Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need Help For Zundo Winfixer Infection Please


  • This topic is locked This topic is locked
18 replies to this topic

#1 IsaacInfante

IsaacInfante

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:15 AM

Posted 02 February 2008 - 09:47 PM

Hello I have no idea how it happened but my computer went crazy yesterday. It would crash and when I would reboot it would give me this prompt: NT_Kernel error 1256 and KMODE_EXCEPTION_NOT_HANDLED It also added two shortcuts/icons that were fake.

I looked on the internet for a fix and ran a scan on my McAfee with nothing found except a quarantined file call winfixer. In reading on the net I found that winfixer has been causing problems. In looking a little deeper and and rebooting my computer for 20th time I started getting this prompt: p-07-0100 irql: 1fSYSVER 0xff00024 so I researched that prompt and found information talking about Zundo and system32/rundll32.exe During this time my computer would crash and open up 41 windows that I could not stop as they would just keep coming.

Thats when I came to this site and followed the intructions from D-Trojanator on How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo.
Credits: Atribune for VundoFix

I did the Vundo Fix scan and it cleaned out some files however the two it could not get rid of was
c:\window\system32\tuvvvsq.dll and c:\window\system32\wnhcwoan.dll

From there I did the VirtumundoBegone scan and clean but again there were files that could not be removed. Then I cleaned out my temporary files and recycle bin. Next I did the Ad-ware scan twice as instructed followed by Spybot Search and Destroy. Same results there is still something there. Next I ran Bit Defender followed by McAfee Avert Stinger. While doing that I ran my McAfee for updates which there were none and did a scan with nothing found. I have a firewall by McAfee.

So this is where I am at now. I can somewhat get online with out all the 41 windows popping up. However I get these adds that pop up for couples, medical supplies, video pod casts, and sexy search. Also my computer crashes where all I get is my screen save and locks. Thank you in advance for any help given and your time and expertise. I did the hijackthis scan and this is the log I received:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:23:51 PM, on 2/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\dldoserv.exe
C:\WINDOWS\system32\dldocoms.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\McAfee\MBK\MBackMonitor.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\SiteAdvisor\6253\SAService.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\Dit.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\WINDOWS\DitExp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 192.168.254.254
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn4\yt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn4\yt.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [8c4570f4] rundll32.exe "C:\WINDOWS\system32\gdhcuumg.dll",b
O4 - HKLM\..\Run: [McAfee Backup] C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
O4 - HKLM\..\Run: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [gcNotifier] C:\Documents and Settings\Isaac\Local Settings\Application Data\VTShared\GCNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EP...l_v1-0-3-24.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {78AEEDE8-7345-4FB5-A8FE-4BFF16EF25FC} (McAfee Virtual Technician Control Class) - http://us-download.mcafee.com/products/protected/mvt/mvt.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/games/web_...aploader_v6.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: dlbu_device - Dell - C:\WINDOWS\system32\dlbucoms.exe
O23 - Service: dldoCATSCustConnectService - Unknown owner - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\dldoserv.exe
O23 - Service: dldo_device - - C:\WINDOWS\system32\dldocoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

--
End of file - 12272 bytes

Edited by IsaacInfante, 02 February 2008 - 09:50 PM.


BC AdBot (Login to Remove)

 


m

#2 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:10:15 AM

Posted 03 February 2008 - 10:20 AM

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. :thumbsup:

Please download ComboFix and save it to your desktop.

Prior to running Combofix.exe you should disable your antivirus program and disconnect from the internet.

Double click combofix.exe and follow the prompts.
When it's done running it will produce a log for you. Please post that log in your next reply.

Important Note - Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#3 IsaacInfante

IsaacInfante
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:15 AM

Posted 03 February 2008 - 11:32 AM

Hello Sam! First thank you for your assistance. I had some trouble getting the scan done but I finally got it. Here is the Combofix log:

ComboFix 08-02.03.1 - Isaac 2008-02-03 10:25:24.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.559 [GMT -6:00]
Running from: C:\Documents and Settings\Isaac\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\WINDOWS\system32\awvvv.dll
C:\WINDOWS\system32\bmuqbalz.dll
C:\Documents and Settings\Isaac\Application Data\macromedia\Flash Player\#SharedObjects\4UTHS8KU\www.broadcaster.com
C:\Documents and Settings\Isaac\Application Data\macromedia\Flash Player\#SharedObjects\4UTHS8KU\www.broadcaster.com\played_list.sol
C:\Documents and Settings\Isaac\Application Data\macromedia\Flash Player\#SharedObjects\4UTHS8KU\www.broadcaster.com\video_queue.sol
C:\Documents and Settings\Isaac\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
C:\Documents and Settings\Isaac\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\awvvv.dll
C:\WINDOWS\system32\bmuqbalz.dll
C:\WINDOWS\system32\bmuqbalz.dllbox
C:\WINDOWS\system32\bszip.dll
C:\WINDOWS\system32\gdhcuumg.dll
C:\WINDOWS\SYSTEM32\gmuuchdg.ini
C:\WINDOWS\SYSTEM32\jhpulsdw.ini
C:\WINDOWS\system32\lccapjxr.dll
C:\WINDOWS\system32\sfjvdtve.dll
C:\WINDOWS\system32\tuvvvsq.dll
C:\WINDOWS\SYSTEM32\vvvwa.ini
C:\WINDOWS\SYSTEM32\vvvwa.ini2
C:\WINDOWS\system32\wnhcwoan.dllbox
C:\WINDOWS\system32\ygwmvsig.dll

.
((((((((((((((((((((((((( Files Created from 2008-01-03 to 2008-02-03 )))))))))))))))))))))))))))))))
.

2008-02-02 09:22 . 2008-02-02 11:29 <DIR> d-------- C:\WINDOWS\BDOSCAN8
2008-02-02 09:14 . 2008-02-02 09:14 <DIR> d-------- C:\Documents and Settings\Isaac\.housecall6.6
2008-02-02 06:56 . 2008-02-02 06:56 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-02-02 06:56 . 2008-02-02 07:12 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-02-02 03:06 . 2008-02-02 03:06 <DIR> d-------- C:\Program Files\Lavasoft
2008-02-02 03:06 . 2008-02-02 03:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-02-02 03:05 . 2008-02-02 03:05 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-02-02 00:12 . 2008-02-02 00:12 2,560 --a------ C:\WINDOWS\_MSRSTRT.EXE
2008-02-01 23:41 . 2008-02-01 23:41 <DIR> d-------- C:\Program Files\Trend Micro
2008-02-01 22:12 . 2008-02-02 11:14 <DIR> d-------- C:\VundoFix Backups
2008-01-31 19:35 . 2008-01-31 19:35 <DIR> d-------- C:\WINDOWS\SYSTEM32\bak
2008-01-31 19:35 . 2008-01-31 19:35 <DIR> d-------- C:\WINDOWS\bak
2008-01-09 15:01 . 2008-01-09 15:01 53,248 --a------ C:\WINDOWS\bdoscandel.exe
2008-01-09 15:01 . 2008-01-09 15:01 453 --a------ C:\WINDOWS\bdoscandellang.ini
2008-01-09 03:29 . 2008-01-17 09:44 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-01-09 03:28 . 2008-01-09 03:28 <DIR> d-------- C:\Program Files\muvee Technologies
2008-01-09 03:28 . 2008-01-09 03:29 <DIR> d-------- C:\Program Files\Common Files\muvee Technologies
2008-01-09 03:28 . 2008-01-09 03:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\muvee Technologies
2008-01-04 00:22 . 2008-02-01 00:56 2,828 --ahs---- C:\WINDOWS\SYSTEM32\KGyGaAvL.sys
2008-01-04 00:22 . 2008-02-01 00:33 88 -rahs---- C:\WINDOWS\SYSTEM32\6905D263BB.sys
2008-01-04 00:16 . 2008-02-01 00:33 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-04 00:16 . 2008-01-04 00:16 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-03 23:56 . 2008-01-03 23:56 <DIR> d-------- C:\Documents and Settings\Isaac\Application Data\968 Series
2008-01-03 23:46 . 2008-01-03 23:46 <DIR> d-------- C:\logs
2008-01-03 23:46 . 2008-01-18 17:07 <DIR> d-------- C:\Documents and Settings\All Users\Dl_cats
2008-01-03 23:45 . 2008-01-04 00:23 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Corel
2008-01-03 23:45 . 2007-09-06 14:40 692,224 --a------ C:\WINDOWS\SYSTEM32\dldodrs.dll
2008-01-03 23:45 . 2007-08-03 11:08 348,160 --a------ C:\WINDOWS\SYSTEM32\dldocoin.dll
2008-01-03 23:45 . 2007-06-14 14:45 69,632 --a------ C:\WINDOWS\SYSTEM32\dldocnv4.dll
2008-01-03 23:45 . 2007-08-31 12:51 65,536 --a------ C:\WINDOWS\SYSTEM32\dldocaps.dll
2008-01-03 23:45 . 2006-07-31 23:53 40,960 --a------ C:\WINDOWS\SYSTEM32\dldovs.dll
2008-01-03 23:44 . 2008-01-03 23:44 <DIR> d-------- C:\Program Files\Corel
2008-01-03 23:44 . 2008-01-03 23:44 <DIR> d-------- C:\Program Files\Abbyy FineReader 6.0 Sprint
2008-01-03 23:43 . 2008-01-03 23:43 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\968 Series
2008-01-03 23:43 . 2007-07-19 09:21 339,968 --a------ C:\WINDOWS\SYSTEM32\IMGMAN32.DLL
2008-01-03 23:43 . 2007-07-19 09:21 98,345 --a------ C:\WINDOWS\SYSTEM32\IMHOST32.DLL
2008-01-03 23:43 . 2007-07-19 09:21 98,304 --a------ C:\WINDOWS\SYSTEM32\IM31XPNG.DEL
2008-01-03 23:43 . 2007-07-19 09:21 69,632 --a------ C:\WINDOWS\SYSTEM32\IM31XTIF.DEL
2008-01-03 23:43 . 2007-07-19 09:21 49,152 --a------ C:\WINDOWS\SYSTEM32\IM31IMG.DIL
2008-01-03 23:43 . 2007-06-11 07:01 49,152 --a------ C:\WINDOWS\SYSTEM32\dldooem.dll
2008-01-03 23:43 . 2007-09-17 08:24 45,056 --a------ C:\WINDOWS\SYSTEM32\DLDOPMON.DLL
2008-01-03 23:43 . 2007-09-17 08:24 32,768 --a------ C:\WINDOWS\SYSTEM32\DLDOFXPU.DLL
2008-01-03 23:43 . 2007-09-17 08:26 12,288 --a------ C:\WINDOWS\SYSTEM32\DLDOPMRC.DLL
2008-01-03 23:12 . 2008-02-02 03:35 <DIR> d-------- C:\Program Files\Dell 968 AIO Printer
2008-01-03 13:12 . 2008-01-03 13:14 <DIR> d-------- C:\Documents and Settings\Isaac\Application Data\VTExtra
2008-01-03 13:10 . 2008-01-03 13:10 <DIR> d-------- C:\Documents and Settings\Isaac\Application Data\InstallShield

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-03 16:08 --------- d-----w C:\Documents and Settings\Isaac\Application Data\SiteAdvisor
2008-02-02 09:46 --------- d-----w C:\Program Files\QuickTime
2008-02-02 09:38 --------- d-----w C:\Program Files\iTunes
2008-02-02 09:36 --------- d-----w C:\Program Files\DellSupport
2008-02-02 09:35 --------- d-----w C:\Program Files\Dell Photo AIO Printer 942
2008-02-01 06:33 --------- d-----w C:\Documents and Settings\Isaac\Application Data\Corel
2008-01-27 17:57 --------- d-----w C:\Documents and Settings\Isaac\Application Data\ZoomBrowser EX
2008-01-27 17:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\ZoomBrowser
2008-01-09 09:28 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-09 09:28 --------- d-----w C:\Program Files\Common Files\Corel
2008-01-01 08:24 --------- d-----w C:\Program Files\SiteAdvisor
2007-12-28 01:37 --------- d-----w C:\Program Files\Microsoft Games
2007-12-28 00:56 --------- d-----w C:\Program Files\Diablo
2007-12-17 13:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\MGS
2007-12-17 12:28 --------- d-----w C:\Program Files\Millionaire Casino
2007-12-17 12:28 --------- d-----w C:\Program Files\Common Files\CasinoVegasShared
2007-12-15 09:12 118,784 ----a-w C:\WINDOWS\DiabUnin.exe
2007-12-15 01:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Logishrd
2007-12-15 01:21 --------- d-----w C:\Program Files\Common Files\LogiShrd
2007-12-15 01:07 --------- d-----w C:\Program Files\Logitech
2007-12-14 17:32 12,632 ----a-w C:\WINDOWS\SYSTEM32\lsdelete.exe
2007-12-05 05:05 --------- d-----w C:\Program Files\Common Files\supportsoft
2007-11-14 07:26 450,560 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\jscript.dll
2007-11-07 09:26 721,920 ----a-w C:\WINDOWS\SYSTEM32\lsasrv.dll
2007-11-07 09:26 721,920 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\lsasrv.dll
2007-01-15 09:53 784 ----a-w C:\Documents and Settings\Isaac\Application Data\mpauth.dat
2006-04-01 12:49 294,803 --sha-w C:\WINDOWS\SYSTEM32\ijjlm.bak1
2006-04-13 11:40 550,409 --sha-w C:\WINDOWS\SYSTEM32\ijjlm.bak2
.

((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CD010D2F-14D8-4FF2-802B-CE609C34A722}]
C:\WINDOWS\system32\ssqpq.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FB1814B1-96B1-49F7-BB7D-D85956243699}]
C:\WINDOWS\system32\jkhff.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [ ]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 10:24 1694208]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2007-08-30 16:43 4670704]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 05:00 15360]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [ ]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [ ]
"gcNotifier"="C:\Documents and Settings\Isaac\Local Settings\Application Data\VTShared\GCNotifier.exe" [ ]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-11-11 17:11 4612096]
"CTHelper"="CTHELPER.EXE" [2004-03-11 09:50 28672 C:\WINDOWS\SYSTEM32\CTHELPER.EXE]
"Dit"="Dit.exe" [2003-05-19 17:39 81920 C:\WINDOWS\Dit.exe]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-08-03 22:33 582992]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 16:33 563984]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 16:37 2178832]
"McAfee Backup"="C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe" [2007-01-16 13:59 4838952]
"MBkLogOnHook"="C:\Program Files\McAfee\MBK\LogOnHook.exe" [2007-01-08 11:22 20480]
"MMTray"="C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" [ ]
"Corel Photo Downloader"="C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe" [2007-03-21 01:33 478800]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 21:05:26 29696]
America Online 9.0 Tray Icon.lnk - C:\Program Files\America Online 9.0\aoltray.exe [2005-03-08 09:51:24 156784]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-10-12 08:33:55 67128]
QuickBooks Update Agent.lnk - C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2004-11-11 11:59:36 806912]
ymetray.lnk - C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe [2007-10-03 13:56:10 54512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sgpzxuis]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll

R2 dldo_device;dldo_device;C:\WINDOWS\system32\dldocoms.exe [2007-10-05 07:30]
R2 dldoCATSCustConnectService;dldoCATSCustConnectService;C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\dldoserv.exe [2007-10-05 07:30]
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service []
S3 cdiskdun;cdiskdun;C:\DOCUME~1\Isaac\LOCALS~1\Temp\cdiskdun.sys []

.
Contents of the 'Scheduled Tasks' folder
"2008-02-01 20:46:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-01-15 07:26:11 C:\WINDOWS\Tasks\McDefragTask.job"
- C:\WINDOWS\system32\DEFRAG.EXE
"2008-02-01 07:03:39 C:\WINDOWS\Tasks\McQcTask.job"
- c:\program files\mcafee\mqc\QcConsol.exe.4158 0
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-03 10:28:56
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-02-03 10:30:09
ComboFix-quarantined-files.txt 2008-02-03 16:30:06
ComboFix2.txt 2008-02-03 16:21:25
.
2008-01-09 09:02:19 --- E O F ---

#4 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:10:15 AM

Posted 03 February 2008 - 11:56 PM

Copy and paste ALL the following text in the Quote box below into Notepad.
Click on File(in the menu at the top)>Save as../Save as Type: 'All Files' /File name: CFScript to your desktop.

Folder::
C:\VundoFix Backups

File::
C:\WINDOWS\SYSTEM32\ijjlm.bak1
C:\WINDOWS\SYSTEM32\ijjlm.bak2

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CD010D2F-14D8-4FF2-802B-CE609C34A722}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FB1814B1-96B1-49F7-BB7D-D85956243699}]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sgpzxuis]
Prior to running Combofix.exe you should disable your antivirus program and disconnect from the internet.

Now drag then drop the CFScript file onto ComboFix.exe as seen in the image below.

Posted Image

This will start ComboFix again.
After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply along with a new HijackThis log.


================


Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 onlyDouble-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.



=================



Flush your system restore, this will delete any restore points that you have but it will also make sure that any malware hiding in system restore will be booted off.

Turn off System Restore:
  • On the Desktop, right-click My Computer.
  • Click Properties.
  • Click the System Restore tab.
  • Check Turn off System Restore.
  • Click Apply, and then click OK.
Restart your computer, turn it back on and create a restore point.

Create a restore point:
  • Click Start and point to All Programs.
  • Mouse over Accessories, then System Tools, and select System Restore.
  • In the System Restore wizard, select the box next the text labeled "Create a
    restore point" and click the Next button.
  • Type a description for your new restore point. Something like "After
    cleanup". Click Create and you're done.

================



Please do an online scan with Kaspersky WebScanner

Click on Kaspersky Online Scanner

You will be promted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
    Extended (if available otherwise Standard)
    • Scan Options:
    Scan Archives
    Scan Mail Bases
  • Click OK
  • Now under select a target to scan:Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#5 IsaacInfante

IsaacInfante
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:15 AM

Posted 04 February 2008 - 01:54 AM

Hello again Sam, here is my code from Combofix:

ComboFix 08-02.03.1 - Isaac 2008-02-04 0:43:20.5 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.569 [GMT -6:00]
Running from: C:\Documents and Settings\Isaac\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Isaac\Desktop\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE
C:\WINDOWS\SYSTEM32\ijjlm.bak1
C:\WINDOWS\SYSTEM32\ijjlm.bak2
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------


.
C:\VundoFix Backups
C:\VundoFix Backups\addmorefiles.txt
C:\VundoFix Backups\bakwjjnq.dll.bad
C:\VundoFix Backups\ffhkj.ini.bad
C:\VundoFix Backups\ffhkj.ini2.bad
C:\VundoFix Backups\fohgaleq.dll.bad
C:\VundoFix Backups\iricygqi.dll.bad
C:\VundoFix Backups\jkhff.dll.bad
C:\VundoFix Backups\kroulbnn.dllbox.bad
C:\VundoFix Backups\pqcflnyi.dll.bad
C:\VundoFix Backups\pqcflnyi.dllbox.bad
C:\VundoFix Backups\qnjjwkab.ini.bad
C:\VundoFix Backups\qpqss.ini.bad
C:\VundoFix Backups\qpqss.ini2.bad
C:\VundoFix Backups\tntqohup.dll.bad
C:\VundoFix Backups\wdsluphj.dll.bad
C:\VundoFix Backups\wnhcwoan.dllbox.bad
C:\WINDOWS\SYSTEM32\ijjlm.bak1
C:\WINDOWS\SYSTEM32\ijjlm.bak2

.
((((((((((((((((((((((((( Files Created from 2008-01-04 to 2008-02-04 )))))))))))))))))))))))))))))))
.

2008-02-02 09:22 . 2008-02-02 11:29 <DIR> d-------- C:\WINDOWS\BDOSCAN8
2008-02-02 09:14 . 2008-02-02 09:14 <DIR> d-------- C:\Documents and Settings\Isaac\.housecall6.6
2008-02-02 06:56 . 2008-02-02 06:56 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-02-02 06:56 . 2008-02-02 07:12 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-02-02 03:06 . 2008-02-02 03:06 <DIR> d-------- C:\Program Files\Lavasoft
2008-02-02 03:06 . 2008-02-02 03:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-02-02 03:05 . 2008-02-02 03:05 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-02-02 00:12 . 2008-02-02 00:12 2,560 --a------ C:\WINDOWS\_MSRSTRT.EXE
2008-02-01 23:41 . 2008-02-01 23:41 <DIR> d-------- C:\Program Files\Trend Micro
2008-01-31 19:35 . 2008-01-31 19:35 <DIR> d-------- C:\WINDOWS\SYSTEM32\bak
2008-01-31 19:35 . 2008-01-31 19:35 <DIR> d-------- C:\WINDOWS\bak
2008-01-09 15:01 . 2008-01-09 15:01 53,248 --a------ C:\WINDOWS\bdoscandel.exe
2008-01-09 15:01 . 2008-01-09 15:01 453 --a------ C:\WINDOWS\bdoscandellang.ini
2008-01-09 03:29 . 2008-01-17 09:44 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-01-09 03:28 . 2008-01-09 03:28 <DIR> d-------- C:\Program Files\muvee Technologies
2008-01-09 03:28 . 2008-01-09 03:29 <DIR> d-------- C:\Program Files\Common Files\muvee Technologies
2008-01-09 03:28 . 2008-01-09 03:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\muvee Technologies
2008-01-04 00:22 . 2008-02-01 00:56 2,828 --ahs---- C:\WINDOWS\SYSTEM32\KGyGaAvL.sys
2008-01-04 00:22 . 2008-02-01 00:33 88 -rahs---- C:\WINDOWS\SYSTEM32\6905D263BB.sys
2008-01-04 00:16 . 2008-02-01 00:33 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-04 00:16 . 2008-01-04 00:16 1,409 --a------ C:\WINDOWS\QTFont.for

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-04 06:41 --------- d-----w C:\Documents and Settings\Isaac\Application Data\SiteAdvisor
2008-02-02 09:46 --------- d-----w C:\Program Files\QuickTime
2008-02-02 09:38 --------- d-----w C:\Program Files\iTunes
2008-02-02 09:36 --------- d-----w C:\Program Files\DellSupport
2008-02-02 09:35 --------- d-----w C:\Program Files\Dell Photo AIO Printer 942
2008-02-02 09:35 --------- d-----w C:\Program Files\Dell 968 AIO Printer
2008-02-01 06:33 --------- d-----w C:\Documents and Settings\Isaac\Application Data\Corel
2008-01-31 01:05 --------- d-----w C:\WINDOWS\system32\config\systemprofile\Application Data\SiteAdvisor
2008-01-27 17:57 --------- d-----w C:\Documents and Settings\Isaac\Application Data\ZoomBrowser EX
2008-01-27 17:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\ZoomBrowser
2008-01-09 09:28 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-09 09:28 --------- d-----w C:\Program Files\Common Files\Corel
2008-01-04 06:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\Corel
2008-01-04 05:56 --------- d-----w C:\Documents and Settings\Isaac\Application Data\968 Series
2008-01-04 05:44 --------- d-----w C:\Program Files\Corel
2008-01-04 05:44 --------- d-----w C:\Program Files\Abbyy FineReader 6.0 Sprint
2008-01-04 05:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\968 Series
2008-01-03 19:14 --------- d-----w C:\Documents and Settings\Isaac\Application Data\VTExtra
2008-01-03 19:10 --------- d-----w C:\Documents and Settings\Isaac\Application Data\InstallShield
2008-01-01 08:24 --------- d-----w C:\Program Files\SiteAdvisor
2007-12-28 01:37 --------- d-----w C:\Program Files\Microsoft Games
2007-12-28 00:56 --------- d-----w C:\Program Files\Diablo
2007-12-17 13:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\MGS
2007-12-17 12:28 --------- d-----w C:\Program Files\Millionaire Casino
2007-12-17 12:28 --------- d-----w C:\Program Files\Common Files\CasinoVegasShared
2007-12-15 09:12 118,784 ----a-w C:\WINDOWS\DiabUnin.exe
2007-12-15 01:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Logishrd
2007-12-15 01:21 --------- d-----w C:\Program Files\Common Files\LogiShrd
2007-12-15 01:07 --------- d-----w C:\Program Files\Logitech
2007-12-14 17:32 12,632 ----a-w C:\WINDOWS\SYSTEM32\lsdelete.exe
2007-12-05 05:05 --------- d-----w C:\Program Files\Common Files\supportsoft
2007-11-14 07:26 450,560 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\jscript.dll
2007-11-07 09:26 721,920 ----a-w C:\WINDOWS\SYSTEM32\lsasrv.dll
2007-11-07 09:26 721,920 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\lsasrv.dll
2007-01-15 09:53 784 ----a-w C:\Documents and Settings\Isaac\Application Data\mpauth.dat
.

((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9069b3f2-7eaa-4851-b830-d963e018074a}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DEC89E42-C7D4-4FC9-BD9B-A17FB82951DB}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [ ]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 10:24 1694208]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2007-08-30 16:43 4670704]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 05:00 15360]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [ ]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [ ]
"gcNotifier"="C:\Documents and Settings\Isaac\Local Settings\Application Data\VTShared\GCNotifier.exe" [ ]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-11-11 17:11 4612096]
"CTHelper"="CTHELPER.EXE" [2004-03-11 09:50 28672 C:\WINDOWS\SYSTEM32\CTHELPER.EXE]
"Dit"="Dit.exe" [2003-05-19 17:39 81920 C:\WINDOWS\Dit.exe]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-08-03 22:33 582992]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 16:33 563984]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 16:37 2178832]
"McAfee Backup"="C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe" [2007-01-16 13:59 4838952]
"MBkLogOnHook"="C:\Program Files\McAfee\MBK\LogOnHook.exe" [2007-01-08 11:22 20480]
"MMTray"="C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" [ ]
"8c4570f4"="C:\WINDOWS\system32\gdhcuumg.dll" [ ]
"Corel Photo Downloader"="C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe" [2007-03-21 01:33 478800]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 21:05:26 29696]
America Online 9.0 Tray Icon.lnk - C:\Program Files\America Online 9.0\aoltray.exe [2005-03-08 09:51:24 156784]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-10-12 08:33:55 67128]
QuickBooks Update Agent.lnk - C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2004-11-11 11:59:36 806912]
ymetray.lnk - C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe [2007-10-03 13:56:10 54512]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll

R2 dldo_device;dldo_device;C:\WINDOWS\system32\dldocoms.exe [2007-10-05 07:30]
R2 dldoCATSCustConnectService;dldoCATSCustConnectService;C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\dldoserv.exe [2007-10-05 07:30]
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service []
S3 cdiskdun;cdiskdun;C:\DOCUME~1\Isaac\LOCALS~1\Temp\cdiskdun.sys []

.
Contents of the 'Scheduled Tasks' folder
"2008-02-01 20:46:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-01-15 07:26:11 C:\WINDOWS\Tasks\McDefragTask.job"
- C:\WINDOWS\system32\DEFRAG.EXE
"2008-02-01 07:03:39 C:\WINDOWS\Tasks\McQcTask.job"
- c:\program files\mcafee\mqc\QcConsol.exe.4158 0
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-04 00:47:02
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-02-04 0:48:22
ComboFix-quarantined-files.txt 2008-02-04 06:48:13
ComboFix2.txt 2008-02-03 16:30:10
ComboFix3.txt 2008-02-03 16:21:25
.
2008-01-09 09:02:19 --- E O F ---

Now here is my code from hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:57:43 AM, on 2/4/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\dldoserv.exe
C:\WINDOWS\system32\dldocoms.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\McAfee\MBK\MBackMonitor.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\SiteAdvisor\6253\SAService.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\Dit.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
C:\WINDOWS\DitExp.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 192.168.254.254
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn4\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn4\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {9069b3f2-7eaa-4851-b830-d963e018074a} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {CD010D2F-14D8-4FF2-802B-CE609C34A722} - (no file)
O2 - BHO: (no name) - {DEC89E42-C7D4-4FC9-BD9B-A17FB82951DB} - (no file)
O2 - BHO: (no name) - {FB1814B1-96B1-49F7-BB7D-D85956243699} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn4\yt.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [McAfee Backup] C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
O4 - HKLM\..\Run: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [8c4570f4] rundll32.exe "C:\WINDOWS\system32\gdhcuumg.dll",b
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [gcNotifier] C:\Documents and Settings\Isaac\Local Settings\Application Data\VTShared\GCNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EP...l_v1-0-3-24.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {78AEEDE8-7345-4FB5-A8FE-4BFF16EF25FC} (McAfee Virtual Technician Control Class) - http://us-download.mcafee.com/products/protected/mvt/mvt.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/games/web_...aploader_v6.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: dlbu_device - Dell - C:\WINDOWS\system32\dlbucoms.exe
O23 - Service: dldoCATSCustConnectService - Unknown owner - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\dldoserv.exe
O23 - Service: dldo_device - - C:\WINDOWS\system32\dldocoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

--
End of file - 13573 bytes

Now here is the scan information from the Kaspersky Online Scanner:

Sam, now I have this log but it is extremely and I mean extremely long. It is many pages long. Do you still want me to send it? I am not sure if it is possible to send a message that big in a message. Let me know and I will send it if you need it.

Edited by IsaacInfante, 04 February 2008 - 04:35 AM.


#6 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:10:15 AM

Posted 04 February 2008 - 09:25 AM

Yes, I do need to see that Kaspersky log. You can attach it as a text file instead of posting it.

You must disable Spybot's Teatimer function before proceeding with this fix. Otherwise it will intefere with hijackthis.
  • Open Spybot Search & Destroy.
  • In the Mode menu click "Advanced mode" if not already selected.
  • Choose "Yes" at the Warning prompt.
  • Expand the "Tools" menu.
  • Click "Resident".
  • Uncheck the "Resident "TeaTimer" (Protection of overall system settings) active." box.
  • In the File menu click "Exit" to exit Spybot Search & Destroy.

===============


Run Hijackthis again, click scan, and Put a checkmark next to each of the lines listed below. Then close all other windows--you should only see HijackThis on your Desktop--and click the Fix Checked button.

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)
O2 - BHO: (no name) - {9069b3f2-7eaa-4851-b830-d963e018074a} - (no file)
O2 - BHO: (no name) - {CD010D2F-14D8-4FF2-802B-CE609C34A722} - (no file)
O2 - BHO: (no name) - {DEC89E42-C7D4-4FC9-BD9B-A17FB82951DB} - (no file)
O2 - BHO: (no name) - {FB1814B1-96B1-49F7-BB7D-D85956243699} - (no file)
O4 - HKLM\..\Run: [8c4570f4] rundll32.exe "C:\WINDOWS\system32\gdhcuumg.dll",b
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k



Reboot and post a new hijackthis log.
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#7 IsaacInfante

IsaacInfante
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:15 AM

Posted 04 February 2008 - 12:07 PM

Hello Sam can you please tell me how to send you the kaspersky log. I have been trying with no success. It is too big to put it on here. However I do not have much knowledge on how to send files anyway. Sorry!!! I will send it as soon as you advise.

#8 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:10:15 AM

Posted 05 February 2008 - 09:04 AM

First you need to make sure you save the log onto your desktop or someplace else where you can find it easily. Then click on Add Reply here in your thread. Down and to the right of the main text box that you type into you'll see a green button called "UPLOAD". Next to it another button called "Browse..." Click on Browse and then navigate to where you have your log saved. Double click on it. Then click on the UPLOAD button and the log will be attached to your reply.

Let me know how it goes.
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#9 IsaacInfante

IsaacInfante
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:15 AM

Posted 05 February 2008 - 05:10 PM

Hello Sam I tried to upload it here. However the file is so big it wont attach it. Even as zip file. It is 41.5 MB (43,590,078 bytes).

Edited by IsaacInfante, 05 February 2008 - 05:23 PM.


#10 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:10:15 AM

Posted 06 February 2008 - 08:55 AM

I'm guessing that this log contains much more information than I really need to see because I've never seen a log that large. Can you review the log for the part that shows infected files. It should be at the beginning. That's the only part I need to see. It should be manageable enough so that you can copy just that text and post it here.
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#11 IsaacInfante

IsaacInfante
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:15 AM

Posted 08 February 2008 - 03:50 PM

Scan My Computer
----------------
Scanned: 341716
Detected: 28
Untreated: 19
Start time: 2/4/2008 1:41:06 AM
Duration: 01:31:21
Finish time: 2/4/2008 3:12:27 AM
Signatures published: 2/3/2008 10:23:34 PM


Detected
--------
Status Object
------ ------
detected: Trojan program Trojan-Spy.HTML.Fraud.gen (modification) File: C:\Documents and Settings\All Users\Application Data\McAfee\MSK\Users\1\Back\1\M0000016143.eml
detected: Trojan program Trojan.JS.Redirector.b File: C:\Documents and Settings\All Users\Application Data\McAfee\MSK\Users\1\Front\1\M0000000680.eml
deleted: Trojan program Trojan.JS.Redirector.b File: C:\Documents and Settings\All Users\Application Data\McAfee\MSK\Users\1\Front\1\M0000000712.eml
deleted: Trojan program Trojan.JS.Redirector.b File: C:\Documents and Settings\All Users\Application Data\McAfee\MSK\Users\1\Front\1\M0000000770.eml
deleted: Trojan program Trojan.JS.Redirector.b File: C:\Documents and Settings\All Users\Application Data\McAfee\MSK\Users\1\Front\1\M0000000800.eml
deleted: Trojan program Trojan.JS.Redirector.b File: C:\Documents and Settings\All Users\Application Data\McAfee\MSK\Users\1\Front\1\M0000000818.eml
detected: Trojan program Trojan-Spy.HTML.Fraud.gen (modification) File: C:\Documents and Settings\All Users\Application Data\McAfee\MSK\Users\1\Front\1\M0000003362.eml
detected: Trojan program Trojan-Spy.HTML.Fraud.gen (modification) File: C:\Documents and Settings\All Users\Application Data\McAfee\MSK\Users\1\Front\1\M0000004764.eml
detected: Trojan program Trojan-Spy.HTML.Fraud.gen (modification) File: C:\Documents and Settings\All Users\Application Data\McAfee\MSK\Users\1\Front\1\M0000004824.eml
detected: Trojan program Trojan-Spy.HTML.Fraud.gen (modification) File: C:\Documents and Settings\All Users\Application Data\McAfee\MSK\Users\1\Front\1\M0000007864.eml
detected: Trojan program Trojan-Spy.HTML.Fraud.gen (modification) File: C:\Documents and Settings\All Users\Application Data\McAfee\MSK\Users\1\Front\1\M0000011400.eml
detected: Trojan program Trojan-Spy.HTML.Fraud.gen (modification) File: C:\Documents and Settings\All Users\Application Data\McAfee\MSK\Users\1\Front\1\M0000011404.eml
detected: Trojan program Trojan-Spy.HTML.Fraud.gen (modification) File: C:\Documents and Settings\All Users\Application Data\McAfee\MSK\Users\1\Front\1\M0000011517.eml
detected: Trojan program Trojan-Spy.HTML.Fraud.gen (modification) File: C:\Documents and Settings\All Users\Application Data\McAfee\MSK\Users\1\Front\1\M0000011598.eml
deleted: adware not-a-virus:AdWare.Win32.Virtumonde.dnn File: C:\QooBox\Quarantine\catchme2008-02-03_101205.35.zip/bmuqbalz.dll
deleted: adware not-a-virus:AdWare.Win32.Virtumonde.dnn File: C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\bmuqbalz.dll.vir
deleted: adware not-a-virus:AdWare.Win32.Virtumonde.dnn File: C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lccapjxr.dll.vir
deleted: adware not-a-virus:AdWare.Win32.SuperJuan.auj File: C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\sfjvdtve.dll.vir
deleted: Trojan program Trojan.Win32.BHO.auf File: C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\tuvvvsq.dll.vir
detected: Trojan program Trojan-Spy.HTML.Fraud.gen (modification) File: c:\documents and settings\all users\application data\mcafee\msk\users\1\back\1\m0000016143.eml//[From <dailyalert@ebay.ebay.statsnotify1068307381.com>][Date Thu, 15 Jun 2006 10:49:33 -0500]/html
detected: Trojan program Trojan-Spy.HTML.Fraud.gen (modification) File: c:\documents and settings\all users\application data\mcafee\msk\users\1\front\1\m0000003362.eml//[From <help@paypalcardservices.com>][Date Fri, 05 Aug 2005 17:06:25 +0200]/html
detected: Trojan program Trojan-Spy.HTML.Fraud.gen (modification) File: c:\documents and settings\all users\application data\mcafee\msk\users\1\front\1\m0000004764.eml//[From PayPal Inc. <service@paypal.com>][Date 9 Sep 2005 19:15:09 -0000]/html
detected: Trojan program Trojan-Spy.HTML.Fraud.gen (modification) File: c:\documents and settings\all users\application data\mcafee\msk\users\1\front\1\m0000004824.eml//[From PayPal Inc. <service@paypal.com>][Date 9 Sep 2005 19:15:09 -0000]/html
detected: Trojan program Trojan-Spy.HTML.Fraud.gen (modification) File: c:\documents and settings\all users\application data\mcafee\msk\users\1\front\1\m0000007864.eml//[From "service@paypal.com" <service@paypal.com>][Date Tue, 20 Dec 2005 17:33:42 -0600]/html
detected: Trojan program Trojan-Spy.HTML.Fraud.gen (modification) File: c:\documents and settings\all users\application data\mcafee\msk\users\1\front\1\m0000011400.eml//[From <support@chase.com>][Date Wed, 8 Mar 2006 07:03:27 +0200]/html
detected: Trojan program Trojan-Spy.HTML.Fraud.gen (modification) File: c:\documents and settings\all users\application data\mcafee\msk\users\1\front\1\m0000011404.eml//[From <chase@protect3791.chase.com>][Date Wed, 28 May 2003 08:39:59 +0100]/html
detected: Trojan program Trojan-Spy.HTML.Fraud.gen (modification) File: c:\documents and settings\all users\application data\mcafee\msk\users\1\front\1\m0000011517.eml//[From <chase@protect49636.chase.com>][Date Tue, 14 Mar 2006 10:24:18 +0300]/html
detected: Trojan program Trojan-Spy.HTML.Fraud.gen (modification) File: c:\documents and settings\all users\application data\mcafee\msk\users\1\front\1\m0000011598.eml//[From <chase@protect49636.chase.com>][Date Tue, 14 Mar 2006 10:24:18 +0300]/html


Events
------
Time Name Status Reason
---- ---- ------ ------
2/4/2008 1:41:07 AM Running module: SMSS.EXE\smss.exe ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\System32\smss.exe ok iSwift
2/4/2008 1:41:07 AM Running module: SMSS.EXE\ntdll.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\ntdll.dll ok iSwift
2/4/2008 1:41:07 AM Running module: CSRSS.EXE\csrss.exe ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\csrss.exe ok iSwift
2/4/2008 1:41:07 AM Running module: CSRSS.EXE\ntdll.dll ok iChecker
2/4/2008 1:41:07 AM Running module: CSRSS.EXE\CSRSRV.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\CSRSRV.dll ok iSwift
2/4/2008 1:41:07 AM Running module: CSRSS.EXE\basesrv.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\basesrv.dll ok iSwift
2/4/2008 1:41:07 AM Running module: CSRSS.EXE\winsrv.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\winsrv.dll ok iSwift
2/4/2008 1:41:07 AM Running module: CSRSS.EXE\GDI32.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\GDI32.dll ok iSwift
2/4/2008 1:41:07 AM Running module: CSRSS.EXE\KERNEL32.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\KERNEL32.dll ok iSwift
2/4/2008 1:41:07 AM Running module: CSRSS.EXE\USER32.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\USER32.dll ok iSwift
2/4/2008 1:41:07 AM Running module: CSRSS.EXE\sxs.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\sxs.dll ok iSwift
2/4/2008 1:41:07 AM Running module: CSRSS.EXE\ADVAPI32.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\ADVAPI32.dll ok iSwift
2/4/2008 1:41:07 AM Running module: CSRSS.EXE\RPCRT4.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\RPCRT4.dll ok iSwift
2/4/2008 1:41:07 AM Running module: CSRSS.EXE\Secur32.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\Secur32.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\winlogon.exe ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\winlogon.exe ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\ntdll.dll ok iChecker
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\kernel32.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\kernel32.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\ADVAPI32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\RPCRT4.dll ok iChecker
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\Secur32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\AUTHZ.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\AUTHZ.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\msvcrt.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\msvcrt.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\CRYPT32.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\CRYPT32.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\USER32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\GDI32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\MSASN1.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\MSASN1.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\NDdeApi.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\NDdeApi.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\PROFMAP.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\PROFMAP.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\NETAPI32.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\NETAPI32.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\USERENV.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\USERENV.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\PSAPI.DLL ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\PSAPI.DLL ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\REGAPI.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\REGAPI.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\SETUPAPI.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\SETUPAPI.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\VERSION.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\VERSION.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\WINSTA.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\WINSTA.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\WINTRUST.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\WINTRUST.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\IMAGEHLP.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\IMAGEHLP.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\WS2_32.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\WS2_32.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\WS2HELP.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\WS2HELP.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\IMM32.DLL ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\IMM32.DLL ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\MSGINA.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\MSGINA.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\SHELL32.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\SHELL32.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\SHLWAPI.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\SHLWAPI.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\COMCTL32.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\COMCTL32.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\ODBC32.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\ODBC32.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\comdlg32.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\comdlg32.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\comctl32.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\odbcint.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\odbcint.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\SHSVCS.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\SHSVCS.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\sfc.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\sfc.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\sfc_os.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\sfc_os.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\ole32.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\ole32.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\Apphelp.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\Apphelp.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\msctfime.ime ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\msctfime.ime ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\WINSCARD.DLL ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\WINSCARD.DLL ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\WTSAPI32.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\WTSAPI32.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\sxs.dll ok iChecker
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\uxtheme.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\uxtheme.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\WINMM.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\WINMM.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\cscdll.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\cscdll.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\WlNotify.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\WlNotify.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\WINSPOOL.DRV ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\WINSPOOL.DRV ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\MPR.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\MPR.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\rsaenh.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\rsaenh.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\WgaLogon.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\WgaLogon.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\OLEAUT32.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\OLEAUT32.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\NTMARTA.DLL ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\NTMARTA.DLL ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\WLDAP32.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\WLDAP32.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\SAMLIB.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\SAMLIB.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\CLBCATQ.DLL ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\CLBCATQ.DLL ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\COMRes.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\COMRes.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\msv1_0.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\msv1_0.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\iphlpapi.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\iphlpapi.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\cscui.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\cscui.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\xpsp2res.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\xpsp2res.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\wdmaud.drv ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\wdmaud.drv ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\msacm32.drv ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\msacm32.drv ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\MSACM32.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\MSACM32.dll ok iSwift
2/4/2008 1:41:07 AM Running module: WINLOGON.EXE\midimap.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\midimap.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SERVICES.EXE\services.exe ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\services.exe ok iSwift
2/4/2008 1:41:07 AM Running module: SERVICES.EXE\ntdll.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SERVICES.EXE\kernel32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SERVICES.EXE\msvcrt.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SERVICES.EXE\ADVAPI32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SERVICES.EXE\RPCRT4.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SERVICES.EXE\Secur32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SERVICES.EXE\USER32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SERVICES.EXE\GDI32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SERVICES.EXE\USERENV.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SERVICES.EXE\SCESRV.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\SCESRV.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SERVICES.EXE\AUTHZ.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SERVICES.EXE\umpnpmgr.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\umpnpmgr.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SERVICES.EXE\WINSTA.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SERVICES.EXE\NETAPI32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SERVICES.EXE\NCObjAPI.DLL ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\NCObjAPI.DLL ok iSwift
2/4/2008 1:41:07 AM Running module: SERVICES.EXE\MSVCP60.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\MSVCP60.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SERVICES.EXE\ShimEng.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\ShimEng.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SERVICES.EXE\AcAdProc.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\AppPatch\AcAdProc.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SERVICES.EXE\IMM32.DLL ok iChecker
2/4/2008 1:41:07 AM Running module: SERVICES.EXE\Apphelp.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SERVICES.EXE\VERSION.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SERVICES.EXE\eventlog.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\eventlog.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SERVICES.EXE\WS2_32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SERVICES.EXE\WS2HELP.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SERVICES.EXE\PSAPI.DLL ok iChecker
2/4/2008 1:41:07 AM Running module: SERVICES.EXE\wtsapi32.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\wtsapi32.dll ok iSwift
2/4/2008 1:41:07 AM Running module: LSASS.EXE\lsass.exe ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\lsass.exe ok iSwift
2/4/2008 1:41:07 AM Running module: LSASS.EXE\ntdll.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\kernel32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\ADVAPI32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\RPCRT4.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\Secur32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\LSASRV.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\LSASRV.dll ok iSwift
2/4/2008 1:41:07 AM Running module: LSASS.EXE\MPR.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\USER32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\GDI32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\MSASN1.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\msvcrt.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\NETAPI32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\NTDSAPI.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\NTDSAPI.dll ok iSwift
2/4/2008 1:41:07 AM Running module: LSASS.EXE\DNSAPI.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\DNSAPI.dll ok iSwift
2/4/2008 1:41:07 AM Running module: LSASS.EXE\WS2_32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\WS2HELP.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\WLDAP32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\SAMLIB.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\SAMSRV.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\SAMSRV.dll ok iSwift
2/4/2008 1:41:07 AM Running module: LSASS.EXE\cryptdll.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\cryptdll.dll ok iSwift
2/4/2008 1:41:07 AM Running module: LSASS.EXE\ShimEng.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\AcGenral.DLL ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\AppPatch\AcGenral.DLL ok iSwift
2/4/2008 1:41:07 AM Running module: LSASS.EXE\WINMM.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\ole32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\OLEAUT32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\MSACM32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\VERSION.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\SHELL32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\SHLWAPI.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\USERENV.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\UxTheme.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\UxTheme.dll ok iSwift
2/4/2008 1:41:07 AM Running module: LSASS.EXE\IMM32.DLL ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\comctl32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\comctl32.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\comctl32.dll ok iSwift
2/4/2008 1:41:07 AM Running module: LSASS.EXE\msprivs.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\msprivs.dll ok iSwift
2/4/2008 1:41:07 AM Running module: LSASS.EXE\kerberos.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\kerberos.dll ok iSwift
2/4/2008 1:41:07 AM Running module: LSASS.EXE\msv1_0.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\iphlpapi.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\netlogon.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\netlogon.dll ok iSwift
2/4/2008 1:41:07 AM Running module: LSASS.EXE\w32time.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\w32time.dll ok iSwift
2/4/2008 1:41:07 AM Running module: LSASS.EXE\MSVCP60.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\schannel.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\schannel.dll ok iSwift
2/4/2008 1:41:07 AM Running module: LSASS.EXE\CRYPT32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\wdigest.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\wdigest.dll ok iSwift
2/4/2008 1:41:07 AM Running module: LSASS.EXE\rsaenh.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\scecli.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\scecli.dll ok iSwift
2/4/2008 1:41:07 AM Running module: LSASS.EXE\SETUPAPI.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\ipsecsvc.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\ipsecsvc.dll ok iSwift
2/4/2008 1:41:07 AM Running module: LSASS.EXE\AUTHZ.dll ok iChecker
2/4/2008 1:41:07 AM Running module: LSASS.EXE\oakley.DLL ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\oakley.DLL ok iSwift
2/4/2008 1:41:07 AM Running module: LSASS.EXE\WINIPSEC.DLL ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\WINIPSEC.DLL ok iSwift
2/4/2008 1:41:07 AM Running module: LSASS.EXE\mswsock.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\mswsock.dll ok iSwift
2/4/2008 1:41:07 AM Running module: LSASS.EXE\pstorsvc.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\pstorsvc.dll ok iSwift
2/4/2008 1:41:07 AM Running module: LSASS.EXE\hnetcfg.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\hnetcfg.dll ok iSwift
2/4/2008 1:41:07 AM Running module: LSASS.EXE\wshtcpip.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\System32\wshtcpip.dll ok iSwift
2/4/2008 1:41:07 AM Running module: LSASS.EXE\psbase.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\psbase.dll ok iSwift
2/4/2008 1:41:07 AM Running module: LSASS.EXE\dssenh.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\dssenh.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\svchost.exe ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\svchost.exe ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\ntdll.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\kernel32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\ADVAPI32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\RPCRT4.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\Secur32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\ShimEng.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\AcGenral.DLL ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\USER32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\GDI32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\WINMM.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\ole32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\msvcrt.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\OLEAUT32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\MSACM32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\VERSION.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\SHELL32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\SHLWAPI.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\USERENV.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\UxTheme.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\IMM32.DLL ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\comctl32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\comctl32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\NTMARTA.DLL ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\WLDAP32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\SAMLIB.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\rpcss.dll ok iChecker
2/4/2008 1:41:07 AM File: c:\windows\system32\rpcss.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\WS2_32.dll ok iChecker
2/4/2008 1:41:07 AM File: c:\windows\system32\WS2_32.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\WS2HELP.dll ok iChecker
2/4/2008 1:41:07 AM File: c:\windows\system32\WS2HELP.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\xpsp2res.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\CLBCATQ.DLL ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\COMRes.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\msi.dll ok scanned
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\msi.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\WTSAPI32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\WINSTA.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\NETAPI32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\msv1_0.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\iphlpapi.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\Apphelp.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\termsrv.dll ok iChecker
2/4/2008 1:41:07 AM File: c:\windows\system32\termsrv.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\ICAAPI.dll ok iChecker
2/4/2008 1:41:07 AM File: c:\windows\system32\ICAAPI.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\SETUPAPI.dll ok iChecker
2/4/2008 1:41:07 AM File: c:\windows\system32\SETUPAPI.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\WINTRUST.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\CRYPT32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\MSASN1.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\IMAGEHLP.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\AUTHZ.dll ok iChecker
2/4/2008 1:41:07 AM File: c:\windows\system32\AUTHZ.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\mstlsapi.dll ok iChecker
2/4/2008 1:41:07 AM File: c:\windows\system32\mstlsapi.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\ACTIVEDS.dll ok iChecker
2/4/2008 1:41:07 AM File: c:\windows\system32\ACTIVEDS.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\adsldpc.dll ok iChecker
2/4/2008 1:41:07 AM File: c:\windows\system32\adsldpc.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\ATL.DLL ok iChecker
2/4/2008 1:41:07 AM File: c:\windows\system32\ATL.DLL ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\REGAPI.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\rsaenh.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\svchost.exe ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\ntdll.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\kernel32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\ADVAPI32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\RPCRT4.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\Secur32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\ShimEng.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\AcGenral.DLL ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\USER32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\GDI32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\WINMM.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\ole32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\msvcrt.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\OLEAUT32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\MSACM32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\VERSION.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\SHELL32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\SHLWAPI.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\USERENV.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\UxTheme.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\IMM32.DLL ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\comctl32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\comctl32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\rpcss.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\WS2_32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\WS2HELP.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\xpsp2res.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\rsaenh.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\mswsock.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\hnetcfg.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\wshtcpip.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\DNSAPI.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\iphlpapi.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\winrnr.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\System32\winrnr.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\WLDAP32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\rasadhlp.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\rasadhlp.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\CLBCATQ.DLL ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\COMRes.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\msi.dll ok scanned
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\svchost.exe ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\System32\svchost.exe ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\ntdll.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\kernel32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\ADVAPI32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\RPCRT4.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\Secur32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\ShimEng.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\System32\ShimEng.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\AcGenral.DLL ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\USER32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\GDI32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\WINMM.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\System32\WINMM.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\ole32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\msvcrt.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\OLEAUT32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\MSACM32.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\System32\MSACM32.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\VERSION.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\SHELL32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\SHLWAPI.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\USERENV.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\UxTheme.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\System32\UxTheme.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\IMM32.DLL ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\comctl32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\comctl32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\NTMARTA.DLL ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\System32\NTMARTA.DLL ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\WLDAP32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\SAMLIB.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\System32\SAMLIB.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\xpsp2res.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\System32\xpsp2res.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\shsvcs.dll ok iChecker
2/4/2008 1:41:07 AM File: c:\windows\system32\shsvcs.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\WINSTA.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\System32\WINSTA.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\NETAPI32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\dhcpcsvc.dll ok iChecker
2/4/2008 1:41:07 AM File: c:\windows\system32\dhcpcsvc.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\DNSAPI.dll ok iChecker
2/4/2008 1:41:07 AM File: c:\windows\system32\DNSAPI.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\WS2_32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\WS2HELP.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\iphlpapi.dll ok iChecker
2/4/2008 1:41:07 AM File: c:\windows\system32\iphlpapi.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\rsaenh.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\System32\rsaenh.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\mswsock.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\hnetcfg.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\System32\hnetcfg.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\wshtcpip.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\wzcsvc.dll ok iChecker
2/4/2008 1:41:07 AM File: c:\windows\system32\wzcsvc.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\rtutils.dll ok iChecker
2/4/2008 1:41:07 AM File: c:\windows\system32\rtutils.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\WMI.dll ok iChecker
2/4/2008 1:41:07 AM File: c:\windows\system32\WMI.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\CRYPT32.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\MSASN1.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\WTSAPI32.dll ok iChecker
2/4/2008 1:41:07 AM File: c:\windows\system32\WTSAPI32.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\ESENT.dll ok iChecker
2/4/2008 1:41:07 AM File: c:\windows\system32\ESENT.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\ATL.DLL ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\rastls.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\System32\rastls.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\CRYPTUI.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\CRYPTUI.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\WINTRUST.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\IMAGEHLP.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\WININET.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\system32\WININET.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\MPRAPI.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\System32\MPRAPI.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\ACTIVEDS.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\System32\ACTIVEDS.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\adsldpc.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\System32\adsldpc.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\SETUPAPI.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\System32\SETUPAPI.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\RASAPI32.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\System32\RASAPI32.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\rasman.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\System32\rasman.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\TAPI32.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\System32\TAPI32.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\SCHANNEL.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\System32\SCHANNEL.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\WinSCard.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\System32\WinSCard.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\raschap.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\System32\raschap.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\msv1_0.dll ok iChecker
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\CLBCATQ.DLL ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\System32\CLBCATQ.DLL ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\COMRes.dll ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\System32\COMRes.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\schedsvc.dll ok iChecker
2/4/2008 1:41:07 AM File: c:\windows\system32\schedsvc.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\NTDSAPI.dll ok iChecker
2/4/2008 1:41:07 AM File: c:\windows\system32\NTDSAPI.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\MSIDLE.DLL ok iChecker
2/4/2008 1:41:07 AM File: C:\WINDOWS\System32\MSIDLE.DLL ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\audiosrv.dll ok iChecker
2/4/2008 1:41:07 AM File: c:\windows\system32\audiosrv.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\wkssvc.dll ok iChecker
2/4/2008 1:41:07 AM File: c:\windows\system32\wkssvc.dll ok iSwift
2/4/2008 1:41:07 AM Running module: SVCHOST.EXE\cryptsvc.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\cryptsvc.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\certcli.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\certcli.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\ersvc.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\ersvc.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\es.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\es.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\pchsvc.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\pchealth\helpctr\binaries\pchsvc.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\srvsvc.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\srvsvc.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\winspool.drv ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\winspool.drv ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\netman.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\netman.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\netshell.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\netshell.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\credui.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\credui.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\WZCSAPI.DLL ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\WZCSAPI.DLL ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\upnp.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\upnp.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\WINHTTP.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\WINHTTP.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\SSDPAPI.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\SSDPAPI.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\seclogon.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\seclogon.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\sens.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\sens.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\srsvc.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\srsvc.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\POWRPROF.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\POWRPROF.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\SXS.DLL ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\SXS.DLL ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\tapisrv.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\tapisrv.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\PSAPI.DLL ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\PSAPI.DLL ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\trkwks.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\trkwks.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\w32time.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\w32time.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\MSVCP60.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\MSVCP60.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\wuauserv.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\wuauserv.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\wmisvc.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\wbem\wmisvc.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\VSSAPI.DLL ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\VSSAPI.DLL ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\wuaueng.dll ok scanned
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\wuaueng.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\Cabinet.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\Cabinet.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\mspatcha.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\mspatcha.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\ipnathlp.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\ipnathlp.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\AUTHZ.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\wscsvc.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\wscsvc.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\msi.dll ok scanned
2/4/2008 1:41:08 AM File: c:\windows\system32\msi.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\sfc.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\sfc.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\sfc_os.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\sfc_os.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\wbemcomn.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\wbem\wbemcomn.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\winrnr.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\wbemcore.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\Wbem\wbemcore.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\esscli.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\Wbem\esscli.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\FastProx.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\Wbem\FastProx.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\wbemsvc.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\wbem\wbemsvc.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\comsvcs.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\comsvcs.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\colbact.DLL ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\colbact.DLL ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\MTXCLU.DLL ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\MTXCLU.DLL ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\WSOCK32.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\WSOCK32.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\CLUSAPI.DLL ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\CLUSAPI.DLL ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\RESUTILS.DLL ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\RESUTILS.DLL ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\netcfgx.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\netcfgx.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\browser.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\browser.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\unimdm.tsp ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\unimdm.tsp ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\uniplat.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\uniplat.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\wmiutils.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\wbem\wmiutils.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\unimdmat.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\unimdmat.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\modemui.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\modemui.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\repdrvfs.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\wbem\repdrvfs.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\rasmans.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\rasmans.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\WINIPSEC.DLL ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\WINIPSEC.DLL ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\kmddsp.tsp ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\kmddsp.tsp ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\ndptsp.tsp ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\ndptsp.tsp ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\ipconf.tsp ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\ipconf.tsp ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\h323.tsp ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\h323.tsp ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\wmiprvsd.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\wbem\wmiprvsd.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\NCObjAPI.DLL ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\hidphone.tsp ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\hidphone.tsp ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\HID.DLL ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\HID.DLL ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\wbemess.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\wbem\wbemess.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\ncprov.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\wbem\ncprov.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\msxml3.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\msxml3.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\Apphelp.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\wups2.dll ok scanned
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\wups2.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\qmgr.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\qmgr.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\MPR.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\SHFOLDER.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\SHFOLDER.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\qmgrprxy.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\qmgrprxy.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\rastapi.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\rastapi.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\rasadhlp.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\rasadhlp.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\rasppp.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\rasppp.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\ntlsapi.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\ntlsapi.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\kerberos.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\cryptdll.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\cryptdll.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\RASDLG.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\RASDLG.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\urlmon.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\urlmon.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\svchost.exe ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\ntdll.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\kernel32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\ADVAPI32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\RPCRT4.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\Secur32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\ShimEng.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\AcGenral.DLL ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\USER32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\GDI32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\WINMM.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\ole32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\msvcrt.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\OLEAUT32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\MSACM32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\VERSION.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\SHELL32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\SHLWAPI.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\USERENV.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\UxTheme.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\IMM32.DLL ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\comctl32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\comctl32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\dnsrslvr.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\dnsrslvr.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\DNSAPI.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\WS2_32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\WS2HELP.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\iphlpapi.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\mswsock.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\hnetcfg.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\wshtcpip.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\svchost.exe ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\ntdll.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\kernel32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\ADVAPI32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\RPCRT4.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\Secur32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\ShimEng.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\AcGenral.DLL ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\USER32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\GDI32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\WINMM.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\ole32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\msvcrt.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\OLEAUT32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\MSACM32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\VERSION.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\SHELL32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\SHLWAPI.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\USERENV.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\UxTheme.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\IMM32.DLL ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\comctl32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\comctl32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\NTMARTA.DLL ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\WLDAP32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\SAMLIB.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\xpsp2res.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\lmhsvc.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\lmhsvc.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\iphlpapi.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\WS2_32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\WS2HELP.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\webclnt.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\webclnt.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\WININET.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\CRYPT32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\MSASN1.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\wsock32.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\wsock32.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\alrsvc.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\alrsvc.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\NETAPI32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\ssdpsrv.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\windows\system32\ssdpsrv.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\hnetcfg.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\CLBCATQ.DLL ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\COMRes.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\mswsock.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\wshtcpip.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\rsaenh.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\httpapi.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\httpapi.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\WINHTTP.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\DNSAPI.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\rasadhlp.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\RASAPI32.DLL ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\RASAPI32.DLL ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\rasman.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\rasman.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\TAPI32.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\TAPI32.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\rtutils.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\rtutils.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\msv1_0.dll ok iChecker
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\sensapi.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\sensapi.dll ok iSwift
2/4/2008 1:41:08 AM Running module: SVCHOST.EXE\winrnr.dll ok iChecker
2/4/2008 1:41:08 AM Running module: aawservice.exe\aawservice.exe ok iChecker
2/4/2008 1:41:08 AM File: C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe ok iSwift
2/4/2008 1:41:08 AM Running module: aawservice.exe\ntdll.dll ok iChecker
2/4/2008 1:41:08 AM Running module: aawservice.exe\kernel32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: aawservice.exe\CEAPI.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\Program Files\Lavasoft\Ad-Aware 2007\CEAPI.dll ok iSwift
2/4/2008 1:41:08 AM Running module: aawservice.exe\ADVAPI32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: aawservice.exe\RPCRT4.dll ok iChecker
2/4/2008 1:41:08 AM Running module: aawservice.exe\Secur32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: aawservice.exe\SHLWAPI.dll ok iChecker
2/4/2008 1:41:08 AM Running module: aawservice.exe\GDI32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: aawservice.exe\USER32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: aawservice.exe\msvcrt.dll ok iChecker
2/4/2008 1:41:08 AM Running module: aawservice.exe\WS2_32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: aawservice.exe\WS2HELP.dll ok iChecker
2/4/2008 1:41:08 AM Running module: aawservice.exe\PKArchive85u.dll ok scanned
2/4/2008 1:41:08 AM File: C:\Program Files\Lavasoft\Ad-Aware 2007\PKArchive85u.dll ok iSwift
2/4/2008 1:41:08 AM Running module: aawservice.exe\SHELL32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: aawservice.exe\ole32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: aawservice.exe\CRYPT32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: aawservice.exe\MSASN1.dll ok iChecker
2/4/2008 1:41:08 AM Running module: aawservice.exe\WLDAP32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: aawservice.exe\PSAPI.DLL ok iChecker
2/4/2008 1:41:08 AM Running module: aawservice.exe\VERSION.dll ok iChecker
2/4/2008 1:41:08 AM Running module: aawservice.exe\WININET.dll ok iChecker
2/4/2008 1:41:08 AM Running module: aawservice.exe\OLEAUT32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: aawservice.exe\Update.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\Program Files\Lavasoft\Ad-Aware 2007\Update.dll ok iSwift
2/4/2008 1:41:08 AM Running module: aawservice.exe\WSOCK32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: aawservice.exe\USERENV.dll ok iChecker
2/4/2008 1:41:08 AM Running module: aawservice.exe\IMM32.DLL ok iChecker
2/4/2008 1:41:08 AM Running module: aawservice.exe\comctl32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: aawservice.exe\comctl32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: aawservice.exe\rsaenh.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\spoolsv.exe ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\spoolsv.exe ok iSwift
2/4/2008 1:41:08 AM Running module: spoolsv.exe\ntdll.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\kernel32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\ADVAPI32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\RPCRT4.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\Secur32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\GDI32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\USER32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\msvcrt.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\ShimEng.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\AcGenral.DLL ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\WINMM.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\ole32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\OLEAUT32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\MSACM32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\VERSION.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\SHELL32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\SHLWAPI.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\USERENV.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\UxTheme.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\IMM32.DLL ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\comctl32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\comctl32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\SPOOLSS.DLL ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\SPOOLSS.DLL ok iSwift
2/4/2008 1:41:08 AM Running module: spoolsv.exe\WS2_32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\WS2HELP.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\DNSAPI.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\rasadhlp.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\localspl.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\localspl.dll ok iSwift
2/4/2008 1:41:08 AM Running module: spoolsv.exe\sfc_os.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\WINTRUST.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\CRYPT32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\MSASN1.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\IMAGEHLP.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\winspool.drv ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\winspool.drv ok iSwift
2/4/2008 1:41:08 AM Running module: spoolsv.exe\netapi32.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\netapi32.dll ok iSwift
2/4/2008 1:41:08 AM Running module: spoolsv.exe\cnbjmon.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\cnbjmon.dll ok iSwift
2/4/2008 1:41:08 AM Running module: spoolsv.exe\dlbulmpm.DLL ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\dlbulmpm.DLL ok iSwift
2/4/2008 1:41:08 AM Running module: spoolsv.exe\MPR.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\mswsock.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\mswsock.dll ok iSwift
2/4/2008 1:41:08 AM Running module: spoolsv.exe\winrnr.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\WLDAP32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\hnetcfg.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\wshtcpip.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\dldolmpm.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\dldolmpm.dll ok iSwift
2/4/2008 1:41:08 AM Running module: spoolsv.exe\SETUPAPI.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\cfgMgr32.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\cfgMgr32.dll ok iSwift
2/4/2008 1:41:08 AM Running module: spoolsv.exe\iphlpapi.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\DLDOPMON.DLL ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\DLDOPMON.DLL ok iSwift
2/4/2008 1:41:08 AM Running module: spoolsv.exe\IMGMAN32.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\IMGMAN32.dll ok iSwift
2/4/2008 1:41:08 AM Running module: spoolsv.exe\comdlg32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\IM31IMG.DIL ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\IM31IMG.DIL ok iSwift
2/4/2008 1:41:08 AM Running module: spoolsv.exe\DLDOOEM.DLL ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\DLDOOEM.DLL ok iSwift
2/4/2008 1:41:08 AM Running module: spoolsv.exe\ipcmt.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\Program Files\Dell 968 AIO Printer\ipcmt.dll ok iSwift
2/4/2008 1:41:08 AM Running module: spoolsv.exe\FXSMON.DLL ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\FXSMON.DLL ok iSwift
2/4/2008 1:41:08 AM Running module: spoolsv.exe\FXSEVENT.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\FXSEVENT.dll ok iSwift
2/4/2008 1:41:08 AM Running module: spoolsv.exe\pjlmon.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\pjlmon.dll ok iSwift
2/4/2008 1:41:08 AM Running module: spoolsv.exe\tcpmon.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\tcpmon.dll ok iSwift
2/4/2008 1:41:08 AM Running module: spoolsv.exe\usbmon.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\usbmon.dll ok iSwift
2/4/2008 1:41:08 AM Running module: spoolsv.exe\dldodrpp.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\spool\PRTPROCS\W32X86\dldodrpp.dll ok iSwift
2/4/2008 1:41:08 AM Running module: spoolsv.exe\DLBUPP5C.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\spool\PRTPROCS\W32X86\DLBUPP5C.dll ok iSwift
2/4/2008 1:41:08 AM Running module: spoolsv.exe\WfxPrint2000.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\spool\PRTPROCS\W32X86\WfxPrint2000.dll ok iSwift
2/4/2008 1:41:08 AM Running module: spoolsv.exe\win32spl.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\win32spl.dll ok iSwift
2/4/2008 1:41:08 AM Running module: spoolsv.exe\NETRAP.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\NETRAP.dll ok iSwift
2/4/2008 1:41:08 AM Running module: spoolsv.exe\NTDSAPI.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\CLBCATQ.DLL ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\COMRes.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\xpsp2res.dll ok iChecker
2/4/2008 1:41:08 AM Running module: spoolsv.exe\inetpp.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\inetpp.dll ok iSwift
2/4/2008 1:41:08 AM Running module: LVPrcSrv.exe\LVPrcSrv.exe ok iChecker
2/4/2008 1:41:08 AM File: C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe ok iSwift
2/4/2008 1:41:08 AM Running module: LVPrcSrv.exe\ntdll.dll ok iChecker
2/4/2008 1:41:08 AM Running module: LVPrcSrv.exe\kernel32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: LVPrcSrv.exe\VERSION.dll ok iChecker
2/4/2008 1:41:08 AM Running module: LVPrcSrv.exe\PSAPI.DLL ok iChecker
2/4/2008 1:41:08 AM Running module: LVPrcSrv.exe\USER32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: LVPrcSrv.exe\GDI32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: LVPrcSrv.exe\ADVAPI32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: LVPrcSrv.exe\RPCRT4.dll ok iChecker
2/4/2008 1:41:08 AM Running module: LVPrcSrv.exe\Secur32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: LVPrcSrv.exe\SHELL32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: LVPrcSrv.exe\msvcrt.dll ok iChecker
2/4/2008 1:41:08 AM Running module: LVPrcSrv.exe\SHLWAPI.dll ok iChecker
2/4/2008 1:41:08 AM Running module: LVPrcSrv.exe\IMM32.DLL ok iChecker
2/4/2008 1:41:08 AM Running module: LVPrcSrv.exe\comctl32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: LVPrcSrv.exe\comctl32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\Explorer.EXE ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\Explorer.EXE ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\ntdll.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\kernel32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\ADVAPI32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\RPCRT4.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\Secur32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\BROWSEUI.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\BROWSEUI.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\GDI32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\USER32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\msvcrt.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\ole32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\SHLWAPI.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\OLEAUT32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\SHDOCVW.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\SHDOCVW.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\CRYPT32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\MSASN1.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\CRYPTUI.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\WINTRUST.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\IMAGEHLP.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\NETAPI32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\WININET.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\WLDAP32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\VERSION.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\SHELL32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\UxTheme.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\ShimEng.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\AcGenral.DLL ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\WINMM.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\MSACM32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\USERENV.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\IMM32.DLL ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\comctl32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\comctl32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\msctfime.ime ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\appHelp.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\appHelp.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\CLBCATQ.DLL ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\COMRes.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\cscui.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\cscui.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\CSCDLL.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\CSCDLL.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\themeui.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\themeui.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\MSIMG32.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\MSIMG32.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\xpsp2res.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\actxprxy.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\actxprxy.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\SAMLIB.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\LINKINFO.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\LINKINFO.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\ntshrui.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\ntshrui.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\ATL.DLL ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\ATL.DLL ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\urlmon.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\SETUPAPI.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\NETSHELL.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\NETSHELL.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\rtutils.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\credui.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\credui.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\WS2_32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\WS2HELP.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\iphlpapi.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\msi.dll ok scanned
2/4/2008 1:41:08 AM Running module: explorer.exe\MSCTF.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\MSCTF.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\rsaenh.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\WINSTA.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\webcheck.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\webcheck.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\WSOCK32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\stobject.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\stobject.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\BatMeter.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\BatMeter.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\POWRPROF.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\POWRPROF.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\WTSAPI32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\upnpui.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\upnpui.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\upnp.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\WINHTTP.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\SSDPAPI.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\wdmaud.drv ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\msacm32.drv ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\midimap.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\LVPrcInj.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\hnetcfg.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\mswsock.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\wshtcpip.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\WPDShServiceObj.dll ok scanned
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\WPDShServiceObj.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\MPR.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\drprov.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\drprov.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\ntlanman.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\ntlanman.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\NETUI0.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\NETUI0.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\NETUI1.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\NETUI1.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\NETRAP.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\NETRAP.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\davclnt.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\System32\davclnt.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\mydocs.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\mydocs.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\PortableDeviceTypes.dll ok scanned
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\PortableDeviceTypes.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\PortableDeviceApi.dll ok scanned
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\PortableDeviceApi.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\fxsst.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\fxsst.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\WINSPOOL.DRV ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\FXSAPI.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\FXSAPI.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\msxml3.dll ok iChecker
2/4/2008 1:41:08 AM Running module: explorer.exe\ctagent.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\ctagent.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\PDFShell.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll ok iSwift
2/4/2008 1:41:08 AM Running module: explorer.exe\SXS.DLL ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\SXS.DLL ok iSwift
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\CTHELPER.EXE ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\CTHELPER.EXE ok iSwift
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\ntdll.dll ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\kernel32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\SETUPAPI.dll ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\msvcrt.dll ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\ADVAPI32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\RPCRT4.dll ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\Secur32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\GDI32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\USER32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\MFC42.DLL ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\MFC42.DLL ok iSwift
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\ole32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\IMM32.DLL ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\COMCTL32.DLL ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\COMCTL32.DLL ok iSwift
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\uxtheme.dll ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\msctfime.ime ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\CLBCATQ.DLL ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\COMRes.dll ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\OLEAUT32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\VERSION.dll ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\CTDCIFCE.DLL ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\SYSTEM32\CTDCIFCE.DLL ok iSwift
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\CTDC0001.DLL ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\SYSTEM32\CTDC0001.DLL ok iSwift
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\WINMM.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\SYSTEM32\WINMM.dll ok iSwift
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\ctosuser.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\SYSTEM32\ctosuser.dll ok iSwift
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\CTDPROXY.DLL ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\SYSTEM32\CTDPROXY.DLL ok iSwift
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\PIAPROXY.DLL ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\SYSTEM32\PIAPROXY.DLL ok iSwift
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\ctagent.dll ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\ctspkhlp.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\ctspkhlp.dll ok iSwift
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\DSOUND.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\DSOUND.dll ok iSwift
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\WINTRUST.dll ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\CRYPT32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\MSASN1.dll ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\IMAGEHLP.dll ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\wdmaud.drv ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\msacm32.drv ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\MSACM32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\midimap.dll ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\KsUser.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\KsUser.dll ok iSwift
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\NTMARTA.DLL ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\WLDAP32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\SAMLIB.dll ok iChecker
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\CTDCRES.DLL ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\CTDCRES.DLL ok iSwift
2/4/2008 1:41:08 AM Running module: CTHELPER.EXE\MSCTF.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Dit.exe\Dit.exe ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\Dit.exe ok iSwift
2/4/2008 1:41:08 AM Running module: Dit.exe\ntdll.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Dit.exe\kernel32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Dit.exe\SETUPAPI.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Dit.exe\msvcrt.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Dit.exe\ADVAPI32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Dit.exe\RPCRT4.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Dit.exe\Secur32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Dit.exe\GDI32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Dit.exe\USER32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Dit.exe\CFGMGR32.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\CFGMGR32.dll ok iSwift
2/4/2008 1:41:08 AM Running module: Dit.exe\IMM32.DLL ok iChecker
2/4/2008 1:41:08 AM Running module: Dit.exe\uxtheme.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Dit.exe\msctfime.ime ok iChecker
2/4/2008 1:41:08 AM Running module: Dit.exe\ole32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Dit.exe\MSCTF.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\mcagent.exe ok iChecker
2/4/2008 1:41:08 AM File: C:\Program Files\McAfee.com\Agent\mcagent.exe ok iSwift
2/4/2008 1:41:08 AM Running module: mcagent.exe\ntdll.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\kernel32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\VERSION.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\WINTRUST.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\msvcrt.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\CRYPT32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\ADVAPI32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\RPCRT4.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\Secur32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\USER32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\GDI32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\MSASN1.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\IMAGEHLP.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\SHELL32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\SHLWAPI.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\ole32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\OLEAUT32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\WININET.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\IMM32.DLL ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\comctl32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\comctl32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\McRes.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\PROGRA~1\McAfee\MSC\McRes.dll ok iSwift
2/4/2008 1:41:08 AM Running module: mcagent.exe\McLocRes.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\PROGRA~1\McAfee\MSC\McLocRes.dll ok iSwift
2/4/2008 1:41:08 AM Running module: mcagent.exe\Mccobres.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\Program Files\McAfee\MSC\oem\0-197\Mccobres.dll ok iSwift
2/4/2008 1:41:08 AM Running module: mcagent.exe\Mccobres.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\PROGRA~1\McAfee\MSC\Mccobres.dll ok iSwift
2/4/2008 1:41:08 AM Running module: mcagent.exe\NTMARTA.DLL ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\WLDAP32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\SAMLIB.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\uxtheme.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\msctfime.ime ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\wtsapi32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\WINSTA.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\NETAPI32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\CLBCATQ.DLL ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\COMRes.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\msxml4.dll ok iChecker
2/4/2008 1:41:08 AM File: c:\WINDOWS\system32\msxml4.dll ok iSwift
2/4/2008 1:41:08 AM Running module: mcagent.exe\mcsubmgr.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\Program Files\McAfee\MSC\mcsubmgr\8,0,226,0\mcsubmgr.dll ok iSwift
2/4/2008 1:41:08 AM Running module: mcagent.exe\SETUPAPI.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\psapi.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\psapi.dll ok iSwift
2/4/2008 1:41:08 AM Running module: mcagent.exe\rsaenh.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\xpsp2res.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\userenv.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\userenv.dll ok iSwift
2/4/2008 1:41:08 AM Running module: mcagent.exe\MSCTF.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\mccoreps.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\Program Files\Common Files\McAfee\Core\mccoreps.dll ok iSwift
2/4/2008 1:41:08 AM Running module: mcagent.exe\mcmispps.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\Program Files\McAfee\MSC\mcmispps.dll ok iSwift
2/4/2008 1:41:08 AM Running module: mcagent.exe\msxml3.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\winhttp.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\winhttp.dll ok iSwift
2/4/2008 1:41:08 AM Running module: mcagent.exe\mcagntps.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\Program Files\McAfee.com\Agent\mcagntps.dll ok iSwift
2/4/2008 1:41:08 AM Running module: mcagent.exe\mccfgpv.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\Program Files\McAfee\MSC\mccfgpv.dll ok iSwift
2/4/2008 1:41:08 AM Running module: mcagent.exe\RASAPI32.DLL ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\rasman.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\WS2_32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\WS2HELP.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\TAPI32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\rtutils.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\WINMM.dll ok iChecker
2/4/2008 1:41:08 AM Running module: mcagent.exe\mcuicfg.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\Program Files\McAfee\MSC\mcuicfg.dll ok iSwift
2/4/2008 1:41:08 AM Running module: mcagent.exe\ctagent.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\Communications_Helper.exe ok iChecker
2/4/2008 1:41:08 AM File: C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ok iSwift
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\ntdll.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\kernel32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\WINMM.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\USER32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\GDI32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\ADVAPI32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\RPCRT4.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\Secur32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\SHELL32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\msvcrt.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\SHLWAPI.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\ole32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\OLEAUT32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\SensApi.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\SensApi.dll ok iSwift
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\IMM32.DLL ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\comctl32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\comctl32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\uxtheme.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\CLBCATQ.DLL ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\COMRes.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\VERSION.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\msi.dll ok scanned
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\xpsp2res.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\MSCTF.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\DevMngr.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\Program Files\Common Files\LogiShrd\LComMgr\DevMngr.dll ok iSwift
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\SETUPAPI.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\msctfime.ime ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\LVCSCli.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSCli.dll ok iSwift
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\CFGMGR32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\HID.DLL ok iChecker
2/4/2008 1:41:08 AM File: C:\WINDOWS\system32\HID.DLL ok iSwift
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\LVCSPS.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSPS.dll ok iSwift
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\wtsapi32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\WINSTA.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\NETAPI32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\WINTRUST.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\CRYPT32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\MSASN1.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\IMAGEHLP.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\wdmaud.drv ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\msacm32.drv ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\MSACM32.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\midimap.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\EFVal.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\Program Files\Logitech\QuickCam\EFVal.dll ok iSwift
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\LogiCordless.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\Program Files\Common Files\LogiShrd\LComMgr\LogiCordless.dll ok iSwift
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\LogiCordless4001.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\Program Files\Common Files\LogiShrd\LComMgr\LogiCordless4001.dll ok iSwift
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\LogiVOIPDevicePlugin.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\Program Files\Common Files\LogiShrd\LComMgr\LogiVOIPDevicePlugin.dll ok iSwift
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\BRSkypePlugin.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\Program Files\Common Files\LogiShrd\LComMgr\BRSkypePlugin.dll ok iSwift
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\YahooPlugin.dll ok iChecker
2/4/2008 1:41:08 AM File: C:\Program Files\Common Files\LogiShrd\LComMgr\YahooPlugin.dll ok iSwift
2/4/2008 1:41:08 AM Running module: Communications_Helper.exe\SXS.DLL ok iChecker
2/4/2008 1:41:08 AM Running module: Quickcam.exe\Quickcam.exe ok iChecker
2/4/2008 1:41:08 AM File: C:\Program Files\Logitech\QuickCam\Quickcam.exe ok iSwift
2/4/2008 1:41:08 AM Running module: Quickcam.exe\ntdll.dll ok iChecker
2/4/2008 1:41:08 AM Running module: Quickcam.exe\kernel32.dll ok iChecker

#12 IsaacInfante

IsaacInfante
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:15 AM

Posted 08 February 2008 - 05:35 PM

Hello Sam the last post is the kaspersky log. Now here is the latest hijackthis log. Thank you for all your help thus far.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:35:56 PM, on 2/8/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 SOS\avp.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\dldoserv.exe
C:\WINDOWS\system32\dldocoms.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\McAfee\MBK\MBackMonitor.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\SiteAdvisor\6253\SAService.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\Dit.exe
C:\WINDOWS\DitExp.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 SOS\avp.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Yahoo!\Yahoo! Music Engine\ymusicid.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\MMJB.EXE
C:\Program Files\Musicmatch\Musicmatch Jukebox\MMDiag.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_director.exe
C:\PROGRA~1\MUSICM~1\MUSICM~3\MM_TDM~1.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 192.168.254.254
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn4\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn4\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn4\yt.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [McAfee Backup] C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
O4 - HKLM\..\Run: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 SOS\avp.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [gcNotifier] C:\Documents and Settings\Isaac\Local Settings\Application Data\VTShared\GCNotifier.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EP...l_v1-0-3-24.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {78AEEDE8-7345-4FB5-A8FE-4BFF16EF25FC} (McAfee Virtual Technician Control Class) - http://us-download.mcafee.com/products/protected/mvt/mvt.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/games/web_...aploader_v6.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 SOS\avp.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: dlbu_device - Dell - C:\WINDOWS\system32\dlbucoms.exe
O23 - Service: dldoCATSCustConnectService - Unknown owner - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\dldoserv.exe
O23 - Service: dldo_device - - C:\WINDOWS\system32\dldocoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

--
End of file - 13357 bytes

#13 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:10:15 AM

Posted 08 February 2008 - 10:34 PM

It's looking pretty good. How are things working on your end? Any problems?
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#14 IsaacInfante

IsaacInfante
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:15 AM

Posted 09 February 2008 - 08:00 AM

Hello Sam! Just to let you know I havent had anymore problems. No more 41 windows or pop ups. I was just wondering if it is gone. Thank you so much!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

#15 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:10:15 AM

Posted 09 February 2008 - 07:40 PM

Yes, your log is looking good to me. Let's finish up a few things and you should be good to go. :thumbsup:


You will want to get your recovery console installed. Check this link for info on how to do that.

http://www.bleepingcomputer.com/tutorials/how-to-install-the-windows-xp-recovery-console/


==================



And finally, let's get rid of Combofix now that we're done with it.
  • Click START then RUN
  • Now type Combofix /u in the runbox and click OK

    • Posted Image
  • When shown the disclaimer, Select "2"
The above procedure will:
  • Delete the following:
    • ComboFix and its associated files and folders.
    • VundoFix backups, if present
    • The C:\Deckard folder, if present
    • The C:_OtMoveIt folder, if present
  • Reset the clock settings.
  • Hide file extensions, if required.
  • Hide System/Hidden files, if required.
  • Reset System Restore.

==================



Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:
  • Disable and Enable System Restore. - If you are using Windows ME or XP then you should disable and reenable system restore to make sure there are no infected files found in a restore point left over from what we have just cleaned.

    You can find instructions on how to enable and reenable system restore here:

    Windows XP System Restore Guide

    Renable system restore with instructions from tutorial above

  • Make your Internet Explorer more secure - This can be done by following these simple instructions:
    • From within Internet Explorer click on the Tools menu and then click on Options.
    • Click once on the Security tab
    • Click once on the Internet icon so it becomes highlighted.
    • Click once on the Custom Level button.
      • Change the Download signed ActiveX controls to Prompt
      • Change the Download unsigned ActiveX controls to Disable
      • Change the Initialize and script ActiveX controls not marked as safe to Disable
      • Change the Installation of desktop items to Prompt
      • Change the Launching programs and files in an IFRAME to Prompt
      • Change the Navigate sub-frames across different domains to Prompt
      • When all these settings have been made, click on the OK button.
      • If it prompts you as to whether or not you want to save the settings, press the Yes button.
    • Next press the Apply button and then the OK to exit the Internet Properties page.
  • Use an AntiVirus Software - It is very important that your computer has an anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future.

    See this link for a listing of some online & their stand-alone antivirus programs:

    Virus, Spyware, and Malware Protection and Removal Resources

  • Update your AntiVirus Software - It is imperitive that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.

  • Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is succeptible to being hacked and taken over. I am very serious about this and see it happen almost every day with my clients. Simply using a Firewall in its default configuration can lower your risk greatly.

    For a tutorial on Firewalls and a listing of some available ones see the link below:

    Understanding and Using Firewalls

  • Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

  • Install Spybot - Search and Destroy - Install and download Spybot - Search and Destroy with its TeaTimer option. This will provide realtime spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an antivirus software.

    A tutorial on installing & using this product can be found here:

    Using Spybot - Search & Destroy to remove Spyware , Malware, and Hijackers

  • Install Ad-Aware - Install and download Ad-Aware. ou should also scan your computer with program on a regular basis just as you would an antivirus software in conjunction with Spybot.

    A tutorial on installing & using this product can be found here:

    Using Ad-aware to remove Spyware, Malware, & Hijackers from Your Computer

  • Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.

    A tutorial on installing & using this product can be found here:

    Using SpywareBlaster to protect your computer from Spyware and Malware

  • Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
Follow this list and your potential for being infected again will reduce dramatically.

:wacko: :blink:
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users