Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Many, Many Window Pop-ups!


  • This topic is locked This topic is locked
2 replies to this topic

#1 alexford21

alexford21

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Athens, Greece
  • Local time:08:18 PM

Posted 08 June 2008 - 11:16 AM

Hello,
I'm infected with malware that pops up many windows when I use IE7 even Firefox 2. This is a log of Hijackthis:
-- HijackThis (run as alexford21.exe) ------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:06:58 μμ, on 8/6/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMemCrdMgr.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\PowerS.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\algs.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\alexford21\Επιφάνεια εργασίας\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\alexford21.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.gr/webhp?rls=ig
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1032
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Συνδέσεις
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe,
O1 - Hosts: AmsServer
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {542EA43D-375A-44B0-AF74-AEAFF2484092} - C:\WINDOWS\system32\vtUmNHWo.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: IEHlprObj Class - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\PROGRA~1\IWINGA~1\IWINGA~1.DLL (file missing)
O2 - BHO: Βοηθός εισόδου του Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {99972D1B-964E-49EC-92F4-1EB39F4810A5} - C:\WINDOWS\system32\vtUnopnn.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [PowerS] C:\WINDOWS\PowerS.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [YQON Agent] C:\WINDOWS\system32\28463\YQON.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Application Layer Gateway Service] C:\WINDOWS\system32\algs.exe
O4 - HKLM\..\Run: [Microsoft® System Manager] C:\WINDOWS\system32\sysmgr.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [4449176c] rundll32.exe "C:\WINDOWS\system32\wqufrvbb.dll",b
O4 - HKLM\..\Run: [BM477a24f0] Rundll32.exe "C:\WINDOWS\system32\vfuvvyxh.dll",s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Προσθήκη στο ιστολόγιο - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Προσθήκη στο ιστολόγιο στο Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Privacy Bar - {cc4b2ee5-4803-11d7-8a38-00b0d0c6b814} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab
O16 - DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} (Microsoft Virtual Server VMRC Advanced Control) - http://www.windowsvistatestdrive.com/Activ...iveXClient1.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...wlscbase370.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/popcaploader_v10.cab
O16 - DPF: {F773E7B2-62A9-4524-9109-87D2F0BEFAA4} (ChessControl Class) - http://zone.msn.com/bingame/zpagames/zpa_kqrp.cab56961.cab
O16 - DPF: {FF3C5A9F-5A99-4930-80E8-4709194C2AD3} (MSN Games Backgammon) - http://zone.msn.com/bingame/zpagames/ZPA_B...on.cab64162.cab
O20 - Winlogon Notify: crypt - C:\WINDOWS\
O20 - Winlogon Notify: vtUnopnn - C:\WINDOWS\SYSTEM32\vtUnopnn.dll
O20 - Winlogon Notify: WinCtrl32 - C:\WINDOWS\SYSTEM32\WinCtrl32.dll
O20 - Winlogon Notify: WLCtrl32 - C:\WINDOWS\SYSTEM32\WLCtrl32.dll
O23 - Service: AppMgmt - Unknown owner - C:\WINDOWS\TEMP\0.EXE (file missing)
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Browser - Unknown owner - C:\WINDOWS\TEMP\0.EXE (file missing)
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: McAfee Privacy Service (GuardDogEXE) - Unknown owner - C:\Program Files\McAfee\McAfee Privacy Service\GUARDDOG.EXE (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe (file missing)
O23 - Service: Canon PIXMA iP6000D Memory Card Manager (PDUiP6000DMemCrdMgr) - CANON INC. - C:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMemCrdMgr.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O24 - Desktop Component 1: (no name) - http://www.zoo.gr/

--
End of file - 11871 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 AFS2K - c:\windows\system32\drivers\afs2k.sys <Not Verified; Oak Technology Inc.; AFS>
R1 oreans32 - c:\windows\system32\drivers\oreans32.sys
R1 udfss - c:\windows\system32\drivers\udfss.sys
R2 BT878 (BtCap, WDM Video Capture) - c:\windows\system32\drivers\bt878.sys <Not Verified; TelSignal Co., Ltd.; CxVCap.sys>
R2 BTTUNER (BtTuner, WDM TV Tuner) - c:\windows\system32\drivers\bttuner.sys <Not Verified; TelSignal Co., Ltd.; CxTuner.sys>
R2 BTXBAR (BtXBar, WDM Crossbar) - c:\windows\system32\drivers\btxbar.sys <Not Verified; TelSignal Co., Ltd.; CxXBar.sys>
R2 TW3 - c:\windows\system32\drivers\tw3.sys <Not Verified; FeiTian Tech Co.,Ltd; ROCKEY Device Driver>
R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>
R3 Ptserial (W2K Pctel Serial Device Driver) - c:\windows\system32\drivers\ptserial.sys <Not Verified; PCTEL, INC.; HSP Modem Serial Device>
R3 Vmodem (W2K Vmodem) - c:\windows\system32\drivers\vmodem.sys <Not Verified; PCTEL, INC.; HSP Modem Modem Device>
R3 Vpctcom (W2K Vpctcom) - c:\windows\system32\drivers\vpctcom.sys <Not Verified; PCtel, Inc.; HSP Modem Virtual Control Device>
R3 Vvoice (W2K Vvoice) - c:\windows\system32\drivers\vvoice.sys <Not Verified; PCtel, Inc.; PCTEL HSP Modem Voice Device>

S0 Ahc70 - c:\windows\system32\drivers\ahc70.sys (file missing)
S0 aqO20 - c:\windows\system32\drivers\aqo20.sys (file missing)
S0 bhR08 - c:\windows\system32\drivers\bhr08.sys (file missing)
S0 blR11 - c:\windows\system32\drivers\blr11.sys (file missing)
S0 brR22 - c:\windows\system32\drivers\brr22.sys (file missing)
S0 cjR33 - c:\windows\system32\drivers\cjr33.sys (file missing)
S0 cxC54 - c:\windows\system32\drivers\cxc54.sys (file missing)
S0 Ddk38 - c:\windows\system32\drivers\ddk38.sys (file missing)
S0 dgT82 - c:\windows\system32\drivers\dgt82.sys (file missing)
S0 dxU41 - c:\windows\system32\drivers\dxu41.sys (file missing)
S0 ebQ45 - c:\windows\system32\drivers\ebq45.sys (file missing)
S0 Efm57 - c:\windows\system32\drivers\efm57.sys (file missing)
S0 ejB38 - c:\windows\system32\drivers\ejb38.sys (file missing)
S0 Eto01 - c:\windows\system32\drivers\eto01.sys (file missing)
S0 exG06 - c:\windows\system32\drivers\exg06.sys (file missing)
S0 Fki52 - c:\windows\system32\drivers\fki52.sys (file missing)
S0 flV35 - c:\windows\system32\drivers\flv35.sys (file missing)
S0 Fqf41 - c:\windows\system32\drivers\fqf41.sys (file missing)
S0 fuA74 - c:\windows\system32\drivers\fua74.sys (file missing)
S0 Fyb23 - c:\windows\system32\drivers\fyb23.sys (file missing)
S0 ggC17 - c:\windows\system32\drivers\ggc17.sys (file missing)
S0 Glq60 - c:\windows\system32\drivers\glq60.sys (file missing)
S0 gsA74 - c:\windows\system32\drivers\gsa74.sys (file missing)
S0 Hah32 - c:\windows\system32\drivers\hah32.sys (file missing)
S0 Hda45 - c:\windows\system32\drivers\hda45.sys (file missing)
S0 hqS33 - c:\windows\system32\drivers\hqs33.sys (file missing)
S0 Hyo43 - c:\windows\system32\drivers\hyo43.sys (file missing)
S0 ifL34 - c:\windows\system32\drivers\ifl34.sys (file missing)
S0 itV82 - c:\windows\system32\drivers\itv82.sys (file missing)
S0 Iwn60 - c:\windows\system32\drivers\iwn60.sys (file missing)
S0 jvF56 - c:\windows\system32\drivers\jvf56.sys (file missing)
S0 Kfc00 - c:\windows\system32\drivers\kfc00.sys (file missing)
S0 kjL40 - c:\windows\system32\drivers\kjl40.sys (file missing)
S0 kl1 - c:\windows\system32\drivers\kl1.sys (file missing)
S0 kpX33 - c:\windows\system32\drivers\kpx33.sys (file missing)
S0 lkS78 - c:\windows\system32\drivers\lks78.sys (file missing)
S0 Lpi15 - c:\windows\system32\drivers\lpi15.sys (file missing)
S0 Lqn42 - c:\windows\system32\drivers\lqn42.sys (file missing)
S0 lxO73 - c:\windows\system32\drivers\lxo73.sys (file missing)
S0 mcW13 - c:\windows\system32\drivers\mcw13.sys (file missing)
S0 Mot65 - c:\windows\system32\drivers\mot65.sys (file missing)
S0 myM58 - c:\windows\system32\drivers\mym58.sys (file missing)
S0 Oie04 - c:\windows\system32\drivers\oie04.sys (file missing)
S0 Opa03 - c:\windows\system32\drivers\opa03.sys (file missing)
S0 piX31 - c:\windows\system32\drivers\pix31.sys (file missing)
S0 pvA25 - c:\windows\system32\drivers\pva25.sys (file missing)
S0 qdT02 - c:\windows\system32\drivers\qdt02.sys (file missing)
S0 qgF63 - c:\windows\system32\drivers\qgf63.sys (file missing)
S0 rfU46 - c:\windows\system32\drivers\rfu46.sys (file missing)
S0 rnY31 - c:\windows\system32\drivers\rny31.sys (file missing)
S0 roR54 - c:\windows\system32\drivers\ror54.sys (file missing)
S0 saT55 - c:\windows\system32\drivers\sat55.sys (file missing)
S0 Stv25 - c:\windows\system32\drivers\stv25.sys (file missing)
S0 suB65 - c:\windows\system32\drivers\sub65.sys (file missing)
S0 tfW44 - c:\windows\system32\drivers\tfw44.sys (file missing)
S0 tmO64 - c:\windows\system32\drivers\tmo64.sys (file missing)
S0 Trd28 - c:\windows\system32\drivers\trd28.sys (file missing)
S0 ttJ08 - c:\windows\system32\drivers\ttj08.sys (file missing)
S0 ulF40 - c:\windows\system32\drivers\ulf40.sys (file missing)
S0 vdL41 - c:\windows\system32\drivers\vdl41.sys (file missing)
S0 vhX48 - c:\windows\system32\drivers\vhx48.sys (file missing)
S0 vjI74 - c:\windows\system32\drivers\vji74.sys (file missing)
S0 Wie83 - c:\windows\system32\drivers\wie83.sys (file missing)
S0 Winab13 - c:\windows\system32\drivers\winab13.sys (file missing)
S0 Winal53 - c:\windows\system32\drivers\winal53.sys (file missing)
S0 Winau01 - c:\windows\system32\drivers\winau01.sys (file missing)
S0 Winbm72 - c:\windows\system32\drivers\winbm72.sys (file missing)
S0 Winbo35 - c:\windows\system32\drivers\winbo35.sys (file missing)
S0 Winbo41 - c:\windows\system32\drivers\winbo41.sys (file missing)
S0 Wincf61 - c:\windows\system32\drivers\wincf61.sys (file missing)
S0 Wincl86 - c:\windows\system32\drivers\wincl86.sys (file missing)
S0 Windl83 - c:\windows\system32\drivers\windl83.sys (file missing)
S0 Windq81 - c:\windows\system32\drivers\windq81.sys (file missing)
S0 Windt03 - c:\windows\system32\drivers\windt03.sys (file missing)
S0 Winef23 - c:\windows\system32\drivers\winef23.sys (file missing)
S0 Wineu47 - c:\windows\system32\drivers\wineu47.sys (file missing)
S0 Winfc33 - c:\windows\system32\drivers\winfc33.sys (file missing)
S0 Winfg36 - c:\windows\system32\drivers\winfg36.sys (file missing)
S0 Wingg12 - c:\windows\system32\drivers\wingg12.sys (file missing)
S0 Wingi30 - c:\windows\system32\drivers\wingi30.sys (file missing)
S0 Wingj43 - c:\windows\system32\drivers\wingj43.sys (file missing)
S0 Winhe71 - c:\windows\system32\drivers\winhe71.sys (file missing)
S0 Winii71 - c:\windows\system32\drivers\winii71.sys (file missing)
S0 Winiy01 - c:\windows\system32\drivers\winiy01.sys (file missing)
S0 Winjd50 - c:\windows\system32\drivers\winjd50.sys (file missing)
S0 Winjr23 - c:\windows\system32\drivers\winjr23.sys (file missing)
S0 Winka27 - c:\windows\system32\drivers\winka27.sys (file missing)
S0 Winki70 - c:\windows\system32\drivers\winki70.sys (file missing)
S0 Winkp72 - c:\windows\system32\drivers\winkp72.sys (file missing)
S0 Winkv61 - c:\windows\system32\drivers\winkv61.sys (file missing)
S0 Winne82 - c:\windows\system32\drivers\winne82.sys (file missing)
S0 Winnk07 - c:\windows\system32\drivers\winnk07.sys (file missing)
S0 Winqw37 - c:\windows\system32\drivers\winqw37.sys (file missing)
S0 Winsg34 - c:\windows\system32\drivers\winsg34.sys (file missing)
S0 Winsr12 - c:\windows\system32\drivers\winsr12.sys (file missing)
S0 Winte42 - c:\windows\system32\drivers\winte42.sys (file missing)
S0 Wints33 - c:\windows\system32\drivers\wints33.sys (file missing)
S0 Winul21 - c:\windows\system32\drivers\winul21.sys (file missing)
S0 Winxx38 - c:\windows\system32\drivers\winxx38.sys (file missing)
S0 Wjv66 - c:\windows\system32\drivers\wjv66.sys (file missing)
S0 Wpd88 - c:\windows\system32\drivers\wpd88.sys (file missing)
S0 wuS51 - c:\windows\system32\drivers\wus51.sys (file missing)
S0 Wus88 - c:\windows\system32\drivers\wus88.sys (file missing)
S0 wvX75 - c:\windows\system32\drivers\wvx75.sys (file missing)
S0 xdN02 - c:\windows\system32\drivers\xdn02.sys (file missing)
S0 xoK31 - c:\windows\system32\drivers\xok31.sys (file missing)
S0 yoV41 - c:\windows\system32\drivers\yov41.sys (file missing)
S0 yoX52 - c:\windows\system32\drivers\yox52.sys (file missing)
S0 yuA55 - c:\windows\system32\drivers\yua55.sys (file missing)
S0 yuB20 - c:\windows\system32\drivers\yub20.sys (file missing)
S0 ywA38 - c:\windows\system32\drivers\ywa38.sys (file missing)
S1 ShldDrv (Panda File Shield Driver) - c:\windows\system32\drivers\shldrv51.sys (file missing)
S2 GdFsHook (McAfee Privacy Service File Guardian) - c:\windows\system32\drivers\gdfshk.sys (file missing)
S2 GdTdi (McAfee Privacy Service Transport Filter) - c:\windows\system32\drivers\gdtdi.sys (file missing)
S2 PavProc (Panda Process Protection Driver) - c:\windows\system32\drivers\pavproc.sys (file missing)
S3 Ad-Watch Connect Filter (Ad-Watch Connect Kernel Filter) - c:\windows\system32\drivers\nsdriver.sys (file missing)
S3 Ad-Watch Registry Filter (Ad-Watch Registry Kernel Filter) - c:\windows\system32\drivers\awrtrd.sys (file missing)
S3 dTVdrvNT - c:\documents and settings\mitsonis\επιφάνεια εργασίας\dtvdrvnt.sys (file missing)
S3 k750bus (Sony Ericsson 750 driver (WDM)) - c:\windows\system32\drivers\k750bus.sys <Not Verified; MCCI; Sony Ericsson 750>
S3 k750mdfl (Sony Ericsson 750 USB WMC Modem Filter) - c:\windows\system32\drivers\k750mdfl.sys <Not Verified; MCCI; Sony Ericsson 750 USB WMC Modem Filter Driver>
S3 k750mdm (Sony Ericsson 750 USB WMC Modem Drivers) - c:\windows\system32\drivers\k750mdm.sys <Not Verified; MCCI; Sony Ericsson 750 USB WMC Modem>
S3 k750mgmt (Sony Ericsson 750 USB WMC Device Management Drivers) - c:\windows\system32\drivers\k750mgmt.sys <Not Verified; MCCI; Sony Ericsson 750 USB WMC Device Management>
S3 k750obex (Sony Ericsson 750 USB WMC OBEX Interface Drivers) - c:\windows\system32\drivers\k750obex.sys <Not Verified; MCCI; Sony Ericsson 750 USB WMC OBEX Interface>
S3 lmimirr - c:\windows\system32\drivers\lmimirr.sys (file missing)
S3 SE2Fbus (Sony Ericsson Device 047 Driver driver (WDM)) - c:\windows\system32\drivers\se2fbus.sys <Not Verified; MCCI; Sony Ericsson Device 047 Driver>
S3 SE2Fmdfl (Sony Ericsson Device 047 USB WMC Modem Filter) - c:\windows\system32\drivers\se2fmdfl.sys <Not Verified; MCCI; Sony Ericsson Device 047 USB WMC Modem Filter Driver>
S3 SE2Fmdm (Sony Ericsson Device 047 USB WMC Modem Driver) - c:\windows\system32\drivers\se2fmdm.sys <Not Verified; MCCI; Sony Ericsson Device 047 USB WMC Data Modem>
S3 SE2Fmgmt (Sony Ericsson Device 047 USB WMC Device Management Drivers (WDM)) - c:\windows\system32\drivers\se2fmgmt.sys <Not Verified; MCCI; Sony Ericsson Device 047 USB WMC Device Management>
S3 se2Fnd5 (Sony Ericsson Device 047 USB Ethernet Emulation SEMC47 (NDIS)) - c:\windows\system32\drivers\se2fnd5.sys <Not Verified; MCCI; Sony Ericsson Device 047 USB Ethernet Emulation>
S3 SE2Fobex (Sony Ericsson Device 047 USB WMC OBEX Interface) - c:\windows\system32\drivers\se2fobex.sys <Not Verified; MCCI; Sony Ericsson Device 047 USB WMC OBEX Interface>
S3 se2Funic (Sony Ericsson Device 047 USB Ethernet Emulation SEMC47 (WDM)) - c:\windows\system32\drivers\se2funic.sys <Not Verified; MCCI; Sony Ericsson Device 047 USB Ethernet Emulation>
S3 tcpsr - c:\windows\system32\drivers\tcpsr.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 PDUiP6000DMemCrdMgr (Canon PIXMA iP6000D Memory Card Manager) - c:\program files\canon\memory card utility\pixma ip6000d\pduip6000dmemcrdmgr.exe <Not Verified; CANON INC.; Memory Card Utility>
R2 StarWindServiceAE (StarWind AE Service) - c:\program files\alcohol soft\alcohol 120\starwind\starwindserviceae.exe <Not Verified; Rocket Division Software; StarWind Alcohol Edition>

S2 Browser - c:\windows\temp\0.exe (file missing)
S2 GuardDogEXE (McAfee Privacy Service) - "c:\program files\mcafee\mcafee privacy service\guarddog.exe" /service (file missing)
S2 PavPrSrv (Panda Process Protection Service) - "c:\program files\common files\panda software\pavshld\pavprsrv.exe" (file missing)
S3 AppMgmt - c:\windows\temp\0.exe (file missing)
S3 aspnet_state (ASP.NET State Service) - c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe (file missing)
S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
S3 NMIndexingService - "c:\program files\common files\nero\lib\nmindexingservice.exe" (file missing)


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Bluetooth Device (Personal Area Network)
Device ID: BTH\MS_BTHPAN\6&18F5AA89&A&2
Manufacturer: Microsoft
Name: Bluetooth Device (Personal Area Network) #12
PNP Device ID: BTH\MS_BTHPAN\6&18F5AA89&A&2
Service: BthPan


-- Scheduled Tasks -------------------------------------------------------------

2008-06-08 09:30:13 432 --ah----- C:\WINDOWS\Tasks\User_Feed_Synchronization-{26C89B19-90F4-4EE2-A764-C57B5606C757}.job
2008-05-26 17:06:09 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2008-05-24 23:52:41 292 --ah----- C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job


-- Files created between 2008-05-08 and 2008-06-08 -----------------------------

2008-06-08 19:06:42 0 d-------- C:\Program Files\Trend Micro
2008-06-08 18:10:51 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-06-08 18:10:45 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-06-08 18:10:42 0 d-------- C:\WINDOWS\LastGood
2008-06-08 16:10:09 92160 --a------ C:\WINDOWS\system32\wqufrvbb.dll
2008-06-08 16:10:01 100352 --a------ C:\WINDOWS\system32\vfuvvyxh.dll
2008-06-07 16:17:10 92160 --a------ C:\WINDOWS\system32\lldbaipj.dll
2008-06-07 16:11:10 101376 --a------ C:\WINDOWS\system32\tpyqnqio.dll
2008-06-07 13:00:27 0 d-------- C:\Program Files\BitTorrent
2008-06-07 12:58:23 0 d-------- C:\Program Files\uTorrent
2008-06-06 20:02:14 0 d-------- C:\Documents and Settings\alexford21\Application Data\BitTorrent
2008-06-06 20:01:58 0 d-------- C:\Documents and Settings\alexford21\Application Data\DNA
2008-06-06 16:10:09 125440 --a------ C:\WINDOWS\system32\yxjaqiyg.dll
2008-06-05 16:10:51 147456 --a------ C:\WINDOWS\system32\ksqworgm.dll
2008-06-05 16:08:20 156160 --a------ C:\WINDOWS\system32\jufcepgi.dll
2008-06-04 16:15:00 116736 --a------ C:\WINDOWS\system32\ffajeeke.dll
2008-06-04 16:09:00 126976 --a------ C:\WINDOWS\system32\xxytogai.dll
2008-06-04 15:06:01 126976 --a------ C:\WINDOWS\system32\duecmako.dll
2008-06-02 21:06:03 0 d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-06-01 18:15:50 114176 --a------ C:\WINDOWS\system32\wvhqmvcp.dll
2008-06-01 15:03:20 126464 --a------ C:\WINDOWS\system32\agmfqgvd.dll
2008-05-31 15:02:13 114176 --a------ C:\WINDOWS\system32\dqrnwlac.dll
2008-05-31 15:02:04 126464 --a------ C:\WINDOWS\system32\giyabrmm.dll
2008-05-31 02:22:48 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2008-05-31 02:22:48 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX>
2008-05-31 02:22:48 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX>
2008-05-31 02:22:46 815104 --a------ C:\WINDOWS\system32\divx_xx0a.dll <Not Verified; DivX, Inc.; DivX>
2008-05-31 02:22:46 683520 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX>
2008-05-30 15:05:41 115712 --a------ C:\WINDOWS\system32\muuhcukg.dll
2008-05-30 15:02:42 125440 --a------ C:\WINDOWS\system32\ttcsmuvn.dll
2008-05-29 22:29:45 0 d-------- C:\Documents and Settings\alexford21\Application Data\Real
2008-05-29 18:09:14 0 d-------- C:\Program Files\Sony
2008-05-29 18:08:18 0 d-------- C:\Program Files\Common Files\Sony Ericsson Shared
2008-05-29 18:08:04 0 d-------- C:\Documents and Settings\All Users\Application Data\Teleca
2008-05-29 18:06:59 0 d-------- C:\Program Files\Sony Setup
2008-05-28 15:08:42 0 d-------- C:\Program Files\Daycare Nightmare
2008-05-28 15:08:11 0 d-------- C:\Program Files\Dr Daisy Pet Vet
2008-05-28 15:07:32 0 d-------- C:\Program Files\Babysitting Mania
2008-05-27 17:37:46 0 d-------- C:\WINDOWS\Eye for Design
2008-05-27 15:02:16 113664 --a------ C:\WINDOWS\system32\oibpbulj.dll
2008-05-27 14:59:16 125440 --a------ C:\WINDOWS\system32\gfsyjxga.dll
2008-05-26 22:48:51 23552 --a------ C:\WINDOWS\system32\mpfsh.exe
2008-05-26 22:14:58 23552 --a------ C:\WINDOWS\system32\gnlolna.exe
2008-05-26 19:08:54 0 d-------- C:\Program Files\ViOrb
2008-05-26 17:49:10 23552 --a------ C:\WINDOWS\system32\bornhhv.exe
2008-05-26 16:43:37 23552 --a------ C:\WINDOWS\system32\iuwyyno.exe
2008-05-26 15:56:01 23552 --a------ C:\WINDOWS\system32\rgcvh.exe
2008-05-26 15:00:34 116736 --a------ C:\WINDOWS\system32\waiqpmpc.dll
2008-05-26 14:31:33 23552 --a------ C:\WINDOWS\system32\hfwr.exe
2008-05-26 13:37:27 23552 --a------ C:\WINDOWS\system32\thtwcjq.exe
2008-05-26 13:29:26 23552 --a------ C:\WINDOWS\system32\dqquhamj.exe
2008-05-26 13:28:26 12288 --a------ C:\WINDOWS\system32\WLCtrl32.dll
2008-05-26 11:48:57 23552 --a------ C:\WINDOWS\system32\thzxj.exe
2008-05-26 11:38:34 23552 --a------ C:\WINDOWS\system32\lzjaxx.exe
2008-05-26 09:38:38 23552 --a------ C:\WINDOWS\system32\etgjtfe.exe
2008-05-25 22:38:56 23552 --a------ C:\WINDOWS\system32\oqmhaeub.exe
2008-05-25 22:11:46 23552 --a------ C:\WINDOWS\system32\qqgtbll.exe
2008-05-25 21:22:56 23552 --a------ C:\WINDOWS\system32\mtgy.exe
2008-05-25 16:52:07 23552 --a------ C:\WINDOWS\system32\qnwz.exe
2008-05-25 16:20:53 125440 --a------ C:\WINDOWS\system32\mbwrjxmf.dll
2008-05-25 16:20:07 309607 --ahs---- C:\WINDOWS\system32\rCeLVvut.ini2
2008-05-25 16:20:02 370688 --a------ C:\WINDOWS\system32\tuvVLeCr.dll
2008-05-25 16:15:14 23552 --a------ C:\WINDOWS\system32\ftkp.exe
2008-05-25 16:07:18 23552 --a------ C:\WINDOWS\system32\djoblzlq.exe
2008-05-25 15:16:19 23552 --a------ C:\WINDOWS\system32\pqofsvdr.exe
2008-05-25 15:05:09 23552 --a------ C:\WINDOWS\system32\dqug.exe
2008-05-25 14:57:21 125440 --a------ C:\WINDOWS\system32\rytxwevg.dll
2008-05-25 14:57:12 23552 --a------ C:\WINDOWS\system32\rzipwo.exe
2008-05-25 12:55:31 23552 --a------ C:\WINDOWS\system32\jnelxbc.exe
2008-05-25 12:37:06 23552 --a------ C:\WINDOWS\system32\fhstn.exe
2008-05-25 12:28:28 23552 --a------ C:\WINDOWS\system32\oqwtqg.exe
2008-05-25 11:59:49 23552 --a------ C:\WINDOWS\system32\xmpslt.exe
2008-05-24 23:26:45 0 d-------- C:\Program Files\MSBuild
2008-05-24 23:26:35 0 d-------- C:\WINDOWS\system32\XPSViewer
2008-05-24 23:26:20 0 d-------- C:\Program Files\Reference Assemblies
2008-05-24 21:50:30 23552 --a------ C:\WINDOWS\system32\hsnyby.exe
2008-05-24 21:48:31 23552 --a------ C:\WINDOWS\system32\sxlkp.exe
2008-05-24 21:44:20 23552 --a------ C:\WINDOWS\system32\iwoa.exe
2008-05-24 20:59:42 23552 --a------ C:\WINDOWS\system32\viue.exe
2008-05-24 20:47:10 23552 --a------ C:\WINDOWS\system32\dfmhu.exe
2008-05-24 19:54:30 23552 --a------ C:\WINDOWS\system32\fhwyrwqv.exe
2008-05-24 19:17:34 0 d-------- C:\Documents and Settings\alexford21\Application Data\Talkback
2008-05-24 19:06:16 23552 --a------ C:\WINDOWS\system32\dgiswe.exe
2008-05-24 18:47:22 23552 --a------ C:\WINDOWS\system32\hgwzth.exe
2008-05-24 18:41:21 23552 --a------ C:\WINDOWS\system32\ewxkxog.exe
2008-05-24 18:40:03 23552 --a------ C:\WINDOWS\system32\gxkbdq.exe
2008-05-24 18:32:17 23552 --a------ C:\WINDOWS\system32\nejdqehi.exe
2008-05-24 18:28:08 23552 --a------ C:\WINDOWS\system32\pohorg.exe
2008-05-24 18:27:18 192512 --a------ C:\WINDOWS\system32\cbOCR.dll
2008-05-24 18:23:56 568 --ah----- C:\WINDOWS\nod32fixtemdono.reg
2008-05-24 17:35:54 23552 --a------ C:\WINDOWS\system32\lbkkev.exe
2008-05-24 15:58:53 23552 --a------ C:\WINDOWS\system32\hcnp.exe
2008-05-24 15:52:48 0 d-------- C:\Documents and Settings\LocalService\Start Menu
2008-05-24 15:29:58 23552 --a------ C:\WINDOWS\system32\sysmgr.exe
2008-05-24 15:29:58 312000 --a------ C:\WINDOWS\system32\msvcrt2.dll
2008-05-24 15:29:47 45056 --a------ C:\WINDOWS\system32\clbdll.dll
2008-05-24 15:19:06 15360 --a------ C:\WINDOWS\system32\WinCtrl32.dll
2008-05-24 15:07:40 0 d--hs---- C:\WINDOWS\system32\wsnpoem
2008-05-24 13:57:11 115200 --a------ C:\WINDOWS\system32\gxxfjfsc.dll
2008-05-24 13:52:48 126464 --a------ C:\WINDOWS\system32\njeagovg.dll
2008-05-24 11:19:39 0 d-------- C:\Documents and Settings\alexford21\Application Data\InstallShield
2008-05-24 11:13:01 0 d-------- C:\Program Files\QuickTime
2008-05-24 11:09:07 0 d-------- C:\Program Files\Apple Software Update
2008-05-24 11:09:07 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-05-23 20:52:01 0 d-------- C:\Documents and Settings\All Users\Application Data\sentinel
2008-05-23 20:43:47 0 d-------- C:\Documents and Settings\All Users\Application Data\Backup
2008-05-23 20:34:12 0 d-------- C:\Program Files\Common Files\Panda Software
2008-05-23 17:41:09 114176 --a------ C:\WINDOWS\system32\kkkpjfyn.dll
2008-05-23 17:40:33 369605 --ahs---- C:\WINDOWS\system32\oWHNmUtv.ini2
2008-05-23 17:40:28 373248 --a------ C:\WINDOWS\system32\vtUmNHWo.dll
2008-05-23 17:37:32 57344 --a------ C:\WINDOWS\system32\urqrsqrP.dll
2008-05-23 17:37:24 57344 --a------ C:\WINDOWS\system32\mlJBTlmK.dll
2008-05-23 17:37:14 57344 --a------ C:\WINDOWS\system32\tuvvuUKc.dll
2008-05-23 17:36:58 57344 --a------ C:\WINDOWS\system32\xxyaXoPf.dll
2008-05-23 17:36:46 57344 --a------ C:\WINDOWS\system32\ljJCSJCs.dll
2008-05-23 17:36:38 57344 --a------ C:\WINDOWS\system32\efcBrOhI.dll
2008-05-23 17:35:25 57344 --a------ C:\WINDOWS\system32\vtUnopnn.dll
2008-05-23 01:22:18 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-05-23 01:19:46 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2008-05-23 01:19:46 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-05-23 01:18:54 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2008-05-22 20:44:13 0 d-------- C:\Documents and Settings\All Users\Application Data\Alawar Stargaze
2008-05-21 11:34:58 0 d-------- C:\Documents and Settings\alexford21\Application Data\CyberLink
2008-05-19 15:59:33 0 d-------- C:\WINDOWS\Posh Boutique
2008-05-19 13:43:58 0 d-------- C:\Documents and Settings\All Users\Application Data\Sandlot Games
2008-05-19 12:44:17 0 --a------ C:\Program Files\temp01
2008-05-18 14:19:52 0 d-------- C:\WINDOWS\Fashion Fits
2008-05-18 14:19:51 0 d-------- C:\Program Files\Fashion Fits
2008-05-18 14:19:34 0 d-------- C:\WINDOWS\Chocolatier 2
2008-05-18 14:19:34 0 d-------- C:\Program Files\Chocolatier 2
2008-05-17 11:19:37 0 d-------- C:\Documents and Settings\All Users\Application Data\Gogii Games
2008-05-11 14:08:58 0 d-------- C:\Documents and Settings\All Users\Application Data\Oberon Games
2008-05-10 22:54:03 0 d-------- C:\Program Files\DivX
2008-05-09 22:57:53 0 d-------- C:\Documents and Settings\All Users\Application Data\JollyBear
2008-05-09 17:16:35 0 d-------- C:\WINDOWS\Bigfish Games Miss Management
2008-05-08 19:14:15 0 d-------- C:\Documents and Settings\All Users\Application Data\iWin
2008-05-08 18:20:19 0 d-------- C:\Documents and Settings\All Users\Application Data\Intenium
2008-05-08 14:40:29 221184 --a------ C:\WINDOWS\system32\TubeFinder.exe <Not Verified; Koyote Soft; Tube Finder>


-- Find3M Report ---------------------------------------------------------------

2008-06-08 14:12:45 0 d-------- C:\Documents and Settings\alexford21\Application Data\OpenOffice.org2
2008-06-08 12:00:39 0 d-------- C:\Program Files\Free FLV Converter
2008-06-06 20:05:12 0 d-------- C:\Documents and Settings\alexford21\Application Data\U3
2008-06-02 22:02:59 0 d-------- C:\Program Files\Common Files\Real
2008-06-02 22:02:56 0 d-------- C:\Program Files\Real
2008-06-02 22:02:32 0 d-------- C:\Program Files\Common Files
2008-06-02 21:06:18 0 d-------- C:\Program Files\Google
2008-06-01 16:02:02 551152 --a----c- C:\WINDOWS\system32\perfh008.dat
2008-06-01 16:02:02 95336 --a----c- C:\WINDOWS\system32\perfc008.dat
2008-05-29 18:09:13 0 d-------- C:\Program Files\Sony Ericsson
2008-05-29 18:08:21 0 d-------- C:\Program Files\Common Files\Teleca Shared
2008-05-27 17:10:42 16 --a------ C:\WINDOWS\popcinfo.dat
2008-05-26 19:09:45 0 d-------- C:\Program Files\ViStart
2008-05-24 18:08:17 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-24 09:51:01 0 d-------- C:\Program Files\EA GAMES
2008-05-23 22:14:25 0 d-------- C:\Program Files\Java
2008-05-23 15:25:19 0 d-------- C:\Program Files\iWin.com
2008-05-16 21:23:45 0 d-------- C:\Program Files\Games
2008-05-02 23:51:20 0 d-------- C:\Program Files\Styler
2008-05-02 23:22:59 0 d-------- C:\Program Files\ICQ6
2008-05-02 22:14:11 0 d-------- C:\Documents and Settings\alexford21\Application Data\FindeXer
2008-04-29 09:54:35 0 d-------- C:\Program Files\Windows Live Safety Center
2008-04-27 14:41:26 0 d-------- C:\Documents and Settings\alexford21\Application Data\Teleca
2008-04-26 21:51:17 0 d-------- C:\Documents and Settings\alexford21\Application Data\LimeWire
2008-04-22 12:35:37 0 d-------- C:\Program Files\LimeWire
2008-04-22 12:08:21 0 d-------- C:\Program Files\Cooking Academy
2008-04-18 07:47:30 0 d-------- C:\Program Files\Windows Desktop Search
2008-04-17 22:35:20 0 d-------- C:\Program Files\EA SPORTS
2008-04-17 22:30:54 0 d-------- C:\Program Files\Pekka Kana 2 Level Editor 0.9 beta
2008-04-17 22:30:51 0 d-------- C:\Program Files\Pekka Kana 2
2008-04-17 22:12:00 0 d-------- C:\Program Files\Microsoft Silverlight
2008-04-16 16:37:32 0 d-------- C:\Program Files\Microsoft Games
2008-04-16 16:33:24 0 d-------- C:\Documents and Settings\alexford21\Application Data\vlc
2008-04-14 15:54:23 12288 --a------ C:\WINDOWS\impborl.dll
2008-04-13 18:27:38 0 d-------- C:\Documents and Settings\alexford21\Application Data\Apple Computer
2008-04-13 18:16:04 1536 --a----c- C:\WINDOWS\system32\TrueSoft.dat
2008-04-10 21:54:33 0 d-------- C:\Program Files\Zoo Video Uploader
2008-04-06 20:18:58 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-03-24 23:50:52 237057 --a----c- C:\WINDOWS\system32\Office [Keygen].exe
2008-03-21 20:12:02 4096 --a------ C:\WINDOWS\d3dx.dat


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{542EA43D-375A-44B0-AF74-AEAFF2484092}]
23/05/2008 05:40 373248 --a------ C:\WINDOWS\system32\vtUmNHWo.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8CA5ED52-F3FB-4414-A105-2E3491156990}]
C:\PROGRA~1\IWINGA~1\IWINGA~1.DLL

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{99972D1B-964E-49EC-92F4-1EB39F4810A5}]
23/05/2008 05:35 57344 --a------ C:\WINDOWS\system32\vtUnopnn.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCTVOICE"="pctspk.exe" [17/07/2003 10:01 C:\WINDOWS\system32\pctspk.exe]
"Cmaudio"="cmicnfg.cpl" []
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [02/11/2004 08:24 ]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [10/12/2005 04:06 ]
"nwiz"="nwiz.exe" [02/05/2003 10:19 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="NvMCTray.dll" [10/12/2005 04:06 C:\WINDOWS\system32\nvmctray.dll]
"Share-to-Web Namespace Daemon"="C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [17/04/2002 11:42 ]
"BluetoothAuthenticationAgent"="bthprops.cpl" [07/09/2004 03:00 C:\WINDOWS\system32\bthprops.cpl]
"Easy-PrintToolBox"="C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.exe" [14/01/2004 04:10 ]
"PowerS"="C:\WINDOWS\PowerS.exe" [03/08/2001 05:56 ]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/01/2008 11:16 ]
"YQON Agent"="C:\WINDOWS\system32\28463\YQON.exe" []
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 05:25 ]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [28/03/2008 11:37 ]
"Application Layer Gateway Service"="C:\WINDOWS\system32\algs.exe" [13/06/2007 04:22 ]
"Microsoft® System Manager"="C:\WINDOWS\system32\sysmgr.exe" [24/05/2008 03:29 ]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [20/02/2008 11:06 ]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [20/02/2007 02:06 ]
"4449176c"="C:\WINDOWS\system32\wqufrvbb.dll" [08/06/2008 04:10 ]
"BM477a24f0"="C:\WINDOWS\system32\vfuvvyxh.dll" [08/06/2008 04:10 ]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [07/09/2004 03:00 ]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" []

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
"userinit"=C:\WINDOWS\system32\ntos.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{99972D1B-964E-49EC-92F4-1EB39F4810A5}"= C:\WINDOWS\system32\vtUnopnn.dll [23/05/2008 05:35 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe,"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\crypt]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vtUnopnn]
vtUnopnn.dll 23/05/2008 05:35 57344 C:\WINDOWS\system32\vtUnopnn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WinCtrl32]
WinCtrl32.dll 08/06/2008 09:26 15360 C:\WINDOWS\system32\WinCtrl32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WLCtrl32]
WLCtrl32.dll 28/05/2008 01:46 12288 C:\WINDOWS\system32\WLCtrl32.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\vtUmNHWo

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahc70.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aqO20.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\bhR08.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\blR11.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\brR22.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\cjR33.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\cxC54.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ddk38.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dgT82.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxU41.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ebQ45.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Efm57.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ejB38.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Eto01.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\exG06.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Fki52.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\flV35.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Fqf41.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\fuA74.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Fyb23.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ggC17.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Glq60.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\gsA74.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Hah32.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Hda45.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hqS33.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Hyo43.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ifL34.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\itV82.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Iwn60.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\jvF56.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Kfc00.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\kjL40.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\kpX33.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lkS78.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lpi15.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lqn42.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lxO73.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcW13.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Mot65.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\myM58.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Oie04.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Opa03.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\owT08.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\piX31.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\pvA25.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\qdT02.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\qgF63.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rfU46.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rnY31.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\roR54.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\saT55.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Stv25.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\suB65.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tfW44.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tmO64.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Trd28.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ttJ08.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ulF40.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vdL41.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vhX48.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vjI74.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wie83.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winab13.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winal53.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winau01.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winbm72.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winbo35.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winbo41.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wincf61.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wincl86.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Windl83.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Windq81.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Windt03.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winef23.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wineu47.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winfc33.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winfg36.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wingg12.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wingi30.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wingj43.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winhe71.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winii71.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winiy01.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winjd50.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winjr23.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winka27.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winki70.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winkp72.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winkv61.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winne82.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winnk07.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winqw37.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winsg34.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winsr12.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winte42.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wints33.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winul21.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winxx38.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wjv66.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wpd88.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wuS51.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wus88.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wvX75.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\xdN02.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\xoK31.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\yoV41.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\yoX52.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\yuA55.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\yuB20.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ywA38.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
"PDUiP6000DMon"=C:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMon.exe
"PDUiP6000DTskbr"=C:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DTskbr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{19abad38-c908-11dc-b03d-00e1a7767681}]
AutoRun\command- J:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe
open\command- J:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{96ff6079-a7e7-11dc-afdd-000b0d33df6a}]
AutoRun\command- I:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe
open\command- I:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{28ABC5C0-4FCB-11CF-AAX5-81CX1C635612}]
c:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe



-- Hosts -----------------------------------------------------------------------

127.0.0.1 support.alcohol-soft.com
127.0.0.1 serial.alcohol-soft.com
AmsServer



-- End of Deckard's System Scanner: finished at 2008-06-08 19:08:38 ------------

It would be appreciate if you could help me.

BC AdBot (Login to Remove)

 


#2 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:12:18 PM

Posted 09 June 2008 - 01:31 AM

Hello alexford21,

Welcome to Bleeping Computer :)

Wow! What a collection you have there. :thumbsup:

This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.

1. Download this file - combofix.exe
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.forospyware.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe
2. Double click combofix.exe & follow the prompts.
3. When finished, it will produce a log for you. Post that log in your next reply please, along with a new HijackThis log.

Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall.

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#3 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:12:18 PM

Posted 28 June 2008 - 11:05 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users