Help - Search - Members - Calendar
Full Version: Wintems.exe. Bug
BleepingComputer.com > Security > HijackThis Logs and Malware Removal > Misplaced HJT Logs
   
tjmoes
Jul 1 2008, 11:44 AM
Hello

My machine has got an infection with the hldrrr.exe, srosa.sys and wintems.exe. bugs. All my antivirus programs have been removed or deactivated, and cannot be reinstalled.
I have downloaded differant fixers and it gives an error that they are not win32 apps even hijack this doesnt work, cant even boot to safe mode.

In reading more on another thread I tried F-Secure Blacklight (fsbl.exe) and got the log showing the culprits but I cant see the hidden files in my Applications folder, so I going to post the fb log here and maybe get some help here.

I have all the hidden file boxes unchecked in options and still dont see the hidden files the log says there are there.
I managed to get a hijack log to work and am including it.

06/30/08 19:05:02 [Info]: BlackLight Engine 1.0.70 initialized
06/30/08 19:05:02 [Info]: OS: 5.1 build 2600 (Service Pack 3)
06/30/08 19:05:08 [Note]: 7019 4
06/30/08 19:05:08 [Note]: 7005 0
06/30/08 19:05:33 [Note]: 7006 0
06/30/08 19:05:33 [Note]: 7011 1984
06/30/08 19:05:33 [Note]: 7035 0
06/30/08 19:05:49 [Note]: 7026 0
06/30/08 19:06:05 [Note]: 7026 0
06/30/08 19:06:05 [Note]: 7024 3
06/30/08 19:06:05 [Info]: Hidden process: C:\WINDOWS\system32\drivers\hldrrr.exe
06/30/08 19:06:05 [Note]: 7024 3
06/30/08 19:06:05 [Info]: Hidden process: C:\WINDOWS\system32\wintems.exe
06/30/08 19:06:22 [Note]: FSRAW library version 1.7.1024
06/30/08 19:06:27 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\FLEC006.EXE
06/30/08 19:06:27 [Note]: 10002 2
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Excel_Sheet_Navigation_&_
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Ccy_Wallpaper_Changer_Pro
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\TwistedBrush_13.7_[Serial
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\FavSync_2.1.zip
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Windows_Mail_Backup_1.6a.
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Full_Map_2.1.zip
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\CopyCat_4.1.27_(Key).zip
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Premier_Performers_toolba
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\MP3_Magic_2.02_Key+Serial
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Keylogger_Pro_1.7.5.zip
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\3D_Angels_in_Flight_1.0_[
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\BibleProjector_(Russian)_
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Quick_To-Do_Pro_4.3.1.zip
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Web_Font_Viewer_1.0_Crack
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\SqlDbx_2.83.012.zip
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Free_Space_Screensaver_1.
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\MiniPortal_1.3.92.zip
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\AVG.Anti-Spyware_patch.zi
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Jazz_and_Faust_patch_2.zi
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Popup_Sweeper_5.zip
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Exl-Plan_Ultra_(UK-I_edit
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\DeskSeal_3.5.0_[Key].zip
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Forecast_and_Budget_Build
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Unreal_Tournament_2003_-_
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\File_Rename_2.0.zip
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Mission_S.E.U.C.K._7.9.06
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\GetMeSoft_1.1.zip
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Quorum_Call_Conference_So
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Easy_Resume_Creator_Pro_4
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Alion_1.0.zip
06/30/08 19:06:28 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Symantec.Norton.Internet.
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\CD_Ejector_2.zip
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Avast!4.7.Antivirus+Crack
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\ShixxNOTE_Lite_5.home.zip
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\XenoFlow_1.20_beta.zip
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Surprise_Maker_3.3.zip
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Contour_Inset_Plug-in_for
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\101_Tips_For_Selling_Your
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\3D_The_Spectre_2.2.zip
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\EmailList_Master_1.0.zip
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\FileAdvisor_1.0.zip
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Triologic_Media_Player_4.
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\HotCrypt_4.1.2.zip
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\AoA_DVD_Creator_1.8.5.zip
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\AutoPilot_4.1.1.0.zip
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\XingMPEG_Encoder_2.2_(Cra
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Easy_File_Renamer_1.05_[K
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\QCad_2.1.zip
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Apex_AVI_Video_Converter_
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Sun2surf_RSS_Feed_1.0.zip
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\InstaHelp_5.0.zip
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\I_Want_it_Now_1.2.5.zip
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Admin_Http_Time_Sync_1.zi
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Roadkil's_Alarm_Clock_1.z
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\HTML-Kit_1.0_Build_292.zi
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\USB_Info_2.0_[With_Crack]
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\FlashSpring_Lite_2.1.zip
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\TK8_Contact_2.0.zip
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Calindock_1.2.0.zip
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\EnhancaCursor_1.0.zip
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Pitchf0rk_1.0.zip
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Data_Doctor_Keylogger_2.0
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\EasyShots_2.1.0.3.zip
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Lara_Croft_Tomb_Raider_1.
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\PackPal_Bulk_Email_Server
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\RC-AirSim_1.0.zip
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\YouTube_Video_Toolbar_1.0
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\FireBurner_2.2.1.zip
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\3D_Dragon_World_1.0_[Seri
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\JServices_1.0.zip
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Visual_FoxPro_9.0_Service
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\ASCII_Art_Studio_2.1.1.zi
06/30/08 19:06:29 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Flesh_Feast_demo.zip
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\CFiles_1.0.zip
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Senuti_0.29.zip
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\WWWIndex_1.00.zip
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\NetQuality_3.12_[Patch].z
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Colorado_Events_1.zip
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Ergotimer_2.1.zip
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\DreamScreenSaver_v2.5.zip
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\addZIP_Compression_Compon
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Easy_DVD_Extractor_3.7.0_
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\BitDefender.Internet.Secu
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Physical_Pro._and_Steam_A
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\123_Html_to_Image_Convert
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\popStumbler_1.0.zip
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\es-Builder_1.7.zip
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Blue_Tango_-_The_Text_Scr
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Unreal_Tournament_2004_DM
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Call_Corder_3.8.0.200.zip
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Outlook_Express_SMTP_serv
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\CS-RCS_4.0.273.zip
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Fate_Ball_0.1_Beta.zip
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Yaldex_PopUp_4.5.zip
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\ClipTrakker_1.2_Cracked.z
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\VP6_6.1.0.2.zip
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\MechWarrior_4_Vengeance_-
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\West_Wing_Screensaver.zip
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\MPEG_To_WMV_Converter_1.0
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\CamGadget_1.0.zip
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\FTP_Client_Engine_for_Fox
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Multiplicity_1.1_[Cracked
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\AutorunNow!_1.0_(Serial).
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\FancyShutdown_1.5.zip
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\PasteBinPost_1.0.zip
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Sarbacane_2_2.1.0_(KeyGen
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\API_Spy_2.5.zip
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Page_Of_Labels_for_Mailin
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Antivirus.NOD32.con.crack
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Serenity_Forest_Screensav
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\CutFile_1.0.zip
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Idea_Tracker_2.1.0.zip
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\MSDict_Oxford_Portuguese_
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Three_Shades_of_Darkness_
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Easy_Registry_Optimizer_2
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\WordBanker_English-French
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\CapturePad_0.1_beta.zip
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Microsoft_Brazilian_Beach
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\American_Bald_Eagles_1.3_
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Core_FTP_Server_1.0.206.z
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Animated_Math_1.0_With_Cr
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Classic_Clock_ScreenSaver
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Easy_CD_Creator_Internati
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\EzChinese_Road_1.0.zip
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Pdf_Protector_1.0.zip
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\MiniLaunch_1.2.0.0.zip
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Unreal_Tournament_2004_DM
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\MB4-211_Practice_Exam_Tes
06/30/08 19:06:30 [Info]: Hidden file: c:\Documents and Settings\ted.TEDS\Application Data\M\SHARED\Web_Essence_2.3_(Cracked)
06/30/08 19:06:31 [Note]: 10002 2
06/30/08 19:06:31 [Note]: 10002 2
06/30/08 19:06:44 [Info]: Hidden file: c:\Program Files\321Studios\Shared\ASPIDEV.DDB
06/30/08 19:06:44 [Info]: Hidden file: c:\Program Files\321Studios\Shared\CDRPDVD.DLL
06/30/08 19:06:44 [Info]: Hidden file: c:\Program Files\321Studios\Shared\CDRPDACC.SYS
06/30/08 19:06:44 [Note]: 10002 2
06/30/08 19:06:44 [Note]: 10002 2
06/30/08 19:10:04 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\Resources\1033\sqlwriter.rll
06/30/08 19:10:05 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\Resources\1033\sqlmgmprovider.mfl
06/30/08 19:10:05 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\Resources\1033\SBEVENT.RLL
06/30/08 19:10:05 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\Resources\1033\sqladevn90.rll
06/30/08 19:10:05 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\Resources\1033\MSXMLSQL.RLL
06/30/08 19:10:05 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
06/30/08 19:10:05 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss_xp.dll
06/30/08 19:10:05 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\SQLWVSS.DLL
06/30/08 19:10:05 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\Microsoft.SqlSac.Public.dll
06/30/08 19:10:05 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\SAC.EXE
06/30/08 19:10:06 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\SqlSAC.exe
06/30/08 19:10:06 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\Microsoft.NetEnterpriseServers.Excepti
06/30/08 19:10:06 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\SqlDumper.exe
06/30/08 19:10:06 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\DBGHELP.DLL
06/30/08 19:10:06 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\SqlWtsn.exe
06/30/08 19:10:06 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\SQLSQM.EXE
06/30/08 19:10:06 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\CUSTSAT.DLL
06/30/08 19:10:06 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\INSTAPI.DLL
06/30/08 19:10:06 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\SqlBoot.dll
06/30/08 19:10:06 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\sqlmgmprovider.dll
06/30/08 19:10:06 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\svrenumapi.dll
06/30/08 19:10:06 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\isacctchange.dll
06/30/08 19:10:06 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\sqlftacct.dll
06/30/08 19:10:06 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\sqlsecacctchg.dll
06/30/08 19:10:06 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\sqlsvcsync.dll
06/30/08 19:10:06 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\sqlmgmproviderxpsp2up.mof
06/30/08 19:10:06 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\msasxpress.dll
06/30/08 19:10:06 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
06/30/08 19:10:06 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
06/30/08 19:10:06 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\transaction_logfile.ico
06/30/08 19:10:06 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\mdf_ndf_dbfiles.ico
06/30/08 19:10:06 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\MSXMLSQL.DLL
06/30/08 19:10:06 [Info]: Hidden file: c:\Program Files\Microsoft SQL Server\90\Shared\SqlProv.exe
06/30/08 19:10:06 [Note]: 10002 2
06/30/08 19:10:06 [Note]: 10002 2
06/30/08 19:10:24 [Info]: Hidden file: c:\Program Files\Movie Maker\SHARED\SAMPLE2.JPG
06/30/08 19:10:24 [Info]: Hidden file: c:\Program Files\Movie Maker\SHARED\SAMPLE1.JPG
06/30/08 19:10:24 [Info]: Hidden file: c:\Program Files\Movie Maker\SHARED\PAINT.PNG
06/30/08 19:10:24 [Info]: Hidden file: c:\Program Files\Movie Maker\SHARED\NEWS.PNG
06/30/08 19:10:24 [Info]: Hidden file: c:\Program Files\Movie Maker\SHARED\FILTERS.XML
06/30/08 19:10:24 [Info]: Hidden file: c:\Program Files\Movie Maker\SHARED\EMPTY.TXT
06/30/08 19:10:24 [Info]: Hidden file: c:\Program Files\Movie Maker\SHARED\PROFILES\BLANK.TXT
06/30/08 19:10:24 [Note]: 10002 2
06/30/08 19:10:24 [Note]: 10002 2
06/30/08 19:11:21 [Info]: Hidden file: c:\Program Files\Windows Live\Photo Gallery\Shared\Filters.xml
06/30/08 19:11:21 [Note]: 10002 2
06/30/08 19:11:22 [Note]: 10002 2
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\YbSkinSelect.dll
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\GRABBIE.PNG
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\HEADERBG.PNG
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\pab_mlist1_off.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\pab_mlist1_on.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\photoshare_slider.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\photoshare_slider_tray.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\progressbar.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\pushbuttons.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\RADIO.BMP
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\scroll_buttons.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\scroll_griph.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\scroll_gripv.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\scroll_hbg.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\scroll_hhandle.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\scroll_vbg.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\scroll_vhandle.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\search_bang.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\TITLE.PNG
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\MAVERICK.XML
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\TITLE_UP.PNG
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\statusgrabber.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\SYS_MENU.BMP
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\TABS.BMP
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\tabs_standard.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\tab_border.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\TBAR_BG.BMP
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\TBAR_SEP.BMP
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\toolbarbuttons.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\tool_border_bot.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\tool_border_left.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\tool_border_right.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\tool_border_top.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\tool_capbuttons.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\trackbar_h.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\trackbar_thumb_down.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\trackbar_thumb_horz.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\trackbar_thumb_left.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\trackbar_thumb_right.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\trackbar_thumb_up.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\trackbar_thumb_vert.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\trackbar_v.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\triangletray.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\TYPEDOWN.BMP
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\up_down_arrow.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\up_down_h.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\up_down_h_arrow.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_callbtn.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_ctrls.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_lights.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_ringer.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_tbar.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_tbar_hold.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\CHECKBOX.BMP
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\COMBO.BMP
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_tbar_incoming.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\preview_mavblue.jpg
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\slotborder.png
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\slotborder_we.png
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\slot_empty_bg.png
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\subhdrbg_cls.png
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\subhdrbg_cls_hover.png
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\subhdrbg_hover.png
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\statusbar.bmp
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\title_down.png
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\title_hover.png
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\GRABBIE.BMP
06/30/08 19:11:34 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_dialpad_0.png
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\SUBHDRBG.PNG
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_dialpad_1.png
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_dialpad_10.png
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_dialpad_11.png
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_dialpad_2.png
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_dialpad_3.png
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_dialpad_4.png
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_dialpad_5.png
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_dialpad_6.png
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_dialpad_7.png
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_dialpad_8.png
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\voice_dialpad_9.png
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\border_bot.rgn
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\border_left.rgn
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\border_right.rgn
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\border_top.rgn
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\tool_border_bot.rgn
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\tool_border_left.rgn
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\tool_border_right.rgn
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\tool_border_top.rgn
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\border_bot.bmp
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\border_left.bmp
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\border_right.bmp
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\border_top.bmp
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\button_chevron_down.bmp
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\button_chevron_up.bmp
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\capbuttons.bmp
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\columnheads.bmp
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\ITABS.BMP
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\UP_DOWN.BMP
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\combo_arrow.bmp
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\dialbtn_pad.bmp
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\donotdisturb.bmp
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\games_close.bmp
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\groupboxedge.bmp
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\icons_tbar_disabled.bmp
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\icons_tbar_hot.bmp
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\icons_tbar_normal.bmp
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\silver_bg.bmp
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\MENUBAR.BMP
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\menubar_states.bmp
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\MENUITEM.BMP
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\menusearchbar.bmp
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\MENU_BG.BMP
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\menu_scroll.bmp
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\MENU_SEP.BMP
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\pab_abook_off.bmp
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\pab_abook_on.bmp
06/30/08 19:11:35 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Maverick\PAB_ADD1.BMP
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\TYPEDOWN.BMP
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\pab_mlist1_off.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\pab_mlist1_on.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\photoshare_slider.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\photoshare_slider_tray.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\progressbar.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\pushbuttons.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\UP_DOWN.BMP
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\scroll_buttons.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\scroll_griph.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\scroll_gripv.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\statusbar.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\scroll_hbg.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\scroll_hhandle.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\scroll_vbg.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\scroll_vhandle.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\search_bang.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\statusgrabber.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\GRABBIE.PNG
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\HEADERBG.PNG
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\SUBHDRBG.PNG
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\TITLE.PNG
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\tabs_standard.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\tab_border.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\TITLE_UP.PNG
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\toolbarbuttons.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\tool_border_bot.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\tool_border_left.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\INDIGO.XML
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\tool_border_right.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\tool_border_top.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\tool_capbuttons.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\trackbar_h.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\trackbar_thumb_down.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\trackbar_thumb_horz.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\trackbar_thumb_left.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\trackbar_thumb_right.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\trackbar_thumb_up.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\trackbar_thumb_vert.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\trackbar_v.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\triangletray.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\up_down_arrow.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\up_down_h.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\GRABBIE.BMP
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\ITABS.BMP
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\up_down_h_arrow.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_callbtn.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\Voice_Circle.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_ctrls.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_lights.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_ringer.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_tbar.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_tbar_hold.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_tbar_incoming.bmp
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\preview_indigo.jpg
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\slotborder.png
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\slotborder_we.png
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\slot_empty_bg.png
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\MENUITEM.BMP
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\MENU_BG.BMP
06/30/08 19:11:36 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\subhdrbg_cls.png
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\subhdrbg_cls_hover.png
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\subhdrbg_hover.png
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\title_down.png
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\title_hover.png
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_dialpad_0.png
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_dialpad_1.png
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_dialpad_10.png
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_dialpad_11.png
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_dialpad_2.png
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_dialpad_3.png
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_dialpad_4.png
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_dialpad_5.png
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_dialpad_6.png
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_dialpad_7.png
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_dialpad_8.png
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\voice_dialpad_9.png
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\border_bot.rgn
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\border_left.rgn
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\border_right.rgn
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\border_top.rgn
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\tool_border_bot.rgn
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\tool_border_left.rgn
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\tool_border_right.rgn
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\tool_border_top.rgn
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\activity_speaker_states.bmp
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\border_bot.bmp
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\CHECKBOX.BMP
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\COMBO.BMP
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\border_left.bmp
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\border_right.bmp
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\border_top.bmp
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\button_chevron_down.bmp
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\button_chevron_up.bmp
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\capbuttons.bmp
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\columnheads.bmp
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\MENUBAR.BMP
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\MENU_SEP.BMP
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\combo_arrow.bmp
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\PAB_ADD1.BMP
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\RADIO.BMP
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\connect_chunkyanim.bmp
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\dark_connect_chunkyanim.bmp
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\dialbtn_pad.bmp
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\donotdisturb.bmp
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\games_close.bmp
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\groupboxedge.bmp
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\icons_tbar_disabled.bmp
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\icons_tbar_hot.bmp
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\icons_tbar_normal.bmp
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\SYS_MENU.BMP
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\menubar_states.bmp
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\TABS.BMP
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\menusearchbar.bmp
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\TBAR_SEP.BMP
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\menu_scroll.bmp
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\silver_bg.bmp
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\mute_states.bmp
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\pab_abook_off.bmp
06/30/08 19:11:37 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\Indigo\pab_abook_on.bmp
06/30/08 19:11:38 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\Graphics\preview_classic_msgr.jpg
06/30/08 19:11:38 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\npYState.dll
06/30/08 19:11:38 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\YbSkin2.dll
06/30/08 19:11:38 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\YAlertCenter.dll
06/30/08 19:11:38 [Info]: Hidden file: c:\Program Files\Yahoo!\Shared\YbSkinSelectRes.dll
06/30/08 19:11:38 [Note]: 10002 2
06/30/08 19:11:38 [Note]: 10002 2
06/30/08 19:12:11 [Note]: 10002 2
06/30/08 19:12:11 [Note]: 10002 2
06/30/08 19:12:25 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\MDELK.EXE
06/30/08 19:12:25 [Note]: 10002 2
06/30/08 19:12:25 [Info]: Hidden file: C:\WINDOWS\system32\wintems.exe
06/30/08 19:12:25 [Note]: 10002 2
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\244109.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\298046.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\326359.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\407937.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\443156.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\476312.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\499453.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\350531.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\232859.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\299687.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\500890.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\533640.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\555437.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\577906.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\320015.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\414468.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\678734.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\732375.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\763562.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\790359.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\1925265.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\1927671.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\1964968.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\2126109.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\2165796.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\2193843.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\2210062.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\244609.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\253437.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\318375.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\364625.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\388843.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\411031.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\172968.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\210328.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\226671.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\420093.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\474484.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\504437.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\521890.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\101218.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\146796.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\180125.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\414609.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\440125.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\464500.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\479968.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\404265.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\429343.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\580921.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\608031.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\644937.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\666421.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\1708843.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\1716750.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\1727593.EXE
06/30/08 19:12:28 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\1829437.EXE
06/30/08 19:12:29 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\2126828.EXE
06/30/08 19:12:29 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\2198281.EXE
06/30/08 19:12:29 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\2290343.EXE
06/30/08 19:12:29 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\DOWNLD\2340531.EXE
06/30/08 19:12:29 [Note]: 10002 2
06/30/08 19:12:29 [Note]: 10002 2
06/30/08 19:12:29 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\MDELK.EXE
06/30/08 19:12:29 [Note]: 10002 2
06/30/08 19:12:29 [Info]: Hidden file: C:\WINDOWS\system32\drivers\hldrrr.exe
06/30/08 19:12:29 [Note]: 10002 2
06/30/08 19:12:29 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS
06/30/08 19:12:29 [Note]: 10002 2
06/30/08 19:12:31 [Note]: 10002 2
06/30/08 19:12:31 [Note]: 10002 2
06/30/08 19:14:22 [Note]: 7007 0


My Hijack log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:40:08 am, on 7/1/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Documents and Settings\ted.TEDS\Application Data\m\flec006.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\System32\locator.exe
C:\Program Files\AnalogX\POW\pow.exe
C:\Program Files\Atomic Clock Sync\Atomic.exe
C:\Program Files\Microsoft Office\Office10\msoffice.exe
C:\Program Files\MemTurbo30\MemTurbo.exe
C:\WINDOWS\system32\drivers\downld\347656.exe
C:\My Downloads\TedCops.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://by122w.bay122.mail.live.com/mail/In...p;wa=wsignin1.0
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe
O1 - Hosts: 209.216.253.186 www.winmx.com err.winmx.com
O1 - Hosts: 209.216.253.186 www.winmx.com err.winmx.com
O1 - Hosts: 65.75.216.6 cache0.winmx.com test3201.winmx.com test3206.winmx.com
O1 - Hosts: 65.75.216.7 cache1.winmx.com test3202.winmx.com test3207.winmx.com
O1 - Hosts: 82.43.229.238 cache2.winmx.com test3203.winmx.com test3208.winmx.com
O1 - Hosts: 205.238.40.1 cache3.winmx.com test3204.winmx.com
O1 - Hosts: 205.238.40.2 cache4.winmx.com test3205.winmx.com
O1 - Hosts: 65.75.216.6 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3527.z1301.winmx.com c3527.z1302.winmx.com c3527.z1303.winmx.com c3527.z1304.winmx.com c3527.z1305.winmx.com c3527.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3528.z1301.winmx.com c3528.z1302.winmx.com c3528.z1303.winmx.com c3528.z1304.winmx.com c3528.z1305.winmx.com c3528.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3529.z1301.winmx.com c3529.z1302.winmx.com c3529.z1303.winmx.com c3529.z1304.winmx.com c3529.z1305.winmx.com c3529.z1306.winmx.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Common Files\justDo\Jd2002.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar: &Paessler Site Inspector 4 Toolbar - {EC3A37EF-F4CF-447A-B0FD-206073E2DAE9} - D:\Programs\PAESSL~1\PSITOO~1.DLL
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - Startup: POW!.lnk = C:\Program Files\AnalogX\POW\pow.exe
O4 - Startup: Atomic Clock Sync.lnk = C:\Program Files\Atomic Clock Sync\Atomic.exe
O4 - Startup: MemTurbo.lnk = C:\Program Files\MemTurbo30\MemTurbo.exe
O4 - Global Startup: Microsoft Office Shortcut Bar.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Copy As Html - C:\Program Files\Fillmore Technology Group\Utilities\IE\CopyHtmlTextIE.html
O8 - Extra context menu item: Copy As Plain Text - C:\Program Files\Fillmore Technology Group\Utilities\IE\CopyPlainTextIE.html
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Download with Xilisoft Download YouTube Video - C:\Program Files\Xilisoft\Download YouTube Video\upod_link.HTM
O8 - Extra context menu item: Download with Xilisoft YouTube Video Converter - C:\Program Files\Xilisoft\YouTube Video Converter\upod_link.HTM
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: PSI: Copy Image as HTML Tag - res://D:\Programs\Paessler Site Inspector 4\PSIToolbar.dll/copy-img-tag
O8 - Extra context menu item: PSI: Copy Image URL - res://D:\Programs\Paessler Site Inspector 4\PSIToolbar.dll/copy-img-src
O8 - Extra context menu item: PSI: Copy Link as HTML Tag - res://D:\Programs\Paessler Site Inspector 4\PSIToolbar.dll/copy-a-tag
O8 - Extra context menu item: PSI: Copy Meister - res://D:\Programs\Paessler Site Inspector 4\PSIToolbar.dll/copymeister
O8 - Extra context menu item: PSI: Open Frame In New Window - res://D:\Programs\Paessler Site Inspector 4\PSIToolbar.dll/open-frame-in-new-window
O8 - Extra context menu item: PSI: Open Frame In This Window - res://D:\Programs\Paessler Site Inspector 4\PSIToolbar.dll/open-frame-in-this-window
O8 - Extra context menu item: PSI: Open Selected Text as URL in New Window - res://D:\Programs\Paessler Site Inspector 4\PSIToolbar.dll/open-selection
O8 - Extra context menu item: PSI: Show All Forms - res://D:\Programs\Paessler Site Inspector 4\PSIToolbar.dll/forms
O8 - Extra context menu item: PSI: Show All Images - res://D:\Programs\Paessler Site Inspector 4\PSIToolbar.dll/images
O8 - Extra context menu item: PSI: Show All Links - res://D:\Programs\Paessler Site Inspector 4\PSIToolbar.dll/links
O8 - Extra context menu item: PSI: Show All Scripts - res://D:\Programs\Paessler Site Inspector 4\PSIToolbar.dll/scripts
O8 - Extra context menu item: PSI: Show All Stylesheets - res://D:\Programs\Paessler Site Inspector 4\PSIToolbar.dll/styles
O8 - Extra context menu item: PSI: Show HTTP Header - res://D:\Programs\Paessler Site Inspector 4\PSIToolbar.dll/headers
O8 - Extra context menu item: PSI: Show Source - res://D:\Programs\Paessler Site Inspector 4\PSIToolbar.dll/source
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Common Files\justDo\IECatcher.DLL/FlashCatcher.htm
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - D:\Program Files\VisualRoute Lite Edition\vrie.dll
O9 - Extra 'Tools' menuitem: VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - D:\Program Files\VisualRoute Lite Edition\vrie.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Common Files\justDo\IECatcher.DLL
O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Common Files\justDo\IECatcher.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.3.7.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/sit...b?1210716446296
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1192928358405
O16 - DPF: {9E065E4A-BD9D-4547-8F90-985DC62A5591} (PlayerPT Control) - http://cam1.hdvideo.ca:1024/PlayerPT.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://crucial.com/controls/cpcScanner.cab
O16 - DPF: {F09BFD07-20B5-46D8-A6D5-BE4EF22F1F4D} (DGTx.uc1) - http://members.driverguide.com/director/di...de=toolkit_lite
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (DownloadManager Control) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.1.6.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 17859 bytes
I am pulling my hair if someone can help please do

thank you for helping

PS i managed to save ComboFix under a differant name also but have not used it yet
quietman7
Jul 1 2008, 12:06 PM
I have moved your Topic that includes a HijackThis log here to the Misplaced HJT Logs forum. You posted your log in a forum not intended for HijackThis logs analysis and probably missed the directions we provide to those who require assistance. We can only allow topics with such logs in the HijackThis Logs and Malware Removal forum. This restriction is to ensure you get the best help available, from those who specialize in malware anlaysis and removal. It also should prevent you from receiving ineffective or even potentially dangerous advice, whether well meaning or not.

Prior to posting a HJT log, we ask that you please read and follow all instructions in the pinned topic titled Preparation Guide For Use Before Posting A Hijackthis Log. Following the steps in this Guide will allow the HJT Team to quickly help you with specific fixes for what may remain on your system.

Please complete all the steps in the Guide. If you have performed some of them already, then just continue with the next. There are instructions for downloading and running Deckard's System Scanner (DSS) which will create a hijackthis log for you, or automatically download and install the most current version of HijackThis if it's not already installed on your computer.

Please note that it is important that Deckard's System Scanner be run and a log created while in normal mode. If you run it and create your log while in safe mode, you will be asked to redo it again properly. When you have completed those steps, start a new topic in the HijackThis Logs and Malware Removal forum as directed in the Guide to post a new log.

Please DO NOT post any more logs to this topic, or post a log again in the wrong forum.

The Misplaced HJT Logs forum is strictly a holding area where the BC Staff can assist you with preparations for and to properly post your log. If you have a question or encounter a problem in the Prep Guide, please do post back to this topic; that is what it is here for.

When your new HJT log is posted in the proper forum, please reply to this topic with a link to your new topic. Once that is done, a Member of the HJT Team will analyze your log and assist you with step by step instructions to clean your computer or otherwise advise what needs to be done.

Thanks for your cooperation and good luck.
The BC Staff

IMPORTANT NOTE: One or more of the identified infections is a backdoor Trojan with rootkit characteristics. Backdoor Trojans, IRCBots and Infostealers are very dangerous because they provide a means of accessing a computer system that bypasses security mechanisms and steal sensitive information like passwords, personal and financial data which they send back to the hacker. Remote attackers use backdoor Trojans as part of an exploit to gain unauthorized access to a computer and take control of it without your knowledge. Read Danger: Remote Access Trojans.

If your computer was used for online banking, has credit card information or other sensitive data on it, you should immediately disconnect from the Internet until your system is cleaned. All passwords should be changed immediately to include those used for banking, email, eBay, paypal and online forums. You should consider them to be compromised. They should be changed by using a different computer and not the infected one. If not, an attacker may get the new passwords and transaction information. Banking and credit card institutions should be notified of the possible security breach. Because your computer was compromised please read How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

Although the backdoor Trojan has been identified and may be removed, your PC has likely been compromised and there is no way to be sure the computer can ever be trusted again. It is dangerous and incorrect to assume that because the backdoor Trojan has been removed the computer is now secure. Many experts in the security community believe that once infected with this type of malware, the best course of action is to wipe the drive clean, reformat and reinstall the OS. Please read "When should I re-format? How should I reinstall?" and "Help: I Got Hacked. Now What Do I Do?".

Should you decide not to follow that advice, we will do our best to help clean the computer of any infections but we cannot guarantee it to be trustworthy or that the removal will be successful. If you wish to proceed, please follow the instructions provided above.
tjmoes
Jul 1 2008, 12:21 PM
reposted in correct forum
thank you
TMacK
Jul 1 2008, 05:54 PM
Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a HJT Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make may cause confusion for the member assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the HJT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the HJT Team members are very busy working on logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond

If after 5 days you still have received no response, then post a link to your HJT log in the thread titled "Haven't Had A Reply In Five Days?".

To avoid confusion, I am closing this topic.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2008 Invision Power Services, Inc.