Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

using RSIT


  • This topic is locked This topic is locked
2 replies to this topic

#1 vernel1008

vernel1008

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:16 AM

Posted 17 January 2009 - 07:19 AM

Logfile of random's system information tool 1.05 (written by random/random)
Run by Mommy at 2009-01-17 20:17:05
Microsoft Windows XP Professional Service Pack 2
System drive C: has 24 GB (32%) free of 76 GB
Total RAM: 503 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:17:32, on 1/17/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\GreedyTorrent\GTor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Documents and Settings\Mommy\My Documents\RSIT.exe
C:\Program Files\trend micro\Mommy.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.compaq.com/1Q00CDT/0409/bl7.asp
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: SrchHook Class - {F4F10C1D-87C7-404A-B4B3-000000000000} - C:\PROGRA~1\DAP\SBSearch.dll (file missing)
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {6C350DFC-885F-4296-82E3-6428DD982099} - (no file)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\msgr.en-us.zh-sg\msntb.dll (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe /EnsureFileVersions
O4 - HKLM\..\Run: [CTCheck] C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
O4 - HKLM\..\Run: [SpeedBitVideoAccelerator] "C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Captcha5] rundll "C:\Program Files\captcha5.dll",captcha
O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKCU\..\Run: [GreedyTorrent] "C:\Program Files\GreedyTorrent\GTor.exe" -tray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe"
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.05\AMVConverter\grab.html
O8 - Extra context menu item: Add to Media Manager... - C:\Program Files\MP3 Player Utilities 4.05\MediaManager\grab.html
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler\Fiddler.exe" (file missing)
O9 - Extra 'Tools' menuitem: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler\Fiddler.exe" (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase5036.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1219126228859
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab
O20 - Winlogon Notify: RelevantKnowledge - C:\Program Files\RelevantKnowledge\rlls.dll
O20 - Winlogon Notify: wvUkHWQJ - wvUkHWQJ.dll (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: distributed.net client (dnetc) - Unknown owner - C:\WINDOWS\dnetc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) - Unknown owner - C:\Program Files\websrv\websrv.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: VideoAcceleratorService - Unknown owner - C:\PROGRA~1\SpeedBit Video Accelerator\VideoAcceleratorService.exe (file missing)

--
End of file - 12247 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class - C:\Program Files\Orbitdownloader\orbitcth.dll [2008-12-19 134344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}]
Yahoo! IE Services Button - C:\Program Files\Yahoo!\Common\yiesrvc.dll [2007-12-13 222448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C350DFC-885F-4296-82E3-6428DD982099}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-12 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-07 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-01-07 657904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-01-07 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-12 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-12 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - C:\Program Files\Orbitdownloader\GrabPro.dll [2008-12-19 482424]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - MSN Toolbar - C:\Program Files\MSN Toolbar\01.01.2607.0\msgr.en-us.zh-sg\msntb.dll []
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-07 251504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"srmclean"=C:\Cpqs\Scom\srmclean.exe [2001-07-25 36864]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"MP10_EnsureFileVer"=C:\WINDOWS\inf\unregmp2.exe [2004-08-04 208896]
"CTCheck"=C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe [2007-11-07 397312]
"SpeedBitVideoAccelerator"=C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe []
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-12 136600]
"Captcha5"=rundll C:\Program Files\captcha5.dll []
"wcmdmgr"=C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch []
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2008-10-14 623992]
""= []
"Adobe_ID0EYTHM"=C:\PROGRA~1\COMMON~1\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [2007-03-20 1884160]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GreedyTorrent"=C:\Program Files\GreedyTorrent\GTor.exe [2007-03-09 2526661]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"BitTorrent"=C:\Program Files\BitTorrent\bittorrent.exe [2008-09-27 634672]
"Uniblue RegistryBooster 2"=C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S []
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-08-05 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax]
C:\Program Files\Innovative Solutions\DriverMax\devices.exe [2008-10-18 5344600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DW6]
C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Mommy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-07 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
C:\Program Files\Nero\Nero8\InCD\InCD.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Search Protection]
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2008-10-07 111856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc]
C:\Program Files\Nero\Nero8\InCD\NBHGui.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetRefresh]
C:\Program Files\Compaq\SetRefresh\SetRefresh.exe [2003-11-06 524800]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartRAM]
C:\Program Files\IObit\Advanced WindowsCare V2\MemCleaner.exe /m []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE [2007-08-31 4670704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2008-10-07 111856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1999-11-05 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BTTray.lnk]
C:\PROGRA~1\WIDCOMM\Bluetooth Software\BTTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AVP"=2
"TuneUp.Defrag"=3
"PLFlash DeviceIoControl Service"=2
"ose"=3
"odserv"=3
"NMIndexingService"=3
"IDriverT"=3
"gusvc"=2
"btwdins"=2

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxsrvc.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RelevantKnowledge]
C:\Program Files\RelevantKnowledge\rlls.dll [2008-12-19 348160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wvUkHWQJ]
wvUkHWQJ.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-19 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{6C350DFC-885F-4296-82E3-6428DD982099}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINDOWS\system32\pmnljKbC

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=
"NoPopUpsOnBoot"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\GreedyTorrent\GTor.exe"="C:\Program Files\GreedyTorrent\GTor.exe:*:Enabled:GTor"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\english\setup.exe"="C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\english\setup.exe:*:Enabled:Kaspersky Internet Security 2009 Setup"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\softnyx\GunboundWC\GunBound.gme"="C:\Program Files\softnyx\GunboundWC\GunBound.gme:*:Enabled:GunBound"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe:*:Enabled:Kaspersky Anti-Virus"
"C:\Program Files\Nero\Nero8\Nero ShowTime\ShowTime.exe"="C:\Program Files\Nero\Nero8\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime"
"C:\WINDOWS\Temp\~osE.tmp\ossproxy.exe"="C:\WINDOWS\Temp\~osE.tmp\ossproxy.exe:*:Enabled:ossproxy.exe"
"C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe"="C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe:*:Enabled:VideoAccelerator"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\websrv\websrv.exe"="C:\Program Files\websrv\websrv.exe:*:Enabled:websrv"
"C:\Documents and Settings\Mommy\Local Settings\Temp\~osC.tmp\ossproxy.exe"="C:\Documents and Settings\Mommy\Local Settings\Temp\~osC.tmp\ossproxy.exe:*:Enabled:ossproxy.exe"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"c:\program files\relevantknowledge\rlvknlg.exe"="c:\program files\relevantknowledge\rlvknlg.exe:*:Enabled:rlvknlg.exe"
"C:\Program Files\Orbitdownloader\orbitdm.exe"="C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit"
"C:\Program Files\Orbitdownloader\orbitnet.exe"="C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit"
"C:\Documents and Settings\Mommy\Grand Chase\main.exe"="C:\Documents and Settings\Mommy\Grand Chase\main.exe:*:Enabled:GrandChase"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe"="C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C]
shell\AutoRun\command - C:\HPSecure\Windows\HPSecure30.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2f48e632-60e8-11dd-bfa6-000ffe1c0063}]
shell\AutoRun\command - ukgki.cmd
shell\explore\command - ukgki.cmd
shell\open\command - ukgki.cmd

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a674f3e5-66f4-11dd-bfcd-000ffe1c0063}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MyMP3.vbs


======File associations======

.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"
.scr - open - "C:\WINDOWS\notepad.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 3 months======

2009-01-17 20:16:28 ----D---- C:\rsit
2009-01-17 20:16:28 ----D---- C:\Program Files\trend micro
2009-01-11 11:29:56 ----D---- C:\Program Files\Luxor 2
2009-01-11 11:29:27 ----D---- C:\Documents and Settings\All Users\Application Data\Trymedia
2009-01-11 11:00:05 ----D---- C:\Program Files\MumboJumbo
2009-01-10 22:19:36 ----A---- C:\WINDOWS\system32\ShellManager310E2D762.dll
2009-01-02 00:57:32 ----D---- C:\Documents and Settings\All Users\Application Data\MumboJumbo
2009-01-02 00:56:46 ----A---- C:\WINDOWS\DNETC.INI
2009-01-02 00:55:50 ----D---- C:\Program Files\Luxor 3
2009-01-01 21:06:12 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet
2009-01-01 20:54:02 ----D---- C:\Program Files\Common Files\Control Panels
2009-01-01 20:50:48 ----D---- C:\Documents and Settings\All Users\Application Data\ALM
2009-01-01 20:42:30 ----D---- C:\Program Files\QuickTime
2009-01-01 20:33:48 ----A---- C:\WINDOWS\system32\NPSWF32_FlashUtil.exe
2009-01-01 20:33:48 ----A---- C:\WINDOWS\system32\NPSWF32.dll
2009-01-01 20:24:34 ----D---- C:\Program Files\Bonjour
2008-12-31 13:49:47 ----HDC---- C:\WINDOWS\$NtUninstallKB899587$
2008-12-31 13:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB927779$
2008-12-31 13:49:30 ----HDC---- C:\WINDOWS\$NtUninstallKB927802$
2008-12-31 13:49:21 ----HDC---- C:\WINDOWS\$NtUninstallKB885836$
2008-12-31 13:49:11 ----HDC---- C:\WINDOWS\$NtUninstallKB937894$
2008-12-31 13:48:59 ----HDC---- C:\WINDOWS\$NtUninstallKB928255$
2008-12-31 13:48:50 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$
2008-12-31 13:48:41 ----HDC---- C:\WINDOWS\$NtUninstallKB901017$
2008-12-31 13:48:33 ----HDC---- C:\WINDOWS\$NtUninstallKB899591$
2008-12-31 13:48:17 ----HDC---- C:\WINDOWS\$NtUninstallKB920685$
2008-12-31 13:47:37 ----HDC---- C:\WINDOWS\$NtUninstallKB893756$
2008-12-31 13:47:19 ----HDC---- C:\WINDOWS\$NtUninstallKB923980$
2008-12-31 13:47:06 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$
2008-12-31 13:46:52 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$
2008-12-31 13:46:39 ----HDC---- C:\WINDOWS\$NtUninstallKB938828$
2008-12-31 13:46:23 ----HDC---- C:\WINDOWS\$NtUninstallKB924667$
2008-12-31 13:46:11 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$
2008-12-31 13:45:58 ----HDC---- C:\WINDOWS\$NtUninstallKB900485$
2008-12-31 13:45:41 ----HDC---- C:\WINDOWS\$NtUninstallKB924270$
2008-12-31 13:45:26 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$
2008-12-31 13:45:09 ----HDC---- C:\WINDOWS\$NtUninstallKB873339$
2008-12-31 13:44:55 ----HDC---- C:\WINDOWS\$NtUninstallKB936357$
2008-12-31 13:44:42 ----HDC---- C:\WINDOWS\$NtUninstallKB887472$
2008-12-31 13:44:33 ----HDC---- C:\WINDOWS\$NtUninstallKB946026$
2008-12-31 13:44:17 ----HDC---- C:\WINDOWS\$NtUninstallKB896358$
2008-12-31 13:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB925902$
2008-12-31 13:43:41 ----HDC---- C:\WINDOWS\$NtUninstallKB929123$
2008-12-31 13:43:27 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$
2008-12-31 13:43:17 ----HDC---- C:\WINDOWS\$NtUninstallKB891781$
2008-12-31 13:43:03 ----HDC---- C:\WINDOWS\$NtUninstallKB918439$
2008-12-31 13:42:44 ----HDC---- C:\WINDOWS\$NtUninstallKB902400$
2008-12-31 13:42:27 ----HDC---- C:\WINDOWS\$NtUninstallKB926436$
2008-12-31 13:42:14 ----HDC---- C:\WINDOWS\$NtUninstallKB920872$
2008-12-31 13:41:54 ----HDC---- C:\WINDOWS\$NtUninstallKB930178$
2008-12-31 13:41:44 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$
2008-12-31 13:41:31 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$
2008-12-31 13:41:23 ----HDC---- C:\WINDOWS\$NtUninstallKB932168$
2008-12-31 13:40:38 ----HDC---- C:\WINDOWS\$NtUninstallKB930916$
2008-12-30 20:29:06 ----HDC---- C:\WINDOWS\$NtUninstallKB943460$
2008-12-30 20:28:58 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-30 20:28:45 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-30 20:28:38 ----HDC---- C:\WINDOWS\$NtUninstallKB933729$
2008-12-30 20:25:10 ----HDC---- C:\WINDOWS\$NtUninstallKB927891$
2008-12-30 20:24:59 ----HDC---- C:\WINDOWS\$NtUninstallKB925398_WMP64$
2008-12-30 20:24:05 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$
2008-12-30 20:23:48 ----HDC---- C:\WINDOWS\$NtUninstallKB911564$
2008-12-30 20:22:52 ----HDC---- C:\WINDOWS\$NtUninstallKB901214$
2008-12-30 20:22:45 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$
2008-12-30 20:22:37 ----HDC---- C:\WINDOWS\$NtUninstallKB922582$
2008-12-30 20:22:27 ----HDC---- C:\WINDOWS\$NtUninstallKB918118$
2008-12-30 20:22:20 ----HDC---- C:\WINDOWS\$NtUninstallKB926255$
2008-12-30 20:22:12 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$
2008-12-30 20:22:04 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$
2008-12-30 20:21:53 ----HDC---- C:\WINDOWS\$NtUninstallKB920213$
2008-12-30 20:21:46 ----HDC---- C:\WINDOWS\$NtUninstallKB935840$
2008-12-30 20:21:39 ----HDC---- C:\WINDOWS\$NtUninstallKB943485$
2008-12-30 20:21:32 ----HDC---- C:\WINDOWS\$NtUninstallKB945553$
2008-12-30 20:21:23 ----HDC---- C:\WINDOWS\$NtUninstallKB886185$
2008-12-30 20:18:04 ----HDC---- C:\WINDOWS\$NtUninstallKB916595$
2008-12-30 20:17:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-12-30 20:17:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$
2008-12-30 20:16:49 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$
2008-12-30 20:16:39 ----HDC---- C:\WINDOWS\$NtUninstallKB908531$
2008-12-30 20:16:30 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$
2008-12-30 20:16:17 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-30 20:16:10 ----HDC---- C:\WINDOWS\$NtUninstallKB913580$
2008-12-30 20:15:58 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-30 20:15:53 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$
2008-12-30 20:15:46 ----HDC---- C:\WINDOWS\$NtUninstallKB935839$
2008-12-30 20:15:36 ----HDC---- C:\WINDOWS\$NtUninstallKB943055$
2008-12-30 20:15:26 ----HDC---- C:\WINDOWS\$NtUninstallKB894391$
2008-12-30 20:15:12 ----HDC---- C:\WINDOWS\$NtUninstallKB908519$
2008-12-30 20:15:06 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$
2008-12-30 20:14:57 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$
2008-12-30 20:14:45 ----HDC---- C:\WINDOWS\$NtUninstallKB944653$
2008-12-30 20:14:37 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$
2008-12-30 20:14:18 ----HDC---- C:\WINDOWS\$NtUninstallKB928843$
2008-12-29 13:32:54 ----A---- C:\WINDOWS\system32\Utility.dll
2008-12-29 13:32:23 ----A---- C:\WINDOWS\system32\vbar332.dll
2008-12-26 11:58:13 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-12-26 11:58:01 ----D---- C:\Program Files\Windows Live
2008-12-26 11:57:50 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-12-26 11:56:10 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2008-12-26 11:52:32 ----D---- C:\Program Files\MSN Toolbar
2008-12-25 18:21:31 ----D---- C:\Program Files\Level Up
2008-12-24 09:57:39 ----D---- C:\Program Files\GameHouse
2008-12-24 09:34:57 ----D---- C:\Program Files\Zuma Deluxe
2008-12-24 01:26:54 ----A---- C:\WINDOWS\system32\VB40032.DLL
2008-12-24 01:26:54 ----A---- C:\WINDOWS\system32\NET32THK.DLL
2008-12-24 01:26:54 ----A---- C:\WINDOWS\system32\NET16THK.DLL
2008-12-24 01:26:51 ----A---- C:\WINDOWS\system32\W95FIBER.DLL
2008-12-24 01:26:51 ----A---- C:\WINDOWS\system32\REGACAD.DLL
2008-12-24 01:26:48 ----A---- C:\WINDOWS\system32\MTSTACK.EXE
2008-12-24 01:26:48 ----A---- C:\WINDOWS\system32\ADRESC.DLL
2008-12-24 01:26:48 ----A---- C:\WINDOWS\system32\ACADFICN.DLL
2008-12-24 01:24:11 ----A---- C:\WINDOWS\uninst.exe
2008-12-24 01:16:03 ----D---- C:\Program Files\Paint Shop Pro 5
2008-12-24 01:02:46 ----D---- C:\Program Files\Autodesk
2008-12-24 01:02:43 ----D---- C:\Program Files\Common Files\Macrovision Shared
2008-12-24 01:01:34 ----D---- C:\Program Files\AnswerWorks 4.0
2008-12-24 01:00:08 ----D---- C:\Programme
2008-12-24 01:00:08 ----D---- C:\Program Files\Common Files\Autodesk Shared
2008-12-24 01:00:08 ----D---- C:\Documents and Settings\Mommy\Application Data\Autodesk
2008-12-24 01:00:08 ----D---- C:\Documents and Settings\All Users\Application Data\Autodesk
2008-12-24 00:48:08 ----D---- C:\WINDOWS\wt
2008-12-24 00:38:53 ----D---- C:\Program Files\Orbitdownloader
2008-12-23 17:06:27 ----D---- C:\Documents and Settings\Mommy\Application Data\Media Player Classic
2008-12-23 16:49:59 ----A---- C:\WINDOWS\system32\unrar.dll
2008-12-23 16:49:57 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2008-12-23 16:49:57 ----A---- C:\WINDOWS\system32\huffyuv.dll
2008-12-23 16:49:56 ----A---- C:\WINDOWS\system32\x264vfw.dll
2008-12-23 16:49:56 ----A---- C:\WINDOWS\system32\vp7vfw.dll
2008-12-23 16:49:56 ----A---- C:\WINDOWS\system32\vp6vfw.dll
2008-12-23 16:49:55 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2008-12-23 16:49:55 ----A---- C:\WINDOWS\system32\xvidcore.dll
2008-12-23 16:49:55 ----A---- C:\WINDOWS\system32\qt-dx331.dll
2008-12-23 16:49:55 ----A---- C:\WINDOWS\system32\dpl100.dll
2008-12-23 16:49:54 ----A---- C:\WINDOWS\system32\divx.dll
2008-12-23 16:49:53 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2008-12-23 16:49:53 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2008-12-23 16:49:51 ----D---- C:\Program Files\K-Lite Codec Pack
2008-12-23 16:30:18 ----A---- C:\WINDOWS\system32\viscomwave.dll
2008-12-23 16:30:18 ----A---- C:\WINDOWS\system32\viscomtran.dll
2008-12-23 16:30:18 ----A---- C:\WINDOWS\system32\viscomrmencoder.dll
2008-12-23 16:30:18 ----A---- C:\WINDOWS\system32\viscomqtde.dll
2008-12-23 16:30:17 ----A---- C:\WINDOWS\system32\viscommpgenc.dll
2008-12-23 16:30:17 ----A---- C:\WINDOWS\system32\viscommpgdec.dll
2008-12-23 16:30:17 ----A---- C:\WINDOWS\system32\viscomframe.dll
2008-12-23 16:30:17 ----A---- C:\WINDOWS\system32\viscomflvenc.dll
2008-12-23 16:30:17 ----A---- C:\WINDOWS\system32\viscomflvdec.dll
2008-12-23 16:30:16 ----A---- C:\WINDOWS\system32\viscomflashenc.dll
2008-12-23 16:30:16 ----A---- C:\WINDOWS\system32\viscomdata2.dll
2008-12-23 16:30:16 ----A---- C:\WINDOWS\system32\viscomdata1.dll
2008-12-23 16:30:16 ----A---- C:\WINDOWS\system32\viscomaudioencoder.dll
2008-12-23 16:30:16 ----A---- C:\WINDOWS\system32\viscomaudiodata.dll
2008-12-23 16:30:15 ----A---- C:\WINDOWS\system32\videotrans.dll
2008-12-23 16:30:15 ----A---- C:\WINDOWS\system32\videoformat.dll
2008-12-23 16:30:15 ----A---- C:\WINDOWS\system32\videocore.dll
2008-12-23 16:30:14 ----A---- C:\WINDOWS\system32\imgscaler.dll
2008-12-23 16:30:14 ----A---- C:\WINDOWS\system32\img_utils.dll
2008-12-23 16:30:14 ----A---- C:\WINDOWS\system32\gdiplus.dll
2008-12-23 16:30:10 ----A---- C:\WINDOWS\system32\xvid.dll
2008-12-23 16:30:09 ----D---- C:\Program Files\Zealot Software
2008-12-23 16:10:43 ----D---- C:\Program Files\Free PDF to Word Doc Converter
2008-12-23 15:49:27 ----D---- C:\Program Files\Davis Software
2008-12-23 15:40:37 ----D---- C:\Program Files\Solveig Multimedia
2008-12-23 03:10:55 ----D---- C:\DVDVideoSoft
2008-12-23 03:10:32 ----D---- C:\Program Files\DVDVideoSoft
2008-12-23 03:10:32 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2008-12-23 03:03:03 ----D---- C:\My Videos
2008-12-23 02:58:12 ----D---- C:\Documents and Settings\All Users\Application Data\AMV Converter Studio
2008-12-22 23:59:38 ----D---- C:\Program Files\Total Video Converter
2008-12-22 09:48:59 ----D---- C:\EasyVideoConvert
2008-12-22 09:47:23 ----A---- C:\WINDOWS\system32\WNASPI32.DLL
2008-12-21 19:50:40 ----D---- C:\Program Files\MP3 Player Utilities 3.57
2008-12-21 19:50:17 ----RA---- C:\WINDOWS\AmvTransform.ini
2008-12-21 19:50:17 ----RA---- C:\WINDOWS\AmvPlayer.ini
2008-12-19 12:25:50 ----D---- C:\Documents and Settings\Mommy\Application Data\Uniblue
2008-12-16 20:48:59 ----RSH---- C:\Program Files\captcha5.dll
2008-12-15 07:01:51 ----H---- C:\WINDOWS\bolivar30.exe
2008-12-12 22:40:27 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-12 22:40:27 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-12 22:40:27 ----A---- C:\WINDOWS\system32\java.exe
2008-12-07 15:41:01 ----D---- C:\Documents and Settings\Mommy\Application Data\GanymedeNet
2008-12-05 12:06:27 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-12-05 09:32:57 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2008-12-05 09:31:24 ----D---- C:\WINDOWS\network diagnostic
2008-12-05 09:31:23 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
2008-12-05 09:31:03 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
2008-12-03 04:51:10 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-12-03 04:51:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-12-03 04:50:53 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-12-03 04:50:44 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-12-03 04:50:36 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-12-03 04:50:26 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-12-03 04:50:18 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-12-03 04:50:11 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-12-03 04:49:59 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-12-03 04:49:49 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-12-03 04:49:25 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-12-03 04:49:16 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-12-03 04:49:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-12-03 04:49:00 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-12-03 04:48:53 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2008-12-03 04:48:22 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-12-03 04:48:15 ----HDC---- C:\WINDOWS\$NtUninstallKB885884$
2008-12-03 04:48:04 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-12-03 04:47:42 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-12-03 04:47:20 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-12-03 04:47:07 ----D---- C:\Program Files\MSXML 4.0
2008-12-03 04:46:50 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2008-12-01 20:57:04 ----D---- C:\Documents and Settings\Mommy\Application Data\NCH Swift Sound
2008-12-01 20:57:02 ----D---- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
2008-12-01 20:55:28 ----D---- C:\Program Files\NCH Swift Sound
2008-12-01 20:47:40 ----A---- C:\WINDOWS\MediaManager.INI
2008-12-01 20:03:07 ----D---- C:\Program Files\MP3 to WAV Decoder
2008-12-01 12:43:57 ----D---- C:\Program Files\Kwyshell
2008-11-29 20:37:44 ----D---- C:\Program Files\Free PowerPoint-PPT to Pdf Converter
2008-11-22 12:58:38 ----D---- C:\Program Files\RelevantKnowledge
2008-11-22 12:42:12 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2008-11-22 12:42:03 ----D---- C:\Documents and Settings\All Users\Application Data\SpeedBit
2008-11-22 12:41:54 ----D---- C:\Program Files\DAP
2008-11-22 12:40:42 ----D---- C:\Program Files\SpeedBit Video Accelerator
2008-11-21 11:23:50 ----D---- C:\Documents and Settings\Mommy\Application Data\PlayFirst
2008-11-21 11:23:50 ----D---- C:\Documents and Settings\All Users\Application Data\PlayFirst
2008-11-09 18:51:17 ----D---- C:\Documents and Settings\Mommy\Application Data\Wireshark
2008-11-09 11:19:38 ----D---- C:\Program Files\VisualKore
2008-11-08 22:53:43 ----A---- C:\WINDOWS\unvise32qt.exe
2008-11-08 22:51:51 ----D---- C:\Documents and Settings\All Users\Application Data\QuickTime
2008-11-08 22:51:11 ----D---- C:\Program Files\The Rosetta Stone
2008-11-08 20:52:18 ----D---- C:\Program Files\WinPcap
2008-11-08 19:10:10 ----D---- C:\Program Files\DAEMON Tools Lite
2008-11-07 23:05:02 ----D---- C:\Program Files\Microsoft Reader
2008-11-07 23:05:02 ----A---- C:\WINDOWS\DASShp.dll
2008-11-03 21:54:21 ----D---- C:\Program Files\Lavasoft
2008-11-01 17:28:27 ----D---- C:\Program Files\MP3 Player Utilities 4.05
2008-11-01 12:03:33 ----D---- C:\Documents and Settings\Mommy\Application Data\Creative
2008-11-01 11:48:46 ----N---- C:\WINDOWS\Ctregrun.exe
2008-11-01 11:47:38 ----N---- C:\WINDOWS\system32\msxml3a.dll
2008-11-01 11:47:29 ----D---- C:\Program Files\Audible
2008-11-01 11:46:34 ----D---- C:\Documents and Settings\All Users\Application Data\Creative
2008-11-01 11:45:28 ----N---- C:\WINDOWS\system32\CTSVCCTL.EXE
2008-11-01 11:45:28 ----N---- C:\WINDOWS\system32\CTSVCCDA.EXE
2008-11-01 11:45:00 ----D---- C:\Program Files\Common Files\Creative
2008-11-01 11:44:58 ----HD---- C:\Program Files\Creative Installation Information
2008-11-01 11:44:54 ----D---- C:\Program Files\Creative
2008-11-01 11:44:40 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-11-01 11:44:32 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
2008-11-01 11:43:37 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2008-11-01 11:42:38 ----D---- C:\WINDOWS\system32\LogFiles
2008-11-01 11:42:25 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2008-11-01 09:28:21 ----D---- C:\Program Files\LRC Editor 4
2008-11-01 08:46:19 ----D---- C:\Program Files\Macrobject
2008-11-01 08:46:19 ----A---- C:\WINDOWS\system32\mo_pcre.dll
2008-11-01 08:13:00 ----D---- C:\Program Files\ABC Amber CHM Converter
2008-10-28 04:56:22 ----D---- C:\Documents and Settings\Mommy\Application Data\DAEMON Tools
2008-10-27 13:01:35 ----D---- C:\Program Files\Common Files\INCA Shared
2008-10-27 05:13:52 ----D---- C:\Program Files\softnyx
2008-10-25 14:01:12 ----A---- C:\WINDOWS\system32\wpa.bak
2008-10-25 13:55:58 ----D---- C:\WINDOWS\Prefetch
2008-10-25 13:49:16 ----A---- C:\AUTOEXEC.BAT
2008-10-25 13:48:03 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-10-25 13:47:56 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-10-25 13:47:29 ----A---- C:\WINDOWS\system32\desktop.ini
2008-10-25 13:47:29 ----A---- C:\WINDOWS\desktop.ini
2008-10-25 13:46:27 ----D---- C:\Program Files\ComPlus Applications
2008-10-25 13:08:46 ----RA---- C:\WINDOWS\SET42.tmp
2008-10-25 13:08:42 ----RA---- C:\WINDOWS\SET36.tmp
2008-10-25 13:08:40 ----RA---- C:\WINDOWS\SET33.tmp
2008-10-25 13:04:32 ----A---- C:\WINDOWS\pnplog.txt
2008-10-25 12:58:44 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-10-25 12:58:44 ----A---- C:\WINDOWS\system32\irclass.dll
2008-10-25 12:58:28 ----RA---- C:\WINDOWS\SET7C.tmp
2008-10-25 12:58:23 ----RA---- C:\WINDOWS\SET70.tmp
2008-10-25 12:58:21 ----RA---- C:\WINDOWS\SET6D.tmp
2008-10-25 10:25:56 ----D---- C:\Config.Msi
2008-10-25 06:56:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-24 12:35:31 ----A---- C:\WINDOWS\system32\results.txt
2008-10-24 12:35:27 ----D---- C:\Program Files\Atheros
2008-10-24 12:23:40 ----D---- C:\temp
2008-10-24 11:34:38 ----D---- C:\HPSecure
2008-10-24 11:23:33 ----D---- C:\Program Files\Hewlett-Packard
2008-10-24 11:09:25 ----D---- C:\WINDOWS\Drivers
2008-10-24 10:52:03 ----D---- C:\Program Files\HP
2008-10-24 09:29:21 ----D---- C:\Program Files\Conduit
2008-10-24 09:29:18 ----D---- C:\Program Files\RadarSync
2008-10-24 09:13:24 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-10-24 04:28:01 ----D---- C:\Documents and Settings\Mommy\Application Data\Ambient Design
2008-10-24 04:20:13 ----D---- C:\Program Files\Ambient Design
2008-10-24 01:47:16 ----D---- C:\Program Files\Windows Live Safety Center
2008-10-24 00:37:22 ----D---- C:\Program Files\Innovative Solutions
2008-10-23 20:18:28 ----D---- C:\WINDOWS\system32\20020624WinHecT19c
2008-10-23 20:11:36 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2008-10-23 20:11:36 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2008-10-23 20:11:35 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2008-10-23 20:11:35 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2008-10-23 20:11:35 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2008-10-23 20:11:34 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2008-10-23 20:11:34 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2008-10-23 20:11:34 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2008-10-23 20:11:34 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2008-10-23 20:11:33 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2008-10-23 20:11:33 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2008-10-23 20:11:33 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2008-10-23 20:11:33 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2008-10-23 20:11:32 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2008-10-23 20:11:32 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2008-10-23 20:11:32 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2008-10-23 20:11:31 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2008-10-23 20:11:31 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2008-10-23 20:11:31 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2008-10-23 20:11:31 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2008-10-23 20:11:30 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2008-10-23 20:11:30 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2008-10-23 20:11:30 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2008-10-23 20:11:29 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2008-10-23 20:11:29 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2008-10-23 20:11:29 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2008-10-23 20:11:29 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2008-10-23 20:11:29 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2008-10-23 20:11:29 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2008-10-23 20:11:28 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2008-10-23 20:11:28 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2008-10-23 20:11:28 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2008-10-23 20:11:28 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2008-10-23 20:11:28 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2008-10-23 20:11:27 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2008-10-23 20:11:27 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2008-10-23 20:11:25 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2008-10-23 20:11:24 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2008-10-23 20:11:24 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2008-10-23 20:11:24 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2008-10-23 20:11:23 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2008-10-23 20:11:23 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2008-10-23 20:11:23 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2008-10-23 20:11:23 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2008-10-23 20:11:22 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2008-10-23 20:11:22 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2008-10-23 20:11:22 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2008-10-23 20:11:21 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2008-10-23 20:11:19 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2008-10-23 20:11:19 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2008-10-23 20:11:18 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2008-10-23 20:11:18 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2008-10-23 20:11:18 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2008-10-23 20:11:18 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2008-10-23 20:11:17 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2008-10-23 20:11:15 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2008-10-23 19:42:30 ----HD---- C:\WINDOWS\msdownld.tmp
2008-10-23 19:41:03 ----D---- C:\WINDOWS\Logs
2008-10-23 18:56:41 ----D---- C:\Documents and Settings\Mommy\Application Data\TuneUp Software
2008-10-23 12:15:39 ----RD---- C:\Program Files\TypingMaster
2008-10-23 10:50:28 ----A---- C:\WINDOWS\system32\WS2Fix.exe
2008-10-23 10:50:28 ----A---- C:\WINDOWS\system32\VCCLSID.exe
2008-10-23 10:50:28 ----A---- C:\WINDOWS\system32\swxcacls.exe
2008-10-23 09:27:16 ----D---- C:\14e6e8d018619f09992de6ca0c
2008-10-23 07:31:23 ----A---- C:\rapport.txt
2008-10-23 07:07:54 ----A---- C:\WINDOWS\system32\VACFix.exe
2008-10-23 07:07:54 ----A---- C:\WINDOWS\system32\swsc.exe
2008-10-23 07:07:54 ----A---- C:\WINDOWS\system32\swreg.exe
2008-10-23 07:07:54 ----A---- C:\WINDOWS\system32\SrchSTS.exe
2008-10-23 07:07:54 ----A---- C:\WINDOWS\system32\Process.exe
2008-10-23 07:07:54 ----A---- C:\WINDOWS\system32\o4Patch.exe
2008-10-23 07:07:54 ----A---- C:\WINDOWS\system32\IEDFix.exe
2008-10-23 07:07:54 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
2008-10-23 07:07:54 ----A---- C:\WINDOWS\system32\dumphive.exe
2008-10-23 07:07:54 ----A---- C:\WINDOWS\system32\AntiXPVSTFix.exe
2008-10-23 07:07:54 ----A---- C:\WINDOWS\system32\404Fix.exe
2008-10-23 06:26:32 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-10-23 05:41:22 ----D---- C:\WINDOWS\ERDNT
2008-10-23 05:41:19 ----A---- C:\WINDOWS\system32\CF25802.exe
2008-10-23 02:34:25 ----D---- C:\Documents and Settings\All Users\Application Data\Avg8
2008-10-23 01:58:50 ----D---- C:\Documents and Settings\Mommy\Application Data\IObit
2008-10-22 17:17:14 ----ASH---- C:\WINDOWS\system32\CbKjlnmp.ini2
2008-10-22 17:17:13 ----ASH---- C:\WINDOWS\system32\CbKjlnmp.ini
2008-10-22 16:13:25 ----D---- C:\Program Files\RegBoost
2008-10-22 15:35:37 ----ASH---- C:\WINDOWS\system32\SCfNqBeg.ini2
2008-10-22 15:35:37 ----ASH---- C:\WINDOWS\system32\SCfNqBeg.ini
2008-10-22 14:14:42 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-10-22 13:27:38 ----ASH---- C:\WINDOWS\system32\cKQAHkkj.ini2
2008-10-22 13:27:38 ----ASH---- C:\WINDOWS\system32\cKQAHkkj.ini
2008-10-22 12:28:26 ----D---- C:\Program Files\Security Task Manager
2008-10-22 11:47:55 ----A---- C:\WINDOWS\system32\a33ff33b-.txt
2008-10-22 11:47:31 ----ASH---- C:\WINDOWS\system32\MTEOnXbc.ini2
2008-10-22 11:47:30 ----ASH---- C:\WINDOWS\system32\MTEOnXbc.ini
2008-10-22 10:34:55 ----HD---- C:\WINDOWS\PIF
2008-10-22 09:58:52 ----D---- C:\Documents and Settings\Mommy\Application Data\e frontier

======List of files/folders modified in the last 3 months======

2009-01-17 20:16:28 ----RD---- C:\Program Files
2009-01-17 20:14:00 ----D---- C:\Documents and Settings\Mommy\Application Data\BitTorrent
2009-01-17 20:02:22 ----D---- C:\WINDOWS\system32
2009-01-17 20:02:16 ----D---- C:\WINDOWS\system32\drivers
2009-01-17 19:05:56 ----D---- C:\WINDOWS\Temp
2009-01-17 17:00:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-17 16:11:38 ----A---- C:\WINDOWS\win.ini
2009-01-17 15:05:59 ----D---- C:\Program Files\Mozilla Firefox
2009-01-17 05:18:21 ----SHD---- C:\WINDOWS\Installer
2009-01-16 22:52:55 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-16 20:30:16 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-01-13 10:26:38 ----D---- C:\Documents and Settings\Mommy\Application Data\Orbit
2009-01-12 19:30:34 ----D---- C:\Program Files\Cheat Engine
2009-01-10 22:40:38 ----D---- C:\WINDOWS\system32\NtmsData
2009-01-10 22:21:06 ----D---- C:\Program Files\Common Files\Nero
2009-01-10 22:21:04 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2009-01-10 22:21:00 ----D---- C:\WINDOWS
2009-01-10 22:18:58 ----A---- C:\WINDOWS\system32\MsiExec.exe.log
2009-01-08 08:01:31 ----D---- C:\Program Files\Adobe
2009-01-08 07:58:18 ----D---- C:\Documents and Settings\Mommy\Application Data\Adobe
2009-01-07 20:51:45 ----D---- C:\Documents and Settings\All Users\Application Data\SecTaskMan
2009-01-07 00:13:23 ----D---- C:\Program Files\Google
2009-01-03 23:16:01 ----A---- C:\WINDOWS\NeroDigital.ini
2009-01-02 00:54:02 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-01-01 21:05:19 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-01-01 20:57:07 ----D---- C:\Program Files\Common Files\Adobe
2009-01-01 20:54:02 ----D---- C:\Program Files\Common Files
2009-01-01 20:35:09 ----RSD---- C:\WINDOWS\Fonts
2009-01-01 20:31:40 ----D---- C:\WINDOWS\WinSxS
2009-01-01 00:43:27 ----HD---- C:\WINDOWS\inf
2008-12-31 21:11:28 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-31 21:11:28 ----D---- C:\WINDOWS\msagent
2008-12-31 13:49:42 ----A---- C:\WINDOWS\imsins.BAK
2008-12-31 13:44:45 ----D---- C:\Program Files\Messenger
2008-12-31 13:43:44 ----D---- C:\Program Files\Outlook Express
2008-12-31 13:43:43 ----D---- C:\Program Files\Common Files\System
2008-12-31 13:42:50 ----D---- C:\WINDOWS\system32\Com
2008-12-30 20:38:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-30 20:29:50 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-12-30 20:29:05 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-30 20:28:23 ----RSD---- C:\WINDOWS\assembly
2008-12-30 20:28:03 ----D---- C:\Program Files\Internet Explorer
2008-12-30 20:27:55 ----D---- C:\WINDOWS\ie7updates
2008-12-30 20:23:50 ----D---- C:\Program Files\Windows Media Player
2008-12-30 20:22:30 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-30 20:20:21 ----A---- C:\WINDOWS\vbaddin.ini
2008-12-30 20:20:11 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-12-26 18:24:09 ----D---- C:\Documents and Settings\Mommy\Application Data\Google
2008-12-26 12:43:15 ----D---- C:\WINDOWS\Microsoft.NET
2008-12-26 11:39:39 ----SD---- C:\Documents and Settings\Mommy\Application Data\Microsoft
2008-12-26 11:38:59 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-24 01:09:09 ----D---- C:\WINDOWS\system32\1033
2008-12-24 01:09:07 ----D---- C:\Program Files\Common Files\Designer
2008-12-24 01:08:03 ----D---- C:\WINDOWS\Help
2008-12-24 01:06:35 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-23 17:51:37 ----D---- C:\WINDOWS\system32\Restore
2008-12-23 16:06:37 ----D---- C:\Program Files\Sony
2008-12-22 09:47:23 ----D---- C:\WINDOWS\system
2008-12-16 22:03:13 ----D---- C:\WINDOWS\system32\config
2008-12-13 14:40:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-12-12 22:39:54 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-12-10 07:24:37 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-09 20:43:35 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-12-05 09:35:28 ----HDC---- C:\WINDOWS\ie7
2008-12-02 21:20:14 ----D---- C:\WINDOWS\system32\CatRoot_bak
2008-12-02 17:22:40 ----D---- C:\WINDOWS\SoftwareDistribution
2008-11-22 12:42:30 ----D---- C:\Documents and Settings\Mommy\Application Data\DMCache
2008-11-07 23:05:02 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-01 12:00:02 ----D---- C:\WINDOWS\AppPatch
2008-11-01 11:57:43 ----D---- C:\WINDOWS\security
2008-10-30 03:38:54 ----D---- C:\WINDOWS\Debug
2008-10-29 05:12:41 ----SH---- C:\boot.ini
2008-10-29 05:12:41 ----A---- C:\WINDOWS\system.ini
2008-10-29 05:12:40 ----D---- C:\WINDOWS\pss
2008-10-26 01:33:48 ----D---- C:\WINDOWS\system32\DirectX
2008-10-25 14:01:41 ----D---- C:\WINDOWS\Registration
2008-10-25 14:01:32 ----A---- C:\WINDOWS\setuplog.txt
2008-10-25 13:56:49 ----SHD---- C:\System Volume Information
2008-10-25 13:49:07 ----A---- C:\WINDOWS\OEWABLog.txt
2008-10-25 13:48:59 ----A---- C:\WINDOWS\ODBCINST.INI
2008-10-25 13:48:39 ----D---- C:\WINDOWS\system32\ias
2008-10-25 13:48:07 ----RD---- C:\WINDOWS\Web
2008-10-25 13:47:31 ----D---- C:\WINDOWS\system32\oobe
2008-10-25 13:46:11 ----D---- C:\WINDOWS\system32\wbem
2008-10-25 13:46:11 ----D---- C:\WINDOWS\Cursors
2008-10-25 13:08:52 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2008-10-25 11:07:17 ----D---- C:\Program Files\EA Games
2008-10-25 05:54:22 ----D---- C:\WINDOWS\system32\Setup
2008-10-25 05:54:11 ----D---- C:\WINDOWS\system32\usmt
2008-10-25 05:53:54 ----D---- C:\WINDOWS\mui
2008-10-25 05:53:54 ----D---- C:\WINDOWS\ehome
2008-10-25 05:53:53 ----D---- C:\WINDOWS\ime
2008-10-25 05:53:51 ----D---- C:\WINDOWS\Media
2008-10-25 05:53:37 ----D---- C:\WINDOWS\PeerNet
2008-10-25 05:53:22 ----D---- C:\WINDOWS\system32\npp
2008-10-25 05:49:58 ----D---- C:\WINDOWS\twain_32
2008-10-25 05:49:00 ----D---- C:\WINDOWS\system32\icsxml
2008-10-25 05:47:04 ----D---- C:\WINDOWS\Driver Cache
2008-10-24 14:01:00 ----D---- C:\SWSetup
2008-10-24 12:08:03 ----D---- C:\Program Files\Altiris
2008-10-24 11:50:09 ----SD---- C:\WINDOWS\system32\Microsoft
2008-10-24 10:52:00 ----D---- C:\WINDOWS\Downloaded Installations
2008-10-24 04:05:36 ----D---- C:\Program Files\Java
2008-10-24 03:44:37 ----D---- C:\Program Files\DNA
2008-10-24 01:32:43 ----SD---- C:\WINDOWS\Tasks
2008-10-23 21:01:36 ----A---- C:\WINDOWS\system32\gdi32.dll
2008-10-23 19:23:36 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-23 10:12:47 ----D---- C:\Program Files\Systweak BoostXP2
2008-10-23 09:54:08 ----A---- C:\WINDOWS\ntbtlog.txt
2008-10-22 17:47:07 ----A---- C:\WINDOWS\system32\tzchange.exe
2008-10-22 17:27:42 ----D---- C:\Documents and Settings

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys [1999-09-10 25244]
R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2006-08-29 2432]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2006-08-29 2560]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 36096]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS []
R3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel® Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-08-04 120094]
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel® Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-08-04 96858]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-02 4816]
R3 E100B;Intel® PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2003-09-18 145408]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2003-08-04 91419]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-08-29 578304]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
S1 P3;Intel PentiumIII Processor Driver; C:\WINDOWS\system32\DRIVERS\p3.sys [2004-08-04 42496]
S2 sbbotdi;sbbotdi; \??\C:\PROGRA~1\SpeedBit Video Accelerator\sbbotdi.sys []
S3 ac97intc;Intel® 82801 Audio Driver Install Service (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-04 9600]
S3 i81x;i81x; C:\WINDOWS\system32\DRIVERS\i81xnt5.sys [2004-08-04 161020]
S3 iAimFP0;iAimFP0; C:\WINDOWS\system32\DRIVERS\wADV01nt.sys [2004-08-04 12415]
S3 iAimFP1;iAimFP1; C:\WINDOWS\system32\DRIVERS\wADV02NT.sys [2004-08-04 12127]
S3 iAimFP2;iAimFP2; C:\WINDOWS\system32\DRIVERS\wADV05NT.sys [2004-08-04 11775]
S3 iAimFP3;iAimFP3; C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys [2004-08-04 12063]
S3 iAimFP4;iAimFP4; C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys [2004-08-04 19455]
S3 iAimFP5;iAimFP5; C:\WINDOWS\system32\DRIVERS\wADV07nt.sys [2004-08-04 11807]
S3 iAimFP6;iAimFP6; C:\WINDOWS\system32\DRIVERS\wADV08nt.sys [2004-08-04 11295]
S3 iAimFP7;iAimFP7; C:\WINDOWS\system32\DRIVERS\wADV09nt.sys [2004-08-04 11871]
S3 iAimTV0;iAimTV0; C:\WINDOWS\system32\DRIVERS\wATV01nt.sys [2004-08-04 29311]
S3 iAimTV1;iAimTV1; C:\WINDOWS\system32\DRIVERS\wATV02NT.sys [2004-08-04 19551]
S3 iAimTV3;iAimTV3; C:\WINDOWS\system32\DRIVERS\wATV04nt.sys [2004-08-04 33599]
S3 iAimTV4;iAimTV4; C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys [2004-08-04 23615]
S3 iAimTV5;iAimTV5; C:\WINDOWS\system32\DRIVERS\wATV10nt.sys [2004-08-04 25471]
S3 iAimTV6;iAimTV6; C:\WINDOWS\system32\DRIVERS\wATV06nt.sys [2004-08-04 22271]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
S3 nm;Network Monitor Driver; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-04 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-07 34064]
S3 npkcrypt;npkcrypt; \??\C:\Program Files\EA Games\RO\npkcrypt.sys []
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\vinyl97.sys [2007-06-28 207488]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-19 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-29 82944]
S4 adpu320;adpu320; C:\WINDOWS\system32\DRIVERS\adpu320.sys [2002-05-09 105472]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2004-08-04 5504]
S4 Symmpi;Symmpi; C:\WINDOWS\system32\DRIVERS\symmpi.sys [2002-04-04 28416]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-11-03 611664]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2008-12-24 54784]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032]
R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-10 168432]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-12 152984]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-01 654848]
S2 dnetc;distributed.net client; C:\WINDOWS\dnetc.exe []
S2 Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) ;Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) ; C:\Program Files\websrv\websrv.exe []
S2 spupdsvc;Windows Service Pack Installer update service; C:\WINDOWS\system32\spupdsvc.exe [2006-09-16 23856]
S2 VideoAcceleratorService;VideoAcceleratorService; C:\PROGRA~1\SpeedBit Video Accelerator\VideoAcceleratorService.exe -start -scm []
S3 Adobe Version Cue CS3;Adobe Version Cue CS3; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [2007-03-20 153792]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-27 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-07 92792]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe []
S4 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe []
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]

-----------------EOF-----------------

BC AdBot (Login to Remove)

 


#2 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:09:16 PM

Posted 29 January 2009 - 11:35 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.
Also please explain your problem as fully as possible. Each little detail will help in getting your system cleaned up and functional again.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scans:

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself.
  • Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install. Alternatively, you can update through MBAM's interface from a clean computer, copy the definitions (rules.ref) located in C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.
On the Scanner tab:
  • Make sure the "Perform Full Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you after scanning with MBAM. Please temporarily disable such programs or permit them to allow the changes.



* Download DDS by sUBs from one of the following links. Save it to your desktop.
DDS.com
DDS.scr
DDS.pif

* Double click on the DDS icon, allow it to run.
* A small box will open, with an explaination about the tool. No input is needed, the scan is running.
* Notepad will open with the results, click no to the Optional_Scan
* Follow the instructions that pop up for posting the results.
* Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#3 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:09:16 PM

Posted 07 February 2009 - 09:52 PM

This thread is closed due to inactivity.
If you need this topic reopened, please send me a PM. This applies to the thread originator only, all others start a new thread.
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users