Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

False Win32.Brontok Worm Infection - HELP!


  • This topic is locked This topic is locked
2 replies to this topic

#1 SimonIAm

SimonIAm

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:51 AM

Posted 19 May 2009 - 10:45 AM

I have been receiving a message that pops up daily, reading:

Do you want to block this suspicious software"
Name: Win32.Brontok
Risk Level: High
Description: This worm spreads via the Internet as an attachment to infected messages. It sends itself to email addresses harvested from the victim machine.


Also, when I open my firefox (normally opens to google), the following is displayed on the page. But, I do have access to the internet as I am now posting with the infected computer:

Insecure Internet activity. Threat of virus attack
Due to insecure Internet browsing your PC can easily get infected with viruses, worms and trojans without your knowledge, and that can lead to system slowdown, freezes and crashes.
Also insecure Internet activity can result in revealing your personal information.
To get full advanced real-time protection for PC and Internet activity, register your antivirus software.
We recommend you to protect your PC now and continue safe Internet browsing.
Click here to get full advanced real-time protection and continue browsing. (Note: this link is java script:go_protect() )
Continue to this website unprotected (not recommended). (Note: this link is java script:show_alert() )

I probably caught the virus using P2P.


Thank You!
__________________________________________________________________________________________________


OTListIt logfile created on: 5/19/2009 8:38:46 AM - Run 2
OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Documents and Settings\Simon Suh\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.49 Gb Total Physical Memory | 0.68 Gb Available Physical Memory | 45.85% Memory free
2.09 Gb Paging File | 1.49 Gb Available in Paging File | 71.27% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 19.65 Gb Free Space | 26.37% Space Free | Partition Type: NTFS
Unable to calculate disk information.
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: USER-E182DD4B20
Current User Name: Simon Suh
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2008/03/13 23:11:08 | 00,075,304 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2005/06/02 09:21:46 | 00,161,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PRC - [2005/06/02 09:21:40 | 00,185,968 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PRC - [2007/07/20 00:40:48 | 00,137,752 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2007/06/13 03:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009/03/06 00:04:30 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2005/06/23 19:27:18 | 00,019,648 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe
PRC - [2007/07/20 00:38:54 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2003/06/19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2004/07/16 22:26:44 | 00,126,976 | ---- | M] () -- C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\wrapper.exe
PRC - [2007/08/02 12:33:50 | 00,080,528 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Nexon\Mabinogi\npkcmsvc.exe
PRC - [2004/05/07 09:20:52 | 00,024,681 | ---- | M] () -- C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\jre\bin\java.exe
PRC - [2005/06/23 19:27:28 | 01,715,904 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe
PRC - [2005/07/04 16:46:04 | 00,053,307 | ---- | M] (GEMTEKS) -- C:\Program Files\Compact Wireless-G USB Network Adapter with SpeedBooster\WLService.exe
PRC - [2006/04/21 12:26:38 | 05,358,592 | ---- | M] (Linksys) -- C:\Program Files\Compact Wireless-G USB Network Adapter with SpeedBooster\WUSB54GSC.exe
PRC - [2006/11/17 05:42:52 | 00,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2007/07/25 16:02:54 | 00,563,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2007/07/12 04:00:36 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
PRC - [2002/09/10 22:26:26 | 00,368,706 | ---- | M] () -- C:\Program Files\BroadJump\Client Foundation\CFD.exe
PRC - [2005/09/20 11:35:40 | 00,094,208 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxtray.exe
PRC - [2005/09/20 11:32:24 | 00,077,824 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2005/09/20 11:36:20 | 00,114,688 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
PRC - [2008/03/13 23:11:10 | 00,919,016 | ---- | M] (Zone Labs, LLC) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2005/06/02 09:21:38 | 00,048,752 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2005/06/23 19:27:36 | 00,085,696 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\VPTray.exe
PRC - [2006/12/10 21:52:38 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
PRC - [2007/08/27 17:25:52 | 01,662,976 | ---- | M] (D-Link) -- C:\Program Files\D-Link\Wireless G WUA-1340\AirGCFG.exe
PRC - [2007/01/19 12:49:04 | 00,049,152 | ---- | M] (Wireless Service) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
PRC - [2009/03/12 20:56:58 | 00,342,312 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2007/07/20 00:38:54 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2009/03/05 16:07:20 | 02,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/04/23 06:51:38 | 00,691,656 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2004/08/03 17:56:50 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\conime.exe
PRC - [2007/01/02 21:40:10 | 00,210,520 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2009/03/12 20:56:52 | 00,656,168 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2007/07/25 16:02:32 | 00,403,728 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
PRC - [2006/12/10 21:51:08 | 00,271,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
PRC - [2009/04/29 08:53:01 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/05/19 08:28:44 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Simon Suh\Desktop\OTListIt2.exe

========== Win32 Services (SafeList) ==========

SRV - [2007/09/18 11:24:20 | 00,068,096 | ---- | M] () -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
SRV - [2007/01/19 12:49:26 | 00,049,152 | ---- | M] (Wireless Service) -- C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService [Auto | Stopped])
SRV - [2009/03/06 00:04:30 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2005/06/02 09:21:40 | 00,185,968 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr [Auto | Running])
SRV - [2005/06/02 09:21:46 | 00,083,568 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe -- (ccPwdSvc [On_Demand | Stopped])
SRV - [2005/06/02 09:21:46 | 00,161,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr [Auto | Running])
SRV - [2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2005/06/23 19:27:18 | 00,019,648 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch [Auto | Running])
SRV - [2004/08/03 17:56:46 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2007/01/02 22:46:54 | 00,225,280 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08 [On_Demand | Running])
SRV - [2006/12/10 23:29:24 | 00,131,072 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc [Auto | Running])
SRV - [2006/01/05 00:06:02 | 00,163,840 | ---- | M] (Alex Feinman) -- C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe -- (Imapi Helper [On_Demand | Stopped])
SRV - [2009/03/12 20:56:52 | 00,656,168 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2007/07/20 00:38:54 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer [Auto | Running])
SRV - [2007/07/20 00:40:48 | 00,137,752 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv [Auto | Running])
SRV - [2007/07/20 00:42:30 | 00,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher [Auto | Stopped])
SRV - [2003/06/19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])
SRV - [2004/07/16 22:26:44 | 00,126,976 | ---- | M] () -- C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\wrapper.exe -- (mple7docserver [Auto | Running])
SRV - [2006/11/08 16:35:36 | 00,043,520 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\HPZinw12.dll -- (Net Driver HPZ12 [Auto | Running])
SRV - [2007/08/02 12:33:50 | 00,080,528 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Nexon\Mabinogi\npkcmsvc.exe -- (npkcmsvc [Auto | Running])
SRV - [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006/11/08 16:35:38 | 00,053,248 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\HPZipm12.dll -- (Pml Driver HPZ12 [Auto | Running])
SRV - [2005/06/23 19:27:30 | 00,124,608 | ---- | M] (symantec) -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam [On_Demand | Stopped])
SRV - [2005/04/22 12:03:28 | 00,206,552 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc [On_Demand | Stopped])
SRV - [2005/03/30 21:48:22 | 00,992,864 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc [On_Demand | Stopped])
SRV - [2005/06/23 19:27:28 | 01,715,904 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus [Auto | Running])
SRV - [2007/01/19 12:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
SRV - [2008/03/13 23:11:08 | 00,075,304 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- (vsmon [Auto | Running])
SRV - [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2005/07/04 16:46:04 | 00,053,307 | ---- | M] (GEMTEKS) -- C:\Program Files\Compact Wireless-G USB Network Adapter with SpeedBooster\WLService.exe -- (WUSB54GSCSVC [Auto | Running])

========== Driver Services (SafeList) ==========

DRV - [2009/03/25 15:30:45 | 00,017,801 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\system32\DRIVERS\AegisP.sys -- (AegisP [Auto | Running])
DRV - [2007/03/08 14:34:46 | 04,027,840 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
DRV - [2005/12/11 12:55:38 | 00,028,195 | ---- | M] (Alpha Networks Inc.) -- C:\WINDOWS\system32\ANIO.SYS -- (ANIO [Auto | Running])
DRV - [2009/04/15 13:04:26 | 00,371,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl [System | Running])
DRV - [2004/08/03 16:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running])
DRV - [2009/01/15 12:19:36 | 00,023,848 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2005/10/20 20:58:52 | 00,049,920 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
DRV - [2005/10/20 20:58:58 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
DRV - [2005/10/20 20:52:48 | 00,021,568 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
DRV - [2005/09/20 12:00:54 | 01,302,332 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\ialmnt5.sys -- (ialm [On_Demand | Running])
DRV - [2007/07/20 00:37:56 | 02,109,592 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\DRIVERS\LVcKap.sys -- (LVcKap [On_Demand | Stopped])
DRV - [2007/07/20 00:39:50 | 02,142,488 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys -- (LVMVDrv [On_Demand | Stopped])
DRV - [2007/07/18 17:42:42 | 00,025,624 | ---- | M] () -- C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys -- (LVPr2Mon [On_Demand | Running])
DRV - [2007/02/03 11:32:34 | 00,041,504 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta [On_Demand | Running])
DRV - [2009/04/15 13:04:26 | 00,089,104 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090515.003\NAVENG.SYS -- (NAVENG [On_Demand | Running])
DRV - [2009/04/15 13:04:26 | 00,876,144 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090515.003\NAVEX15.SYS -- (NAVEX15 [On_Demand | Running])
DRV - [2005/11/02 04:23:08 | 00,014,464 | R--- | M] (©NOWCOM) -- C:\WINDOWS\system32\NOWMEMDF.sys -- (NOWMEMDF [On_Demand | Stopped])
DRV - [2004/03/23 19:12:34 | 00,017,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\NSNDIS5.SYS -- (NSNDIS5 [On_Demand | Stopped])
DRV - [2008/07/06 00:43:56 | 00,047,360 | ---- | M] (VSO Software) -- C:\WINDOWS\System32\Drivers\pcouffin.sys -- (pcouffin [On_Demand | Running])
DRV - [2007/02/03 11:27:15 | 00,014,240 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\DRIVERS\lv302af.sys -- (pepifilter [On_Demand | Stopped])
DRV - [2007/02/03 11:27:27 | 00,938,272 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\DRIVERS\LV302V32.SYS -- (PID_PEPI [On_Demand | Stopped])
DRV - [2004/08/16 17:49:24 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2007/03/06 00:05:24 | 00,245,504 | ---- | M] (Ralink Technology, Corp.) -- C:\WINDOWS\system32\DRIVERS\Dr71WU.sys -- (RT73 [On_Demand | Stopped])
DRV - [2004/08/03 15:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Running])
DRV - [2005/02/04 20:14:30 | 00,324,232 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\savrt.sys -- (SAVRT [System | Running])
DRV - [2005/02/04 20:14:32 | 00,053,896 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys -- (SAVRTPEL [System | Running])
DRV - [2007/11/13 03:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [Auto | Running])
DRV - [2005/03/30 21:48:20 | 00,372,832 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv [On_Demand | Stopped])
DRV - [2009/05/13 22:13:31 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2008/02/27 03:10:44 | 00,051,176 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan [Boot | Running])
DRV - [2005/05/13 19:50:10 | 00,123,488 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent [On_Demand | Running])
DRV - [2005/04/22 12:03:00 | 00,017,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV [On_Demand | Running])
DRV - [2005/04/22 12:03:02 | 00,267,192 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI [System | Running])
DRV - [2004/08/03 23:07:56 | 00,059,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])
DRV - [2004/08/03 16:04:34 | 00,012,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\usb8023.sys -- (USB_RNDIS [On_Demand | Running])
DRV - [2008/03/13 23:11:18 | 00,394,952 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\System32\vsdatant.sys -- (vsdatant [System | Running])
DRV - [2003/09/25 22:15:32 | 00,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\GTNDIS5.SYS -- (GTNDIS5 [On_Demand | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Local Page = http://www2.iesearch.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage

IE - HKU\S-1-5-21-1614895754-299502267-839522115-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1614895754-299502267-839522115-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-21-1614895754-299502267-839522115-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
IE - URLSearchHook: {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1614895754-299502267-839522115-1006\S-1-5-21-1614895754-299502267-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1614895754-299502267-839522115-1006\S-1-5-21-1614895754-299502267-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;*.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.com"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}:6.0.02
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/05/11 13:09:21 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/05/11 13:09:21 | 00,000,000 | ---D | M]

[2009/04/16 16:03:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Simon Suh\Application Data\mozilla\Extensions
[2009/04/16 16:03:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Simon Suh\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/19 08:11:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Simon Suh\Application Data\mozilla\Firefox\Profiles\mg0340eo.default\extensions
[2008/01/23 23:41:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Simon Suh\Application Data\mozilla\Firefox\Profiles\mg0340eo.default\extensions\{d8cd3b62-626a-4af6-953d-4937feea21ec}
[2008/06/04 18:49:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Simon Suh\Application Data\mozilla\Firefox\Profiles\mg0340eo.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2008/02/03 20:54:38 | 00,000,891 | ---- | M] () -- C:\Documents and Settings\Simon Suh\Application Data\Mozilla\FireFox\Profiles\mg0340eo.default\searchplugins\dictionarycom.xml
[2008/02/03 20:54:05 | 00,002,042 | ---- | M] () -- C:\Documents and Settings\Simon Suh\Application Data\Mozilla\FireFox\Profiles\mg0340eo.default\searchplugins\facebook.xml
[2008/06/19 20:33:31 | 00,001,108 | ---- | M] () -- C:\Documents and Settings\Simon Suh\Application Data\Mozilla\FireFox\Profiles\mg0340eo.default\searchplugins\wikipedia-en.xml
[2009/05/19 08:11:41 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/29 08:53:21 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/10/01 22:33:31 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[2009/04/29 08:52:54 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/29 08:52:54 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/04/29 08:53:11 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/04/29 08:53:11 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/04/29 08:53:11 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/04/29 08:53:11 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/04/29 08:53:11 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/04/29 08:53:11 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/04/29 08:53:11 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (307135 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 10575 more lines...
O2 - BHO: () - {02DCA195-602B-4B1F-83FF-381B7E804BDB} - C:\WINDOWS\system32\HDBHO.dll ()
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key error. File not found
O2 - BHO: (no name) - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - Reg Error: Key error. File not found
O2 - BHO: (no name) - {EAB7AA01-CAAA-4C34-8343-557C7E63B73B} - Reg Error: Key error. File not found
O2 - BHO: (no name) - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - Reg Error: Key error. File not found
O3 - HKLM\..\Toolbar: (no name) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - Reg Error: Key error. File not found
O3 - HKU\S-1-5-21-1614895754-299502267-839522115-1006\..\Toolbar\WebBrowser: (no name) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service)
O4 - HKLM..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe ()
O4 - HKLM..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" (Symantec Corporation)
O4 - HKLM..\Run: [D-Link Wireless G WUA-1340] C:\Program Files\D-Link\Wireless G WUA-1340\AirGCFG.exe (D-Link)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 (Microsoft Corporation)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide ()
O4 - HKLM..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe (Motive, Inc.)
O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC (Microsoft Corporation)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [SoundMan] SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" (Zone Labs, LLC)
O4 - HKU\S-1-5-21-1614895754-299502267-839522115-1006..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun (DT Soft Ltd)
O4 - HKU\S-1-5-21-1614895754-299502267-839522115-1006..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork (IGN Entertainment)
O4 - HKU\S-1-5-21-1614895754-299502267-839522115-1006..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-1614895754-299502267-839522115-1006..\Run: [Yahoo! Pager] 1 File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AT&T Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe (Motive Communications, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1614895754-299502267-839522115-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1614895754-299502267-839522115-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKU\S-1-5-21-1614895754-299502267-839522115-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 50 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-19\..Trusted Domains: 33 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-20\..Trusted Domains: 33 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1614895754-299502267-839522115-1006\..Trusted Domains: 50 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {48ECCD73-123C-4C25-A64C-76E8E8A30CAF} http://mpi.dacom.net/XPayMPI/Xecure_LiveUp..._XPayMPIOCX.cab (Reg Error: Key error.)
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} http://ftp.entica.com/EnLaunch/ENPPY3/Install/msxml4.cab (XML DOM Document 4.0)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {8B95CDB4-7F5F-44FA-803E-1F31963D711F} http://www.filebada.com/Client/Ocx/FB_OCX.CAB (FB_OCX Control)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CE109CEF-E299-4DAF-9FCB-9C030A32C546} http://up.uccc.co.kr/ucccplay/cab2/launchucccplay.cab (Reg Error: Key error.)
O16 - DPF: GPplayerActiveXCAB http://music.godpeople.com/gpplayer/GPplayerActiveXCAB.CAB (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/07/06 17:39:00 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{a3200296-b06f-11dd-af60-0013d3e6777f}\Shell - "" = AutoRun
O33 - MountPoints2\{a3200296-b06f-11dd-af60-0013d3e6777f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a3200296-b06f-11dd-af60-0013d3e6777f}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009/05/19 08:17:49 | 00,000,000 | ---D | M]

========== Files/Folders - Created Within 30 Days ==========

[3 C:\WINDOWS\*.tmp files]
[2009/05/19 08:28:44 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Simon Suh\Desktop\OTListIt2.exe
[2009/05/19 08:22:43 | 00,038,912 | ---- | C] (SOFTWIN) -- C:\Documents and Settings\Simon Suh\Desktop\AntiBrontokA-en.exe
[2009/05/19 08:18:17 | 00,078,336 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\Agent.OMZ.Fix.exe
[2009/05/19 08:18:16 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.C.exe
[2009/05/19 08:18:16 | 00,080,384 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\o4Patch.exe
[2009/05/19 08:18:15 | 00,087,552 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\VACFix.exe
[2009/05/19 08:18:15 | 00,082,432 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\404Fix.exe
[2009/05/19 08:18:14 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.exe
[2009/05/19 08:18:13 | 00,075,776 | ---- | C] () -- C:\WINDOWS\System32\WS2Fix.exe
[2009/05/19 08:18:12 | 00,289,144 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\VCCLSID.exe
[2009/05/19 08:18:12 | 00,079,360 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swxcacls.exe
[2009/05/19 08:18:12 | 00,051,200 | ---- | C] () -- C:\WINDOWS\System32\dumphive.exe
[2009/05/19 08:18:11 | 00,288,417 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\SrchSTS.exe
[2009/05/19 08:18:11 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\swsc.exe
[2009/05/19 08:18:10 | 00,135,168 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swreg.exe
[2009/05/19 08:18:10 | 00,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\WINDOWS\System32\Process.exe
[2009/05/19 08:17:33 | 01,883,662 | ---- | C] () -- C:\Documents and Settings\Simon Suh\Desktop\SmitfraudFix.exe
[2009/05/19 08:06:29 | 02,902,376 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Simon Suh\Desktop\Procmon.exe
[2009/05/19 08:06:29 | 00,060,772 | ---- | C] () -- C:\Documents and Settings\Simon Suh\Desktop\procmon.chm
[2009/05/18 12:51:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Suh\My Documents\EA Games
[2009/05/18 12:51:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\EA Games
[2009/05/18 11:48:23 | 00,000,250 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/05/18 09:15:54 | 00,002,119 | ---- | C] () -- C:\Documents and Settings\Simon Suh\Application Data\BuGHkSmUat.gif
[2009/05/18 09:15:54 | 00,000,607 | ---- | C] () -- C:\Documents and Settings\Simon Suh\Application Data\BuGHkSmUzn.gif
[2009/05/18 09:15:54 | 00,000,598 | ---- | C] () -- C:\Documents and Settings\Simon Suh\Application Data\BuGHkSmUby.gif
[2009/05/17 21:38:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Suh\Application Data\Google
[2009/05/17 20:06:46 | 19,094,123 | ---- | C] () -- C:\Documents and Settings\Simon Suh\Desktop\video(2).mp4
[2009/05/16 23:04:45 | 16,847,7903 | ---- | C] () -- C:\Documents and Settings\Simon Suh\Desktop\09_116_Whos_the_Cult_video_podcast_16x9.mp4
[2009/05/16 21:43:32 | 04,519,756 | ---- | C] () -- C:\Documents and Settings\Simon Suh\Desktop\_02
[2009/05/15 12:05:52 | 02,987,133 | ---- | C] () -- C:\Documents and Settings\Simon Suh\Desktop\Elite_sports_and_fitness.Sims2Pack
[2009/05/15 12:00:17 | 01,380,833 | ---- | C] () -- C:\Documents and Settings\Simon Suh\Desktop\dazzles.Sims2Pack
[2009/05/14 23:18:52 | 00,002,064 | ---- | C] () -- C:\Documents and Settings\Simon Suh\Desktop\The Sims™ 2 Double Deluxe.lnk
[2009/05/13 22:46:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\DAEMON Tools Images
[2009/05/13 22:27:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009/05/13 22:27:28 | 00,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar
[2009/05/13 22:27:25 | 00,001,613 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DAEMON Tools Lite.lnk
[2009/05/13 22:27:22 | 00,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2009/05/13 22:13:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Suh\Application Data\DAEMON Tools Lite
[2009/05/13 16:47:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Suh\Desktop\Sims
[2009/05/13 14:30:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Suh\Desktop\Sims 2 Univesity
[2009/05/13 10:12:43 | 00,000,000 | ---D | C] -- C:\Program Files\Alex Feinman
[2009/05/08 18:51:51 | 34,223,912 | ---- | C] () -- C:\Documents and Settings\Simon Suh\Desktop\NA06-DC-GS-1-FrancisChan.mp3
[2009/05/07 09:25:57 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Simon Suh\Application Data\SecuROM
[2009/05/07 08:54:38 | 00,000,000 | ---D | C] -- C:\Program Files\EA GAMES
[2009/05/06 16:36:11 | 00,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2009/05/06 16:00:32 | 00,445,504 | ---- | C] (On2.com) -- C:\WINDOWS\System32\vp6vfw.dll
[2009/05/06 14:50:13 | 00,000,000 | ---D | C] -- C:\Program Files\Sims Double Deluxe
[2009/05/06 07:34:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Suh\My Documents\My Downloads
[2009/05/06 07:34:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Suh\Application Data\IGN_DLM
[2009/05/06 07:33:24 | 00,000,000 | ---D | C] -- C:\Program Files\Download Manager
[2009/05/05 22:19:33 | 00,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2009/05/05 22:19:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Suh\Application Data\SystemRequirementsLab
[2009/05/05 20:44:25 | 04,586,112 | ---- | C] () -- C:\Documents and Settings\Simon Suh\Desktop\video.mp3
[2009/05/04 11:01:19 | 21,815,416 | ---- | C] () -- C:\Documents and Settings\Simon Suh\Desktop\video.mp4
[2009/04/30 10:56:46 | 06,254,271 | ---- | C] () -- C:\Documents and Settings\Simon Suh\Desktop\Jon Foreman - Your Love is Strong(2).mp3
[2009/04/23 08:10:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009/04/22 21:47:30 | 00,070,320 | ---- | C] () -- C:\Documents and Settings\Simon Suh\My Documents\HAIR2.jpg
[2009/04/22 21:37:44 | 00,108,625 | ---- | C] () -- C:\Documents and Settings\Simon Suh\My Documents\dc_sh01.jpg
[2009/04/22 21:35:18 | 00,033,508 | ---- | C] () -- C:\Documents and Settings\Simon Suh\My Documents\HAIR.jpg
[2009/04/22 19:58:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
[2009/04/21 19:14:42 | 03,308,032 | ---- | C] () -- C:\Documents and Settings\Simon Suh\My Documents\PARMESEAN CRUSTED TILAPIA.doc
[2009/04/21 12:22:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Simon Suh\My Documents\Mount&Blade Screenshots
[2009/04/17 00:34:19 | 00,006,656 | ---- | C] () -- C:\WINDOWS\System32\CNMVSyd.DLL
[2009/04/17 00:33:55 | 00,000,599 | ---- | C] () -- C:\WINDOWS\System32\CNCMP51.INI
[2009/03/25 15:30:41 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2009/03/25 15:30:19 | 00,000,608 | ---- | C] () -- C:\WINDOWS\System32\WLAN.INI
[2008/11/02 22:04:46 | 00,233,472 | ---- | C] () -- C:\WINDOWS\System32\WlanApp.dll
[2008/11/02 22:04:45 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\JJAKEn.dll
[2008/10/19 22:25:23 | 00,000,016 | ---- | C] () -- C:\WINDOWS\System32\winhcfg.ini
[2008/07/05 17:59:26 | 00,000,109 | ---- | C] () -- C:\WINDOWS\PControl.ini
[2008/06/27 18:16:28 | 00,106,496 | ---- | C] () -- C:\WINDOWS\acufutls.dll
[2008/06/19 00:16:28 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008/06/16 22:22:56 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/06/05 19:46:37 | 00,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2008/01/30 00:30:23 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007/11/08 21:19:51 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2007/10/01 22:43:05 | 00,796,048 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll
[2007/09/18 22:39:12 | 00,000,021 | ---- | C] () -- C:\WINDOWS\TemplateWizard.INI
[2007/09/08 21:17:50 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\nod.dll
[2007/09/08 21:16:04 | 00,000,074 | ---- | C] () -- C:\WINDOWS\System32\fscflist.ini
[2007/09/08 21:16:03 | 00,000,078 | ---- | C] () -- C:\WINDOWS\System32\fscagent.ini
[2007/08/31 22:53:28 | 00,000,032 | ---- | C] () -- C:\WINDOWS\NateOnAVPlayer.INI
[2007/08/15 12:05:22 | 00,208,896 | ---- | C] () -- C:\WINDOWS\System32\HDBHO.dll
[2007/08/15 12:05:22 | 00,007,168 | ---- | C] () -- C:\WINDOWS\lq.dll
[2007/08/15 12:05:21 | 00,468,480 | ---- | C] () -- C:\WINDOWS\System32\NMDll.dll
[2007/08/15 12:05:21 | 00,020,480 | ---- | C] () -- C:\WINDOWS\yhl.dll
[2007/08/09 15:31:54 | 01,077,309 | ---- | C] () -- C:\WINDOWS\System32\nDiyHardX.dll
[2007/07/18 17:42:42 | 00,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2007/07/07 10:55:34 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007/07/06 18:17:02 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/07/06 18:10:34 | 00,000,040 | ---- | C] () -- C:\WINDOWS\Hjimesv.ini
[2007/07/06 18:08:32 | 00,000,016 | ---- | C] () -- C:\WINDOWS\System32\winhcfga.ini
[2007/05/09 20:35:54 | 00,050,127 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2007/04/25 10:12:00 | 01,079,032 | ---- | C] () -- C:\WINDOWS\System32\vorbis_vx.dll
[2007/04/25 10:11:56 | 00,067,320 | ---- | C] () -- C:\WINDOWS\System32\ogg_vx.dll
[2006/07/30 22:59:36 | 00,000,338 | ---- | C] () -- C:\WINDOWS\scrub2k.ini
[2005/07/18 16:51:14 | 00,266,240 | ---- | C] () -- C:\WINDOWS\System32\INInet50.dll
[2005/01/11 20:08:50 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\SafeIE.dll
[2004/08/16 17:49:43 | 00,000,688 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/16 17:49:34 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1997/06/13 18:56:08 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== Files - Modified Within 30 Days ==========

[5 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009/05/19 08:28:44 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Simon Suh\Desktop\OTListIt2.exe
[2009/05/19 08:22:43 | 00,038,912 | ---- | M] (SOFTWIN) -- C:\Documents and Settings\Simon Suh\Desktop\AntiBrontokA-en.exe
[2009/05/19 08:17:39 | 01,883,662 | ---- | M] () -- C:\Documents and Settings\Simon Suh\Desktop\SmitfraudFix.exe
[2009/05/19 07:59:36 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/19 07:58:50 | 00,000,007 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME
[2009/05/19 07:58:02 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/19 07:57:53 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Simon Suh\Local Settings\desktop.ini
[2009/05/19 07:57:50 | 00,352,918 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2009/05/19 07:57:35 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/18 23:36:08 | 00,000,688 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/05/18 23:36:08 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/05/18 23:36:08 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2009/05/18 20:26:43 | 00,000,250 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2009/05/18 10:37:02 | 00,002,119 | ---- | M] () -- C:\Documents and Settings\Simon Suh\Application Data\BuGHkSmUat.gif
[2009/05/18 10:37:02 | 00,000,607 | ---- | M] () -- C:\Documents and Settings\Simon Suh\Application Data\BuGHkSmUzn.gif
[2009/05/18 10:37:02 | 00,000,598 | ---- | M] () -- C:\Documents and Settings\Simon Suh\Application Data\BuGHkSmUby.gif
[2009/05/18 07:57:57 | 00,307,135 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/05/17 21:40:23 | 00,288,620 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2009/05/17 21:40:22 | 24,537,120 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2009/05/17 20:10:03 | 19,094,123 | ---- | M] () -- C:\Documents and Settings\Simon Suh\Desktop\video(2).mp4
[2009/05/16 23:24:27 | 16,847,7903 | ---- | M] () -- C:\Documents and Settings\Simon Suh\Desktop\09_116_Whos_the_Cult_video_podcast_16x9.mp4
[2009/05/16 21:43:51 | 04,519,756 | ---- | M] () -- C:\Documents and Settings\Simon Suh\Desktop\_02
[2009/05/15 09:38:05 | 00,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[2009/05/14 23:18:52 | 00,002,064 | ---- | M] () -- C:\Documents and Settings\Simon Suh\Desktop\The Sims™ 2 Double Deluxe.lnk
[2009/05/13 22:27:25 | 00,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DAEMON Tools Lite.lnk
[2009/05/13 22:13:31 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009/05/12 19:19:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/05/11 16:43:14 | 00,002,497 | ---- | M] () -- C:\Documents and Settings\Simon Suh\Desktop\Microsoft Office Word 2003.lnk
[2009/05/08 18:54:26 | 34,223,912 | ---- | M] () -- C:\Documents and Settings\Simon Suh\Desktop\NA06-DC-GS-1-FrancisChan.mp3
[2009/05/07 08:17:36 | 00,445,504 | ---- | M] (On2.com) -- C:\WINDOWS\System32\vp6vfw.dll
[2009/05/06 16:36:11 | 00,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2009/05/05 20:45:41 | 04,586,112 | ---- | M] () -- C:\Documents and Settings\Simon Suh\Desktop\video.mp3
[2009/05/05 15:21:06 | 06,254,271 | ---- | M] () -- C:\Documents and Settings\Simon Suh\Desktop\Jon Foreman - Your Love is Strong(2).mp3
[2009/05/04 11:03:38 | 21,815,416 | ---- | M] () -- C:\Documents and Settings\Simon Suh\Desktop\video.mp4
[2009/04/30 01:36:37 | 00,075,776 | ---- | M] () -- C:\WINDOWS\System32\WS2Fix.exe
[2009/04/22 21:47:32 | 00,070,320 | ---- | M] () -- C:\Documents and Settings\Simon Suh\My Documents\HAIR2.jpg
[2009/04/22 21:37:46 | 00,108,625 | ---- | M] () -- C:\Documents and Settings\Simon Suh\My Documents\dc_sh01.jpg
[2009/04/22 21:35:20 | 00,033,508 | ---- | M] () -- C:\Documents and Settings\Simon Suh\My Documents\HAIR.jpg
[2009/04/21 19:14:43 | 03,308,032 | ---- | M] () -- C:\Documents and Settings\Simon Suh\My Documents\PARMESEAN CRUSTED TILAPIA.doc
< End of report >

Attached Files



BC AdBot (Login to Remove)

 


#2 SimonIAm

SimonIAm
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:51 AM

Posted 19 May 2009 - 11:26 AM

I've got the problem taken care of.

I used Procmon and Smitfraud to get the job done.

I have no popups and the computer seems to be operating more smoothly.

I don't mind if this thread is closed.

#3 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Members
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the &quot;Logic Free Zone&quot;, in Md, USA
  • Local time:11:51 AM

Posted 19 May 2009 - 11:29 AM

OK - good luck.
And thanks for informing us.

This Topic is closed.

Should you need it reopened, please contact a Forum Moderator. Include the address of this thread in your request.

If you have a new issue, please start a New Topic.

This applies only to the original poster. Everyone else please begin a New Topic.

R,
K
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users