Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Your Privacy Is In Danger, My Computer Become A Red Hyperlink !


  • This topic is locked This topic is locked
2 replies to this topic

#1 faoballo

faoballo

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:01:18 AM

Posted 23 July 2008 - 12:18 PM

PLZ help me!!!


I've install dss and this is the log that I've got from HijackThis:

Deckard's System Scanner v20071014.68
Run by Meh on 2008-07-23 18:28:08
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Meh.exe) -------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:28: VIRUS ALERT!, on 2008-07-23
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\WINDOWS\vsnct511.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\FamilyKeyLogger\cisvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Meh\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Meh.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/.../search/ie.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=...6Ojg5&lid=2
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [SNCT511] C:\WINDOWS\vsnct511.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [FamilyKeyLogger] C:\Program Files\FamilyKeyLogger\cisvc.exe
O4 - HKLM\..\Run: [4cd2a6b7] rundll32.exe "C:\WINDOWS\system32\dhwkvuql.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download FLV videos with IDM from 10 last requested - C:\Program Files\Internet Download Manager\IEGetVL2.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/sit...b?1216586865830
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1216587778861
O17 - HKLM\System\CCS\Services\Tcpip\..\{56C67F67-16B2-417E-96C1-81402AFD5B85}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{757D2B58-B3CA-4299-9970-850EA2DA1FDB}: NameServer = 41.221.20.4 208.67.222.222
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: Antiwpa - C:\WINDOWS\SYSTEM32\antiwpa.dll
O21 - SSODL: eqvwamkl - {3AC7A1B3-51AD-4535-8646-C91CB5449173} - C:\WINDOWS\eqvwamkl.dll (file missing)
O21 - SSODL: wnslvxtf - {C2275975-9969-42F4-8555-91761B4CAFD8} - C:\WINDOWS\wnslvxtf.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm

--
End of file - 9174 bytes

-- Files created between 2008-06-23 and 2008-07-23 -----------------------------

2008-07-23 18:19:03 0 d-------- C:\WINDOWS\LastGood
2008-07-23 17:56:06 0 d-------- C:\Program Files\Trend Micro
2008-07-23 17:46:51 294 ---hs---- C:\WINDOWS\system32\lquvkwhd.ini2
2008-07-23 17:18:21 68096 --a------ C:\WINDOWS\zip.exe
2008-07-23 17:18:21 49152 --a------ C:\WINDOWS\VFind.exe
2008-07-23 17:18:21 212480 --a------ C:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-07-23 17:18:21 136704 --a------ C:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-07-23 17:18:21 161792 --a------ C:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-07-23 17:18:21 98816 --a------ C:\WINDOWS\sed.exe
2008-07-23 17:18:21 80412 --a------ C:\WINDOWS\grep.exe
2008-07-23 17:18:21 89504 --a------ C:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-07-23 17:12:55 0 d-------- C:\VundoFix Backups
2008-07-23 16:42:12 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-07-23 16:25:29 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-07-23 16:25:04 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-07-23 16:25:03 0 d-------- C:\Documents and Settings\Meh\Application Data\SUPERAntiSpyware.com
2008-07-23 13:58:25 94848 --a------ C:\WINDOWS\system32\dhwkvuql.dll
2008-07-23 13:56:46 1022 --ahs---- C:\WINDOWS\system32\wGgiRXbc.ini2
2008-07-23 13:50:17 0 d-------- C:\Documents and Settings\Meh\Application Data\TmpRecentIcons
2008-07-23 13:49:58 229376 --a------ C:\WINDOWS\wnslvxtf.dll
2008-07-23 13:49:58 86016 --a------ C:\WINDOWS\grswptdl.exe
2008-07-23 13:49:58 94208 --a------ C:\WINDOWS\egbe.exe
2008-07-23 13:49:40 0 d-------- C:\Program Files\GrabbedStuff
2008-07-23 13:42:08 0 d-------- C:\WINDOWS\system\dll
2008-07-22 23:34:28 0 d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-07-22 23:29:32 0 d-------- C:\Program Files\Bonjour
2008-07-22 23:17:31 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2008-07-22 23:08:20 0 d-------- C:\Program Files\WinISO
2008-07-22 22:43:17 0 d-------- C:\Documents and Settings\Meh\Application Data\OpenOffice.org2
2008-07-22 22:40:53 0 d-------- C:\Program Files\OpenOffice.org 2.4
2008-07-22 21:51:15 0 d-------- C:\18680b88b37b227696
2008-07-22 19:37:28 0 d--h----- C:\Program Files\FamilyKeyLogger
2008-07-22 19:17:45 0 d--h----- C:\WINDOWS\system32\CTF
2008-07-22 11:48:09 0 d-------- C:\Documents and Settings\Meh\Application Data\Media Player Classic
2008-07-22 09:17:41 0 d-------- C:\Program Files\Common Files\xing shared
2008-07-22 09:17:06 0 d-------- C:\Program Files\Common Files\Real
2008-07-22 09:17:05 0 d-------- C:\Program Files\Real
2008-07-22 09:16:44 0 d-------- C:\Documents and Settings\Meh\Application Data\Real
2008-07-21 22:48:09 0 d-------- C:\Program Files\WinHTTrack
2008-07-21 17:32:31 0 d-------- C:\Program Files\Passware
2008-07-21 14:31:32 0 d-------- C:\WINDOWS\Sun
2008-07-21 13:42:22 0 d-------- C:\Documents and Settings\Meh\Application Data\Search Settings
2008-07-21 13:40:14 0 d-------- C:\Program Files\uTorrent
2008-07-21 13:40:05 0 d-------- C:\Documents and Settings\Meh\Application Data\uTorrent
2008-07-21 13:20:12 0 d-------- C:\Documents and Settings\Meh\Application Data\InstallShield
2008-07-21 13:15:16 0 d-------- C:\Program Files\Search Settings
2008-07-21 13:07:55 0 d-------- C:\WINDOWS\WHQL
2008-07-21 12:52:20 53248 --a------ C:\WINDOWS\system32\CSVer.dll <Not Verified; Windows XP Bundled build C-Centric Single User; Windows XP Bundled build C-Centric Single User CSVer>
2008-07-21 12:51:58 0 d-------- C:\Intel
2008-07-21 12:49:02 0 d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-07-21 12:36:09 80 -r-hs---- C:\WINDOWS\system32\160AD4A64C.dll
2008-07-21 12:11:49 1031680 --a------ C:\WINDOWS\explorer1.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-21 12:08:57 0 d-------- C:\Documents and Settings\Meh\Application Data\COWON
2008-07-21 12:08:04 0 d-------- C:\Program Files\Common Files\COWON
2008-07-21 12:08:03 0 d-------- C:\Program Files\JetAudio
2008-07-21 12:00:56 0 d-------- C:\Documents and Settings\Meh\Application Data\PE Explorer
2008-07-21 12:00:52 0 d-------- C:\Program Files\PE Explorer
2008-07-21 11:55:37 233472 --a------ C:\WINDOWS\system32\TubeFinder.exe <Not Verified; Koyote Soft; Tube Finder>
2008-07-21 11:55:35 101888 --a------ C:\WINDOWS\system32\VB6STKIT.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>
2008-07-21 11:55:35 119568 --a------ C:\WINDOWS\system32\VB6FR.DLL <Not Verified; Microsoft Corporation; Environnement Visual Basic>
2008-07-21 11:55:35 9728 --a------ C:\WINDOWS\system32\PCCLPFR.DLL <Not Verified; Microsoft Corporation; PicClip>
2008-07-21 11:55:35 141312 --a------ C:\WINDOWS\system32\MSCMCFR.DLL <Not Verified; Microsoft Corporation; COMCTL>
2008-07-21 11:55:34 32768 --a------ C:\WINDOWS\system32\CMDLGFR.DLL <Not Verified; Microsoft Corporation; CMDIALOG>
2008-07-21 11:55:34 0 d-------- C:\Program Files\Free FLV Converter
2008-07-21 11:54:44 10752 --a------ C:\WINDOWS\system32\aamd532.dll <Not Verified; Almeida & Andrade Ltda; MD5 Maker DLL>
2008-07-21 11:53:36 0 dr-h----- C:\Documents and Settings\Meh\Recent
2008-07-21 11:50:44 0 d-------- C:\Documents and Settings\All Users\Application Data\Protexis
2008-07-21 11:50:39 8 -r-hs---- C:\WINDOWS\system32\4EE41C2FF3.dll
2008-07-21 11:49:51 0 d-------- C:\Program Files\WinPcap
2008-07-21 11:49:42 0 d-------- C:\Program Files\reconserver
2008-07-21 11:38:57 217088 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-07-21 11:38:57 856064 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-07-21 11:38:57 591890 --a------ C:\WINDOWS\system32\x264vfw.dll
2008-07-21 11:38:57 1415680 --a------ C:\WINDOWS\system32\WMV9VCM.dll <Not Verified; Microsoft Corporation; Windows Media Video 9 VCM>
2008-07-21 11:38:55 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-07-21 11:38:55 620180 --a------ C:\WINDOWS\system32\divx.dll <Not Verified; DivX, Inc.; DivX®>
2008-07-21 11:38:53 5120 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-07-21 11:38:48 0 d-------- C:\Program Files\K-Lite Codec Pack
2008-07-21 11:38:30 0 d-------- C:\Program Files\Java
2008-07-21 11:38:28 0 d-------- C:\Program Files\Common Files\Java
2008-07-21 11:32:11 0 d-------- C:\Program Files\Common Files\Adobe AIR
2008-07-21 11:32:08 0 d-------- C:\Documents and Settings\Meh\Application Data\Adobe
2008-07-21 11:31:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-07-21 11:31:00 0 d-------- C:\Program Files\Common Files\Adobe
2008-07-21 11:30:38 0 d-------- C:\Program Files\Ghennai WinRAR3.71
2008-07-21 11:30:33 56832 --a------ C:\WINDOWS\system32\winr371.exe
2008-07-21 11:30:32 0 d-------- C:\WINDOWS\system32\Windows
2008-07-21 11:30:31 0 d-------- C:\WINDOWS\system32\Program Files
2008-07-21 11:30:18 0 d-------- C:\Program Files\ma-config.com
2008-07-21 11:30:18 0 d-------- C:\Documents and Settings\All Users\Application Data\ma-config.com
2008-07-21 11:08:30 187392 --a------ C:\WINDOWS\system32\JPGUtils.dll
2008-07-21 11:08:28 0 d-------- C:\Program Files\WinCustomize
2008-07-21 11:01:42 0 d-------- C:\Program Files\Dream Aquarium
2008-07-21 10:55:06 0 d-------- C:\Program Files\Driver-Soft
2008-07-21 10:53:23 0 d-------- C:\Program Files\TuneUp Utilities 2006
2008-07-21 10:53:23 0 d-------- C:\Documents and Settings\Meh\Application Data\TuneUp Software
2008-07-21 10:53:03 0 d-------- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-07-21 10:53:00 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-07-21 10:52:38 73216 --a------ C:\WINDOWS\cadkasdeinst01f.exe
2008-07-21 10:52:37 0 d-------- C:\Program Files\PDF Editeur 2
2008-07-21 10:51:23 0 d-------- C:\WINDOWS\system32\PreInstall
2008-07-21 10:51:21 0 d--h----- C:\WINDOWS\$hf_mig$
2008-07-21 02:53:16 0 d-------- C:\WINDOWS\Album
2008-07-21 02:53:14 0 d-------- C:\Program Files\VideoCAM Eye
2008-07-21 02:53:13 0 d-------- C:\Program Files\Common Files\VCAMEye
2008-07-20 23:39:53 0 --a------ C:\WINDOWS\nsreg.dat
2008-07-20 23:39:49 0 d-------- C:\Documents and Settings\Meh\Application Data\Mozilla
2008-07-20 23:25:29 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-07-20 23:25:28 0 d-------- C:\Documents and Settings\Meh\Application Data\skypePM
2008-07-20 23:23:45 0 d-------- C:\Documents and Settings\Meh\Application Data\Skype
2008-07-20 23:23:17 0 d-------- C:\Program Files\Skype
2008-07-20 23:23:17 0 d-------- C:\Program Files\Common Files\Skype
2008-07-20 23:22:50 0 d-------- C:\Documents and Settings\All Users\Application Data\Skype
2008-07-20 23:06:11 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-07-20 22:56:25 0 d-------- C:\Documents and Settings\Meh\Contacts
2008-07-20 22:55:17 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-07-20 22:54:23 0 d-------- C:\Program Files\MSN Messenger
2008-07-20 22:53:56 0 d-------- C:\Documents and Settings\Meh\Application Data\WinRAR
2008-07-20 22:43:27 0 d---s---- C:\Documents and Settings\Meh\UserData
2008-07-20 22:38:46 0 d-------- C:\Program Files\PowerISO
2008-07-20 22:38:31 0 d-------- C:\Documents and Settings\Meh\Application Data\Sun
2008-07-20 22:37:28 0 d-------- C:\Documents and Settings\Meh\Downloads
2008-07-20 21:22:49 0 d-------- C:\Program Files\ASUSTeK
2008-07-20 21:22:39 20096 --a------ C:\WINDOWS\system32\drivers\atkkbnt.sys <Not Verified; ASUSTeK COMPUTER INC.; ASUS Help driver For Keyboard Service.>
2008-07-20 21:22:39 333824 --a------ C:\WINDOWS\system32\ATKOSDX.dll <Not Verified; ASUSTeK COMPUTER INC.; ASUS On-Screen Display For 3D Game>
2008-07-20 21:22:39 8704 --a------ C:\WINDOWS\system32\ATKOSDMini.DLL
2008-07-20 21:22:39 45056 --a------ C:\WINDOWS\system32\ATKOGL.dll <Not Verified; ASUSTeK COMPUTER INC.; ASUSTeK Computer Inc. AsusOGL>
2008-07-20 21:22:39 303104 --a------ C:\WINDOWS\system32\ATKDispCPL.dll <Not Verified; ASUSTeK COMPUTER INC.; ASUS Display Property Page>
2008-07-20 21:22:39 154144 --a------ C:\WINDOWS\system32\ATKDISP.dll <Not Verified; ASUSTeK Computer Inc.; ASUS Windows 2000/XP Display Driver>
2008-07-20 21:22:39 180224 --a------ C:\WINDOWS\system32\ATKCheckDispIDs.dll
2008-07-20 21:22:39 90112 --a------ C:\WINDOWS\ATKKBService.exe <Not Verified; ASUSTeK COMPUTER INC.; ASUS Keyboard Service>
2008-07-20 21:21:57 0 d-------- C:\WINDOWS\nview
2008-07-20 21:21:04 9472 -ra------ C:\WINDOWS\system32\drivers\EIO.sys <Not Verified; ASUSTeK Computer Inc.; ASUS Kernel Mode Driver for NT>
2008-07-20 21:17:01 135168 --a------ C:\WINDOWS\system32\unaddrv.exe <Not Verified; Analog Devices.; UnADdrv>
2008-07-20 21:17:01 49143 --a------ C:\WINDOWS\system32\drivers\adildr.sys <Not Verified; Analog Deivces; ADI ADSL chipset loader>
2008-07-20 21:17:01 155648 --a------ C:\WINDOWS\system32\AdADIx32.dll <Not Verified; Analog Devices Inc.; AdADIx32>
2008-07-20 21:17:01 4981 --a------ C:\WINDOWS\system32\AdADIx2K.dll <Not Verified; SITECSOFT Co., LTD.; AdADIx2K>
2008-07-20 21:17:01 46892 --a------ C:\WINDOWS\system32\ADADIX16.DLL
2008-07-20 20:23:41 5376 --a------ C:\WINDOWS\system32\antiwpa.dll
2008-07-20 20:16:41 0 d-------- C:\Documents and Settings\Meh\Application Data\IDM
2008-07-20 20:16:41 0 d-------- C:\Documents and Settings\Meh\Application Data\DMCache
2008-07-20 20:16:34 0 d-------- C:\Program Files\Internet Download Manager
2008-07-20 20:04:14 0 d--hs---- C:\WINDOWS\Installer
2008-07-20 20:04:13 0 d-------- C:\Program Files\Common Files\ODBC
2008-07-20 20:04:08 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-07-20 20:04:06 0 dr------- C:\Program Files
2008-07-20 20:04:06 0 d-------- C:\Program Files\Common Files
2008-07-20 20:03:25 0 d--h----- C:\Documents and Settings\Default User\Templates
2008-07-20 20:03:25 0 dr------- C:\Documents and Settings\Default User\Start Menu
2008-07-20 20:03:25 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2008-07-20 20:03:25 0 d--h----- C:\Documents and Settings\Default User\Recent
2008-07-20 20:03:25 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2008-07-20 20:03:25 0 d--h----- C:\Documents and Settings\Default User\NetHood
2008-07-20 20:03:25 0 d-------- C:\Documents and Settings\Default User\My Documents
2008-07-20 20:03:25 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2008-07-20 20:03:25 0 d-------- C:\Documents and Settings\Default User\Favorites
2008-07-20 20:03:25 0 d-------- C:\Documents and Settings\Default User\Desktop
2008-07-20 20:03:25 0 d---s---- C:\Documents and Settings\Default User\Cookies
2008-07-20 20:03:25 0 d--h----- C:\Documents and Settings\All Users\Templates
2008-07-20 20:03:25 0 dr------- C:\Documents and Settings\All Users\Start Menu
2008-07-20 20:03:25 0 d-------- C:\Documents and Settings\All Users\Favorites
2008-07-20 20:03:25 0 dr------- C:\Documents and Settings\All Users\Documents
2008-07-20 20:03:25 0 d-------- C:\Documents and Settings\All Users\Desktop
2008-07-20 20:03:09 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-07-20 20:03:09 0 d-------- C:\WINDOWS\system32\CatRoot
2008-07-20 20:03:04 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-07-20 20:03:04 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2008-07-20 20:03:04 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-07-20 20:03:04 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-07-20 20:02:24 0 d--hs---- C:\System Volume Information
2008-07-20 20:02:24 0 d-------- C:\Documents and Settings
2008-07-20 19:55:45 0 d-------- C:\WINDOWS
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\WinSxS
2008-07-20 19:55:45 0 dr------- C:\WINDOWS\Web
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\twain_32
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\wins
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\wbem
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\usmt
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\spool
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\ShellExt
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\Setup
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\ras
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\oobe
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\npp
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\mui
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\inetsrv
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\IME
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\icsxml
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\ias
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\export
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\drivers
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\drivers\etc
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\drivers\disdn
2008-07-20 19:55:45 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\dhcp
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\config
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\3com_dmi
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\3076
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\2052
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\1054
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\1042
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\1041
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\1037
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\1033
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\1031
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\1028
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system32\1025
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\system
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\security
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\Resources
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\repair
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\Provisioning
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\PeerNet
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\pchealth
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\mui
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\msapps
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\msagent
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\Media
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\java
2008-07-20 19:55:45 0 d--h----- C:\WINDOWS\inf
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\ime
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\Help
2008-07-20 19:55:45 0 dr--s---- C:\WINDOWS\Fonts
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\Driver Cache
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\Debug
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\Cursors
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\Connection Wizard
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\Config
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\AppPatch
2008-07-20 19:55:45 0 d-------- C:\WINDOWS\addins
2008-07-20 19:08:26 91492 --a------ C:\WINDOWS\system32\drivers\klin.dat
2008-07-20 19:08:26 85860 --a------ C:\WINDOWS\system32\drivers\klick.dat
2008-07-20 19:08:08 322336 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-07-20 19:08:08 9420576 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-07-20 19:08:08 0 d-------- C:\Program Files\Kaspersky Lab
2008-07-20 19:08:08 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-07-20 19:07:18 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-07-20 18:57:35 0 d-------- C:\Documents and Settings\Meh\Application Data\Macromedia
2008-07-20 18:50:41 122880 --a------ C:\WINDOWS\autoclk.exe <Not Verified; ; autoclk Application>
2008-07-20 18:50:40 22395 --a------ C:\WINDOWS\system32\drivers\fpga.bin
2008-07-20 18:50:40 117785 -ra------ C:\WINDOWS\system32\drivers\adiusbae.sys <Not Verified; Analog Devices Inc.; ADSL USB LAN Driver>
2008-07-20 18:50:40 0 d-------- C:\Program Files\Huawei Technologies
2008-07-20 18:47:50 0 d-------- C:\WINDOWS\system32\Lang
2008-07-20 18:43:22 40960 -r------- C:\WINDOWS\system32\ChCfg.exe
2008-07-20 18:43:15 0 d-------- C:\WINDOWS\system32\RTCOM
2008-07-20 18:43:00 0 d-------- C:\WINDOWS\OPTIONS
2008-07-20 18:41:59 0 d-------- C:\Program Files\Realtek
2008-07-20 18:41:56 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-07-20 18:41:54 487424 -r------- C:\WINDOWS\RtlExUpd.dll <Not Verified; Realtek Semiconductor Corp.; RtlExUpd Dynamic Link Library>
2008-07-20 18:41:43 0 d-------- C:\Program Files\Common Files\InstallShield
2008-07-20 18:39:21 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2008-07-20 18:39:20 0 d-------- C:\Program Files\Intel
2008-07-20 18:39:13 0 d-------- C:\Program Files\Yahoo!
2008-07-20 18:20:52 0 d-------- C:\Documents and Settings\Meh\Application Data\Identities
2008-07-20 18:20:45 0 dr------- C:\Documents and Settings\Meh\Favorites
2008-07-20 18:20:45 0 d-------- C:\Documents and Settings\Meh\Desktop
2008-07-20 18:20:45 0 d---s---- C:\Documents and Settings\Meh\Cookies
2008-07-20 18:20:45 0 dr-h----- C:\Documents and Settings\Meh\Application Data
2008-07-20 18:20:44 0 d--h----- C:\Documents and Settings\Meh\Templates
2008-07-20 18:20:44 0 dr------- C:\Documents and Settings\Meh\Start Menu
2008-07-20 18:20:44 0 dr-h----- C:\Documents and Settings\Meh\SendTo
2008-07-20 18:20:44 0 d--h----- C:\Documents and Settings\Meh\PrintHood
2008-07-20 18:20:44 2621440 --ah----- C:\Documents and Settings\Meh\NTUSER.DAT
2008-07-20 18:20:44 0 d--h----- C:\Documents and Settings\Meh\NetHood
2008-07-20 18:20:44 0 dr------- C:\Documents and Settings\Meh\My Documents
2008-07-20 18:20:44 0 d--h----- C:\Documents and Settings\Meh\Local Settings
2008-07-20 18:18:42 0 d-------- C:\WINDOWS\SoftwareDistribution
2008-07-20 18:18:41 0 d---s---- C:\WINDOWS\system32\Microsoft
2008-07-20 18:18:41 0 d-------- C:\WINDOWS\Prefetch
2008-07-20 18:18:40 262144 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2008-07-20 18:18:40 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2008-07-20 18:18:40 0 d---s---- C:\Documents and Settings\LocalService\Cookies
2008-07-20 18:18:40 0 d-------- C:\Documents and Settings\LocalService\Application Data
2008-07-20 18:18:40 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2008-07-20 18:18:15 262144 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2008-07-20 18:18:15 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2008-07-20 18:18:15 0 d---s---- C:\Documents and Settings\NetworkService\Cookies
2008-07-20 18:18:15 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2008-07-20 18:18:15 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-07-20 18:15:20 0 d-------- C:\WINDOWS\system32\xircom
2008-07-20 18:15:20 0 d-------- C:\Program Files\microsoft frontpage
2008-07-20 18:15:18 262144 --ah----- C:\Documents and Settings\Default User\NTUSER.DAT
2008-07-20 18:15:12 0 -rahs---- C:\MSDOS.SYS
2008-07-20 18:15:12 0 -rahs---- C:\IO.SYS
2008-07-20 18:15:12 0 --a------ C:\CONFIG.SYS
2008-07-20 18:15:12 0 --a------ C:\AUTOEXEC.BAT
2008-07-20 18:14:25 0 d--hs---- C:\Documents and Settings\All Users\DRM
2008-07-20 18:14:16 0 dr------- C:\WINDOWS\Offline Web Pages
2008-07-20 18:14:16 0 d---s---- C:\WINDOWS\Downloaded Program Files
2008-07-20 18:14:07 0 d--h----- C:\Program Files\WindowsUpdate
2008-07-20 18:13:46 0 d-------- C:\WINDOWS\system32\DirectX
2008-07-20 18:13:10 0 d---s---- C:\WINDOWS\Tasks
2008-07-20 18:13:09 0 d-------- C:\Program Files\Common Files\MSSoap
2008-07-20 18:13:06 0 d-------- C:\WINDOWS\srchasst
2008-07-20 18:13:05 0 d-------- C:\WINDOWS\system32\Macromed
2008-07-20 18:12:57 0 d-------- C:\Program Files\Movie Maker
2008-07-20 18:12:50 0 d-------- C:\WINDOWS\system32\Restore
2008-07-20 18:12:30 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-07-20 18:12:14 0 d-------- C:\WINDOWS\Registration
2008-07-20 18:11:49 0 d-------- C:\Program Files\Online Services
2008-07-20 18:11:43 0 d-------- C:\Program Files\Messenger
2008-07-20 18:11:39 0 d-------- C:\Program Files\MSN Gaming Zone
2008-07-20 18:10:59 0 d-------- C:\Program Files\Windows NT
2008-07-20 18:10:56 0 d-------- C:\WINDOWS\system32\MsDtc
2008-07-20 18:10:54 0 d-------- C:\WINDOWS\system32\Com


-- Find3M Report ---------------------------------------------------------------

2008-07-21 11:22:50 2223616 --a------ C:\WINDOWS\system32\logonuiX.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-20 20:03:25 62 --ahs---- C:\Documents and Settings\Meh\Application Data\desktop.ini


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
2008-06-11 22:33: VIRUS ALERT! 75128 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 17:07: VIRUS ALERT! C:\WINDOWS\system32\HdAShCut.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-05-18 08:27: VIRUS ALERT! C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 12:04: VIRUS ALERT! C:\WINDOWS\SkyTel.exe]
"Alcmtr"="ALCMTR.EXE" [2005-05-03 12:43: VIRUS ALERT! C:\WINDOWS\Alcmtr.exe]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [2007-12-18 00:43: VIRUS ALERT!]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-12-15 06:01: VIRUS ALERT!]
"nwiz"="nwiz.exe" [2004-12-15 06:01: VIRUS ALERT! C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2004-12-15 06:01: VIRUS ALERT!]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2008-03-15 01:50: VIRUS ALERT!]
"SNCT511"="C:\WINDOWS\vsnct511.exe" [2003-07-24 17:38: VIRUS ALERT!]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 02:38: VIRUS ALERT!]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27: VIRUS ALERT!]
"SearchSettings"="C:\Program Files\Search Settings\SearchSettings.exe" [2008-06-12 16:57: VIRUS ALERT!]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-07-22 09:17: VIRUS ALERT!]
"FamilyKeyLogger"="C:\Program Files\FamilyKeyLogger\cisvc.exe" [2003-01-31 23:44: VIRUS ALERT!]
"4cd2a6b7"="C:\WINDOWS\system32\dhwkvuql.dll" [2008-07-23 13:58: VIRUS ALERT!]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00: VIRUS ALERT!]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [2008-07-20 20:17: VIRUS ALERT!]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54: VIRUS ALERT!]
"uTorrent"="C:\Program Files\uTorrent\uTorrent.exe" [2008-07-21 13:40: VIRUS ALERT!]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-05-28 10:33: VIRUS ALERT!]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
DSLMON.lnk - C:\Program Files\Huawei Technologies\Huawei SmartAX MT810\dslmon.exe [2008-07-20 21:17:02]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=1 (0x1)
"NoDispCPL"=1 (0x1)
"disableregistrytools"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoToolbarCustomize"=1 (0x1)
"StartMenuLogoff"=1 (0x1)
"NoStartMenuMorePrograms"=1 (0x1)
"NoSetFolders"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= file:///C:\WINDOWS\privacy_danger\index.htm
FriendlyName= Privacy Protection

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 10:13: VIRUS ALERT! 77824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"eqvwamkl"= {3AC7A1B3-51AD-4535-8646-C91CB5449173} - C:\WINDOWS\eqvwamkl.dll [ ]
"wnslvxtf"= {C2275975-9969-42F4-8555-91761B4CAFD8} - C:\WINDOWS\wnslvxtf.dll [2008-07-23 14:08: VIRUS ALERT! 229376]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41: VIRUS ALERT! 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Antiwpa]
antiwpa.dll 2005-09-18 02:32: VIRUS ALERT! 5376 C:\WINDOWS\system32\antiwpa.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\cbXRigGw

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]
@="Service"




-- End of Deckard's System Scanner: finished at 2008-07-23 18:30:45 ------------

Edited by faoballo, 23 July 2008 - 12:34 PM.


BC AdBot (Login to Remove)

 


#2 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:01:18 AM

Posted 23 July 2008 - 10:10 PM

Hello faoballo,

Welcome to Bleeping Computer :thumbsup:

I think, given the fact that you're running an illegal copy of windows and all that is wrong with your computer, you should go out and buy a legal copy of Windows and start over. Your computer is likely compromised and that would be the safest and surest course to take.

Regards,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#3 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:01:18 AM

Posted 08 August 2008 - 01:24 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users