Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MrWutItDew's HJT log


  • This topic is locked This topic is locked
13 replies to this topic

#1 MrWutItDew

MrWutItDew

  • Members
  • 119 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lafayette
  • Local time:09:30 AM

Posted 25 April 2007 - 11:41 PM

Mod Edit: This log was split, from this thread:
Inected Comp

Logfile of HijackThis v1.99.1
Scan saved at 00:35, on 07-04-25
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\svchosts.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\{1D503C94-0BFA-1033-1112-040823200001}\Update.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\DOCUME~1\HP_Owner\APPLIC~1\SSEMBL~1\netdde.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\AOL\1139729396\ee\AOLHostManager.exe
C:\Program Files\Common Files\AOL\1139729396\ee\AOLServiceHost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Filetopia3\Filetopia.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Srro] "C:\DOCUME~1\HP_Owner\APPLIC~1\SSEMBL~1\netdde.exe" -vt yazb
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: dllhost.exe
O8 - Extra context menu item: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Absolute Poker Basic - {5E72AD5A-20DF-4ca4-9B7B-D9717FFDE0C5} - C:\Documents and Settings\HP_Owner\Start Menu\Programs\Absolute Poker Basic\Absolute Poker Basic.lnk
O9 - Extra 'Tools' menuitem: Absolute Poker Basic - {5E72AD5A-20DF-4ca4-9B7B-D9717FFDE0C5} - C:\Documents and Settings\HP_Owner\Start Menu\Programs\Absolute Poker Basic\Absolute Poker Basic.lnk
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4056/ftp...302/Coupons.cab
O18 - Protocol: bw+0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - AppInit_DLLs: dxclib303562752.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Client IP-IPX - Unknown owner - C:\WINDOWS\system32\svchosts.exe" -e mc-110-12-0000137 (file missing)
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Logitech, Inc. - (no file)
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Security - (no file)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - c:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

Edited by tg1911, 26 April 2007 - 12:19 AM.


BC AdBot (Login to Remove)

 


m

#2 htv8

htv8

  • Members
  • 1,694 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:30 PM

Posted 27 April 2007 - 01:07 AM

Hello MrWutItDew, and welcome to BleepingComputer. I will be handling your log to help you get cleaned up.

Please take note of the following:
1. I will start working on your malware issues, this may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. The process is not instant. Please continue to review my answers until I tell you your machine is clean.
4. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes.
5. Please reply to this thread. Do not start a new topic.

Please give me some time to look over your log and I will get back to you as soon as possible.

Thanks,

htv8
If I have not posted back within 24 hours, feel free to send me a PM with your topic link.

Posted Image

#3 htv8

htv8

  • Members
  • 1,694 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:30 PM

Posted 27 April 2007 - 06:17 PM

IMPORTANT
You have a Sdbot trojan backdoor infection among some other nasties. A W32/Sdbot worm is a worm which attempts to spread to remote network shares. It also contains backdoor trojan functionality, allowing unauthorised remote access to the infected computer via IRC channels while running in the background as a service process. It spreads to network shares with weak passwords as a result of the backdoor trojan element receiving the appropriate command from a remote user.
In short: This piece of malware allows hackers to remotely control your computer, steal critical system information and download and execute files.

Due to the status of some of the files you have on your computer, I would counsel you to immediately disconnect this PC from the Internet and from your network if it is on a network. Disconnect the infected computer from the Internet until the computer can be cleaned. Then, access this information from a non-compromised computer to follow the steps needed.
If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable--for email, banks, eBay, forums, etc. Do not change passwords or do any transactions while using the infected computer because the attacker may get the new passwords and transaction information. It would be wise to contact those same financial institutions to apprise them of your situation. To protect your information that may have been compromised, I recommend reading this reference: How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?.


Though the backdoor has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with such a piece of malware, the best course of action would be a reformat and reinstall of the OS. This is something I don't like to recommend normally, but it is the best solution for your safety. For more information, please read this reference very carefully: When should I re-format? How should I reinstall?.
If you choose to format and reinstall, see this link for instructions: Reformat Hard Drive FAQ for Windows 95/98/Me/XP.

However, if you do not have the resources to reinstall your computer and would like me to attempt to clean it, I will be happy to do so. But please consider carefully before deciding against a reformat. If you do make that decision, I will do my best to help you disinfect your PC, but you must understand that once a machine has been taken over by this type of malware, it can never be declared clean.

Please let me know what you have decided to do in your next post. Should you have any questions, please feel free to ask.
Below are some more links that could help you decide what to do.

Security Management - May 2004
Help: I Got Hacked. Now What Do I Do?

Security Management - July 2004
Help: I Got Hacked. Now What Do I Do? Part II
If I have not posted back within 24 hours, feel free to send me a PM with your topic link.

Posted Image

#4 MrWutItDew

MrWutItDew
  • Topic Starter

  • Members
  • 119 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lafayette
  • Local time:09:30 AM

Posted 29 April 2007 - 12:41 PM

If you can try and clean it if it cannot be cleaned then we will take the next step

#5 htv8

htv8

  • Members
  • 1,694 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:30 PM

Posted 30 April 2007 - 06:32 PM

OK, MrWutItDew. Let's get to work then.

Question: Did you have McAfee installed in the past and have you uninstalled it?



Please print out or copy this page to Notepad. This will be useful as there is a possibility some of the instructions will need to be carried out where internet access is NOT available. A print out of the instructions would be a good reference to make sure you don't get lost. You may also like to save these instructions in Word/Notepad to the Desktop where they can be easily found for the same reasons as above.
Also make sure to work through the fixes in the exact order in which they are mentioned below and do not miss any steps out. If you have any queries about the process or just general questions, ask your question(s) before proceeding with the fixes.


Step #1
Go to Start > Control Panel > Add/Remove Programs and uninstall DeluxeCommunications if listed.

(If there is no Add/Remove Programs entry for this program, go to Start > Run. In the Open: field type or copy/paste C:\Program Files\DeluxeCommunications\Dxc.exe /u and press Enter. Then uninstall the program.)

Please remember that this program may require you to reboot your computer to complete the uninstallation - just let it.

Step #2: registry fix
Download FixDXC.reg from the following link and save it to your Desktop.
Download FixDXC.reg

When the FixDCX.reg file has finished downloading, double-click on the file. When prompted to merge its contents to the registry, click the Yes button.

Step #3: SDFix
Download SDFix by clicking the download link below and save it to your Desktop.
Download SDFix (SDFix.exe)

Once downloaded, double-click SDFix.exe and it will extract the files to %systemdrive%, the drive that contains the Windows directory (typically C:\SDFix). Do NOT use SDFix yet.

Reboot your computer into Safe Mode. Restart your computer and gently tap the F8 key repeatedly on your keyboard while starting up until you are presented with a new menu in which you can select the option for Safe Mode using the arrow keys on your keyboard.
For more information on how to boot your computer into Safe Mode, see this reference: How to start Windows into Safe Mode.


When in Safe Mode, please follow these steps:
1. Open the SDFix folder and double-click RunThis.bat to start the script.
2. Type Y to begin the cleanup process.
SDFix will remove any trojan services or registry entries that it finds and prompt you to press any key to reboot.
3. Press any key and it will restart the PC.
When the PC restarts, the fixtool will run again and complete the removal process.
4. When it then displays "Finished", press any key to end the script and load your Desktop icons.
Once the Desktop icons load, the SDFix report will open on screen and also save into the SDFix folder as Report.txt. (Report.txt will also be copied to the clipboard ready for posting back on the forum).
5. Please copy and paste the entire contents of the results file (Report.txt) in your next reply.

Step #4: Combofix
Please download Combofix and save it to your Desktop.
Download Combofix (combofix.exe)

When the file has finished downloading double-click combofix.exe to launch the application and follow the on-screen prompts.
When finished, it shall produce a log for you: combofix.txt. Post that log in your next reply.

NOTE: Do not mouseclick Combofix's window whilst it's running. That may cause your system to hang!

Step #5: uninstall list creation
We need to use HijackThis to create an uninstall list. Please provide me an uninstall list by performing these steps:
1. Open HijackThis.
2. Click once on the Config... button.
3. Go to the Misc Tools section by clicking on the Misc Tools button on top of the screen.
4. Click on the Open Uninstall Manager... button. You'll see a list of currently installed programs.
5. Click on the Save list... button and specify where you would like to save the uninstall list.
6. Click Save.
When you press the Save button, Notepad will open up with the contents of that file.
7. Copy and paste the contents of that Notepad file (uninstall_list.txt) as a reply to this topic.

Step #6: HijackThis scan
Scan with HijackThis again and post a new HijackThis log.



So in your next reply, please post the entire contents of:
- the SDFix results file (Report.txt)
- the Combofix log (combofix.txt)
- the uninstall list (uninstall_list.txt)
- a new HijackThis log
NOTE: Use several posts if necessary to include everything in the logs.

Edited by htv8, 30 April 2007 - 06:33 PM.

If I have not posted back within 24 hours, feel free to send me a PM with your topic link.

Posted Image

#6 MrWutItDew

MrWutItDew
  • Topic Starter

  • Members
  • 119 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lafayette
  • Local time:09:30 AM

Posted 03 May 2007 - 12:18 AM

Logfile of HijackThis v1.99.1
Scan saved at 01:11, on 07-05-02
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\PPPATC~1\lsass.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://myspace.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Srro] "C:\WINDOWS\system32\PPPATC~1\lsass.exe" -vt yazb
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Absolute Poker Basic - {5E72AD5A-20DF-4ca4-9B7B-D9717FFDE0C5} - C:\Documents and Settings\HP_Owner\Start Menu\Programs\Absolute Poker Basic\Absolute Poker Basic.lnk
O9 - Extra 'Tools' menuitem: Absolute Poker Basic - {5E72AD5A-20DF-4ca4-9B7B-D9717FFDE0C5} - C:\Documents and Settings\HP_Owner\Start Menu\Programs\Absolute Poker Basic\Absolute Poker Basic.lnk
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4056/ftp...302/Coupons.cab
O18 - Protocol: bw+0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - AppInit_DLLs: dxclib303562752.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Logitech, Inc. - (no file)
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Security - (no file)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - c:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

4PLAY 4.95 for Windows 95
Ad-aware 6 Personal
Adobe Flash Player ActiveX
Adobe Reader 8
Adobe® Photoshop® Album Starter Edition 3.0
America Online (Choose which version to remove)
AOL Coach Version 1.0(Build:20040229.1 en)
AOL Connectivity Services
AOL Explorer
AOL Instant Messenger
AOL Spyware Protection
AOL Toolbar
AOL You've Got Pictures Screensaver
Apple Software Update
ArcSoft Suite
Bejeweled 2 Deluxe
Bejeweled 2 Deluxe 1.0
BellSouth FastAccess DSL Help Center
BellSouth Internet Security - Alert Manager 1.3.20
BellSouth Toolbar 1.0
Cakewalk Guitar Studio 1.0
CC_ccProxyMSI
CC_ccStart
ccCommon
Chuzzle Deluxe 1.0
Collab
Cool Edit Pro 2.0
DivX Player
DivX Pro Trial
DreamStation DXi2
DVD Shrink 3.2
Easy Internet Sign-up
Filetopia Client v3.04d
FL Studio 5
Google Earth
Google Toolbar for Internet Explorer
Help and Support Additions
High Definition Audio Driver Package - KB835221
HijackThis 1.99.1
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB935448)
HP Deskjet Preloaded Printer Drivers
HP Image Zone 4.2.3
HP Image Zone Plus 4.2.3
HP Organize
HP Photosmart Cameras 4.0
HP PSC & OfficeJet 4.0
HP Software Update
HPIZ423
ICS Viewer 6.0
Intel® Graphics Media Accelerator Driver
IntelliMover Data Transfer Demo
Internet Worm Protection
InterVideo DiscLabel
InterVideo WinDVD Creator
InterVideo WinDVD Player
iTunes
J2SE Runtime Environment 5.0 Update 3
Java 2 Runtime Environment, SE v1.4.2_03
Kaspersky Online Scanner
KBD
LiveReg (Symantec Corporation)
LiveUpdate 2.6 (Symantec Corporation)
Logitech Desktop Messenger
Logitech SetPoint
Macromedia Shockwave Player
MailWasher
MediaLife
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office Standard Edition 2003
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Works
MSN
MSRedist
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
Musicmatch® Jukebox
muvee autoProducer 3.5 magicMoments - HPD
My Wal-Mart Digital Photo Center
Need2Find Bar
Norton AntiVirus 2005
Norton AntiVirus 2005 (Symantec Corporation)
Norton AntiVirus Help
Norton AntiVirus Parent MSI
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Personal Firewall
Norton Personal Firewall (Symantec Corporation)
Norton Security Center
Norton WMI Update
Norton WMI Update
OIN
PACE System Files
PACE System Files
PCDJ FX VRM
PConPoint v1.1
Peer Points Manager
Photosmart 320,370,7400,8100,8400 Series
PowerDesk 5.0
Project5 Version 2 Demo
PS2
Pure Networks Port Magic
Python 2.2 combined Win32 extensions
Python 2.2.1
QuickTime
RealPlayer
Recovery Commander
RegCure 1.0.0.43
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Sonic Express Labeler
Sonic RecordNow!
SPBBC
Spybot - Search & Destroy 1.3
Super DVD Creator 9.20
SUPERAntiSpyware Free Edition
Sygate Personal Firewall
Symantec
SymNet
Ultra soft
Unlocker 1.8.5
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB929338)
Update for Windows XP (KB931836)
Updates from HP
Viewpoint Media Player
Virtual DJ - Atomix Productions
Virtual Sound Canvas DXi
Wal-Mart Digital Photo Manager
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB883667
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
WinRAR archiver
Yahoo! Anti-Spy
Yahoo! Browser Services
Yahoo! Messenger
Yahoo! Toolbar
Zuma Deluxe 1.0
Zuma Deluxe RA

HP_Owner - 07-05-02 1:05:24.56
ComboFix 06.08.30BT - Running from: C:\Program Files

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Program Files\Common Files\{1D503C94-0BF9-1033-1112-040823200001}
C:\Program Files\Common Files\{1D503C94-0BFA-1033-1112-040823200001}
C:\Program Files\Common Files\{3D503C94-0BF9-1033-1112-040823200001}
C:\Program Files\Common Files\{3D503C94-0BFA-1033-1112-040823200001}

~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

Folders Quarantined:

C:\QooBox\Purity\Documents and Settings\HP_Owner\Application Data\SSEMBL~1
C:\QooBox\Purity\Documents and Settings\HP_Owner\Application Data\SSEMBL~1\netdde.exe
C:\QooBox\Purity\Documents and Settings\HP_Owner\Application Data\SSEMBL~1\?ssembly
C:\QooBox\Purity\Documents and Settings\HP_Owner\Application Data\SSEMBL~1\?ssembly\ctxad-552.0000
C:\QooBox\Purity\Documents and Settings\HP_Owner\Application Data\SSEMBL~1\?ssembly\ctxad-552.0001
C:\QooBox\Purity\Program Files\Common Files\RACLE~1


((((((((((((((((((((((((((((((( Files Created from 2007-04-02 to 2007-05-02 ))))))))))))))))))))))))))))))))))


2007-05-02 00:52 380,416 --a------ C:\WINDOWS\system32\rstrui.exe
2007-05-02 00:24 167 --a------ C:\WINDOWS\system32\6416.bat
2007-05-01 06:59 167 --a------ C:\WINDOWS\system32\1801.bat
2007-04-28 00:45 167 --a------ C:\WINDOWS\system32\3475.bat
2007-04-14 00:39 167 --a------ C:\WINDOWS\system32\4020.bat
2007-04-13 17:41 769 --a------ C:\WINDOWS\smdat32a.sys
2007-04-13 17:41 10 --a------ C:\WINDOWS\smdat32m.sys
2007-04-12 00:37 203,149 --a------ C:\WINDOWS\system32\ap.exe
2007-04-12 00:37 167 --a------ C:\WINDOWS\system32\4914.bat
2007-04-05 00:53 167 --a------ C:\WINDOWS\system32\9931.bat


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-05-02 01:06 -------- d-------- C:\Program Files\Common Files
2007-05-02 00:23 32768 --a------ C:\WINDOWS\system32\setup9x.exe
2007-05-02 00:22 78360 --a------ C:\Program Files\uy.exe
2007-04-30 21:52 -------- d-------- C:\Program Files\Common Files\Symantec Shared
2007-04-25 00:35 -------- d-------- C:\Program Files\HijackThis
2007-04-19 21:39 -------- d-------- C:\Program Files\Filetopia3
2007-04-13 17:54 -------- d-------- C:\Program Files\INSTAFINK
2007-04-13 17:43 -------- d-------- C:\Program Files\Need2Find
2007-04-13 17:43 -------- d-------- C:\Program Files\Kazaa
2007-04-13 17:43 -------- d-------- C:\Program Files\Altnet
2007-04-13 17:42 -------- d--h----- C:\Program Files\InstallShield Installation Information
2007-04-12 00:37 32178 ---hs---- C:\Program Files\Common Files\Yazzle1396OinUninstaller.exe
2007-04-01 10:18 167 --a------ C:\WINDOWS\system32\4754.bat
2007-03-31 20:53 -------- d-------- C:\Program Files\Unlocker
2007-03-31 16:54 -------- d-------- C:\Program Files\Digidesign
2007-03-31 13:52 167 --a------ C:\WINDOWS\system32\1471.bat
2007-03-31 13:30 -------- d-------- C:\Program Files\Cakewalk
2007-03-31 09:15 167 --a------ C:\WINDOWS\system32\8219.bat
2007-03-31 08:47 -------- d-------- C:\Program Files\BearShare Applications
2007-03-29 22:15 167 --a------ C:\WINDOWS\system32\4628.bat
2007-03-29 15:54 167 --a------ C:\WINDOWS\system32\4463.bat
2007-03-29 15:39 167 --a------ C:\WINDOWS\system32\4714.bat
2007-03-29 15:24 167 --a------ C:\WINDOWS\system32\8105.bat
2007-03-29 15:09 167 --a------ C:\WINDOWS\system32\3224.bat
2007-03-29 14:54 167 --a------ C:\WINDOWS\system32\7229.bat
2007-03-29 14:39 167 --a------ C:\WINDOWS\system32\7401.bat
2007-03-29 14:24 167 --a------ C:\WINDOWS\system32\1251.bat
2007-03-29 14:09 167 --a------ C:\WINDOWS\system32\4788.bat
2007-03-29 13:54 167 --a------ C:\WINDOWS\system32\7561.bat
2007-03-29 13:39 167 --a------ C:\WINDOWS\system32\8294.bat
2007-03-29 13:24 167 --a------ C:\WINDOWS\system32\8893.bat
2007-03-29 13:09 167 --a------ C:\WINDOWS\system32\2182.bat
2007-03-29 11:06 167 --a------ C:\WINDOWS\system32\7922.bat
2007-03-29 10:51 167 --a------ C:\WINDOWS\system32\2899.bat
2007-03-29 10:36 167 --a------ C:\WINDOWS\system32\5870.bat
2007-03-29 10:21 167 --a------ C:\WINDOWS\system32\3652.bat
2007-03-29 10:06 167 --a------ C:\WINDOWS\system32\1581.bat
2007-03-29 09:51 167 --a------ C:\WINDOWS\system32\7447.bat
2007-03-29 09:36 167 --a------ C:\WINDOWS\system32\8741.bat
2007-03-29 09:21 167 --a------ C:\WINDOWS\system32\4835.bat
2007-03-29 09:06 167 --a------ C:\WINDOWS\system32\3859.bat
2007-03-29 08:51 167 --a------ C:\WINDOWS\system32\8790.bat
2007-03-28 22:53 -------- d-------- C:\Program Files\RegCure
2007-03-28 20:05 167 --a------ C:\WINDOWS\system32\8200.bat
2007-03-28 19:50 167 --a------ C:\WINDOWS\system32\1707.bat
2007-03-28 19:35 167 --a------ C:\WINDOWS\system32\6218.bat
2007-03-28 19:20 167 --a------ C:\WINDOWS\system32\7488.bat
2007-03-28 19:05 167 --a------ C:\WINDOWS\system32\7884.bat
2007-03-28 18:50 167 --a------ C:\WINDOWS\system32\5559.bat
2007-03-28 18:35 167 --a------ C:\WINDOWS\system32\7923.bat
2007-03-28 18:20 167 --a------ C:\WINDOWS\system32\3993.bat
2007-03-28 18:05 167 --a------ C:\WINDOWS\system32\8777.bat
2007-03-28 17:50 167 --a------ C:\WINDOWS\system32\9284.bat
2007-03-28 17:35 167 --a------ C:\WINDOWS\system32\1598.bat
2007-03-28 17:20 167 --a------ C:\WINDOWS\system32\7846.bat
2007-03-28 17:05 167 --a------ C:\WINDOWS\system32\2510.bat
2007-03-28 16:50 167 --a------ C:\WINDOWS\system32\3683.bat
2007-03-28 16:35 167 --a------ C:\WINDOWS\system32\4443.bat
2007-03-28 16:20 167 --a------ C:\WINDOWS\system32\8977.bat
2007-03-28 16:05 167 --a------ C:\WINDOWS\system32\4101.bat
2007-03-28 15:50 167 --a------ C:\WINDOWS\system32\2920.bat
2007-03-28 15:35 167 --a------ C:\WINDOWS\system32\4827.bat
2007-03-28 15:20 167 --a------ C:\WINDOWS\system32\8924.bat
2007-03-28 15:05 167 --a------ C:\WINDOWS\system32\9652.bat
2007-03-28 14:50 167 --a------ C:\WINDOWS\system32\1667.bat
2007-03-28 14:35 167 --a------ C:\WINDOWS\system32\4082.bat
2007-03-28 14:20 167 --a------ C:\WINDOWS\system32\8643.bat
2007-03-28 14:05 167 --a------ C:\WINDOWS\system32\2777.bat
2007-03-28 13:50 167 --a------ C:\WINDOWS\system32\7337.bat
2007-03-28 13:35 167 --a------ C:\WINDOWS\system32\2382.bat
2007-03-28 13:20 167 --a------ C:\WINDOWS\system32\8577.bat
2007-03-28 13:05 167 --a------ C:\WINDOWS\system32\5563.bat
2007-03-28 12:50 167 --a------ C:\WINDOWS\system32\1609.bat
2007-03-28 12:35 167 --a------ C:\WINDOWS\system32\4660.bat
2007-03-28 12:20 167 --a------ C:\WINDOWS\system32\4659.bat
2007-03-28 12:05 167 --a------ C:\WINDOWS\system32\5206.bat
2007-03-28 11:50 167 --a------ C:\WINDOWS\system32\1070.bat
2007-03-28 11:35 167 --a------ C:\WINDOWS\system32\7826.bat
2007-03-28 11:20 167 --a------ C:\WINDOWS\system32\2358.bat
2007-03-28 11:05 167 --a------ C:\WINDOWS\system32\7432.bat
2007-03-28 10:50 167 --a------ C:\WINDOWS\system32\4418.bat
2007-03-28 10:35 167 --a------ C:\WINDOWS\system32\2734.bat
2007-03-28 10:20 167 --a------ C:\WINDOWS\system32\1197.bat
2007-03-28 10:05 167 --a------ C:\WINDOWS\system32\1778.bat
2007-03-28 09:50 167 --a------ C:\WINDOWS\system32\1574.bat
2007-03-28 09:35 167 --a------ C:\WINDOWS\system32\5521.bat
2007-03-28 09:20 167 --a------ C:\WINDOWS\system32\9593.bat
2007-03-28 09:05 167 --a------ C:\WINDOWS\system32\6755.bat
2007-03-28 08:50 167 --a------ C:\WINDOWS\system32\7614.bat
2007-03-28 08:35 167 --a------ C:\WINDOWS\system32\6439.bat
2007-03-28 08:20 167 --a------ C:\WINDOWS\system32\8393.bat
2007-03-28 08:05 167 --a------ C:\WINDOWS\system32\1136.bat
2007-03-28 07:50 167 --a------ C:\WINDOWS\system32\7815.bat
2007-03-28 07:35 167 --a------ C:\WINDOWS\system32\9239.bat
2007-03-28 07:20 167 --a------ C:\WINDOWS\system32\6469.bat
2007-03-28 07:05 167 --a------ C:\WINDOWS\system32\3923.bat
2007-03-28 06:50 167 --a------ C:\WINDOWS\system32\6088.bat
2007-03-28 06:35 167 --a------ C:\WINDOWS\system32\3502.bat
2007-03-28 06:20 167 --a------ C:\WINDOWS\system32\7753.bat
2007-03-28 06:04 167 --a------ C:\WINDOWS\system32\3252.bat
2007-03-28 05:49 167 --a------ C:\WINDOWS\system32\7661.bat
2007-03-28 05:34 167 --a------ C:\WINDOWS\system32\2884.bat
2007-03-28 05:19 167 --a------ C:\WINDOWS\system32\4770.bat
2007-03-28 05:04 167 --a------ C:\WINDOWS\system32\2169.bat
2007-03-28 04:49 167 --a------ C:\WINDOWS\system32\6367.bat
2007-03-28 04:34 167 --a------ C:\WINDOWS\system32\4019.bat
2007-03-28 04:19 167 --a------ C:\WINDOWS\system32\4850.bat
2007-03-28 04:04 167 --a------ C:\WINDOWS\system32\3473.bat
2007-03-28 03:49 167 --a------ C:\WINDOWS\system32\7019.bat
2007-03-28 03:34 167 --a------ C:\WINDOWS\system32\1039.bat
2007-03-28 03:19 167 --a------ C:\WINDOWS\system32\9619.bat
2007-03-28 03:04 167 --a------ C:\WINDOWS\system32\5990.bat
2007-03-28 02:49 167 --a------ C:\WINDOWS\system32\5622.bat
2007-03-28 02:34 167 --a------ C:\WINDOWS\system32\4859.bat
2007-03-28 02:19 167 --a------ C:\WINDOWS\system32\7841.bat
2007-03-28 02:04 167 --a------ C:\WINDOWS\system32\8548.bat
2007-03-28 01:49 167 --a------ C:\WINDOWS\system32\3285.bat
2007-03-28 01:34 167 --a------ C:\WINDOWS\system32\6462.bat
2007-03-28 01:19 167 --a------ C:\WINDOWS\system32\8371.bat
2007-03-28 01:18 -------- d-------- C:\Program Files\PeerGuardian pr14
2007-03-28 01:04 167 --a------ C:\WINDOWS\system32\2327.bat
2007-03-28 00:49 167 --a------ C:\WINDOWS\system32\8057.bat
2007-03-28 00:34 167 --a------ C:\WINDOWS\system32\5998.bat
2007-03-28 00:19 167 --a------ C:\WINDOWS\system32\4962.bat
2007-03-28 00:04 167 --a------ C:\WINDOWS\system32\5253.bat
2007-03-27 23:49 167 --a------ C:\WINDOWS\system32\4236.bat
2007-03-27 23:34 167 --a------ C:\WINDOWS\system32\6753.bat
2007-03-27 23:19 167 --a------ C:\WINDOWS\system32\1088.bat
2007-03-27 23:03 167 --a------ C:\WINDOWS\system32\2975.bat
2007-03-27 22:48 167 --a------ C:\WINDOWS\system32\9128.bat
2007-03-27 22:33 167 --a------ C:\WINDOWS\system32\1754.bat
2007-03-27 22:18 167 --a------ C:\WINDOWS\system32\9315.bat
2007-03-27 22:03 167 --a------ C:\WINDOWS\system32\4091.bat
2007-03-27 21:48 167 --a------ C:\WINDOWS\system32\1389.bat
2007-03-27 21:33 167 --a------ C:\WINDOWS\system32\1679.bat
2007-03-27 21:18 167 --a------ C:\WINDOWS\system32\1120.bat
2007-03-27 21:03 167 --a------ C:\WINDOWS\system32\9704.bat
2007-03-27 20:48 167 --a------ C:\WINDOWS\system32\7563.bat
2007-03-27 20:33 167 --a------ C:\WINDOWS\system32\7004.bat
2007-03-27 20:18 167 --a------ C:\WINDOWS\system32\2514.bat
2007-03-27 20:03 167 --a------ C:\WINDOWS\system32\2657.bat
2007-03-27 19:48 167 --a------ C:\WINDOWS\system32\2204.bat
2007-03-27 19:33 167 --a------ C:\WINDOWS\system32\2495.bat
2007-03-27 19:18 167 --a------ C:\WINDOWS\system32\1931.bat
2007-03-27 19:03 167 --a------ C:\WINDOWS\system32\1514.bat
2007-03-27 18:48 167 --a------ C:\WINDOWS\system32\5000.bat
2007-03-27 18:33 167 --a------ C:\WINDOWS\system32\6412.bat
2007-03-27 18:18 167 --a------ C:\WINDOWS\system32\6703.bat
2007-03-27 18:03 167 --a------ C:\WINDOWS\system32\1073.bat
2007-03-27 17:48 167 --a------ C:\WINDOWS\system32\1267.bat
2007-03-27 17:33 167 --a------ C:\WINDOWS\system32\9435.bat
2007-03-27 17:18 167 --a------ C:\WINDOWS\system32\6136.bat
2007-03-27 17:03 167 --a------ C:\WINDOWS\system32\3834.bat
2007-03-27 16:48 167 --a------ C:\WINDOWS\system32\3471.bat
2007-03-27 16:33 167 --a------ C:\WINDOWS\system32\7754.bat
2007-03-27 16:18 167 --a------ C:\WINDOWS\system32\9906.bat
2007-03-27 16:03 167 --a------ C:\WINDOWS\system32\2547.bat
2007-03-27 15:48 167 --a------ C:\WINDOWS\system32\6724.bat
2007-03-27 15:33 167 --a------ C:\WINDOWS\system32\9497.bat
2007-03-27 15:18 167 --a------ C:\WINDOWS\system32\8012.bat
2007-03-27 15:03 167 --a------ C:\WINDOWS\system32\2555.bat
2007-03-27 14:48 167 --a------ C:\WINDOWS\system32\6706.bat
2007-03-27 14:33 167 --a------ C:\WINDOWS\system32\8817.bat
2007-03-27 14:18 167 --a------ C:\WINDOWS\system32\6873.bat
2007-03-27 14:03 167 --a------ C:\WINDOWS\system32\5750.bat
2007-03-27 13:47 167 --a------ C:\WINDOWS\system32\4265.bat
2007-03-27 13:32 167 --a------ C:\WINDOWS\system32\7809.bat
2007-03-27 13:17 167 --a------ C:\WINDOWS\system32\9691.bat
2007-03-27 13:02 167 --a------ C:\WINDOWS\system32\6319.bat
2007-03-27 12:47 167 --a------ C:\WINDOWS\system32\6892.bat
2007-03-27 12:32 167 --a------ C:\WINDOWS\system32\5916.bat
2007-03-27 12:17 167 --a------ C:\WINDOWS\system32\5560.bat
2007-03-27 12:02 167 --a------ C:\WINDOWS\system32\4023.bat
2007-03-27 11:47 167 --a------ C:\WINDOWS\system32\4070.bat
2007-03-27 11:32 167 --a------ C:\WINDOWS\system32\2533.bat
2007-03-27 11:17 167 --a------ C:\WINDOWS\system32\9850.bat
2007-03-27 11:02 167 --a------ C:\WINDOWS\system32\1201.bat
2007-03-27 10:47 167 --a------ C:\WINDOWS\system32\6274.bat
2007-03-27 10:32 167 --a------ C:\WINDOWS\system32\8685.bat
2007-03-27 10:17 167 --a------ C:\WINDOWS\system32\4757.bat
2007-03-27 10:02 167 --a------ C:\WINDOWS\system32\8501.bat
2007-03-27 09:47 167 --a------ C:\WINDOWS\system32\5134.bat
2007-03-27 09:32 167 --a------ C:\WINDOWS\system32\8659.bat
2007-03-27 09:17 167 --a------ C:\WINDOWS\system32\7965.bat
2007-03-27 09:02 167 --a------ C:\WINDOWS\system32\1629.bat
2007-03-27 08:47 167 --a------ C:\WINDOWS\system32\1007.bat
2007-03-27 08:32 167 --a------ C:\WINDOWS\system32\4333.bat
2007-03-27 08:17 167 --a------ C:\WINDOWS\system32\4955.bat
2007-03-27 08:02 167 --a------ C:\WINDOWS\system32\4665.bat
2007-03-27 07:47 167 --a------ C:\WINDOWS\system32\1154.bat
2007-03-27 07:32 167 --a------ C:\WINDOWS\system32\4230.bat
2007-03-27 07:17 167 --a------ C:\WINDOWS\system32\5154.bat
2007-03-27 07:02 167 --a------ C:\WINDOWS\system32\5812.bat
2007-03-27 06:47 167 --a------ C:\WINDOWS\system32\5707.bat
2007-03-27 06:32 167 --a------ C:\WINDOWS\system32\6540.bat
2007-03-27 05:57 167 --a------ C:\WINDOWS\system32\9011.bat
2007-03-27 05:42 167 --a------ C:\WINDOWS\system32\6254.bat
2007-03-27 05:27 167 --a------ C:\WINDOWS\system32\9251.bat
2007-03-27 05:12 167 --a------ C:\WINDOWS\system32\1372.bat
2007-03-27 04:57 167 --a------ C:\WINDOWS\system32\1121.bat
2007-03-27 04:42 167 --a------ C:\WINDOWS\system32\4066.bat
2007-03-27 04:27 167 --a------ C:\WINDOWS\system32\5690.bat
2007-03-27 04:12 167 --a------ C:\WINDOWS\system32\4753.bat
2007-03-27 03:57 167 --a------ C:\WINDOWS\system32\7835.bat
2007-03-27 03:42 167 --a------ C:\WINDOWS\system32\7051.bat
2007-03-27 03:27 167 --a------ C:\WINDOWS\system32\3744.bat
2007-03-27 03:12 167 --a------ C:\WINDOWS\system32\5139.bat
2007-03-27 02:56 167 --a------ C:\WINDOWS\system32\1205.bat
2007-03-27 02:41 167 --a------ C:\WINDOWS\system32\7689.bat
2007-03-27 02:26 167 --a------ C:\WINDOWS\system32\5598.bat
2007-03-27 02:11 167 --a------ C:\WINDOWS\system32\3454.bat
2007-03-27 01:56 167 --a------ C:\WINDOWS\system32\5121.bat
2007-03-27 01:41 167 --a------ C:\WINDOWS\system32\8608.bat
2007-03-27 01:26 167 --a------ C:\WINDOWS\system32\8346.bat
2007-03-27 01:11 167 --a------ C:\WINDOWS\system32\9868.bat
2007-03-27 00:56 167 --a------ C:\WINDOWS\system32\7457.bat
2007-03-27 00:41 167 --a------ C:\WINDOWS\system32\9438.bat
2007-03-27 00:26 167 --a------ C:\WINDOWS\system32\6564.bat
2007-03-26 23:36 167 --a------ C:\WINDOWS\system32\3226.bat
2007-03-25 22:40 -------- d-------- C:\Program Files\WinRAR
2007-03-24 19:46 -------- d-------- C:\Program Files\Absolute Poker Basic
2007-03-24 15:51 114 --a------ C:\WINDOWS\system32\hhjj.bat
2007-03-24 15:45 -------- d-------- C:\Program Files\SUPERAntiSpyware
2007-03-23 22:17 128 --a------ C:\WINDOWS\system32\lo.exe
2007-03-23 15:05 -------- d-------- C:\Program Files\Outlook Express
2007-03-23 15:05 -------- d-------- C:\Program Files\Common Files\System
2007-03-23 14:58 -------- d-------- C:\Program Files\Internet Explorer
2007-03-23 01:17 29 --a------ C:\Documents and Settings\HP_Owner\Application Data\Dxccwrd.dll
2007-03-23 00:55 -------- d-------- C:\Program Files\MSN Gaming Zone
2007-03-23 00:52 826971 --a------ C:\Documents and Settings\HP_Owner\Application Data\Dxcknwrd.dll
2007-03-23 00:51 -------- d-------- C:\Program Files\Outerinfo
2007-03-23 00:50 93736 --a------ C:\WINDOWS\VTTC.exe
2007-03-23 00:50 41792 --a------ C:\WINDOWS\system32\app.exe
2007-03-23 00:47 147456 --a------ C:\WINDOWS\system32\vbzip10.dll
2007-03-23 00:43 201 --a------ C:\WINDOWS\system32\q.bat
2007-03-22 06:04 -------- d-------- C:\Program Files\Movie Maker
2007-03-19 13:30 60928 --a------ C:\WINDOWS\system32\xgayze.dll
2007-03-17 08:43 292864 --a------ C:\WINDOWS\system32\winsrv.dll
2007-03-15 20:25 -------- d-a------ C:\Documents and Settings\HP_Owner\Application Data\Adobe
2007-03-13 18:15 -------- d-------- C:\Program Files\Common Files\Adobe
2007-03-13 18:15 -------- d-------- C:\Program Files\Adobe
2007-03-08 10:36 577536 --a------ C:\WINDOWS\system32\user32.dll
2007-03-08 10:36 40960 --a------ C:\WINDOWS\system32\mf3216.dll
2007-03-08 10:36 281600 --a------ C:\WINDOWS\system32\gdi32.dll
2007-03-08 08:47 1843584 --a------ C:\WINDOWS\system32\win32k.sys
2007-02-28 04:10 2180352 --a------ C:\WINDOWS\system32\ntoskrnl.exe
2007-02-28 03:38 2057600 --a------ C:\WINDOWS\system32\ntkrnlpa.exe
2007-02-11 11:50 221184 --a------ C:\WINDOWS\system32\xtbaksm.dll
2007-02-11 11:50 120 --a------ C:\WINDOWS\system32\bn.dll
2007-02-11 00:38 876 --a------ C:\Documents and Settings\HP_Owner\Application Data\wklnhst.dat
2007-02-05 15:17 185344 --a------ C:\WINDOWS\system32\upnphost.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccApp"="\"c:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"Adobe Photo Downloader"="\"C:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.0\\Apps\\apdproxy.exe\""
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Yahoo! Pager"="\"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe\" -quiet"
"SUPERAntiSpyware"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"
"Srro"="\"C:\\WINDOWS\\system32\\PPPATC~1\\lsass.exe\" -vt yazb"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoCDBurning"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000095
"NoActiveDesktop"=dword:00000000
"ClassicShell"=dword:00000000
"ForceActiveDesktopOn"=dword:00000000
"EditLevel"=dword:00000000
"NoSaveSettings"=dword:00000000
"NoFileMenu"=dword:00000000
"NoCommonGroups"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="http://www.neworleanssaints.com/photos/gallery/2006%20June%20Mini%20Camp/05-D3852.jpg"
"SubscribedURL"="http://www.neworleanssaints.com/photos/gallery/2006%20June%20Mini%20Camp/05-D3852.jpg"
"FriendlyName"=""
"Flags"=dword:00000001
"Position"=hex:2c,00,00,00,00,00,00,00,00,00,00,00,00,05,00,00,dd,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:02,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,6d,02,00,00,0a,00,00,00,92,02,00,00,e7,01,\
00,00,01,00,00,40
"RestoredStateInfo"=hex:18,00,00,00,6c,02,00,00,1c,00,00,00,92,02,00,00,e7,01,\
00,00,01,00,00,40

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\1]
"Source"="C:\\Program Files\\ComPlus Applications\\sasojyg.html"
"SubscribedURL"=""
"FriendlyName"=""
"Flags"=dword:00000000
"Position"=hex:2c,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,00,00,ea,\
03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,14,00,00,00,14,00,00,00
"CurrentState"=hex:01,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,\
00,00,01,00,00,40
"RestoredStateInfo"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\2]
"Source"="C:\\Program Files\\NetMeeting\\quqegodod.html"
"SubscribedURL"=""
"FriendlyName"=""
"Flags"=dword:00000000
"Position"=hex:2c,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,00,00,ec,\
03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,14,00,00,00,14,00,00,00
"CurrentState"=hex:01,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,\
00,00,01,00,00,40
"RestoredStateInfo"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\3]
"Source"="http://www.neworleanssaints.com/photos/gallery/2006%20June%20Mini%20Camp/25-D4737.jpg"
"SubscribedURL"="http://www.neworleanssaints.com/photos/gallery/2006%20June%20Mini%20Camp/25-D4737.jpg"
"FriendlyName"=""
"Flags"=dword:00000001
"Position"=hex:2c,00,00,00,6c,02,00,00,f4,01,00,00,91,02,00,00,ea,01,00,00,ee,\
03,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:01,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,6c,02,00,00,f4,01,00,00,91,02,00,00,ea,01,\
00,00,01,00,00,40
"RestoredStateInfo"=hex:14,6d,ba,04,41,c0,b4,74,50,07,48,05,68,de,ba,04,20,6d,\
ba,04,65,87,00,00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\4]
"Source"="http://www.neworleanssaints.com/photos/gallery/2006%20June%20Mini%20Camp/03-D3993.jpg"
"SubscribedURL"="http://www.neworleanssaints.com/photos/gallery/2006%20June%20Mini%20Camp/03-D3993.jpg"
"FriendlyName"=""
"Flags"=dword:00000001
"Position"=hex:2c,00,00,00,02,00,00,00,0a,00,00,00,69,02,00,00,e6,01,00,00,f0,\
03,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
&

#7 MrWutItDew

MrWutItDew
  • Topic Starter

  • Members
  • 119 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lafayette
  • Local time:09:30 AM

Posted 03 May 2007 - 12:19 AM

Logfile of HijackThis v1.99.1
Scan saved at 01:11, on 07-05-02
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\PPPATC~1\lsass.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://myspace.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Srro] "C:\WINDOWS\system32\PPPATC~1\lsass.exe" -vt yazb
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Absolute Poker Basic - {5E72AD5A-20DF-4ca4-9B7B-D9717FFDE0C5} - C:\Documents and Settings\HP_Owner\Start Menu\Programs\Absolute Poker Basic\Absolute Poker Basic.lnk
O9 - Extra 'Tools' menuitem: Absolute Poker Basic - {5E72AD5A-20DF-4ca4-9B7B-D9717FFDE0C5} - C:\Documents and Settings\HP_Owner\Start Menu\Programs\Absolute Poker Basic\Absolute Poker Basic.lnk
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4056/ftp...302/Coupons.cab
O18 - Protocol: bw+0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - AppInit_DLLs: dxclib303562752.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Logitech, Inc. - (no file)
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Security - (no file)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - c:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

4PLAY 4.95 for Windows 95
Ad-aware 6 Personal
Adobe Flash Player ActiveX
Adobe Reader 8
Adobe® Photoshop® Album Starter Edition 3.0
America Online (Choose which version to remove)
AOL Coach Version 1.0(Build:20040229.1 en)
AOL Connectivity Services
AOL Explorer
AOL Instant Messenger
AOL Spyware Protection
AOL Toolbar
AOL You've Got Pictures Screensaver
Apple Software Update
ArcSoft Suite
Bejeweled 2 Deluxe
Bejeweled 2 Deluxe 1.0
BellSouth FastAccess DSL Help Center
BellSouth Internet Security - Alert Manager 1.3.20
BellSouth Toolbar 1.0
Cakewalk Guitar Studio 1.0
CC_ccProxyMSI
CC_ccStart
ccCommon
Chuzzle Deluxe 1.0
Collab
Cool Edit Pro 2.0
DivX Player
DivX Pro Trial
DreamStation DXi2
DVD Shrink 3.2
Easy Internet Sign-up
Filetopia Client v3.04d
FL Studio 5
Google Earth
Google Toolbar for Internet Explorer
Help and Support Additions
High Definition Audio Driver Package - KB835221
HijackThis 1.99.1
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB935448)
HP Deskjet Preloaded Printer Drivers
HP Image Zone 4.2.3
HP Image Zone Plus 4.2.3
HP Organize
HP Photosmart Cameras 4.0
HP PSC & OfficeJet 4.0
HP Software Update
HPIZ423
ICS Viewer 6.0
Intel® Graphics Media Accelerator Driver
IntelliMover Data Transfer Demo
Internet Worm Protection
InterVideo DiscLabel
InterVideo WinDVD Creator
InterVideo WinDVD Player
iTunes
J2SE Runtime Environment 5.0 Update 3
Java 2 Runtime Environment, SE v1.4.2_03
Kaspersky Online Scanner
KBD
LiveReg (Symantec Corporation)
LiveUpdate 2.6 (Symantec Corporation)
Logitech Desktop Messenger
Logitech SetPoint
Macromedia Shockwave Player
MailWasher
MediaLife
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office Standard Edition 2003
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Works
MSN
MSRedist
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
Musicmatch® Jukebox
muvee autoProducer 3.5 magicMoments - HPD
My Wal-Mart Digital Photo Center
Need2Find Bar
Norton AntiVirus 2005
Norton AntiVirus 2005 (Symantec Corporation)
Norton AntiVirus Help
Norton AntiVirus Parent MSI
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Personal Firewall
Norton Personal Firewall (Symantec Corporation)
Norton Security Center
Norton WMI Update
Norton WMI Update
OIN
PACE System Files
PACE System Files
PCDJ FX VRM
PConPoint v1.1
Peer Points Manager
Photosmart 320,370,7400,8100,8400 Series
PowerDesk 5.0
Project5 Version 2 Demo
PS2
Pure Networks Port Magic
Python 2.2 combined Win32 extensions
Python 2.2.1
QuickTime
RealPlayer
Recovery Commander
RegCure 1.0.0.43
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Sonic Express Labeler
Sonic RecordNow!
SPBBC
Spybot - Search & Destroy 1.3
Super DVD Creator 9.20
SUPERAntiSpyware Free Edition
Sygate Personal Firewall
Symantec
SymNet
Ultra soft
Unlocker 1.8.5
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB929338)
Update for Windows XP (KB931836)
Updates from HP
Viewpoint Media Player
Virtual DJ - Atomix Productions
Virtual Sound Canvas DXi
Wal-Mart Digital Photo Manager
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB883667
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
WinRAR archiver
Yahoo! Anti-Spy
Yahoo! Browser Services
Yahoo! Messenger
Yahoo! Toolbar
Zuma Deluxe 1.0
Zuma Deluxe RA

HP_Owner - 07-05-02 1:05:24.56
ComboFix 06.08.30BT - Running from: C:\Program Files

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Program Files\Common Files\{1D503C94-0BF9-1033-1112-040823200001}
C:\Program Files\Common Files\{1D503C94-0BFA-1033-1112-040823200001}
C:\Program Files\Common Files\{3D503C94-0BF9-1033-1112-040823200001}
C:\Program Files\Common Files\{3D503C94-0BFA-1033-1112-040823200001}

~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

Folders Quarantined:

C:\QooBox\Purity\Documents and Settings\HP_Owner\Application Data\SSEMBL~1
C:\QooBox\Purity\Documents and Settings\HP_Owner\Application Data\SSEMBL~1\netdde.exe
C:\QooBox\Purity\Documents and Settings\HP_Owner\Application Data\SSEMBL~1\?ssembly
C:\QooBox\Purity\Documents and Settings\HP_Owner\Application Data\SSEMBL~1\?ssembly\ctxad-552.0000
C:\QooBox\Purity\Documents and Settings\HP_Owner\Application Data\SSEMBL~1\?ssembly\ctxad-552.0001
C:\QooBox\Purity\Program Files\Common Files\RACLE~1


((((((((((((((((((((((((((((((( Files Created from 2007-04-02 to 2007-05-02 ))))))))))))))))))))))))))))))))))


2007-05-02 00:52 380,416 --a------ C:\WINDOWS\system32\rstrui.exe
2007-05-02 00:24 167 --a------ C:\WINDOWS\system32\6416.bat
2007-05-01 06:59 167 --a------ C:\WINDOWS\system32\1801.bat
2007-04-28 00:45 167 --a------ C:\WINDOWS\system32\3475.bat
2007-04-14 00:39 167 --a------ C:\WINDOWS\system32\4020.bat
2007-04-13 17:41 769 --a------ C:\WINDOWS\smdat32a.sys
2007-04-13 17:41 10 --a------ C:\WINDOWS\smdat32m.sys
2007-04-12 00:37 203,149 --a------ C:\WINDOWS\system32\ap.exe
2007-04-12 00:37 167 --a------ C:\WINDOWS\system32\4914.bat
2007-04-05 00:53 167 --a------ C:\WINDOWS\system32\9931.bat


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-05-02 01:06 -------- d-------- C:\Program Files\Common Files
2007-05-02 00:23 32768 --a------ C:\WINDOWS\system32\setup9x.exe
2007-05-02 00:22 78360 --a------ C:\Program Files\uy.exe
2007-04-30 21:52 -------- d-------- C:\Program Files\Common Files\Symantec Shared
2007-04-25 00:35 -------- d-------- C:\Program Files\HijackThis
2007-04-19 21:39 -------- d-------- C:\Program Files\Filetopia3
2007-04-13 17:54 -------- d-------- C:\Program Files\INSTAFINK
2007-04-13 17:43 -------- d-------- C:\Program Files\Need2Find
2007-04-13 17:43 -------- d-------- C:\Program Files\Kazaa
2007-04-13 17:43 -------- d-------- C:\Program Files\Altnet
2007-04-13 17:42 -------- d--h----- C:\Program Files\InstallShield Installation Information
2007-04-12 00:37 32178 ---hs---- C:\Program Files\Common Files\Yazzle1396OinUninstaller.exe
2007-04-01 10:18 167 --a------ C:\WINDOWS\system32\4754.bat
2007-03-31 20:53 -------- d-------- C:\Program Files\Unlocker
2007-03-31 16:54 -------- d-------- C:\Program Files\Digidesign
2007-03-31 13:52 167 --a------ C:\WINDOWS\system32\1471.bat
2007-03-31 13:30 -------- d-------- C:\Program Files\Cakewalk
2007-03-31 09:15 167 --a------ C:\WINDOWS\system32\8219.bat
2007-03-31 08:47 -------- d-------- C:\Program Files\BearShare Applications
2007-03-29 22:15 167 --a------ C:\WINDOWS\system32\4628.bat
2007-03-29 15:54 167 --a------ C:\WINDOWS\system32\4463.bat
2007-03-29 15:39 167 --a------ C:\WINDOWS\system32\4714.bat
2007-03-29 15:24 167 --a------ C:\WINDOWS\system32\8105.bat
2007-03-29 15:09 167 --a------ C:\WINDOWS\system32\3224.bat
2007-03-29 14:54 167 --a------ C:\WINDOWS\system32\7229.bat
2007-03-29 14:39 167 --a------ C:\WINDOWS\system32\7401.bat
2007-03-29 14:24 167 --a------ C:\WINDOWS\system32\1251.bat
2007-03-29 14:09 167 --a------ C:\WINDOWS\system32\4788.bat
2007-03-29 13:54 167 --a------ C:\WINDOWS\system32\7561.bat
2007-03-29 13:39 167 --a------ C:\WINDOWS\system32\8294.bat
2007-03-29 13:24 167 --a------ C:\WINDOWS\system32\8893.bat
2007-03-29 13:09 167 --a------ C:\WINDOWS\system32\2182.bat
2007-03-29 11:06 167 --a------ C:\WINDOWS\system32\7922.bat
2007-03-29 10:51 167 --a------ C:\WINDOWS\system32\2899.bat
2007-03-29 10:36 167 --a------ C:\WINDOWS\system32\5870.bat
2007-03-29 10:21 167 --a------ C:\WINDOWS\system32\3652.bat
2007-03-29 10:06 167 --a------ C:\WINDOWS\system32\1581.bat
2007-03-29 09:51 167 --a------ C:\WINDOWS\system32\7447.bat
2007-03-29 09:36 167 --a------ C:\WINDOWS\system32\8741.bat
2007-03-29 09:21 167 --a------ C:\WINDOWS\system32\4835.bat
2007-03-29 09:06 167 --a------ C:\WINDOWS\system32\3859.bat
2007-03-29 08:51 167 --a------ C:\WINDOWS\system32\8790.bat
2007-03-28 22:53 -------- d-------- C:\Program Files\RegCure
2007-03-28 20:05 167 --a------ C:\WINDOWS\system32\8200.bat
2007-03-28 19:50 167 --a------ C:\WINDOWS\system32\1707.bat
2007-03-28 19:35 167 --a------ C:\WINDOWS\system32\6218.bat
2007-03-28 19:20 167 --a------ C:\WINDOWS\system32\7488.bat
2007-03-28 19:05 167 --a------ C:\WINDOWS\system32\7884.bat
2007-03-28 18:50 167 --a------ C:\WINDOWS\system32\5559.bat
2007-03-28 18:35 167 --a------ C:\WINDOWS\system32\7923.bat
2007-03-28 18:20 167 --a------ C:\WINDOWS\system32\3993.bat
2007-03-28 18:05 167 --a------ C:\WINDOWS\system32\8777.bat
2007-03-28 17:50 167 --a------ C:\WINDOWS\system32\9284.bat
2007-03-28 17:35 167 --a------ C:\WINDOWS\system32\1598.bat
2007-03-28 17:20 167 --a------ C:\WINDOWS\system32\7846.bat
2007-03-28 17:05 167 --a------ C:\WINDOWS\system32\2510.bat
2007-03-28 16:50 167 --a------ C:\WINDOWS\system32\3683.bat
2007-03-28 16:35 167 --a------ C:\WINDOWS\system32\4443.bat
2007-03-28 16:20 167 --a------ C:\WINDOWS\system32\8977.bat
2007-03-28 16:05 167 --a------ C:\WINDOWS\system32\4101.bat
2007-03-28 15:50 167 --a------ C:\WINDOWS\system32\2920.bat
2007-03-28 15:35 167 --a------ C:\WINDOWS\system32\4827.bat
2007-03-28 15:20 167 --a------ C:\WINDOWS\system32\8924.bat
2007-03-28 15:05 167 --a------ C:\WINDOWS\system32\9652.bat
2007-03-28 14:50 167 --a------ C:\WINDOWS\system32\1667.bat
2007-03-28 14:35 167 --a------ C:\WINDOWS\system32\4082.bat
2007-03-28 14:20 167 --a------ C:\WINDOWS\system32\8643.bat
2007-03-28 14:05 167 --a------ C:\WINDOWS\system32\2777.bat
2007-03-28 13:50 167 --a------ C:\WINDOWS\system32\7337.bat
2007-03-28 13:35 167 --a------ C:\WINDOWS\system32\2382.bat
2007-03-28 13:20 167 --a------ C:\WINDOWS\system32\8577.bat
2007-03-28 13:05 167 --a------ C:\WINDOWS\system32\5563.bat
2007-03-28 12:50 167 --a------ C:\WINDOWS\system32\1609.bat
2007-03-28 12:35 167 --a------ C:\WINDOWS\system32\4660.bat
2007-03-28 12:20 167 --a------ C:\WINDOWS\system32\4659.bat
2007-03-28 12:05 167 --a------ C:\WINDOWS\system32\5206.bat
2007-03-28 11:50 167 --a------ C:\WINDOWS\system32\1070.bat
2007-03-28 11:35 167 --a------ C:\WINDOWS\system32\7826.bat
2007-03-28 11:20 167 --a------ C:\WINDOWS\system32\2358.bat
2007-03-28 11:05 167 --a------ C:\WINDOWS\system32\7432.bat
2007-03-28 10:50 167 --a------ C:\WINDOWS\system32\4418.bat
2007-03-28 10:35 167 --a------ C:\WINDOWS\system32\2734.bat
2007-03-28 10:20 167 --a------ C:\WINDOWS\system32\1197.bat
2007-03-28 10:05 167 --a------ C:\WINDOWS\system32\1778.bat
2007-03-28 09:50 167 --a------ C:\WINDOWS\system32\1574.bat
2007-03-28 09:35 167 --a------ C:\WINDOWS\system32\5521.bat
2007-03-28 09:20 167 --a------ C:\WINDOWS\system32\9593.bat
2007-03-28 09:05 167 --a------ C:\WINDOWS\system32\6755.bat
2007-03-28 08:50 167 --a------ C:\WINDOWS\system32\7614.bat
2007-03-28 08:35 167 --a------ C:\WINDOWS\system32\6439.bat
2007-03-28 08:20 167 --a------ C:\WINDOWS\system32\8393.bat
2007-03-28 08:05 167 --a------ C:\WINDOWS\system32\1136.bat
2007-03-28 07:50 167 --a------ C:\WINDOWS\system32\7815.bat
2007-03-28 07:35 167 --a------ C:\WINDOWS\system32\9239.bat
2007-03-28 07:20 167 --a------ C:\WINDOWS\system32\6469.bat
2007-03-28 07:05 167 --a------ C:\WINDOWS\system32\3923.bat
2007-03-28 06:50 167 --a------ C:\WINDOWS\system32\6088.bat
2007-03-28 06:35 167 --a------ C:\WINDOWS\system32\3502.bat
2007-03-28 06:20 167 --a------ C:\WINDOWS\system32\7753.bat
2007-03-28 06:04 167 --a------ C:\WINDOWS\system32\3252.bat
2007-03-28 05:49 167 --a------ C:\WINDOWS\system32\7661.bat
2007-03-28 05:34 167 --a------ C:\WINDOWS\system32\2884.bat
2007-03-28 05:19 167 --a------ C:\WINDOWS\system32\4770.bat
2007-03-28 05:04 167 --a------ C:\WINDOWS\system32\2169.bat
2007-03-28 04:49 167 --a------ C:\WINDOWS\system32\6367.bat
2007-03-28 04:34 167 --a------ C:\WINDOWS\system32\4019.bat
2007-03-28 04:19 167 --a------ C:\WINDOWS\system32\4850.bat
2007-03-28 04:04 167 --a------ C:\WINDOWS\system32\3473.bat
2007-03-28 03:49 167 --a------ C:\WINDOWS\system32\7019.bat
2007-03-28 03:34 167 --a------ C:\WINDOWS\system32\1039.bat
2007-03-28 03:19 167 --a------ C:\WINDOWS\system32\9619.bat
2007-03-28 03:04 167 --a------ C:\WINDOWS\system32\5990.bat
2007-03-28 02:49 167 --a------ C:\WINDOWS\system32\5622.bat
2007-03-28 02:34 167 --a------ C:\WINDOWS\system32\4859.bat
2007-03-28 02:19 167 --a------ C:\WINDOWS\system32\7841.bat
2007-03-28 02:04 167 --a------ C:\WINDOWS\system32\8548.bat
2007-03-28 01:49 167 --a------ C:\WINDOWS\system32\3285.bat
2007-03-28 01:34 167 --a------ C:\WINDOWS\system32\6462.bat
2007-03-28 01:19 167 --a------ C:\WINDOWS\system32\8371.bat
2007-03-28 01:18 -------- d-------- C:\Program Files\PeerGuardian pr14
2007-03-28 01:04 167 --a------ C:\WINDOWS\system32\2327.bat
2007-03-28 00:49 167 --a------ C:\WINDOWS\system32\8057.bat
2007-03-28 00:34 167 --a------ C:\WINDOWS\system32\5998.bat
2007-03-28 00:19 167 --a------ C:\WINDOWS\system32\4962.bat
2007-03-28 00:04 167 --a------ C:\WINDOWS\system32\5253.bat
2007-03-27 23:49 167 --a------ C:\WINDOWS\system32\4236.bat
2007-03-27 23:34 167 --a------ C:\WINDOWS\system32\6753.bat
2007-03-27 23:19 167 --a------ C:\WINDOWS\system32\1088.bat
2007-03-27 23:03 167 --a------ C:\WINDOWS\system32\2975.bat
2007-03-27 22:48 167 --a------ C:\WINDOWS\system32\9128.bat
2007-03-27 22:33 167 --a------ C:\WINDOWS\system32\1754.bat
2007-03-27 22:18 167 --a------ C:\WINDOWS\system32\9315.bat
2007-03-27 22:03 167 --a------ C:\WINDOWS\system32\4091.bat
2007-03-27 21:48 167 --a------ C:\WINDOWS\system32\1389.bat
2007-03-27 21:33 167 --a------ C:\WINDOWS\system32\1679.bat
2007-03-27 21:18 167 --a------ C:\WINDOWS\system32\1120.bat
2007-03-27 21:03 167 --a------ C:\WINDOWS\system32\9704.bat
2007-03-27 20:48 167 --a------ C:\WINDOWS\system32\7563.bat
2007-03-27 20:33 167 --a------ C:\WINDOWS\system32\7004.bat
2007-03-27 20:18 167 --a------ C:\WINDOWS\system32\2514.bat
2007-03-27 20:03 167 --a------ C:\WINDOWS\system32\2657.bat
2007-03-27 19:48 167 --a------ C:\WINDOWS\system32\2204.bat
2007-03-27 19:33 167 --a------ C:\WINDOWS\system32\2495.bat
2007-03-27 19:18 167 --a------ C:\WINDOWS\system32\1931.bat
2007-03-27 19:03 167 --a------ C:\WINDOWS\system32\1514.bat
2007-03-27 18:48 167 --a------ C:\WINDOWS\system32\5000.bat
2007-03-27 18:33 167 --a------ C:\WINDOWS\system32\6412.bat
2007-03-27 18:18 167 --a------ C:\WINDOWS\system32\6703.bat
2007-03-27 18:03 167 --a------ C:\WINDOWS\system32\1073.bat
2007-03-27 17:48 167 --a------ C:\WINDOWS\system32\1267.bat
2007-03-27 17:33 167 --a------ C:\WINDOWS\system32\9435.bat
2007-03-27 17:18 167 --a------ C:\WINDOWS\system32\6136.bat
2007-03-27 17:03 167 --a------ C:\WINDOWS\system32\3834.bat
2007-03-27 16:48 167 --a------ C:\WINDOWS\system32\3471.bat
2007-03-27 16:33 167 --a------ C:\WINDOWS\system32\7754.bat
2007-03-27 16:18 167 --a------ C:\WINDOWS\system32\9906.bat
2007-03-27 16:03 167 --a------ C:\WINDOWS\system32\2547.bat
2007-03-27 15:48 167 --a------ C:\WINDOWS\system32\6724.bat
2007-03-27 15:33 167 --a------ C:\WINDOWS\system32\9497.bat
2007-03-27 15:18 167 --a------ C:\WINDOWS\system32\8012.bat
2007-03-27 15:03 167 --a------ C:\WINDOWS\system32\2555.bat
2007-03-27 14:48 167 --a------ C:\WINDOWS\system32\6706.bat
2007-03-27 14:33 167 --a------ C:\WINDOWS\system32\8817.bat
2007-03-27 14:18 167 --a------ C:\WINDOWS\system32\6873.bat
2007-03-27 14:03 167 --a------ C:\WINDOWS\system32\5750.bat
2007-03-27 13:47 167 --a------ C:\WINDOWS\system32\4265.bat
2007-03-27 13:32 167 --a------ C:\WINDOWS\system32\7809.bat
2007-03-27 13:17 167 --a------ C:\WINDOWS\system32\9691.bat
2007-03-27 13:02 167 --a------ C:\WINDOWS\system32\6319.bat
2007-03-27 12:47 167 --a------ C:\WINDOWS\system32\6892.bat
2007-03-27 12:32 167 --a------ C:\WINDOWS\system32\5916.bat
2007-03-27 12:17 167 --a------ C:\WINDOWS\system32\5560.bat
2007-03-27 12:02 167 --a------ C:\WINDOWS\system32\4023.bat
2007-03-27 11:47 167 --a------ C:\WINDOWS\system32\4070.bat
2007-03-27 11:32 167 --a------ C:\WINDOWS\system32\2533.bat
2007-03-27 11:17 167 --a------ C:\WINDOWS\system32\9850.bat
2007-03-27 11:02 167 --a------ C:\WINDOWS\system32\1201.bat
2007-03-27 10:47 167 --a------ C:\WINDOWS\system32\6274.bat
2007-03-27 10:32 167 --a------ C:\WINDOWS\system32\8685.bat
2007-03-27 10:17 167 --a------ C:\WINDOWS\system32\4757.bat
2007-03-27 10:02 167 --a------ C:\WINDOWS\system32\8501.bat
2007-03-27 09:47 167 --a------ C:\WINDOWS\system32\5134.bat
2007-03-27 09:32 167 --a------ C:\WINDOWS\system32\8659.bat
2007-03-27 09:17 167 --a------ C:\WINDOWS\system32\7965.bat
2007-03-27 09:02 167 --a------ C:\WINDOWS\system32\1629.bat
2007-03-27 08:47 167 --a------ C:\WINDOWS\system32\1007.bat
2007-03-27 08:32 167 --a------ C:\WINDOWS\system32\4333.bat
2007-03-27 08:17 167 --a------ C:\WINDOWS\system32\4955.bat
2007-03-27 08:02 167 --a------ C:\WINDOWS\system32\4665.bat
2007-03-27 07:47 167 --a------ C:\WINDOWS\system32\1154.bat
2007-03-27 07:32 167 --a------ C:\WINDOWS\system32\4230.bat
2007-03-27 07:17 167 --a------ C:\WINDOWS\system32\5154.bat
2007-03-27 07:02 167 --a------ C:\WINDOWS\system32\5812.bat
2007-03-27 06:47 167 --a------ C:\WINDOWS\system32\5707.bat
2007-03-27 06:32 167 --a------ C:\WINDOWS\system32\6540.bat
2007-03-27 05:57 167 --a------ C:\WINDOWS\system32\9011.bat
2007-03-27 05:42 167 --a------ C:\WINDOWS\system32\6254.bat
2007-03-27 05:27 167 --a------ C:\WINDOWS\system32\9251.bat
2007-03-27 05:12 167 --a------ C:\WINDOWS\system32\1372.bat
2007-03-27 04:57 167 --a------ C:\WINDOWS\system32\1121.bat
2007-03-27 04:42 167 --a------ C:\WINDOWS\system32\4066.bat
2007-03-27 04:27 167 --a------ C:\WINDOWS\system32\5690.bat
2007-03-27 04:12 167 --a------ C:\WINDOWS\system32\4753.bat
2007-03-27 03:57 167 --a------ C:\WINDOWS\system32\7835.bat
2007-03-27 03:42 167 --a------ C:\WINDOWS\system32\7051.bat
2007-03-27 03:27 167 --a------ C:\WINDOWS\system32\3744.bat
2007-03-27 03:12 167 --a------ C:\WINDOWS\system32\5139.bat
2007-03-27 02:56 167 --a------ C:\WINDOWS\system32\1205.bat
2007-03-27 02:41 167 --a------ C:\WINDOWS\system32\7689.bat
2007-03-27 02:26 167 --a------ C:\WINDOWS\system32\5598.bat
2007-03-27 02:11 167 --a------ C:\WINDOWS\system32\3454.bat
2007-03-27 01:56 167 --a------ C:\WINDOWS\system32\5121.bat
2007-03-27 01:41 167 --a------ C:\WINDOWS\system32\8608.bat
2007-03-27 01:26 167 --a------ C:\WINDOWS\system32\8346.bat
2007-03-27 01:11 167 --a------ C:\WINDOWS\system32\9868.bat
2007-03-27 00:56 167 --a------ C:\WINDOWS\system32\7457.bat
2007-03-27 00:41 167 --a------ C:\WINDOWS\system32\9438.bat
2007-03-27 00:26 167 --a------ C:\WINDOWS\system32\6564.bat
2007-03-26 23:36 167 --a------ C:\WINDOWS\system32\3226.bat
2007-03-25 22:40 -------- d-------- C:\Program Files\WinRAR
2007-03-24 19:46 -------- d-------- C:\Program Files\Absolute Poker Basic
2007-03-24 15:51 114 --a------ C:\WINDOWS\system32\hhjj.bat
2007-03-24 15:45 -------- d-------- C:\Program Files\SUPERAntiSpyware
2007-03-23 22:17 128 --a------ C:\WINDOWS\system32\lo.exe
2007-03-23 15:05 -------- d-------- C:\Program Files\Outlook Express
2007-03-23 15:05 -------- d-------- C:\Program Files\Common Files\System
2007-03-23 14:58 -------- d-------- C:\Program Files\Internet Explorer
2007-03-23 01:17 29 --a------ C:\Documents and Settings\HP_Owner\Application Data\Dxccwrd.dll
2007-03-23 00:55 -------- d-------- C:\Program Files\MSN Gaming Zone
2007-03-23 00:52 826971 --a------ C:\Documents and Settings\HP_Owner\Application Data\Dxcknwrd.dll
2007-03-23 00:51 -------- d-------- C:\Program Files\Outerinfo
2007-03-23 00:50 93736 --a------ C:\WINDOWS\VTTC.exe
2007-03-23 00:50 41792 --a------ C:\WINDOWS\system32\app.exe
2007-03-23 00:47 147456 --a------ C:\WINDOWS\system32\vbzip10.dll
2007-03-23 00:43 201 --a------ C:\WINDOWS\system32\q.bat
2007-03-22 06:04 -------- d-------- C:\Program Files\Movie Maker
2007-03-19 13:30 60928 --a------ C:\WINDOWS\system32\xgayze.dll
2007-03-17 08:43 292864 --a------ C:\WINDOWS\system32\winsrv.dll
2007-03-15 20:25 -------- d-a------ C:\Documents and Settings\HP_Owner\Application Data\Adobe
2007-03-13 18:15 -------- d-------- C:\Program Files\Common Files\Adobe
2007-03-13 18:15 -------- d-------- C:\Program Files\Adobe
2007-03-08 10:36 577536 --a------ C:\WINDOWS\system32\user32.dll
2007-03-08 10:36 40960 --a------ C:\WINDOWS\system32\mf3216.dll
2007-03-08 10:36 281600 --a------ C:\WINDOWS\system32\gdi32.dll
2007-03-08 08:47 1843584 --a------ C:\WINDOWS\system32\win32k.sys
2007-02-28 04:10 2180352 --a------ C:\WINDOWS\system32\ntoskrnl.exe
2007-02-28 03:38 2057600 --a------ C:\WINDOWS\system32\ntkrnlpa.exe
2007-02-11 11:50 221184 --a------ C:\WINDOWS\system32\xtbaksm.dll
2007-02-11 11:50 120 --a------ C:\WINDOWS\system32\bn.dll
2007-02-11 00:38 876 --a------ C:\Documents and Settings\HP_Owner\Application Data\wklnhst.dat
2007-02-05 15:17 185344 --a------ C:\WINDOWS\system32\upnphost.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccApp"="\"c:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"Adobe Photo Downloader"="\"C:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.0\\Apps\\apdproxy.exe\""
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Yahoo! Pager"="\"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe\" -quiet"
"SUPERAntiSpyware"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"
"Srro"="\"C:\\WINDOWS\\system32\\PPPATC~1\\lsass.exe\" -vt yazb"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoCDBurning"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000095
"NoActiveDesktop"=dword:00000000
"ClassicShell"=dword:00000000
"ForceActiveDesktopOn"=dword:00000000
"EditLevel"=dword:00000000
"NoSaveSettings"=dword:00000000
"NoFileMenu"=dword:00000000
"NoCommonGroups"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="http://www.neworleanssaints.com/photos/gallery/2006%20June%20Mini%20Camp/05-D3852.jpg"
"SubscribedURL"="http://www.neworleanssaints.com/photos/gallery/2006%20June%20Mini%20Camp/05-D3852.jpg"
"FriendlyName"=""
"Flags"=dword:00000001
"Position"=hex:2c,00,00,00,00,00,00,00,00,00,00,00,00,05,00,00,dd,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:02,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,6d,02,00,00,0a,00,00,00,92,02,00,00,e7,01,\
00,00,01,00,00,40
"RestoredStateInfo"=hex:18,00,00,00,6c,02,00,00,1c,00,00,00,92,02,00,00,e7,01,\
00,00,01,00,00,40

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\1]
"Source"="C:\\Program Files\\ComPlus Applications\\sasojyg.html"
"SubscribedURL"=""
"FriendlyName"=""
"Flags"=dword:00000000
"Position"=hex:2c,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,00,00,ea,\
03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,14,00,00,00,14,00,00,00
"CurrentState"=hex:01,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,\
00,00,01,00,00,40
"RestoredStateInfo"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\2]
"Source"="C:\\Program Files\\NetMeeting\\quqegodod.html"
"SubscribedURL"=""
"FriendlyName"=""
"Flags"=dword:00000000
"Position"=hex:2c,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,00,00,ec,\
03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,14,00,00,00,14,00,00,00
"CurrentState"=hex:01,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,\
00,00,01,00,00,40
"RestoredStateInfo"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\3]
"Source"="http://www.neworleanssaints.com/photos/gallery/2006%20June%20Mini%20Camp/25-D4737.jpg"
"SubscribedURL"="http://www.neworleanssaints.com/photos/gallery/2006%20June%20Mini%20Camp/25-D4737.jpg"
"FriendlyName"=""
"Flags"=dword:00000001
"Position"=hex:2c,00,00,00,6c,02,00,00,f4,01,00,00,91,02,00,00,ea,01,00,00,ee,\
03,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:01,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,6c,02,00,00,f4,01,00,00,91,02,00,00,ea,01,\
00,00,01,00,00,40
"RestoredStateInfo"=hex:14,6d,ba,04,41,c0,b4,74,50,07,48,05,68,de,ba,04,20,6d,\
ba,04,65,87,00,00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\4]
"Source"="http://www.neworleanssaints.com/photos/gallery/2006%20June%20Mini%20Camp/03-D3993.jpg"
"SubscribedURL"="http://www.neworleanssaints.com/photos/gallery/2006%20June%20Mini%20Camp/03-D3993.jpg"
"FriendlyName"=""
"Flags"=dword:00000001
"Position"=hex:2c,00,00,00,02,00,00,00,0a,00,00,00,69,02,00,00,e6,01,00,00,f0,\
03,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
&

#8 MrWutItDew

MrWutItDew
  • Topic Starter

  • Members
  • 119 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lafayette
  • Local time:09:30 AM

Posted 03 May 2007 - 06:34 AM

Logfile of HijackThis v1.99.1
Scan saved at 01:11, on 07-05-02
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\PPPATC~1\lsass.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://myspace.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Srro] "C:\WINDOWS\system32\PPPATC~1\lsass.exe" -vt yazb
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Absolute Poker Basic - {5E72AD5A-20DF-4ca4-9B7B-D9717FFDE0C5} - C:\Documents and Settings\HP_Owner\Start Menu\Programs\Absolute Poker Basic\Absolute Poker Basic.lnk
O9 - Extra 'Tools' menuitem: Absolute Poker Basic - {5E72AD5A-20DF-4ca4-9B7B-D9717FFDE0C5} - C:\Documents and Settings\HP_Owner\Start Menu\Programs\Absolute Poker Basic\Absolute Poker Basic.lnk
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4056/ftp...302/Coupons.cab
O18 - Protocol: bw+0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {3E72FE1B-0FD3-45CE-A0F4-472A33972BC0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - AppInit_DLLs: dxclib303562752.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Logitech, Inc. - (no file)
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Security - (no file)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - c:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

4PLAY 4.95 for Windows 95
Ad-aware 6 Personal
Adobe Flash Player ActiveX
Adobe Reader 8
Adobe® Photoshop® Album Starter Edition 3.0
America Online (Choose which version to remove)
AOL Coach Version 1.0(Build:20040229.1 en)
AOL Connectivity Services
AOL Explorer
AOL Instant Messenger
AOL Spyware Protection
AOL Toolbar
AOL You've Got Pictures Screensaver
Apple Software Update
ArcSoft Suite
Bejeweled 2 Deluxe
Bejeweled 2 Deluxe 1.0
BellSouth FastAccess DSL Help Center
BellSouth Internet Security - Alert Manager 1.3.20
BellSouth Toolbar 1.0
Cakewalk Guitar Studio 1.0
CC_ccProxyMSI
CC_ccStart
ccCommon
Chuzzle Deluxe 1.0
Collab
Cool Edit Pro 2.0
DivX Player
DivX Pro Trial
DreamStation DXi2
DVD Shrink 3.2
Easy Internet Sign-up
Filetopia Client v3.04d
FL Studio 5
Google Earth
Google Toolbar for Internet Explorer
Help and Support Additions
High Definition Audio Driver Package - KB835221
HijackThis 1.99.1
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB935448)
HP Deskjet Preloaded Printer Drivers
HP Image Zone 4.2.3
HP Image Zone Plus 4.2.3
HP Organize
HP Photosmart Cameras 4.0
HP PSC & OfficeJet 4.0
HP Software Update
HPIZ423
ICS Viewer 6.0
Intel® Graphics Media Accelerator Driver
IntelliMover Data Transfer Demo
Internet Worm Protection
InterVideo DiscLabel
InterVideo WinDVD Creator
InterVideo WinDVD Player
iTunes
J2SE Runtime Environment 5.0 Update 3
Java 2 Runtime Environment, SE v1.4.2_03
Kaspersky Online Scanner
KBD
LiveReg (Symantec Corporation)
LiveUpdate 2.6 (Symantec Corporation)
Logitech Desktop Messenger
Logitech SetPoint
Macromedia Shockwave Player
MailWasher
MediaLife
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office Standard Edition 2003
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Works
MSN
MSRedist
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
Musicmatch® Jukebox
muvee autoProducer 3.5 magicMoments - HPD
My Wal-Mart Digital Photo Center
Need2Find Bar
Norton AntiVirus 2005
Norton AntiVirus 2005 (Symantec Corporation)
Norton AntiVirus Help
Norton AntiVirus Parent MSI
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Personal Firewall
Norton Personal Firewall (Symantec Corporation)
Norton Security Center
Norton WMI Update
Norton WMI Update
OIN
PACE System Files
PACE System Files
PCDJ FX VRM
PConPoint v1.1
Peer Points Manager
Photosmart 320,370,7400,8100,8400 Series
PowerDesk 5.0
Project5 Version 2 Demo
PS2
Pure Networks Port Magic
Python 2.2 combined Win32 extensions
Python 2.2.1
QuickTime
RealPlayer
Recovery Commander
RegCure 1.0.0.43
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Sonic Express Labeler
Sonic RecordNow!
SPBBC
Spybot - Search & Destroy 1.3
Super DVD Creator 9.20
SUPERAntiSpyware Free Edition
Sygate Personal Firewall
Symantec
SymNet
Ultra soft
Unlocker 1.8.5
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB929338)
Update for Windows XP (KB931836)
Updates from HP
Viewpoint Media Player
Virtual DJ - Atomix Productions
Virtual Sound Canvas DXi
Wal-Mart Digital Photo Manager
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB883667
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
WinRAR archiver
Yahoo! Anti-Spy
Yahoo! Browser Services
Yahoo! Messenger
Yahoo! Toolbar
Zuma Deluxe 1.0
Zuma Deluxe RA

HP_Owner - 07-05-02 1:05:24.56
ComboFix 06.08.30BT - Running from: C:\Program Files

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Program Files\Common Files\{1D503C94-0BF9-1033-1112-040823200001}
C:\Program Files\Common Files\{1D503C94-0BFA-1033-1112-040823200001}
C:\Program Files\Common Files\{3D503C94-0BF9-1033-1112-040823200001}
C:\Program Files\Common Files\{3D503C94-0BFA-1033-1112-040823200001}

~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

Folders Quarantined:

C:\QooBox\Purity\Documents and Settings\HP_Owner\Application Data\SSEMBL~1
C:\QooBox\Purity\Documents and Settings\HP_Owner\Application Data\SSEMBL~1\netdde.exe
C:\QooBox\Purity\Documents and Settings\HP_Owner\Application Data\SSEMBL~1\?ssembly
C:\QooBox\Purity\Documents and Settings\HP_Owner\Application Data\SSEMBL~1\?ssembly\ctxad-552.0000
C:\QooBox\Purity\Documents and Settings\HP_Owner\Application Data\SSEMBL~1\?ssembly\ctxad-552.0001
C:\QooBox\Purity\Program Files\Common Files\RACLE~1


((((((((((((((((((((((((((((((( Files Created from 2007-04-02 to 2007-05-02 ))))))))))))))))))))))))))))))))))


2007-05-02 00:52 380,416 --a------ C:\WINDOWS\system32\rstrui.exe
2007-05-02 00:24 167 --a------ C:\WINDOWS\system32\6416.bat
2007-05-01 06:59 167 --a------ C:\WINDOWS\system32\1801.bat
2007-04-28 00:45 167 --a------ C:\WINDOWS\system32\3475.bat
2007-04-14 00:39 167 --a------ C:\WINDOWS\system32\4020.bat
2007-04-13 17:41 769 --a------ C:\WINDOWS\smdat32a.sys
2007-04-13 17:41 10 --a------ C:\WINDOWS\smdat32m.sys
2007-04-12 00:37 203,149 --a------ C:\WINDOWS\system32\ap.exe
2007-04-12 00:37 167 --a------ C:\WINDOWS\system32\4914.bat
2007-04-05 00:53 167 --a------ C:\WINDOWS\system32\9931.bat


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-05-02 01:06 -------- d-------- C:\Program Files\Common Files
2007-05-02 00:23 32768 --a------ C:\WINDOWS\system32\setup9x.exe
2007-05-02 00:22 78360 --a------ C:\Program Files\uy.exe
2007-04-30 21:52 -------- d-------- C:\Program Files\Common Files\Symantec Shared
2007-04-25 00:35 -------- d-------- C:\Program Files\HijackThis
2007-04-19 21:39 -------- d-------- C:\Program Files\Filetopia3
2007-04-13 17:54 -------- d-------- C:\Program Files\INSTAFINK
2007-04-13 17:43 -------- d-------- C:\Program Files\Need2Find
2007-04-13 17:43 -------- d-------- C:\Program Files\Kazaa
2007-04-13 17:43 -------- d-------- C:\Program Files\Altnet
2007-04-13 17:42 -------- d--h----- C:\Program Files\InstallShield Installation Information
2007-04-12 00:37 32178 ---hs---- C:\Program Files\Common Files\Yazzle1396OinUninstaller.exe
2007-04-01 10:18 167 --a------ C:\WINDOWS\system32\4754.bat
2007-03-31 20:53 -------- d-------- C:\Program Files\Unlocker
2007-03-31 16:54 -------- d-------- C:\Program Files\Digidesign
2007-03-31 13:52 167 --a------ C:\WINDOWS\system32\1471.bat
2007-03-31 13:30 -------- d-------- C:\Program Files\Cakewalk
2007-03-31 09:15 167 --a------ C:\WINDOWS\system32\8219.bat
2007-03-31 08:47 -------- d-------- C:\Program Files\BearShare Applications
2007-03-29 22:15 167 --a------ C:\WINDOWS\system32\4628.bat
2007-03-29 15:54 167 --a------ C:\WINDOWS\system32\4463.bat
2007-03-29 15:39 167 --a------ C:\WINDOWS\system32\4714.bat
2007-03-29 15:24 167 --a------ C:\WINDOWS\system32\8105.bat
2007-03-29 15:09 167 --a------ C:\WINDOWS\system32\3224.bat
2007-03-29 14:54 167 --a------ C:\WINDOWS\system32\7229.bat
2007-03-29 14:39 167 --a------ C:\WINDOWS\system32\7401.bat
2007-03-29 14:24 167 --a------ C:\WINDOWS\system32\1251.bat
2007-03-29 14:09 167 --a------ C:\WINDOWS\system32\4788.bat
2007-03-29 13:54 167 --a------ C:\WINDOWS\system32\7561.bat
2007-03-29 13:39 167 --a------ C:\WINDOWS\system32\8294.bat
2007-03-29 13:24 167 --a------ C:\WINDOWS\system32\8893.bat
2007-03-29 13:09 167 --a------ C:\WINDOWS\system32\2182.bat
2007-03-29 11:06 167 --a------ C:\WINDOWS\system32\7922.bat
2007-03-29 10:51 167 --a------ C:\WINDOWS\system32\2899.bat
2007-03-29 10:36 167 --a------ C:\WINDOWS\system32\5870.bat
2007-03-29 10:21 167 --a------ C:\WINDOWS\system32\3652.bat
2007-03-29 10:06 167 --a------ C:\WINDOWS\system32\1581.bat
2007-03-29 09:51 167 --a------ C:\WINDOWS\system32\7447.bat
2007-03-29 09:36 167 --a------ C:\WINDOWS\system32\8741.bat
2007-03-29 09:21 167 --a------ C:\WINDOWS\system32\4835.bat
2007-03-29 09:06 167 --a------ C:\WINDOWS\system32\3859.bat
2007-03-29 08:51 167 --a------ C:\WINDOWS\system32\8790.bat
2007-03-28 22:53 -------- d-------- C:\Program Files\RegCure
2007-03-28 20:05 167 --a------ C:\WINDOWS\system32\8200.bat
2007-03-28 19:50 167 --a------ C:\WINDOWS\system32\1707.bat
2007-03-28 19:35 167 --a------ C:\WINDOWS\system32\6218.bat
2007-03-28 19:20 167 --a------ C:\WINDOWS\system32\7488.bat
2007-03-28 19:05 167 --a------ C:\WINDOWS\system32\7884.bat
2007-03-28 18:50 167 --a------ C:\WINDOWS\system32\5559.bat
2007-03-28 18:35 167 --a------ C:\WINDOWS\system32\7923.bat
2007-03-28 18:20 167 --a------ C:\WINDOWS\system32\3993.bat
2007-03-28 18:05 167 --a------ C:\WINDOWS\system32\8777.bat
2007-03-28 17:50 167 --a------ C:\WINDOWS\system32\9284.bat
2007-03-28 17:35 167 --a------ C:\WINDOWS\system32\1598.bat
2007-03-28 17:20 167 --a------ C:\WINDOWS\system32\7846.bat
2007-03-28 17:05 167 --a------ C:\WINDOWS\system32\2510.bat
2007-03-28 16:50 167 --a------ C:\WINDOWS\system32\3683.bat
2007-03-28 16:35 167 --a------ C:\WINDOWS\system32\4443.bat
2007-03-28 16:20 167 --a------ C:\WINDOWS\system32\8977.bat
2007-03-28 16:05 167 --a------ C:\WINDOWS\system32\4101.bat
2007-03-28 15:50 167 --a------ C:\WINDOWS\system32\2920.bat
2007-03-28 15:35 167 --a------ C:\WINDOWS\system32\4827.bat
2007-03-28 15:20 167 --a------ C:\WINDOWS\system32\8924.bat
2007-03-28 15:05 167 --a------ C:\WINDOWS\system32\9652.bat
2007-03-28 14:50 167 --a------ C:\WINDOWS\system32\1667.bat
2007-03-28 14:35 167 --a------ C:\WINDOWS\system32\4082.bat
2007-03-28 14:20 167 --a------ C:\WINDOWS\system32\8643.bat
2007-03-28 14:05 167 --a------ C:\WINDOWS\system32\2777.bat
2007-03-28 13:50 167 --a------ C:\WINDOWS\system32\7337.bat
2007-03-28 13:35 167 --a------ C:\WINDOWS\system32\2382.bat
2007-03-28 13:20 167 --a------ C:\WINDOWS\system32\8577.bat
2007-03-28 13:05 167 --a------ C:\WINDOWS\system32\5563.bat
2007-03-28 12:50 167 --a------ C:\WINDOWS\system32\1609.bat
2007-03-28 12:35 167 --a------ C:\WINDOWS\system32\4660.bat
2007-03-28 12:20 167 --a------ C:\WINDOWS\system32\4659.bat
2007-03-28 12:05 167 --a------ C:\WINDOWS\system32\5206.bat
2007-03-28 11:50 167 --a------ C:\WINDOWS\system32\1070.bat
2007-03-28 11:35 167 --a------ C:\WINDOWS\system32\7826.bat
2007-03-28 11:20 167 --a------ C:\WINDOWS\system32\2358.bat
2007-03-28 11:05 167 --a------ C:\WINDOWS\system32\7432.bat
2007-03-28 10:50 167 --a------ C:\WINDOWS\system32\4418.bat
2007-03-28 10:35 167 --a------ C:\WINDOWS\system32\2734.bat
2007-03-28 10:20 167 --a------ C:\WINDOWS\system32\1197.bat
2007-03-28 10:05 167 --a------ C:\WINDOWS\system32\1778.bat
2007-03-28 09:50 167 --a------ C:\WINDOWS\system32\1574.bat
2007-03-28 09:35 167 --a------ C:\WINDOWS\system32\5521.bat
2007-03-28 09:20 167 --a------ C:\WINDOWS\system32\9593.bat
2007-03-28 09:05 167 --a------ C:\WINDOWS\system32\6755.bat
2007-03-28 08:50 167 --a------ C:\WINDOWS\system32\7614.bat
2007-03-28 08:35 167 --a------ C:\WINDOWS\system32\6439.bat
2007-03-28 08:20 167 --a------ C:\WINDOWS\system32\8393.bat
2007-03-28 08:05 167 --a------ C:\WINDOWS\system32\1136.bat
2007-03-28 07:50 167 --a------ C:\WINDOWS\system32\7815.bat
2007-03-28 07:35 167 --a------ C:\WINDOWS\system32\9239.bat
2007-03-28 07:20 167 --a------ C:\WINDOWS\system32\6469.bat
2007-03-28 07:05 167 --a------ C:\WINDOWS\system32\3923.bat
2007-03-28 06:50 167 --a------ C:\WINDOWS\system32\6088.bat
2007-03-28 06:35 167 --a------ C:\WINDOWS\system32\3502.bat
2007-03-28 06:20 167 --a------ C:\WINDOWS\system32\7753.bat
2007-03-28 06:04 167 --a------ C:\WINDOWS\system32\3252.bat
2007-03-28 05:49 167 --a------ C:\WINDOWS\system32\7661.bat
2007-03-28 05:34 167 --a------ C:\WINDOWS\system32\2884.bat
2007-03-28 05:19 167 --a------ C:\WINDOWS\system32\4770.bat
2007-03-28 05:04 167 --a------ C:\WINDOWS\system32\2169.bat
2007-03-28 04:49 167 --a------ C:\WINDOWS\system32\6367.bat
2007-03-28 04:34 167 --a------ C:\WINDOWS\system32\4019.bat
2007-03-28 04:19 167 --a------ C:\WINDOWS\system32\4850.bat
2007-03-28 04:04 167 --a------ C:\WINDOWS\system32\3473.bat
2007-03-28 03:49 167 --a------ C:\WINDOWS\system32\7019.bat
2007-03-28 03:34 167 --a------ C:\WINDOWS\system32\1039.bat
2007-03-28 03:19 167 --a------ C:\WINDOWS\system32\9619.bat
2007-03-28 03:04 167 --a------ C:\WINDOWS\system32\5990.bat
2007-03-28 02:49 167 --a------ C:\WINDOWS\system32\5622.bat
2007-03-28 02:34 167 --a------ C:\WINDOWS\system32\4859.bat
2007-03-28 02:19 167 --a------ C:\WINDOWS\system32\7841.bat
2007-03-28 02:04 167 --a------ C:\WINDOWS\system32\8548.bat
2007-03-28 01:49 167 --a------ C:\WINDOWS\system32\3285.bat
2007-03-28 01:34 167 --a------ C:\WINDOWS\system32\6462.bat
2007-03-28 01:19 167 --a------ C:\WINDOWS\system32\8371.bat
2007-03-28 01:18 -------- d-------- C:\Program Files\PeerGuardian pr14
2007-03-28 01:04 167 --a------ C:\WINDOWS\system32\2327.bat
2007-03-28 00:49 167 --a------ C:\WINDOWS\system32\8057.bat
2007-03-28 00:34 167 --a------ C:\WINDOWS\system32\5998.bat
2007-03-28 00:19 167 --a------ C:\WINDOWS\system32\4962.bat
2007-03-28 00:04 167 --a------ C:\WINDOWS\system32\5253.bat
2007-03-27 23:49 167 --a------ C:\WINDOWS\system32\4236.bat
2007-03-27 23:34 167 --a------ C:\WINDOWS\system32\6753.bat
2007-03-27 23:19 167 --a------ C:\WINDOWS\system32\1088.bat
2007-03-27 23:03 167 --a------ C:\WINDOWS\system32\2975.bat
2007-03-27 22:48 167 --a------ C:\WINDOWS\system32\9128.bat
2007-03-27 22:33 167 --a------ C:\WINDOWS\system32\1754.bat
2007-03-27 22:18 167 --a------ C:\WINDOWS\system32\9315.bat
2007-03-27 22:03 167 --a------ C:\WINDOWS\system32\4091.bat
2007-03-27 21:48 167 --a------ C:\WINDOWS\system32\1389.bat
2007-03-27 21:33 167 --a------ C:\WINDOWS\system32\1679.bat
2007-03-27 21:18 167 --a------ C:\WINDOWS\system32\1120.bat
2007-03-27 21:03 167 --a------ C:\WINDOWS\system32\9704.bat
2007-03-27 20:48 167 --a------ C:\WINDOWS\system32\7563.bat
2007-03-27 20:33 167 --a------ C:\WINDOWS\system32\7004.bat
2007-03-27 20:18 167 --a------ C:\WINDOWS\system32\2514.bat
2007-03-27 20:03 167 --a------ C:\WINDOWS\system32\2657.bat
2007-03-27 19:48 167 --a------ C:\WINDOWS\system32\2204.bat
2007-03-27 19:33 167 --a------ C:\WINDOWS\system32\2495.bat
2007-03-27 19:18 167 --a------ C:\WINDOWS\system32\1931.bat
2007-03-27 19:03 167 --a------ C:\WINDOWS\system32\1514.bat
2007-03-27 18:48 167 --a------ C:\WINDOWS\system32\5000.bat
2007-03-27 18:33 167 --a------ C:\WINDOWS\system32\6412.bat
2007-03-27 18:18 167 --a------ C:\WINDOWS\system32\6703.bat
2007-03-27 18:03 167 --a------ C:\WINDOWS\system32\1073.bat
2007-03-27 17:48 167 --a------ C:\WINDOWS\system32\1267.bat
2007-03-27 17:33 167 --a------ C:\WINDOWS\system32\9435.bat
2007-03-27 17:18 167 --a------ C:\WINDOWS\system32\6136.bat
2007-03-27 17:03 167 --a------ C:\WINDOWS\system32\3834.bat
2007-03-27 16:48 167 --a------ C:\WINDOWS\system32\3471.bat
2007-03-27 16:33 167 --a------ C:\WINDOWS\system32\7754.bat
2007-03-27 16:18 167 --a------ C:\WINDOWS\system32\9906.bat
2007-03-27 16:03 167 --a------ C:\WINDOWS\system32\2547.bat
2007-03-27 15:48 167 --a------ C:\WINDOWS\system32\6724.bat
2007-03-27 15:33 167 --a------ C:\WINDOWS\system32\9497.bat
2007-03-27 15:18 167 --a------ C:\WINDOWS\system32\8012.bat
2007-03-27 15:03 167 --a------ C:\WINDOWS\system32\2555.bat
2007-03-27 14:48 167 --a------ C:\WINDOWS\system32\6706.bat
2007-03-27 14:33 167 --a------ C:\WINDOWS\system32\8817.bat
2007-03-27 14:18 167 --a------ C:\WINDOWS\system32\6873.bat
2007-03-27 14:03 167 --a------ C:\WINDOWS\system32\5750.bat
2007-03-27 13:47 167 --a------ C:\WINDOWS\system32\4265.bat
2007-03-27 13:32 167 --a------ C:\WINDOWS\system32\7809.bat
2007-03-27 13:17 167 --a------ C:\WINDOWS\system32\9691.bat
2007-03-27 13:02 167 --a------ C:\WINDOWS\system32\6319.bat
2007-03-27 12:47 167 --a------ C:\WINDOWS\system32\6892.bat
2007-03-27 12:32 167 --a------ C:\WINDOWS\system32\5916.bat
2007-03-27 12:17 167 --a------ C:\WINDOWS\system32\5560.bat
2007-03-27 12:02 167 --a------ C:\WINDOWS\system32\4023.bat
2007-03-27 11:47 167 --a------ C:\WINDOWS\system32\4070.bat
2007-03-27 11:32 167 --a------ C:\WINDOWS\system32\2533.bat
2007-03-27 11:17 167 --a------ C:\WINDOWS\system32\9850.bat
2007-03-27 11:02 167 --a------ C:\WINDOWS\system32\1201.bat
2007-03-27 10:47 167 --a------ C:\WINDOWS\system32\6274.bat
2007-03-27 10:32 167 --a------ C:\WINDOWS\system32\8685.bat
2007-03-27 10:17 167 --a------ C:\WINDOWS\system32\4757.bat
2007-03-27 10:02 167 --a------ C:\WINDOWS\system32\8501.bat
2007-03-27 09:47 167 --a------ C:\WINDOWS\system32\5134.bat
2007-03-27 09:32 167 --a------ C:\WINDOWS\system32\8659.bat
2007-03-27 09:17 167 --a------ C:\WINDOWS\system32\7965.bat
2007-03-27 09:02 167 --a------ C:\WINDOWS\system32\1629.bat
2007-03-27 08:47 167 --a------ C:\WINDOWS\system32\1007.bat
2007-03-27 08:32 167 --a------ C:\WINDOWS\system32\4333.bat
2007-03-27 08:17 167 --a------ C:\WINDOWS\system32\4955.bat
2007-03-27 08:02 167 --a------ C:\WINDOWS\system32\4665.bat
2007-03-27 07:47 167 --a------ C:\WINDOWS\system32\1154.bat
2007-03-27 07:32 167 --a------ C:\WINDOWS\system32\4230.bat
2007-03-27 07:17 167 --a------ C:\WINDOWS\system32\5154.bat
2007-03-27 07:02 167 --a------ C:\WINDOWS\system32\5812.bat
2007-03-27 06:47 167 --a------ C:\WINDOWS\system32\5707.bat
2007-03-27 06:32 167 --a------ C:\WINDOWS\system32\6540.bat
2007-03-27 05:57 167 --a------ C:\WINDOWS\system32\9011.bat
2007-03-27 05:42 167 --a------ C:\WINDOWS\system32\6254.bat
2007-03-27 05:27 167 --a------ C:\WINDOWS\system32\9251.bat
2007-03-27 05:12 167 --a------ C:\WINDOWS\system32\1372.bat
2007-03-27 04:57 167 --a------ C:\WINDOWS\system32\1121.bat
2007-03-27 04:42 167 --a------ C:\WINDOWS\system32\4066.bat
2007-03-27 04:27 167 --a------ C:\WINDOWS\system32\5690.bat
2007-03-27 04:12 167 --a------ C:\WINDOWS\system32\4753.bat
2007-03-27 03:57 167 --a------ C:\WINDOWS\system32\7835.bat
2007-03-27 03:42 167 --a------ C:\WINDOWS\system32\7051.bat
2007-03-27 03:27 167 --a------ C:\WINDOWS\system32\3744.bat
2007-03-27 03:12 167 --a------ C:\WINDOWS\system32\5139.bat
2007-03-27 02:56 167 --a------ C:\WINDOWS\system32\1205.bat
2007-03-27 02:41 167 --a------ C:\WINDOWS\system32\7689.bat
2007-03-27 02:26 167 --a------ C:\WINDOWS\system32\5598.bat
2007-03-27 02:11 167 --a------ C:\WINDOWS\system32\3454.bat
2007-03-27 01:56 167 --a------ C:\WINDOWS\system32\5121.bat
2007-03-27 01:41 167 --a------ C:\WINDOWS\system32\8608.bat
2007-03-27 01:26 167 --a------ C:\WINDOWS\system32\8346.bat
2007-03-27 01:11 167 --a------ C:\WINDOWS\system32\9868.bat
2007-03-27 00:56 167 --a------ C:\WINDOWS\system32\7457.bat
2007-03-27 00:41 167 --a------ C:\WINDOWS\system32\9438.bat
2007-03-27 00:26 167 --a------ C:\WINDOWS\system32\6564.bat
2007-03-26 23:36 167 --a------ C:\WINDOWS\system32\3226.bat
2007-03-25 22:40 -------- d-------- C:\Program Files\WinRAR
2007-03-24 19:46 -------- d-------- C:\Program Files\Absolute Poker Basic
2007-03-24 15:51 114 --a------ C:\WINDOWS\system32\hhjj.bat
2007-03-24 15:45 -------- d-------- C:\Program Files\SUPERAntiSpyware
2007-03-23 22:17 128 --a------ C:\WINDOWS\system32\lo.exe
2007-03-23 15:05 -------- d-------- C:\Program Files\Outlook Express
2007-03-23 15:05 -------- d-------- C:\Program Files\Common Files\System
2007-03-23 14:58 -------- d-------- C:\Program Files\Internet Explorer
2007-03-23 01:17 29 --a------ C:\Documents and Settings\HP_Owner\Application Data\Dxccwrd.dll
2007-03-23 00:55 -------- d-------- C:\Program Files\MSN Gaming Zone
2007-03-23 00:52 826971 --a------ C:\Documents and Settings\HP_Owner\Application Data\Dxcknwrd.dll
2007-03-23 00:51 -------- d-------- C:\Program Files\Outerinfo
2007-03-23 00:50 93736 --a------ C:\WINDOWS\VTTC.exe
2007-03-23 00:50 41792 --a------ C:\WINDOWS\system32\app.exe
2007-03-23 00:47 147456 --a------ C:\WINDOWS\system32\vbzip10.dll
2007-03-23 00:43 201 --a------ C:\WINDOWS\system32\q.bat
2007-03-22 06:04 -------- d-------- C:\Program Files\Movie Maker
2007-03-19 13:30 60928 --a------ C:\WINDOWS\system32\xgayze.dll
2007-03-17 08:43 292864 --a------ C:\WINDOWS\system32\winsrv.dll
2007-03-15 20:25 -------- d-a------ C:\Documents and Settings\HP_Owner\Application Data\Adobe
2007-03-13 18:15 -------- d-------- C:\Program Files\Common Files\Adobe
2007-03-13 18:15 -------- d-------- C:\Program Files\Adobe
2007-03-08 10:36 577536 --a------ C:\WINDOWS\system32\user32.dll
2007-03-08 10:36 40960 --a------ C:\WINDOWS\system32\mf3216.dll
2007-03-08 10:36 281600 --a------ C:\WINDOWS\system32\gdi32.dll
2007-03-08 08:47 1843584 --a------ C:\WINDOWS\system32\win32k.sys
2007-02-28 04:10 2180352 --a------ C:\WINDOWS\system32\ntoskrnl.exe
2007-02-28 03:38 2057600 --a------ C:\WINDOWS\system32\ntkrnlpa.exe
2007-02-11 11:50 221184 --a------ C:\WINDOWS\system32\xtbaksm.dll
2007-02-11 11:50 120 --a------ C:\WINDOWS\system32\bn.dll
2007-02-11 00:38 876 --a------ C:\Documents and Settings\HP_Owner\Application Data\wklnhst.dat
2007-02-05 15:17 185344 --a------ C:\WINDOWS\system32\upnphost.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccApp"="\"c:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"Adobe Photo Downloader"="\"C:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.0\\Apps\\apdproxy.exe\""
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Yahoo! Pager"="\"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe\" -quiet"
"SUPERAntiSpyware"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"
"Srro"="\"C:\\WINDOWS\\system32\\PPPATC~1\\lsass.exe\" -vt yazb"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoCDBurning"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000095
"NoActiveDesktop"=dword:00000000
"ClassicShell"=dword:00000000
"ForceActiveDesktopOn"=dword:00000000
"EditLevel"=dword:00000000
"NoSaveSettings"=dword:00000000
"NoFileMenu"=dword:00000000
"NoCommonGroups"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="http://www.neworleanssaints.com/photos/gallery/2006%20June%20Mini%20Camp/05-D3852.jpg"
"SubscribedURL"="http://www.neworleanssaints.com/photos/gallery/2006%20June%20Mini%20Camp/05-D3852.jpg"
"FriendlyName"=""
"Flags"=dword:00000001
"Position"=hex:2c,00,00,00,00,00,00,00,00,00,00,00,00,05,00,00,dd,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:02,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,6d,02,00,00,0a,00,00,00,92,02,00,00,e7,01,\
00,00,01,00,00,40
"RestoredStateInfo"=hex:18,00,00,00,6c,02,00,00,1c,00,00,00,92,02,00,00,e7,01,\
00,00,01,00,00,40

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\1]
"Source"="C:\\Program Files\\ComPlus Applications\\sasojyg.html"
"SubscribedURL"=""
"FriendlyName"=""
"Flags"=dword:00000000
"Position"=hex:2c,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,00,00,ea,\
03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,14,00,00,00,14,00,00,00
"CurrentState"=hex:01,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,\
00,00,01,00,00,40
"RestoredStateInfo"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\2]
"Source"="C:\\Program Files\\NetMeeting\\quqegodod.html"
"SubscribedURL"=""
"FriendlyName"=""
"Flags"=dword:00000000
"Position"=hex:2c,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,00,00,ec,\
03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,14,00,00,00,14,00,00,00
"CurrentState"=hex:01,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,\
00,00,01,00,00,40
"RestoredStateInfo"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\3]
"Source"="http://www.neworleanssaints.com/photos/gallery/2006%20June%20Mini%20Camp/25-D4737.jpg"
"SubscribedURL"="http://www.neworleanssaints.com/photos/gallery/2006%20June%20Mini%20Camp/25-D4737.jpg"
"FriendlyName"=""
"Flags"=dword:00000001
"Position"=hex:2c,00,00,00,6c,02,00,00,f4,01,00,00,91,02,00,00,ea,01,00,00,ee,\
03,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:01,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,6c,02,00,00,f4,01,00,00,91,02,00,00,ea,01,\
00,00,01,00,00,40
"RestoredStateInfo"=hex:14,6d,ba,04,41,c0,b4,74,50,07,48,05,68,de,ba,04,20,6d,\
ba,04,65,87,00,00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\4]
"Source"="http://www.neworleanssaints.com/photos/gallery/2006%20June%20Mini%20Camp/03-D3993.jpg"
"SubscribedURL"="http://www.neworleanssaints.com/photos/gallery/2006%20June%20Mini%20Camp/03-D3993.jpg"
"FriendlyName"=""
"Flags"=dword:00000001
"Position"=hex:2c,00,00,00,02,00,00,00,0a,00,00,00,69,02,00,00,e6,01,00,00,f0,\
03,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
&

#9 htv8

htv8

  • Members
  • 1,694 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:30 PM

Posted 03 May 2007 - 08:05 AM

Hello again, MrWutItDew.

Did you follow the instructions in my last post carefully? I think you did, but for some reason something went wrong or is a bit confusing to me.
I cannot tell for sure if you ran SDFix--I think you did, though--as you did not post the SDFix results file (Report.txt) here for review. I really need to see that log file.

Could you please have a look again at my previous post to you (Post #5) and verify that you performed the instructions in the exact order in which they are mentioned? Didn't you miss any steps out? If you did, though, please repeat the instructions in my previous post to you.
If you followed the instructions in my last post carefully, I still do want you to run ComboFix once again as the log you posted is incomplete (it likely got cut off due to the fact that the maximum of characters for your post was reached). Besides that, a new version of ComboFix is currently available which I want you to download and run instead. To do so, first delete any copies of combofix.exe that you have saved. Then download the latest version from the download link below and follow the instructions mentioned in my previous post once again to run ComboFix.
Download ComboFix (ComboFix.exe)

In your next reply, please post the entire contents of:
- the SDFix results file (Report.txt)
- a new ComboFix log (ComboFix.txt), created using the latest version
- a new HijackThis log
NOTE: Use several posts if necessary to include everything in the logs.

Sorry for the confusion here,

htv8

Edited by htv8, 03 May 2007 - 08:07 AM.

If I have not posted back within 24 hours, feel free to send me a PM with your topic link.

Posted Image

#10 MrWutItDew

MrWutItDew
  • Topic Starter

  • Members
  • 119 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lafayette
  • Local time:09:30 AM

Posted 03 May 2007 - 10:28 AM

C:\Program Files\DeluxeCommunications\Dxc.exe /u wasn't anywhere in my computer to delete and step one to download and run I couldn't it sais I already have one running and I couln't download it and open it. If I do have it I can't locate it to open it

#11 htv8

htv8

  • Members
  • 1,694 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:30 PM

Posted 04 May 2007 - 09:44 AM

Hello, MrWutItDew.

Could you please be a bit more detailed? What did you do and what exactly did go wrong? I do not really understand what you mean. Sorry for the confusion...
If I have not posted back within 24 hours, feel free to send me a PM with your topic link.

Posted Image

#12 MrWutItDew

MrWutItDew
  • Topic Starter

  • Members
  • 119 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lafayette
  • Local time:09:30 AM

Posted 04 May 2007 - 04:25 PM

Step #2: registry fix
Download FixDXC.reg from the following link and save it to your Desktop.
Download FixDXC.reg

When the FixDCX.reg file has finished downloading, double-click on the file. When prompted to merge its contents to the registry, click the Yes button.


This step couln't be ran because when I tried to download it I was told it was being ran already so I couldn't download it at all but i don't know where to find it if I already have it.

#13 htv8

htv8

  • Members
  • 1,694 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:30 PM

Posted 06 May 2007 - 06:00 AM

OK, MrWutItDew. Let's give it another try. I have attached the .reg file now, so this time it should work. If you get stuck somewhere during the fix, drop me a line. :thumbsup:



Please print out or copy this page to Notepad. This will be useful as there is a possibility some of the instructions will need to be carried out where internet access is NOT available. A print out of the instructions would be a good reference to make sure you don't get lost. You may also like to save these instructions in Word/Notepad to the Desktop where they can be easily found for the same reasons as above.
Also make sure to work through the fixes in the exact order in which they are mentioned below and do not miss any steps out. If you have any queries about the process or just general questions, ask your question(s) before proceeding with the fixes.


Step #1
Go to Start > Control Panel > Add/Remove Programs and uninstall DeluxeCommunications if present.

If there is no Add/Remove Programs entry for this program, go to Start > Run. In the Open: field copy/paste the entire contents inside the QUOTE box below, pressing the OK button after it:

"%ProgramFiles%\DeluxeCommunications\Dxc.exe" /u

Then uninstall the program.

Please remember that this program may require you to reboot your computer to complete the uninstallation - just let it.

Step #2: registry fix
I want you to back up the registry, because we are going to make a few changes to it. To export the registry to a .reg file, please follow these steps:
1. Close all programs so that you have nothing open and are at the Desktop.
2. Go to Start > Run.
3. In the Open: field copy/paste the entire contents inside the QUOTE box below and press the OK button.

regedit /e registry.reg

Now a secure backup copy has been made, I want you to download and run the attached file called FixDeluxeCommunications.reg. Please download it and save the file to your Desktop.
Attached File  FixDeluxeCommunications.reg   399bytes   6 downloads
Now go to the Desktop and double-click FixDeluxeCommunications.reg. When prompted to merge its contents to the registry, click the Yes button.

Step #3
Did you perform the SDFix fix as instructed to in my previous post? If so, please copy and paste the entire contents of the SDFix results file (Report.txt)--which should be located in the SDFix folder--in your next reply.

Step #4: ComboFix
Please download ComboFix and save it to your Desktop.
Download ComboFix (ComboFix.exe)

When the file has finished downloading double-click ComboFix.exe to launch the application and follow the on-screen prompts.
When finished, it shall produce a log for you: ComboFix.txt. Post that log in your next reply.

NOTE: Do not mouseclick ComboFix's window whilst it's running. That may cause your system to hang!

Step #5: HijackThis scan
Scan with HijackThis again and post a new HijackThis log.



So in your next reply, please post the entire contents of:
- the SDFix results file (Report.txt)
- the Combofix log (combofix.txt)
- a new HijackThis log
NOTE: As the log files you post may be rather large, use several posts if necessary to include everything in the requested logs. Log files could get cut off due to the fact that the maximum of characters for a post gets reached.

Edited by htv8, 06 May 2007 - 06:26 AM.

If I have not posted back within 24 hours, feel free to send me a PM with your topic link.

Posted Image

#14 htv8

htv8

  • Members
  • 1,694 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:30 PM

Posted 13 May 2007 - 06:06 AM

Due to the lack of feedback, this topic is closed.
To get it reopened, PM a staff member with the address of this thread. This applies to the original topic starter only. Everyone else with similar problems, please start a new topic. :thumbsup:
If I have not posted back within 24 hours, feel free to send me a PM with your topic link.

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users