Welcome to Tech Support Forum home to more then 136,000 problems solved. Issues have included: Spyware, Malware, Virus Issues, Windows, Microsoft, Linux, Networking, Security, Hardware, and Gaming Getting your problem solved is as easy as:
1. Registering for a free account
2. Asking your question
3. Receiving an answer

Registered members:
* Get free support
* Communicate privately with other members (PM).
* Removal of this message
* See fewer ads.
* And much more..

 




Want to know how to post a question? click here Having problems with spyware and pop-ups? First Steps
Go Back   Tech Support Forum > Security Center > HijackThis Log Help > Resolved HJT Threads
W32.myzor.Fk@yf on Vista W32.myzor.Fk@yf on Vista
User Name
Password
Site Map Register Donate Rules Blogs Mark Forums Read

Resolved HJT Threads Resolved spyware and popup issues.

 
Page 1 of 2 1 2 >
 
Thread Tools
Old 02-23-2007, 07:25 AM   #1 (permalink)
Registered User
 
Join Date: Feb 2007
Posts: 21
OS: Windows Vista (Home Premium)


W32.myzor.Fk@yf on Vista
I've just bought my first computer for home use so I'm a bit of a novice. I've picked up a virus which has hijacked my IE and keeps trying to sell me protection software. The messages flashed up so far are that I've got the myzor, and various spyworms.
I've spent the best part of 2 days trying to self help from the various websites but none of them have a Vista options, which makes the instructions difficult to follow! Vista doesn't seem to have a 'My Computer' and I've given up trying to find out how to disable the system restore.
On the VirusScan tab I've got Build 11.1.126, DAT version 4968.000, Engine version 5100.0194.
Any help would be gratefully received before I repack the computer in it's box and sling it through the window!

I've been on the McAfee site and paullotion has advised the following:

"SmitFraudFix does not work with Vista as yet.

You can try AVG in safe mode it might remove the infection,if not download Hijackthis >>Here<< run a scan and create a log,post that log in this forum >>Here<< they`ll be able to help you,be aware as you have Vista very few tools will work with it at this time,so its a trial and error approach. "

I can't get AVG to work (I'm getting an "avgos.exe application error 0 the application failed to initialise properly") I've downloaded, installed and uninstalled all sorts of things that have been recommended but either they are not compatible with Vista or don't seem to cure the problem.

I'm fairly cheesed off now - I didn't get an option with Dell for another operating system with tthe kit I bought. Hope this is not a sign of things to come.

The scan produced the following. Any help would be gratefully received.

Steve

Logfile of HijackThis v1.99.1
Scan saved at 13:52:21, on 23/02/2007
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\Program Files\Video Access ActiveX Object\isamntr.exe
C:\Program Files\Video Access ActiveX Object\pmsnrr.exe
C:\Program Files\Video Access ActiveX Object\pmmnt.exe
C:\Program Files\Video Access ActiveX Object\isamini.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\sttray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\McAfee\MSK\mskagent.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Steve\AppData\Local\Temp\Temp1_hijackthis[1].zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ig/dell?hl=e...uk&ibd=6070216
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=e...uk&ibd=6070216
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {67982BB7-0F95-44C5-92DC-E3AF3DC19D6D} - C:\Program Files\Video Access ActiveX Object\isadd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Protection Bar - {84938242-5C5B-4A55-B6B9-A1507543B418} - C:\Program Files\Video Access ActiveX Object\iesplugin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\PhotoDownloader.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O18 - Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O21 - SSODL: eitheror - {2016a466-91a2-43c6-97d8-2fd380f065ef} - C:\Windows\system32\higehsg.dll (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Log Manager (McLogManagerService) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Task Scheduler (mctskshd.exe) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mctskshd.exe
O23 - Service: McAfee User Manager (mcusrmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
Duke Dukay is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 02-23-2007, 12:24 PM   #2 (permalink)
Registered User
 
Join Date: Feb 2007
Posts: 21
OS: Windows Vista (Home Premium)


I've been watching the other problems posted being actioned which really worries me - does this mean that my problem is not going to be easy to solve? This is a brand new setup - if I restore it back to the condition that it came out of the box will this solve the issue? Is this virus particularly dangerous?
Duke Dukay is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 02-25-2007, 02:21 AM   #3 (permalink)
Registered User
 
Join Date: Feb 2007
Posts: 21
OS: Windows Vista (Home Premium)


Stange things happening here. I logged on to the Internet yesterday and Windows defender picked up Zlob, which it removed. The messages warning about virus infections now seem to have stopped. Is this connected or could the virus still be sitting somewhere on my machine? Steve
Duke Dukay is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 02-27-2007, 02:09 PM   #4 (permalink)
Registered User
 
Join Date: Feb 2007
Posts: 21
OS: Windows Vista (Home Premium)


Any news on a solution? I've restored my computer back to the state just after I loaded the Netgear wireless driver but I would appreciate someone checking just to make sure that the virus is not sitting somewhere on my computer.
Duke Dukay is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 02-28-2007, 08:04 AM   #5 (permalink)
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
 
Ried's Avatar
 
Join Date: Jan 2005
Location: Ohio
Posts: 20,048
OS: WinXP and Vista


Hello Duke Dukay and welcome to TSF,

Our apologies for the delay but we're quite swamped here and there are only so many of us...

What you've been told is true--there aren't many tools that are compatible with Vista yet so cleaning infections can be difficult. Restoring your system was the easiest solution until such time that tools are made compatible.

Zlob is an alias for the Smitfraud infection. I'd like you do the following and we'll see if anything is still lurking about.

--------------------------------------------------------------

Please run this online scan to search for any remnants. It can take some time, so please be patient and allow it to run it's full course:

Perform an online scan with Internet Explorer with Panda ActiveScan
  1. Click on located at the bottom of the page.
  2. A "pop up" window will appear. * Please ensure that your pop up blocker doesn't block it *
  3. Enter your e-mail address, country, and state & click "Free Online Scan" *The download of the 8 MB Panda's ActiveX control will take place*
Begin the scan by selecting
  • If it finds any malware, it will offer you a report.
  • Please ignore any entry it finds and the offer to buy the program to remove the entry, as we will address this later.
  • Click on then click
* You needn't remain online while it's doing the scan but you have to re-connect after it has finished to see the report.
* Turn off the real time scanner of any existing antivirus program while performing the online scan

--------------------------------------------------------------------

Download ComboScan to your Desktop.Note: You must be logged onto an account with administrator privileges.
  1. Close all applications and windows.
  2. Double-click on comboscan.exe to run it, and follow the prompts.
  3. When the scan is complete, two text files will open - ComboScan.txt <- this one will be maximized and Supplementary.txt <-this one will be minimized
  4. Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of ComboScan.txt in your thread in the HijackThis Log Help Forum.
  5. Please attach Supplementary.txt to your post.
To attach a file to a new post, simply
  1. Click the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
  2. copy and paste the following into the "Upload File from your Computer" box:
    C:\ComboScanSupplementary.txt
  3. Click Upload.
__________________

Member of ASAP since 2005
Member of UNITE since 2006

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 02-28-2007, 01:27 PM   #6 (permalink)
Registered User
 
Join Date: Feb 2007
Posts: 21
OS: Windows Vista (Home Premium)


Ried - please don't apologise for the delay. I have been watching the site for 4 days and I cannot believe the number of queries posted. Whatever happens I will be making a donation but until I'm sure that some malfeasant won't steal my financial details, I'm hanging on! You're obviously doing a worthwhile job.
In trying to follow your instructions, I unfortunately fell at the first hurdle - Panda does not support Vista. Directions to another site, or a cosy asylum would be welcomed!

Steve
Last edited by Duke Dukay : 02-28-2007 at 01:30 PM. Reason: spelling mistake
Duke Dukay is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 02-28-2007, 01:38 PM   #7 (permalink)
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
 
Ried's Avatar
 
Join Date: Jan 2005
Location: Ohio
Posts: 20,048
OS: WinXP and Vista


Hi Steve,

Hmmm..I was hoping the online scanner would work since the Panda Anti Virus 2007 is compatible with Vista.

Sorry to put you through this, but you seem to be a 'guinea pig' here--terribly frustrating for you, I'm sure.

Let's try Kaspersky's online scanner. If it won't run either, then just proceed with ComobScan.exe and post those resultant logs.

Please perform an online scan with Internet Explorer at Kaspersky Online Scanner

Answer Yes, when prompted to install an ActiveX component.
  • The program will then begin downloading the latest definition files.
  • Once the files have been downloaded click on NEXT
  • Locate the Scan Settings button & configure to:
    • Scan using the following Anti-Virus database:
      • Extended
    • Scan Options:
      • Scan Archives
      • Scan Mail Bases
  • Click OK & have it scan My Computer
  • Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
  • Click the Save as Text button to save the file to your desktop so that you may post it in your next reply
__________________

Member of ASAP since 2005
Member of UNITE since 2006

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 02-28-2007, 02:19 PM   #8 (permalink)
Registered User
 
Join Date: Feb 2007
Posts: 21
OS: Windows Vista (Home Premium)


Had a bit of a problem downloading Kaspersky but it's in progress now. Definitely need to be put in the 'IT-challenged' class! Will post log as soon as it's finished.

Kaspersky failed to finish update - error message 'some components damaged or not present. Please reinstall application'. Update failed.

running Comboscan but when it tried to download HijackThis' my computer wouldn't allow the download.

Scans following immediately.
Last edited by Duke Dukay : 02-28-2007 at 02:38 PM. Reason: updated info
Duke Dukay is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 02-28-2007, 03:01 PM   #9 (permalink)
Registered User
 
Join Date: Feb 2007
Posts: 21
OS: Windows Vista (Home Premium)


Sorry - posted this on the quick reply and it didn't seem to get through. apparently there are too many 'images' on the message so sending it in as two attachments.
Attached Files
File Type: txt ComboScan.txt (26.4 KB, 0 views)
Duke Dukay is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 02-28-2007, 03:04 PM   #10 (permalink)
Registered User
 
Join Date: Feb 2007
Posts: 21
OS: Windows Vista (Home Premium)


Having problems with uploading the supplementary text. It keeps telling me that I have already attached this to the thread?
Duke Dukay is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 02-28-2007, 03:12 PM   #11 (permalink)
Registered User
 
Join Date: Feb 2007
Posts: 21
OS: Windows Vista (Home Premium)


I've split the text into two halves.

ComboScan v20070226.18 run by Steve on 2007-02-28 at 21:32:23
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Successfully created restore point.
Performed disk cleanup.


-- HijackThis Clone -------------------------------------------------------------

Emulating logfile of HijackThis v1.99.1
Scan saved at 2007-02-28 21:33:45
Platform: Windows Vista (6.00.6000)
MSIE: Internet Explorer (7.0.6000.16386)

Running processes:
C:\Windows\System32\dwm.exe
C:\Windows\explorer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\Windows\sttray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\McAfee\MSK\mskagent.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Windows\System32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\System32\taskeng.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Users\Steve\Desktop\comboscan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ig/dell?hl=e...uk&ibd=6070216
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=e...uk&ibd=6070216
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptcl.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\PhotoDownloader.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll
O18 - Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: DSBrokerService - "C:\Program Files\DellSupport\brkrsvc.exe"
O23 - Service: McAfee E-mail Proxy (Emproxy) - C:\Program Files\Common Files\McAfee\EmProxy\emproxy.exe
O23 - Service: GoogleDesktopManager - "C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe"
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - "C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"
O23 - Service: McAfee HackerWatch Service - "C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe"
O23 - Service: McAfee Update Manager (mcmispupdmgr) - C:\Program Files\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - C:\Program Files\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - "c:\program files\common files\mcafee\mna\mcnasvc.exe"
O23 - Service: McAfee Scanner (McODS) - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - C:\Program Files\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - C:\Program Files\Common Files\McAfee\RedirSvc\RedirSvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - C:\Program Files\McAfee\VirusScan\Mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - C:\Program Files\McAfee\VirusScan\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - "C:\Program Files\McAfee\MPF\MPFSrv.exe"
O23 - Service: McAfee Privacy Service (MPS9) - C:\Program Files\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - "C:\Program Files\McAfee\MSK\MskSrver.exe"
O23 - Service: ProtexisLicensing - C:\Windows\System32\PSIService.exe
O23 - Service: RoxMediaDB9 - "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe"
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe"
O23 - Service: SigmaTel Audio Service (STacSV) - C:\Program Files\SigmaTel\C-Major Audio\WDM\stacsv.exe
O23 - Service: stllssvr - "C:\Program Files\Common Files\SureThing Shared\stllssvr.exe"


-- File Associations ------------------------------------------------------------

.bat - batfile - "%1" %*
.chm - chm.file - "%SystemRoot%\hh.exe" %1
.cmd - cmdfile - "%1" %*
.com - comfile - "%1" %*
.exe - exefile - "%1" %*
.hlp - hlpfile - %SystemRoot%\winhlp32.exe %1
.inf - inffile - %SystemRoot%\system32\NOTEPAD.EXE %1
.ini - inifile - %SystemRoot%\system32\NOTEPAD.EXE %1
.js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - {00021401-0000-0000-C000-000000000046}
.pif - piffile - "%1" %*
.reg - regfile - regedit.exe "%1"
.scr - scrfile - "%1" /S
.txt - txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1
.vbs - VBSFile - "%SystemRoot%\System32\WScript.exe" "%1" %*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ----------------------

2R AegisP (AEGIS Protocol (IEEE 802.1x) v3.4.5.0) - C:\Windows\System32\drivers\AegisP.sys
2R DLABMFSM - C:\Windows\System32\DLA\DLABMFSM.SYS
2R DLABOIOM - C:\Windows\System32\DLA\DLABOIOM.SYS
1S DLACDBHM - C:\Windows\System32\drivers\DLACDBHM.SYS
2R DLADResM - C:\Windows\System32\DLA\DLADResM.SYS
2R DLAIFS_M - C:\Windows\System32\DLA\DLAIFS_M.SYS
2R DLAOPIOM - C:\Windows\System32\DLA\DLAOPIOM.SYS
2R DLAPoolM - C:\Windows\System32\DLA\DLAPoolM.SYS
1R DLARTL_M - C:\Windows\System32\drivers\DLARTL_M.SYS
2R DLAUDFAM - C:\Windows\System32\DLA\DLAUDFAM.SYS
2R DLAUDF_M - C:\Windows\System32\DLA\DLAUDF_M.SYS
0R DRVMCDB - C:\Windows\System32\drivers\DRVMCDB.SYS
2R DRVNDDM - C:\Windows\System32\drivers\DRVNDDM.SYS
3R DSproct - \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
2R dsunidrv - \??\C:\Program Files\DellSupport\Drivers\dsunidrv.sys
3R e1express (Intel(R) PRO/1000 PCI Express Network Connection Driver) - C:\Windows\System32\drivers\e1e6032.sys
3S HdAudAddService (Microsoft 1.1 UAA Function Driver for High Definition Audio Service) - C:\Windows\System32\drivers\HdAudio.sys
0R iaStor (Intel RAID Controller) - C:\Windows\System32\drivers\iaStor.sys
3R mfeavfk (McAfee Inc.) - C:\Windows\System32\drivers\mfeavfk.sys
3R mfebopk (McAfee Inc.) - C:\Windows\System32\drivers\mfebopk.sys
3R mfehidk (McAfee Inc.) - C:\Windows\System32\drivers\mfehidk.sys
3S mferkdk (McAfee Inc.) - C:\Windows\System32\drivers\mferkdk.sys
3S mfesmfk (McAfee Inc.) - C:\Windows\System32\drivers\mfesmfk.sys
1R MPFP - C:\Windows\System32\drivers\Mpfp.sys
3R nvlddmkm - C:\Windows\System32\drivers\nvlddmkm.sys
3S R300 - C:\Windows\System32\drivers\atikmdag.sys
3R RTLWUSB (NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver) - C:\Windows\System32\drivers\wg111v2.sys
3R STHDA (SigmaTel High Definition Audio CODEC) - C:\Windows\System32\drivers\stwrt.sys
3R USBSTOR (USB Mass Storage Driver) - C:\Windows\System32\drivers\USBSTOR.SYS
3R WUDFRd - C:\Windows\System32\drivers\WUDFRd.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

3S DSBrokerService - "C:\Program Files\DellSupport\brkrsvc.exe"
3S Emproxy (McAfee E-mail Proxy) - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
3S GoogleDesktopManager - "C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe"
2R IAANTMON (Intel(R) Matrix Storage Event Monitor) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
3S IDriverT (InstallDriver Table Manager) - "C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"
2R McAfee HackerWatch Service - "C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe"
3S mcmispupdmgr (McAfee Update Manager) - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
2R mcmscsvc (McAfee Services) - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
2R McNASvc (McAfee Network Agent) - "c:\program files\common files\mcafee\mna\mcnasvc.exe"
2R McODS (McAfee Scanner) - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
2R mcpromgr (McAfee Protection Manager) - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
2R McProxy (McAfee Proxy Service) - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
2R McRedirector (McAfee Redirector Service) - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
2R McShield (McAfee Real-time Scanner) - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
3S McSysmon (McAfee SystemGuards) - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
2R MpfService (McAfee Personal Firewall Service) - "C:\Program Files\McAfee\MPF\MPFSrv.exe"
2R MPS9 (McAfee Privacy Service) - C:\PROGRA~1\McAfee\MPS\mps.exe
2R MSK80Service (McAfee SpamKiller Service) - "C:\Program Files\McAfee\MSK\MskSrver.exe"
2R ProtexisLicensing - C:\Windows\system32\PSIService.exe
3R RoxMediaDB9 - "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe"
2R RoxWatch9 (Roxio Hard Drive Watcher 9) - "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe"
2R STacSV (SigmaTel Audio Service) - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
3S stllssvr - "C:\Program Files\Common Files\SureThing Shared\stllssvr.exe"
Duke Dukay is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 02-28-2007, 03:17 PM   #12 (permalink)
Registered User
 
Join Date: Feb 2007
Posts: 21
OS: Windows Vista (Home Premium)


Second half.

Sorry didn't like that either - I'll try three lots.

Didn't like that either - I'll try splitting it further

-- Scheduled Tasks --------------------------------------------------------------

2007-02-27 21:05:24 418 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{30A71660-D30C-499A-9ABE-60F9922FD1FE}.job<USER_F~1.JOB>


-- Files created between 2007-01-28 and 2007-02-28 ------------------------------



-- Find3M Report ----------------------------------------------------------------

2007-02-28 20:09:11 0 d-------- C:\Program Files\McAfee
2007-02-26 00:00:14 4388 --ahs---- C:\Windows\system32\KGyGaAvL.sys
2007-02-25 23:59:56 0 d-------- C:\Users\Steve\AppData\Roaming\Corel
2007-02-25 23:59:44 88 -r-hs---- C:\Windows\system32\8261342861.sys<826134~1.SYS>
2007-02-25 23:58:03 0 d-------- C:\Program Files\SpywareBot<SPYWAR~1>
2007-02-25 23:54:18 0 d-------- C:\Users\Steve\AppData\Roaming\SpywareBot<SPYWAR~1>
2007-02-25 18:17:17 0 d-------- C:\Program Files\Windows Mail<WINDOW~1>
2007-02-25 18:16:09 104448 --a------ C:\Windows\system32\DWWIN.EXE
2007-02-25 18:15:14 383488 --a------ C:\Windows\system32\ieapfltr.dll
2007-02-25 18:15:07 4153344 --a------ C:\Windows\system32\GameUXLegacyGDFs.dll
2007-02-25 18:15:06 1686016 --a------ C:\Windows\system32\gameux.dll
2007-02-25 18:15:00 974336 --a------ C:\Windows\system32\crypt32.dll
2007-02-25 16:10:39 0 d-------- C:\Users\Steve\AppData\Roaming\Media Center Programs<MEDIAC~1>
2007-02-24 20:10:14 0 d---s---- C:\Users\Steve\AppData\Roaming\Microsoft<MICROS~1>
2007-02-23 20:58:30 0 d-------- C:\Users\Steve\AppData\Roaming\Roxio
2007-02-23 13:27:54 0 d-------- C:\Program Files\Grisoft
2007-02-22 16:49:44 0 d-------- C:\Users\Steve\AppData\Roaming\McAfee
2007-02-20 22:25:09 0 d-------- C:\Users\Steve\AppData\Roaming\Macromedia<MACROM~1>
2007-02-20 22:24:54 0 d-------- C:\Users\Steve\AppData\Roaming\Google
2007-02-20 22:08:30 0 d-------- C:\Users\Steve\AppData\Roaming\InstallShield<INSTAL~1>
2007-02-20 20:54:37 0 d-------- C:\Program Files\MSXML 4.0<MSXML4~1.0>
2007-02-20 20:52:40 0 d-------- C:\Users\Steve\AppData\Roaming\GTek
2007-02-20 20:45:00 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-02-20 20:44:20 0 d-------- C:\Program Files\NETGEAR
2007-02-20 17:42:05 0 d-------- C:\Program Files\directx
2007-02-20 17:10:05 0 d-------- C:\Users\Steve\AppData\Roaming\Adobe
2007-02-20 13:23:03 0 d-------- C:\Users\Steve\AppData\Roaming\Identities<IDENTI~1>
2007-02-16 06:02:47 160872 --a------ C:\Windows\system32\halmacpi.dll
2007-02-16 06:02:47 134760 --a------ C:\Windows\system32\halacpi.dll
2007-02-16 06:02:37 287744 --a------ C:\Windows\system32\SearchIndexer.exe
2007-02-16 06:02:37 52224 --a------ C:\Windows\system32\msstrc.dll
2007-02-16 06:02:37 32256 --a------ C:\Windows\system32\mssprxy.dll
2007-02-16 06:02:37 98304 --a------ C:\Windows\system32\mssitlb.dll
2007-02-16 06:02:36 1499648 --a------ C:\Windows\system32\tquery.dll
2007-02-16 06:02:35 76288 --a------ C:\Windows\system32\SearchFilterHost.exe
Duke Dukay is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 02-28-2007, 03:22 PM   #13 (permalink)
Registered User
 
Join Date: Feb 2007
Posts: 21
OS: Windows Vista (Home Premium)


2007-02-16 06:02:35 331264 --a------ C:\Windows\system32\mssph.dll
2007-02-16 06:02:35 51200 --a------ C:\Windows\system32\msscntrs.dll
2007-02-16 06:02:35 23552 --a------ C:\Windows\system32\msscb.dll
2007-02-16 06:02:34 204288 --a------ C:\Windows\system32\SearchProtocolHost.exe
2007-02-16 06:02:34 65536 --a------ C:\Windows\system32\propdefs.dll
2007-02-16 06:02:34 1695232 --a------ C:\Windows\system32\mssvp.dll
2007-02-16 06:02:34 1397248 --a------ C:\Windows\system32\mssrch.dll
2007-02-16 06:02:34 158720 --a------ C:\Windows\system32\mssphtb.dll
2007-02-16 06:02:29 8704 --a------ C:\Windows\system32\hccoin.dll
2007-02-16 06:02:26 22632 --a------ C:\Windows\system32\streamci.dll
2007-02-15 22:25:01 0 d-------- C:\Program Files\Dell
2007-02-15 22:24:53 0 d-------- C:\Program Files\Tiscali
2007-02-15 22:24:52 0 d-------- C:\Program Files\MAKEMSI Package Documentation<MAKEMS~1>
2007-02-15 22:24:36 0 d-------- C:\Program Files\Orange
2007-02-15 22:23:31 0 d-------- C:\Program Files\Common Files\Adobe
2007-02-15 22:23:21 0 d-------- C:\Program Files\Microsoft Works<MICROS~2>
2007-02-15 22:22:57 0 d-------- C:\Program Files\Google
2007-02-15 22:22:06 0 d-------- C:\Program Files\BAE
2007-02-15 22:21:38 0 d-------- C:\Program Files\Common Files\McAfee
2007-02-15 22:21:08 0 d-------- C:\Program Files\McAfee.com
2007-02-15 22:20:58 0 d-------- C:\Program Files\DellSupport<DELLSU~1>
2007-02-15 22:20:45 0 d-------- C:\Program Files\Roxio
2007-02-15 22:19:56 0 d-------- C:\Program Files\Common Files\Sonic Shared<SONICS~1>
2007-02-15 22:19:11 0 d-------- C:\Program Files\Common Files\InstallShield<INSTAL~1>
2007-02-15 22:18:22 0 d-------- C:\Program Files\Common Files\SureThing Shared<SURETH~1>
2007-02-15 22:18:07 0 d-------- C:\Program Files\Common Files\Roxio Shared<ROXIOS~1>
2007-02-15 22:17:31 0 d-------- C:\Program Files\Common Files\Corel
2007-02-15 22:17:26 0 d-------- C:\Program Files\Corel
2007-02-15 22:14:50 0 d-------- C:\Program Files\Intel
2007-02-15 22:14:12 0 d-------- C:\Program Files\SigmaTel
2007-02-15 22:14:01 0 d-------- C:\Program Files\Java
2007-02-15 22:14:01 0 d-------- C:\Program Files\Common Files\Java
2006-12-19 22:06:32 2371584 --a------ C:\Windows\system32\nvwssr.dll
2006-12-19 22:06:32 2048000 --a------ C:\Windows\system32\nvwss.dll
2006-12-19 22:06:32 3338240 --a------ C:\Windows\system32\nvvitvsr.dll
2006-12-19 22:06:32 3321856 --a------ C:\Windows\system32\nvvitvs.dll
Duke Dukay is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 02-28-2007, 03:23 PM   #14 (permalink)
Registered User
 
Join Date: Feb 2007
Posts: 21
OS: Windows Vista (Home Premium)


2006-12-19 22