for sharkie002

No luck. Here are the attachments.

OTL Extras logfile created on: 12/22/2010 9:50:59 PM - Run 1

OTL by OldTimer - Version 3.2.18.0     Folder = C:\Users\Administrator\Desktop

64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18928)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 83.00% Memory free

12.00 Gb Paging File | 11.00 Gb Available in Paging File | 95.00% Paging File free

Paging file location(s): [Binary data over 100 bytes]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 465.76 Gb Total Space | 255.97 Gb Free Space | 54.96% Space Free | Partition Type: NTFS

Drive E: | 931.51 Gb Total Space | 356.58 Gb Free Space | 38.28% Space Free | Partition Type: NTFS

Drive F: | 74.50 Gb Total Space | 0.97 Gb Free Space | 1.30% Space Free | Partition Type: FAT32

 

Computer Name: CYBERSHARK | User Name: Administrator | Logged in as Administrator.

Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

 

 

[color=#E56717]========== File Associations ==========[/color]

 

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

.jse[@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)

.vbe[@ = VBEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)

.vbs[@ = VBSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)

.wsf[@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.jse [@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)

.vbe [@ = VBEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)

.vbs [@ = VBSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)

.wsf [@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

[color=#E56717]========== Shell Spawning ==========[/color]

 

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %* File not found

cmdfile [open] -- "%1" %* File not found

comfile [open] -- "%1" %* File not found

exefile [open] -- "%1" %* File not found

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)

piffile [open] -- "%1" %* File not found

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1" File not found

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S File not found

txtfile [edit] -- Reg Error: Key error.

vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)

vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)

wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found

Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)

Directory [Winamp.EnqueueAndPlay] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "\\QUEUE" "%1" (Nullsoft, Inc.)

Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)

Directory [Winamp.WinampLibrary] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "\\ADDML" "%1" (Nullsoft, Inc.)

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control
OTL logfile created on: 12/22/2010 9:50:59 PM - Run 1

OTL by OldTimer - Version 3.2.18.0     Folder = C:\Users\Administrator\Desktop

64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18928)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 83.00% Memory free

12.00 Gb Paging File | 11.00 Gb Available in Paging File | 95.00% Paging File free

Paging file location(s): [Binary data over 100 bytes]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 465.76 Gb Total Space | 255.97 Gb Free Space | 54.96% Space Free | Partition Type: NTFS

Drive E: | 931.51 Gb Total Space | 356.58 Gb Free Space | 38.28% Space Free | Partition Type: NTFS

Drive F: | 74.50 Gb Total Space | 0.97 Gb Free Space | 1.30% Space Free | Partition Type: FAT32

 

Computer Name: CYBERSHARK | User Name: Administrator | Logged in as Administrator.

Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 

[color=#E56717]========== Processes (SafeList) ==========[/color]

 

PRC - [2010/12/22 21:48:52 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe

 

 

[color=#E56717]========== Modules (SafeList) ==========[/color]

 

MOD - [2010/12/22 21:48:52 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe

 

 

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

 

SRV:[b]64bit:[/b] - File not found [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -d -f %ProgramFiles%\WinPcap\rpcapd.ini -- (rpcapd)

SRV:[b]64bit:[/b] - [2009/08/16 00:39:54 | 001,772,472 | ---- | M] (UltraVNC) [Auto | Stopped] -- C:\Program Files\UltraVNC\WinVNC.exe -- (uvnc_service)

SRV:[b]64bit:[/b] - [2009/07/20 14:36:12 | 000,419,176 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\inetsrv\ftpsvc.dll -- (ftpsvc)

SRV:[b]64bit:[/b] - [2009/02/25 16:34:02 | 000,949,760 | ---- | M] (ATI Technologies Inc.) [Auto | Stopped] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)

SRV:[b]64bit:[/b] - [2008/01/20 21:51:30 | 000,012,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\wmsvc.exe -- (WMSvc)

SRV:[b]64bit:[/b] - [2008/01/20 21:51:26 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\inetsrv\inetinfo.exe -- (IISADMIN)

SRV:[b]64bit:[/b] - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2010/11/10 19:08:02 | 006,127,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)

SRV - [2010/11/09 22:22:16 | 003,229,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG10\avgfws.exe -- (avgfws)

SRV - [2010/10/25 09:01:42 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)

SRV - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -- (avgwd)

SRV - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2010/04/21 12:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)

SRV - [2010/04/21 12:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)

SRV - [2010/03/03 13:41:16 | 000,061,560 | ---- | M] (Senstic) [Auto | Stopped] -- C:\Program Files (x86)\Senstic\PocketControl\SensticPocketServiceWin.exe -- (SensticPocketService)

SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

SRV - [2009/12/21 18:04:02 | 000,036,352 | ---- | M] (Orb Networks) [Auto | Stopped] -- C:\Program Files (x86)\Orb Networks\Orb\bin\OrbMediaService.exe -- (OrbMediaService)

SRV - [2009/10/20 21:51:50 | 000,020,480 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\DVRMSToolbox\DTBFWService.exe -- (DTBService)

SRV - [2009/07/26 06:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)

SRV - [2009/04/10 23:28:18 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHost
Member Avatar for crunchie

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    :Files

:OTL
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {218042f9-fc69-f292-a8c8-d08a6c1fd09f} - C:\Windows\SysWow64\config\systemprofile\AppData\Local\asohediq.dll File not found
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe File not found
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKLM..\RunServices: [AdobeU3D8B4] C:\Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\(AdobePSL plug-ins)\windows\fileformats\AdobeU3D8B.exe File not found
O4 - HKLM..\RunServices: [exe1] C:\Users\ADMINI~1\AppData\Local\Temp\exe1.exe File not found
O4 - HKLM..\RunServices: [InstallShieldobjectps] C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\ObjectInstallShield.exe File not found
O4 - HKLM..\RunServices: [OrderPurchase] c:\program files (x86)\adobe\acrobat 9.0\designer 8.2\de\samples\forms\purchase order\images\orderpurchase.exe File not found
O4 - HKLM..\RunServices: [Photoshop3DEnginePhotoshop3DEngine11.011.02008081320080813..44120080813020000] c:\program files (x86)\adobe\adobe after effects cs4\support files\(adobepsl plug-ins)\windows\fileformats\adobeu3d8b.exe File not found
O4 - HKLM..\RunServices: [PressCenter] c:\program files (x86)\adobe\adobe photoshop cs3\plug-ins\dreamsuite\effect presets\photopress\centerpress9848.exe File not found
O4 - HKLM..\RunServices: [resourcesMicrosoft] C:\Program Files (x86)\Microsoft Silverlight\4.0.50524.0\fr\mscorrcresources.exe File not found
O4 - HKLM..\RunServices: [RoxWatch11FormatLoaderECDC8.0.0.47] c:\program files (x86)\common files\roxio shared\11.0\sharedcom\formatloadermdcroxshellviewbrowser.exe File not found
O4 - HKLM..\RunServices: [SUPERAntiSpywareUpdate1001040] c:\users\admini~1\appdata\local\temp\exe1.exe File not found
[2010/12/21 18:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At979.job
[2010/12/21 18:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At955.job
[2010/12/21 18:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At931.job
[2010/12/21 18:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At835.job
[2010/12/21 18:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At811.job
[2010/12/21 18:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At787.job
[2010/12/21 18:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At763.job
[2010/12/21 18:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At67.job
[2010/12/21 18:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At667.job
[2010/12/21 18:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At571.job
[2010/12/21 18:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At547.job
[2010/12/21 18:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At523.job
[2010/12/21 18:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At499.job
[2010/12/21 18:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At475.job
[2010/12/21 18:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At451.job
[2010/12/21 18:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At43.job
[2010/12/21 18:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At427.job
[2010/12/21 18:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At331.job
[2010/12/21 18:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At283.job
[2010/12/21 18:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At225.job
[2010/12/21 18:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At224.job
[2010/12/21 18:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At223.job
[2010/12/21 18:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At139.job
[2010/12/21 18:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1219.job
[2010/12/21 18:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At115.job
[2010/12/21 18:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1123.job
[2010/12/21 18:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1075.job
[2010/12/21 18:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1003.job
[2010/12/21 18:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At19.job
[2010/12/21 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At91.job
[2010/12/21 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At907.job
[2010/12/21 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At883.job
[2010/12/21 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At859.job
[2010/12/21 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At739.job
[2010/12/21 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At715.job
[2010/12/21 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At691.job
[2010/12/21 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At643.job
[2010/12/21 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At619.job
[2010/12/21 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At595.job
[2010/12/21 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At403.job
[2010/12/21 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At379.job
[2010/12/21 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At355.job
[2010/12/21 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At307.job
[2010/12/21 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At262.job
[2010/12/21 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At163.job
[2010/12/21 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1195.job
[2010/12/21 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1171.job
[2010/12/21 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1147.job
[2010/12/21 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1099.job
[2010/12/21 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1051.job
[2010/12/21 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1027.job
[2010/12/21 17:58:57 | 069,170,868 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2010/12/21 17:53:04 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/21 03:04:19 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At988.job
[2010/12/21 03:04:19 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At916.job
[2010/12/21 03:04:19 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At892.job
[2010/12/21 03:04:19 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1180.job
[2010/12/21 03:04:09 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At460.job
[2010/12/21 03:04:09 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1060.job
[2010/12/21 03:04:05 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At868.job
[2010/12/21 03:04:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At388.job
[2010/12/21 03:03:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At796.job
[2010/12/21 03:03:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1036.job
[2010/12/21 03:03:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At364.job
[2010/12/21 03:03:42 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At700.job
[2010/12/21 03:03:42 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At340.job
[2010/12/21 03:03:38 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At676.job
[2010/12/21 03:03:38 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1156.job
[2010/12/21 03:03:34 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At316.job
[2010/12/21 03:03:29 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At263.job
[2010/12/21 03:03:25 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At4.job
[2010/12/21 03:03:25 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At772.job
[2010/12/21 03:03:25 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At556.job
[2010/12/21 03:03:25 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At532.job
[2010/12/21 03:03:25 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At28.job
[2010/12/21 03:03:25 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At180.job
[2010/12/21 03:01:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At178.job
[2010/12/21 03:01:42 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1108.job
[2010/12/21 03:01:38 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1204.job
[2010/12/21 03:01:33 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At52.job
[2010/12/21 03:01:29 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1012.job
[2010/12/21 03:01:24 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At508.job
[2010/12/21 03:01:20 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At652.job
[2010/12/21 03:01:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At940.job
[2010/12/21 03:01:10 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At244.job
[2010/12/21 03:01:06 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At580.job
[2010/12/21 03:01:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At964.job
[2010/12/21 03:01:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At844.job
[2010/12/21 03:01:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At820.job
[2010/12/21 03:01:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At76.job
[2010/12/21 03:01:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At748.job
[2010/12/21 03:01:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At724.job
[2010/12/21 03:01:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At628.job
[2010/12/21 03:01:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At604.job
[2010/12/21 03:01:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At484.job
[2010/12/21 03:01:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At436.job
[2010/12/21 03:01:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At412.job
[2010/12/21 03:01:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At292.job
[2010/12/21 03:01:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At179.job
[2010/12/21 03:01:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At148.job
[2010/12/21 03:01:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1132.job
[2010/12/21 03:01:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1084.job
[2010/12/21 03:01:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At100.job
[2010/12/21 03:00:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At124.job
[2010/12/21 02:39:59 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/21 02:02:59 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At99.job
[2010/12/21 02:02:55 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1035.job
[2010/12/21 02:02:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At51.job
[2010/12/21 02:02:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At963.job
[2010/12/21 02:02:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At819.job
[2010/12/21 02:02:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At291.job
[2010/12/21 02:02:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1011.job
[2010/12/21 02:02:32 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At867.job
[2010/12/21 02:02:32 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At843.job
[2010/12/21 02:02:32 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At123.job
[2010/12/21 02:02:23 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At579.job
[2010/12/21 02:02:19 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At651.job
[2010/12/21 02:02:14 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1155.job
[2010/12/21 02:02:05 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At603.job
[2010/12/21 02:02:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At915.job
[2010/12/21 02:01:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At939.job
[2010/12/21 02:01:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At771.job
[2010/12/21 02:01:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At75.job
[2010/12/21 02:01:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At747.job
[2010/12/21 02:01:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At723.job
[2010/12/21 02:01:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At699.job
[2010/12/21 02:01:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At675.job
[2010/12/21 02:01:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At531.job
[2010/12/21 02:01:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At459.job
[2010/12/21 02:01:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At363.job
[2010/12/21 02:01:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At339.job
[2010/12/21 02:01:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At315.job
[2010/12/21 02:01:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At261.job
[2010/12/21 02:01:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At177.job
[2010/12/21 02:01:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At176.job
[2010/12/21 02:01:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At175.job
[2010/12/21 02:01:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At147.job
[2010/12/21 02:01:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1203.job
[2010/12/21 02:01:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1107.job
[2010/12/21 02:01:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1083.job
[2010/12/21 02:01:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1059.job
[2010/12/21 02:01:55 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At891.job
[2010/12/21 02:01:55 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At795.job
[2010/12/21 02:01:55 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At627.job
[2010/12/21 02:01:55 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At483.job
[2010/12/21 02:01:55 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At387.job
[2010/12/21 02:01:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1131.job
[2010/12/21 02:01:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At411.job
[2010/12/21 02:01:41 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At27.job
[2010/12/21 02:01:37 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At3.job
[2010/12/21 02:01:33 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At987.job
[2010/12/21 02:01:24 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At243.job
[2010/12/21 02:01:19 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1179.job
[2010/12/21 02:01:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At555.job
[2010/12/21 02:01:10 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At435.job
[2010/12/21 02:01:06 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At507.job
[2010/12/21 01:00:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At890.job
[2010/12/21 01:00:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At866.job
[2010/12/21 01:00:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At698.job
[2010/12/21 01:00:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At674.job
[2010/12/21 01:00:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At626.job
[2010/12/21 01:00:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At578.job
[2010/12/21 01:00:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At530.job
[2010/12/21 01:00:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At50.job
[2010/12/21 01:00:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At314.job
[2010/12/21 01:00:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1178.job
[2010/12/21 01:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At914.job
[2010/12/21 01:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At842.job
[2010/12/21 01:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At794.job
[2010/12/21 01:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At746.job
[2010/12/21 01:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At650.job
[2010/12/21 01:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At362.job
[2010/12/21 01:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At290.job
[2010/12/21 01:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At26.job
[2010/12/21 01:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At242.job
[2010/12/21 01:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At174.job
[2010/12/21 01:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At173.job
[2010/12/21 01:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1202.job
[2010/12/21 01:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1154.job
[2010/12/21 01:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1130.job
[2010/12/21 01:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1106.job
[2010/12/21 01:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1082.job
[2010/12/21 01:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1034.job
[2010/12/21 01:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1010.job
[2010/12/21 01:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At2.job
[2010/12/21 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At986.job
[2010/12/21 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At98.job
[2010/12/21 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At962.job
[2010/12/21 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At938.job
[2010/12/21 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At818.job
[2010/12/21 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At770.job
[2010/12/21 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At74.job
[2010/12/21 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At722.job
[2010/12/21 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At602.job
[2010/12/21 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At554.job
[2010/12/21 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At505.job
[2010/12/21 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At482.job
[2010/12/21 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At458.job
[2010/12/21 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At434.job
[2010/12/21 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At410.job
[2010/12/21 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At386.job
[2010/12/21 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At338.job
[2010/12/21 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At259.job
[2010/12/21 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At172.job
[2010/12/21 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At146.job
[2010/12/21 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At122.job
[2010/12/21 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1058.job
[2010/12/21 00:57:05 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At889.job
[2010/12/21 00:57:05 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At625.job
[2010/12/21 00:55:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At601.job
[2010/12/21 00:52:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1009.job
[2010/12/21 00:52:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At529.job
[2010/12/21 00:52:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At25.job
[2010/12/20 20:00:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At525.job
[2010/12/20 20:00:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At597.job
[2010/12/20 20:00:35 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At266.job
[2010/12/20 20:00:30 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At381.job
[2010/12/20 20:00:26 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At429.job
[2010/12/20 20:00:21 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At741.job
[2010/12/20 20:00:17 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At405.job
[2010/12/20 20:00:10 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At981.job
[2010/12/20 19:02:37 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At956.job
[2010/12/20 19:02:37 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At524.job
[2010/12/20 19:02:37 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At308.job
[2010/12/20 19:02:37 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At227.job
[2010/12/20 19:02:37 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1172.job
[2010/12/20 19:02:37 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1148.job
[2010/12/20 19:02:37 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1124.job
[2010/12/20 19:02:36 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At668.job
[2010/12/20 19:01:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At380.job
[2010/12/20 19:01:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At356.job
[2010/12/20 19:01:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1076.job
[2010/12/20 19:00:59 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At932.job
[2010/12/20 19:00:59 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At92.job
[2010/12/20 19:00:59 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At908.job
[2010/12/20 19:00:59 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At764.job
[2010/12/20 19:00:59 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At740.job
[2010/12/20 19:00:59 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At596.job
[2010/12/20 19:00:59 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At548.job
[2010/12/20 19:00:59 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At476.job
[2010/12/20 19:00:59 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At44.job
[2010/12/20 19:00:59 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1220.job
[2010/12/20 19:00:59 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1052.job
[2010/12/20 19:00:59 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1028.job
[2010/12/20 19:00:58 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At20.job
[2010/12/20 19:00:58 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At980.job
[2010/12/20 19:00:58 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At884.job
[2010/12/20 19:00:58 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At860.job
[2010/12/20 19:00:58 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At788.job
[2010/12/20 19:00:58 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At228.job
[2010/12/20 19:00:58 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1100.job
[2010/12/20 19:00:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At836.job
[2010/12/20 19:00:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At812.job
[2010/12/20 19:00:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At620.job
[2010/12/20 19:00:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At572.job
[2010/12/20 19:00:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At428.job
[2010/12/20 19:00:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At332.job
[2010/12/20 19:00:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At284.job
[2010/12/20 19:00:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At164.job
[2010/12/20 19:00:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At140.job
[2010/12/20 19:00:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1196.job
[2010/12/20 19:00:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1004.job
[2010/12/20 19:00:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At452.job
[2010/12/20 19:00:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At226.job
[2010/12/20 19:00:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At116.job
[2010/12/20 19:00:49 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At692.job
[2010/12/20 19:00:49 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At68.job
[2010/12/20 19:00:49 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At500.job
[2010/12/20 19:00:49 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At404.job
[2010/12/20 19:00:45 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At716.job
[2010/12/20 19:00:45 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At644.job
[2010/12/20 19:00:36 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At264.job
[2010/12/20 17:00:36 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At954.job
[2010/12/20 17:00:36 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At90.job
[2010/12/20 17:00:36 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At858.job
[2010/12/20 17:00:36 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At834.job
[2010/12/20 17:00:36 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At810.job
[2010/12/20 17:00:36 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At762.job
[2010/12/20 17:00:36 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At642.job
[2010/12/20 17:00:36 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At618.job
[2010/12/20 17:00:36 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At450.job
[2010/12/20 17:00:36 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At282.job
[2010/12/20 17:00:36 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1026.job
[2010/12/20 17:00:36 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1002.job
[2010/12/20 17:00:35 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At930.job
[2010/12/20 17:00:35 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At690.job
[2010/12/20 17:00:35 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At66.job
[2010/12/20 17:00:35 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At594.job
[2010/12/20 17:00:35 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At570.job
[2010/12/20 17:00:35 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At546.job
[2010/12/20 17:00:35 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At498.job
[2010/12/20 17:00:35 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At42.job
[2010/12/20 17:00:35 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At354.job
[2010/12/20 17:00:35 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At330.job
[2010/12/20 17:00:35 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At306.job
[2010/12/20 17:00:35 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At222.job
[2010/12/20 17:00:35 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At221.job
[2010/12/20 17:00:35 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At162.job
[2010/12/20 17:00:35 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1218.job
[2010/12/20 17:00:35 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1194.job
[2010/12/20 17:00:35 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1122.job
[2010/12/20 17:00:34 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At18.job
[2010/12/20 17:00:34 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At978.job
[2010/12/20 17:00:34 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At906.job
[2010/12/20 17:00:34 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At882.job
[2010/12/20 17:00:34 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At786.job
[2010/12/20 17:00:34 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At738.job
[2010/12/20 17:00:34 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At714.job
[2010/12/20 17:00:34 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At666.job
[2010/12/20 17:00:34 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At522.job
[2010/12/20 17:00:34 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At474.job
[2010/12/20 17:00:34 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At426.job
[2010/12/20 17:00:34 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At402.job
[2010/12/20 17:00:34 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At378.job
[2010/12/20 17:00:34 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At260.job
[2010/12/20 17:00:34 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At138.job
[2010/12/20 17:00:34 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1170.job
[2010/12/20 17:00:34 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1146.job
[2010/12/20 17:00:34 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At114.job
[2010/12/20 17:00:34 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1098.job
[2010/12/20 17:00:34 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1074.job
[2010/12/20 17:00:34 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1050.job
[2010/12/20 17:00:33 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At220.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At977.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At905.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At881.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At857.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At833.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At809.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At785.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At761.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At737.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At689.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At665.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At641.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At617.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At593.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At569.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At545.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At521.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At497.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At473.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At449.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At425.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At41.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At401.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At377.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At353.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At305.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At281.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At258.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At219.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At217.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At161.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At137.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1217.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1193.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1169.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1145.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At113.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1121.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1097.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1073.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1049.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1025.job
[2010/12/20 16:02:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1001.job
[2010/12/20 16:02:43 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At929.job
[2010/12/20 16:01:23 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At17.job
[2010/12/20 16:01:20 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At953.job
[2010/12/20 16:01:20 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At89.job
[2010/12/20 16:01:19 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At329.job
[2010/12/20 16:01:19 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At218.job
[2010/12/20 16:01:10 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At713.job
[2010/12/20 16:00:24 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At65.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At976.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At928.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At904.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At880.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At88.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At856.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At832.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At784.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At760.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At736.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At712.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At688.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At664.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At640.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At64.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At616.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At592.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At568.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At544.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At496.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At472.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At424.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At400.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At40.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At376.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At352.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At304.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At280.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At256.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At216.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At215.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At214.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At160.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At136.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1216.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1192.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1168.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1144.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1120.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At112.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1096.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1072.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1048.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1024.job
[2010/12/20 15:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1000.job
[2010/12/20 15:00:10 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At952.job
[2010/12/20 15:00:10 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At808.job
[2010/12/20 15:00:10 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At520.job
[2010/12/20 15:00:10 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At448.job
[2010/12/20 15:00:10 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At328.job
[2010/12/20 15:00:05 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At16.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At999.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At975.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At951.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At927.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At903.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At87.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At855.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At759.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At735.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At711.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At639.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At63.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At591.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At567.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At519.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At495.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At471.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At447.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At399.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At375.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At351.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At327.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At279.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At212.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At211.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At159.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At135.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1191.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1143.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1119.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At111.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1071.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1047.job
[2010/12/20 14:04:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1023.job
[2010/12/20 14:04:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At783.job
[2010/12/20 14:04:45 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At39.job
[2010/12/20 14:03:10 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At15.job
[2010/12/20 14:03:09 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At879.job
[2010/12/20 14:03:09 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At807.job
[2010/12/20 14:03:09 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At615.job
[2010/12/20 14:03:09 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At543.job
[2010/12/20 14:03:09 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At423.job
[2010/12/20 14:03:09 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1215.job
[2010/12/20 14:03:09 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1167.job
[2010/12/20 14:03:09 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1095.job
[2010/12/20 14:03:05 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At831.job
[2010/12/20 14:02:59 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At303.job
[2010/12/20 14:02:49 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At255.job
[2010/12/20 14:02:40 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At663.job
[2010/12/20 14:02:29 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At213.job
[2010/12/20 14:00:35 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At687.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At998.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At974.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At950.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At926.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At902.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At878.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At86.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At854.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At830.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At806.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At782.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At758.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At734.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At710.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At686.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At662.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At638.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At62.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At614.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At590.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At542.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At518.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At470.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At446.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At422.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At398.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At38.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At374.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At350.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At278.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At254.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At210.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At209.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At208.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At158.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At134.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1214.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1166.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1118.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At110.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1094.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1070.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1046.job
[2010/12/20 13:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1022.job
[2010/12/20 13:01:38 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At566.job
[2010/12/20 13:01:38 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At494.job
[2010/12/20 13:01:38 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1190.job
[2010/12/20 13:01:19 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1142.job
[2010/12/20 13:01:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At326.job
[2010/12/20 13:00:42 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At302.job
[2010/12/20 13:00:05 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At14.job
[2010/12/20 12:04:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1141.job
[2010/12/20 12:04:12 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1045.job
[2010/12/20 12:03:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1069.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At997.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At925.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At901.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At877.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At853.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At85.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At805.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At757.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At685.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At637.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At613.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At61.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At589.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At565.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At541.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At517.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At493.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At469.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At421.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At397.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At373.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At37.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At349.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At325.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At301.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At277.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At253.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At207.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At206.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At205.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At157.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1213.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1189.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1165.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1117.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1093.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At109.job
[2010/12/20 12:01:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1021.job
[2010/12/20 12:01:49 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At973.job
[2010/12/20 12:01:49 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At949.job
[2010/12/20 12:01:49 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At733.job
[2010/12/20 12:01:49 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At445.job
[2010/12/20 12:01:31 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At661.job
[2010/12/20 12:01:12 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At709.job
[2010/12/20 12:00:48 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At829.job
[2010/12/20 12:00:48 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At781.job
[2010/12/20 12:00:28 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At133.job
[2010/12/20 12:00:06 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At13.job
[2010/12/20 11:00:18 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At996.job
[2010/12/20 11:00:18 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At468.job
[2010/12/20 11:00:18 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At420.job
[2010/12/20 11:00:18 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1188.job
[2010/12/20 11:00:18 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1164.job
[2010/12/20 11:00:18 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1020.job
[2010/12/20 11:00:09 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1212.job
[2010/12/20 11:00:09 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1068.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At972.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At948.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At924.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At900.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At876.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At852.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At84.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At828.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At804.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At780.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At756.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At732.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At708.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At684.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At660.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At636.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At612.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At60.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At588.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At564.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At540.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At516.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At492.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At444.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At396.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At372.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At36.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At348.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At324.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At300.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At276.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At252.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At204.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At203.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At202.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At156.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At132.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1140.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1116.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1092.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At108.job
[2010/12/20 11:00:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1044.job
[2010/12/20 11:00:03 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At12.job
[2010/12/20 10:01:58 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At731.job
[2010/12/20 10:01:58 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At707.job
[2010/12/20 10:01:58 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At611.job
[2010/12/20 10:01:58 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At587.job
[2010/12/20 10:01:58 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At323.job
[2010/12/20 10:01:58 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At199.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At971.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At947.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At899.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At875.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At851.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At83.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At827.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At803.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At779.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At755.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At683.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At659.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At635.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At59.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At563.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At539.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At515.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At491.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At467.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At443.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At419.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At395.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At371.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At35.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At347.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At299.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At275.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At251.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At201.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At200.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At155.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At131.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1211.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1187.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1163.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1139.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1115.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1091.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At107.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1043.job
[2010/12/20 10:01:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1019.job
[2010/12/20 10:00:49 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At11.job
[2010/12/20 10:00:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At995.job
[2010/12/20 10:00:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1067.job
[2010/12/20 10:00:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At923.job
[2010/12/20 09:04:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At994.job
[2010/12/20 09:04:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At946.job
[2010/12/20 09:04:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At82.job
[2010/12/20 09:04:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At754.job
[2010/12/20 09:04:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At730.job
[2010/12/20 09:04:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At682.job
[2010/12/20 09:04:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At658.job
[2010/12/20 09:04:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At634.job
[2010/12/20 09:04:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At586.job
[2010/12/20 09:04:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At58.job
[2010/12/20 09:04:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At562.job
[2010/12/20 09:04:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At514.job
[2010/12/20 09:04:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At466.job
[2010/12/20 09:04:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At442.job
[2010/12/20 09:04:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At394.job
[2010/12/20 09:04:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At370.job
[2010/12/20 09:04:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At346.job
[2010/12/20 09:04:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At34.job
[2010/12/20 09:04:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At274.job
[2010/12/20 09:04:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At250.job
[2010/12/20 09:04:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At154.job
[2010/12/20 09:04:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At130.job
[2010/12/20 09:04:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1210.job
[2010/12/20 09:04:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1138.job
[2010/12/20 09:04:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1114.job
[2010/12/20 09:04:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1066.job
[2010/12/20 09:04:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At106.job
[2010/12/20 09:04:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At922.job
[2010/12/20 09:04:27 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1042.job
[2010/12/20 09:04:18 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At198.job
[2010/12/20 09:03:06 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At10.job
[2010/12/20 09:02:58 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At970.job
[2010/12/20 09:02:58 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At898.job
[2010/12/20 09:02:58 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At802.job
[2010/12/20 09:02:58 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At418.job
[2010/12/20 09:02:58 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1186.job
[2010/12/20 09:02:58 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1162.job
[2010/12/20 09:02:58 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1090.job
[2010/12/20 09:02:58 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1018.job
[2010/12/20 09:02:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At196.job
[2010/12/20 09:02:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At538.job
[2010/12/20 09:02:50 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At197.job
[2010/12/20 09:02:49 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At490.job
[2010/12/20 09:02:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At706.job
[2010/12/20 09:02:30 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At874.job
[2010/12/20 09:01:46 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At322.job
[2010/12/20 09:01:31 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At826.job
[2010/12/20 09:01:31 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At298.job
[2010/12/20 09:00:53 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At850.job
[2010/12/20 09:00:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At778.job
[2010/12/20 09:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At610.job
[2010/12/20 08:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At81.job
[2010/12/20 08:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At561.job
[2010/12/20 08:01:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1065.job
[2010/12/20 08:01:38 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At945.job
[2010/12/20 08:01:38 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At921.job
[2010/12/20 08:01:38 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At873.job
[2010/12/20 08:01:38 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At849.job
[2010/12/20 08:01:38 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At729.job
[2010/12/20 08:01:38 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At705.job
[2010/12/20 08:01:38 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At657.job
[2010/12/20 08:01:38 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At633.job
[2010/12/20 08:01:38 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At537.job
[2010/12/20 08:01:38 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At465.job
[2010/12/20 08:01:38 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At345.job
[2010/12/20 08:01:38 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At297.job
[2010/12/20 08:01:38 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At193.job
[2010/12/20 08:01:38 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At129.job
[2010/12/20 08:01:38 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1137.job
[2010/12/20 08:01:38 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1113.job
[2010/12/20 08:01:38 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At105.job
[2010/12/20 08:01:37 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At897.job
[2010/12/20 08:01:37 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At801.job
[2010/12/20 08:01:37 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At681.job
[2010/12/20 08:01:37 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At609.job
[2010/12/20 08:01:37 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At585.job
[2010/12/20 08:01:37 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At513.job
[2010/12/20 08:01:37 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At489.job
[2010/12/20 08:01:37 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At417.job
[2010/12/20 08:01:37 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At393.job
[2010/12/20 08:01:37 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At321.job
[2010/12/20 08:01:37 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At273.job
[2010/12/20 08:01:37 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At249.job
[2010/12/20 08:01:37 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At195.job
[2010/12/20 08:01:37 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At194.job
[2010/12/20 08:01:37 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At153.job
[2010/12/20 08:01:37 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1209.job
[2010/12/20 08:01:37 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1161.job
[2010/12/20 08:01:37 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1089.job
[2010/12/20 08:01:37 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1041.job
[2010/12/20 08:01:37 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1017.job
[2010/12/20 08:01:24 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At9.job
[2010/12/20 08:01:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At753.job
[2010/12/20 08:01:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At57.job
[2010/12/20 08:01:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At369.job
[2010/12/20 08:01:14 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At993.job
[2010/12/20 08:01:14 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At825.job
[2010/12/20 08:01:14 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At777.job
[2010/12/20 08:01:14 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At441.job
[2010/12/20 08:01:14 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At33.job
[2010/12/20 08:00:39 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1185.job
[2010/12/20 08:00:11 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At969.job
[2010/12/20 07:00:29 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At824.job
[2010/12/20 07:00:29 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At704.job
[2010/12/20 07:00:29 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At368.job
[2010/12/20 07:00:28 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At992.job
[2010/12/20 07:00:28 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At968.job
[2010/12/20 07:00:28 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At944.job
[2010/12/20 07:00:28 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At920.job
[2010/12/20 07:00:28 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At896.job
[2010/12/20 07:00:28 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At872.job
[2010/12/20 07:00
Member Avatar for sharkie002

OK I attached the logs.

The files you wanted me to scan on Jotti's do not appear in C:\windows\ directory.

All processes killed

========== FILES ==========

========== OTL ==========

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{218042f9-fc69-f292-a8c8-d08a6c1fd09f}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{218042f9-fc69-f292-a8c8-d08a6c1fd09f}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\\AdobeU3D8B4 deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\\exe1 deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\\InstallShieldobjectps deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\\OrderPurchase deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\\Photoshop3DEnginePhotoshop3DEngine11.011.02008081320080813..44120080813020000 deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\\PressCenter deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\\resourcesMicrosoft deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\\RoxWatch11FormatLoaderECDC8.0.0.47 deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\\SUPERAntiSpywareUpdate1001040 deleted successfully.

C:\Windows\Tasks\At979.job moved successfully.

C:\Windows\Tasks\At955.job moved successfully.

C:\Windows\Tasks\At931.job moved successfully.

C:\Windows\Tasks\At835.job moved successfully.

C:\Windows\Tasks\At811.job moved successfully.

C:\Windows\Tasks\At787.job moved successfully.

C:\Windows\Tasks\At763.job moved successfully.

C:\Windows\Tasks\At67.job moved successfully.

C:\Windows\Tasks\At667.job moved successfully.

C:\Windows\Tasks\At571.job moved successfully.

C:\Windows\Tasks\At547.job moved successfully.

C:\Windows\Tasks\At523.job moved successfully.

C:\Windows\Tasks\At499.job moved successfully.

C:\Windows\Tasks\At475.job moved successfully.

C:\Windows\Tasks\At451.job moved successfully.

C:\Windows\Tasks\At43.job moved successfully.

C:\Windows\Tasks\At427.job moved successfully.

C:\Windows\Tasks\At331.job moved successfully.

C:\Windows\Tasks\At283.job moved successfully.

C:\Windows\Tasks\At225.job moved successfully.

C:\Windows\Tasks\At224.job moved successfully.

C:\Windows\Tasks\At223.job moved successfully.

C:\Windows\Tasks\At139.job moved successfully.

C:\Windows\Tasks\At1219.job moved successfully.

C:\Windows\Tasks\At115.job moved successfully.

C:\Windows\Tasks\At1123.job moved successfully.

C:\Windows\Tasks\At1075.job moved successfully.

C:\Windows\Tasks\At1003.job moved successfully.

C:\Windows\Tasks\At19.job moved successfully.

C:\Windows\Tasks\At91.job moved successfully.

C:\Windows\Tasks\At907.job moved successfully.

C:\Windows\Tasks\At883.job moved successfully.

C:\Windows\Tasks\At859.job moved successfully.

C:\Windows\Tasks\At739.job moved successfully.

C:\Windows\Tasks\At715.job moved successfully.

C:\Windows\Tasks\At691.job moved successfully.

C:\Windows\Tasks\At643.job moved successfully.

C:\Windows\Tasks\At619.job moved successfully.

C:\Windows\Tasks\At595.job moved successfully.

C:\Windows\Tasks\At403.job moved successfully.

C:\Windows\Tasks\At379.job moved successfully.

C:\Windows\Tasks\At355.job moved successfully.

C:\Windows\Tasks\At307.job moved successfully.

C:\Windows\Tasks\At262.job moved successfully.

C:\Windows\Tasks\At163.job moved successfully.

C:\Windows\Tasks\At1195.job moved successfully.

C:\Windows\Tasks\At1171.job moved successfully.

C:\Windows\Tasks\At1147.job moved successfully.

C:\Windows\Tasks\At1099.job moved successfully.

C:\Windows\Tasks\At1051.job moved successfully.

C:\Windows\Tasks\At1027.job moved successfully.

C:\Windows\SysNative\drivers\AVG\incavi.avm moved successfully.

C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.

C:\Windows\Tasks\At988.job moved successfully.

C:\Windows\Tasks\At916.job moved successfully.

C:\Windows\Tasks\At892.job moved successfully.

C:\Windows\Tasks\At1180.job moved successfully.

C:\Windows\Tasks\At460.job moved successfully
OTL logfile created on: 12/24/2010 1:43:28 AM - Run 2

OTL by OldTimer - Version 3.2.18.0     Folder = C:\Users\Administrator\Desktop

64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18928)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 59.00% Memory free

12.00 Gb Paging File | 10.00 Gb Available in Paging File | 86.00% Paging File free

Paging file location(s): [Binary data over 100 bytes]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 465.76 Gb Total Space | 255.66 Gb Free Space | 54.89% Space Free | Partition Type: NTFS

Drive E: | 931.51 Gb Total Space | 356.58 Gb Free Space | 38.28% Space Free | Partition Type: NTFS

Drive F: | 74.50 Gb Total Space | 0.97 Gb Free Space | 1.30% Space Free | Partition Type: FAT32

Drive H: | 37.27 Gb Total Space | 15.62 Gb Free Space | 41.91% Space Free | Partition Type: NTFS

 

Computer Name: CYBERSHARK | User Name: Administrator | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 

[color=#E56717]========== Processes (SafeList) ==========[/color]

 

PRC - [2010/12/22 21:48:52 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe

PRC - [2010/12/10 18:27:49 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

PRC - [2010/12/10 18:27:49 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

PRC - [2010/11/09 22:22:16 | 003,229,728 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgfws.exe

PRC - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe

PRC - [2010/10/22 04:56:48 | 000,745,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgam.exe

PRC - [2010/10/17 12:32:57 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.2.183.39\GoogleCrashHandler.exe

PRC - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

PRC - [2010/03/03 13:41:16 | 000,061,560 | ---- | M] (Senstic) -- C:\Program Files (x86)\Senstic\PocketControl\SensticPocketServiceWin.exe

PRC - [2009/12/21 18:04:14 | 000,714,192 | ---- | M] (Orb Networks) -- C:\Program Files (x86)\Orb Networks\Orb\bin\OrbLauncher.exe

PRC - [2009/12/21 18:04:02 | 000,036,352 | ---- | M] (Orb Networks) -- C:\Program Files (x86)\Orb Networks\Orb\bin\OrbMediaService.exe

PRC - [2009/12/21 18:03:58 | 000,189,440 | ---- | M] (Orb Networks, Inc.) -- C:\Program Files (x86)\Orb Networks\Orb\bin\Orb.exe

 

 

[color=#E56717]========== Modules (SafeList) ==========[/color]

 

MOD - [2010/12/22 21:48:52 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe

 

 

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

 

SRV:[b]64bit:[/b] - File not found [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -d -f %ProgramFiles%\WinPcap\rpcapd.ini -- (rpcapd)

SRV:[b]64bit:[/b] - [2009/08/16 00:39:54 | 001,772,472 | ---- | M] (UltraVNC) [Auto | Running] -- C:\Program Files\UltraVNC\WinVNC.exe -- (uvnc_service)

SRV:[b]64bit:[/b] - [2009/07/20 14:36:12 | 000,419,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\ftpsvc.dll -- (ftpsvc)

SRV:[b]64bit:[/b] - [2009/02/25 16:34:02 | 000,949,760 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)

SRV:[b]64bit:[/b] - [2008/01/20 21:51:30 | 000,012,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\wmsvc.exe -- (WMSvc)

SRV:[b]64bit:[/b] - [2008/01/20 21:51:26 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\inetinfo.exe -- (IISADMIN)

SRV:[b]64bit:[/b] - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2010/11/10 19:08:02 | 006,127,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)

SRV - [2010/11/09 22:22:16 | 003,229,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgfws.exe -- (avgfws)

SRV - [2010/10/25 09:01:42 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)

SRV - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Progr
Member Avatar for crunchie

How are things with the PC now?

Please download JavaRa to your desktop and unzip it to its own folder

  • Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.
  • Open JavaRa.exe again and select Search For Updates.
  • Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

====

Member Avatar for sharkie002

Thank you for the response and happy holidays. Unfortunately my pc still has the same problems described in my opening post. I finished the JRE install, rebooted. Let me know if there is anything else I can try. Thanks...!

Member Avatar for crunchie

Vista is a pain, especially the 64bit flavour when it comes to cleaning up malware.
Do you have a Vista OS CD? If so, you may need to do a system repair.

==

Boot into safe mode with networking and do the following;

Go to Kaspersky website and perform an online antivirus scan.

1. Disable your active antivirus program.
2. Read through the requirements and privacy statement and click on the Accept button.
3. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
4. When the downloads have finished, click on Settings.
5. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:

  • Spyware, Adware, Dialers, and other potentially dangerous programs
  • Archives
  • Mail databases

6. Click on My Computer under Scan.
7. Once the scan is complete, it will display the results. Click on View Scan Report.
8. You will see a list of infected items there. Click on Save Report As....
9. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.

Member Avatar for sharkie002

Yes I have a Vista CD, but I can't find the product key for it. Would I need it to do A system repair...?

I tried to do the Kaspersky scan, in Safe mode w/ networking.

In Firefox it tells me:

"Java support by the browser: false"

My JAVA CONSOLE add-in is enabled.

I tried with IE, and while installing I get the following message:

"Launch of the Java application is interupted! Please establish an uninterrupted Internet connection for work with this program."

So did the JRE not install correctly you think...?

Member Avatar for jholland1964

Product Key for the computer should be on a sticker ON the computer.

Member Avatar for sharkie002

Thanks...! I found the key. So i'm trying to boot from the vista CD, but its asking me to re-install windows. Is this how I get to the system repair menu...?

Member Avatar for sharkie002

So the only way I could perform a system repair, since my Vista is SP2, is to go through this whole process of making a slipstream SP2 dvd...? I'll go through with it, but I want to make sure I'm not doing more than I have to, if their is a simpler way to repair my OS.

Thanks...!

Member Avatar for crunchie

Could back up all your files and reformat?

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.