Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Random Audio Clips


  • This topic is locked This topic is locked
2 replies to this topic

#1 seancbass

seancbass

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:16 AM

Posted 23 December 2008 - 02:24 AM

Greetings All,
My HP laptop, for some time now, plays random sound clips, whether it's on the internet or not. They vary in length and range fom howie mendell to verizon advertisements. I currently have McAfee, and have included my reports from RSIT and Kaspersky. Thanks again for any help you can provide.

Logfile of random's system information tool 1.05 (written by random/random)
Run by Owner at 2008-12-23 00:18:50
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 2 GB (3%) free of 67 GB
Total RAM: 1014 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:18:51 AM, on 12/23/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Sonic\DigitalMedia Plus v7\MyDVD Plus\DetectorApp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\P2P Networking\P2P Networking.exe
C:\Program Files\Napster\napster.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\HPQ\SHARED\HPQTOA~1.EXE
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\noytcyr.exe
C:\WINDOWS\system32\wsldoekd.exe
C:\WINDOWS\system32\afisicx.exe
C:\WINDOWS\system32\roytctm.exe
C:\WINDOWS\system32\tdydowkc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\WINDOWS\system32\tpszxyd.sys
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\mabidwe.exe
C:\WINDOWS\system32\soxpeca.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\udxfytw.sys
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\Z2QX4R0A\RSIT[1].exe
C:\Program Files\Trend Micro\HijackThis\Owner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] "C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [eabconfg.cpl] "C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" /Start
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [P2P Networking] "C:\WINDOWS\system32\P2P Networking\P2P Networking.exe" /AUTOSTART
O4 - HKLM\..\Run: [NapsterShell] "C:\Program Files\Napster\napster.exe" /systray
O4 - HKLM\..\Run: [AppleSyncNotifier] "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [tunebite.exe] "C:\Program Files\tunebite\tunebite.exe" -hidden
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=laptop
O15 - Trusted Zone: http://www.sibelius.com
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} (MALPlaybackCtrl Class) - http://musicstore.connect.com/XSL/mb_us/ht...ALStreaming.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1150560415718
O16 - DPF: {95D88B35-A521-472B-A182-BB1A98356421} (Pearson Installation Assistant 2) - http://asp.mathxl.com/books/_Players/PearsonInstallAsst2.cab
O16 - DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} (Pearson MathXL Player) - http://asp.mathxl.com/books/_Players/MathPlayer.cab
O23 - Service: afinding Service (afinding) - Unknown owner - C:\WINDOWS\system32\AFinding.exe (file missing)
O23 - Service: afisicx Manages messages (afisicx) - Unknown owner - C:\WINDOWS\system32\afisicx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: mabidwe Service (mabidwe) - Unknown owner - C:\WINDOWS\system32\mabidwe.exe
O23 - Service: macidwe Service (macidwe) - Unknown owner - C:\WINDOWS\system32\macidwe.exe (file missing)
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
O23 - Service: nobicyt Service (nobicyt) - Unknown owner - C:\WINDOWS\system32\Nobicyt.exe (file missing)
O23 - Service: noxtcyr Corporation inc. (noxtcyr) - Unknown owner - C:\WINDOWS\system32\noxtcyr.exe (file missing)
O23 - Service: noytcyr Service (noytcyr) - Unknown owner - C:\WINDOWS\system32\noytcyr.exe
O23 - Service: perfs Service (perfs) - Unknown owner - C:\WINDOWS\system32\perfs.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: routing Service (routing) - Unknown owner - C:\WINDOWS\system32\routing.exe (file missing)
O23 - Service: roxtctm Event propagation service (roxtctm) - Unknown owner - C:\WINDOWS\system32\roxtctm.exe (file missing)
O23 - Service: roytctm Service (roytctm) - Unknown owner - C:\WINDOWS\system32\roytctm.exe
O23 - Service: sobicyt Service (sobicyt) - Unknown owner - C:\WINDOWS\system32\sobicyt.exe (file missing)
O23 - Service: solewxte Service (solewxte) - Unknown owner - C:\WINDOWS\system32\solewxte.exe (file missing)
O23 - Service: sotpeca Co. Ltd. (sotpeca) - Unknown owner - C:\WINDOWS\system32\sotpeca.exe (file missing)
O23 - Service: soxpeca Service (soxpeca) - Unknown owner - C:\WINDOWS\system32\soxpeca.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: tdxdowkc Service (tdxdowkc) - Unknown owner - C:\WINDOWS\system32\tdxdowkc.exe (file missing)
O23 - Service: tdydowkc Service (tdydowkc) - Unknown owner - C:\WINDOWS\system32\tdydowkc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: wserving Service (wserving) - Unknown owner - C:\WINDOWS\system32\WServing.exe (file missing)
O23 - Service: wsldoekd Event propagation service (wsldoekd) - Unknown owner - C:\WINDOWS\system32\wsldoekd.exe

--
End of file - 11898 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll [2006-11-30 67136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-09-16 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-09-16 2403392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-11-02 98304]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-11-02 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-11-02 118784]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\CHDAudPropShortcut.exe [2005-11-22 61952]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-11-11 761945]
"hpWirelessAssistant"=C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [2005-11-16 503808]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-05-11 49152]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2005-12-12 94208]
"eabconfg.cpl"=C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe [2005-12-07 409600]
"RecGuard"=C:\Windows\SMINST\RecGuard.exe [2005-10-11 1187840]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"BearShare"=C:\Program Files\BearShare\BearShare.exe /pause []
"P2P Networking"=C:\WINDOWS\system32\P2P Networking\P2P Networking.exe [2006-10-21 468152]
"NapsterShell"=C:\Program Files\Napster\napster.exe [2008-05-09 323216]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-12-15 413696]
"ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2006-11-30 112216]
"McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\UdaterUI.exe [2006-11-17 136768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe []
"BitTorrent"=C:\Program Files\BitTorrent\bittorrent.exe --force_start_minimized []
"tunebite.exe"=C:\Program Files\tunebite\tunebite.exe -hidden []
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-09-19 68856]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-11-02 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\svcWRSSSDK]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\svcWRSSSDK]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\Java\jre1.5.0_06\bin\javaw.exe"="C:\Program Files\Java\jre1.5.0_06\bin\javaw.exe:*:Enabled:Java™ 2 Platform Standard Edition binary"
"C:\Program Files\Soulseek\slsk.exe"="C:\Program Files\Soulseek\slsk.exe:*:Enabled:SoulSeek"
"C:\Program Files\BearShare\BearShare.exe"="C:\Program Files\BearShare\BearShare.exe:*:Enabled:BearShare"
"C:\WINDOWS\system32\java.exe"="C:\WINDOWS\system32\java.exe:*:Enabled:Java™ 2 Platform Standard Edition binary"
"C:\WINDOWS\system32\P2P Networking\P2P Networking.exe"="C:\WINDOWS\system32\P2P Networking\P2P Networking.exe:*:Enabled:P2P Networking"
"C:\Program Files\Kazaa\kazaa.exe"="C:\Program Files\Kazaa\kazaa.exe:*:Enabled:Kazaa"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\EA GAMES\Need For Speed Underground\Speed.exe"="C:\Program Files\EA GAMES\Need For Speed Underground\Speed.exe:*:Enabled:Speed"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3fb659a3-ef10-11da-9bd2-806d6172696f}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480


======List of files/folders created in the last 1 months======

2008-12-23 00:08:55 ----D---- C:\rsit
2008-12-21 18:17:58 ----D---- C:\QUARANTINE
2008-12-21 18:13:55 ----A---- C:\WINDOWS\FLV Player Uninstall Log.txt
2008-12-21 17:54:40 ----D---- C:\WINDOWS\pss
2008-12-21 17:54:33 ----D---- C:\Program Files\Common Files\Cisco Systems
2008-12-21 17:54:33 ----A---- C:\WINDOWS\system32\epoPGPsdk.dll.sig
2008-12-21 17:54:33 ----A---- C:\WINDOWS\system32\epoPGPsdk.dll
2008-12-21 17:54:32 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2008-12-21 17:53:23 ----D---- C:\Program Files\McAfee
2008-12-21 17:53:23 ----D---- C:\Program Files\Common Files\McAfee
2008-12-15 14:06:25 ----D---- C:\Program Files\QuickTime
2008-12-11 09:37:46 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-11 09:33:01 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-11 09:31:13 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-11 09:30:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-04 13:02:33 ----HD---- C:\BJPrinter
2008-12-03 09:19:46 ----D---- C:\Program Files\iPod
2008-12-03 09:19:41 ----D---- C:\Program Files\iTunes
2008-12-03 09:19:41 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

======List of files/folders modified in the last 1 months======

2008-12-23 00:18:04 ----D---- C:\WINDOWS\system32
2008-12-23 00:12:26 ----D---- C:\WINDOWS\Temp
2008-12-23 00:09:02 ----D---- C:\WINDOWS\Prefetch
2008-12-22 21:07:19 ----D---- C:\WINDOWS\system32\drivers
2008-12-22 21:07:13 ----SD---- C:\WINDOWS\Tasks
2008-12-22 21:07:13 ----D---- C:\Documents and Settings
2008-12-22 20:42:00 ----SHD---- C:\WINDOWS\Installer
2008-12-22 20:42:00 ----HD---- C:\Config.Msi
2008-12-22 20:42:00 ----D---- C:\Program Files\Sonic
2008-12-22 20:42:00 ----D---- C:\Program Files\Common Files
2008-12-22 12:33:41 ----D---- C:\Program Files\Trend Micro
2008-12-22 12:19:59 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-22 09:54:08 ----A---- C:\WINDOWS\win.ini
2008-12-22 09:54:02 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-22 00:33:31 ----D---- C:\Program Files\Sony
2008-12-22 00:23:03 ----D---- C:\Program Files
2008-12-22 00:06:03 ----ASH---- C:\hpqp.ini
2008-12-21 23:16:07 ----A---- C:\XP_TV.ini
2008-12-21 23:00:55 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-21 18:14:44 ----D---- C:\Documents and Settings\Owner\Application Data\Move Networks
2008-12-21 18:14:15 ----D---- C:\Program Files\WildTangent
2008-12-21 18:13:55 ----D---- C:\WINDOWS
2008-12-21 17:52:04 ----HD---- C:\WINDOWS\inf
2008-12-20 21:19:54 ----D---- C:\Documents and Settings\Owner\Application Data\AdobeUM
2008-12-19 14:05:39 ----A---- C:\WINDOWS\cdplayer.ini
2008-12-15 10:44:51 ----A---- C:\WINDOWS\system.ini
2008-12-12 15:39:41 ----D---- C:\Documents and Settings\Owner\Application Data\Apple Computer
2008-12-12 15:39:39 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-12-11 20:05:49 ----D---- C:\WINDOWS\network diagnostic
2008-12-11 10:27:17 ----D---- C:\Program Files\Internet Explorer
2008-12-11 09:35:42 ----A---- C:\WINDOWS\imsins.BAK
2008-12-11 09:35:12 ----RSHD---- C:\WINDOWS\system32\dllcache
2008-12-11 09:34:03 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-09 16:24:38 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-04 13:01:29 ----D---- C:\WINDOWS\system32\Macromed
2008-12-03 09:19:45 ----D---- C:\Program Files\Common Files\Apple
2008-11-30 13:22:45 ----SD---- C:\WINDOWS\Downloaded Program Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 eabfiltr;EABFiltr; \??\C:\WINDOWS\system32\drivers\EABFiltr.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 mferkdk;VSCore mferkdk; \??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys []
R1 mfetdik;McAfee Inc.; C:\WINDOWS\system32\drivers\mfetdik.sys [2006-11-30 52136]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-16 13059]
R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 E100B;Intel® PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2005-11-03 157696]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAud.sys [2005-11-22 506880]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-08-21 1035008]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-08-21 201600]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-02 1353820]
R3 mfeapfk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeapfk.sys [2006-11-30 64360]
R3 mfeavfk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeavfk.sys [2006-11-30 72264]
R3 mfebopk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfebopk.sys [2006-11-30 34152]
R3 mfehidk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfehidk.sys [2006-11-30 168776]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-11-15 28928]
R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-10-31 51584]
R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-10-31 308992]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-11-10 191936]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w39n51;Intel® PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-12-17 1428096]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-08-21 718464]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2005-08-18 56648]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 eabusb;eabusb; \??\C:\WINDOWS\system32\drivers\eabusb.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-07 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-07 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-07 21744]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 Mvc25U870_VID_1262&PID_25FD;HP Webcam 1000; C:\WINDOWS\System32\Drivers\Mvc25U870.sys [2005-11-29 50560]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 ndiscm;Motorola SURFboard USB Cable Modem Windows Driver; C:\WINDOWS\system32\DRIVERS\NetMotCM.sys [2004-09-29 15360]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
S3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SMCIRDA;SMC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2001-08-17 35913]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 tbhsd;Tunebite High-Speed Dubbing; C:\WINDOWS\system32\drivers\tbhsd.sys [2006-06-21 15488]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-10-01 32000]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZD1211BU(SMC);802.11g Wireless USB2.0 Adapter Driver(SMC); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2006-08-24 477696]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 afisicx;afisicx Manages messages; C:\WINDOWS\system32\afisicx.exe [2004-08-04 47616]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2005-11-28 98304]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2005-10-22 69632]
R2 mabidwe;mabidwe Service; C:\WINDOWS\system32\mabidwe.exe [2004-08-04 47104]
R2 McAfeeFramework;McAfee Framework Service; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [2006-11-17 104000]
R2 McShield;McAfee McShield; C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe [2006-11-30 144960]
R2 McTaskManager;McAfee Task Manager; C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe [2006-11-30 54872]
R2 noytcyr;noytcyr Service; C:\WINDOWS\system32\noytcyr.exe [2004-08-04 47616]
R2 roytctm;roytctm Service; C:\WINDOWS\system32\roytctm.exe [2004-08-04 48128]
R2 soxpeca;soxpeca Service; C:\WINDOWS\system32\soxpeca.exe [2004-08-04 43520]
R2 tdydowkc;tdydowkc Service; C:\WINDOWS\system32\tdydowkc.exe [2004-08-04 47616]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R2 wsldoekd;wsldoekd Event propagation service; C:\WINDOWS\system32\wsldoekd.exe [2004-08-04 47616]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S2 afinding;afinding Service; C:\WINDOWS\system32\AFinding.exe []
S2 macidwe;macidwe Service; C:\WINDOWS\system32\macidwe.exe []
S2 nobicyt;nobicyt Service; C:\WINDOWS\system32\Nobicyt.exe []
S2 noxtcyr;noxtcyr Corporation inc.; C:\WINDOWS\system32\noxtcyr.exe []
S2 perfs;perfs Service; C:\WINDOWS\system32\perfs.exe []
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
S2 routing;routing Service; C:\WINDOWS\system32\routing.exe []
S2 roxtctm;roxtctm Event propagation service; C:\WINDOWS\system32\roxtctm.exe []
S2 sobicyt;sobicyt Service; C:\WINDOWS\system32\sobicyt.exe []
S2 solewxte;solewxte Service; C:\WINDOWS\system32\solewxte.exe []
S2 sotpeca;sotpeca Co. Ltd.; C:\WINDOWS\system32\sotpeca.exe []
S2 tdxdowkc;tdxdowkc Service; C:\WINDOWS\system32\tdxdowkc.exe []
S2 wserving;wserving Service; C:\WINDOWS\system32\WServing.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-09-16 138168]
S3 hpqwmi;HP WMI Interface; C:\Program Files\HPQ\Shared\hpqwmi.exe [2005-06-14 98304]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2005-12-28 1119888]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

-----------------EOF-----------------

Kaspersky:

C:\WINDOWS\system32\tmp0_157998596775.bk.old Infected: Trojan-Clicker.Win32.VB.cda 1

C:\WINDOWS\system32\tmp0_280172462603.bk.old Infected: Trojan.Win32.DNSChanger.inw 1

C:\WINDOWS\system32\tmp0_56272123240.bk.old Infected: Trojan-Downloader.Win32.Delf.pva 1

C:\WINDOWS\system32\tmp0_703624524120.bk.old Infected: Trojan-Downloader.Win32.Delf.pva 1

C:\WINDOWS\system32\tmp0_800751367397.bk.old Infected: Trojan-Downloader.Win32.Delf.pva 1

C:\WINDOWS\system32\tmpxr_103673845496.bk Infected: Trojan.Win32.Agent.aomo 1

C:\WINDOWS\system32\tmpxr_109467276937.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_113305631921.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_134984223206.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_135795301317.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_164620748413.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_171483685775.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_179698298256.bk Infected: Trojan.Win32.Agent.aomo 1

C:\WINDOWS\system32\tmpxr_182728691271.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_18443922149.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_185243306388.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_192375207832.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_193693428312.bk Infected: Trojan.Win32.Agent.auyg 1

C:\WINDOWS\system32\tmpxr_19993732628.bk Infected: Trojan.Win32.Agent.aomo 1

C:\WINDOWS\system32\tmpxr_20420585109.bk Infected: Trojan.Win32.Agent.aomo 1

C:\WINDOWS\system32\tmpxr_206151727915.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_206810388155.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_211258257140.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_22379435294.bk Infected: Trojan.Win32.Agent.atyc 1

C:\WINDOWS\system32\tmpxr_22605563712.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_229979398319.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_235978716371.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_241066353743.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_242311552828.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_255532281923.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_258535528215.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_25938055122.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_264437587713.bk Infected: Trojan.Win32.Agent.aomo 1

C:\WINDOWS\system32\tmpxr_265631694164.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_270848624647.bk Infected: Trojan.Win32.Agent.aomo 1

C:\WINDOWS\system32\tmpxr_27648587988.bk Infected: Trojan.Win32.Agent.aomo 1

C:\WINDOWS\system32\tmpxr_27657978618.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_284086801582.bk Infected: Trojan.Win32.Agent.aomo 1

C:\WINDOWS\system32\tmpxr_284551676256.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_29164114203.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_292763677208.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_296234220490.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_300711612306.bk Infected: Trojan.Win32.Agent.auyg 1

C:\WINDOWS\system32\tmpxr_319458349801.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_329362238148.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_330797106874.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_331259756522.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_359928480609.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_361698696769.bk Infected: Trojan.Win32.Agent.atyd 1

C:\WINDOWS\system32\tmpxr_367146120770.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_370891607412.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_370952682103.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_378339736344.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_382145397677.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_389830458367.bk Infected: Trojan.Win32.Agent.aoml 1

C:\WINDOWS\system32\tmpxr_396791560324.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_398339369575.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_399349349175.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_407736109710.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_409258644696.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_416098212060.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_423537550380.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_425302838538.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_433492307820.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_437816805658.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_442631201999.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_443350706706.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_457520368253.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_45784561719.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_466233722253.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_468011701483.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_468071776174.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_478691121856.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_482087799375.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_484856570551.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_489488538846.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_493099576284.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_507804526923.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_53174188347.bk Infected: Trojan.Win32.Agent.atyc 1

C:\WINDOWS\system32\tmpxr_535794658748.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_539720184055.bk Infected: Trojan.Win32.Agent.aomo 1

C:\WINDOWS\system32\tmpxr_546232368701.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_556257650375.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_568076187631.bk Infected: Trojan.Win32.Agent.atyd 1

C:\WINDOWS\system32\tmpxr_576129881392.bk Infected: Trojan.Win32.Agent.atyc 1

C:\WINDOWS\system32\tmpxr_583724662061.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_600450891984.bk Infected: Trojan.Win32.Agent.aomo 1

C:\WINDOWS\system32\tmpxr_60413945239.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_607270593745.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_61269493535.bk Infected: Trojan.Win32.Agent.atyd 1

C:\WINDOWS\system32\tmpxr_614232529478.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_616385752280.bk Infected: Trojan.Win32.Agent.auyg 1

C:\WINDOWS\system32\tmpxr_61925547467.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_621838191647.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_622473767854.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_633415263184.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_634626593935.bk Infected: Trojan.Win32.Agent.atyc 1

C:\WINDOWS\system32\tmpxr_639824241511.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_640398611403.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_64104876822.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_651255337213.bk Infected: Trojan.Win32.Agent.auyg 1

C:\WINDOWS\system32\tmpxr_655567504427.bk Infected: Trojan.Win32.Agent.auyg 1

C:\WINDOWS\system32\tmpxr_65862828473.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_667211828982.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_676284875651.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_678130204103.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_683082358691.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_685399134187.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_68736845118.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_688880102053.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_690506563412.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_697331672347.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_716986814218.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_721463306034.bk Infected: Trojan.Win32.Agent.auyg 1

C:\WINDOWS\system32\tmpxr_726393827661.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_747376714597.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_750942134483.bk Infected: Trojan.Win32.Agent.auyg 1

C:\WINDOWS\system32\tmpxr_756019179559.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_76046748545.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_766633497239.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_766923741909.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_768113598308.bk Infected: Trojan.Win32.Agent.aomo 1

C:\WINDOWS\system32\tmpxr_77201183480.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_782167226397.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_787897714498.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_79661167948.bk Infected: Trojan.Win32.Agent.afzn 1

C:\WINDOWS\system32\tmpxr_825224178948.bk Infected: Trojan.Win32.Agent.aoml 1

C:\WINDOWS\system32\tmpxr_827037163333.bk Infected: Trojan.Win32.Agent.aomo 1

C:\WINDOWS\system32\tmpxr_839176786881.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_841000639492.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_846054532266.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_847250540206.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_848858173066.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_863104455656.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_865943351291.bk Infected: Trojan.Win32.Agent.auyg 1

C:\WINDOWS\system32\tmpxr_87343993420.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_876142153153.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_883317581448.bk Infected: Trojan.Win32.Agent.afzn 1

C:\WINDOWS\system32\tmpxr_883359693314.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_8872940108.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_891686573109.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_89186219423.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_89501658731.bk Infected: Trojan.Win32.Agent.astn 1

C:\WINDOWS\system32\tmpxr_897194777850.bk Infected: Trojan.Win32.Agent.aqfq 1

C:\WINDOWS\system32\tmpxr_94006631042.bk Infected: Trojan.Win32.Agent.atge 1

C:\WINDOWS\system32\tmpxr_97258403325.bk Infected: Trojan.Win32.Agent.atyd 1

C:\WINDOWS\system32\udxfytw.sys Infected: Trojan.Win32.Agent.aldd 1

BC AdBot (Login to Remove)

 


#2 maranatha

maranatha

    Whats That !


  • Malware Response Team
  • 1,229 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Seattle Washington
  • Local time:10:16 AM

Posted 28 December 2008 - 02:30 AM

Hi seancbass,
Welcome to Bleeping Computer.
I'm maranatha and I will be handling your log to help you get cleaned up. I am a student here at BC so all my posts will be checked by one of our experts, so there may be a slight delay between posts.

I see you have P2P software ( Limewire, BearShare, BitTorrent uTorrent etc… ) installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It may be contributing to your current situation. This page will give you further information.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares and their infections.

References for the risk of these programs are here, and here.

I would strongly recommend that you uninstall them,

Please respond to this post so I know you still need help.

Thanks
maranatha

Windows7 Professional 64 Bit

 

I'm going in the wrong direction to be in a hurry!


unite_mo.jpg


My help is always free, But I do accept donations.
Donate Here


#3 Carolyn

Carolyn

    Bleepin' kitten


  • Members
  • 2,131 posts
  • OFFLINE
  •  
  • Local time:12:16 PM

Posted 05 January 2009 - 12:04 PM

Due to the lack of feedback, this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team
a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
Member of ASAP (Alliance of Security Analysis Professionals)
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users