Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Vundo Trojan Infection


  • This topic is locked This topic is locked
2 replies to this topic

#1 joelalor

joelalor

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 12 January 2010 - 09:58 AM

Hi, I am no computer expert by any means and came across this website while trying to diagnose my computer problems. Last week my laptop was infected with some sort of virus that seemed to be called Malware Defender. I was experiencing popups and random audio clips playing. I have Panda internet security installed. When I checked for updates to Panda I discovered that Panda was disabled. As I am the only user of this laptop I know I did not disable it. I tried to update and run a scan. Full scan that normally would take 20+ minutes to run took 30 seconds and showed no infections. This is when I started searching for other answers. I found Your site and downloaded Malwarebytes and rkill and ran them. Since I have had no popups. However any search engine in Internet explorer gets redirected. I also have Firefox and Safari and had no problems there. Today however all web browsers are crashing after a minute or so of use. I am using safe mode on Internet Explorer to post this and have no problems in safe mode. I ran Malwarebytes again this morning in safe mode and it found two instances of Vundo again. I do not know how to eliminate this trojan any Help would be very appreciated. Again bear with me my computer skills are very limited.
Thanks Joe also I forgot to mention I use Windows XP

DDS (Ver_09-12-01.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 11/23/2007 1:32:20 PM
System Uptime: 1/12/2010 8:26:03 AM (2 hours ago)

Motherboard: Acer | | Grapevine
Processor: Intel® Core™ Duo CPU T2450 @ 2.00GHz | U1 | 1995/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 149 GiB total, 102.361 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP482: 10/14/2009 6:05:28 PM - System Checkpoint
RP483: 10/16/2009 7:43:40 AM - Software Distribution Service 3.0
RP484: 10/19/2009 9:43:10 AM - System Checkpoint
RP485: 10/21/2009 6:06:15 AM - Software Distribution Service 3.0
RP486: 10/22/2009 7:48:15 AM - System Checkpoint
RP487: 10/23/2009 9:44:27 AM - System Checkpoint
RP488: 10/24/2009 7:04:25 PM - System Checkpoint
RP489: 10/28/2009 5:47:12 PM - System Checkpoint
RP490: 10/29/2009 6:29:57 PM - System Checkpoint
RP491: 10/31/2009 3:54:14 PM - System Checkpoint
RP492: 11/5/2009 8:21:44 AM - Software Distribution Service 3.0
RP493: 11/10/2009 9:42:47 AM - System Checkpoint
RP494: 11/12/2009 6:37:45 AM - Software Distribution Service 3.0
RP495: 11/16/2009 2:02:20 PM - System Checkpoint
RP496: 11/18/2009 11:05:12 AM - System Checkpoint
RP497: 11/18/2009 1:56:42 PM - Installed War Rock
RP498: 11/19/2009 5:37:58 PM - System Checkpoint
RP499: 11/21/2009 10:34:54 AM - System Checkpoint
RP500: 11/23/2009 7:25:38 AM - System Checkpoint
RP501: 11/24/2009 4:18:20 PM - System Checkpoint
RP502: 11/25/2009 6:19:34 AM - Removed America's Army Deploy Client
RP503: 11/26/2009 8:32:40 AM - Software Distribution Service 3.0
RP504: 11/27/2009 3:33:03 PM - System Checkpoint
RP505: 11/30/2009 7:20:05 AM - System Checkpoint
RP506: 12/2/2009 4:11:03 PM - System Checkpoint
RP507: 12/3/2009 5:22:54 PM - System Checkpoint
RP508: 12/5/2009 8:01:06 PM - System Checkpoint
RP509: 12/7/2009 11:14:17 AM - System Checkpoint
RP510: 12/7/2009 1:43:17 PM - Restore Operation
RP511: 12/8/2009 4:53:58 PM - System Checkpoint
RP512: 12/10/2009 5:58:28 AM - Software Distribution Service 3.0
RP513: 12/11/2009 6:58:28 AM - System Checkpoint
RP514: 12/12/2009 12:21:36 PM - System Checkpoint
RP515: 12/14/2009 2:40:37 PM - System Checkpoint
RP516: 12/16/2009 11:14:59 AM - System Checkpoint
RP517: 12/17/2009 4:37:47 PM - System Checkpoint
RP518: 12/20/2009 11:56:37 AM - System Checkpoint
RP519: 12/21/2009 2:20:27 PM - System Checkpoint
RP520: 12/22/2009 5:28:36 PM - System Checkpoint
RP521: 12/24/2009 3:09:36 PM - System Checkpoint
RP522: 12/25/2009 3:34:39 PM - System Checkpoint
RP523: 12/26/2009 3:59:37 PM - System Checkpoint
RP524: 12/28/2009 3:53:52 PM - System Checkpoint
RP525: 12/29/2009 4:12:44 PM - System Checkpoint
RP526: 12/31/2009 12:03:31 PM - System Checkpoint
RP527: 1/5/2010 7:14:27 AM - System Checkpoint
RP528: 1/8/2010 3:12:11 PM - System Checkpoint
RP529: 1/9/2010 9:07:04 AM - Restore Operation
RP530: 1/10/2010 9:16:40 AM - System Checkpoint
RP531: 1/11/2010 5:38:48 PM - System Checkpoint

==== Installed Programs ======================


Acer Empowering Technology framework
Acer eSettings Management
Acer OrbiCam
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.2
Adobe Shockwave Player
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Avanquest update
Bonjour
Bookkeeper
Broadcom Gigabit Integrated Controller
Canon MP160
CCleaner (remove only)
Critical Update for Windows Media Player 11 (KB959772)
Download Manager 2.3.7
ffdshow [rev 2527] [2008-12-19]
Free Realms Installer
Google Earth
Haali Media Splitter
HDAUDIO Soft Data Fax Modem with SmartCP
home box office Screen Saver
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Image Zone
Intel® Graphics Media Accelerator Driver
Intel® PROSet/Wireless Software
iTunes
J2SE Runtime Environment 5.0 Update 12
Japanese Fonts Support For Adobe Reader 9
Java™ 6 Update 3
Java™ 6 Update 5
Kaspersky Internet Security 2009
Launch Manager
LiveUpdate 3.2 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Malwarebytes' Anti-Malware
mCore
mDriver
mDrWiFi
mEoU
mHelp
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Windows XP Video Decoder Checkup Utility
mIWA
mLogView
mMHouse
Mozilla Firefox (3.0.17)
mPfMgr
mPfWiz
mProSafe
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
mWlsSafe
mXML
MyDeluxeInvoices & Estimates 4.2.0
mZConfig
Napster
Napster Burn Engine
NavyFIELD NorthAmerica
Norton 360
Nursing Assistant - A Nursing Process Approach V1
NVIDIA Drivers
OGA Notifier 2.0.0048.0
Panda ActiveScan 2.0
Panda Internet Security 2008
Panda TotalScan
Pando Media Booster
Pdf995 (installed by TaxCut)
PdfEdit995 (installed by TaxCut)
PunkBuster Services
Quick Heal PCTuner
Quicken 2004
QuickTime
Realtek High Definition Audio Driver
Revo Uninstaller Pro 2.0.5
Safari
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB973704)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB973593)
Security Update for Microsoft Office Outlook 2007 (KB972363)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB969693)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB969604)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
SMSC IrCC V5.1.3600.5 SP2
Software Update for Web Folders
Spelling Dictionaries Support For Adobe Reader 9
TaxCut 2007
TaxCut Illinois 2007
TaxCut Illinois 2008
TaxCut Premium + State + Efile 2008
The Sims™ 2 Deluxe
Uninstall Dual Mode Camera (TDC13E0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office InfoPath 2007 (KB976416)
Update for Outlook 2007 Junk Email Filter (kb976884)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
War Rock
WebIQ Technology Engine
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Live OneCare safety scanner
Windows XP Service Pack 3
World War II Panzer Claws
Yahoo! Install Manager
Yahoo! Search Protection
Yahoo! Software Update
Yahoo! Toolbar

==== Event Viewer Messages From Past Week ========

1/9/2010 9:57:50 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: APPFLT DSAFLT Fips FNETMON IDSFLT intelppm kl1 klbg KLIF pavboot prodrv06 ShldDrv SMSFLT WNMFLT
1/9/2010 8:58:42 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Kaspersky Internet Security service to connect.
1/9/2010 8:58:42 AM, error: Service Control Manager [7000] - The Kaspersky Internet Security service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/9/2010 10:40:32 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
1/9/2010 10:08:33 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
1/8/2010 8:03:11 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service Panda Software Controller with arguments "" in order to run the server: {1D13E84F-91EE-45C7-9656-A05E3417B4D5}
1/8/2010 8:01:06 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD APPFLT DSAFLT Fips FNETMON IDSFLT intelppm IPSec MRxSmb NetBIOS NetBT NETFLTDI pavboot prodrv06 RasAcd Rdbss ShldDrv SMSFLT Tcpip WNMFLT WS2IFSL
1/8/2010 8:01:06 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
1/8/2010 8:01:06 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/8/2010 8:01:06 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/8/2010 8:01:06 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
1/8/2010 8:01:06 PM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/8/2010 8:01:06 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/8/2010 8:00:54 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
1/8/2010 7:43:45 PM, error: Service Control Manager [7034] - The Panda Function Service service terminated unexpectedly. It has done this 1 time(s).
1/8/2010 7:43:39 PM, error: Service Control Manager [7034] - The Intel® PROSet/Wireless Service service terminated unexpectedly. It has done this 1 time(s).
1/8/2010 7:26:34 PM, error: Service Control Manager [7034] - The Panda Software Controller service terminated unexpectedly. It has done this 1 time(s).
1/8/2010 7:16:32 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
1/8/2010 7:16:32 PM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/8/2010 7:16:16 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Panda Process Protection Service service to connect.
1/8/2010 7:16:16 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Panda anti-virus service service to connect.
1/8/2010 7:16:16 PM, error: Service Control Manager [7000] - The Zune Bus Enumerator Driver service failed to start due to the following error: The system cannot find the file specified.
1/8/2010 7:16:16 PM, error: Service Control Manager [7000] - The Panda Process Protection Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/8/2010 7:16:16 PM, error: Service Control Manager [7000] - The Panda anti-virus service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/7/2010 8:16:40 AM, error: Dhcp [1002] - The IP address lease 192.168.0.101 for the Network Card with network address 0019D2D0F8B1 has been denied by the DHCP server 192.168.6.1 (The DHCP Server sent a DHCPNACK message).
1/10/2010 6:40:59 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD APPFLT DSAFLT Fips FNETMON IDSFLT intelppm IPSec kl1 klbg KLIF MRxSmb NetBIOS NetBT NETFLTDI pavboot prodrv06 RasAcd Rdbss ShldDrv SMSFLT Tcpip WNMFLT WS2IFSL

DDS (Ver_09-12-01.01) - NTFSx86 NETWORK
Run by joe at 10:43:27.03 on Tue 01/12/2010
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.5.0_12
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1730 [GMT -6:00]

AV: Malware Defense *On-access scanning enabled* (Outdated) {28e00e3b-806e-4533-925c-f4c3d79514b9}
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
AV: Panda Internet Security 2008 *On-access scanning enabled* (Updated) {4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0}
FW: Panda Internet Security 2008 *enabled* {7B090DC0-8905-4BAF-8040-FD98A41C8FB8}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Internet Explorer\Iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\joe\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2009\ievkbd.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [igndlm.exe] c:\program files\download manager\DLM.exe /windowsstart /startifwork
uRun: [Search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe
uRun: [YSearchProtection] c:\program files\yahoo!\search protection\SearchProtection.exe
uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe
mRun: [YSearchProtection] "c:\program files\yahoo!\search protection\SearchProtection.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APVXDWIN] "c:\program files\panda security\panda internet security 2008\APVXDWIN.EXE" /s
mRun: [SCANINICIO] "c:\program files\panda security\panda internet security 2008\Inicio.exe"
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
mRunOnce: [InnoSetupRegFile.0000000001] "c:\windows\is-I1MC7.exe" /REG
dRunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32
StartupFolder: c:\docume~1\joe\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mysoft~1.lnk - c:\program files\common files\mysoftware\NewsFlsh.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quicke~1.lnk - c:\program files\quicken\bagent.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - c:\program files\kaspersky lab\kaspersky internet security 2009\SCIEPlgn.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
LSP: c:\program files\panda security\panda internet security 2008\pavlsp.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {25365FF3-2746-4230-9DA7-163CCA318309} - hxxp://inst.c-wss.com/n042p/EN/install/gtdownlr.cab
DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper200711281.dll
DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} - hxxp://webiq005.webiqonline.com/WebIQ/DataServer/Pub/DataServer.dll?Handler=GetEngineDistribution&EDID={896A23A1-5821-4609-A6C6-6D5536C585C9}
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.7.109.cab
DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} - hxxp://www.nanoscan.com/as/cabs/ascstubie.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {B69F2A9C-E470-11D3-AFA3-525400DB7692} - hxxp://hutchence.armstrong.com/ib/databases/actimage40803.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
DPF: {BCBC9371-9827-11DA-A72B-0800200C9A66} - hxxp://merillat.view22.com/release_3_9_177/View22RTEv4.cab
DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_12-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: avldr - avldr.dll
Notify: igfxcui - igfxdev.dll
Notify: klogon - c:\windows\system32\klogon.dll
AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd.dll,c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~1\adialhk.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\joe\applic~1\mozilla\firefox\profiles\evrpgvz5.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\progra~1\sonyon~1\npsoe.dll
FF - plugin: c:\program files\download manager\npfpdlm.dll
FF - plugin: c:\program files\java\jre1.5.0_12\bin\NPJava11.dll
FF - plugin: c:\program files\java\jre1.5.0_12\bin\NPJava12.dll
FF - plugin: c:\program files\java\jre1.5.0_12\bin\NPJava13.dll
FF - plugin: c:\program files\java\jre1.5.0_12\bin\NPJava14.dll
FF - plugin: c:\program files\java\jre1.5.0_12\bin\NPJava32.dll
FF - plugin: c:\program files\java\jre1.5.0_12\bin\NPJPI150_12.dll
FF - plugin: c:\program files\java\jre1.5.0_12\bin\NPOJI610.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npPandoWebInst.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

============= SERVICES / DRIVERS ===============

R1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\drivers\NETFLTDI.SYS [2008-5-16 132664]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-4-30 24592]
R3 NETIMFLT01050097;PANDA NDIS IM Filter Miniport v1.5.0.97;c:\windows\system32\drivers\netimflt.sys [2008-5-16 143160]
S0 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2008-7-21 121872]
S0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-1-29 32784]
S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-3-28 28552]
S0 valivxf;valivxf;c:\windows\system32\drivers\gkvqx.sys --> c:\windows\system32\drivers\gkvqx.sys [?]
S1 APPFLT;App Filter Plugin;c:\windows\system32\drivers\APPFLT.SYS [2008-5-16 71608]
S1 DSAFLT;DSA Filter Plugin;c:\windows\system32\drivers\dsaflt.sys [2008-5-16 51256]
S1 eocpkvrt;eocpkvrt;\??\c:\windows\system32\drivers\eocpkvrt.sys --> c:\windows\system32\drivers\eocpkvrt.sys [?]
S1 FNETMON;NetMon Filter Plugin;c:\windows\system32\drivers\fnetmon.sys [2008-5-16 21816]
S1 IDSFLT;Ids Filter Plugin;c:\windows\system32\drivers\idsflt.sys [2008-5-16 191672]
S1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2010-1-9 213008]
S1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [2008-5-16 38968]
S1 SMSFLT;SMS Filter Plugin;c:\windows\system32\drivers\smsflt.sys [2008-5-16 37304]
S1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\drivers\wnmflt.sys [2008-5-16 30648]
S2 AVP;Kaspersky Internet Security;c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe [2008-7-29 206088]
S2 AWService;AdminWorks Agent X6;c:\acer\empowering technology\admServ.exe [2005-10-24 1314816]
S2 cpoint;Panda CPoint Driver;c:\windows\system32\drivers\cpoint.sys [2008-5-16 24760]
S2 Panda Software Controller;Panda Software Controller;c:\program files\panda security\panda internet security 2008\PsCtrlS.exe [2008-5-16 169264]
S2 PAVDRV;pavdrv;c:\windows\system32\drivers\pavdrv51.sys [2008-5-16 83896]
S2 PAVFNSVR;Panda Function Service;c:\program files\panda security\panda internet security 2008\PAVFNSVR.EXE [2008-5-16 173360]
S2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [2008-5-16 178872]
S2 PavPrSrv;Panda Process Protection Service;c:\program files\common files\panda software\pavshld\PavPrSrv.exe [2008-5-16 63024]
S2 PAVSRV;Panda anti-virus service;c:\program files\panda security\panda internet security 2008\PAVSRV51.EXE [2008-5-16 148272]
S3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys --> c:\windows\system32\drivers\av5flt.sys [?]
S3 ComFiltr;Panda Anti-Dialer;c:\windows\system32\drivers\COMFiltr.sys [2008-8-9 13880]
S3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-3-13 26640]
S3 NETIMFLT;PANDA NDIS IM Filter Miniport;c:\windows\system32\drivers\netimflt.sys [2008-5-16 143160]
S3 PavSRK.sys;PavSRK.sys;\??\c:\windows\system32\pavsrk.sys --> c:\windows\system32\PavSRK.sys [?]
S3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\pavtpk.sys --> c:\windows\system32\PavTPK.sys [?]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2010-1-9 27064]
S3 SaiH0006;SaiH0006;c:\windows\system32\drivers\SaiH0006.sys [2004-7-26 56576]
S3 sdthook;sdthook;\??\c:\windows\system32\drivers\sdthook.sys --> c:\windows\system32\drivers\sdthook.sys [?]

============== File Associations ===============

JSEFile=c:\progra~1\pandas~1\pandai~1\PAVSCRIP.EXE "%1" %*
VBEFile=c:\progra~1\pandas~1\pandai~1\PAVSCRIP.EXE "%1" %*
VBSFile=c:\progra~1\pandas~1\pandai~1\PAVSCRIP.EXE "%1" %*

=============== Created Last 30 ================

2010-01-12 14:29:20 696832 ----a-w- c:\windows\is-I1MC7.exe
2010-01-12 14:29:20 346 ----a-w- c:\windows\is-I1MC7.lst
2010-01-12 14:29:20 10498 ----a-w- c:\windows\is-I1MC7.msg
2010-01-09 16:37:35 0 d-----w- c:\docume~1\joe\applic~1\Malwarebytes
2010-01-09 16:37:31 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-09 16:37:28 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-09 16:37:28 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-09 16:37:28 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-01-09 16:06:13 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys
2010-01-09 16:06:08 0 d-----w- c:\program files\VS Revo Group
2010-01-09 14:28:47 96559 ----a-w- c:\windows\system32\drivers\klin.dat
2010-01-09 14:28:47 87855 ----a-w- c:\windows\system32\drivers\klick.dat
2010-01-09 14:27:48 0 d-----w- c:\program files\Kaspersky Lab
2010-01-09 14:27:48 0 d-----w- c:\docume~1\alluse~1\applic~1\Kaspersky Lab
2010-01-09 14:26:34 0 d-----w- c:\docume~1\alluse~1\applic~1\Kaspersky Lab Setup Files
2010-01-09 01:26:34 261 ----a-w- c:\windows\system32\PavCPL.dat
2010-01-02 18:47:08 0 d-----w- c:\windows\system32\home box office dir
2009-12-31 23:12:09 0 d-----w- c:\docume~1\alluse~1\applic~1\ImageZone
2009-12-31 23:12:09 0 d-----w- c:\docume~1\alluse~1\applic~1\Image Zone
2009-12-31 23:11:57 69098 ----a-w- c:\windows\system32\drivers\jl2005c.sys
2009-12-31 23:11:57 15360 ----a-w- c:\windows\system32\jl2005c.ax
2009-12-31 23:11:57 135168 ----a-w- c:\windows\system32\jl_jdct.drv
2009-12-31 23:11:57 0 d-----w- c:\program files\TDC13E0
2009-12-31 23:11:57 0 d-----w- c:\program files\MTA
2009-12-31 23:11:37 0 d-----w- c:\program files\Haali
2009-12-31 23:11:35 547 ----a-w- c:\windows\system32\ff_vfw.dll.manifest
2009-12-31 23:11:34 60273 ----a-w- c:\windows\system32\pthreadGC2.dll
2009-12-31 23:11:34 57344 ----a-w- c:\windows\system32\ff_vfw.dll
2009-12-31 23:11:32 0 d-----w- c:\program files\ffdshow
2009-12-31 23:10:34 0 d-----w- c:\program files\Image Zone
2009-12-15 15:18:01 520192 ----a-w- c:\windows\system32\home box office.scr

==================== Find3M ====================

2010-01-12 12:51:51 498112 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT.bck
2010-01-12 12:51:51 498112 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT
2010-01-11 23:13:20 1204 ----a-w- c:\windows\system32\drivers\APPFLTR.CFG.bck
2010-01-11 23:13:20 1204 ----a-w- c:\windows\system32\drivers\APPFLTR.CFG
2010-01-11 23:12:50 13880 ----a-w- c:\windows\system32\drivers\COMFiltr.sys
2010-01-09 01:19:20 144 ----a-w- c:\windows\system32\drivers\wnmsav.dat
2009-10-29 07:45:44 841216 ----a-w- c:\windows\system32\wininet.dll
2009-10-29 07:45:42 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-10-29 07:45:42 17408 ----a-w- c:\windows\system32\corpol.dll
2009-10-21 05:38:36 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:38:36 25088 ----a-w- c:\windows\system32\httpapi.dll
2008-01-12 17:40:10 415 ----a-w- c:\program files\uivars.var
2008-01-12 17:39:53 463 ----a-w- c:\program files\texload.err
2008-01-12 17:39:53 21 ----a-w- c:\program files\jstick.dbg
2008-01-12 17:20:12 876 ----a-w- c:\program files\rank01.uic
2008-01-12 17:20:12 43 ----a-w- c:\program files\msg001.dtf
2008-01-12 17:20:12 299 ----a-w- c:\program files\msg002.txt
2008-01-12 17:20:12 1761 ----a-w- c:\program files\msg001.txt
2008-01-12 16:38:31 98 ----a-w- c:\program files\offtmp.lst
2008-01-12 16:30:15 111860 ----a-w- c:\program files\manifest.txtdl
2008-01-12 16:30:13 45 ----a-w- c:\program files\LastUpdate.dat
2008-01-12 16:25:21 574 ----a-w- c:\program files\alist.lst
2008-01-12 16:15:26 26 ----a-w- c:\program files\gfx9set.cfg
2008-01-12 15:39:12 225 ----a-w- c:\program files\ui.vfc
2008-01-12 15:37:05 457 ----a-w- c:\program files\tunisiab.fld
2008-01-12 15:32:37 323 ----a-w- c:\program files\terr001.fld
2008-01-12 15:28:51 1120 ----a-w- c:\program files\runway4.vfc
2008-01-12 15:25:56 871 ----a-w- c:\program files\PTO.fld
2008-01-12 15:18:47 520 ----a-w- c:\program files\midway.fld
2008-01-12 15:18:31 251 ----a-w- c:\program files\malta2b.fld
2008-01-12 15:18:31 251 ----a-w- c:\program files\malta2.fld
2008-01-12 15:18:30 251 ----a-w- c:\program files\malta.fld
2008-01-12 15:13:28 231 ----a-w- c:\program files\fonts.vfc
2008-01-12 15:12:14 493 ----a-w- c:\program files\flanders.fld
2008-01-12 15:11:25 588 ----a-w- c:\program files\evaluation.off
2008-01-12 15:11:16 323 ----a-w- c:\program files\europeb.fld
2008-01-12 15:09:40 882 ----a-w- c:\program files\eto.fld
2008-01-12 15:08:22 256 ----a-w- c:\program files\copyright.txt
2008-01-12 15:02:51 1012 ----a-w- c:\program files\20mmaaacockpit.vfc
2007-02-21 22:55:18 3502080 ----a-w- c:\program files\wb3.exe
2007-02-21 01:23:26 83311 ----a-w- c:\program files\changehistory.txt
2007-02-14 23:56:52 786476 ----a-w- c:\program files\splash.tga
2007-02-14 22:28:12 4202595 ----a-w- c:\program files\tobruktiles_2.vfc
2007-02-14 22:28:12 13233485 ----a-w- c:\program files\tobruktiles.vfc
2007-01-17 01:59:06 14695 ----a-w- c:\program files\terrmap.vfc
2007-01-14 21:24:04 2796344 ----a-w- c:\program files\tobruk.dds
2007-01-14 17:10:52 5197 ----a-w- c:\program files\tobruk.fld
2007-01-13 01:02:50 570654 ----a-w- c:\program files\fw190d.VFC
2007-01-11 23:54:30 754479 ----a-w- c:\program files\tobruk.vfc
2007-01-11 23:54:30 105216 ----a-w- c:\program files\tobrukrds.vfc
2007-01-11 23:54:28 40990544 ----a-w- c:\program files\tobruktex.vfc
2006-12-28 23:43:12 1291847 ----a-w- c:\program files\he111h3.vfc
2006-12-28 19:52:58 780494 ----a-w- c:\program files\spad13cockpit.vfc
2006-12-28 19:39:52 1084514 ----a-w- c:\program files\nport17.vfc
2006-12-19 23:38:44 2330 ----a-r- c:\program files\credits.vfc
2006-11-20 12:20:28 505313 ----a-w- c:\program files\se5acp.vfc
2006-11-20 12:18:04 24652 ----a-w- c:\program files\matlibs.vfc
2006-11-20 12:10:50 1574351 ----a-w- c:\program files\se5a.vfc
2006-11-16 22:21:00 212693 ----a-w- c:\program files\predator.vfc
2006-11-16 22:04:52 10288 ----a-w- c:\program files\Conduct and Policies.txt
2006-11-16 19:57:40 2158893 ----a-w- c:\program files\cl2.vfc
2006-11-15 01:25:02 6014771 ----a-w- c:\program files\ground.vfc
2006-10-06 20:01:00 4240565 ----a-w- c:\program files\fl.vfc
2006-09-25 20:43:50 4240565 ----a-w- c:\program files\flift.vfc
2006-09-20 14:14:54 583659 ----a-w- c:\program files\wfront.vfc
2006-09-20 14:14:52 79644 ----a-w- c:\program files\wfrontrds.vfc
2006-09-20 14:14:52 18090216 ----a-w- c:\program files\wfronttex.vfc
2006-09-20 14:14:50 4202864 ----a-w- c:\program files\wfronttiles_2.vfc
2006-09-20 14:14:48 13283767 ----a-w- c:\program files\wfronttiles.vfc
2006-09-15 21:43:18 375163 ----a-w- c:\program files\lz30cockpit.vfc
2006-09-15 21:42:38 872437 ----a-w- c:\program files\lz30.vfc
2006-09-15 17:34:48 89572 ----a-w- c:\program files\trenchmgcockpit.vfc
2006-09-15 17:34:18 145478 ----a-w- c:\program files\trenchmg.vfc
2006-09-15 15:33:32 2796344 ----a-w- c:\program files\wfront.dds
2006-09-11 09:22:00 1050668 ----a-w- c:\program files\gothagiv.vfc
2006-09-04 16:52:28 931453 ----a-w- c:\program files\nport17cockpit.vfc
2006-08-28 12:41:10 7054 ----a-w- c:\program files\wfront.fld
2006-05-10 21:41:00 941432 ----a-w- c:\program files\spitm03f.vfc
2006-05-10 21:41:00 841808 ----a-w- c:\program files\spitm03fcockpit.vfc
2006-05-10 21:20:00 994752 ----a-w- c:\program files\109e1a0.vfc
2006-05-10 21:20:00 798335 ----a-w- c:\program files\109e1a0cockpit.vfc
2006-02-25 20:41:00 28494562 ----a-w- c:\program files\t6acockpit.vfc
2006-01-17 21:28:32 4197929 ----a-w- c:\program files\midwaytiles_2.vfc
2006-01-17 21:28:32 273576 ----a-w- c:\program files\midwaytex.vfc
2006-01-17 21:28:32 140868 ----a-w- c:\program files\midway.vfc
2006-01-17 21:28:30 8966152 ----a-w- c:\program files\midwaytiles.vfc
2005-12-01 20:10:00 2796344 ----a-w- c:\program files\midway.dds
2005-10-31 19:55:00 2796344 ----a-w- c:\program files\randolph.dds
2005-10-31 09:00:00 197224 ----a-w- c:\program files\randolph.vfc
2005-10-31 09:00:00 106976 ----a-w- c:\program files\randolphrds.vfc
2005-10-30 19:27:00 1694281 ----a-w- c:\program files\t6a.vfc
2005-10-29 00:24:00 4201786 ----a-w- c:\program files\randolphtiles_2.vfc
2005-10-29 00:24:00 13766168 ----a-w- c:\program files\randolphtex.vfc
2005-10-29 00:24:00 13238061 ----a-w- c:\program files\randolphtiles.vfc
2005-10-23 06:19:00 4194327 ----a-w- c:\program files\rafb-rwovrn.MIP
2005-10-23 06:02:00 4194327 ----a-w- c:\program files\rafb-rwstrt.MIP
2005-10-23 05:51:00 4194327 ----a-w- c:\program files\rafb-rwtile.MIP
2005-07-26 16:28:10 833795 ----a-w- c:\program files\dr1cockpit.vfc
2005-07-20 10:09:48 2494 ----a-w- c:\program files\midwayocean.vfc
2005-06-10 19:04:00 3123213 ----a-w- c:\program files\c47cockpit.vfc
2008-07-25 03:14:29 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008072420080725\index.dat

============= FINISH: 10:43:42.12 ===============
==== End Of File ===========================





DDS (Ver_09-12-01.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 11/23/2007 1:32:20 PM
System Uptime: 1/12/2010 8:26:03 AM (2 hours ago)

Motherboard: Acer | | Grapevine
Processor: Intel® Core™ Duo CPU T2450 @ 2.00GHz | U1 | 1995/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 149 GiB total, 102.361 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP482: 10/14/2009 6:05:28 PM - System Checkpoint
RP483: 10/16/2009 7:43:40 AM - Software Distribution Service 3.0
RP484: 10/19/2009 9:43:10 AM - System Checkpoint
RP485: 10/21/2009 6:06:15 AM - Software Distribution Service 3.0
RP486: 10/22/2009 7:48:15 AM - System Checkpoint
RP487: 10/23/2009 9:44:27 AM - System Checkpoint
RP488: 10/24/2009 7:04:25 PM - System Checkpoint
RP489: 10/28/2009 5:47:12 PM - System Checkpoint
RP490: 10/29/2009 6:29:57 PM - System Checkpoint
RP491: 10/31/2009 3:54:14 PM - System Checkpoint
RP492: 11/5/2009 8:21:44 AM - Software Distribution Service 3.0
RP493: 11/10/2009 9:42:47 AM - System Checkpoint
RP494: 11/12/2009 6:37:45 AM - Software Distribution Service 3.0
RP495: 11/16/2009 2:02:20 PM - System Checkpoint
RP496: 11/18/2009 11:05:12 AM - System Checkpoint
RP497: 11/18/2009 1:56:42 PM - Installed War Rock
RP498: 11/19/2009 5:37:58 PM - System Checkpoint
RP499: 11/21/2009 10:34:54 AM - System Checkpoint
RP500: 11/23/2009 7:25:38 AM - System Checkpoint
RP501: 11/24/2009 4:18:20 PM - System Checkpoint
RP502: 11/25/2009 6:19:34 AM - Removed America's Army Deploy Client
RP503: 11/26/2009 8:32:40 AM - Software Distribution Service 3.0
RP504: 11/27/2009 3:33:03 PM - System Checkpoint
RP505: 11/30/2009 7:20:05 AM - System Checkpoint
RP506: 12/2/2009 4:11:03 PM - System Checkpoint
RP507: 12/3/2009 5:22:54 PM - System Checkpoint
RP508: 12/5/2009 8:01:06 PM - System Checkpoint
RP509: 12/7/2009 11:14:17 AM - System Checkpoint
RP510: 12/7/2009 1:43:17 PM - Restore Operation
RP511: 12/8/2009 4:53:58 PM - System Checkpoint
RP512: 12/10/2009 5:58:28 AM - Software Distribution Service 3.0
RP513: 12/11/2009 6:58:28 AM - System Checkpoint
RP514: 12/12/2009 12:21:36 PM - System Checkpoint
RP515: 12/14/2009 2:40:37 PM - System Checkpoint
RP516: 12/16/2009 11:14:59 AM - System Checkpoint
RP517: 12/17/2009 4:37:47 PM - System Checkpoint
RP518: 12/20/2009 11:56:37 AM - System Checkpoint
RP519: 12/21/2009 2:20:27 PM - System Checkpoint
RP520: 12/22/2009 5:28:36 PM - System Checkpoint
RP521: 12/24/2009 3:09:36 PM - System Checkpoint
RP522: 12/25/2009 3:34:39 PM - System Checkpoint
RP523: 12/26/2009 3:59:37 PM - System Checkpoint
RP524: 12/28/2009 3:53:52 PM - System Checkpoint
RP525: 12/29/2009 4:12:44 PM - System Checkpoint
RP526: 12/31/2009 12:03:31 PM - System Checkpoint
RP527: 1/5/2010 7:14:27 AM - System Checkpoint
RP528: 1/8/2010 3:12:11 PM - System Checkpoint
RP529: 1/9/2010 9:07:04 AM - Restore Operation
RP530: 1/10/2010 9:16:40 AM - System Checkpoint
RP531: 1/11/2010 5:38:48 PM - System Checkpoint

==== Installed Programs ======================


Acer Empowering Technology framework
Acer eSettings Management
Acer OrbiCam
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.2
Adobe Shockwave Player
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Avanquest update
Bonjour
Bookkeeper
Broadcom Gigabit Integrated Controller
Canon MP160
CCleaner (remove only)
Critical Update for Windows Media Player 11 (KB959772)
Download Manager 2.3.7
ffdshow [rev 2527] [2008-12-19]
Free Realms Installer
Google Earth
Haali Media Splitter
HDAUDIO Soft Data Fax Modem with SmartCP
home box office Screen Saver
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Image Zone
Intel® Graphics Media Accelerator Driver
Intel® PROSet/Wireless Software
iTunes
J2SE Runtime Environment 5.0 Update 12
Japanese Fonts Support For Adobe Reader 9
Java™ 6 Update 3
Java™ 6 Update 5
Kaspersky Internet Security 2009
Launch Manager
LiveUpdate 3.2 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Malwarebytes' Anti-Malware
mCore
mDriver
mDrWiFi
mEoU
mHelp
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Windows XP Video Decoder Checkup Utility
mIWA
mLogView
mMHouse
Mozilla Firefox (3.0.17)
mPfMgr
mPfWiz
mProSafe
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
mWlsSafe
mXML
MyDeluxeInvoices & Estimates 4.2.0
mZConfig
Napster
Napster Burn Engine
NavyFIELD NorthAmerica
Norton 360
Nursing Assistant - A Nursing Process Approach V1
NVIDIA Drivers
OGA Notifier 2.0.0048.0
Panda ActiveScan 2.0
Panda Internet Security 2008
Panda TotalScan
Pando Media Booster
Pdf995 (installed by TaxCut)
PdfEdit995 (installed by TaxCut)
PunkBuster Services
Quick Heal PCTuner
Quicken 2004
QuickTime
Realtek High Definition Audio Driver
Revo Uninstaller Pro 2.0.5
Safari
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB973704)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB973593)
Security Update for Microsoft Office Outlook 2007 (KB972363)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB969693)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB969604)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
SMSC IrCC V5.1.3600.5 SP2
Software Update for Web Folders
Spelling Dictionaries Support For Adobe Reader 9
TaxCut 2007
TaxCut Illinois 2007
TaxCut Illinois 2008
TaxCut Premium + State + Efile 2008
The Sims™ 2 Deluxe
Uninstall Dual Mode Camera (TDC13E0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office InfoPath 2007 (KB976416)
Update for Outlook 2007 Junk Email Filter (kb976884)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
War Rock
WebIQ Technology Engine
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Live OneCare safety scanner
Windows XP Service Pack 3
World War II Panzer Claws
Yahoo! Install Manager
Yahoo! Search Protection
Yahoo! Software Update
Yahoo! Toolbar

==== Event Viewer Messages From Past Week ========

1/9/2010 9:57:50 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: APPFLT DSAFLT Fips FNETMON IDSFLT intelppm kl1 klbg KLIF pavboot prodrv06 ShldDrv SMSFLT WNMFLT
1/9/2010 8:58:42 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Kaspersky Internet Security service to connect.
1/9/2010 8:58:42 AM, error: Service Control Manager [7000] - The Kaspersky Internet Security service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/9/2010 10:40:32 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
1/9/2010 10:08:33 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
1/8/2010 8:03:11 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service Panda Software Controller with arguments "" in order to run the server: {1D13E84F-91EE-45C7-9656-A05E3417B4D5}
1/8/2010 8:01:06 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD APPFLT DSAFLT Fips FNETMON IDSFLT intelppm IPSec MRxSmb NetBIOS NetBT NETFLTDI pavboot prodrv06 RasAcd Rdbss ShldDrv SMSFLT Tcpip WNMFLT WS2IFSL
1/8/2010 8:01:06 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
1/8/2010 8:01:06 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/8/2010 8:01:06 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/8/2010 8:01:06 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
1/8/2010 8:01:06 PM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/8/2010 8:01:06 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/8/2010 8:00:54 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
1/8/2010 7:43:45 PM, error: Service Control Manager [7034] - The Panda Function Service service terminated unexpectedly. It has done this 1 time(s).
1/8/2010 7:43:39 PM, error: Service Control Manager [7034] - The Intel® PROSet/Wireless Service service terminated unexpectedly. It has done this 1 time(s).
1/8/2010 7:26:34 PM, error: Service Control Manager [7034] - The Panda Software Controller service terminated unexpectedly. It has done this 1 time(s).
1/8/2010 7:16:32 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
1/8/2010 7:16:32 PM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/8/2010 7:16:16 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Panda Process Protection Service service to connect.
1/8/2010 7:16:16 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Panda anti-virus service service to connect.
1/8/2010 7:16:16 PM, error: Service Control Manager [7000] - The Zune Bus Enumerator Driver service failed to start due to the following error: The system cannot find the file specified.
1/8/2010 7:16:16 PM, error: Service Control Manager [7000] - The Panda Process Protection Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/8/2010 7:16:16 PM, error: Service Control Manager [7000] - The Panda anti-virus service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/7/2010 8:16:40 AM, error: Dhcp [1002] - The IP address lease 192.168.0.101 for the Network Card with network address 0019D2D0F8B1 has been denied by the DHCP server 192.168.6.1 (The DHCP Server sent a DHCPNACK message).
1/10/2010 6:40:59 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD APPFLT DSAFLT Fips FNETMON IDSFLT intelppm IPSec kl1 klbg KLIF MRxSmb NetBIOS NetBT NETFLTDI pavboot prodrv06 RasAcd Rdbss ShldDrv SMSFLT Tcpip WNMFLT WS2IFSL

DDS (Ver_09-12-01.01) - NTFSx86 NETWORK
Run by joe at 10:43:27.03 on Tue 01/12/2010
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.5.0_12
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1730 [GMT -6:00]

AV: Malware Defense *On-access scanning enabled* (Outdated) {28e00e3b-806e-4533-925c-f4c3d79514b9}
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
AV: Panda Internet Security 2008 *On-access scanning enabled* (Updated) {4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0}
FW: Panda Internet Security 2008 *enabled* {7B090DC0-8905-4BAF-8040-FD98A41C8FB8}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Internet Explorer\Iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\joe\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2009\ievkbd.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [igndlm.exe] c:\program files\download manager\DLM.exe /windowsstart /startifwork
uRun: [Search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe
uRun: [YSearchProtection] c:\program files\yahoo!\search protection\SearchProtection.exe
uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe
mRun: [YSearchProtection] "c:\program files\yahoo!\search protection\SearchProtection.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APVXDWIN] "c:\program files\panda security\panda internet security 2008\APVXDWIN.EXE" /s
mRun: [SCANINICIO] "c:\program files\panda security\panda internet security 2008\Inicio.exe"
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
mRunOnce: [InnoSetupRegFile.0000000001] "c:\windows\is-I1MC7.exe" /REG
dRunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32
StartupFolder: c:\docume~1\joe\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mysoft~1.lnk - c:\program files\common files\mysoftware\NewsFlsh.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quicke~1.lnk - c:\program files\quicken\bagent.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - c:\program files\kaspersky lab\kaspersky internet security 2009\SCIEPlgn.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
LSP: c:\program files\panda security\panda internet security 2008\pavlsp.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {25365FF3-2746-4230-9DA7-163CCA318309} - hxxp://inst.c-wss.com/n042p/EN/install/gtdownlr.cab
DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper200711281.dll
DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} - hxxp://webiq005.webiqonline.com/WebIQ/DataServer/Pub/DataServer.dll?Handler=GetEngineDistribution&EDID={896A23A1-5821-4609-A6C6-6D5536C585C9}
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.7.109.cab
DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} - hxxp://www.nanoscan.com/as/cabs/ascstubie.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {B69F2A9C-E470-11D3-AFA3-525400DB7692} - hxxp://hutchence.armstrong.com/ib/databases/actimage40803.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
DPF: {BCBC9371-9827-11DA-A72B-0800200C9A66} - hxxp://merillat.view22.com/release_3_9_177/View22RTEv4.cab
DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_12-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: avldr - avldr.dll
Notify: igfxcui - igfxdev.dll
Notify: klogon - c:\windows\system32\klogon.dll
AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd.dll,c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~1\adialhk.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\joe\applic~1\mozilla\firefox\profiles\evrpgvz5.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\progra~1\sonyon~1\npsoe.dll
FF - plugin: c:\program files\download manager\npfpdlm.dll
FF - plugin: c:\program files\java\jre1.5.0_12\bin\NPJava11.dll
FF - plugin: c:\program files\java\jre1.5.0_12\bin\NPJava12.dll
FF - plugin: c:\program files\java\jre1.5.0_12\bin\NPJava13.dll
FF - plugin: c:\program files\java\jre1.5.0_12\bin\NPJava14.dll
FF - plugin: c:\program files\java\jre1.5.0_12\bin\NPJava32.dll
FF - plugin: c:\program files\java\jre1.5.0_12\bin\NPJPI150_12.dll
FF - plugin: c:\program files\java\jre1.5.0_12\bin\NPOJI610.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npPandoWebInst.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

============= SERVICES / DRIVERS ===============

R1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\drivers\NETFLTDI.SYS [2008-5-16 132664]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-4-30 24592]
R3 NETIMFLT01050097;PANDA NDIS IM Filter Miniport v1.5.0.97;c:\windows\system32\drivers\netimflt.sys [2008-5-16 143160]
S0 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2008-7-21 121872]
S0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-1-29 32784]
S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-3-28 28552]
S0 valivxf;valivxf;c:\windows\system32\drivers\gkvqx.sys --> c:\windows\system32\drivers\gkvqx.sys [?]
S1 APPFLT;App Filter Plugin;c:\windows\system32\drivers\APPFLT.SYS [2008-5-16 71608]
S1 DSAFLT;DSA Filter Plugin;c:\windows\system32\drivers\dsaflt.sys [2008-5-16 51256]
S1 eocpkvrt;eocpkvrt;\??\c:\windows\system32\drivers\eocpkvrt.sys --> c:\windows\system32\drivers\eocpkvrt.sys [?]
S1 FNETMON;NetMon Filter Plugin;c:\windows\system32\drivers\fnetmon.sys [2008-5-16 21816]
S1 IDSFLT;Ids Filter Plugin;c:\windows\system32\drivers\idsflt.sys [2008-5-16 191672]
S1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2010-1-9 213008]
S1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [2008-5-16 38968]
S1 SMSFLT;SMS Filter Plugin;c:\windows\system32\drivers\smsflt.sys [2008-5-16 37304]
S1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\drivers\wnmflt.sys [2008-5-16 30648]
S2 AVP;Kaspersky Internet Security;c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe [2008-7-29 206088]
S2 AWService;AdminWorks Agent X6;c:\acer\empowering technology\admServ.exe [2005-10-24 1314816]
S2 cpoint;Panda CPoint Driver;c:\windows\system32\drivers\cpoint.sys [2008-5-16 24760]
S2 Panda Software Controller;Panda Software Controller;c:\program files\panda security\panda internet security 2008\PsCtrlS.exe [2008-5-16 169264]
S2 PAVDRV;pavdrv;c:\windows\system32\drivers\pavdrv51.sys [2008-5-16 83896]
S2 PAVFNSVR;Panda Function Service;c:\program files\panda security\panda internet security 2008\PAVFNSVR.EXE [2008-5-16 173360]
S2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [2008-5-16 178872]
S2 PavPrSrv;Panda Process Protection Service;c:\program files\common files\panda software\pavshld\PavPrSrv.exe [2008-5-16 63024]
S2 PAVSRV;Panda anti-virus service;c:\program files\panda security\panda internet security 2008\PAVSRV51.EXE [2008-5-16 148272]
S3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys --> c:\windows\system32\drivers\av5flt.sys [?]
S3 ComFiltr;Panda Anti-Dialer;c:\windows\system32\drivers\COMFiltr.sys [2008-8-9 13880]
S3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-3-13 26640]
S3 NETIMFLT;PANDA NDIS IM Filter Miniport;c:\windows\system32\drivers\netimflt.sys [2008-5-16 143160]
S3 PavSRK.sys;PavSRK.sys;\??\c:\windows\system32\pavsrk.sys --> c:\windows\system32\PavSRK.sys [?]
S3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\pavtpk.sys --> c:\windows\system32\PavTPK.sys [?]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2010-1-9 27064]
S3 SaiH0006;SaiH0006;c:\windows\system32\drivers\SaiH0006.sys [2004-7-26 56576]
S3 sdthook;sdthook;\??\c:\windows\system32\drivers\sdthook.sys --> c:\windows\system32\drivers\sdthook.sys [?]

============== File Associations ===============

JSEFile=c:\progra~1\pandas~1\pandai~1\PAVSCRIP.EXE "%1" %*
VBEFile=c:\progra~1\pandas~1\pandai~1\PAVSCRIP.EXE "%1" %*
VBSFile=c:\progra~1\pandas~1\pandai~1\PAVSCRIP.EXE "%1" %*

=============== Created Last 30 ================

2010-01-12 14:29:20 696832 ----a-w- c:\windows\is-I1MC7.exe
2010-01-12 14:29:20 346 ----a-w- c:\windows\is-I1MC7.lst
2010-01-12 14:29:20 10498 ----a-w- c:\windows\is-I1MC7.msg
2010-01-09 16:37:35 0 d-----w- c:\docume~1\joe\applic~1\Malwarebytes
2010-01-09 16:37:31 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-09 16:37:28 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-09 16:37:28 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-09 16:37:28 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-01-09 16:06:13 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys
2010-01-09 16:06:08 0 d-----w- c:\program files\VS Revo Group
2010-01-09 14:28:47 96559 ----a-w- c:\windows\system32\drivers\klin.dat
2010-01-09 14:28:47 87855 ----a-w- c:\windows\system32\drivers\klick.dat
2010-01-09 14:27:48 0 d-----w- c:\program files\Kaspersky Lab
2010-01-09 14:27:48 0 d-----w- c:\docume~1\alluse~1\applic~1\Kaspersky Lab
2010-01-09 14:26:34 0 d-----w- c:\docume~1\alluse~1\applic~1\Kaspersky Lab Setup Files
2010-01-09 01:26:34 261 ----a-w- c:\windows\system32\PavCPL.dat
2010-01-02 18:47:08 0 d-----w- c:\windows\system32\home box office dir
2009-12-31 23:12:09 0 d-----w- c:\docume~1\alluse~1\applic~1\ImageZone
2009-12-31 23:12:09 0 d-----w- c:\docume~1\alluse~1\applic~1\Image Zone
2009-12-31 23:11:57 69098 ----a-w- c:\windows\system32\drivers\jl2005c.sys
2009-12-31 23:11:57 15360 ----a-w- c:\windows\system32\jl2005c.ax
2009-12-31 23:11:57 135168 ----a-w- c:\windows\system32\jl_jdct.drv
2009-12-31 23:11:57 0 d-----w- c:\program files\TDC13E0
2009-12-31 23:11:57 0 d-----w- c:\program files\MTA
2009-12-31 23:11:37 0 d-----w- c:\program files\Haali
2009-12-31 23:11:35 547 ----a-w- c:\windows\system32\ff_vfw.dll.manifest
2009-12-31 23:11:34 60273 ----a-w- c:\windows\system32\pthreadGC2.dll
2009-12-31 23:11:34 57344 ----a-w- c:\windows\system32\ff_vfw.dll
2009-12-31 23:11:32 0 d-----w- c:\program files\ffdshow
2009-12-31 23:10:34 0 d-----w- c:\program files\Image Zone
2009-12-15 15:18:01 520192 ----a-w- c:\windows\system32\home box office.scr

==================== Find3M ====================

2010-01-12 12:51:51 498112 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT.bck
2010-01-12 12:51:51 498112 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT
2010-01-11 23:13:20 1204 ----a-w- c:\windows\system32\drivers\APPFLTR.CFG.bck
2010-01-11 23:13:20 1204 ----a-w- c:\windows\system32\drivers\APPFLTR.CFG
2010-01-11 23:12:50 13880 ----a-w- c:\windows\system32\drivers\COMFiltr.sys
2010-01-09 01:19:20 144 ----a-w- c:\windows\system32\drivers\wnmsav.dat
2009-10-29 07:45:44 841216 ----a-w- c:\windows\system32\wininet.dll
2009-10-29 07:45:42 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-10-29 07:45:42 17408 ----a-w- c:\windows\system32\corpol.dll
2009-10-21 05:38:36 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:38:36 25088 ----a-w- c:\windows\system32\httpapi.dll
2008-01-12 17:40:10 415 ----a-w- c:\program files\uivars.var
2008-01-12 17:39:53 463 ----a-w- c:\program files\texload.err
2008-01-12 17:39:53 21 ----a-w- c:\program files\jstick.dbg
2008-01-12 17:20:12 876 ----a-w- c:\program files\rank01.uic
2008-01-12 17:20:12 43 ----a-w- c:\program files\msg001.dtf
2008-01-12 17:20:12 299 ----a-w- c:\program files\msg002.txt
2008-01-12 17:20:12 1761 ----a-w- c:\program files\msg001.txt
2008-01-12 16:38:31 98 ----a-w- c:\program files\offtmp.lst
2008-01-12 16:30:15 111860 ----a-w- c:\program files\manifest.txtdl
2008-01-12 16:30:13 45 ----a-w- c:\program files\LastUpdate.dat
2008-01-12 16:25:21 574 ----a-w- c:\program files\alist.lst
2008-01-12 16:15:26 26 ----a-w- c:\program files\gfx9set.cfg
2008-01-12 15:39:12 225 ----a-w- c:\program files\ui.vfc
2008-01-12 15:37:05 457 ----a-w- c:\program files\tunisiab.fld
2008-01-12 15:32:37 323 ----a-w- c:\program files\terr001.fld
2008-01-12 15:28:51 1120 ----a-w- c:\program files\runway4.vfc
2008-01-12 15:25:56 871 ----a-w- c:\program files\PTO.fld
2008-01-12 15:18:47 520 ----a-w- c:\program files\midway.fld
2008-01-12 15:18:31 251 ----a-w- c:\program files\malta2b.fld
2008-01-12 15:18:31 251 ----a-w- c:\program files\malta2.fld
2008-01-12 15:18:30 251 ----a-w- c:\program files\malta.fld
2008-01-12 15:13:28 231 ----a-w- c:\program files\fonts.vfc
2008-01-12 15:12:14 493 ----a-w- c:\program files\flanders.fld
2008-01-12 15:11:25 588 ----a-w- c:\program files\evaluation.off
2008-01-12 15:11:16 323 ----a-w- c:\program files\europeb.fld
2008-01-12 15:09:40 882 ----a-w- c:\program files\eto.fld
2008-01-12 15:08:22 256 ----a-w- c:\program files\copyright.txt
2008-01-12 15:02:51 1012 ----a-w- c:\program files\20mmaaacockpit.vfc
2007-02-21 22:55:18 3502080 ----a-w- c:\program files\wb3.exe
2007-02-21 01:23:26 83311 ----a-w- c:\program files\changehistory.txt
2007-02-14 23:56:52 786476 ----a-w- c:\program files\splash.tga
2007-02-14 22:28:12 4202595 ----a-w- c:\program files\tobruktiles_2.vfc
2007-02-14 22:28:12 13233485 ----a-w- c:\program files\tobruktiles.vfc
2007-01-17 01:59:06 14695 ----a-w- c:\program files\terrmap.vfc
2007-01-14 21:24:04 2796344 ----a-w- c:\program files\tobruk.dds
2007-01-14 17:10:52 5197 ----a-w- c:\program files\tobruk.fld
2007-01-13 01:02:50 570654 ----a-w- c:\program files\fw190d.VFC
2007-01-11 23:54:30 754479 ----a-w- c:\program files\tobruk.vfc
2007-01-11 23:54:30 105216 ----a-w- c:\program files\tobrukrds.vfc
2007-01-11 23:54:28 40990544 ----a-w- c:\program files\tobruktex.vfc
2006-12-28 23:43:12 1291847 ----a-w- c:\program files\he111h3.vfc
2006-12-28 19:52:58 780494 ----a-w- c:\program files\spad13cockpit.vfc
2006-12-28 19:39:52 1084514 ----a-w- c:\program files\nport17.vfc
2006-12-19 23:38:44 2330 ----a-r- c:\program files\credits.vfc
2006-11-20 12:20:28 505313 ----a-w- c:\program files\se5acp.vfc
2006-11-20 12:18:04 24652 ----a-w- c:\program files\matlibs.vfc
2006-11-20 12:10:50 1574351 ----a-w- c:\program files\se5a.vfc
2006-11-16 22:21:00 212693 ----a-w- c:\program files\predator.vfc
2006-11-16 22:04:52 10288 ----a-w- c:\program files\Conduct and Policies.txt
2006-11-16 19:57:40 2158893 ----a-w- c:\program files\cl2.vfc
2006-11-15 01:25:02 6014771 ----a-w- c:\program files\ground.vfc
2006-10-06 20:01:00 4240565 ----a-w- c:\program files\fl.vfc
2006-09-25 20:43:50 4240565 ----a-w- c:\program files\flift.vfc
2006-09-20 14:14:54 583659 ----a-w- c:\program files\wfront.vfc
2006-09-20 14:14:52 79644 ----a-w- c:\program files\wfrontrds.vfc
2006-09-20 14:14:52 18090216 ----a-w- c:\program files\wfronttex.vfc
2006-09-20 14:14:50 4202864 ----a-w- c:\program files\wfronttiles_2.vfc
2006-09-20 14:14:48 13283767 ----a-w- c:\program files\wfronttiles.vfc
2006-09-15 21:43:18 375163 ----a-w- c:\program files\lz30cockpit.vfc
2006-09-15 21:42:38 872437 ----a-w- c:\program files\lz30.vfc
2006-09-15 17:34:48 89572 ----a-w- c:\program files\trenchmgcockpit.vfc
2006-09-15 17:34:18 145478 ----a-w- c:\program files\trenchmg.vfc
2006-09-15 15:33:32 2796344 ----a-w- c:\program files\wfront.dds
2006-09-11 09:22:00 1050668 ----a-w- c:\program files\gothagiv.vfc
2006-09-04 16:52:28 931453 ----a-w- c:\program files\nport17cockpit.vfc
2006-08-28 12:41:10 7054 ----a-w- c:\program files\wfront.fld
2006-05-10 21:41:00 941432 ----a-w- c:\program files\spitm03f.vfc
2006-05-10 21:41:00 841808 ----a-w- c:\program files\spitm03fcockpit.vfc
2006-05-10 21:20:00 994752 ----a-w- c:\program files\109e1a0.vfc
2006-05-10 21:20:00 798335 ----a-w- c:\program files\109e1a0cockpit.vfc
2006-02-25 20:41:00 28494562 ----a-w- c:\program files\t6acockpit.vfc
2006-01-17 21:28:32 4197929 ----a-w- c:\program files\midwaytiles_2.vfc
2006-01-17 21:28:32 273576 ----a-w- c:\program files\midwaytex.vfc
2006-01-17 21:28:32 140868 ----a-w- c:\program files\midway.vfc
2006-01-17 21:28:30 8966152 ----a-w- c:\program files\midwaytiles.vfc
2005-12-01 20:10:00 2796344 ----a-w- c:\program files\midway.dds
2005-10-31 19:55:00 2796344 ----a-w- c:\program files\randolph.dds
2005-10-31 09:00:00 197224 ----a-w- c:\program files\randolph.vfc
2005-10-31 09:00:00 106976 ----a-w- c:\program files\randolphrds.vfc
2005-10-30 19:27:00 1694281 ----a-w- c:\program files\t6a.vfc
2005-10-29 00:24:00 4201786 ----a-w- c:\program files\randolphtiles_2.vfc
2005-10-29 00:24:00 13766168 ----a-w- c:\program files\randolphtex.vfc
2005-10-29 00:24:00 13238061 ----a-w- c:\program files\randolphtiles.vfc
2005-10-23 06:19:00 4194327 ----a-w- c:\program files\rafb-rwovrn.MIP
2005-10-23 06:02:00 4194327 ----a-w- c:\program files\rafb-rwstrt.MIP
2005-10-23 05:51:00 4194327 ----a-w- c:\program files\rafb-rwtile.MIP
2005-07-26 16:28:10 833795 ----a-w- c:\program files\dr1cockpit.vfc
2005-07-20 10:09:48 2494 ----a-w- c:\program files\midwayocean.vfc
2005-06-10 19:04:00 3123213 ----a-w- c:\program files\c47cockpit.vfc
2008-07-25 03:14:29 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008072420080725\index.dat

============= FINISH: 10:43:42.12 ===============
==== End Of File ===========================


EDIT: Since you posted a DDS log, I moved this topic to the HJT/Malware removal forum. Please be patient until a HJT Team member replies to this topic. ~ Elise

Edited by garmanma, 12 January 2010 - 02:08 PM.


BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:02:04 AM

Posted 17 January 2010 - 02:55 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
  1. Please download OTL from following mirror:
  2. Save it to your desktop.
  3. Double click on the icon on your desktop.
  4. Click the "Scan All Users" checkbox.
  5. Push the button.
  6. Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:02:04 AM

Posted 23 January 2010 - 08:47 PM

Due to lack of feedback, this topic is now Closed

If you need this topic reopened, please send me a PM.
Please include the address of this thread in your request.
This applies only to the original topic starter.

Everyone else please start a new topic.

With Regards,
myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users