There's no such thing as a stupid question, but they're the easiest to answer.
JoinTour
Login
 
Malware Removal & HijackThis Logs
Tag Cloud
audio blue screen boot bsod computer connection crash dell drivers dvd email error excel firefox freeze graphics hard drive harddrive hardware hijackthis install internet itunes keyboard laptop malware monitor motherboard network outlook outlook 2007 problem registry cleaner registry cleaners router screen slow sound trojan upgrade usb video virus vista windows windows 7 windows vista windows xp wireless word
Search
Search in:
 
Advanced Search
Tech Support Guy Forums > Security & Malware Removal > Malware Removal & HijackThis Logs >
Problems with Windows Task Manager (New)

Tip: Click Here to Update All Your PC's Outdated Drivers
[ Sponsored Link ]

Closed Thread
Page 2 of 2 1 2
 
Thread Tools
Byteman's Avatar
Moderator with 14,566 posts.
  
Join Date: Jan 2002
Location: NY
Experience: Advanced Junk Jouster
31-May-2007, 11:57 PM #16
Hi, Please post a brand new HJT log and also do this:

Open Hijack This and click on the "Open the Misc Tools section" button. Click on the "Open Uninstall Manager" button. Click the "Save List" button. After you click the "Save List" button, you will be asked where to save the file. Pick a place to save it then the list should open in notepad. Copy and paste that list in a reply._


I asked for a Combo Fix log back several replies ago, guess you missed it, so here it is again:

COMBO FIX:
Download ComboFix from Here or Here to your Desktop.
  • Double click combofix.exe and follow the prompts.
  • When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply
Note: Do not mouseclick combofix's window while its running. That may cause it to stall
Wiskerluv's Avatar
Computer Specs
Senior Member with 112 posts.
  
Join Date: Oct 2006
Experience: Intermediate
01-Jun-2007, 12:21 AM #17
Copy of HJT:

Logfile of HijackThis v1.99.1
Scan saved at 00:03, on 2007-06-01
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
C:\Program Files\Common Files\Novatix\Cyberhawk\CHService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\stsystra.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Yahoo!\browser\ybrwicon.exe
C:\Program Files\Common Files\AOL\1174297665\ee\aolsoftware.exe
c:\program files\common files\aol\1174297665\ee\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe
c:\program files\common files\aol\1174297665\ee\aolsoftware.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Quick View Plus\Program\QVP32.EXE
C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
C:\Program Files\TechSmith\SnagIt 8\TSCHelp.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX04.906\Credit_card_generator2007_n ew\RapidUploader.exe
C:\Program Files\America Online 9.0a\waol.exe
C:\Program Files\America Online 9.0a\shellmon.exe
C:\Program Files\Yahoo!\browser\ybrowser.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\cmd.exe
C:\ComboFix\handle.cfexe
C:\WINDOWS\system32\findstr.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - :C:\Program Files\Internet Download Manager\IDMIECC.dll (file missing)
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - :c:\program files\google\googletoolbar1.dll (file missing)
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [SkinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files\MetaProducts_Offline_Explorer_Enterprise_v4.5.2502\Offline.Explorer.E nterprise.v4.5.2502\Add_UrlO.htm
O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files\MetaProducts_Offline_Explorer_Enterprise_v4.5.2502\Offline.Explorer.E nterprise.v4.5.2502\Add_AllO.htm
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: SBC Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
O23 - Service: Cyberhawk - Unknown owner - C:\Program Files\Common Files\Novatix\Cyberhawk\CHService.exe" service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: License Management Service ESD - Unknown owner - C:\Program Files\Common Files\element5 Shared\Service\Licence Manager ESD.exe

Next Post: Uninstall log
Wiskerluv's Avatar
Computer Specs
Senior Member with 112 posts.
  
Join Date: Oct 2006
Experience: Intermediate
01-Jun-2007, 12:22 AM #18
3D Arctic Bear Advanced v1.92
3DGreetings Personal Edition
3DTexturePainter for Adobe Photoshop v1.0
517142 - ZBrush (Windows) (Shared Components)
7-Zip 4.44 beta
Adobe Acrobat 5.0
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player ActiveX
Adobe Help Center 1.0
Adobe Photoshop 7.0
Adobe Photoshop CS2
Adobe Stock Photos 1.0
Alien Skin Eye Candy 5 Impact
Alien Skin Eye Candy 5 Nature
Allegorithmic MaPZone2.Free
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Deskbar
AOL Toolbar
AOL Uninstaller (Choose which Products to Remove)
Arrange Startup v3.1
AT&T Self Support Tool
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
Atlantis Word Processor
Atomic Alarm Clock 4.4
Autodesk DirectConnect 2.0
Avatar Lab
Avatar Sizer
AVG 7.5
Avi2Dvd 0.4.4 beta
AviSynth 2.5
Belarc Advisor 7.2
BigOven
BroadJump Client Foundation
BulletProofSoft Youtube Google Video Grabber 1.0.0.0
ConvertXtoDVD 2.1.14.223
Corel Applications
CrazyTalk v4.0 Media Studio
Cyberhawk
Dell Resource CD
DellConnect
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
DreamSuite Gel
DVDFab Platinum 3.0.8.6
EasyCleaner
Egg Timer Plus v2.5
ESPNMotion
ExplorerPlus 6
Eye Candy 3
Flash Effect Maker Pro v3.2560 Free (560 Templates)
FlashyEffects 1.2.0
Focus Magic
Font Fitting Room Deluxe
FontTwister 1.3
Google Desktop
Google Earth
Google Toolbar for Firefox
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Hallmark Card Studio 2006 Deluxe
Hallmark Comedy Card Studio
Harry's Filters 3
High Definition Audio Driver Package - KB835221
HijackThis 1.99.1
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB888795)
Hotfix for Windows XP (KB891593)
Hotfix for Windows XP (KB895961)
Hotfix for Windows XP (KB899337)
Hotfix for Windows XP (KB899510)
Hotfix for Windows XP (KB902841)
Hotfix for Windows XP (KB935448)
iCF Skin Pack
iClone v1.52 Studio
iColorFolder
IncrediMail JunkFilter Plus
IncrediMail Xe
Intel(R) PRO Network Connections Drivers
Internet Download Manager
IPNetInfo
It'sMe
It'sMe Baby Pack
It'sMe Motion Editor
It'sMe v2.0 Add-on Pack
It'sMe v2.0 Add-on Pack
It'sMe v2.0 Add-on Pack
Java(TM) SE Runtime Environment 6
Java(TM) SE Runtime Environment 6 Update 1
Joost (tm) 0.10.3
Just Checking 3.0
Kai's Power Tools 3
Kazoo Home Creative Studio
KeyPose Editor
KPT 6
Lernout & Hauspie TruVoice American English TTS Engine
Lexmark 1200 Series
Macromedia Flash Player 8
MetaProducts MetaProducts Offline Explorer Enterprise
MFZ0 codec (Remove Only)
Microsoft .NET Framework 1.0 Hotfix (KB887998)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0
Microsoft Office PowerPoint Viewer 2003
Microsoft Plus! Dancer LE
Microsoft Speech Recognition Engine 4.0 (English)
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visual C++ 2005 Redistributable
Microsoft Works 6.0
MIDI Converter Studio 5.6
MightyFax
Mozilla Firefox (2.0.0.3)
MSXML 4.0 SP2 (KB927978)
MSXML 6.0 Parser
Naevius YouTube Converter 1.2
Nero 7 Demo
Oscar's Renamer 1.0
Panda ActiveScan
Photo-Brush 3.51
Plugin Commander Pro
Print Perfect Deluxe
Quick View Plus
QuickTime
RAR Password Cracker 4.12
RealPlayer
RegCure 1.3.0.2
SBC Yahoo! Applications
Security Update for Microsoft .NET Framework 2.0 (KB917283)
Security Update for Microsoft .NET Framework 2.0 (KB922770)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Sentinel System Driver
Shareware Cheater
SigmaTel Audio
SmartClose 1.1
SnagIt 8
Sonic Encoders
Sothink Glanda
Sothink SWF to Video Converter
Spybot - Search & Destroy 1.4
SpywareBlaster v3.5.1
Sqirlz Water Reflections
Star Envelope Printer Pro 3.25
StartupRun
Super Screen Capture 4.0
Super Utilities Pro 7.39
SWFText
Take Covers
The Cleaner 3.2
The Flash Ad Creator
TuneUp Utilities 2007
TwistedBrush
Ulead PhotoImpact 11
Ulead PhotoImpact 12
UltraISO Premium V8.6
Uninstall Mystical
Unlocker 1.8.5
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update Rollup 2 for Windows XP Media Center Edition 2005
Viewpoint Media Player
Vista Transformation Pack 6.0
VoipStunt
Window Washer
Windows Defender
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Media Center Edition 2005 KB908250
WinRAR archiver
WinXP Manager
Xara3D6
Xenofex 1.0
XP Repair Pro 2007
ZBrush2
ZBrush3
Wiskerluv's Avatar
Computer Specs
Senior Member with 112 posts.
  
Join Date: Oct 2006
Experience: Intermediate
01-Jun-2007, 12:27 AM #19
Sorry I didn't send this log the other day- I didn't even know it was saved, but here it is:
(ComboFix) I have to break this up- Too many characters

"Administrator" - 2007-05-28 1:22:28 Service Pack 2
ComboFix 07-05.27.V - Running from: "C:\Documents and Settings\Administrator\Application Data\IDM\DwnlData\Administrator\ComboFix_673\"


(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


"C:\DOCUME~1\ADMINI~1\Desktop.\internet explorer.lnk"


((((((((((((((((((((((((((((((( Files Created from 2007-04-28 to 2007-05-28 ))))))))))))))))))))))))))))))))))


2007-05-28 00:50 <DIR> d-------- C:\Program Files\SmartClose
2007-05-28 00:12 5,408 --a------ C:\dnsbak.reg
2007-05-27 21:15 911,021 --a------ C:\Program Files\winzix-1.0-setup-0025.exe
2007-05-27 01:59 9,216 --a------ C:\WINDOWS\system32\avgwlntf.dll
2007-05-27 01:59 110,592 --a------ C:\WINDOWS\system32\avgfwafu.dll
2007-05-27 00:26 <DIR> d-------- C:\Program Files\Zeallsoft
2007-05-26 23:31 12,288 --a------ C:\WINDOWS\system32\APFMON40.DLL
2007-05-26 23:29 120,832 --a------ C:\WINDOWS\system32\APFAXCNV.DLL
2007-05-26 23:29 <DIR> d-------- C:\Program Files\Mightyfax
2007-05-26 23:02 <DIR> d-------- C:\Program Files\Tulipsoft
2007-05-26 00:59 81,984 --a------ C:\WINDOWS\system32\bdod.bin
2007-05-25 23:53 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Joost
2007-05-25 23:52 <DIR> d-------- C:\Program Files\Joost
2007-05-25 02:23 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\ExplorerPlus
2007-05-24 01:02 <DIR> d-------- C:\Program Files\GetSmile
2007-05-23 21:21 44,544 --a------ C:\WINDOWS\system32\msxml4a.dll
2007-05-23 21:21 <DIR> d-------- C:\Program Files\Common Files\SourceTec
2007-05-23 16:46 89,088 --a------ C:\WINDOWS\system32\Shreder.dll
2007-05-23 16:46 73,728 --a------ C:\WINDOWS\system32\smh.dat
2007-05-23 16:46 6,144 --a------ C:\WINDOWS\system32\SuperRes.dll
2007-05-23 16:46 591,872 --a------ C:\WINDOWS\system32\context.dll
2007-05-23 16:46 43,936 --a------ C:\WINDOWS\system32\drivers\HWFProt.sys
2007-05-23 16:46 269,824 --a------ C:\WINDOWS\system32\SuperMenuHook.dll
2007-05-23 16:46 269,824 --a------ C:\WINDOWS\system32\baksm.dat
2007-05-23 16:46 2,273,280 --a------ C:\WINDOWS\system32\vbsbak.dat
2007-05-23 16:46 <DIR> d-------- C:\Program Files\SuperLogix
2007-05-22 20:59 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
2007-05-21 00:09 <DIR> d-------- C:\WINDOWS\cache
2007-05-20 21:39 <DIR> d-------- C:\WINDOWS\Noslip
2007-05-20 01:49 <DIR> d-------- C:\Program Files\Shareware Cheater
2007-05-20 01:24 <DIR> d-------- C:\Program Files\Textures
2007-05-19 21:14 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Carnival Software
2007-05-18 18:27 <DIR> d-------- C:\Program Files\EggTimerPlus
2007-05-18 16:25 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL
2007-05-18 16:25 77,824 --a------ C:\WINDOWS\system32\MSBIND.DLL
2007-05-18 16:25 430,080 --a------ C:\WINDOWS\system32\MSREPL35.DLL
2007-05-18 16:25 385,024 --a------ C:\WINDOWS\system32\VBAR332.DLL
2007-05-18 16:25 252,176 --a------ C:\WINDOWS\system32\MSRD2X35.DLL
2007-05-18 16:25 24,848 --a------ C:\WINDOWS\system32\MSJTER35.DLL
2007-05-18 16:25 123,664 --a------ C:\WINDOWS\system32\MSJINT35.DLL
2007-05-18 16:25 10,404 --a------ C:\WINDOWS\Getbiosa.dll
2007-05-18 16:25 1,064,960 --a------ C:\WINDOWS\system32\MSJET35.DLL
2007-05-17 00:45 <DIR> d-------- C:\Program Files\SeePassword
2007-05-16 21:10 <DIR> d-------- C:\download
2007-05-15 23:36 298,104 --a------ C:\WINDOWS\system32\imon.dll
2007-05-15 22:54 <DIR> d-------- C:\Program Files\Atomic Alarm Clock
2007-05-15 18:09 <DIR> d-------- C:\Program Files\Allegorithmic
2007-05-15 02:15 <DIR> d-------- C:\Program Files\Star Envelope Printer Pro
2007-05-14 23:13 <DIR> d-------- C:\Program Files\RegCure
2007-05-12 20:08 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-05-12 20:08 <DIR> d-------- C:\WINDOWS\LastGood
2007-05-12 19:36 890,987 --a------ C:\WINDOWS\system32\Aurora 5xxx.scr
2007-05-12 19:36 773,120 --a------ C:\WINDOWS\system32\bubbles.scr
2007-05-12 19:36 5,642,680 --a------ C:\WINDOWS\system32\Aurora 4050.scr
2007-05-12 19:36 117,248 --a------ C:\WINDOWS\system32\ribbons.scr
2007-05-12 19:36 117,248 --a------ C:\WINDOWS\system32\Mystify.scr
2007-05-12 19:36 1,263,616 --a------ C:\WINDOWS\system32\aurora.scr
2007-05-12 17:21 74,908 --a------ C:\WINDOWS\system32\drivers\klick.dat
2007-05-12 17:21 74,396 --a------ C:\WINDOWS\system32\drivers\klin.dat
2007-05-12 17:21 295,456 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2007-05-12 17:21 13,891,616 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-05-12 17:21 <DIR> d-------- C:\Program Files\Kaspersky Lab
2007-05-12 17:21 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
2007-05-12 15:51 <DIR> d-------- C:\Program Files\SiteEntry
2007-05-12 01:55 <DIR> d-------- C:\Program Files\MIDI Converter Studio
2007-05-12 01:28 <DIR> d-------- C:\Program Files\WAVmaker
2007-05-12 01:28 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\GetRightToGo
2007-05-12 00:24 75 -r-hs---- C:\WINDOWS\ICSET.BIN
2007-05-11 23:22 <DIR> d-------- C:\Program Files\Offline Explorer Enterprise
2007-05-11 23:08 <DIR> d-------- C:\Program Files\MetaProducts_Offline_Explorer_Enterprise_v4.5.2502
2007-05-11 16:57 <DIR> d-------- C:\Documents and Settings\ADMINI~1\Shared
2007-05-11 16:57 <DIR> d-------- C:\Documents and Settings\ADMINI~1\Incomplete
2007-05-11 16:57 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Shared
2007-05-11 16:57 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Incomplete
2007-05-11 16:57 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\LimeWire
2007-05-11 16:54 <DIR> d-------- C:\Program Files\LimeWire
2007-05-11 01:54 <DIR> d-------- C:\WINDOWS\LastGood.Tmp
2007-05-10 23:46 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Offline Explorer
2007-05-10 02:01 <DIR> d-------- C:\Program Files\Never Expire 2
2007-05-09 16:09 <DIR> d-------- C:\WINDOWS\INTERLOK
2007-05-09 01:14 <DIR> d-------- C:\Program Files\Focus Magic
2007-05-08 23:18 <DIR> d-------- C:\Program Files\RCrawler
2007-05-08 21:27 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2007-05-08 21:26 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2007-05-08 21:24 10,747,904 --a------ C:\Documents and Settings\ADMINI~1\ntuser.dat
2007-05-08 21:24 10,747,904 --a------ C:\DOCUME~1\ADMINI~1\ntuser.dat
2007-05-08 02:46 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
2007-05-08 01:37 74,839,920 --a------ C:\BackupRegistry(20070508).reg
2007-05-07 23:08 <DIR> d-------- C:\Program Files\Lakefront Software
2007-05-06 21:27 <DIR> d-------- C:\Program Files\Common Files\xing shared
2007-05-06 21:24 729,088 --a------ C:\WINDOWS\iun6002.exe
2007-05-05 23:00 <DIR> d-------- C:\WINDOWS\naevius_yt_1
2007-05-05 23:00 <DIR> d-------- C:\naevius_temp_folder
2007-05-05 22:58 <DIR> d-------- C:\Program Files\Naevius YouTube Converter
2007-05-05 00:37 <DIR> d-------- C:\Program Files\PhotoBrush
2007-05-03 02:36 74,106,082 --a------ C:\BackupRegistry(20070503).reg
2007-05-03 01:48 <DIR> d-------- C:\Program Files\Blaero Start Orb
2007-05-03 01:48 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Stardock
2007-05-03 01:47 8,636 --a------ C:\WINDOWS\system32\modifype.exe
2007-05-03 01:47 414,223 --a------ C:\WINDOWS\system32\vimc.exe
2007-05-03 01:47 19,968 --a------ C:\WINDOWS\system32\reico.exe
2007-05-03 01:47 111,104 --a------ C:\WINDOWS\system32\Uharc.exe
2007-05-03 01:47 <DIR> d-------- C:\WINDOWS\system32\VITrans
2007-05-03 01:47 <DIR> d-------- C:\VTPFiles
2007-05-03 01:47 <DIR> d-------- C:\Program Files\LClock
2007-05-03 00:43 <DIR> d-------- C:\Program Files\Webroot
2007-05-03 00:43 <DIR> d-------- C:\Program Files\Common Files\Webroot Shared
2007-05-03 00:43 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Webroot
2007-05-03 00:42 57,344 --a------ C:\WINDOWS\Unwash6.exe
2007-05-03 00:42 486,400 --a------ C:\WINDOWS\system32\wwSecure.exe
2007-05-02 22:07 2,137,600 --a------ C:\WINDOWS\system32\kernel1.exe
2007-05-01 20:02 47,104 --a------ C:\WINDOWS\system32\D2HTLS32.DLL
2007-05-01 20:02 299,008 --a------ C:\WINDOWS\system32\SKY32V3C.DLL
2007-05-01 20:02 <DIR> d-------- C:\Program Files\Common Files\Cosmi
2007-04-30 19:22 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Real
2007-04-30 18:14 104,448 --a------ C:\Program Files\Keygen.exe
2007-04-29 01:11 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\DivX
2007-04-29 01:05 2,933 --a------ C:\WINDOWS\mozver.dat
2007-04-29 01:04 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-04-29 01:04 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-04-29 01:04 129,784 --------- C:\WINDOWS\system32\pxafs.dll
2007-04-29 01:04 118,520 --------- C:\WINDOWS\system32\pxinsi64.exe
2007-04-29 01:04 116,472 --------- C:\WINDOWS\system32\pxcpyi64.exe
2007-04-29 01:04 <DIR> d-------- C:\Program Files\DivX
2007-04-29 00:49 <DIR> d-------- C:\Program Files\VideoLAN
2007-04-28 01:55 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\MoyeaFLV2Video
2007-04-28 01:22 <DIR> d-------- C:\Downloaded Videos
2007-04-28 01:13 101,888 --a------ C:\WINDOWS\system32\VB6STKIT.DLL
2007-04-28 01:13 <DIR> d-------- C:\Program Files\BulletProofSoft.com


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-05-28 04:49:29 -------- d-----w C:\DOCUME~1\ADMINI~1\APPLIC~1\DMCache
2007-05-27 07:50:08 -------- d-----w C:\Program Files\DIGStream
2007-05-26 05:17:58 -------- d-----w C:\Program Files\Lavasoft
2007-05-26 05:17:55 -------- d-----w C:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
2007-05-25 06:23:03 -------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-05-23 05:20:10 -------- d-----w C:\DOCUME~1\ADMINI~1\APPLIC~1\Vso
2007-05-22 05:29:32 -------- d-----r C:\Program Files\Pixologic
2007-05-21 01:42:59 -------- d-----r C:\Program Files\Ulead Systems
2007-05-21 01:40:00 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-05-19 06:07:24 -------- d-----w C:\Program Files\AviSynth 2.5
2007-05-19 01:16:59 -------- d-----w C:\Program Files\checkbook
2007-05-18 19:37:40 -------- d-----w C:\Program Files\JustChecking
2007-05-14 18:32:29 -------- d-----w C:\Program Files\20,000 recipes
2007-05-14 05:42:11 -------- d-----w C:\Program Files\Flash Effect Maker
2007-05-13 02:32:36 -------- d-----w C:\Program Files\Windows Defender
2007-05-13 02:22:05 -------- d-----w C:\Program Files\Lexmark 1200 Series
2007-05-13 02:19:42 -------- d-----w C:\Program Files\Internet Download Manager
2007-05-13 02:15:37 -------- d-----w C:\Program Files\Common Files\Scanner
2007-05-13 02:12:59 -------- d-----w C:\Program Files\America Online 9.0a
2007-05-12 04:23:36 -------- d-----r C:\Program Files\Reallusion
2007-05-11 05:46:56 -------- d-----w C:\Program Files\Record-Anything
2007-05-08 05:23:40 2,293,248 ----a-w C:\WINDOWS\system32\TUKernel.exe
2007-05-08 05:14:05 -------- d-----w C:\Program Files\InAudio 1
2007-05-07 22:59:45 -------- d-----w C:\Program Files\TuneUp Utilities 2007
2007-05-07 01:27:25 -------- d-----w C:\Program Files\Common Files\Real
2007-05-07 01:23:44 -------- d-----w C:\Program Files\Novatix
2007-05-06 04:09:40 -------- d--h--w C:\DOCUME~1\ADMINI~1\APPLIC~1\InAlbumTemp
2007-05-06 03:32:38 -------- d-----w C:\DOCUME~1\ADMINI~1\APPLIC~1\VCOM
2007-05-06 03:32:12 -------- d-----w C:\Program Files\VCOM
2007-05-04 05:11:55 -------- d-----r C:\Program Files\Pixarra
2007-05-04 05:11:32 -------- d-----r C:\Program Files\Xara
2007-05-04 03:43:26 -------- d-----w C:\Program Files\Common Files\AOL
2007-05-02 00:02:41 -------- d-----w C:\Program Files\Cosmi
2007-04-30 22:57:54 8,552 ----a-w C:\WINDOWS\system32\drivers\asctrm.sys
2007-04-30 22:12:24 -------- d-----w C:\Program Files\style_xp
2007-04-29 05:06:05 -------- d-----w C:\Program Files\Google
2007-04-27 03:59:14 -------- d-----w C:\Program Files\RAR Password Cracker
2007-04-26 05:38:57 -------- d-----w C:\DOCUME~1\ADMINI~1\APPLIC~1\AntsSoft
2007-04-26 05:38:49 -------- d-----w C:\Program Files\SWFText
2007-04-26 05:13:04 -------- d-----w C:\Program Files\Common Files\Novatix
2007-04-26 04:31:59 -------- d-----w C:\Program Files\Sqirlz Water Reflections
2007-04-26 04:31:58 -------- d---a-w C:\Program Files\Plugin Commander Pro v1.60
2007-04-26 04:31:56 -------- d-----w C:\Program Files\PhotoFantasy 2000
2007-04-26 04:31:53 -------- d-----w C:\Program Files\FontTwister
2007-04-26 04:31:50 -------- d-----w C:\Program Files\Atlantis
2007-04-26 04:31:50 -------- d-----w C:\Program Files\AOL Toolbar
2007-04-26 04:31:49 -------- d-----w C:\Program Files\AOL Deskbar
2007-04-26 04:31:29 -------- d-----w C:\Program Files\7-Zip
2007-04-26 03:31:29 -------- d-----w C:\Program Files\PestPatrol
2007-04-25 00:01:05 -------- d-----w C:\Program Files\Real
2007-04-25 00:00:43 -------- d-----w C:\Program Files\Viewpoint
2007-04-24 23:11:43 -------- d-----w C:\Program Files\interfac
2007-04-24 23:11:26 -------- d-----w C:\Program Files\Help
2007-04-24 06:26:14 -------- d-----w C:\Program Files\The Cleaner
2007-04-24 05:45:08 39,424 ----a-w C:\WINDOWS\zipinst.exe
2007-04-24 05:45:08 -------- d-----w C:\Program Files\StartupRun
2007-04-24 05:38:15 -------- d-----w C:\Program Files\IPNetInfo
2007-04-23 02:41:38 -------- d-----w C:\Program Files\Microsoft Plus! Digital Media Edition
2007-04-23 02:41:38 -------- d-----w C:\Program Files\Microsoft Plus! Dancer LE
2007-04-22 05:47:46 -------- d--h--w C:\DOCUME~1\ADMINI~1\APPLIC~1\IFLTemp
2007-04-22 00:26:28 685 ----a-w C:\WINDOWS\PowerReg.dat
2007-04-21 20:00:08 -------- d-----w C:\Program Files\SourceTec
2007-04-21 19:42:40 -------- d-----w C:\DOCUME~1\ADMINI~1\APPLIC~1\Moyea
2007-04-21 00:48:17 -------- d-----w C:\Program Files\iColorFolder
2007-04-20 04:50:19 -------- d-----w C:\Program Files\Curious Labs
2007-04-19 05:19:19 -------- d-----w C:\Program Files\Sierra On-Line
2007-04-19 00:26:08 -------- d-----w C:\Program Files\Take Covers
2007-04-18 21:08:26 10,920 ----a-w C:\aolconnfix.exe
2007-04-18 16:12:23 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-18 04:34:48 -------- d-----w C:\DOCUME~1\ADMINI~1\APPLIC~1\BinarySense
2007-04-17 05:54:15 -------- d-----w C:\Program Files\XP Repair Pro 2007
2007-04-17 05:45:30 -------- d-----w C:\DOCUME~1\ADMINI~1\APPLIC~1\IDM
2007-04-16 20:38:26 75 --sh--r C:\WINDOWS\CT4SET.BIN
2007-04-16 04:02:48 -------- d-----w C:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver
2007-04-16 04:02:28 -------- d-----w C:\Program Files\Common Files\aolshare
2007-04-16 01:42:15 -------- d-----w C:\DOCUME~1\ADMINI~1\APPLIC~1\Reallusion
2007-04-16 01:39:44 -------- d-----w C:\Program Files\Common Files\Reallusion
2007-04-16 00:54:16 -------- d-----w C:\Program Files\FlashyEffects
2007-04-15 19:17:42 57,344 ----a-w C:\Program Files\temp.dll
2007-04-15 04:09:25 -------- d-----w C:\DOCUME~1\ADMINI~1\APPLIC~1\Alien Skin
2007-04-15 03:57:14 -------- d-----w C:\Program Files\Alien Skin
2007-04-15 03:34:37 160,150 ----a-w C:\WINDOWS\Sqirlz Water Reflections Uninstaller.exe
2007-04-14 04:23:16 -------- d-----w C:\Program Files\Common Files\Borland Shared
2007-04-14 04:05:50 164,352 ----a-w C:\WINDOWS\system32\SpoonUninstall.exe
2007-04-13 17:31:03 103,984 ----a-w C:\WINDOWS\system32\AOLDial.dll
2007-04-13 17:30:43 33,592 ----a-w C:\WINDOWS\system32\drivers\atwpkt264.sys
2007-04-13 17:30:39 25,136 ----a-w C:\WINDOWS\system32\drivers\atwpkt2.sys
2007-04-11 07:37:32 2,902,146 ----a-w C:\Program Files\takecovers.exe
2007-04-10 22:53:03 -------- d-----w C:\DOCUME~1\ADMINI~1\APPLIC~1\VoipStunt
2007-04-09 20:00:47 -------- d-----w C:\DOCUME~1\ADMINI~1\APPLIC~1\Opera
2007-04-09 05:23:30 -------- d-----w C:\Program Files\VoipStunt.com
2007-04-09 04:10:10 -------- d-----w C:\DOCUME~1\ADMINI~1\APPLIC~1\TuneUp Software
2007-04-08 01:27:45 -------- d-----w C:\DOCUME~1\ADMINI~1\APPLIC~1\GTek
2007-04-08 01:27:41 -------- d-----w C:\Program Files\DellConnect
2007-04-07 00:46:18 -------- d-----w C:\Program Files\Belarc
2007-04-04 17:07:37 -------- d-----w C:\Program Files\InAlbum 3 Deluxe
2007-04-04 17:00:30 -------- d-----w C:\Program Files\Microsoft Picture It! 2002
2007-04-04 05:15:46 -------- d-----w C:\DOCUME~1\ADMINI~1\APPLIC~1\Genimo
2007-04-03 19:29:52 -------- d-----w C:\DOCUME~1\ADMINI~1\APPLIC~1\Motive
2007-04-03 19:29:37 -------- d-----w C:\Program Files\SBC Self Support Tool
2007-04-03 18:51:06 -------- d-----w C:\Program Files\Microsoft Works
2007-04-03 00:57:44 -------- d-----w C:\Program Files\vso
2007-04-02 23:40:04 -------- d-----w C:\Program Files\Avi2Dvd
2007-04-01 23:17:46 -------- d-----w C:\Program Files\Yamicsoft
2007-04-01 23:08:44 -------- d-----w C:\Program Files\Win XP Manager
2007-04-01 23:05:58 -------- d-----w C:\Program Files\Common Files\Xara
2007-04-01 20:06:40 -------- d-----w C:\Program Files\Common Files\Nova Development
2007-04-01 20:04:21 -------- d-----w C:\Program Files\Creative Home
2007-04-01 05:23:15 0 ----a-w C:\WINDOWS\system32\mssurun.dat
2007-04-01 02:28:00 -------- d-----w C:\Program Files\Common Files\Adobe Systems Shared
2007-03-31 02:56:10 6,656 ----a-w C:\WINDOWS\system32\haspvdd.dll
2007-03-31 02:56:10 47,616 ----a-w C:\WINDOWS\system32\drivers\Haspnt.sys
2007-03-31 02:56:10 383 ----a-w C:\WINDOWS\system32\haspdos.sys
2007-03-31 02:53:15 -------- d-----w C:\Program Files\Common Files\Alias Shared
2007-03-31 02:52:58 -------- d-----w C:\Program Files\Common Files\Autodesk Shared
2007-03-30 23:58:51 -------- d-----w C:\Program Files\Funhouse
2007-03-30 06:50:47 159,744 ----a-w C:\WINDOWS\Talking Time Keeper.scr
2007-03-29 19:47:05 -------- d-----w C:\DOCUME~1\ADMINI~1\APPLIC~1\Google
2007-03-29 02:45:34 -------- d-----w C:\Program Files\Common Files\element5 Shared
2007-03-29 02:43:06 -------- d--h--w C:\Program Files\Zero G Registry
2007-03-29 02:36:41 -------- d-----w C:\DOCUME~1\ADMINI~1\APPLIC~1\AOL
2007-03-28 23:56:21 639,224 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2007-03-28 22:13:12 -------- d-----w C:\Program Files\DVDFab Platinum 3
2007-03-28 21:01:42 -------- d-----w C:\Program Files\WinRescueXP
2007-03-28 04:33:39 -------- d-----w C:\Program Files\UltraISO
2007-03-28 04:33:39 -------- d-----w C:\Program Files\Common Files\EZB Systems
2007-03-28 03:02:58 -------- d-----w C:\DOCUME~1\ADMINI~1\APPLIC~1\Ahead
2007-03-28 02:45:28 -------- d-----w C:\DOCUME~1\ADMINI~1\APPLIC~1\DeepBurner
2007-03-27 07:55:57 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2007-03-27 07:55:48 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-03-27 07:55:23 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-03-27 07:55:23 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-03-27 07:49:07 73,728 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-03-27 07:49:07 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-03-27 07:49:05 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-03-27 07:49:03 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-03-27 07:49:02 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-03-27 07:49:02 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-03-27 07:49:02 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-03-27 07:49:02 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-03-27 07:48:59 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2007-03-27 07:48:58 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2007-03-27 07:48:58 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2007-03-27 07:48:58 639,066 ----a-w C:\WINDOWS\system32\DivX.dll
2007-03-26 05:04:49 626,688 ----a-w C:\WINDOWS\system32\arctic.scr
2007-03-22 06:05:25 40 ----a-w C:\WINDOWS\ibu.dll
2007-03-22 03:46:28 876,032 ----a-w C:\WINDOWS\system32\VFP6RENU.DLL
2007-03-22 03:46:28 6,656 ----a-w C:\WINDOWS\system32\FOXHHELPPS.DLL
2007-03-22 03:46:28 3,373,328 ----a-w C:\WINDOWS\system32\VFP6R.DLL
2007-03-22 03:46:28 26,112 ----a-w C:\WINDOWS\system32\FOXHHELP.EXE
2007-03-22 03:46:28 24,990 ----a-w C:\WINDOWS\system32\VFP6RUN.EXE
2007-03-20 06:03:14 87,608 ----a-w C:\DOCUME~1\ADMINI~1\APPLIC~1\ezpinst.exe
2007-03-20 06:03:14 47,360 ----a-w C:\DOCUME~1\ADMINI~1\APPLIC~1\pcouffin.sys
2007-03-19 09:47:11 335 ----a-w C:\WINDOWS\nsreg.dat
2007-03-19 08:26:16 0 --sha-r C:\MSDOS.SYS
2007-03-19 08:26:16 0 --sha-r C:\IO.SYS
2007-03-19 08:26:16 0 ----a-w C:\CONFIG.SYS
2007-03-19 08:26:16 0 ----a-w C:\AUTOEXEC.BAT
2007-03-19 08:22:23 21,640 ----a-w C:\WINDOWS\system32\emptyregdb.dat
2007-03-17 13:43:01 292,864 ----a-w C:\WINDOWS\system32\winsrv.dll
2007-03-09 15:59:28 758,175 ----a-w C:\Program Files\cklk388.exe
2007-03-08 15:36:28 577,536 ----a-w C:\WINDOWS\system32\user32.dll
2007-03-08 15:36:28 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll
2007-03-08 15:36:28 281,600 ----a-w C:\WINDOWS\system32\gdi32.dll
2007-03-08 13:47:48 1,843,584 ----a-w C:\WINDOWS\system32\win32k.sys


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects]
{0055C089-8582-441B-A0BF-17B458C2A3A8}=C:\Program Files\Internet Download Manager\IDMIECC.dll [2007-02-19 10:53]
{00C6482D-C502-44C8-8409-FCE54AD9C208}=C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll [2006-05-10 12:02]
{53707962-6F74-2D53-2644-206D7942484F}=C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2005-05-31 01:04]
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}=C:\Program Files\Yahoo!\common\yiesrvc.dll [2005-05-26 15:39]
{65D886A2-7CA7-479B-BB95-14D1EFB7946A}=C:\Program Files\Yahoo!\common\YIeTagBm.dll [2005-01-24 13:55]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]
{AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar1.dll [2007-03-21 04:49]
{F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D}=C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll [2005-02-03 21:07]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"="stsystra.exe" []
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-05-27 01:58]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkinClock"="C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe" [2007-04-29 13:45]
"AOL Fast Start"="C:\Program Files\America Online 9.0a\AOL.exe" [2005-07-12 06:17]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [2007-03-16 01:19]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\syste m]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
"SynchronousMachineGroupPolicy"=0 (0x0)
"SynchronousUserGroupPolicy"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell ExecuteHooks]
"{0cab0400-7395-11d0-a5e5-0020afe2fdd9}"="qvphook.dll" []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
avgwlntf.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^Adobe Gamma.lnk]
backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^Dialog Helper.lnk]
backup=C:\WINDOWS\pss\Dialog Helper.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^Dialog Tracker.lnk]
backup=C:\WINDOWS\pss\Dialog Tracker.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^HDDlife.lnk]
backup=C:\WINDOWS\pss\HDDlife.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
backup=C:\WINDOWS\pss\LimeWire On Startup.lnkStartup
Wiskerluv's Avatar
Computer Specs
Senior Member with 112 posts.
  
Join Date: Oct 2006
Experience: Intermediate
01-Jun-2007, 12:29 AM #20
Whew!! There is a lot of reading here!

Here is the last of it:

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^Talking Calculator.lnk]
backup=C:\WINDOWS\pss\Talking Calculator.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^TTK.lnk]
backup=C:\WINDOWS\pss\TTK.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AT&T Self Support Tool.lnk]
backup=C:\WINDOWS\pss\AT&T Self Support Tool.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Event Planner Reminder.lnk]
backup=C:\WINDOWS\pss\Event Planner Reminder.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Event Planner Reminders Tray Icon.lnk]
backup=C:\WINDOWS\pss\Event Planner Reminders Tray Icon.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk]
backup=C:\WINDOWS\pss\Google Updater.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Works Calendar Reminders.lnk]
backup=C:\WINDOWS\pss\Microsoft Works Calendar Reminders.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MightyFAX Controller.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MightyFAX Controller.lnk
backup=C:\WINDOWS\pss\MightyFAX Controller.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^SBC Self Support Tool.lnk]
backup=C:\WINDOWS\pss\SBC Self Support Tool.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^SnagIt 8.lnk]
backup=C:\WINDOWS\pss\SnagIt 8.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Fast Start]
"C:\Program Files\America Online 9.0a\AOL.EXE" -b

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
"C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BJCFD]
C:\Program Files\BroadJump\Client Foundation\CFD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Blaero Start Orb]
C:\Program Files\Blaero Start Orb\Blaero Start Orb.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CookiePatrol]
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cyberhawk]
C:\Program Files\Novatix\Cyberhawk\CHTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DW4]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
C:\WINDOWS\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Fix-It AV]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
C:\Program Files\Common Files\AOL\1174297665\ee\AOLSoftware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
C:\Program Files\Internet Download Manager\IDMan.exe /onboot

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IncrediMail]
C:\Program Files\IncrediMail\bin\IncMail.exe /c

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Key Launch]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark 1200 Series]
"C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Portfolio]
C:\Program Files\Microsoft Works\WksSb.exe /AllUsers

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PestPatrol Control Center]
C:\PROGRA~1\PESTPA~1\PPControl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPMemCheck]
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Secure]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeePassword]
C:\Program Files\SeePassword\SeePassword.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkinClock]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSystemAnalyzer]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STYLEXP]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Super Utilities]
C:\Program Files\SuperLogix\Super Utilities\SuperUtil.exe /min

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead AutoDetector v2]
C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Unamon]
wscript.exe //b C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Unamon.vbs

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
"C:\Program Files\Unlocker\UnlockerAssistant.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipStunt]
"C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe" -nosplash -minimized

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Window Washer]
C:\Program Files\Webroot\Washer\wwDisp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
"C:\Program Files\Windows Defender\MSASCui.exe" -hide

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WorksFUD]
C:\Program Files\Microsoft Works\wkfud.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XPRepairPro2007]
C:\Program Files\XP Repair Pro 2007\XPRepairPro.exe /r

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
1

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YBrowser]
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AVP"=2 (0x2)

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs*
UxTuneUp

*Newly Created Service* -PROCEXP90


~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

backup-20070528-002549-760
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.148 85.255.112.203

backup-20070513-005709-134
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)

backup-20070513-005709-651
O23 - Service: StarWind iSCSI Service (StarWindService) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (file missing)

backup-20070513-005709-376
O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe (file missing)

backup-20070513-005709-311
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab

??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ???????????????????????????????????=??????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ????????????????????????

backup-20070513-005709-683
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper2007261.dll

??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ???????????????????????????????????????????????????????????????????=??????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ?????????????????????????????????????????????????????????????????????

backup-20070513-005708-168
O16 - DPF: {13149882-F480-4F6B-8C6A-0764F75B99ED} (CrazyTalk4 Control) - http://plug-in.reallusion.com/CrazyTalk4.cab

??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????

backup-20070513-005708-343
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

???????????????????????????????????????????4??????????????????????????????? ?????????????????????????????????????????4???=????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????

backup-20070513-005708-907
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll

???????????????????????????????????????????4??????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ????????????????

backup-20070513-005708-355
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll

???????????????????????????????????????????4??????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????? ????????????????

backup-20070513-005708-374
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

???????????????????????????????????????????4??????????????????????????????? ?????????????=????????????????????????????????????????????????????????

backup-20070513-005708-107
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm

backup-20070513-005708-184
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net/

backup-20070513-005708-881
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll

backup-20070513-005708-101
O2 - BHO: Internet Security Class - {A75E294E-C047-4D29-B07E-37B792881BEF} - (no file)

backup-20070513-005708-276
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)

backup-20070408-161338-373
O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe (file missing)

backup-20070408-161338-152
O23 - Service: StarWind iSCSI Service (StarWindService) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (file missing)

backup-20070408-161338-764
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
"Logon"="WLEventLogon"
"Logoff"="WLEventLogoff"
"Startup"="WLEventStartup"
"Shutdown"="WLEventShutdown"
"StartScreenSaver"="WLEventStartScreenSaver"
"StopScreenSaver"="WLEventStopScreenSaver"
"Lock"="WLEventLock"
"Unlock"="WLEventUnlock"
"StartShell"="WLEventStartShell"
"PostShell"="WLEventPostShell"
"Disconnect"="WLEventDisconnect"
"Reconnect"="WLEventReconnect"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000000
"SafeMode"=dword:00000001
"MaxWait"=dword:ffffffff
"DllName"=hex(2):57,00,67,00,61,00,4c,00,6f,00,67,00,6f,00,6e,00,2e,00,64,0 0,\
6c,00,6c,00,00,00
"Event"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon\Settings]
"Data"=hex:01,00,00,00,d0,8c,9d,df,01,15,d1,11,8c,7a,00,c0,4f,c2,97,eb,01,0 0,\
00,00,19,ef,c6,d8,20,25,1c,4b,b3,b9,34,01,19,00,e6,12,04,00,00,00,04,00,00, \
00,53,00,00,00,03,66,00,00,a8,00,00,00,10,00,00,00,3f,a7,dd,8b,49,e5,a9,6e, \
5c,9e,a2,fc,a5,fa,04,d4,00,00,00,00,04,80,00,00,a0,00,00,00,10,00,00,00,7b, \
65,74,52,d9,0c,55,cc,92,fe,df,33,d4,71,06,4f,b0,01,00,00,79,d4,b1,d9,af,a5, \
db,1b,c1,b8,7b,3a,a6,4b,d9,b8,b8,a8,c0,e8,1f,f3,d0,2e,cd,a4,a3,9f,84,d6,38, \
91,75,ac,90,79,6d,4b,19,a5,7b,f5,ab,7f,82,fc,19,ad,20,84,f7,64,e9,f5,9d,cf, \
e5,57,f2,32,07,dd,2d,42,f4,f7,b2,71,2e,b5,a6,0c,52,c6,3a,b8,16,87,b2,b1,83, \
c8,31,d6,cf,6d,18,03,f6,69,80,0b,55,dc,18,7b,bb,8d,bb,ee,7f,83,78,9c,62,01, \
de,31,ff,00,0d,24,df,6f,d4,68,96,a4,26,1d,99,05,3d,a4,e9,86,29,9f,7d,5e,85, \
b1,62,c9,df,de,03,ca,f0,c5,73,12,26,8d,82,af,41,da,35,c7,4e,83,ff,1c,8e,ca, \
2d,e9,9c,a5,df,64,d6,98,73,0f,6c,67,e6,72,97,4f,23,58,5c,48,27,f4,76,07,d0, \
0f,82,11,6c,0f,b4,be,47,84,19,a1,6a,b9,f0,da,a1,9c,e0,85,d2,e9,92,17,aa,57, \
44,e4,75,92,c1,71,e0,ee,86,ac,9c,af,41,b1,65,b5,27,14,f4,e6,94,18,79,a7,38, \
0d,6a,56,d0,0d,83,e3,4f,04,59,16,4e,be,0f,4d,b7,d6,88,f4,57,36,6e,ea,7f,89, \
d8,36,a3,bc,df,a6,d2,19,9d,18,e1,65,dc,22,6c,d1,6a,5c,a6,c4,49,af,5c,ba,9e, \
9d,73,6d,fb,1d,f9,f0,fc,8f,c0,73,6c,ba,43,83,63,ef,b5,ea,80,36,2b,f0,65,b2, \
b6,7d,47,dc,d6,f5,85,45,00,6a,af,76,80,b5,ac,98,33,b3,fc,0f,f5,fe,39,f7,d1, \
17,7a,39,60,eb,97,3e,da,53,b0,9c,58,33,9d,9a,85,ea,a9,90,f2,f9,2b,84,3d,21, \
ac,20,90,0f,63,6b,b5,f4,c6,4b,48,48,96,e0,9d,f8,95,ac,5e,16,52,4e,64,78,3d, \
9c,eb,db,25,88,c3,eb,29,48,02,05,0d,0a,48,fb,2c,f4,cf,01,a5,e4,18,5b,33,74, \
b9,13,cd,d1,af,56,08,39,4a,eb,49,e9,9f,5c,39,6e,46,f0,9f,33,ff,3c,62,42,5b, \
95,14,00,00,00,34,2c,9d,80,84,04,39,7e,84,94,5c,3b,00,ff,97,16,c0,cc,af,8a


Contents of the 'Scheduled Tasks' folder
2007-05-26 02:01:24 C:\WINDOWS\tasks\1-Click Maintenance.job
2007-05-28 04:32:27 C:\WINDOWS\tasks\MP Scheduled Scan.job
2007-05-28 04:29:31 C:\WINDOWS\tasks\RegCure Program Check.job
2007-05-25 00:30:11 C:\WINDOWS\tasks\RegCure.job

********************************************************************

catchme 0.3.681 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-05-28 01:27:22
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0


********************************************************************

Completion time: 2007-05-28 1:28:20
C:\ComboFix-quarantined-files.txt ... 2007-05-28 01:28

--- E O F ---
Closed Thread Bookmark and Share
Page 2 of 2 1 2

THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

« Previous Thread | Malware Removal & HijackThis Logs | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
WELCOME TO TECH SUPPORT GUY! Are you looking for the solution to your computer problem? Join our site today to ask your question -- for free! Our site is run completely by volunteers who want to help you solve your computer problems. See our Welcome Guide to get started.

Thread Tools


Related Sites: 56k Dial-Up | Tech Gift Ideas | Mobile TechGuy | Advertise on TSG
Contact Us - HelpOnThe.Net - Archive - Terms of Service - Top
You Are Using:
Server ID
Advertisements do not imply our endorsement of that product or service.
All times are GMT -4. The time now is 09:58 PM.
Copyright © 1996 - 2009 TechGuy, Inc. All rights reserved.
Powered by vBulletin, Copyright © 2000 - 2009, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.2.0
Powered by Cermak Technologies, Inc.