Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

aliessa700 HJT Log


  • This topic is locked This topic is locked
2 replies to this topic

#1 aliessa700

aliessa700

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:55 PM

Posted 13 June 2008 - 09:42 AM

-- System Restore --------------------------------------------------------------



-- Last 5 Restore Point(s) --
25: 2008-06-13 16:33:15 UTC - RP520 - Deckard's System Scanner Restore Point
24: 2008-06-13 13:51:49 UTC - RP519 - Before uninstall HD Pack 1.4
23: 2008-06-13 01:01:48 UTC - RP518 - Software Distribution Service 3.0
22: 2008-06-12 00:47:54 UTC - RP517 - Software Distribution Service 3.0
21: 2008-06-11 14:41:22 UTC - RP516 - Software Distribution Service 3.0


-- First Restore Point --
1: 2008-05-30 01:01:32 UTC - RP496 - Software Distribution Service 3.0


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 502 MiB (512 MiB recommended).


-- HijackThis (run as Free User.exe) -------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:37:34 م, on 13/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\WINDOWS\ZSSnp211.exe
C:\WINDOWS\Domino.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\DVBViewerTE\AP Launch.exe
C:\Program Files\Common Files\Sonic Shared\cinetray.exe
C:\Program Files\RamCleaner\RamCleaner.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Free User\Desktop\dss.exe
D:\NEWFOL~4\HIJACK~1\Free User.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 213.42.1.19:8080
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [ZSSnp211] C:\WINDOWS\ZSSnp211.exe
O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [HP Software Update] "D:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [RamCleaner] C:\Program Files\RamCleaner\ramcore.exe -s
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Camfrog] "D:\Program Files\Camfrog\Camfrog Video Chat\CamfrogNet.exe" 1 D:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ooVoo.exe] C:\Program Files\ooVoo\ooVoo.exe /minimized
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Startup: AP Launch.lnk = C:\Program Files\DVBViewerTE\AP Launch.exe
O4 - Startup: Sonic CinePlayer Quick Launch.lnk = C:\Program Files\Common Files\Sonic Shared\cinetray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Server4PC.lnk = C:\Program Files\TechniSat DVB\bin\Server4PC.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {463ED66E-431B-11D2-ADB0-0080C83DA4EB} (AcceptWM Class) - https://w3s.webmoney.ru/WMAcceptor.dll
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...wlscbase370.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 8334 bytes

-- HijackThis Fixed Entries (D:\NEWFOL~4\HIJACK~1\backups\) --------------------

backup-20070911-114335-815 O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
backup-20070828-155517-671 O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe (file missing)
backup-20070821-001149-593 O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
backup-20070821-001149-407 O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
backup-20070821-001149-230 O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe (file missing)
backup-20070821-001149-497 O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
backup-20071003-204148-584 O4 - HKCU\..\Run: [Startup Manager] "C:\Program Files\Advanced System Optimizer\startUp manager.exe"
backup-20071003-204148-364 O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe (file missing)
backup-20070821-001205-104 O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
backup-20070821-001205-858 O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
backup-20070821-001205-595 O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe (file missing)
backup-20070821-001205-119 O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
backup-20071003-204148-759 O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
backup-20071003-204148-574 O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe (file missing)
backup-20070821-001214-663 O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
backup-20070821-001214-306 O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
backup-20070821-001214-642 O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe (file missing)
backup-20070821-001214-370 O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
backup-20070821-001253-499 O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
backup-20071003-204148-396 O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe (file missing)
backup-20070821-001253-221 O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
backup-20070821-001253-104 O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
backup-20070821-001253-789 O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe (file missing)
backup-20070821-001838-763 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
backup-20070821-001838-680 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
backup-20070821-001838-459 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
backup-20070821-001838-855 R3 - Default URLSearchHook is missing
backup-20070821-001838-669 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
backup-20070821-001838-492 O4 - HKCU\..\Run: [ooVoo.exe] C:\Program Files\ooVoo\ooVoo.exe /minimized
backup-20070821-001838-759 O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
backup-20070821-001838-957 O4 - HKCU\..\Run: [AFProg] C:\Program Files\AnchorFree\bin\ctrl\AFController.exe
backup-20070821-001838-626 O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
backup-20070821-001838-620 O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - D:\Program Files\avp.exe
backup-20070821-001838-560 O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
backup-20070821-001838-297 O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
backup-20070821-001838-820 O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe (file missing)
backup-20070821-001838-250 O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
backup-20070821-001848-857 O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
backup-20070821-001848-132 O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - D:\Program Files\avp.exe
backup-20070821-001848-775 O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
backup-20070821-001848-110 O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
backup-20070821-001848-839 O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe (file missing)
backup-20070821-001849-644 O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
backup-20070821-001905-510 O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
backup-20070821-001905-282 O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - D:\Program Files\avp.exe
backup-20070821-001905-232 O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
backup-20070821-001905-115 O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
backup-20070821-001905-467 O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe (file missing)
backup-20070821-001905-410 O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
backup-20070821-002058-435 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.trendmicro.com/go/hjt/win9x//?h...ver=7.0.5730.11
backup-20070821-002058-908 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
backup-20070821-002058-947 O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
backup-20070821-002058-171 O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - D:\Program Files\avp.exe
backup-20070821-002058-232 O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
backup-20070821-002058-517 O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
backup-20070821-002058-929 O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe (file missing)
backup-20070821-002058-957 O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
backup-20070828-131404-656 O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
backup-20070828-131405-872 O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
backup-20070828-131405-202 O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
backup-20070828-131450-165 O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
backup-20070828-131450-317 O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
backup-20070828-152334-929 O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe (file missing)
backup-20070828-152344-655 O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe (file missing)
backup-20070828-152654-235 O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
backup-20070828-154638-103 O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe (file missing)
backup-20070828-154708-815 O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe (file missing)
backup-20070828-154708-595 O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
backup-20070828-154708-990 O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
backup-20070828-154708-742 O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe (file missing)
backup-20070828-154708-564 O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe (file missing)
backup-20070828-154817-215 O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
backup-20070828-154836-383 O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe (file missing)
backup-20070828-155049-984 O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe (file missing)
backup-20070828-155049-764 O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe (file missing)
backup-20070828-155049-159 O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe (file missing)
backup-20070828-155049-973 O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe (file missing)
backup-20070828-155517-974 O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe (file missing)
backup-20070828-155517-891 O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe (file missing)
backup-20070828-155517-880 O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe (file missing)
backup-20070829-193500-307 O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe (file missing)
backup-20070829-193538-634 O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe (file missing)
backup-20070830-003029-501 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
backup-20070830-003029-198 O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
backup-20070830-003029-977 O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe (file missing)
backup-20070830-003029-373 O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe (file missing)
backup-20070830-010454-424 O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe (file missing)
backup-20070830-171634-789 O4 - HKUS\S-1-5-21-776561741-842925246-725345543-1004\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'ALI')
backup-20070830-171634-394 O4 - HKUS\S-1-5-21-776561741-842925246-725345543-1004\..\Run: [ooVoo.exe] C:\Program Files\ooVoo\ooVoo.exe /minimized (User 'ALI')
backup-20070830-171634-174 O4 - HKUS\S-1-5-21-776561741-842925246-725345543-1004\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User 'ALI')
backup-20070830-171634-631 O4 - HKUS\S-1-5-21-776561741-842925246-725345543-1004\..\Run: [AFProg] C:\Program Files\AnchorFree\bin\ctrl\AFController.exe (User 'ALI')
backup-20070830-171634-446 O4 - HKUS\S-1-5-21-776561741-842925246-725345543-1004\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'ALI')
backup-20070830-171634-268 O4 - Startup: AP Launch.lnk = C:\Program Files\DVBViewerTE\AP Launch.exe
backup-20070830-171634-161 O8 - Extra context menu item: Add to Anti-Banner - D:\Program Files\ie_banner_deny.htm
backup-20070830-171634-360 O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe (file missing)
backup-20070830-171634-839 O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe (file missing)
backup-20070830-171634-576 O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe (file missing)
backup-20070830-171634-100 O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe (file missing)
backup-20070830-234538-265 O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
backup-20070830-234538-802 O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe (file missing)
backup-20070830-234538-197 O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
backup-20070830-234538-834 O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
backup-20070830-234538-101 O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe (file missing)
backup-20070830-234538-300 O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
backup-20070830-234538-969 O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
backup-20070830-234538-431 O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe (file missing)
backup-20070830-234538-185 O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe (file missing)
backup-20070901-124331-987 O4 - Global Startup: SnagIt 8.lnk = C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
backup-20070902-210309-341 O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
backup-20070902-210309-383 O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
backup-20070902-210309-162 O20 - AppInit_DLLs: D:\PROGRA~1\adialhk.dll
backup-20070902-210309-964 O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
backup-20070902-210309-778 O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe (file missing)
backup-20070902-210309-601 O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
backup-20070902-210309-868 O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
backup-20070902-210309-736 O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe (file missing)
backup-20070903-122427-275 O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe (file missing)
backup-20070903-122427-693 O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe (file missing)
backup-20070903-122427-473 O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe (file missing)
backup-20071005-015848-952 O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) - http://voice1.alfnaan.com/cp/files/talk08.cab
backup-20071005-015848-916 O17 - HKLM\System\CCS\Services\Tcpip\..\{00237FA4-F5D8-4BAC-ADFB-97DC5FD735FA}: NameServer = 85.255.114.54,85.255.112.92
backup-20070907-000757-437 O16 - DPF: {B0A87012-0529-4DE0-B3F1-081D881BDA10} (SIP IP Phone) - http://www.tcalls.com/ipp/VM100SIPPhone.cab
backup-20070907-000758-819 O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe (file missing)
backup-20070907-000758-215 O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
backup-20070907-000758-851 O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe (file missing)
backup-20070907-000758-127 O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
backup-20070907-000758-326 O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
backup-20070907-000758-995 O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe (file missing)
backup-20070907-000758-988 O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe (file missing)
backup-20070907-011405-285 O4 - HKCU\..\Run: [ooVoo.exe] C:\Program Files\ooVoo\ooVoo.exe /minimized
backup-20070907-144930-548 O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
backup-20071005-015848-696 O17 - HKLM\System\CCS\Services\Tcpip\..\{28B692A1-C82C-42C4-9961-E13DCE9143C8}: NameServer = 85.255.114.54,85.255.112.92
backup-20071005-015848-905 O17 - HKLM\System\CCS\Services\Tcpip\..\{2ACF8F7C-330B-4B53-9689-1BCCBD6FB8B4}: NameServer = 85.255.114.54,85.255.112.92
backup-20070907-145137-820 O16 - DPF: {B0A87012-0529-4DE0-B3F1-081D881BDA10} (SIP IP Phone) - http://www.tcalls.com/ipp/VM100SIPPhone.cab
backup-20070910-095333-349 O4 - HKLM\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /QS
backup-20070911-113223-847 O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe (file missing)
backup-20070911-113223-889 O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe (file missing)
backup-20070911-113347-349 O4 - HKCU\..\Run: [Startup Manager] "C:\Program Files\Advanced System Optimizer\startUp manager.exe"
backup-20070911-113347-744 O4 - HKCU\..\Run: [Systweak Wallpaper Changer] C:\Program Files\Advanced System Optimizer\wallpaper.exe -minimize
backup-20070911-113358-310 O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
backup-20071005-015848-728 O17 - HKLM\System\CCS\Services\Tcpip\..\{4EBA4A2B-6E82-45F3-A148-6C5C0D874187}: NameServer = 85.255.114.54,85.255.112.92
backup-20071005-015848-995 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.54 85.255.112.92
backup-20070911-113441-949 O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
backup-20071005-015848-194 O17 - HKLM\System\CS1\Services\Tcpip\..\{00237FA4-F5D8-4BAC-ADFB-97DC5FD735FA}: NameServer = 85.255.114.54,85.255.112.92
backup-20071005-015848-863 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.54 85.255.112.92
backup-20070911-113441-590 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
backup-20071005-015848-856 O17 - HKLM\System\CS2\Services\Tcpip\..\{00237FA4-F5D8-4BAC-ADFB-97DC5FD735FA}: NameServer = 85.255.114.54,85.255.112.92
backup-20070911-114335-707 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
backup-20071005-015848-610 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.54 85.255.112.92
backup-20071005-015848-347 O20 - AppInit_DLLs: D:\PROGRA~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
backup-20071005-015848-608 O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe (file missing)
backup-20071005-015907-694 O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Free User\Start Menu\Programs\IMVU\Run IMVU.lnk
backup-20071005-015924-365 O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
backup-20071005-015924-640 O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe (file missing)
backup-20071005-015924-284 O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe (file missing)
backup-20071007-211905-585 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
backup-20071007-211905-598 O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
backup-20071007-211905-377 O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
backup-20071007-211905-710 O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe (file missing)
backup-20071007-211905-525 O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe (file missing)
backup-20071007-211905-347 O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
backup-20071007-211905-145 O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
backup-20071007-211905-344 O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe (file missing)
backup-20071007-211905-761 O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe (file missing)
backup-20071010-132503-909 O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe (file missing)
backup-20071010-132503-639 O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe (file missing)
backup-20071014-111225-677 O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
backup-20071019-025814-937 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
backup-20071024-190316-305 O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe (file missing)
backup-20071024-190316-940 O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe (file missing)
backup-20071024-190316-720 O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe (file missing)
backup-20071024-190316-115 O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe (file missing)
backup-20071111-172528-659 R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
backup-20071111-172528-140 O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
backup-20071111-172529-747 O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
backup-20071111-172529-142 O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC
backup-20071111-172529-895 O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
backup-20071129-123645-855 O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
backup-20071129-123645-814 O4 - HKLM\..\Run: [SecurePCSolutionsBootCheck] C:\Program Files\Secure PC Solutions\1 Click Fixer PLUS\BootCheck.exe
backup-20071129-123645-629 O4 - HKLM\..\Run: [1ClickFixerPlus] C:\Program Files\Secure PC Solutions\1 Click Fixer PLUS\1ClickFixerPlus.exe
backup-20071129-123645-451 O4 - HKCU\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
backup-20071129-123645-718 O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
backup-20071129-123645-917 O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
backup-20071206-170134-932 O23 - Service: BitDefender Scan Server (bdss) - Softwin SRL - (no file)
backup-20080420-130037-637 O23 - Service: BitDefender Scan Server (bdss) - Softwin SRL - (no file)
backup-20080613-150713-977 O3 - Toolbar: WebMoney Advisor - {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} - (no file)
backup-20080613-151224-662 O2 - BHO: Ofb1 - {3E1500AC-87A5-416b-A211-82E848649DA9} - (no file)
backup-20080613-151224-766 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
backup-20080613-170657-442 O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
backup-20080613-170657-110 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
backup-20080613-170657-382 O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
backup-20080613-170657-279 O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
backup-20080613-171030-102 O4 - HKLM\..\Run: [1ClickFixerPlus] C:\Program Files\Secure PC Solutions\1 Click Fixer PLUS\1ClickFixerPlus.exe
backup-20080613-171030-488 O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
backup-20080613-171030-755 O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
backup-20080613-171050-946 O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R2 ANIO (ANIO Service) - c:\windows\system32\anio.sys <Not Verified; Alpha Networks Inc.; ANIO (NT5) Driver>
R3 Afc (PPdus ASPI Shell) - c:\windows\system32\drivers\afc.sys <Not Verified; Arcsoft, Inc.; Arcsoft® ASPI Shell>
R3 ArcCD (ArcCD Filter Driver Service) - c:\windows\system32\drivers\arccd.sys <Not Verified; ArcSoft Inc.; ArcSoft UDF Reader>
R3 ialm - c:\windows\system32\drivers\ialmnt5.sys <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows NT®>
R3 SKYNET (TechniSat DVB-PC TV Star PCI) - c:\windows\system32\drivers\skynet.sys <Not Verified; B2C2, Inc.; B2C2 Broadband Receiver PCI Adapter>
R3 SMBios (Intel ® System Management BIOS Service) - c:\windows\system32\drivers\smbios.sys <Not Verified; Intel Corporation; Intel ® System Management BIOS Driver>
R3 tap0801 (Smarthide TAP driver) - c:\windows\system32\drivers\tap0801.sys <Not Verified; The SHVPN Project; TAP-Win32 Virtual Network Driver>
R3 tapvpn (TAP VPN Adapter) - c:\windows\system32\drivers\tapvpn.sys <Not Verified; The OpenVPN Project; TAP-Win32 Virtual Network Driver>
R3 ZSMC211 (USB PC Camera (ZS0211)) - c:\windows\system32\drivers\zs211.sys <Not Verified; ZSMC Corporation; >

S2 zntport (NTPort Library Driver) - c:\windows\system32\zntport.sys (file missing)
S3 NPF (Netgroup Packet Filter) - c:\windows\system32\drivers\npf.sys <Not Verified; CACE Technologies; WinPcap Netgroup Packet Filter Driver>
S3 SoC PC-Camera Service (SoC PC-Camera) - c:\windows\system32\drivers\pfc027.sys
S4 ArcUdfs (ArcUdfs FileSystem Driver Service) - c:\windows\system32\drivers\arcudfs.sys <Not Verified; ArcSoft Inc.; ArcSoft UDF Reader>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

S2 ACDaemon (ArcSoft Connect Daemon) - c:\program files\common files\arcsoft\connection service\bin\acservice.exe (file missing)
S2 ANIWZCSdService (ANIWZCSd Service) - c:\program files\ani\aniwzcs2 service\aniwzcsds.exe <Not Verified; Alpha Networks Inc.; ANIWZCS2 Service Launcher (NT)>
S4 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel® PRO/100 VE Network Connection
Device ID: PCI\VEN_8086&DEV_1094&SUBSYS_D6058086&REV_01\4&1E46F438&0&40F0
Manufacturer: Intel
Name: Intel® PRO/100 VE Network Connection
PNP Device ID: PCI\VEN_8086&DEV_1094&SUBSYS_D6058086&REV_01\4&1E46F438&0&40F0
Service: E100B


-- Scheduled Tasks -------------------------------------------------------------

2008-06-13 18:11:04 262 --a------ C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
2008-06-12 23:13:06 430 --ah----- C:\WINDOWS\Tasks\User_Feed_Synchronization-{1BBA346A-0D4E-4474-BC72-BB3D88729A53}.job


-- Files created between 2008-05-13 and 2008-06-13 -----------------------------

2008-06-13 18:26:26 0 d-------- C:\Program Files\gboxplugin
2008-06-13 16:24:01 0 d-------- C:\Program Files\RegCleaner
2008-06-13 15:18:00 0 d-------- C:\Program Files\RogueRemover FREE
2008-06-13 07:24:47 2 --a------ C:\WINDOWS\FixReportFound
2008-06-08 21:05:23 0 d-------- C:\Documents and Settings\Free User\Application Data\ArcSoft
2008-06-08 21:05:23 0 d-------- C:\Documents and Settings\All Users\Application Data\ArcSoft
2008-06-08 21:00:32 134912 --a------ C:\WINDOWS\system32\drivers\ArcUdfs.sys <Not Verified; ArcSoft Inc.; ArcSoft UDF Reader>
2008-06-08 21:00:32 7680 --a------ C:\WINDOWS\system32\drivers\ArcRec.sys <Not Verified; ArcSoft Inc.; ArcSoft UDF Reader>
2008-06-08 21:00:32 36352 --a------ C:\WINDOWS\system32\drivers\ArcCD.sys <Not Verified; ArcSoft Inc.; ArcSoft UDF Reader>
2008-06-08 21:00:28 11776 --a------ C:\WINDOWS\system32\drivers\afc.sys <Not Verified; Arcsoft, Inc.; Arcsoft® ASPI Shell>
2008-06-08 21:00:06 0 d-------- C:\Program Files\Common Files\ArcSoft
2008-06-08 20:57:23 0 d-------- C:\HDpack1.4
2008-06-06 15:05:01 0 d-------- C:\SmartHide_2_setup_121
2008-06-05 23:46:23 0 d-------- C:\Documents and Settings\All Users\Application Data\Arovax
2008-06-05 23:46:20 0 d-------- C:\Program Files\SmartHide
2008-05-29 16:20:20 0 d-------- C:\Documents and Settings\Free User\Application Data\My Shopping Genie
2008-05-29 16:20:20 0 d-------- C:\Documents and Settings\Free User\Application Data\MnuMsgDat
2008-05-29 16:20:11 0 d-------- C:\WINDOWS\MyShoppingGenie
2008-05-29 16:20:11 0 d-------- C:\Program Files\MyShoppingGenie


-- Find3M Report ---------------------------------------------------------------

2008-06-13 14:20:12 0 d-------- C:\Program Files\AltDVB Sat4all Edition
2008-06-13 12:24:55 4 --a------ C:\WINDOWS\FixFixed
2008-06-13 07:24:47 4 --a------ C:\WINDOWS\FixFound
2008-06-08 21:00:56 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-08 21:00:06 0 d-------- C:\Program Files\Common Files
2008-05-28 20:00:35 65840 --a------ C:\Documents and Settings\Free User\Application Data\GDIPFONTCACHEV1.DAT
2008-05-24 12:58:33 0 d-------- C:\Program Files\pfingoTALK
2008-05-24 12:58:28 0 d-------- C:\Program Files\Your Uninstaller 2008
2008-05-23 02:26:36 0 d-------- C:\Documents and Settings\Free User\Application Data\Skype
2008-05-16 16:17:20 0 d-------- C:\Program Files\ooVoo
2008-05-16 15:57:38 0 d-------- C:\Program Files\Golden Al-Wafi Translator
2008-05-14 01:04:44 0 d-------- C:\Program Files\MSN Messenger
2008-05-13 11:54:47 0 d-------- C:\Program Files\MyTheatre
2008-05-02 04:54:05 0 d-------- C:\Program Files\MultiTranse
2008-05-02 04:00:51 0 d-------- C:\Program Files\Camfrog
2008-05-02 03:54:21 0 d-------- C:\Program Files\Sun
2008-05-02 03:53:22 0 d-------- C:\Program Files\Java
2008-04-30 21:48:48 0 d-------- C:\Program Files\ProgDVBStd
2008-04-30 21:47:40 0 d-------- C:\Program Files\ProgEdit
2008-04-30 21:47:40 0 d-------- C:\Program Files\ProgDVB
2008-04-30 21:47:37 0 d-------- C:\Program Files\Common Files\Elecard
2008-04-30 21:47:32 0 d-------- C:\Program Files\DVB-S PowerInstall
2008-04-30 21:47:30 0 d-------- C:\Program Files\IGI Subtitler
2008-04-30 21:47:20 0 d-------- C:\Program Files\GRETECH
2008-04-30 21:43:06 0 d-------- C:\Program Files\VideoReDoPlus
2008-04-30 21:42:56 0 d-------- C:\Documents and Settings\Free User\Application Data\VideoReDoPlus
2008-04-30 14:42:15 0 d-------- C:\Program Files\SpeederXP
2008-04-30 13:54:48 0 d-------- C:\Documents and Settings\Free User\Application Data\URSoft
2008-04-29 11:14:27 0 d-------- C:\Program Files\Hotspot Shield
2008-04-19 18:10:00 0 d-------- C:\Program Files\LookatNet
2008-04-17 13:10:35 128342 --a------ C:\WINDOWS\hpoins11.dat
2008-04-17 13:09:59 0 d-------- C:\Documents and Settings\Free User\Application Data\HP
2008-04-17 13:08:28 0 d-------- C:\Program Files\Common Files\HP
2008-04-17 12:50:30 0 d-------- C:\Program Files\Hewlett-Packard
2008-04-17 12:35:16 0 d-------- C:\Program Files\Common Files\Hewlett-Packard
2008-04-13 21:57:29 0 d-------- C:\Program Files\Microsoft Bootvis
2008-04-13 16:05:40 0 d-------- C:\Documents and Settings\Free User\Application Data\Thinstall
2008-04-11 21:15:04 222069 --a------ C:\WINDOWS\AltDVB Uninstaller.exe
2008-04-02 13:56:43 1032192 --a------ C:\WINDOWS\system32\sqlrcmd.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [06/30/2007 03:19 PM]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [12/31/2002 02:00 PM]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [06/30/2007 03:19 PM]
"D-Link AirPlus G"="C:\Program Files\D-Link\AirPlus G\AirGCFG.exe" [11/23/2005 04:04 PM]
"ANIWZCS2Service"="C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [10/19/2005 07:19 PM]
"ZSSnp211"="C:\WINDOWS\ZSSnp211.exe" [08/19/2006 12:37 PM]
"Domino"="C:\WINDOWS\Domino.exe" [08/18/2006 05:58 PM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [02/08/2008 02:49 AM]
"YSearchProtection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [01/10/2008 06:41 PM]
"HP Software Update"="D:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [09/13/2004 03:49 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [06/28/2007 01:51 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [12/31/2002 02:00 PM]
"YSearchProtection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [01/10/2008 06:41 PM]
"RamCleaner"="C:\Program Files\RamCleaner\ramcore.exe" [10/13/2007 06:26 PM]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [08/03/2004 11:06 PM]
"Camfrog"="D:\Program Files\Camfrog\Camfrog Video Chat\CamfrogNet.exe" [09/29/2003 08:22 AM]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [01/19/2007 12:54 PM]
"ooVoo.exe"="C:\Program Files\ooVoo\ooVoo.exe" [05/14/2008 12:18 PM]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [08/30/2007 05:43 PM]

C:\Documents and Settings\Free User\Start Menu\Programs\Startup\
AP Launch.lnk - C:\Program Files\DVBViewerTE\AP Launch.exe [09/09/2007 05:29:13 ê]
Sonic CinePlayer Quick Launch.lnk - C:\Program Files\Common Files\Sonic Shared\cinetray.exe [18/09/2002 02:16:30 ê]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [19/02/2006 04:21:22 ­]
Server4PC.lnk - C:\Program Files\TechniSat DVB\bin\Server4PC.exe [11/04/2008 10:09:57 ê]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableChangePassword"=0 (0x0)
"DisableTaskMgr"=0 (0x0)
"DisableLockWorkstation"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoTrayContextMenu"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\DisAllowRun]
"1"=dialmessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{99105be6-f856-11dc-87b7-00195b3af7a3}]
Auto\command- razfgqayc.exe
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL razfgqayc.exe




-- End of Deckard's System Scanner: finished at 2008-06-13 18:39:08 ------------


Mod Edit: Topic moved from Misplaced Hijack Logs to more appropriate forum~ TMacK

Edited by TMacK, 14 June 2008 - 07:41 PM.


BC AdBot (Login to Remove)

 


#2 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:05:55 PM

Posted 06 July 2008 - 07:25 AM

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. :thumbsup:
I apologize for the delay getting to your log, the helpers here are very busy.

If you still need help, please post a fresh DSS log, in this thread, so I can help you with your malware problems.
If you have resolved this issue please let us know.
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#3 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:05:55 PM

Posted 22 July 2008 - 07:06 AM

As there has been no response, this thread will now be closed.

If you need this topic reopened, please contact a member of the HJT Team and we will reopen it for you.
Include the address of this thread in your request.
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users