Thread: Firefox Hijacked
View Single Post
Old 09-28-2006, 04:35 AM   #8 (permalink)
Willidshome
Registered User
 
Join Date: Sep 2006
Posts: 8
OS: xp


HERE IS EVERYTHING YOU HAVE ASKED FOR

***********************************************

********** COMBOFIX2.TXT **************

Dave - 06-09-27 15:18:15.76 Service Pack 2
ComboFix 06.09.27 - Running from: "C:\Documents and Settings\Dave\desktop"
Command switches used :: /v jkkji winzwr32

(((((((((((((((((((((((((((((((((((((((((((((((( Vundo Log )))))))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\jkkji.dll
C:\WINDOWS\system32\ijkkj.bak1
C:\WINDOWS\system32\ijkkj.bak2
C:\WINDOWS\system32\ijkkj.ini
C:\WINDOWS\system32\jkkji.dll
C:\WINDOWS\system32\ijkkj.bak1
C:\WINDOWS\system32\ijkkj.bak2
C:\WINDOWS\system32\ijkkj.ini


* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *



(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Program Files\Common Files\{18F95861-07D0-2057-0221-03052706002c}


((((((((((((((((((((((((((((((( Files Created from 2006-08-27 to 2006-09-27 ))))))))))))))))))))))))))))))))))


2006-09-27 11:03 56 --ahs---- C:\redir.sys
2006-09-26 08:51 970,752 --a------ C:\WINDOWS\system32\VchReg.dll
2006-09-25 16:28 45,525 --a------ C:\WINDOWS\system32\hdgcynuc.dll
2006-09-25 16:28 143,380 --a------ C:\WINDOWS\system32\urutiaxa.exe
2006-09-25 16:05 589,876 ---hs---- C:\WINDOWS\system32\vturq.dll
2006-09-25 15:37 589,876 ---hs---- C:\WINDOWS\system32\ddccc.dll
2006-09-25 15:23 589,876 ---hs---- C:\WINDOWS\system32\ddcyw.dll
2006-09-25 15:15 69 --a------ C:\jswudopx.bat
2006-09-25 15:15 589,876 ---hs---- C:\WINDOWS\system32\jkhhe.dll
2006-09-25 15:15 20,480 --a------ C:\jswudopx.exe
2006-09-25 15:15 0 --a------ C:\oorwopjo.exe
2006-09-25 15:09 0 --a------ C:\dlkvnr.exe
2006-09-25 14:56 16,384 --a------ C:\WINDOWS\system32\FileOps.exe
2006-09-24 16:49 65,536 --------- C:\WINDOWS\system32\adistres.dll
2006-09-24 16:49 20,584 --------- C:\WINDOWS\system32\PdfPorts.dll
2006-09-24 16:49 101,200 --------- C:\WINDOWS\system32\pdfshell.dll
2006-09-24 14:39 210,944 --------- C:\WINDOWS\system32\Msvcrt10.dll
2006-09-23 14:24 208,896 --a------ C:\WINDOWS\system32\nvudisp.exe
2006-09-23 14:23 208,896 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2006-09-22 13:43 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2006-09-22 13:43 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2006-09-22 13:43 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2006-09-19 16:18 53,760 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2006-09-19 16:18 44,544 --a------ C:\WINDOWS\system32\OVUI2.dll
2006-09-19 16:18 41,984 --a------ C:\WINDOWS\system32\OVUI2RC.dll
2006-09-19 16:18 39,424 --a------ C:\WINDOWS\system32\OVComS.exe
2006-09-19 16:18 20,480 --a------ C:\WINDOWS\system32\OVComC.dll
2006-09-19 16:18 116,736 --a------ C:\WINDOWS\system32\OVCodec2.dll
2006-09-15 11:23 86,016 --a------ C:\WINDOWS\unvise32qt.exe
2006-09-09 17:46 973,312 --a------ C:\WINDOWS\system32\Redemption.dll
2006-09-09 17:46 962,560 --a------ C:\WINDOWS\system32\MagicCtl.dll
2006-09-09 17:46 90,112 --a------ C:\WINDOWS\system32\gmnamfld.dll
2006-09-09 17:46 81,920 --a------ C:\WINDOWS\system32\ANSSLPLUS.dll
2006-09-09 17:46 73,728 --a------ C:\WINDOWS\system32\GMSigMan.dll
2006-09-09 17:46 65,536 --a------ C:\WINDOWS\system32\GMMesCom.dll
2006-09-09 17:46 512,000 --a------ C:\WINDOWS\system32\gmgrpman.dll
2006-09-09 17:46 487,424 --a------ C:\WINDOWS\system32\infCB.dll
2006-09-09 17:46 45,056 --a------ C:\WINDOWS\system32\GMPaths.dll
2006-09-09 17:46 385,592 --a------ C:\WINDOWS\system32\XceedBkp.dll
2006-09-09 17:46 348,160 --a------ C:\WINDOWS\system32\ANPOP.dll
2006-09-09 17:46 299,008 --a------ C:\WINDOWS\system32\GMAccMan.dll
2006-09-09 17:46 282,624 --a------ C:\WINDOWS\system32\AOSMTPEX.dll
2006-09-09 17:46 282,624 --a------ C:\WINDOWS\system32\AOSMTP.dll
2006-09-09 17:46 258,048 --a------ C:\WINDOWS\system32\GMMailer.dll
2006-09-09 17:46 24,576 --a------ C:\WINDOWS\system32\snEUps.dll
2006-09-09 17:46 167,936 --a------ C:\WINDOWS\system32\infgdbcb.dll
2006-09-09 17:46 159,823 --a------ C:\WINDOWS\system32\emmsg.dll
2006-09-09 17:46 159,744 --a------ C:\WINDOWS\system32\dwStg.dll
2006-09-09 17:46 151,638 --a------ C:\WINDOWS\system32\empop3.dll
2006-09-09 17:46 151,552 --a------ C:\WINDOWS\system32\HexValidEmail.dll
2006-09-09 17:46 122,880 --a------ C:\WINDOWS\system32\snEU.exe
2006-09-09 17:46 102,400 --a------ C:\WINDOWS\system32\HexDns.dll
2006-09-09 17:46 1,011,712 --a------ C:\WINDOWS\system32\chilkatxml.dll
2006-09-09 16:12 50,688 --a------ C:\WINDOWS\system32\wbhelp2.dll
2006-09-09 16:12 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2006-09-09 16:12 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2006-09-09 16:12 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
2006-09-09 08:53 21,504 --a------ C:\WINDOWS\system32\hidserv.dll
2006-09-09 08:41 99,576 --a------ C:\WINDOWS\system32\MabryObj.dll
2006-09-09 08:41 57,856 --a------ C:\WINDOWS\system32\azip32.dll
2006-09-09 08:41 32,768 --a------ C:\WINDOWS\system32\Base64.dll
2006-09-09 08:41 279,800 --a------ C:\WINDOWS\system32\FTPx.dll
2006-09-09 08:41 241,664 --a------ C:\WINDOWS\system32\dzgtactx.dll
2006-09-09 02:00 112,128 --a------ C:\WINDOWS\system32\mapi32.dll
2006-09-09 02:00 0 -rahs---- C:\MSDOS.SYS
2006-09-09 02:00 0 -rahs---- C:\IO.SYS
2006-09-09 02:00 0 --a------ C:\CONFIG.SYS
2006-09-09 02:00 0 --a------ C:\AUTOEXEC.BAT
2006-09-09 01:58 8,192 --a------ C:\WINDOWS\system32\bitsprx2.dll
2006-09-09 01:58 7,168 --a------ C:\WINDOWS\system32\bitsprx3.dll
2006-09-09 01:58 64,512 --a------ C:\WINDOWS\system32\acctres.dll
2006-09-09 01:58 6,656 --a------ C:\WINDOWS\system32\wuauserv.dll
2006-09-09 01:58 465,176 --a------ C:\WINDOWS\system32\wuapi.dll
2006-09-09 01:58 45,568 --a------ C:\WINDOWS\system32\safrslv.dll
2006-09-09 01:58 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll
2006-09-09 01:58 43,520 --a------ C:\WINDOWS\system32\racpldlg.dll
2006-09-09 01:58 41,240 --a------ C:\WINDOWS\system32\wups.dll
2006-09-09 01:58 382,464 --a------ C:\WINDOWS\system32\qmgr.dll
2006-09-09 01:58 29,696 --a------ C:\WINDOWS\system32\safrdm.dll
2006-09-09 01:58 194,328 --a------ C:\WINDOWS\system32\wuaueng1.dll
2006-09-09 01:58 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2006-09-09 01:58 173,536 --a------ C:\WINDOWS\system32\wuweb.dll
2006-09-09 01:58 172,312 --a------ C:\WINDOWS\system32\wuauclt1.exe
2006-09-09 01:58 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll
2006-09-09 01:58 127,256 --a------ C:\WINDOWS\system32\wucltui.dll
2006-09-09 01:58 124,184 --a------ C:\WINDOWS\system32\wuauclt.exe
2006-09-09 01:58 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll
2006-09-09 01:58 11,264 --a------ C:\WINDOWS\system32\atrace.dll
2006-09-09 01:58 1,343,768 --a------ C:\WINDOWS\system32\wuaueng.dll
2006-09-09 01:57 81,920 --a------ C:\WINDOWS\system32\isign32.dll
2006-09-09 01:57 81,920 --a------ C:\WINDOWS\system32\ils.dll
2006-09-09 01:57 73,728 --a------ C:\WINDOWS\system32\icwdial.dll
2006-09-09 01:57 69,632 --a------ C:\WINDOWS\system32\msconf.dll
2006-09-09 01:57 679,424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-09-09 01:57 67,584 --a------ C:\WINDOWS\system32\srclient.dll
2006-09-09 01:57 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll
2006-09-09 01:57 48,128 --a------ C:\WINDOWS\system32\inetres.dll
2006-09-09 01:57 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll
2006-09-09 01:57 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
2006-09-09 01:57 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll
2006-09-09 01:57 28,672 --a------ C:\WINDOWS\system32\nmmkcert.dll
2006-09-09 01:57 274,944 --a------ C:\WINDOWS\system32\mstask.dll
2006-09-09 01:57 274,432 --a------ C:\WINDOWS\system32\inetcfg.dll
2006-09-09 01:57 252,928 --a------ C:\WINDOWS\system32\msoeacct.dll
2006-09-09 01:57 239,104 --a------ C:\WINDOWS\system32\srrstr.dll
2006-09-09 01:57 23,040 --a------ C:\WINDOWS\system32\fltmc.exe
2006-09-09 01:57 190,976 --a------ C:\WINDOWS\system32\schedsvc.dll
2006-09-09 01:57 170,496 --a------ C:\WINDOWS\system32\srsvc.dll
2006-09-09 01:57 16,896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-09-09 01:57 12,288 --a------ C:\WINDOWS\system32\mstinit.exe
2006-09-09 01:57 105,984 --a------ C:\WINDOWS\system32\msoert2.dll
2006-09-09 01:56 97,792 --a------ C:\WINDOWS\system32\comrepl.dll
2006-09-09 01:56 956,416 --a------ C:\WINDOWS\system32\msdtctm.dll
2006-09-09 01:56 93,696 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2006-09-09 01:56 91,136 --a------ C:\WINDOWS\system32\mtxoci.dll
2006-09-09 01:56 9,728 --a------ C:\WINDOWS\system32\reset.exe
2006-09-09 01:56 87,176 --a------ C:\WINDOWS\system32\rdpwsx.dll
2006-09-09 01:56 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll
2006-09-09 01:56 80,384 --a------ C:\WINDOWS\system32\charmap.exe
2006-09-09 01:56 73,216 --a------ C:\WINDOWS\system32\avwav.dll
2006-09-09 01:56 67,072 --a------ C:\WINDOWS\system32\rdshost.exe
2006-09-09 01:56 655,360 --a------ C:\WINDOWS\system32\mstscax.dll
2006-09-09 01:56 625,152 --a------ C:\WINDOWS\system32\catsrvut.dll
2006-09-09 01:56 62,464 --a------ C:\WINDOWS\system32\rdpclip.exe
2006-09-09 01:56 605,696 --a------ C:\WINDOWS\system32\getuname.dll
2006-09-09 01:56 60,416 --a------ C:\WINDOWS\system32\remotepg.dll
2006-09-09 01:56 60,416 --a------ C:\WINDOWS\system32\colbact.dll
2006-09-09 01:56 6,144 --a------ C:\WINDOWS\system32\msdtc.exe
2006-09-09 01:56 58,880 --a------ C:\WINDOWS\system32\msdtclog.dll
2006-09-09 01:56 56,832 --a------ C:\WINDOWS\system32\sol.exe
2006-09-09 01:56 55,296 --a------ C:\WINDOWS\system32\freecell.exe
2006-09-09 01:56 540,160 --a------ C:\WINDOWS\system32\comuid.dll
2006-09-09 01:56 54,272 --a------ C:\WINDOWS\system32\stclient.dll
2006-09-09 01:56 538,624 --a------ C:\WINDOWS\system32\spider.exe
2006-09-09 01:56 5,632 --a------ C:\WINDOWS\system32\write.exe
2006-09-09 01:56 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe
2006-09-09 01:56 498,688 --a------ C:\WINDOWS\system32\clbcatq.dll
2006-09-09 01:56 44,544 --a------ C:\WINDOWS\system32\tscupgrd.exe
2006-09-09 01:56 44,544 --a------ C:\WINDOWS\system32\hticons.dll
2006-09-09 01:56 426,496 --a------ C:\WINDOWS\system32\msdtcprx.dll
2006-09-09 01:56 407,552 --a------ C:\WINDOWS\system32\mstsc.exe
2006-09-09 01:56 4,096 --a------ C:\WINDOWS\system32\rdpcfgex.dll
2006-09-09 01:56 4,096 --a------ C:\WINDOWS\system32\mtxex.dll
2006-09-09 01:56 38,912 --a------ C:\WINDOWS\system32\cfgbkend.dll
2006-09-09 01:56 35,328 --a------ C:\WINDOWS\system32\winchat.exe
2006-09-09 01:56 347,136 --a------ C:\WINDOWS\system32\hypertrm.dll
2006-09-09 01:56 343,040 --a------ C:\WINDOWS\system32\mspaint.exe
2006-09-09 01:56 33,792 --a------ C:\WINDOWS\system32\regini.exe
2006-09-09 01:56 295,424 --a------ C:\WINDOWS\system32\termsrv.dll
2006-09-09 01:56 25,600 --a------ C:\WINDOWS\system32\comaddin.dll
2006-09-09 01:56 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll
2006-09-09 01:56 227,840 --a------ C:\WINDOWS\system32\avtapi.dll
2006-09-09 01:56 225,792 --a------ C:\WINDOWS\system32\catsrv.dll
2006-09-09 01:56 22,016 --a------ C:\WINDOWS\system32\qwinsta.exe
2006-09-09 01:56 20,992 --a------ C:\WINDOWS\system32\msg.exe
2006-09-09 01:56 20,480 --a------ C:\WINDOWS\system32\qprocess.exe
2006-09-09 01:56 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll
2006-09-09 01:56 19,968 --a------ C:\WINDOWS\system32\rdpsnd.dll
2006-09-09 01:56 183,808 --a------ C:\WINDOWS\system32\accwiz.exe
2006-09-09 01:56 161,280 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2006-09-09 01:56 16,896 --a------ C:\WINDOWS\system32\tsshutdn.exe
2006-09-09 01:56 16,896 --a------ C:\WINDOWS\system32\qappsrv.exe
2006-09-09 01:56 16,384 --a------ C:\WINDOWS\system32\tskill.exe
2006-09-09 01:56 16,384 --a------ C:\WINDOWS\system32\avmeter.dll
2006-09-09 01:56 15,872 --a------ C:\WINDOWS\system32\rwinsta.exe
2006-09-09 01:56 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll
2006-09-09 01:56 15,360 --a------ C:\WINDOWS\system32\logoff.exe
2006-09-09 01:56 147,968 --a------ C:\WINDOWS\system32\rdchost.dll
2006-09-09 01:56 147,456 --a------ C:\WINDOWS\system32\comsnap.dll
2006-09-09 01:56 140,800 --a------ C:\WINDOWS\system32\sessmgr.exe
2006-09-09 01:56 14,848 --a------ C:\WINDOWS\system32\tsdiscon.exe
2006-09-09 01:56 14,848 --a------ C:\WINDOWS\system32\tscon.exe
2006-09-09 01:56 14,848 --a------ C:\WINDOWS\system32\shadow.exe
2006-09-09 01:56 138,752 --a------ C:\WINDOWS\system32\sndvol32.exe
2006-09-09 01:56 131,584 --a------ C:\WINDOWS\system32\sndrec32.exe
2006-09-09 01:56 13,824 --a------ C:\WINDOWS\system32\rdsaddin.exe
2006-09-09 01:56 126,976 --a------ C:\WINDOWS\system32\mshearts.exe
2006-09-09 01:56 123,392 --a------ C:\WINDOWS\system32\mplay32.exe
2006-09-09 01:56 119,808 --a------ C:\WINDOWS\system32\winmine.exe
2006-09-09 01:56 114,688 --a------ C:\WINDOWS\system32\calc.exe
2006-09-09 01:56 110,080 --a------ C:\WINDOWS\system32\clbcatex.dll
2006-09-09 01:56 11,776 --a------ C:\WINDOWS\system32\xolehlp.dll
2006-09-09 01:56 11,264 --a------ C:\WINDOWS\system32\icaapi.dll
2006-09-09 01:56 102,912 --a------ C:\WINDOWS\system32\clipbrd.exe
2006-09-09 01:56 1,267,200 --a------ C:\WINDOWS\system32\comsvcs.dll
2006-09-09 01:56 1,161 --a------ C:\WINDOWS\system32\usrlogon.cmd
2006-09-09 01:55 58,880 --a------ C:\WINDOWS\system32\licwmi.dll
2006-09-09 01:55 56,320 --a------ C:\WINDOWS\system32\servdeps.dll
2006-09-09 01:55 185,344 --a------ C:\WINDOWS\system32\cmprops.dll
2006-09-09 01:55 17,408 --a------ C:\WINDOWS\system32\mmfutil.dll
2006-09-08 21:24 90,112 --------- C:\WINDOWS\Updreg.EXE
2006-09-08 21:24 84,992 --------- C:\WINDOWS\system32\SFCVRT32.DLL
2006-09-08 21:24 82,432 --------- C:\WINDOWS\system32\CTWFLT32.DLL
2006-09-08 21:24 53,552 --------- C:\WINDOWS\CTCCW.DLL
2006-09-08 21:24 26,768 --------- C:\WINDOWS\system32\CTL3D.DLL
2006-09-08 21:24 24,976 --------- C:\WINDOWS\CTRES.DLL
2006-09-08 21:24 149,504 --------- C:\WINDOWS\system32\MFCANS32.DLL
2006-09-08 21:24 108,032 --------- C:\WINDOWS\system32\MFCUIA32.DLL
2006-09-08 21:23 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2006-09-08 21:23 20,480 --a------ C:\WINDOWS\INRES.DLL
2006-09-08 21:22 94,208 --a------ C:\WINDOWS\DEVREG.DLL
2006-09-08 21:22 77,824 --a------ C:\WINDOWS\system32\EAXAC3.DLL
2006-09-08 21:22 65,536 --a------ C:\WINDOWS\system32\a3d.dll
2006-09-08 21:22 643,072 --a------ C:\WINDOWS\system32\CTSBLFX.DLL
2006-09-08 21:22 61,440 --a------ C:\WINDOWS\MIDIDEF.EXE
2006-09-08 21:22 57,344 --a------ C:\WINDOWS\system32\CTAGENT.DLL
2006-09-08 21:22 53,248 --a------ C:\WINDOWS\system32\AC3API.DLL
2006-09-08 21:22 49,152 --a------ C:\WINDOWS\system32\KILLAPPS.EXE
2006-09-08 21:22 49,152 --a------ C:\WINDOWS\CTDCRES.DLL
2006-09-08 21:22 36,864 --a------ C:\WINDOWS\system32\sfman32.dll
2006-09-08 21:22 36,864 --a------ C:\WINDOWS\system32\REGPLIB.EXE
2006-09-08 21:22 36,864 --a------ C:\WINDOWS\system32\CTEMUPIA.DLL
2006-09-08 21:22 319,488 --a------ C:\WINDOWS\system32\CTDEVCON.DLL
2006-09-08 21:22 28,672 --a------ C:\WINDOWS\system32\CTSPKHLP.DLL
2006-09-08 21:22 270,336 --a------ C:\WINDOWS\system32\SFMS32.DLL
2006-09-08 21:22 24,576 --a------ C:\WINDOWS\system32\CTHELPER.EXE
2006-09-08 21:22 184,320 --a------ C:\WINDOWS\PSCONV.EXE
2006-09-08 21:22 176,128 --a------ C:\WINDOWS\READREG.EXE
2006-09-08 21:22 155,648 --a------ C:\WINDOWS\system32\CTOSUSER.DLL
2006-09-08 21:22 135,168 --a------ C:\WINDOWS\system32\OPENAL32.DLL
2006-09-08 21:22 110,592 --a------ C:\WINDOWS\system32\PIAPROXY.DLL
2006-09-08 21:22 110,592 --a------ C:\WINDOWS\system32\COMMONFX.DLL
2006-09-08 21:22 106,496 --a------ C:\WINDOWS\system32\CTDPROXY.DLL
2006-09-08 21:22 106,496 --a------ C:\WINDOWS\system32\CTASIO.DLL
2006-09-08 21:20 73,728 --------- C:\WINDOWS\system32\CTDrmRes.dll
2006-09-08 21:20 62,976 --------- C:\WINDOWS\system32\CTDetres.dll
2006-09-08 21:20 54,784 --------- C:\WINDOWS\system32\Inetwh32.dll
2006-09-08 21:20 44,032 --a------ C:\WINDOWS\system32\CTSVCCDA.EXE
2006-09-08 21:20 331,776 --a------ C:\WINDOWS\system32\CTMedEng.DLL
2006-09-08 21:20 28,672 --------- C:\WINDOWS\system32\CTIntRes.dll
2006-09-08 21:20 25,088 --------- C:\WINDOWS\system32\CTSVCCTL.EXE
2006-09-08 21:20 24,576 --------- C:\WINDOWS\system32\CTMERes.DLL
2006-09-08 21:20 163,840 --a------ C:\WINDOWS\system32\CTDRMUI.dll
2006-09-08 21:20 12,288 --a------ C:\WINDOWS\system32\AHQCpURes.dll
2006-09-08 21:19 41,984 --------- C:\WINDOWS\CTRegRun.exe
2006-09-08 21:18 6,752 --------- C:\WINDOWS\system32\PFMODNT.SYS
2006-09-08 21:02 306,688 --a------ C:\WINDOWS\IsUninst.exe
2006-09-08 20:52 983,107 --a------ C:\WINDOWS\system32\lxbxgf.dll
2006-09-08 20:52 94,208 --a------ C:\WINDOWS\system32\lxbxinsr.dll
2006-09-08 20:52 87,040 --a------ C:\WINDOWS\system32\wiafbdrv.dll
2006-09-08 20:52 86,016 --a------ C:\WINDOWS\system32\lxbxcub.dll
2006-09-08 20:52 741,376 --a------ C:\WINDOWS\system32\lxbxhbn3.dll
2006-09-08 20:52 69,632 --a------ C:\WINDOWS\system32\lxbxcu.dll
2006-09-08 20:52 667,648 --a------ C:\WINDOWS\system32\lxbxcomc.dll
2006-09-08 20:52 634,880 --a------ C:\WINDOWS\system32\lxbxpmui.dll
2006-09-08 20:52 512,000 --a------ C:\WINDOWS\system32\lxbxhbn1.dll
2006-09-08 20:52 483,328 --a------ C:\WINDOWS\system32\lxbxlmpm.dll
2006-09-08 20:52 462,848 --a------ C:\WINDOWS\system32\lxbxcoms.exe
2006-09-08 20:52 401,408 --a------ C:\WINDOWS\system32\lxbxcomm.dll
2006-09-08 20:52 40,960 --a------ C:\WINDOWS\system32\lxbxvs.dll
2006-09-08 20:52 372,736 --a------ C:\WINDOWS\system32\lxbxutil.dll
2006-09-08 20:52 372,736 --a------ C:\WINDOWS\system32\lxbxcfg.exe
2006-09-08 20:52 356,352 --a------ C:\WINDOWS\system32\lxbxih.exe
2006-09-08 20:52 32,768 --a------ C:\WINDOWS\system32\lxbxcur.dll
2006-09-08 20:52 172,032 --a------ C:\WINDOWS\system32\lxbxinsb.dll
2006-09-08 20:52 139,264 --a------ C:\WINDOWS\system32\lxbxprox.dll
2006-09-08 20:52 131,072 --a------ C:\WINDOWS\system32\lxbxjswr.dll
2006-09-08 20:52 131,072 --a------ C:\WINDOWS\system32\lxbxins.dll
2006-09-08 20:52 114,688 --a------ C:\WINDOWS\system32\lxbxpplc.dll
2006-09-08 20:52 1,146,880 --a------ C:\WINDOWS\system32\lxbxserv.dll
2006-09-08 20:52 1,089,536 --a------ C:\WINDOWS\system32\lxbxusb1.dll
2006-09-08 20:51 65,536 --a------ C:\WINDOWS\system32\lxbxcfg.dll
2006-09-08 19:29 90,112 --a------ C:\WINDOWS\system32\mcrtl32.dll
2006-09-08 19:29 32,768 --a------ C:\WINDOWS\system32\instlsp.exe
2006-09-08 19:29 131,072 --a------ C:\WINDOWS\system32\mclsp.dll
2006-09-08 19:29 11,264 --a------ C:\WINDOWS\system32\sporder.dll
2006-09-08 19:28 9,216 --a------ C:\WINDOWS\system32\MpfApi.dll
2006-09-08 19:27 349,760 --a------ C:\WINDOWS\system32\mcinsctl.dll
2006-09-08 19:27 288,320 --a------ C:\WINDOWS\system32\mcgdmgr.dll
2006-09-08 19:22 9,728 --a------ C:\WINDOWS\system32\rwnh.dll
2006-09-08 19:22 8,704 --a------ C:\WINDOWS\system32\infoctrs.dll
2006-09-08 19:22 8,192 --a------ C:\WINDOWS\system32\staxmem.dll
2006-09-08 19:22 7,168 --a------ C:\WINDOWS\system32\wamregps.dll
2006-09-08 19:22 7,168 --a------ C:\WINDOWS\system32\snprfdll.dll
2006-09-08 19:22 68,608 --a------ C:\WINDOWS\system32\iisext.dll
2006-09-08 19:22 64,512 --a------ C:\WINDOWS\system32\iismap.dll
2006-09-08 19:22 6,144 --a------ C:\WINDOWS\system32\ftpsapi2.dll
2006-09-08 19:22 6,144 --a------ C:\WINDOWS\system32\admxprox.dll
2006-09-08 19:22 56,320 --a------ C:\WINDOWS\system32\convlog.exe
2006-09-08 19:22 5,632 --a------ C:\WINDOWS\system32\w3svapi.dll
2006-09-08 19:22 5,632 --a------ C:\WINDOWS\system32\iisrstap.dll
2006-09-08 19:22 5,632 --a------ C:\WINDOWS\system32\adsiisex.dll
2006-09-08 19:22 43,520 --a------ C:\WINDOWS\system32\fcachdll.dll
2006-09-08 19:22 43,520 --a------ C:\WINDOWS\system32\admwprox.dll
2006-09-08 19:22 4,608 --a------ C:\WINDOWS\system32\w3ctrs.dll
2006-09-08 19:22 3,584 --a------ C:\WINDOWS\system32\iismui.dll
2006-09-08 19:22 290,816 --a------ C:\WINDOWS\system32\adsiis.dll
2006-09-08 19:22 23,040 --a------ C:\WINDOWS\system32\regtrace.exe
2006-09-08 19:22 19,968 --a------ C:\WINDOWS\system32\inetsloc.dll
2006-09-08 19:22 14,336 --a------ C:\WINDOWS\system32\iisreset.exe
2006-09-08 19:22 14,336 --a------ C:\WINDOWS\system32\exstrace.dll
2006-09-08 19:22 133,632 --a------ C:\WINDOWS\system32\iisRtl.dll
2006-09-08 19:22 13,312 --a------ C:\WINDOWS\system32\infoadmn.dll
2006-09-08 19:22 12,288 --a------ C:\WINDOWS\system32\smtpctrs.dll
2006-09-08 19:22 10,752 --a------ C:\WINDOWS\system32\smtpapi.dll
2006-09-08 19:22 10,240 --a------ C:\WINDOWS\system32\aspperf.dll
2006-09-08 19:20 24,816 --a------ C:\WINDOWS\system32\mdimon.dll
2006-09-08 18:55 24,576 --a------ C:\WINDOWS\system32\STKIT432.DLL
2006-09-08 18:50 4,529,408 --a------ C:\WINDOWS\system32\nv4_disp.dll
2006-09-08 18:49 74,240 --a------ C:\WINDOWS\system32\usbui.dll
2006-09-08 18:48 85,020 --a------ C:\WINDOWS\system32\dgsetup.dll
2006-09-08 18:48 8,704 --a------ C:\WINDOWS\system32\batt.dll
2006-09-08 18:48 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll
2006-09-08 18:48 74,752 --a------ C:\WINDOWS\system32\storprop.dll
2006-09-08 18:48 7,168 -ra------ C:\WINDOWS\system32\kbdcz.dll
2006-09-08 18:48 69,120 --a------ C:\WINDOWS\NOTEPAD.EXE
2006-09-08 18:48 6,656 -ra------ C:\WINDOWS\system32\kbdycl.dll
2006-09-08 18:48 6,656 -ra------ C:\WINDOWS\system32\kbdsl1.dll
2006-09-08 18:48 6,656 -ra------ C:\WINDOWS\system32\kbdsl.dll
2006-09-08 18:48 6,656 -ra------ C:\WINDOWS\system32\kbdpl.dll
2006-09-08 18:48 6,656 -ra------ C:\WINDOWS\system32\kbdhu.dll
2006-09-08 18:48 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll
2006-09-08 18:48 6,656 -ra------ C:\WINDOWS\system32\kbdcz2.dll
2006-09-08 18:48 6,656 -ra------ C:\WINDOWS\system32\kbdcz1.dll
2006-09-08 18:48 6,656 -ra------ C:\WINDOWS\system32\kbdcr.dll
2006-09-08 18:48 6,656 -ra------ C:\WINDOWS\system32\KBDAL.DLL
2006-09-08 18:48 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll
2006-09-08 18:48 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll
2006-09-08 18:48 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll
2006-09-08 18:48 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll
2006-09-08 18:48 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll
2006-09-08 18:48 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll
2006-09-08 18:48 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdycc.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbduzb.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdur.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdtat.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdru1.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdru.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdro.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdpl1.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdkaz.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdhu1.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdbu.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdblr.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdaze.dll
2006-09-08 18:48 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2006-09-08 18:48 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll
2006-09-08 18:48 15,360 --a------ C:\WINDOWS\TASKMAN.EXE
2006-09-08 18:48 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2006-09-08 18:48 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll
2006-09-08 18:30 57,344 --------- C:\WINDOWS\system32\mfc70enu.dll
2006-09-08 18:29 974,848 --a------ C:\WINDOWS\system32\mfc70.dll
2006-09-08 18:29 487,424 --a------ C:\WINDOWS\system32\msvcp70.dll
2006-09-08 18:29 344,064 --a------ C:\WINDOWS\system32\msvcr70.dll
2006-09-08 18:26 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-09-27 15:18 -------- d-------- C:\Program Files\Common Files
2006-09-27 15:12 -------- d-------- C:\Program Files\Mozilla Firefox
2006-09-27 15:09 -------- d-------- C:\Documents and Settings\Dave\Application Data\MailWasherPro
2006-09-27 14:53 -------- d-------- C:\Documents and Settings\Dave\Application Data\Adobe
2006-09-27 14:04 -------- d-------- C:\Program Files\ewido anti-spyware 4.0
2006-09-27 11:04 -------- d-------- C:\Documents and Settings\Dave\Application Data\Sonic
2006-09-27 11:03 -------- d-------- C:\Program Files\Common Files\PACE Anti-Piracy
2006-09-27 10:59 -------- d-------- C:\Program Files\Common Files\SureThing Shared
2006-09-27 10:59 -------- d-------- C:\Program Files\Common Files\Sonic
2006-09-27 10:58 -------- d-------- C:\Program Files\Sonic
2006-09-27 10:17 -------- d-------- C:\Program Files\HijackThis
2006-09-26 17:19 -------- d-------- C:\Program Files\CleanUp!
2006-09-25 15:03 -------- d-------- C:\Program Files\WinMediaCodec
2006-09-25 14:56 -------- d-------- C:\Program Files\Common Files\Adobe
2006-09-25 14:56 -------- d-------- C:\Program Files\Adobe
2006-09-25 14:41 -------- d-------- C:\Program Files\WebPosition 4
2006-09-24 17:04 -------- d-------- C:\Program Files\Registry Mechanic
2006-09-24 16:48 -------- d-------- C:\Documents and Settings\Dave\Application Data\InterTrust
2006-09-24 16:46 -------- d-------- C:\Documents and Settings\Dave\Application Data\Leadertech
2006-09-24 16:45 -------- d-------- C:\Documents and Settings\Dave\Application Data\AdobeUM
2006-09-24 16:45 -------- d-------- C:\Documents and Settings\Dave\Application Data\AdobeAUM
2006-09-24 16:35 -------- d-------- C:\Program Files\Yahoo!
2006-09-24 13:01 -------- d-------- C:\Program Files\Windows Media Player
2006-09-24 11:27 1557 --a------ C:\Documents and Settings\Dave\Application Data\AdobeDLM.log
2006-09-24 11:27 0 --a------ C:\Documents and Settings\Dave\Application Data\dm.ini
2006-09-22 12:03 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-09-22 12:03 -------- d-------- C:\Program Files\DeepSilver
2006-09-20 14:58 -------- d-------- C:\Program Files\Common Files\Adobe Systems Shared
2006-09-20 13:31 -------- d-------- C:\Program Files\WinRAR
2006-09-19 16:16 -------- d---s---- C:\Documents and Settings\Dave\Application Data\Microsoft
2006-09-19 16:16 -------- d-------- C:\Program Files\MSN Messenger
2006-09-19 16:16 -------- d-------- C:\Program Files\Common Files\Microsoft Shared
2006-09-19 13:54 -------- d-------- C:\Documents and Settings\Dave\Application Data\Sun
2006-09-19 13:53 -------- d-------- C:\Program Files\Java
2006-09-19 13:51 -------- d-------- C:\Program Files\Common Files\Java
2006-09-16 13:49 -------- d-------- C:\Program Files\Teamspeak2_RC2
2006-09-16 13:49 -------- d-------- C:\Documents and Settings\Dave\Application Data\teamspeak2
2006-09-15 11:23 -------- d-------- C:\Program Files\QuickTime
2006-09-10 14:47 -------- d-------- C:\Documents and Settings\Dave\Application Data\Macromedia
2006-09-09 17:46 673546 --a------ C:\Documents and Settings\Dave\Application Data\unins000.exe
2006-09-09 17:46 18546 --a------ C:\Documents and Settings\Dave\Application Data\unins000.dat
2006-09-09 17:46 -------- d-------- C:\Program Files\GroupMail 5
2006-09-09 16:12 -------- d-------- C:\Program Files\Ipswitch
2006-09-09 16:12 -------- d-------- C:\Documents and Settings\Dave\Application Data\Ipswitch
2006-09-09 16:11 -------- d-------- C:\Program Files\Common Files\InstallShield
2006-09-09 09:39 -------- d-------- C:\Documents and Settings\Dave\Application Data\McAfee
2006-09-09 02:00 -------- d-------- C:\Program Files\xerox
2006-09-09 02:00 -------- d-------- C:\Program Files\microsoft frontpage
2006-09-09 01:59 -------- d--h----- C:\Program Files\WindowsUpdate
2006-09-09 01:58 -------- d-------- C:\Program Files\NetMeeting
2006-09-09 01:58 -------- d-------- C:\Program Files\Movie Maker
2006-09-09 01:58 -------- d-------- C:\Program Files\Common Files\Services
2006-09-09 01:58 -------- d-------- C:\Program Files\Common Files\MSSoap
2006-09-09 01:57 -------- d-------- C:\Program Files\ComPlus Applications
2006-09-09 01:56 -------- d-------- C:\Program Files\Windows NT
2006-09-09 01:56 -------- d-------- C:\Program Files\MSN Gaming Zone
2006-09-09 01:56 -------- d-------- C:\Program Files\MSN
2006-09-08 21:59 -------- d-------- C:\Program Files\Internet Explorer
2006-09-08 21:43 -------- d-------- C:\Program Files\Creative
2006-09-08 21:42 -------- d-------- C:\Documents and Settings\Dave\Application Data\Creative
2006-09-08 21:31 -------- d-------- C:\Program Files\OfficeUpdate11
2006-09-08 21:16 -------- d-------- C:\Program Files\Common Files\System
2006-09-08 21:09 -------- d-------- C:\Program Files\Messenger
2006-09-08 21:03 -------- d-------- C:\Program Files\Hewlett-Packard
2006-09-08 21:02 -------- d-------- C:\Program Files\Outlook Express
2006-09-08 20:58 -------- d-------- C:\Program Files\Lexmark_7100 Series
2006-09-08 20:58 -------- d-------- C:\Program Files\Lexmark 7100 Series
2006-09-08 20:55 -------- d-------- C:\Documents and Settings\Dave\Application Data\McAfee.com Personal Firewall
2006-09-08 20:14 -------- d-------- C:\Program Files\CCP
2006-09-08 19:29 -------- d-------- C:\Program Files\McAfee.com
2006-09-08 19:29 -------- d-------- C:\Program Files\McAfee
2006-09-08 19:22 -------- d-------- C:\Program Files\Online Services
2006-09-08 19:20 -------- d-------- C:\Program Files\Microsoft.NET
2006-09-08 19:20 -------- d-------- C:\Program Files\Microsoft ActiveSync
2006-09-08 19:19 -------- d-------- C:\Program Files\Microsoft Office
2006-09-08 19:19 -------- d-------- C:\Program Files\Common Files\DESIGNER
2006-09-08 19:00 -------- d-------- C:\Program Files\FireTrust
2006-09-08 18:48 -------- d-------- C:\Program Files\Common Files\SpeechEngines
2006-09-08 18:48 -------- d-------- C:\Program Files\Common Files\ODBC
2006-09-08 18:47 62 --ahs---- C:\Documents and Settings\Dave\Application Data\desktop.ini
2006-09-08 18:30 -------- d-------- C:\Program Files\Macromedia
2006-09-08 18:30 -------- d-------- C:\Program Files\Common Files\Macromedia
2006-09-08 18:29 -------- d-------- C:\Program Files\Common Files\Macromedia Shared
2006-09-08 18:12 -------- d-------- C:\Documents and Settings\Dave\Application Data\Mozilla
2006-09-08 18:06 -------- d--h----- C:\Program Files\Uninstall Information
2006-09-08 18:06 -------- d-------- C:\Documents and Settings\Dave\Application Data\Identities
2006-08-21 10:14 128896 --a------ C:\WINDOWS\system32\drivers\fltmgr.sys
2006-07-29 19:32 48936 --a------ C:\WINDOWS\system32\sirenacm.dll
2006-07-21 09:24 72704 --a------ C:\WINDOWS\system32\hlink.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sonic RecordNow!"=""

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonce\CTStartup]
"CTStartup"="\"C:\\Program Files\\Creative\\Splash Screen\\CTEaxSpl.EXE\" /play"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RegistryMechanic"=""
"VSOCheckTask"="\"C:\\PROGRA~1\\McAfee.com\\VSO\\mcmnhdlr.exe\" /checktask"
"VirusScan Online"="C:\\Program Files\\McAfee.com\\VSO\\mcvsshld.exe"
"OASClnt"="C:\\Program Files\\McAfee.com\\VSO\\oasclnt.exe"
"MCAgentExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcagent.exe"
"MCUpdateExe"="C:\\PROGRA~1\\mcafee.com\\agent\\McUpdate.exe"
"MPFExe"="C:\\PROGRA~1\\McAfee.com\\PERSON~1\\MpfTray.exe"
"MPSExe"="c:\\PROGRA~1\\mcafee.com\\mps\\mscifapp.exe /embedding"
"MSKAGENTEXE"="C:\\PROGRA~1\\McAfee\\SPAMKI~1\\MskAgent.exe"
"MSKDetectorExe"="C:\\PROGRA~1\\McAfee\\SPAMKI~1\\MSKDetct.exe /startup"
"LXBXCATS"="rundll32 C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\LXBXtime.dll,_RunDLLEntry@16"
"lxbxmon.exe"="\"C:\\Program Files\\Lexmark 7100 Series\\lxbxmon.exe\""
"EzPrint"="\"C:\\Program Files\\Lexmark 7100 Series\\ezprint.exe\""
"WINDVDPatch"="CTHELPER.EXE"
"UpdReg"="C:\\WINDOWS\\UpdReg.EXE"
"Jet Detection"="\"C:\\Program Files\\Creative\\SBLive\\PROGRAM\\ADGJDet.exe\""
"CTStartup"="C:\\Program Files\\Creative\\Splash Screen\\CTEaxSpl.EXE /run"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"Disc Detector"="C:\\Program Files\\Creative\\ShareDLL\\CtNotify.exe"
"!ewido"="\"C:\\Program Files\\ewido anti-spyware 4.0\\ewido.exe\" /minimized"
"UpdateManager"="\"C:\\Program Files\\Common Files\\Sonic\\Update Manager\\sgtray.exe\" /r"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,86,01,00,00,00,00,00,00,7a,02,00,00,e2,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="ewido anti-spyware 4.0"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=hex:5f,00,00,00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
@=""
"NoDriveTypeAutoRun"=hex:5f,00,00,00
"NoCDBurning"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run]

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders
securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll


Completion time: 27/09/2006 15:21:54.18
ComboFix.txt
ComboFix2.txt


************ COMBOFIX3.TXT **************

Dave - 06-09-27 15:16:57.10 Service Pack 2
ComboFix 06.09.27 - Running from: "C:\Documents and Settings\Dave\desktop"
Command switches used :: /v jkkji winzwr32

******** C:\redir.sys SCAN ***********

AntiVir 7.2.0.18 09.28.2006 no virus found
Authentium 4.93.8 09.28.2006 no virus found
Avast 4.7.892.0 09.27.2006 no virus found

Aditional Information
File size: 56 bytes
MD5: ab728893b0688e165d76a797343b7263
SHA1: 135e8828d5c94230723c029d0da09fb43be89df5

******** c:\WINDOWS\system32\VchReg.dll ****************

AntiVir 7.2.0.18 09.28.2006 no virus found
Authentium 4.93.8 09.28.2006 no virus found
Avast 4.7.892.0 09.27.2006 no virus found
AVG 386 09.27.2006 no virus found
BitDefender 7.2 09.28.2006 no virus found
CAT-QuickHeal 8.00 09.27.2006 no virus found
ClamAV devel-20060426 09.27.2006 no virus found
DrWeb 4.33 09.28.2006 no virus found
eTrust-InoculateIT 23.73.7 09.28.2006 no virus found
eTrust-Vet 30.3.3104 09.28.2006 no virus found
Ewido 4.0 09.28.2006 no virus found
Fortinet 2.82.0.0 09.28.2006 no virus found
F-Prot 3.16f 09.28.2006 no virus found
F-Prot4 4.2.1.29 09.28.2006 no virus found
Ikarus 0.2.65.0 09.28.2006 no virus found
Kaspersky 4.0.2.24 09.28.2006 no virus found
McAfee 4861 09.27.2006 no virus found
Microsoft 1.1603 09.28.2006 no virus found
NOD32v2 1.1780 09.27.2006 no virus found
Norman 5.90.23 09.27.2006 no virus found
Panda 9.0.0.4 09.27.2006 Suspicious file
Sophos 4.10.0 09.28.2006 no virus found
Symantec 8.0 09.28.2006 no virus found
TheHacker 6.0.1.085 09.28.2006 no virus found
UNA 1.83 09.27.2006 no virus found
VBA32 3.11.1 09.28.2006 no virus found
VirusBuster 4.3.7:9 09.27.2006 no virus found

Aditional Information
File size: 970752 bytes
MD5: 5ce92f1265ab92c5f8d78075a669234c
SHA1: 5ad20b862d8b257c88ad4db6169fcad124e01103

******** c:\WINDOWS\unvise32qt.exe ****************

AntiVir 7.2.0.18 09.28.2006 no virus found
Authentium 4.93.8 09.28.2006 no virus found
Avast 4.7.892.0 09.27.2006 no virus found
AVG 386 09.27.2006 no virus found
BitDefender 7.2 09.28.2006 no virus found
CAT-QuickHeal 8.00 09.27.2006 no virus found
ClamAV devel-20060426 09.27.2006 no virus found
DrWeb 4.33 09.28.2006 no virus found
eTrust-InoculateIT 23.73.7 09.28.2006 no virus found
eTrust-Vet 30.3.3104 09.28.2006 no virus found
Ewido 4.0 09.28.2006 no virus found
Fortinet 2.82.0.0 09.28.2006 no virus found
F-Prot 3.16f 09.28.2006 no virus found
F-Prot4 4.2.1.29 09.28.2006 no virus found
Ikarus 0.2.65.0 09.28.2006 no virus found
Kaspersky 4.0.2.24 09.28.2006 no virus found
McAfee 4861 09.27.2006 no virus found
Microsoft 1.1603 09.28.2006 no virus found
NOD32v2 1.1780 09.27.2006 no virus found
Norman 5.90.23 09.27.2006 no virus found
Panda 9.0.0.4 09.27.2006 no virus found
Sophos 4.10.0 09.28.2006 no virus found
Symantec 8.0 09.28.2006 no virus found
TheHacker 6.0.1.085 09.28.2006 no virus found
UNA 1.83 09.27.2006 no virus found
VBA32 3.11.1 09.28.2006 no virus found
VirusBuster 4.3.7:9 09.27.2006 no virus found

Aditional Information
File size: 86016 bytes
MD5: 23a458e8eb269a71a29ada0cb3e22e65
SHA1: ed89dac3cc37f2d47f2df0824965a1bac8f4638f

**************** PANDA NOTHING FOUND ***********************



************* HIJACK THIS REPORT ****************************

Logfile of HijackThis v1.99.1
Scan saved at 11:34:06, on 28/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\mcafee.com\mps\mscifapp.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\Program Files\Lexmark 7100 Series\ezprint.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Creative\ShareDLL\MediaDet.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\lxbxcoms.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\HijackThis\ElvisLives.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: McAfee Privacy Service Popup Blocker - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [LXBXCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBXtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxbxmon.exe] "C:\Program Files\Lexmark 7100 Series\lxbxmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 7100 Series\ezprint.exe"
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: lxbx_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbxcoms.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Willidshome is offline