Welcome to Tech Support Forum home to more then 136,000 problems solved. Issues have included: Spyware, Malware, Virus Issues, Windows, Microsoft, Linux, Networking, Security, Hardware, and Gaming Getting your problem solved is as easy as:
1. Registering for a free account
2. Asking your question
3. Receiving an answer

Registered members:
* Get free support
* Communicate privately with other members (PM).
* Removal of this message
* See fewer ads.
* And much more..

 


Want to know how to post a question? click here Having problems with spyware and pop-ups? First Steps
Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Resolved HJT Threads
Reload this Page Pops ups, slowness, and the usual suspects
User Name
Password
Site Map Register Donate Rules Blogs Mark Forums Read


Resolved HJT Threads Resolved spyware and popup issues.

 
Page 1 of 2 1 2
 
LinkBack Thread Tools
Old 06-09-2008, 08:14 PM   #1 (permalink)
Registered User
 
Join Date: Jun 2008
Location: Nashville
Posts: 21
OS: XP


Pops ups, slowness, and the usual suspects
Hi. First time in the forum. Long time computer user, but in the same way that someone not very good at spelling might read a lot. In over my head here and need some help.

Got something going on. In prep to post to this forum I've run a hijack this log and also have one from the Panda Active scan. If the Pandaware is being truthful and not just trying to sell itself, then I've got a lot of stuff here that the freeware wouldn't take off.

The symptoms:
1. pop ups: Sometimes when I turn on the browser (IE), but if I go to surfing from one site to another always. Some of the culprits have been something calling itself PCPrivacyCleaner and a Windows IE box that appears with a message about WinAnonymous.

2. Slowness. I believe because the computer is slowing itself down trying to redirect from the site to which I navigated to something else.

3. C++: This one less often, but it does happen, and it's creepy. A windows IE Box pops up with the following in the header; MS Visual C++ Runtime Library Program C:\WIndows\Explorer.exe..............then, this message inside the box - A buffer overun has been detected which has corrupted the programs internal state. The program cannot safely continue execution and must now be terminated.

My hope is that if 1 and 2 are corrected, 3 will be as well. My belief that they are related is based on the fact that I never saw either before two days ago.

Below is my Hijack this log and the Panda Activescan log after that. Thanks for any advice.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:37:20 PM, on 6/8/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Google\Googl e Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Documents and Settings\Christopher\Local Settings\Application Data\VTShared\GCNotifier.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C: \WINDOWS\system32\rundll32.exe
c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\TiVo\Desktop\TiVoNotify.exe
C:\Program Files\TiVo\Desktop\TiVoServer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\ehome\RMSysTry.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Progr am Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\Messenger\msmsgs.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe
C:\WINDOWS\ehome\McrdSvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Fi les\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehom e\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSSched uler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Component Manager] "C :\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [fmxojmbi] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\fmxojmbi.dll"
O4 - HKLM\..\Run: [BluetoothAuthorizationAgent] C:\WINDOWS\system32\BluetoothAuthorizationAgent.exe
O4 - HKLM\..\Run: [gcNotifier] C:\Documents and Settings\Christopher\Lo cal Settings\Application Data\VTShared\GCNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [b8cfdbe8] rundll32.exe "C:\WINDOWS\system32\monlfltd.dll",b
O4 - HKLM\..\Run: [BMbbfce874] Rundll32.exe "C:\WINDOWS\system32\fncmfeqp.dll",s
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Prog ram Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [TivoTransfer] "C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe" /service /registry /auto:TivoTransfer
O4 - HKCU\..\Run: [TivoNotify] "C:\Program Files\TiVo\Desktop\TiVoNotify.exe" /service /registry /auto:TivoNotify
O4 - HKCU\..\Run: [TivoServer] "C:\Program Files\TiVo\Desktop\TiVoServer.exe" /service /registry /auto:TivoServer
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Extender Resource Monitor.lnk = C:\WINDOWS\ehome\RMSysTry.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll< BR>O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http:// lads.myspace.com/upload/MySpaceUploader.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/...oUploader3.cab
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/...dsolutions.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
O16 - DPF: {B0C45AFD-2802-4285-BE1F-714C50FEE6D9} (HprmfPCFileCtrl1 Class) - file://D:\ALBUMS\ALBUM_A\PLUGIN\HPRMFFC.CAB
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30155.www3.hp.com/ediags/hpf...qdiagh.cab?326
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program F iles\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfServi ce) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: TiVo Beacon (TivoBeacon2) - TiVo Inc. - C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe
--
End of file - 15479 bytes

_______________________________________________________________
MALWARE: 88
SUSPECTS: 1
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
McAfee VirusScan Yes No
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@trafficmp[2].txt
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.trafficmp.com/]
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.trafficmp.com/]
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.trafficmp.com/]
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.trafficmp.com/]
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.trafficmp.com/]
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@trafficmp[2].txt
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@casalemedia[1].txt
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@casalemedia[1].txt
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.casalemedia.com/]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@doubleclick[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Application Data\Mozilla\Firefox\Profiles\ewg9gprc.default\cookies.txt[.doubleclick.net/]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.doubleclick.net/]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@doubleclick[1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Application Data\Mozilla\Firefox\Profiles\ewg9gprc.default\cookies.txt[.atdmt.com/]
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.atdmt.com/]
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@atdmt[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@atdmt[2].txt
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@247realmedia[1].txt
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Application Data\Mozilla\Firefox\Profiles\ewg9gprc.default\cookies.txt[.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Application Data\Mozilla\Firefox\Profiles\ewg9gprc.default\cookies.txt[.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@247realmedia[1].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@fastclick[2].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Application Data\Mozilla\Firefox\Profiles\ewg9gprc.default\cookies.txt[.fastclick.net/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.tribalfusion.com/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@tribalfusion[2].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@tribalfusion[2].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.mediaplex.com/]
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@mediaplex[1].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@mediaplex[1].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.mediaplex.com/]
00145881 Cookie/NewMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@anm.co[1].txt
00145881 Cookie/NewMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.anm.co.uk/]
00147796 Cookie/Entrepreneur TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@entrepreneur[2].txt
00149116 Cookie/Ccbill TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@ccbill[2].txt
00149116 Cookie/Ccbill TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@ccbill[2].txt
00149116 Cookie/Ccbill TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@ccbill[1].txt
00152401 Cookie/Belnk TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@belnk[1].txt
00159564 Cookie/WUpd TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@revenue[2].txt
00162730 Cookie/Belnk TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@dist.belnk[2].txt
00162900 Cookie/MediaTickets TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@kinghost[1].txt
00162900 Cookie/MediaTickets TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.kinghost.com/]
00162900 Cookie/MediaTickets TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@kinghost[2].txt
00167430 Cookie/myaffiliateprogram TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@www.myaffiliateprogram[2].txt
00167647 Cookie/Yadro TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.yadro.ru/]
00167647 Cookie/Yadro TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@yadro[2].txt
00167659 Cookie/TeensForCash TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@teensforcash[2].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@xiti[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.xiti.com/]
00167744 Cookie/GoStats TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@gostats[2].txt
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@azjmp[2].txt
00167749 Cookie/Toplist TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@toplist[3].txt
00167749 Cookie/Toplist TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.toplist.cz/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@statcounter[1].txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.statcounter.com/]
00167758 Cookie/Barelylegal TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@c.fsx[1].txt
00167770 Cookie/Sextracker TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@counter15.sextracker[1].txt
00167774 Cookie/web-stat TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@www.web-stat[1].txt
00168048 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.perf.overture.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Application Data\Mozilla\Firefox\Profiles\ewg9gprc.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Application Data\Mozilla\Firefox\Profiles\ewg9gprc.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@ad.yieldmanager[2].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Application Data\Mozilla\Firefox\Profiles\ewg9gprc.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@ad.yieldmanager[1].txt
00168058 Cookie/Sextracker TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@counter4.sextracker[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@apmebf[2].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.apmebf.com/]
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@burstnet[2].txt
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@burstnet[1].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.serving-sys.com/]
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.bs.serving-sys.com/]
00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@www.burstbeacon[2].txt
00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@www.burstbeacon[1].txt
00168100 Cookie/TeensForCash TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@www.teensforcash[2].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Application Data\Mozilla\Firefox\Profiles\ewg9gprc.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@advertising[1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@advertising[1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Application Data\Mozilla\Firefox\Profiles\ewg9gprc.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Application Data\Mozilla\Firefox\Profiles\ewg9gprc.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Application Data\Mozilla\Firefox\Profiles\ewg9gprc.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Application Data\Mozilla\Firefox\Profiles\ewg9gprc.default\cookies.txt[.advertising.com/]
00169286 Cookie/Sextracker TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@sextracker[2].txt
00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@media.adrevolver[3].txt
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[statse.webtrendslive.com/]
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.statse.webtrendslive.com/]
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Application Data\Mozilla\Firefox\Profiles\ewg9gprc.default\cookies.txt[statse.webtrendslive.com/]
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@statse.webtrendslive[2].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@ads.pointroll[1].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@ads.pointroll[1].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.ads.pointroll.com/]
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.overture.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@realmedia[1].txt
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@realmedia[1].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@questionmarket[1].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@questionmarket[1].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Application Data\Mozilla\Firefox\Profiles\ewg9gprc.default\cookies.txt[.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@zedo[1].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Application Data\Mozilla\Firefox\Profiles\ewg9gprc.default\cookies.txt[.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@zedo[1].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.bluestreak.com/]
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@bluestreak[1].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@bluestreak[1].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Application Data\Mozilla\Firefox\Profiles\ewg9gprc.default\cookies.txt[.bluestreak.com/]
00175950 Cookie/cs.sexcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.cs.sexcounter.com/]
00175950 Cookie/cs.sexcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.cs.sexcounter.com/]
00175950 Cookie/cs.sexcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.cs.sexcounter.com/]
00175950 Cookie/cs.sexcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.cs.sexcounter.com/]
00175950 Cookie/cs.sexcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.cs.sexcounter.com/]
00175950 Cookie/cs.sexcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.cs.sexcounter.com/]
00180246 Cookie/XXXCounter TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@xxxcounter[2].txt
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Application Data\Mozilla\Firefox\Profiles\ewg9gprc.default\cookies.txt[.adrevolver.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@adrevolver[2].txt
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@adrevolver[2].txt
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.adrevolver.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@adultfriendfinder[1].txt
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@go[1].txt
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@go[2].txt
00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@searchportal.information[1].txt
00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.target.com/]
00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.target.com/]
00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@target[1].txt
00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@did-it[2].txt
00249100 Cookie/Cgi-bin TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@www2.addfreestats[2].txt
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.atwola.com/]
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@atwola[2].txt
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@atwola[1].txt
00262024 Cookie/ErrorSafe TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@www.errorsafe[1].txt
00262025 Cookie/ErrorSafe TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@errorsafe[1].txt
00286732 Cookie/Cgi-bin TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@www3.addfreestats[2].txt
00286736 Cookie/Cgi-bin TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@cgi-bin[1].txt
00286738 Cookie/Cgi-bin TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@cgi-bin[10].txt
00286739 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.ehg-dig.hitbox.com/]
00286739 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Application Data\Mozilla\Firefox\Profiles\ln4kqyso.default\cookies.txt[.ehg-dig.hitbox.com/]
00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@ads.addynamix[2].txt
01196325 Cookie/Enhance TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@enhance[1].txt
01744933 Cookie/VirusProtectPro TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@www.virusprotectpro[2].txt
02164907 Generic Malware Virus/Trojan No 0 Yes Yes C:\Program Files\DIGStream\digstream.exe
02885950 Adware/UltimateDefender Adware No 0 Yes No C:\Program Files\xloader30029.exe
02887528 Cookie/AdvancedCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@advancedcleaner[1].txt
02893600 Adware/WinAntiVirus2007 Adware No 0 Yes No C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/trayicon.exe]
02893600 Adware/WinAntiVirus2007 Adware No 0 Yes No C:\Documents and Settings\Chelle\Local Settings\Temp\chekdsk.exe
02893600 Adware/WinAntiVirus2007 Adware No 0 Yes No C:\Documents and Settings\Christopher\wn852.exe
02893979 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/avp.exe]
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\21919468.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\9864609.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/mgrs.exe]
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\21860625.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\21796609.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\21733734.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\21671093.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\21608953.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\21546437.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\21482875.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\21418859.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\21356031.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\21293640.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\21230765.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\9929968.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\21104359.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\20977859.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\20915421.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\20852859.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\20789625.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\20726734.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\20663640.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\20600703.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\20538234.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\20476484.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\20414390.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\20351390.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\20289656.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\20227515.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\20165546.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\20102531.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\20040687.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\19978265.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\21167515.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\19916984.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\19854546.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\19791953.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\19729546.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10037734.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10099031.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10161109.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10161718.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10222453.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10223453.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10282687.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10285312.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10342875.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10347187.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10403093.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10408437.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10463343.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10470218.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10523609.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10532484.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10583859.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10593906.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10644296.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10655656.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10704546.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10717625.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10764796.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10779609.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10825109.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10841828.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10885390.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10903703.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10945687.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\10965500.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11006078.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11027437.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11066390.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11089062.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11126750.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11151437.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11187031.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11213828.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11247406.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11275921.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11307875.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11337718.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11368359.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11399515.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11428718.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11461562.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11489359.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11523781.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11549750.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11585468.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11610406.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11647578.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11670765.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11709078.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11731343.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11791828.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11852234.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11912953.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\11973765.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\12034281.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\12094781.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\12155359.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\12215875.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\12276609.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\12337484.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\12398203.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\12458875.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\12519750.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\12580500.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\12641250.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\12701750.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\12762453.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\12823484.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\12884234.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\12944734.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\13005015.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\13065328.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\13125843.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\13187093.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\13248078.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\13308828.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\13369687.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\13430656.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\13491546.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\13552390.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\13613187.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\13674484.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\13735375.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\13796890.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\13857953.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\13919312.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\13980531.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\14041531.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\14102406.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\14163062.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\14224000.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\14284937.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\14345984.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\14407421.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\14468890.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\14530203.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\14591343.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\14652562.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\14713734.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\14775187.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\14836546.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\14897906.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\14958859.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\15020078.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\15081625.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\15142937.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\15204078.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\15265343.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\15326718.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\15387765.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\15448781.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\15509953.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\15570859.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\15632234.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\15693656.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\15756078.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\15817187.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\15879234.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\15941046.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\16002718.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\16065312.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\16127125.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\16188796.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\16250015.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\16311328.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\16372812.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\16434625.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\16496640.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\16559375.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\16621078.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\16682468.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\16744265.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\16806015.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\16867765.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\16929531.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\16991796.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\17053406.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\17115531.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\17177093.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\17239421.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\17301187.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\17362968.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\17424515.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\17486640.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\17548515.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\17610921.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\17673500.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\17736171.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\17798359.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\17860421.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\17922343.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\17984078.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\18046171.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\18109140.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\18170906.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\18233328.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\18295609.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\18357828.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\18419656.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\18481671.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\18543484.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\18605640.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\18668031.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\18730218.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\18792484.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\18855218.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\18916968.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\18979281.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\19042578.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\19105203.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\19167531.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\19230031.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\19292515.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\19355125.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\19417234.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\19479921.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\19541796.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\19604250.exe
02893980 Trj/Clicker.AIB Virus/Trojan No 1 Yes Yes C:\Program Files\19667375.exe
02896691 Adware/BHO Adware No 0 Yes No C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/windsk.dll]
02899042 Trj/Agent.HYM Virus/Trojan No 0 Yes Yes C:\WINDOWS\Installer\{9c6cc8ca-c6cd-404c-a987-d0e5124aad8c}\AvpRunOnce.dll
02899065 Adware/UltimateCleaner Adware No 1 Yes No C:\Program Files\21901437.exe
02899065 Adware/UltimateCleaner Adware No 1 Yes No C:\Documents and Settings\Chelle\Local Settings\Temporary Internet Files\Content.IE5\4XER0X27\1202187964[1].exe
02899384 Trj/Downloader.SMD Virus/Trojan No 1 Yes Yes C:\Documents and Settings\Chelle\Local Settings\Temporary Internet Files\Content.IE5\0X2V012Z\1202188017[1].exe
02899396 Trj/DNSChanger.AHD Virus/Trojan No 0 Yes Yes C:\WINDOWS\Installer\{5e6fe06e-8ec3-472c-b364-227326a89f0d}\zip.dll
02899439 Adware/DriveCleaner Adware No 0 Yes No C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp58844921.exe]
02899439 Adware/DriveCleaner Adware No 0 Yes No C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp58844875.exe]
02899439 Adware/DriveCleaner Adware No 0 Yes No C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp58844828.exe]
02899439 Adware/DriveCleaner Adware No 0 Yes No C:\Program Files\9508234.exe
02899439 Adware/DriveCleaner Adware No 0 Yes No C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp78181328.exe]
02899439 Adware/DriveCleaner Adware No 0 Yes No C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/monmon.exe]
02899552 Adware/UltimateCleaner Adware No 1 Yes No C:\Documents and Settings\Chelle\Local Settings\Temporary Internet Files\Content.IE5\9KSRP1W5\exe6000v14[1].exe
02900046 Adware/SystemDefender Adware No 0 Yes No C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp9522281.exe]
02900046 Adware/SystemDefender Adware No 0 Yes No C:\Program Files\9521234.exe
02900046 Adware/SystemDefender Adware No 0 Yes No C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp139218.exe]
02900046 Adware/SystemDefender Adware No 0 Yes No C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp339875.exe]
02900046 Adware/SystemDefender Adware No 0 Yes No C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp140296.exe]
02902851 Adware/SystemDefender Adware No 0 Yes No C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp320375.exe]
02902851 Adware/SystemDefender Adware No 0 Yes No C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp18814812.exe]
02902851 Adware/SystemDefender Adware No 0 Yes No C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp1620984.exe]
02902851 Adware/SystemDefender Adware No 0 Yes No C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp1620968.exe]
02902851 Adware/SystemDefender Adware No 0 Yes No C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp24925687.exe]
02902851 Adware/SystemDefender Adware No 0 Yes No C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp24180859.exe]
02902851 Adware/SystemDefender Adware No 0 Yes No C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp85541109.exe]
02902851 Adware/SystemDefender Adware No 0 Yes No C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp139093.exe]
02902851 Adware/SystemDefender Adware No 0 Yes No C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp320359.exe]
02903271 Adware/OuterInfo Adware No 0 Yes No C:\Program Files\WіnSxS\userinit.exe
02904069 Adware/Yazzle Adware No 0 Yes No C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/Yazzle2181OinAdmin.exe]
02904712 Application/SystemDefender HackTools No 0 Yes No C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/udefender_setup.exe]
02907851 Adware/BaiduBar Adware No 0 Yes No C:\Program Files\IE Extensions\cj.v2.dll
02909975 Cookie/CookingLuck TrackingCookie No 0 Yes No C:\Documents and Settings\Chelle\Cookies\chelle@cookingluck[2].txt
02909975 Cookie/CookingLuck TrackingCookie No 0 Yes No C:\Documents and Settings\Christopher\Cookies\christopher@cookingluck[1].txt
02920226 Adware/E404 Adware No 0 Yes No C:\Program Files\Trend Micro\HijackThis\backups\backup-20080228-221116-110.dll
02922551 Generic Trojan Virus/Trojan No 0 Yes Yes C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/ucleaner_setup.exe]
02929371 Trj/Downloader.TKW Virus/Trojan No 0 Yes Yes C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp13353656.exe]
02929371 Trj/Downloader.TKW Virus/Trojan No 0 Yes Yes C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp13595562.exe]
02929371 Trj/Downloader.TKW Virus/Trojan No 0 Yes Yes C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp129515.exe]
02929371 Trj/Downloader.TKW Virus/Trojan No 0 Yes Yes C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp1955625.exe]
02929371 Trj/Downloader.TKW Virus/Trojan No 0 Yes Yes C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp1956656.exe]
02929371 Trj/Downloader.TKW Virus/Trojan No 0 Yes Yes C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp252078.exe]
02929371 Trj/Downloader.TKW Virus/Trojan No 0 Yes Yes C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp102989218.exe]
02929371 Trj/Downloader.TKW Virus/Trojan No 0 Yes Yes C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp102992875.exe]
02929371 Trj/Downloader.TKW Virus/Trojan No 0 Yes Yes C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp129484.exe]
02929371 Trj/Downloader.TKW Virus/Trojan No 0 Yes Yes C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp268718.exe]
02929371 Trj/Downloader.TKW Virus/Trojan No 0 Yes Yes C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp1955609.exe]
02929371 Trj/Downloader.TKW Virus/Trojan No 0 Yes Yes C:\Documents and Settings\Christopher\Desktop\SDFix\backups_old1\backups.zip[backups/tmp129500.exe]
02990293 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\kjebrmqn.exe
xtopherp is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here

Old 06-12-2008, 08:18 PM   #2 (permalink)
Registered User
 
Join Date: Jun 2008
Location: Nashville
Posts: 21
OS: XP


Re: Pops ups, slowness, and the usual suspects
Bump Please
xtopherp is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-12-2008, 10:11 PM   #3 (permalink)
Analyst, Security Team
 
forhockey's Avatar
 
Join Date: Sep 2006
Location: Ontario, Canada
Posts: 2,931
OS: Windows 7 Ultimate


Re: Pops ups, slowness, and the usual suspects
Hi xtopherp,

Sorry for the delay in looking into your log, as we are extremely busy in this section of the forums. If you still require assistance and are not seeking help elsewhere, then please carry out my instructions.

Please subscribe to this thread so that you are notified when you receive a reply. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Add Subscription.

--------------------------------------------------------------

Please visit this webpage for instructions for downloading and running ComboFix:

http://www.bleepingcomputer.com/comb...o-use-combofix


IMPORTANT: Make sure you install the Recovery Console before running ComboFix.

Reply back with the following:
  • C:\ComboFix.txt
  • New HiJackThis Log
__________________


Proud Member of ASAP
Proud Member of UNITE

Keep this forum alive - if you've been helped at this forum, please do consider a donation. Thank you for your support.

Donation link for Tech Support Forum
forhockey is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-13-2008, 10:13 PM   #4 (permalink)
Registered User
 
Join Date: Jun 2008
Location: Nashville
Posts: 21
OS: XP


Re: Pops ups, slowness, and the usual suspects
Thank you. Here they are. Whatever has been done so far by Combofix, my ability just to get to this forum went unimpeded by any intruding pop-up, which hasn't been the case in day:

HJT LOG
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:08:45 PM, on 6/13/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Documents and Settings\Christopher\Local Settings\Application Data\VTShared\GCNotifier.exe
c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe
C:\Program Files\TiVo\Desktop\TiVoNotify.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\ehome\RMSysTry.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\TiVo\Desktop\TiVoServer.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - (no file)
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: (no name) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - (no file)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [gcNotifier] C:\Documents and Settings\Christopher\Local Settings\Application Data\VTShared\GCNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [TivoTransfer] "C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe" /service /registry /auto:TivoTransfer
O4 - HKCU\..\Run: [TivoNotify] "C:\Program Files\TiVo\Desktop\TiVoNotify.exe" /service /registry /auto:TivoNotify
O4 - HKCU\..\Run: [TivoServer] "C:\Program Files\TiVo\Desktop\TiVoServer.exe" /service /registry /auto:TivoServer
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Extender Resource Monitor.lnk = C:\WINDOWS\ehome\RMSysTry.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/...oUploader3.cab
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/...dsolutions.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
O16 - DPF: {B0C45AFD-2802-4285-BE1F-714C50FEE6D9} (HprmfPCFileCtrl1 Class) - file://D:\ALBUMS\ALBUM_A\PLUGIN\HPRMFFC.CAB
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30155.www3.hp.com/ediags/hpf...qdiagh.cab?326
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: TiVo Beacon (TivoBeacon2) - TiVo Inc. - C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe

--
End of file - 14187 bytes






COMBOFIX LOG
ComboFix 08-06-12.2 - Christopher 2008-06-13 22:22:48.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.478 [GMT -5:00]
Running from: C:\Documents and Settings\Christopher\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\IE Extensions
C:\Program Files\SysCleaner
C:\Program Files\wnsxs~1
C:\Program Files\wnsxs~1\userinit.exe
C:\Program Files\wnsxs~1\W?nSxS\
C:\WINDOWS\BMbbfce874.xml
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\aeeayphj.dll
C:\WINDOWS\system32\bwrbnblj.dll
C:\WINDOWS\system32\cbXOHYrO.dll
C:\WINDOWS\system32\dbghtsdv.dll
C:\WINDOWS\system32\mlJCsqRl.dll
C:\WINDOWS\system32\mlJYrqRh.dll
C:\WINDOWS\system32\noxrleda.dll
C:\WINDOWS\system32\pajtudhk.ini
C:\WINDOWS\system32\sfmdboup.ini
C:\WINDOWS\system32\uibhfxwy.dll
C:\WINDOWS\system32\urqRLbyx.dll
C:\WINDOWS\system32\xybLRqru.ini
C:\WINDOWS\system32\xybLRqru.ini2
C:\WINDOWS\system32\ywxfhbiu.ini

.
((((((((((((((((((((((((( Files Created from 2008-05-14 to 2008-06-14 )))))))))))))))))))))))))))))))
.

2008-06-13 22:35 . 2008-06-13 22:35 <DIR> d-------- C:\WINDOWS\LastGood
2008-06-12 21:09 . 2008-06-12 21:09 <DIR> d-------- C:\Program Files\SpywareBlaster
2008-06-12 20:32 . 2008-06-12 20:32 <DIR> d-------- C:\Program Files\XviD
2008-06-12 20:32 . 2008-06-12 20:32 <DIR> d-------- C:\Program Files\Viewpoint
2008-06-12 20:32 . 2008-06-12 20:32 <DIR> d-------- C:\Program Files\TorrentMan
2008-06-12 20:32 . 2008-06-12 20:32 <DIR> d-------- C:\Program Files\NetWaiting
2008-06-12 20:32 . 2008-06-12 20:32 <DIR> d-------- C:\Program Files\EarthLink Setup
2008-06-12 20:32 . 2008-06-12 20:32 <DIR> d-------- C:\Program Files\Digital Line Detect
2008-06-09 20:36 . 2008-06-09 20:36 <DIR> d-------- C:\ie-spyad_zo
2008-06-09 18:53 . 2008-06-09 18:53 <DIR> d-------- C:\Program Files\Panda Security
2008-06-07 17:57 . 2008-06-07 17:57 <DIR> d-------- C:\Documents and Settings\Christopher\Application Data\Nero
2008-06-07 17:53 . 2008-06-07 17:53 <DIR> d-------- C:\Program Files\Nero
2008-06-07 17:53 . 2008-06-12 20:33 <DIR> d-------- C:\Program Files\Common Files\Nero
2008-06-07 17:53 . 2008-06-12 20:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-06-07 16:54 . 2008-06-08 19:32 <DIR> d-------- C:\Program Files\Conduit
2008-06-07 15:36 . 2008-06-07 15:36 <DIR> d-------- C:\Program Files\DVD Shrink
2008-06-07 15:36 . 2008-06-07 16:20 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-06-05 22:11 . 2008-06-05 22:11 <DIR> d-------- C:\TN Intl Pageant
2008-06-05 22:09 . 2008-06-05 22:09 641,021 --a------ C:\WINDOWS\unins000.exe
2008-06-05 22:09 . 2004-07-26 12:12 187,904 --a------ C:\WINDOWS\system32\Lame.exe
2008-06-05 22:09 . 2004-07-26 12:12 166,912 --a------ C:\WINDOWS\system32\Lame_enc.dll
2008-06-05 22:09 . 1999-09-10 12:06 45,056 --a------ C:\WINDOWS\system32\WNASPI32.DLL
2008-06-05 22:09 . 1999-09-10 12:06 25,244 --a------ C:\WINDOWS\system32\drivers\ASPI32.SYS
2008-06-05 22:09 . 1999-09-10 12:06 5,600 --a------ C:\WINDOWS\system\WINASPI.DLL
2008-06-05 22:09 . 1999-09-10 12:06 4,672 --a------ C:\WINDOWS\system\WOWPOST.EXE
2008-06-05 21:55 . 2008-06-05 21:55 <DIR> d-------- C:\Documents and Settings\Christopher\Application Data\DivX
2008-06-05 21:43 . 2008-06-07 10:08 <DIR> d-------- C:\Program Files\DivX
2008-06-05 21:33 . 2008-06-05 21:36 <DIR> d-------- C:\DECCHECK
2008-06-02 18:05 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-05-31 16:10 . 2008-05-31 16:10 <DIR> d-------- C:\Program Files\Sony Online Entertainment
2008-05-22 17:19 . 2008-05-22 17:19 161,096 --a------ C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-05-19 23:19 . 2008-05-19 23:19 <DIR> d-------- C:\Program Files\Apple Software Update
2008-05-17 22:47 . 2008-05-17 22:47 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\EscapeTheMuseum

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-13 01:49 --------- d-----w C:\Program Files\Roxio
2008-06-13 01:32 --------- d-----w C:\Program Files\Common Files\Sonic Shared
2008-06-11 02:56 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-11 01:45 --------- d-----w C:\Program Files\Comcast Play Games
2008-06-11 01:45 --------- d-----w C:\Program Files\Chill
2008-06-10 01:31 --------- d-----w C:\Program Files\DIGStream
2008-06-08 23:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-06-08 22:05 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-02 23:05 --------- d-----w C:\Program Files\Java
2008-05-25 15:33 --------- d-----w C:\Documents and Settings\Christopher\Application Data\Apple Computer
2008-05-22 22:22 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys
2008-05-20 04:20 --------- d-----w C:\Program Files\Safari
2008-05-20 03:15 --------- d-----w C:\Program Files\PokerStars
2008-05-14 03:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\MonteCristo
2008-02-25 16:52 31,744 ----a-w C:\Program Files\xloader30029.exe
2008-02-15 01:13 10,752 ----a-w C:\Program Files\11709078.exe
2008-02-15 01:12 10,752 ----a-w C:\Program Files\11647578.exe
2008-02-15 01:11 10,752 ----a-w C:\Program Files\11585468.exe
2008-02-15 01:10 10,752 ----a-w C:\Program Files\11523781.exe
2008-02-15 01:09 10,752 ----a-w C:\Program Files\11461562.exe
2008-02-15 01:08 10,752 ----a-w C:\Program Files\11399515.exe
2008-02-15 01:07 10,752 ----a-w C:\Program Files\11337718.exe
2008-02-15 01:06 10,752 ----a-w C:\Program Files\11275921.exe
2008-02-15 01:05 10,752 ----a-w C:\Program Files\11213828.exe
2008-02-15 01:04 10,752 ----a-w C:\Program Files\11151437.exe
2008-02-15 01:03 10,752 ----a-w C:\Program Files\11089062.exe
2008-02-15 01:02 10,752 ----a-w C:\Program Files\11027437.exe
2008-02-15 01:01 10,752 ----a-w C:\Program Files\10965500.exe
2008-02-15 01:00 10,752 ----a-w C:\Program Files\10903703.exe
2008-02-15 00:59 10,752 ----a-w C:\Program Files\10841828.exe
2008-02-15 00:58 10,752 ----a-w C:\Program Files\10779609.exe
2008-02-15 00:57 10,752 ----a-w C:\Program Files\10717625.exe
2008-02-15 00:56 10,752 ----a-w C:\Program Files\10655656.exe
2008-02-15 00:55 10,752 ----a-w C:\Program Files\10593906.exe
2008-02-15 00:54 10,752 ----a-w C:\Program Files\10532484.exe
2008-02-15 00:53 10,752 ----a-w C:\Program Files\10470218.exe
2008-02-15 00:52 10,752 ----a-w C:\Program Files\10408437.exe
2008-02-15 00:51 10,752 ----a-w C:\Program Files\10347187.exe
2008-02-15 00:50 10,752 ----a-w C:\Program Files\10285312.exe
2008-02-15 00:49 10,752 ----a-w C:\Program Files\10223453.exe
2008-02-15 00:48 10,752 ----a-w C:\Program Files\10161109.exe
2008-02-15 00:47 10,752 ----a-w C:\Program Files\10099031.exe
2008-02-15 00:46 10,752 ----a-w C:\Program Files\10037734.exe
2008-02-15 00:44 10,752 ----a-w C:\Program Files\9929968.exe
2008-02-15 00:43 10,752 ----a-w C:\Program Files\9864609.exe
2008-02-15 00:37 12,288 ----a-w C:\Program Files\9521234.exe
2008-02-15 00:37 10,240 ----a-w C:\Program Files\9508234.exe
2008-02-05 05:06 11,776 ----a-w C:\Program Files\21901437.exe
2008-02-05 05:06 10,752 ----a-w C:\Program Files\21919468.exe
2008-02-05 05:05 10,752 ----a-w C:\Program Files\21860625.exe
2008-02-05 05:04 10,752 ----a-w C:\Program Files\21796609.exe
2008-02-05 05:03 10,752 ----a-w C:\Program Files\21733734.exe
2008-02-05 05:02 10,752 ----a-w C:\Program Files\21671093.exe
2008-02-05 05:01 10,752 ----a-w C:\Program Files\21608953.exe
2008-02-05 05:00 10,752 ----a-w C:\Program Files\21546437.exe
2008-02-05 04:59 10,752 ----a-w C:\Program Files\21482875.exe
2008-02-05 04:58 10,752 ----a-w C:\Program Files\21418859.exe
2008-02-05 04:56 10,752 ----a-w C:\Program Files\21356031.exe
2008-02-05 04:55 10,752 ----a-w C:\Program Files\21293640.exe
2008-02-05 04:54 10,752 ----a-w C:\Program Files\21230765.exe
2008-02-05 04:53 10,752 ----a-w C:\Program Files\21167515.exe
2008-02-05 04:52 10,752 ----a-w C:\Program Files\21104359.exe
2008-02-05 04:50 10,752 ----a-w C:\Program Files\20977859.exe
2008-02-05 04:49 10,752 ----a-w C:\Program Files\20915421.exe
2008-02-05 04:48 10,752 ----a-w C:\Program Files\20852859.exe
2008-02-05 04:47 10,752 ----a-w C:\Program Files\20789625.exe
2008-02-05 04:46 10,752 ----a-w C:\Program Files\20726734.exe
2008-02-05 04:45 10,752 ----a-w C:\Program Files\20663640.exe
2008-02-05 04:44 10,752 ----a-w C:\Program Files\20600703.exe
2008-02-05 04:43 10,752 ----a-w C:\Program Files\20538234.exe
2008-02-05 04:42 10,752 ----a-w C:\Program Files\20476484.exe
2008-02-05 04:41 10,752 ----a-w C:\Program Files\20414390.exe
2008-02-05 04:40 10,752 ----a-w C:\Program Files\20351390.exe
2008-02-05 04:39 10,752 ----a-w C:\Program Files\20289656.exe
2008-02-05 04:38 10,752 ----a-w C:\Program Files\20227515.exe
2008-02-05 04:37 10,752 ----a-w C:\Program Files\20165546.exe
2008-02-05 04:36 10,752 ----a-w C:\Program Files\20102531.exe
2008-02-05 04:35 10,752 ----a-w C:\Program Files\20040687.exe
2008-02-05 04:34 10,752 ----a-w C:\Program Files\19978265.exe
2008-02-05 04:32 10,752 ----a-w C:\Program Files\19916984.exe
2008-02-05 04:31 10,752 ----a-w C:\Program Files\19854546.exe
2008-02-05 04:30 10,752 ----a-w C:\Program Files\19791953.exe
2008-02-05 04:29 10,752 ----a-w C:\Program Files\19729546.exe
2008-02-05 04:28 10,752 ----a-w C:\Program Files\19667375.exe
2008-02-05 04:27 10,752 ----a-w C:\Program Files\19604250.exe
2008-02-05 04:26 10,752 ----a-w C:\Program Files\19541796.exe
2008-02-05 04:25 10,752 ----a-w C:\Program Files\19479921.exe
2008-02-05 04:24 10,752 ----a-w C:\Program Files\19417234.exe
2008-02-05 04:23 10,752 ----a-w C:\Program Files\19355125.exe
2008-02-05 04:22 10,752 ----a-w C:\Program Files\19292515.exe
2008-02-05 04:21 10,752 ----a-w C:\Program Files\19230031.exe
2008-02-05 04:20 10,752 ----a-w C:\Program Files\19167531.exe
2008-02-05 04:19 10,752 ----a-w C:\Program Files\19105203.exe
2008-02-05 04:18 10,752 ----a-w C:\Program Files\19042578.exe
2008-02-05 04:17 10,752 ----a-w C:\Program Files\18979281.exe
2008-02-05 04:16 10,752 ----a-w C:\Program Files\18916968.exe
2008-02-05 04:15 10,752 ----a-w C:\Program Files\18855218.exe
2008-02-05 04:14 10,752 ----a-w C:\Program Files\18792484.exe
2008-02-05 04:13 10,752 ----a-w C:\Program Files\18730218.exe
2008-02-05 04:12 10,752 ----a-w C:\Program Files\18668031.exe
2008-02-05 05:07 39,462 --sh--r C:\WINDOWS\Installer\{5e6fe06e-8ec3-472c-b364-227326a89f0d}\zip.dll
2008-02-05 05:07 14,374 --sh--r C:\WINDOWS\Installer\{9c6cc8ca-c6cd-404c-a987-d0e5124aad8c}\AvpRunOnce.dll
2006-10-08 21:54 56 --sh--r C:\WINDOWS\system32\24927FC793.sys
2006-09-27 02:37 88 --sh--r C:\WINDOWS\system32\93C77F9224.sys
2006-10-08 21:54 4,184 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54 5674352]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 11:09 460784]
"TivoTransfer"="C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe" [2007-05-02 14:12 1193472]
"TivoNotify"="C:\Program Files\TiVo\Desktop\TiVoNotify.exe" [2007-05-02 14:13 373760]
"TivoServer"="C:\Program Files\TiVo\Desktop\TiVoServer.exe" [2007-05-02 14:14 1463296]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 05:00 15360]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 10:23 202544]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 21:05 204288]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 11:24 1694208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-09-29 14:01 67584]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-12-14 20:51 7323648]
"CTHelper"="CTHELPER.EXE" [2006-12-12 10:46 19456 C:\WINDOWS\system32\CtHelper.exe]
"CTxfiHlp"="CTXFIHLP.EXE" [2006-12-12 10:46 20480 C:\WINDOWS\system32\Ctxfihlp.exe]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-06-17 07:56 139264]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2006-05-03 03:12 98304]
"CTDVDDET"="C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" [2003-06-18 01:00 45056]
"VolPanel"="C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" [2005-10-14 11:01 122880]
"AudioDrvEmulator"="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-11-04 18:07 49152]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00 90112]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 10:44 249856]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 10:44 81920]
"VSOCheckTask"="C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" [2005-07-08 18:18 151552]
"OASClnt"="C:\Program Files\McAfee.com\VSO\oasclnt.exe" [2005-08-11 22:02 53248]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [2005-09-22 18:29 303104]
"MCUpdateExe"="C:\PROGRA~1\mcafee.com\agent\mcupdate.exe" [2006-01-11 12:05 212992]
"MSKDetectorExe"="C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe" [2006-11-07 15:49 1121280]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2006-07-05 23:15 169984]
"MSKAGENTEXE"="C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe" [2005-09-26 10:26 110592]
"VirusScan Online"="C:\Program Files\McAfee.com\VSO\mcvsshld.exe" [2005-08-10 12:49 163840]
"MPFExe"="C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe" [2005-11-11 17:00 1005096]
"HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2003-10-23 19:51 233472]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2006-01-13 02:14 188416]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-22 23:20 339968 C:\WINDOWS\stsystra.exe]
"Share-to-Web Namespace Daemon"="c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 10:42 69632]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 16:32 56080 C:\WINDOWS\KHALMNPR.Exe]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-01-12 03:09 488984]
"LVCOMSX"="C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe" [2007-01-12 03:12 244512]
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 10:24 16384]
"gcNotifier"="C:\Documents and Settings\Christopher\Local Settings\Application Data\VTShared\GCNotifier.exe" [2008-01-25 11:06 176128]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 10:23 202544]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 05:00 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26 29696]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2006-07-05 23:05:07 24576]
Extender Resource Monitor.lnk - C:\WINDOWS\ehome\RMSysTry.exe [2005-10-20 19:55:40 18432]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-07-30 18:22:00 67128]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-07-30 18:20:16 692224]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2000-01-20 20:15:54 65588]
ymetray.lnk - C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe [2007-10-03 13:56:10 54512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Yahoo!\\Yahoo! Music Jukebox\\YahooMusicEngine.exe"=
"C:\\Program Files\\Adobe\\Photoshop Elements 5.0\\AdobePhotoshopElementsMediaServer.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3776:UDP"= 3776:UDP:Media Center Extender Service
"3390:TCP"= 3390:TCP:Remote Media Center Experience

R2 RMSvc;Media Center Extender Resource Monitor;C:\WINDOWS\ehome\RMSvc.exe [2005-10-20 19:55]
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-11-15 10:23]
R2 TivoBeacon2;TiVo Beacon;"C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe" /service []
R3 ha20x2k;Creative 20X HAL Driver;C:\WINDOWS\system32\drivers\ha20x2k.sys [2006-12-19 08:36]
S3 QWAVE;QWAVE service;C:\WINDOWS\system32\svchost.exe [2004-08-10 05:00]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
QWAVE REG_MULTI_SZ QWAVE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
\Shell\AutoRun\command - E:\setup.exe

.
Contents of the 'Scheduled Tasks' folder
"2008-06-07 17:53:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-06-14 03:43:42 C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (KREBSTAR-Christopher).job"
- c:\program files\mcafee.com\vso\mcmnhdlr.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-13 22:44:35
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\fb36.tmp 1536 bytes

scan completed successfully
hidden files: 1

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTSVCCDA.EXE
C:\WINDOWS\ehome\ehrecvr.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\McAfee.com\Agent\Mcdetect.exe
C:\PROGRA~1\McAfee.com\VSO\McShield.exe
C:\PROGRA~1\McAfee.com\Agent\McTskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\ehome\McrdSvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\CTxfispi.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\ehome\ehmsas.exe
C:\Program Files\McAfee\SpamKiller\MSKAgent.exe
C:\PROGRA~1\McAfee.com\VSO\McVSEscn.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.exe
C:\PROGRA~1\McAfee.com\VSO\mcvsftsn.exe
.
**************************************************************************
.
Completion time: 2008-06-13 23:01:05 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-14 04:00:34

Pre-Run: 261,747,294,208 bytes free
Post-Run: 262,196,162,560 bytes free

327 --- E O F --- 2008-05-28 08:01:09
xtopherp is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-13-2008, 11:50 PM   #5 (permalink)
Analyst, Security Team
 
forhockey's Avatar
 
Join Date: Sep 2006
Location: Ontario, Canada
Posts: 2,931
OS: Windows 7 Ultimate


Re: Pops ups, slowness, and the usual suspects
Open notepad and copy/paste the text in the quotebox below into it:

Code:
http://www.techsupportforum.com/security-center/hijackthis-log-help/258034-pops-ups-slowness-usual-suspects.html#post1528990

Collect::
C:\Program Files\xloader30029.exe
C:\Program Files\11523781.exe
C:\Program Files\11461562.exe
C:\Program Files\11399515.exe
C:\Program Files\11151437.exe
C:\Program Files\11089062.exe
C:\Program Files\11027437.exe
C:\Program Files\10037734.exe
C:\Program Files\9929968.exe
C:\Program Files\21104359.exe
C:\Program Files\20977859.exe
C:\Program Files\18792484.exe
C:\Program Files\19167531.exe
C:\Program Files\19105203.exe
C:\Program Files\19292515.exe
File::
C:\Program Files\11709078.exe
C:\Program Files\11647578.exe
C:\Program Files\11585468.exe
C:\Program Files\11337718.exe
C:\Program Files\11275921.exe
C:\Program Files\11213828.exe
C:\Program Files\10965500.exe
C:\Program Files\10903703.exe
C:\Program Files\10841828.exe
C:\Program Files\10779609.exe
C:\Program Files\10717625.exe
C:\Program Files\10655656.exe
C:\Program Files\10593906.exe
C:\Program Files\10532484.exe
C:\Program Files\10470218.exe
C:\Program Files\10408437.exe
C:\Program Files\10347187.exe
C:\Program Files\10285312.exe
C:\Program Files\10223453.exe
C:\Program Files\10161109.exe
C:\Program Files\10099031.exe
C:\Program Files\9864609.exe
C:\Program Files\9521234.exe
C:\Program Files\9508234.exe
C:\Program Files\21901437.exe
C:\Program Files\21919468.exe
C:\Program Files\21860625.exe
C:\Program Files\21796609.exe
C:\Program Files\21733734.exe
C:\Program Files\21671093.exe
C:\Program Files\21608953.exe
C:\Program Files\21546437.exe
C:\Program Files\21482875.exe
C:\Program Files\21418859.exe
C:\Program Files\21356031.exe
C:\Program Files\21293640.exe
C:\Program Files\21230765.exe
C:\Program Files\21167515.exe
C:\Program Files\20915421.exe
C:\Program Files\20852859.exe
C:\Program Files\20789625.exe
C:\Program Files\20726734.exe
C:\Program Files\20663640.exe
C:\Program Files\20600703.exe
C:\Program Files\20538234.exe
C:\Program Files\20476484.exe
C:\Program Files\20414390.exe
C:\Program Files\20351390.exe
C:\Program Files\20289656.exe
C:\Program Files\20227515.exe
C:\Program Files\20165546.exe
C:\Program Files\20102531.exe
C:\Program Files\20040687.exe
C:\Program Files\19978265.exe
C:\Program Files\19916984.exe
C:\Program Files\19854546.exe
C:\Program Files\19791953.exe
C:\Program Files\19729546.exe
C:\Program Files\19667375.exe
C:\Program Files\19604250.exe
C:\Program Files\19541796.exe
C:\Program Files\19479921.exe
C:\Program Files\19417234.exe
C:\Program Files\19355125.exe
C:\Program Files\19230031.exe
C:\Program Files\19042578.exe
C:\Program Files\18979281.exe
C:\Program Files\18916968.exe
C:\Program Files\18855218.exe
C:\Program Files\18730218.exe
C:\Program Files\18668031.exe
C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\fb36.tmp
C:\WINDOWS\Installer\{9c6cc8ca-c6cd-404c-a987-d0e5124aad8c}\AvpRunOnce.dll
C:\WINDOWS\Installer\{5e6fe06e-8ec3-472c-b364-227326a89f0d}\zip.dll
Save this as CFScript




Referring to the picture above, drag CFScript into ComboFix.exe

Follow the prompts, and post the resulting log, C:\ComboFix.txt

Warning:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

When CF finishes running, the ComboFix log will open along with a message box--do not be alarmed. With the above script, ComboFix will capture a file to submit for analysis. Please submit "[4]-Submit_Date_Time.zip" by following the prompts.
__________________


Proud Member of ASAP
Proud Member of UNITE

Keep this forum alive - if you've been helped at this forum, please do consider a donation. Thank you for your support.

Donation link for Tech Support Forum
Last edited by forhockey; 06-13-2008 at 11:54 PM.
forhockey is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-14-2008, 06:53 AM   #6 (permalink)
Registered User
 
Join Date: Jun 2008
Location: Nashville
Posts: 21
OS: XP


Re: Pops ups, slowness, and the usual suspects
No problems at all since the original combofix run. Looking good.

However, when trying to submit my new Combofix log I get the following error?:
You have included 72 images in your message. You are limited to using 25 images so please go back and correct the problem and then continue again.

Images include use of smilies, the vB code [img] tag and HTML <img> tags. The use of these is all subject to them being enabled by the administrator.

I will try and submit the log in 3 seperate posts.
xtopherp is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-14-2008, 06:55 AM   #7 (permalink)
Registered User
 
Join Date: Jun 2008
Location: Nashville
Posts: 21
OS: XP


Re: Pops ups, slowness, and the usual suspects
ComboFix 08-06-12.2 - Christopher 2008-06-14 7:31:06.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.500 [GMT -5:00]
Running from: C:\Documents and Settings\Christopher\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Christopher\Desktop\CFScript.txt
* Created a new restore point

FILE ::
C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\fb36.tmp
C:\Program Files\10099031.exe
C:\Program Files\10161109.exe
C:\Program Files\10223453.exe
C:\Program Files\10285312.exe
C:\Program Files\10347187.exe
C:\Program Files\10408437.exe
C:\Program Files\10470218.exe
C:\Program Files\10532484.exe
C:\Program Files\10593906.exe
C:\Program Files\10655656.exe
C:\Program Files\10717625.exe
C:\Program Files\10779609.exe
C:\Program Files\10841828.exe
C:\Program Files\10903703.exe
C:\Program Files\10965500.exe
C:\Program Files\11213828.exe
C:\Program Files\11275921.exe
C:\Program Files\11337718.exe
C:\Program Files\11585468.exe
C:\Program Files\11647578.exe
C:\Program Files\11709078.exe
C:\Program Files\18668031.exe
C:\Program Files\18730218.exe
C:\Program Files\18855218.exe
C:\Program Files\18916968.exe
C:\Program Files\18979281.exe
C:\Program Files\19042578.exe
C:\Program Files\19230031.exe
C:\Program Files\19355125.exe
C:\Program Files\19417234.exe
C:\Program Files\19479921.exe
C:\Program Files\19541796.exe
C:\Program Files\19604250.exe
C:\Program Files\19667375.exe
C:\Program Files\19729546.exe
C:\Program Files\19791953.exe
C:\Program Files\19854546.exe
C:\Program Files\19916984.exe
C:\Program Files\19978265.exe
C:\Program Files\20040687.exe
C:\Program Files\20102531.exe
C:\Program Files\20165546.exe
C:\Program Files\20227515.exe
C:\Program Files\20289656.exe
C:\Program Files\20351390.exe
C:\Program Files\20414390.exe
C:\Program Files\20476484.exe
C:\Program Files\20538234.exe
C:\Program Files\20600703.exe
C:\Program Files\20663640.exe
C:\Program Files\20726734.exe
C:\Program Files\20789625.exe
C:\Program Files\20852859.exe
C:\Program Files\20915421.exe
C:\Program Files\21167515.exe
C:\Program Files\21230765.exe
C:\Program Files\21293640.exe
C:\Program Files\21356031.exe
C:\Program Files\21418859.exe
C:\Program Files\21482875.exe
C:\Program Files\21546437.exe
C:\Program Files\21608953.exe
C:\Program Files\21671093.exe
C:\Program Files\21733734.exe
C:\Program Files\21796609.exe
C:\Program Files\21860625.exe
C:\Program Files\21901437.exe
C:\Program Files\21919468.exe
C:\Program Files\9508234.exe
C:\Program Files\9521234.exe
C:\Program Files\9864609.exe
C:\WINDOWS\Installer\{5e6fe06e-8ec3-472c-b364-227326a89f0d}\zip.dll
C:\WINDOWS\Installer\{9c6cc8ca-c6cd-404c-a987-d0e5124aad8c}\AvpRunOnce.dll
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\10037734.exe
C:\Program Files\10099031.exe
C:\Program Files\10161109.exe
C:\Program Files\10223453.exe
C:\Program Files\10285312.exe
C:\Program Files\10347187.exe
C:\Program Files\10408437.exe
C:\Program Files\10470218.exe
C:\Program Files\10532484.exe
C:\Program Files\10593906.exe
C:\Program Files\10655656.exe
C:\Program Files\10717625.exe
C:\Program Files\10779609.exe
C:\Program Files\10841828.exe
C:\Program Files\10903703.exe
C:\Program Files\10965500.exe
C:\Program Files\11027437.exe
C:\Program Files\11089062.exe
C:\Program Files\11151437.exe
C:\Program Files\11213828.exe
C:\Program Files\11275921.exe
C:\Program Files\11337718.exe
C:\Program Files\11399515.exe
C:\Program Files\11461562.exe
C:\Program Files\11523781.exe
C:\Program Files\11585468.exe
C:\Program Files\11647578.exe
C:\Program Files\11709078.exe
C:\Program Files\18668031.exe
C:\Program Files\18730218.exe
C:\Program Files\18792484.exe
C:\Program Files\18855218.exe
C:\Program Files\18916968.exe
C:\Program Files\18979281.exe
C:\Program Files\19042578.exe
C:\Program Files\19105203.exe
C:\Program Files\19167531.exe
C:\Program Files\19230031.exe
C:\Program Files\19292515.exe
C:\Program Files\19355125.exe
C:\Program Files\19417234.exe
C:\Program Files\19479921.exe
C:\Program Files\19541796.exe
C:\Program Files\19604250.exe
C:\Program Files\19667375.exe
C:\Program Files\19729546.exe
C:\Program Files\19791953.exe
C:\Program Files\19854546.exe
C:\Program Files\19916984.exe
C:\Program Files\19978265.exe
C:\Program Files\20040687.exe
C:\Program Files\20102531.exe
C:\Program Files\20165546.exe
C:\Program Files\20227515.exe
C:\Program Files\20289656.exe
C:\Program Files\20351390.exe
C:\Program Files\20414390.exe
C:\Program Files\20476484.exe
C:\Program Files\20538234.exe
C:\Program Files\20600703.exe
C:\Program Files\20663640.exe
C:\Program Files\20726734.exe
C:\Program Files\20789625.exe
C:\Program Files\20852859.exe
C:\Program Files\20915421.exe
C:\Program Files\20977859.exe
C:\Program Files\21104359.exe
C:\Program Files\21167515.exe
C:\Program Files\21230765.exe
C:\Program Files\21293640.exe
C:\Program Files\21356031.exe
C:\Program Files\21418859.exe
C:\Program Files\21482875.exe
C:\Program Files\21546437.exe
C:\Program Files\21608953.exe
C:\Program Files\21671093.exe
C:\Program Files\21733734.exe
C:\Program Files\21796609.exe
C:\Program Files\21860625.exe
C:\Program Files\21901437.exe
C:\Program Files\21919468.exe
C:\Program Files\9508234.exe
C:\Program Files\9521234.exe
C:\Program Files\9864609.exe
C:\Program Files\9929968.exe
C:\Program Files\xloader30029.exe
C:\WINDOWS\Installer\{5e6fe06e-8ec3-472c-b364-227326a89f0d}\zip.dll
C:\WINDOWS\Installer\{9c6cc8ca-c6cd-404c-a987-d0e5124aad8c}\AvpRunOnce.dll
C:\WINDOWS\wsystmp_acw.exe
C:\WINDOWS\wsystmp_nwz.exe

.
((((((((((((((((((((((((( Files Created from 2008-05-14 to 2008-06-14 )))))))))))))))))))))))))))))))
.

2008-06-13 22:35 . 2008-04-14 06:01 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-13 22:35 . 2008-04-14 06:01 272,128 --------- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-12 21:09 . 2008-06-12 21:09 <DIR> d-------- C:\Program Files\SpywareBlaster
2008-06-12 20:32 . 2008-06-12 20:32 <DIR> d-------- C:\Program Files\XviD
2008-06-12 20:32 . 2008-06-12 20:32 <DIR> d-------- C:\Program Files\Viewpoint
2008-06-12 20:32 . 2008-06-12 20:32 <DIR> d-------- C:\Program Files\TorrentMan
2008-06-12 20:32 . 2008-06-12 20:32 <DIR> d-------- C:\Program Files\NetWaiting
2008-06-12 20:32 . 2008-06-12 20:32 <DIR> d-------- C:\Program Files\EarthLink Setup
2008-06-12 20:32 . 2008-06-12 20:32 <DIR> d-------- C:\Program Files\Digital Line Detect
2008-06-09 20:36 . 2008-06-09 20:36 <DIR> d-------- C:\ie-spyad_zo
2008-06-09 18:53 . 2008-06-09 18:53 <DIR> d-------- C:\Program Files\Panda Security
2008-06-07 17:57 . 2008-06-07 17:57 <DIR> d-------- C:\Documents and Settings\Christopher\Application Data\Nero
2008-06-07 17:53 . 2008-06-07 17:53 <DIR> d-------- C:\Program Files\Nero
2008-06-07 17:53 . 2008-06-12 20:33 <DIR> d-------- C:\Program Files\Common Files\Nero
2008-06-07 17:53 . 2008-06-12 20:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-06-07 16:54 . 2008-06-08 19:32 <DIR> d-------- C:\Program Files\Conduit
2008-06-07 16:54 . 2008-06-12 20:47 <DIR> d-------- C:\Program Files\BitLord
2008-06-07 15:36 . 2008-06-07 15:36 <DIR> d-------- C:\Program Files\DVD Shrink
2008-06-07 15:36 . 2008-06-07 16:20 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-06-05 22:11 . 2008-06-05 22:11 <DIR> d-------- C:\TN Intl Pageant
2008-06-05 22:09 . 2008-06-05 22:09 641,021 --a------ C:\WINDOWS\unins000.exe
2008-06-05 22:09 . 2004-07-26 12:12 187,904 --a------ C:\WINDOWS\system32\Lame.exe
2008-06-05 22:09 . 2004-07-26 12:12 166,912 --a------ C:\WINDOWS\system32\Lame_enc.dll
2008-06-05 22:09 . 1999-09-10 12:06 45,056 --a------ C:\WINDOWS\system32\WNASPI32.DLL
2008-06-05 22:09 . 1999-09-10 12:06 25,244 --a------ C:\WINDOWS\system32\drivers\ASPI32.SYS
2008-06-05 22:09 . 1999-09-10 12:06 5,600 --a------ C:\WINDOWS\system\WINASPI.DLL
2008-06-05 22:09 . 1999-09-10 12:06 4,672 --a------ C:\WINDOWS\system\WOWPOST.EXE
2008-06-05 21:55 . 2008-06-05 21:55 <DIR> d-------- C:\Documents and Settings\Christopher\Application Data\DivX
2008-06-05 21:43 . 2008-06-07 10:08 <DIR> d-------- C:\Program Files\DivX
2008-06-05 21:33 . 2008-06-05 21:36 <DIR> d-------- C:\DECCHECK
2008-06-02 18:05 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-05-31 16:10 . 2008-05-31 16:10 <DIR> d-------- C:\Program Files\Sony Online Entertainment
2008-05-22 17:19 . 2008-05-22 17:19 161,096 --a------ C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-05-19 23:19 . 2008-05-19 23:19 <DIR> d-------- C:\Program Files\Apple Software Update
2008-05-17 22:47 . 2008-05-17 22:47 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\EscapeTheMuseum
xtopherp is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-14-2008, 06:57 AM   #8 (permalink)
Registered User
 
Join Date: Jun 2008
Location: Nashville
Posts: 21
OS: XP


Re: Pops ups, slowness, and the usual suspects
((((((((((((((((((((((((((((( snapshot@2008-06-13_23.00.10.67 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-05-07 05:12:40 1,288,192 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3GDR\quartz.dll
+ 2008-05-07 05:04:15 1,288,192 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:18:51 17,272 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\updspapi.dll
- 2008-06-14 03:33:19 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-14 11:56:29 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-14 11:01:02 272,128 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
+ 2008-03-01 1320 124,928 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\advpack.dll
+ 2008-03-01 1321 347,136 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtmsft.dll
+ 2008-03-01 1321 214,528 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtrans.dll
+ 2008-03-01 1321 133,120 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\extmgr.dll
+ 2008-03-01 1321 63,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\icardie.dll
+ 2008-02-29 08:55:23 70,656 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ie4uinit.exe
+ 2008-03-01 1321 153,088 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakeng.dll
+ 2008-03-01 1321 230,400 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakui.dll
+ 2008-03-01 1322 383,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieapfltr.dll
+ 2008-03-01 1322 384,512 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iedkcs32.dll
+ 2008-03-01 1324 6,066,176 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieframe.dll
+ 2008-03-01 1324 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iernonce.dll
xtopherp is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-14-2008, 07:00 AM   #9 (permalink)
Registered User
 
Join Date: Jun 2008
Location: Nashville
Posts: 21
OS: XP


Re: Pops ups, slowness, and the usual suspects
+ 2008-03-01 1325 267,776 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iertutil.dll
+ 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieudinit.exe
+ 2008-02-29 08:55:46 625,664 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iexplore.exe
+ 2008-03-01 1325 27,648 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\jsproxy.dll
+ 2008-03-01 1326 459,264 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeeds.dll
+ 2008-03-01 1326 52,224 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeedsbs.dll
+ 2008-03-01 23:36:30 3,591,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtml.dll
+ 2008-03-01 1328 478,208 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtmled.dll
+ 2008-03-01 1328 193,024 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msrating.dll
+ 2008-03-01 1329 671,232 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mstime.dll
+ 2008-03-01 1329 102,912 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\occache.dll
+ 2008-03-01 1329 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\pngfilt.dll
+ 2007-03-06 01:22:39 213,216 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\updspapi.dll
+ 2008-03-01 1329 105,984 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\url.dll
+ 2008-03-01 1330 1,159,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\urlmon.dll
+ 2008-03-01 1330 233,472 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\webcheck.dll
+ 2008-03-01 1331 826,368 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\wininet.dll
- 2008-03-01 1320 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-04-23 04:16:28 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2008-03-01 1320 124,928 ------w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-04-23 04:16:28 124,928 ------w C:\WINDOWS\system32\dllcache\advpack.dll
- 2008-03-01 1321 347,136 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-04-23 04:16:28 347,136 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
xtopherp is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-14-2008, 07:01 AM   #10 (permalink)
Registered User
 
Join Date: Jun 2008
Location: Nashville
Posts: 21
OS: XP


Re: Pops ups, slowness, and the usual suspects
- 2008-03-01 1321 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-04-23 04:16:28 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2008-03-01 1321 133,120 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-04-23 04:16:28 133,120 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2008-03-01 1321 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2008-04-23 04:16:28 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
- 2008-03-01 1321 153,088 ------w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-04-23 04:16:28 153,088 ------w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2008-03-01 1321 230,400 ------w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-04-23 04:16:28 230,400 ------w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2008-03-01 1322 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2008-04-23 04:16:28 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2008-03-01 1322 384,512 ------w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-04-23 04:16:28 384,512 ------w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2008-03-01 1324 6,066,176 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2008-04-23 04:16:28 6,066,176 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2008-03-01 1324 44,544 ------w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-04-23 04:16:28 44,544 ------w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2008-03-01 1325 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2008-04-23 04:16:28 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2008-03-01 1325 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-04-23 04:16:28 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2008-03-01 1326 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-04-23 04:16:28 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2008-03-01 1326 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2008-04-23 04:16:28 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2008-03-01 1328 478,208 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-04-23 04:16:28 478,208 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2008-03-01 1328 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-04-23 04:16:28 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2008-03-01 1329 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-04-23 04:16:28 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
- 2008-03-01 1329 102,912 ------w C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-04-23 04:16:28 102,912 ------w C:\WINDOWS\system32\dllcache\occache.dll
- 2008-03-01 1329 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-04-23 04:16:28 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2008-03-01 1329 105,984 ------w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-04-23 04:16:28 105,984 ------w C:\WINDOWS\system32\dllcache\url.dll
xtopherp is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-14-2008, 07:02 AM   #11 (permalink)
Registered User
 
Join Date: Jun 2008
Location: Nashville
Posts: 21
OS: XP


Re: Pops ups, slowness, and the usual suspects
- 2008-03-01 1330 1,159,680 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-04-23 04:16:29 1,159,680 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2008-03-01 1330 233,472 ------w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-04-23 04:16:29 233,472 ------w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2008-03-01 1331 826,368 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-04-23 04:16:29 826,368 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
- 2008-03-01 1321 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-04-23 04:16:28 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2008-03-01 1321 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-04-23 04:16:28 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2008-03-01 1321 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-04-23 04:16:28 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
- 2008-03-01 1321 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2008-04-23 04:16:28 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2008-02-29 08:55:23 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-04-22 07:39:58 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
- 2008-03-01 1321 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2008-04-23 04:16:28 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
- 2008-03-01 1321 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2008-04-23 04:16:28 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
- 2008-02-15 05:44:25 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2008-04-20 05:07:51 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
- 2008-03-01 1322 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2008-04-23 04:16:28 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2008-03-01 1322 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-04-23 04:16:28 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
- 2008-03-01 1324 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2008-04-23 04:16:28 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2008-03-01 1324 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2008-04-23 04:16:28 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
- 2008-03-01 1325 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2008-04-23 04:16:28 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2008-02-22 10:00:51 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2008-04-22 07:39:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2008-03-01 1325 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-04-23 04:16:28 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
- 2008-05-09 21:35:04 16,863,864 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-05-29 23:35:11 17,486,968 ----a-w C:\WINDOWS\system32\MRT.exe
- 2008-03-01 1326 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2008-04-23 04:16:28 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2008-03-01 1326 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2008-04-23 04:16:28 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2008-03-01 23:36:30 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-04-24 03:16:30 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2008-03-01 1328 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-04-23 04:16:28 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2008-03-01 1328 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-04-23 04:16:28 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
- 2008-03-01 1329 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-04-23 04:16:28 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
- 2008-03-01 1329 102,912 ----a-w C:\WINDOWS\system32\occache.dll
+ 2008-04-23 04:16:28 102,912 ----a-w C:\WINDOWS\system32\occache.dll
- 2008-03-01 1329 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-04-23 04:16:28 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2006-10-09 02:51:14 14,640 ----a-w C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 11:18:51 17,272 ------w C:\WINDOWS\system32\spmsg.dll
- 2008-03-01 1329 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-04-23 04:16:28 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2008-03-01 1330 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-04-23 04:16:29 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2008-03-01 1330 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-04-23 04:16:29 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
xtopherp is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-14-2008, 07:03 AM   #12 (permalink)
Registered User
 
Join Date: Jun 2008
Location: Nashville
Posts: 21
OS: XP


Re: Pops ups, slowness, and the usual suspects
- 2008-03-01 1331 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2008-04-23 04:16:29 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2008-06-14 11:57:12 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_cb8.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54 5674352]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 11:09 460784]
"TivoTransfer"="C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe" [2007-05-02 14:12 1193472]
"TivoNotify"="C:\Program Files\TiVo\Desktop\TiVoNotify.exe" [2007-05-02 14:13 373760]
"TivoServer"="C:\Program Files\TiVo\Desktop\TiVoServer.exe" [2007-05-02 14:14 1463296]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 05:00 15360]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 10:23 202544]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 21:05 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-09-29 14:01 67584]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-12-14 20:51 7323648]
"CTHelper"="CTHELPER.EXE" [2006-12-12 10:46 19456 C:\WINDOWS\system32\CtHelper.exe]
"CTxfiHlp"="CTXFIHLP.EXE" [2006-12-12 10:46 20480 C:\WINDOWS\system32\Ctxfihlp.exe]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-06-17 07:56 139264]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2006-05-03 03:12 98304]
"CTDVDDET"="C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" [2003-06-18 01:00 45056]
"VolPanel"="C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" [2005-10-14 11:01 122880]
"AudioDrvEmulator"="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-11-04 18:07 49152]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00 90112]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 10:44 249856]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 10:44 81920]
"VSOCheckTask"="C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" [2005-07-08 18:18 151552]
"OASClnt"="C:\Program Files\McAfee.com\VSO\oasclnt.exe" [2005-08-11 22:02 53248]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [2005-09-22 18:29 303104]
"MCUpdateExe"="c:\PROGRA~1\mcafee.com\agent\mcupdate.exe" [2006-01-11 12:05 212992]
"MSKDetectorExe"="C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe" [2006-11-07 15:49 1121280]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2006-07-05 23:15 169984]
"MSKAGENTEXE"="C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe" [2005-09-26 10:26 110592]
"VirusScan Online"="C:\Program Files\McAfee.com\VSO\mcvsshld.exe" [2005-08-10 12:49 163840]
"MPFExe"="C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe" [2005-11-11 17:00 1005096]
"HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2003-10-23 19:51 233472]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2006-01-13 02:14 188416]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-22 23:20 339968 C:\WINDOWS\stsystra.exe]
"Share-to-Web Namespace Daemon"="c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 10:42 69632]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 16:32 56080 C:\WINDOWS\KHALMNPR.Exe]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-01-12 03:09 488984]
"LVCOMSX"="C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe" [2007-01-12 03:12 244512]
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 10:24 16384]
"gcNotifier"="C:\Documents and Settings\Christopher\Local Settings\Application Data\VTShared\GCNotifier.exe" [2008-01-25 11:06 176128]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 10:23 202544]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 05:00 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26 29696]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2006-07-05 23:05:07 24576]
Extender Resource Monitor.lnk - C:\WINDOWS\ehome\RMSysTry.exe [2005-10-20 19:55:40 18432]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-07-30 18:22:00 67128]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-07-30 18:20:16 692224]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2000-01-20 20:15:54 65588]
ymetray.lnk - C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe [2007-10-03 13:56:10 54512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Yahoo!\\Yahoo! Music Jukebox\\YahooMusicEngine.exe"=
"C:\\Program Files\\Adobe\\Photoshop Elements 5.0\\AdobePhotoshopElementsMediaServer.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3776:UDP"= 3776:UDP:Media Center Extender Service
"3390:TCP"= 3390:TCP:Remote Media Center Experience

R2 RMSvc;Media Center Extender Resource Monitor;C:\WINDOWS\ehome\RMSvc.exe [2005-10-20 19:55]
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-11-15 10:23]
R2 TivoBeacon2;TiVo Beacon;"C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe" /service []
R3 ha20x2k;Creative 20X HAL Driver;C:\WINDOWS\system32\drivers\ha20x2k.sys [2006-12-19 08:36]
S3 QWAVE;QWAVE service;C:\WINDOWS\system32\svchost.exe [2004-08-10 05:00]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
QWAVE REG_MULTI_SZ QWAVE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
\Shell\AutoRun\command - E:\setup.exe

*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
"2008-06-07 17:53:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-06-14 11:56:37 C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (KREBSTAR-Christopher).job"
- c:\program files\mcafee.com\vso\mcmnhdlr.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-14 07:34:20
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


**************************************************************************
.
Completion time: 2008-06-14 7:39:17
ComboFix-quarantined-files.txt 2008-06-14 12:38:14
ComboFix2.txt 2008-06-14 04:01:06

Pre-Run: 263,984,455,680 bytes free
Post-Run: 264,023,478,272 bytes free

591 --- E O F --- 2008-06-14 05:22:39
xtopherp is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-14-2008, 07:07 AM   #13 (permalink)
Registered User
 
Join Date: Jun 2008
Location: Nashville
Posts: 21
OS: XP


Re: Pops ups, slowness, and the usual suspects
Okay. It took more than three posts. Sorry about that. The images were obviously the smiley faces on the log. I made no attempt to remove them as I wanted you to see exactly what I was given. Of course, in the notepad txt, you don't see them at all.
xtopherp is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-14-2008, 09:27 AM   #14 (permalink)
Analyst, Security Team
 
forhockey's Avatar
 
Join Date: Sep 2006
Location: Ontario, Canada
Posts: 2,931
OS: Windows 7 Ultimate


Re: Pops ups, slowness, and the usual suspects
Hi, not a problem. Did you submit the file which contains the following format?

"[4]-Submit_Date_Time.zip"

note: It should be located on your desktop.

Please submit the file to the following link: http://www.bleepingcomputer.com/subm....php?channel=4

Please include a link to this topic in the message.

Thanks
__________________


Proud Member of ASAP
Proud Member of UNITE

Keep this forum alive - if you've been helped at this forum, please do consider a donation. Thank you for your support.

Donation link for Tech Support Forum
forhockey is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-14-2008, 10:03 AM   #15 (permalink)
Registered User
 
Join Date: Jun 2008
Location: Nashville
Posts: 21
OS: XP


Re: Pops ups, slowness, and the usual suspects
I hadn't, but have now.
xtopherp is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-15-2008, 12:08 PM   #16 (permalink)
Analyst, Security Team
 
forhockey's Avatar
 
Join Date: Sep 2006
Location: Ontario, Canada
Posts: 2,931
OS: Windows 7 Ultimate


Re: Pops ups, slowness, and the usual suspects
Thank you for submitting the file.

Please delete the following file on your desktop:

[4]-Submit_2008-06-14@7.30.zip


---------------------------------------

Establish an internet connection & perform an online scan with Internet Explorer at Kaspersky Online Scanner

Answer Yes, when prompted to install an ActiveX component.
  • The program will then begin downloading the latest definition files.
  • Once the files have been downloaded click on NEXT
  • Locate the Scan Settings button & configure to:
    • Scan using the following Anti-Virus database:
      • Extended
    • Scan Options:
      • Scan Archives
      • Scan Mail Bases
  • Click OK & have it scan My Computer
  • Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.





  • Click the Save as Text button to save the file to your desktop so that you may post it in your next reply
* Turn off the real time scanner of any existing antivirus program while performing the online scan

--------------------------------------------------------------

Please reply back with the results from the Kaspersky online scan.
__________________


Proud Member of ASAP
Proud Member of UNITE

Keep this forum alive - if you've been helped at this forum, please do consider a donation. Thank you for your support.

Donation link for Tech Support Forum
forhockey is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-15-2008, 04:58 PM   #17 (permalink)
Registered User
 
Join Date: Jun 2008
Location: Nashville
Posts: 21
OS: XP


Re: Pops ups, slowness, and the usual suspects
KASPERSKY LOG TEXT
Thanks.
KASPERSKY ONLINE SCANNER 7 REPORT
Sunday, June 15, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Sunday, June 15, 2008 20:12:56
Records in database: 868617
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\

Scan statistics:
Files scanned: 119738
Threat name: 23
Infected objects: 265
Suspicious objects: 0
Duration of the scan: 01:44:21


File name / Threat name / Threats count
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip Infected: Trojan-Downloader.Win32.Alphabet.gen 5
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip Infected: Backdoor.Win32.Small.cwc 9
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip Infected: Trojan-Downloader.Win32.Small.ioq 4
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip Infected: Trojan.Win32.Agent.drm 1
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip Infected: Trojan-Downloader.Win32.Adload.ma 1
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip Infected: not-a-virus:AdWare.Win32.Agent.yz 1
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip Infected: Trojan.Win32.Scapur.l 1
C:\Documents and Settings\Christopher\wn852.exe Infected: Trojan.Win32.Agent.drm 1
C:\Program Files\10161718.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\10222453.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\10282687.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\10342875.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\10403093.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\10463343.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\10523609.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\10583859.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\10644296.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\10704546.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\10764796.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\10825109.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\10885390.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\10945687.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\11006078.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\11066390.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\11126750.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\11187031.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\11247406.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\11307875.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\11368359.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\11428718.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\11489359.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\11549750.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\11610406.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\11670765.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\11731343.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\11791828.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\11852234.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\11912953.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\11973765.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\12034281.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\12094781.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\12155359.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\12215875.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\12276609.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\12337484.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\12398203.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\12458875.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\12519750.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\12580500.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\12641250.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\12701750.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\12762453.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\12823484.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\12884234.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\12944734.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\13005015.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\13065328.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\13125843.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\13187093.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\13248078.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\13308828.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\13369687.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\13430656.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\13491546.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\13552390.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\13613187.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\13674484.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\13735375.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\13796890.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\13857953.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\13919312.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\13980531.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\14041531.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\14102406.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\14163062.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\14224000.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\14284937.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\14345984.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\14407421.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\14468890.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\14530203.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\14591343.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\14652562.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\14713734.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\14775187.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\14836546.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\14897906.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\14958859.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\15020078.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\15081625.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\15142937.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\15204078.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\15265343.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\15326718.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\15387765.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\15448781.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\15509953.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\15570859.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\15632234.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\15693656.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\15756078.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\15817187.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\15879234.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\15941046.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\16002718.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\16065312.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\16127125.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\16188796.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\16250015.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\16311328.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\16372812.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\16434625.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\16496640.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\16559375.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\16621078.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\16682468.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\16744265.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\16806015.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\16867765.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\16929531.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\16991796.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\17053406.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\17115531.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\17177093.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\17239421.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\17301187.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\17362968.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\17424515.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\17486640.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\17548515.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\17610921.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\17673500.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\17736171.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\17798359.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\17860421.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\17922343.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\17984078.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\18046171.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\18109140.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\18170906.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\18233328.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\18295609.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\18357828.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\18419656.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\18481671.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\18543484.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\18605640.exe Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\Program Files\BitLord\Downloads\Nero.8.3.2.1\Nero.8.3.2.1-UE-Full-RLZ\Nero-8.3.2.1.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.yfg 1
C:\Program Files\BitLord\Downloads\Nero.8.3.2.1\Nero.8.3.2.1-UE-Full-RLZ\Nero-8.3.2.1.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm 1
C:\Program Files\BitLord\Downloads\Nero.8.3.2.1.zip Infected: not-a-virus:AdWare.Win32.Virtumonde.yfg 1
C:\Program Files\Trend Micro\HijackThis\backups\backup-20080228-221116-110.dll Infected: not-a-virus:AdWare.Win32.E404.a 1
C:\QooBox\Quarantine\C\Program Files\10099031.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\10161109.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\10223453.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\10285312.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\10347187.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\10408437.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\10470218.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\10532484.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\10593906.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\10655656.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\10717625.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\10779609.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\10841828.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\10903703.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\10965500.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\11213828.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\11275921.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\11337718.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\11585468.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\11647578.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\11709078.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\18668031.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\18730218.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\18855218.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\18916968.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\18979281.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\19042578.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\19230031.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\19355125.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\19417234.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\19479921.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\19541796.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\19604250.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\19667375.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\19729546.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\19791953.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\19854546.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\19916984.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\19978265.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\20040687.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\20102531.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\20165546.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\20227515.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\20289656.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\20351390.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\20414390.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\20476484.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\20538234.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\20600703.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\20663640.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\20726734.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\20789625.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\20852859.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\20915421.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\21167515.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\21230765.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\21293640.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\21356031.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\21418859.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\21482875.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\21546437.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\21608953.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\21671093.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\21733734.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\21796609.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\21860625.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\21901437.exe.vir Infected: Trojan-Downloader.Win32.Small.iqq 1
C:\QooBox\Quarantine\C\Program Files\21919468.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\9508234.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\9521234.exe.vir Infected: Trojan-Downloader.Win32.Small.ioq 1
C:\QooBox\Quarantine\C\Program Files\9864609.exe.vir Infected: Trojan-Downloader.Win32.Alphabet.gen 1
C:\QooBox\Quarantine\C\Program Files\WNSXS~1\userinit.exe.vir Infected: Trojan-Downloader.Win32.PurityScan.fn 1
C:\QooBox\Quarantine\C\WINDOWS\Installer\{5e6fe06e-8ec3-472c-b364-227326a89f0d}\zip.dll.vir Infected: Trojan-Downloader.Win32.BHO.cm 1
C:\QooBox\Quarantine\C\WINDOWS\Installer\{9c6cc8ca-c6cd-404c-a987-d0e5124aad8c}\AvpRunOnce.dll.vir Infected: Trojan.Win32.Agent.evy 1
C:\QooBox\Quarantine\C\WINDOWS\system32\aeeayphj.dll.vir Infected: Trojan.Win32.Monder.qf 1
C:\QooBox\Quarantine\C\WINDOWS\system32\bwrbnblj.dll.vir Infected: Trojan.Win32.Monder.nb 1
C:\QooBox\Quarantine\C\WINDOWS\system32\cbXOHYrO.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.yff 1
C:\QooBox\Quarantine\C\WINDOWS\system32\dbghtsdv.dll.vir Infected: Trojan.Win32.Monder.oa 1
C:\QooBox\Quarantine\C\WINDOWS\system32\mlJCsqRl.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.yff 1
C:\QooBox\Quarantine\C\WINDOWS\system32\mlJYrqRh.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.yff 1
C:\QooBox\Quarantine\C\WINDOWS\system32\noxrleda.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ytd 1
C:\QooBox\Quarantine\C\WINDOWS\system32\uibhfxwy.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ytc 1
C:\QooBox\Quarantine\C\WINDOWS\system32\urqRLbyx.dll.vir Infected: Trojan.Win32.Monder.gen 1
C:\QooBox\Quarantine\C\WINDOWS\wsystmp_nwz.exe.vir Infected: Trojan-Downloader.Win32.Tibs.tz 1
C:\RECYCLER\S-1-5-21-3789418485-806844564-1028981425-1005\Dc5.zip Infected: Trojan-Downloader.Win32.Alphabet.gen 14
C:\RECYCLER\S-1-5-21-3789418485-806844564-1028981425-1005\Dc5.zip Infected: Trojan.Win32.Qhost.abh 1

The selected area was scanned.
xtopherp is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-18-2008, 04:49 PM   #18 (permalink)
Analyst, Security Team
 
forhockey's Avatar
 
Join Date: Sep 2006
Location: Ontario, Canada
Posts: 2,931
OS: Windows 7 Ultimate


Re: Pops ups, slowness, and the usual suspects
Please copy this page to Notepad and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.

Also be sure to carry out the instructions in the sequence listed below.

--------------------------------------------------------------

Open notepad and copy/paste the text in the quotebox below into it:

Quote:
KILLALL::

File::
C:\Documents and Settings\Christopher\wn852.exe
C:\Program Files\10161718.exe
C:\Program Files\10222453.exe
C:\Program Files\10282687.exe
C:\Program Files\10342875.exe
C:\Program Files\10403093.exe
C:\Program Files\10463343.exe
C:\Program Files\10523609.exe
C:\Program Files\10583859.exe
C:\Program Files\10644296.exe
C:\Program Files\10704546.exe
C:\Program Files\10764796.exe
C:\Program Files\10825109.exe
C:\Program Files\10885390.exe
C:\Program Files\10945687.exe
C:\Program Files\11006078.exe
C:\Program Files\11066390.exe
C:\Program Files\11126750.exe
C:\Program Files\11187031.exe
C:\Program Files\11247406.exe
C:\Program Files\11307875.exe
C:\Program Files\11368359.exe
C:\Program Files\11428718.exe
C:\Program Files\11489359.exe
C:\Program Files\11549750.exe
C:\Program Files\11610406.exe
C:\Program Files\11670765.exe
C:\Program Files\11731343.exe
C:\Program Files\11791828.exe
C:\Program Files\11852234.exe
C:\Program Files\11912953.exe
C:\Program Files\11973765.exe
C:\Program Files\12034281.exe
C:\Program Files\12094781.exe
C:\Program Files\12155359.exe
C:\Program Files\12215875.exe
C:\Program Files\12276609.exe
C:\Program Files\12337484.exe
C:\Program Files\12398203.exe
C:\Program Files\12458875.exe
C:\Program Files\12519750.exe
C:\Program Files\12580500.exe
C:\Program Files\12641250.exe
C:\Program Files\12701750.exe
C:\Program Files\12762453.exe
C:\Program Files\12823484.exe
C:\Program Files\12884234.exe
C:\Program Files\12944734.exe
C:\Program Files\13005015.exe
C:\Program Files\13065328.exe
C:\Program Files\13125843.exe
C:\Program Files\13187093.exe
C:\Program Files\13248078.exe
C:\Program Files\13308828.exe
C:\Program Files\13369687.exe
C:\Program Files\13430656.exe
C:\Program Files\13491546.exe
C:\Program Files\13552390.exe
C:\Program Files\13613187.exe
C:\Program Files\13674484.exe
C:\Program Files\13735375.exe
C:\Program Files\13796890.exe
C:\Program Files\13857953.exe
C:\Program Files\13919312.exe
C:\Program Files\13980531.exe
C:\Program Files\14041531.exe
C:\Program Files\14102406.exe
C:\Program Files\14163062.exe
C:\Program Files\14224000.exe
C:\Program Files\14284937.exe
C:\Program Files\14345984.exe
C:\Program Files\14407421.exe
C:\Program Files\14468890.exe
C:\Program Files\14530203.exe
C:\Program Files\14591343.exe
C:\Program Files\14652562.exe
C:\Program Files\14713734.exe
C:\Program Files\14775187.exe
C:\Program Files\14836546.exe
C:\Program Files\14897906.exe
C:\Program Files\14958859.exe
C:\Program Files\15020078.exe
C:\Program Files\15081625.exe
C:\Program Files\15142937.exe
C:\Program Files\15204078.exe
C:\Program Files\15265343.exe
C:\Program Files\15326718.exe
C:\Program Files\15387765.exe
C:\Program Files\15448781.exe
C:\Program Files\15509953.exe
C:\Program Files\15570859.exe
C:\Program Files\15632234.exe
C:\Program Files\15693656.exe
C:\Program Files\15756078.exe
C:\Program Files\15817187.exe
C:\Program Files\15879234.exe
C:\Program Files\15941046.exe
C:\Program Files\16002718.exe
C:\Program Files\16065312.exe
C:\Program Files\16127125.exe
C:\Program Files\16188796.exe
C:\Program Files\16250015.exe
C:\Program Files\16311328.exe
C:\Program Files\16372812.exe
C:\Program Files\16434625.exe
C:\Program Files\16496640.exe
C:\Program Files\16559375.exe
C:\Program Files\16621078.exe
C:\Program Files\16682468.exe
C:\Program Files\16744265.exe
C:\Program Files\16806015.exe
C:\Program Files\16867765.exe
C:\Program Files\16929531.exe
C:\Program Files\16991796.exe
C:\Program Files\17053406.exe
C:\Program Files\17115531.exe
C:\Program Files\17177093.exe
C:\Program Files\17239421.exe
C:\Program Files\17301187.exe
C:\Program Files\17362968.exe
C:\Program Files\17424515.exe
C:\Program Files\17486640.exe
C:\Program Files\17548515.exe
C:\Program Files\17610921.exe
C:\Program Files\17673500.exe
C:\Program Files\17736171.exe
C:\Program Files\17798359.exe
C:\Program Files\17860421.exe
C:\Program Files\17922343.exe
C:\Program Files\17984078.exe
C:\Program Files\18046171.exe
C:\Program Files\18109140.exe
C:\Program Files\18170906.exe
C:\Program Files\18233328.exe
C:\Program Files\18295609.exe
C:\Program Files\18357828.exe
C:\Program Files\18419656.exe
C:\Program Files\18481671.exe
C:\Program Files\18543484.exe
C:\Program Files\18605640.exe
C:\Program Files\BitLord\Downloads\Nero.8.3.2.1.zip

Folder::
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix
C:\Program Files\BitLord\Downloads\Nero.8.3.2.1
Save this as CFScript




Referring to the picture above, drag CFScript into ComboFix.exe

Follow the prompts, and post the resulting log, C:\ComboFix.txt

Warning:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Go here to run an online scannner from ESET.
  • Note: You will need to use Internet explorer for this scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked, and the option Scan unwanted applications is checked
  • Click Scan
  • Wait for the scan to finish
  • Use notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic, along with a new HijackThis log and a description of any remaining problems
__________________


Proud Member of ASAP
Proud Member of UNITE

Keep this forum alive - if you've been helped at this forum, please do consider a donation. Thank you for your support.

Donation link for Tech Support Forum
forhockey is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-18-2008, 10:11 PM   #19 (permalink)
Registered User
 
Join Date: Jun 2008
Location: Nashville
Posts: 21
OS: XP


Re: Pops ups, slowness, and the usual suspects
Thank you

COMBOFIX LOG
ComboFix 08-06-12.2 - Christopher 2008-06-18 20:49:53.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.669 [GMT -5:00]
Running from: C:\Documents and Settings\Christopher\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Christopher\Desktop\CFScript.txt
* Created a new restore point

FILE ::
C:\Documents and Settings\Christopher\wn852.exe
C:\Program Files\10161718.exe
C:\Program Files\10222453.exe
C:\Program Files\10282687.exe
C:\Program Files\10342875.exe
C:\Program Files\10403093.exe
C:\Program Files\10463343.exe
C:\Program Files\10523609.exe
C:\Program Files\10583859.exe
C:\Program Files\10644296.exe
C:\Program Files\10704546.exe
C:\Program Files\10764796.exe
C:\Program Files\10825109.exe
C:\Program Files\10885390.exe
C:\Program Files\10945687.exe
C:\Program Files\11006078.exe
C:\Program Files\11066390.exe
C:\Program Files\11126750.exe
C:\Program Files\11187031.exe
C:\Program Files\11247406.exe
C:\Program Files\11307875.exe
C:\Program Files\11368359.exe
C:\Program Files\11428718.exe
C:\Program Files\11489359.exe
C:\Program Files\11549750.exe
C:\Program Files\11610406.exe
C:\Program Files\11670765.exe
C:\Program Files\11731343.exe
C:\Program Files\11791828.exe
C:\Program Files\11852234.exe
C:\Program Files\11912953.exe
C:\Program Files\11973765.exe
C:\Program Files\12034281.exe
C:\Program Files\12094781.exe
C:\Program Files\12155359.exe
C:\Program Files\12215875.exe
C:\Program Files\12276609.exe
C:\Program Files\12337484.exe
C:\Program Files\12398203.exe
C:\Program Files\12458875.exe
C:\Program Files\12519750.exe
C:\Program Files\12580500.exe
C:\Program Files\12641250.exe
C:\Program Files\12701750.exe
C:\Program Files\12762453.exe
C:\Program Files\12823484.exe
C:\Program Files\12884234.exe
C:\Program Files\12944734.exe
C:\Program Files\13005015.exe
C:\Program Files\13065328.exe
C:\Program Files\13125843.exe
C:\Program Files\13187093.exe
C:\Program Files\13248078.exe
C:\Program Files\13308828.exe
C:\Program Files\13369687.exe
C:\Program Files\13430656.exe
C:\Program Files\13491546.exe
C:\Program Files\13552390.exe
C:\Program Files\13613187.exe
C:\Program Files\13674484.exe
C:\Program Files\13735375.exe
C:\Program Files\13796890.exe
C:\Program Files\13857953.exe
C:\Program Files\13919312.exe
C:\Program Files\13980531.exe
C:\Program Files\14041531.exe
C:\Program Files\14102406.exe
C:\Program Files\14163062.exe
C:\Program Files\14224000.exe
C:\Program Files\14284937.exe
C:\Program Files\14345984.exe
C:\Program Files\14407421.exe
C:\Program Files\14468890.exe
C:\Program Files\14530203.exe
C:\Program Files\14591343.exe
C:\Program Files\14652562.exe
C:\Program Files\14713734.exe
C:\Program Files\14775187.exe
C:\Program Files\14836546.exe
C:\Program Files\14897906.exe
C:\Program Files\14958859.exe
C:\Program Files\15020078.exe
C:\Program Files\15081625.exe
C:\Program Files\15142937.exe
C:\Program Files\15204078.exe
C:\Program Files\15265343.exe
C:\Program Files\15326718.exe
C:\Program Files\15387765.exe
C:\Program Files\15448781.exe
C:\Program Files\15509953.exe
C:\Program Files\15570859.exe
C:\Program Files\15632234.exe
C:\Program Files\15693656.exe
C:\Program Files\15756078.exe
C:\Program Files\15817187.exe
C:\Program Files\15879234.exe
C:\Program Files\15941046.exe
C:\Program Files\16002718.exe
C:\Program Files\16065312.exe
C:\Program Files\16127125.exe
C:\Program Files\16188796.exe
C:\Program Files\16250015.exe
C:\Program Files\16311328.exe
C:\Program Files\16372812.exe
C:\Program Files\16434625.exe
C:\Program Files\16496640.exe
C:\Program Files\16559375.exe
C:\Program Files\16621078.exe
C:\Program Files\16682468.exe
C:\Program Files\16744265.exe
C:\Program Files\16806015.exe
C:\Program Files\16867765.exe
C:\Program Files\16929531.exe
C:\Program Files\16991796.exe
C:\Program Files\17053406.exe
C:\Program Files\17115531.exe
C:\Program Files\17177093.exe
C:\Program Files\17239421.exe
C:\Program Files\17301187.exe
C:\Program Files\17362968.exe
C:\Program Files\17424515.exe
C:\Program Files\17486640.exe
C:\Program Files\17548515.exe
C:\Program Files\17610921.exe
C:\Program Files\17673500.exe
C:\Program Files\17736171.exe
C:\Program Files\17798359.exe
C:\Program Files\17860421.exe
C:\Program Files\17922343.exe
C:\Program Files\17984078.exe
C:\Program Files\18046171.exe
C:\Program Files\18109140.exe
C:\Program Files\18170906.exe
C:\Program Files\18233328.exe
C:\Program Files\18295609.exe
C:\Program Files\18357828.exe
C:\Program Files\18419656.exe
C:\Program Files\18481671.exe
C:\Program Files\18543484.exe
C:\Program Files\18605640.exe
C:\Program Files\BitLord\Downloads\Nero.8.3.2.1.zip
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\assosfix.reg
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\cliptext.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\download.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\dummy.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\dummy.sys
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\Enable_Command_Prompt.reg
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\ERDNT.E_E
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\ERDNTDOS.LOC
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\ERDNTWIN.LOC
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\ERUNT.EXE
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\ERUNT.LOC
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\fix.reg
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\FixBH.reg
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\FixComponents.reg
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\FIXCU.reg
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\FIXLM.reg
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\FixPath.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\FixRedir.reg
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\FixSchedule.reg
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\FixWebCheck.reg
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\fixXP.reg
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\FixXPsp2.reg
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\grep.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\HPFix.reg
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\HPFix2.reg
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\HPFix3.reg
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\HPFix4.reg
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\HPFix5.reg
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\HPFix6.reg
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\HPFix7.reg
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\isadmin.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\leg2.txt
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\legacy.txt
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\legacybk.txt
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\locate.com
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\LS.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\MD5File.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\MyGcpvFix.reg
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\MyGkFix2.reg
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\procs.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\psservice.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\RegDACL.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\regedit.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\Rem.txt
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\Rem2.txt
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\Replace\W2K.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\Replace\w2k\beep.sys
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\Replace\w2k\null.sys
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\Replace\XP.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\Replace\xp\beep.sys
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\Replace\xp\null.sys
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\Reset_AppInit_DLLs.reg
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\RestartIt!.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\Restore_SecurityCenter.reg
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\Restore_SharedAccess.reg
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\sc.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\sed.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\SF.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\shutdown.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\srv2.txt
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\srv2bk.txt
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\svc.txt
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\svcbk.txt
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\swreg.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\swsc.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\unzip.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\vfind.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\WINMSG.EXE
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\winsec.reg
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\apps\zip.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups(2)\backupreg.zip
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups(2)\catchme.log
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups(2)\HOSTS
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups(3)\backupreg.zip
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups(3)\catchme.log
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups(3)\HOSTS
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\attrib.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backupreg.zip
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\catchme.log
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\find.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\findstr.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\HOSTS
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\regedit.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\catchme.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\Catchmesr.log
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\dummy.exe
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\dummy.sys
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\Report.txt
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\Report_old_1.txt
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\Report_old_2.txt
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\RunThis.bat
C:\Documents and Settings\Christopher\Desktop\FixTools\SDFix\SDFIX_ReadMe_Online.url
C:\Documents and Settings\Christopher\wn852.exe
C:\Program Files\10161718.exe
C:\Program Files\10222453.exe
C:\Program Files\10282687.exe
C:\Program Files\10342875.exe
C:\Program Files\10403093.exe
C:\Program Files\10463343.exe
C:\Program Files\10523609.exe
C:\Program Files\10583859.exe
C:\Program Files\10644296.exe
C:\Program Files\10704546.exe
C:\Program Files\10764796.exe
C:\Program Files\10825109.exe
C:\Program Files\10885390.exe
C:\Program Files\10945687.exe
C:\Program Files\11006078.exe
C:\Program Files\11066390.exe
C:\Program Files\11126750.exe
C:\Program Files\11187031.exe
C:\Program Files\11247406.exe
C:\Program Files\11307875.exe
C:\Program Files\11368359.exe
C:\Program Files\11428718.exe
C:\Program Files\11489359.exe
C:\Program Files\11549750.exe
C:\Program Files\11610406.exe
C:\Program Files\11670765.exe
C:\Program Files\11731343.exe
C:\Program Files\11791828.exe
C:\Program Files\11852234.exe
C:\Program Files\11912953.exe
C:\Program Files\11973765.exe
C:\Program Files\12034281.exe
C:\Program Files\12094781.exe
C:\Program Files\12155359.exe
C:\Program Files\12215875.exe
C:\Program Files\12276609.exe
C:\Program Files\12337484.exe
C:\Program Files\12398203.exe
C:\Program Files\12458875.exe
C:\Program Files\12519750.exe
C:\Program Files\12580500.exe
C:\Program Files\12641250.exe
C:\Program Files\12701750.exe
C:\Program Files\12762453.exe
C:\Program Files\12823484.exe
C:\Program Files\12884234.exe
C:\Program Files\12944734.exe
C:\Program Files\13005015.exe
C:\Program Files\13065328.exe
C:\Program Files\13125843.exe
C:\Program Files\13187093.exe
C:\Program Files\13248078.exe
C:\Program Files\13308828.exe
C:\Program Files\13369687.exe
C:\Program Files\13430656.exe
C:\Program Files\13491546.exe
C:\Program Files\13552390.exe
C:\Program Files\13613187.exe
C:\Program Files\13674484.exe
C:\Program Files\13735375.exe
C:\Program Files\13796890.exe
C:\Program Files\13857953.exe
C:\Program Files\13919312.exe
C:\Program Files\13980531.exe
C:\Program Files\14041531.exe
C:\Program Files\14102406.exe
C:\Program Files\14163062.exe
C:\Program Files\14224000.exe
C:\Program Files\14284937.exe
C:\Program Files\14345984.exe
C:\Program Files\14407421.exe
C:\Program Files\14468890.exe
C:\Program Files\14530203.exe
C:\Program Files\14591343.exe
C:\Program Files\14652562.exe
C:\Program Files\14713734.exe
C:\Program Files\14775187.exe
C:\Program Files\14836546.exe
C:\Program Files\14897906.exe
C:\Program Files\14958859.exe
C:\Program Files\15020078.exe
C:\Program Files\15081625.exe
C:\Program Files\15142937.exe
C:\Program Files\15204078.exe
C:\Program Files\15265343.exe
C:\Program Files\15326718.exe
C:\Program Files\15387765.exe
C:\Program Files\15448781.exe
C:\Program Files\15509953.exe
C:\Program Files\15570859.exe
C:\Program Files\15632234.exe
C:\Program Files\15693656.exe
C:\Program Files\15756078.exe
C:\Program Files\15817187.exe
C:\Program Files\15879234.exe
C:\Program Files\15941046.exe
C:\Program Files\16002718.exe
C:\Program Files\16065312.exe
C:\Program Files\16127125.exe
C:\Program Files\16188796.exe
C:\Program Files\16250015.exe
C:\Program Files\16311328.exe
C:\Program Files\16372812.exe
C:\Program Files\16434625.exe
C:\Program Files\16496640.exe
C:\Program Files\16559375.exe
C:\Program Files\16621078.exe
C:\Program Files\16682468.exe
C:\Program Files\16744265.exe
C:\Program Files\16806015.exe
C:\Program Files\16867765.exe
C:\Program Files\16929531.exe
C:\Program Files\16991796.exe
C:\Program Files\17053406.exe
C:\Program Files\17115531.exe
C:\Program Files\17177093.exe
C:\Program Files\17239421.exe
C:\Program Files\17301187.exe
C:\Program Files\17362968.exe
C:\Program Files\17424515.exe
C:\Program Files\17486640.exe
C:\Program Files\17548515.exe
C:\Program Files\17610921.exe
C:\Program Files\17673500.exe
C:\Program Files\17736171.exe
C:\Program Files\17798359.exe
C:\Program Files\17860421.exe
C:\Program Files\17922343.exe
C:\Program Files\17984078.exe
C:\Program Files\18046171.exe
C:\Program Files\18109140.exe
C:\Program Files\18170906.exe
C:\Program Files\18233328.exe
C:\Program Files\18295609.exe
C:\Program Files\18357828.exe
C:\Program Files\18419656.exe
C:\Program Files\18481671.exe
C:\Program Files\18543484.exe
C:\Program Files\18605640.exe
C:\Program Files\BitLord\Downloads\Nero.8.3.2.1
C:\Program Files\BitLord\Downloads\Nero.8.3.2.1.zip
C:\Program Files\BitLord\Downloads\Nero.8.3.2.1\Nero.8.3.2.1-UE-Full-RLZ\keymaker.exe
C:\Program Files\BitLord\Downloads\Nero.8.3.2.1\Nero.8.3.2.1-UE-Full-RLZ\Nero-8.3.2.1.exe
C:\Program Files\BitLord\Downloads\Nero.8.3.2.1\Nero.8.3.2.1-UE-Full-RLZ\Plugins Serials.txt
C:\Program Files\BitLord\Downloads\Nero.8.3.2.1\Nero.8.3.2.1-UE-Full-RLZ\Steps_to_activate_completely ( try to use this first).txt

.
((((((((((((((((((((((((( Files Created from 2008-05-19 to 2008-06-19 )))))))))))))))))))))))))))))))
.

2008-06-17 22:04 . 2008-06-17 22:04 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Gogii
2008-06-15 18:25 . 2008-06-15 18:25 <DIR> d-------- C:\Documents and Settings\Christopher\Application Data\Sonic
2008-06-15 18:13 . 2008-06-15 18:22 <DIR> d-------- C:\WINDOWS\system32\DLA
2008-06-15 18:13 . 2005-11-07 05:20 94,263 --a------ C:\WINDOWS\DLA.EXE
2008-06-15 18:13 . 2005-09-12 03:30 89,264 --a------ C:\WINDOWS\system32\drivers\DRVMCDB.SYS
2008-06-15 18:13 . 2005-11-07 05:20 61,500 --a------ C:\WINDOWS\system32\DLAAPI_W.DLL
2008-06-15 18:13 . 2005-08-12 05:20 40,544 --a------ C:\WINDOWS\system32\drivers\DRVNDDM.SYS
2008-06-15 18:13 . 2005-11-18 12:02 22,684 --a------ C:\WINDOWS\system32\drivers\DLARTL_N.SYS
2008-06-15 18:13 . 2005-11-18 12:02 5,660 --a------ C:\WINDOWS\system32\drivers\DLACDBHM.SYS
2008-06-13 22:35 . 2008-04-14 06:01 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-13 22:35 . 2008-04-14 06:01 272,128 --------- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-12 21:09 . 2008-06-12 21:09 <DIR> d-------- C:\Program Files\SpywareBlaster
2008-06-12 20:32 . 2008-06-12 20:32 <DIR> d-------- C:\Program Files\XviD
2008-06-12 20:32 . 2008-06-12 20:32 <DIR> d-------- C:\Program Files\Viewpoint
2008-06-12 20:32 . 2008-06-12 20:32 <DIR> d-------- C:\Program Files\TorrentMan
2008-06-12 20:32 . 2008-06-12 20:32 <DIR> d-------- C:\Program Files\NetWaiting
2008-06-12 20:32 . 2008-06-12 20:32 <DIR> d-------- C:\Program Files\EarthLink Setup
2008-06-12 20:32 . 2008-06-12 20:32 <DIR> d-------- C:\Program Files\Digital Line Detect
2008-06-09 20:36 . 2008-06-09 20:36 <DIR> d-------- C:\ie-spyad_zo
2008-06-09 18:53 . 2008-06-09 18:53 <DIR> d-------- C:\Program Files\Panda Security
2008-06-07 17:57 . 2008-06-07 17:57 <DIR> d-------- C:\Documents and Settings\Christopher\Application Data\Nero
2008-06-07 17:53 . 2008-06-07 17:53 <DIR> d-------- C:\Program Files\Nero
2008-06-07 17:53 . 2008-06-12 20:33 <DIR> d-------- C:\Program Files\Common Files\Nero
2008-06-07 17:53 . 2008-06-12 20:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-06-07 16:54 . 2008-06-08 19:32 <DIR> d-------- C:\Program Files\Conduit
2008-06-07 16:54 . 2008-06-12 20:47 <DIR> d-------- C:\Program Files\BitLord
2008-06-07 15:36 . 2008-06-07 15:36 <DIR> d-------- C:\Program Files\DVD Shrink
2008-06-07 15:36 . 2008-06-07 16:20 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-06-05 22:11 . 2008-06-15 09:30 <DIR> d-------- C:\TN Intl Pageant
2008-06-05 22:09 . 2008-06-05 22:09 641,021 --a------ C:\WINDOWS\unins000.exe
2008-06-05 22:09 . 2004-07-26 12:12 187,904 --a------ C:\WINDOWS\system32\Lame.exe
2008-06-05 22:09 . 2004-07-26 12:12 166,912 --a------ C:\WINDOWS\system32\Lame_enc.dll
2008-06-05 22:09 . 1999-09-10 12:06 45,056 --a------ C:\WINDOWS\system32\WNASPI32.DLL
2008-06-05 22:09 . 1999-09-10 12:06 25,244 --a------ C:\WINDOWS\system32\drivers\ASPI32.SYS
2008-06-05 22:09 . 1999-09-10 12:06 5,600 --a------ C:\WINDOWS\system\WINASPI.DLL
2008-06-05 22:09 . 1999-09-10 12:06 4,672 --a------ C:\WINDOWS\system\WOWPOST.EXE
2008-06-05 21:55 . 2008-06-05 21:55 <DIR> d-------- C:\Documents and Settings\Christopher\Application Data\DivX
2008-06-05 21:43 . 2008-06-07 10:08 <DIR> d-------- C:\Program Files\DivX
2008-06-05 21:33 . 2008-06-05 21:36 <DIR> d-------- C:\DECCHECK
2008-06-02 18:05 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-05-31 16:10 . 2008-05-31 16:10 <DIR> d-------- C:\Program Files\Sony Online Entertainment
2008-05-22 17:19 . 2008-05-22 17:19 161,096 --a------ C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-05-19 23:19 . 2008-05-19 23:19 <DIR> d-------- C:\Program Files\Apple Software Update

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-18 03:26 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-18 03:03 --------- d-----w C:\Program Files\Chill
2008-06-15 23:13 --------- d-----w C:\Program Files\Common Files\Sonic Shared
2008-06-15 23:12 --------- d-----w C:\Program Files\Roxio
2008-06-14 19:23 --------- d-----w C:\Documents and Settings\Christopher\Application Data\AdobeUM
2008-06-11 02:56 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-11 01:45 --------- d-----w C:\Program Files\Comcast Play Games
2008-06-10 01:31 --------- d-----w C:\Program Files\DIGStream
2008-06-08 23:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-06-02 23:05 --------- d-----w C:\Program Files\Java
2008-05-25 15:33 --------- d-----w C:\Documents and Settings\Christopher\Application Data\Apple Computer
2008-05-22 22:22 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys
2008-05-22 22:22 129,784 ----a-w C:\WINDOWS\system32\PxAFS.DLL
2008-05-22 22:22 120,056 ----a-w C:\WINDOWS\system32\pxcpyi64.exe
2008-05-22 22:22 118,520 ----a-w C:\WINDOWS\system32\pxinsi64.exe
2008-05-20 04:20 --------- d-----w C:\Program Files\Safari
2008-05-20 03:15 --------- d-----w C:\Program Files\PokerStars
2008-05-18 03:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\EscapeTheMuseum
2008-05-14 03:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\MonteCristo
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-08 12:28 202,752 ------w C:\WINDOWS\system32\dllcache\rmcast.sys
2008-05-07 04:55 1,288,192 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-07 04:55 1,288,192 ------w C:\WINDOWS\system32\dllcache\quartz.dll
2008-04-24 03:16 3,591,680 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-04-22 07:40 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-04-22 07:39 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-04-22 07:39 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-04-20 05:07 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
2008-03-27 08:12 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-27 08:12 151,583 ------w C:\WINDOWS\system32\dllcache\msjint40.dll
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-19 09:47 1,845,248 ------w C:\WINDOWS\system32\dllcache\win32k.sys
2006-10-08 21:54 56 --sh--r C:\WINDOWS\system32\24927FC793.sys
2006-09-27 02:37 88 --sh--r C:\WINDOWS\system32\93C77F9224.sys
2006-10-08 21:54 4,184 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( snapshot_2008-06-14_ 7.37.54.98 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-14 11:56:29 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-19 01:57:54 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2006-07-06 04:15:17 135,168 ----a-r C:\WINDOWS\Installer\{075473F5-846A-448B-BCB3-104AA1760205}\MediaHub.exe
+ 2008-06-15 23:13:01 135,168 ----a-r C:\WINDOWS\Installer\{075473F5-846A-448B-BCB3-104AA1760205}\MediaHub.exe
+ 2008-06-15 23:13:38 49,152 ----a-r C:\WINDOWS\Installer\{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}\ARPIcon.exe
- 2006-07-06 04:14:40 135,168 ----a-r C:\WINDOWS\Installer\{21657574-BD54-48A2-9450-EB03B2C7FC29}\MyDVDRel60.exe
+ 2008-06-15 23:16:25 135,168 ----a-r C:\WINDOWS\Installer\{21657574-BD54-48A2-9450-EB03B2C7FC29}\MyDVDRel60.exe
- 2006-07-06 04:15:07 135,168 ----a-r C:\WINDOWS\Installer\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}\MediaHub.exe
+ 2008-06-15 23:12:30 135,168 ----a-r C:\WINDOWS\Installer\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}\MediaHub.exe
+ 2008-06-14 19:24:27 25,214 ----a-r C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-A71000000002}\SC_Reader.exe
- 2006-07-06 04:15:12 135,168 ----a-r C:\WINDOWS\Installer\{B12665F4-4E93-4AB4-B7FC-37053B524629}\MediaHub.exe
+ 2008-06-15 23:13:30 135,168 ----a-r C:\WINDOWS\Installer\{B12665F4-4E93-4AB4-B7FC-37053B524629}\MediaHub.exe
+ 2005-11-07 10:20:00 25,628 ----a-w C:\WINDOWS\system32\DLA\DLABOIOM.SYS
+ 2005-11-07 10:20:00 258,108 ----a-w C:\WINDOWS\system32\DLA\DLACMD_W.EXE
+ 2005-11-07 10:20:00 241,728 ----a-w C:\WINDOWS\system32\DLA\DLACResW.DLL
+ 2005-11-07 10:20:00 122,940 ----a-w C:\WINDOWS\system32\DLA\DLACTRLW.EXE
+ 2005-11-07 10:20:00 2,496 ----a-w C:\WINDOWS\system32\DLA\DLADResN.SYS
+ 2005-11-07 10:20:00 86,652 ----a-w C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
+ 2005-11-07 10:20:00 81,980 ----a-w C:\WINDOWS\system32\DLA\DLAInstW.DLL
+ 2005-11-07 10:20:00 14,684 ----a-w C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
+ 2005-11-07 10:20:00 6,364 ----a-w C:\WINDOWS\system32\DLA\DLAPoolM.SYS
+ 2005-11-07 10:20:00 110,652 ----a-w C:\WINDOWS\system32\DLA\DLASHX_W.DLL
+ 2005-11-07 10:20:00 87,036 ----a-w C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
+ 2005-11-07 10:20:00 94,332 ----a-w C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
- 2008-04-09 08:12:26 178,648 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-06-15 23:22:38 178,648 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2006-11-21 17:53:06 158,456 ----a-w C:\WINDOWS\system32\pxwma.dll
+ 2005-03-30 18:56:12 151,552 ----a-w C:\WINDOWS\system32\pxwma.dll
+ 2003-03-13 20:10:24 40,960 ----a-w C:\WINDOWS\system32\vxdmdcdlg.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54 5674352]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 11:09 460784]
"TivoTransfer"="C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe" [2007-05-02 14:12 1193472]
"TivoNotify"="C:\Program Files\TiVo\Desktop\TiVoNotify.exe" [2007-05-02 14:13 373760]
"TivoServer"="C:\Program Files\TiVo\Desktop\TiVoServer.exe" [2007-05-02 14:14 1463296]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 05:00 15360]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 10:23 202544]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 21:05 204288]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 11:24 1694208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-09-29 14:01 67584]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-12-14 20:51 7323648]
"CTHelper"="CTHELPER.EXE" [2006-12-12 10:46 19456 C:\WINDOWS\system32\CtHelper.exe]
"CTxfiHlp"="CTXFIHLP.EXE" [2006-12-12 10:46 20480 C:\WINDOWS\system32\Ctxfihlp.exe]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-06-17 07:56 139264]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2006-05-03 03:12 98304]
"CTDVDDET"="C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" [2003-06-18 01:00 45056]
"VolPanel"="C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" [2005-10-14 11:01 122880]
"AudioDrvEmulator"="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-11-04 18:07 49152]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00 90112]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-06-10 10:44 249856]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 10:44 81920]
"VSOCheckTask"="C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" [2005-07-08 18:18 151552]
"OASClnt"="C:\Program Files\McAfee.com\VSO\oasclnt.exe" [2005-08-11 22:02 53248]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [2005-09-22 18:29 303104]
"MCUpdateExe"="C:\PROGRA~1\mcafee.com\agent\mcupdate.exe" [2006-01-11 12:05 212992]
"MSKDetectorExe"="C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe" [2006-11-07 15:49 1121280]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2006-07-05 23:15 169984]
"MSKAGENTEXE"="C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe" [2005-09-26 10:26 110592]
"VirusScan Online"="C:\Program Files\McAfee.com\VSO\mcvsshld.exe" [2005-08-10 12:49 163840]
"MPFExe"="C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe" [2005-11-11 17:00 1005096]
"HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2003-10-23 19:51 233472]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2006-01-13 02:14 188416]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-22 23:20 339968 C:\WINDOWS\stsystra.exe]
"Share-to-Web Namespace Daemon"="c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 10:42 69632]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 16:32 56080 C:\WINDOWS\KHALMNPR.Exe]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-01-12 03:09 488984]
"LVCOMSX"="C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe" [2007-01-12 03:12 244512]
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 10:24 16384]
"gcNotifier"="C:\Documents and Settings\Christopher\Local Settings\Application Data\VTShared\GCNotifier.exe" [2008-01-25 11:06 176128]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 10:23 202544]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-11-07 05:20 122940]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 05:00 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 03:38:16 29696]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2006-07-05 23:05:07 24576]
Extender Resource Monitor.lnk - C:\WINDOWS\ehome\RMSysTry.exe [2005-10-20 19:55:40 18432]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-07-30 18:22:00 67128]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-07-30 18:20:16 692224]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2000-01-20 20:15:54 65588]
ymetray.lnk - C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe [2007-10-03 13:56:10 54512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Yahoo!\\Yahoo! Music Jukebox\\YahooMusicEngine.exe"=
"C:\\Program Files\\Adobe\\Photoshop Elements 5.0\\AdobePhotoshopElementsMediaServer.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3776:UDP"= 3776:UDP:Media Center Extender Service
"3390:TCP"= 3390:TCP:Remote Media Center Experience

R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-11-15 10:23]
R2 TivoBeacon2;TiVo Beacon;"C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe" /service []
R3 ha20x2k;Creative 20X HAL Driver;C:\WINDOWS\system32\drivers\ha20x2k.sys [2006-12-19 08:36]
S2 RMSvc;Media Center Extender Resource Monitor;C:\WINDOWS\ehome\RMSvc.exe [2005-10-20 19:55]
S3 QWAVE;QWAVE service;C:\WINDOWS\system32\svchost.exe [2004-08-10 05:00]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
QWAVE REG_MULTI_SZ QWAVE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
\Shell\AutoRun\command - E:\setup.exe

.
Contents of the 'Scheduled Tasks' folder
"2008-06-14 17:53:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-06-19 01:58:13 C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (KREBSTAR-Christopher).job"
- c:\program files\mcafee.com\vso\mcmnhdlr.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-18 20:58:37
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe
-> ?:\WINDOWS\System32\CSCDLL.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTSVCCDA.EXE
C:\WINDOWS\ehome\ehrecvr.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\McAfee.com\Agent\Mcdetect.exe
C:\PROGRA~1\McAfee.com\VSO\McShield.exe
C:\PROGRA~1\McAfee.com\Agent\McTskshd.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\WINDOWS\system32\CTxfispi.exe
C:\Program Files\McAfee\SpamKiller\MSKAgent.exe
C:\PROGRA~1\McAfee.com\VSO\McVSEscn.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\PROGRA~1\McAfee.com\VSO\mcvsftsn.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\ehome\ehmsas.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
.
**************************************************************************
.
Completion time: 2008-06-18 21:19:58 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-19 02:19:53
ComboFix2.txt 2008-06-14 13:08:28
ComboFix3.txt 2008-06-14 04:01:06

Pre-Run: 263,087,644,672 bytes free
Post-Run: 263,200,309,248 bytes free

662 --- E O F --- 2008-06-14 05:22:39
__________________________________________________________________________

ESET ONLINE SCANNER LOG

# version=4
# OnlineScanner.ocx=1.0.0.56
# OnlineScannerDLLA.dll=1, 0, 0, 51
# OnlineScannerDLLW.dll=1, 0, 0, 51
# OnlineScannerUninstaller.exe=1, 0, 0, 49
# vers_standard_module=3198 (20080618)
# vers_arch_module=1.064 (20080214)
# vers_adv_heur_module=1.064 (20070717)
# EOSSerial=709f55673680394886b2a9e245271ea1
# end=finished
# remove_checked=false
# unwanted_checked=true
# utc_time=2008-06-19 04:01:42
# local_time=2008-06-18 11:01:42 (-0600, Central Daylight Time)
# country="United States"
# osver=5.1.2600 NT Service Pack 2
# scanned=326153
# found=249
# scan_time=5183
C:\Program Files\Trend Micro\HijackThis\backups\backup-20080228-221116-110.dll Win32/BHO.NBY trojan C2B50F2300608C1E5E04446324C6AD6B
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\wn852.exe.vir probably a variant of Win32/Agent.DRM trojan 7733B395D4A260CAE08AA72A3B079E59
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip.vir multiple infiltrations 22C2D979174C3846E17F8B80C0FCEFDB
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip.vir »ZIP »backups/adknalsrmton.bmp Win32/TrojanDownloader.FakeAlert.BU trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip.vir »ZIP »backups/ehgriponqh.bmp Win32/TrojanDownloader.FakeAlert.BU trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip.vir »ZIP »backups/gbitkb.bmp Win32/TrojanDownloader.FakeAlert.BU trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip.vir »ZIP »backups/monmon.exe Win32/TrojanClicker.Small.NBK trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip.vir »ZIP »backups/nmdobmh.bmp Win32/TrojanDownloader.FakeAlert.BU trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip.vir »ZIP »backups/obipsb.bmp Win32/TrojanDownloader.FakeAlert.BU trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip.vir »ZIP »backups/tmp139093.exe Win32/TrojanClicker.Small.NBK trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip.vir »ZIP »backups/tmp139218.exe Win32/TrojanDownloader.Small.IOQ trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip.vir »ZIP »backups/tmp140296.exe Win32/TrojanDownloader.Small.IOQ trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip.vir »ZIP »backups/tmp1620968.exe Win32/TrojanClicker.Small.NBK trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip.vir »ZIP »backups/tmp1620984.exe Win32/TrojanClicker.Small.NBK trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip.vir »ZIP »backups/tmp18814812.exe Win32/TrojanClicker.Small.NBK trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip.vir »ZIP »backups/tmp24180859.exe Win32/TrojanClicker.Small.NBK trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip.vir »ZIP »backups/tmp24925687.exe Win32/TrojanClicker.Small.NBK trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip.vir »ZIP »backups/tmp320359.exe Win32/TrojanClicker.Small.NBK trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip.vir »ZIP »backups/tmp320375.exe Win32/TrojanClicker.Small.NBK trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip.vir »ZIP »backups/tmp339875.exe Win32/TrojanDownloader.Small.IOQ trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip.vir »ZIP »backups/tmp58844828.exe Win32/TrojanClicker.Small.NBK trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip.vir »ZIP »backups/tmp58844875.exe Win32/TrojanClicker.Small.NBK trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip.vir »ZIP »backups/tmp58844921.exe Win32/TrojanClicker.Small.NBK trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip.vir »ZIP »backups/tmp78181328.exe Win32/TrojanClicker.Small.NBK trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip.vir »ZIP »backups/tmp85541109.exe Win32/TrojanClicker.Small.NBK trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip.vir »ZIP »backups/tmp9522281.exe Win32/TrojanDownloader.Small.IOQ trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip.vir »ZIP »backups/trayicon.exe probably a variant of Win32/Agent.DRM trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip.vir »ZIP »backups/udefender_setup.exe Win32/Adware.UltimateDefender application 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip.vir »ZIP »backups/windsk.dll Win32/Agent.DRM trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Documents and Settings\Christopher\Desktop\FixTools\SDFix\backups\backups.zip.vir »ZIP »backups/Yazzle2181OinAdmin.exe probably a variant of Win32/TrojanDownloader.PurityScan trojan 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Program Files\10099031.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\10161109.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\10161718.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\10222453.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\10223453.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\10282687.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\10285312.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\10342875.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\10347187.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\10403093.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\10408437.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\10463343.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\10470218.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\10523609.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\10532484.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\10583859.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\10593906.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\10644296.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\10655656.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\10704546.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\10717625.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\10764796.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\10779609.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\10825109.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\10841828.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\10885390.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\10903703.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\10945687.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\10965500.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\11006078.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\11066390.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\11126750.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\11187031.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\11213828.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\11247406.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\11275921.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\11307875.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\11337718.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\11368359.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\11428718.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\11489359.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\11549750.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\11585468.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\11610406.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\11647578.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\11670765.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\11709078.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\11731343.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\11791828.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\11852234.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\11912953.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\11973765.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\12034281.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\12094781.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\12155359.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\12215875.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\12276609.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\12337484.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\12398203.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\12458875.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\12519750.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\12580500.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\12641250.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\12701750.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\12762453.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\12823484.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\12884234.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\12944734.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\13005015.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\13065328.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\13125843.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\13187093.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\13248078.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\13308828.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\13369687.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\13430656.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\13491546.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\13552390.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\13613187.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\13674484.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\13735375.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\13796890.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\13857953.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\13919312.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\13980531.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\14041531.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\14102406.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\14163062.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\14224000.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\14284937.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\14345984.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\14407421.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\14468890.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\14530203.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\14591343.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\14652562.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\14713734.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\14775187.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\14836546.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\14897906.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\14958859.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\15020078.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\15081625.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\15142937.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\15204078.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\15265343.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\15326718.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\15387765.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\15448781.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\15509953.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\15570859.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\15632234.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\15693656.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\15756078.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\15817187.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\15879234.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\15941046.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\16002718.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\16065312.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\16127125.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\16188796.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\16250015.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\16311328.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\16372812.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\16434625.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\16496640.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\16559375.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\16621078.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\16682468.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\16744265.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\16806015.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\16867765.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\16929531.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\16991796.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\17053406.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\17115531.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\17177093.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\17239421.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\17301187.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\17362968.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\17424515.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\17486640.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\17548515.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\17610921.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\17673500.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\17736171.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\17798359.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\17860421.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\17922343.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\17984078.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\18046171.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\18109140.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\18170906.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\18233328.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\18295609.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\18357828.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\18419656.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\18481671.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\18543484.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\18605640.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\18668031.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\18730218.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\18855218.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\18916968.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\18979281.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\19042578.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\19230031.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\19355125.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\19417234.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\19479921.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\19541796.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\19604250.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\19667375.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\19729546.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\19791953.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\19854546.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\19916984.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\19978265.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\20040687.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\20102531.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\20165546.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\20227515.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\20289656.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\20351390.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\20414390.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\20476484.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\20538234.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\20600703.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\20663640.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\20726734.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\20789625.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\20852859.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\20915421.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\21167515.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\21230765.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\21293640.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\21356031.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\21418859.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\21482875.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\21546437.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\21608953.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\21671093.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\21733734.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\21796609.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\21860625.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\21901437.exe.vir a variant of Win32/TrojanDownloader.Small.IOQ trojan 0A572B42392FAAA4C9D31109A8F90269
C:\QooBox\Quarantine\C\Program Files\21919468.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\9508234.exe.vir Win32/TrojanClicker.Small.NBK trojan D0F0DE3A7A9BBC9FEAB2C0248BE7F6D5
C:\QooBox\Quarantine\C\Program Files\9521234.exe.vir Win32/TrojanDownloader.Small.IOQ trojan 828A383370E909EAA6986CAD3EBF1499
C:\QooBox\Quarantine\C\Program Files\9864609.exe.vir probably a variant of Win32/TrojanClicker.Agent.NBS trojan 4B023D0A1CDC500AEB12FBA1A567F74E
C:\QooBox\Quarantine\C\Program Files\WNSXS~1\userinit.exe.vir probably a variant of Win32/TrojanDownloader.PurityScan trojan 667002DC3BA16A722049A1B5297CB5E9
C:\QooBox\Quarantine\C\WINDOWS\wsystmp_nwz.exe.vir Win32/Nuwar.Gen worm C510187FE5DE197A71A4E611F6887D1A
C:\QooBox\Quarantine\C\WINDOWS\Installer\{5e6fe06e-8ec3-472c-b364-227326a89f0d}\zip.dll.vir a variant of Win32/BHO.NCG trojan 7E3E848E63D9CDD4D619CAE0283EA202
C:\QooBox\Quarantine\C\WINDOWS\Installer\{9c6cc8ca-c6cd-404c-a987-d0e5124aad8c}\AvpRunOnce.dll.vir a variant of Win32/TrojanClicker.Agent.NCU trojan F60A55A06FEAA3735F21F0910540A295
C:\QooBox\Quarantine\C\WINDOWS\system32\aeeayphj.dll.vir a variant of Win32/Adware.Virtumonde application 2E8981159C94812FCCCFE2DF4EFAFB89
C:\QooBox\Quarantine\C\WINDOWS\system32\bwrbnblj.dll.vir Win32/Adware.AdMedia application 09A2AD1A4B83D81E76176D1BEA0D68BD
C:\QooBox\Quarantine\C\WINDOWS\system32\dbghtsdv.dll.vir Win32/Adware.Virtumonde application 68B70333FCB179F32907C96B403CAD09
C:\QooBox\Quarantine\C\WINDOWS\system32\noxrleda.dll.vir a variant of Win32/Adware.Virtumonde application D392326D61BA426CED5A8F3BC8E32E45
C:\QooBox\Quarantine\C\WINDOWS\system32\uibhfxwy.dll.vir a variant of Win32/Adware.Virtumonde application 9EFF12B7B54B733360823143F937778A


__________________________________________________________________________


HIJACK THIS LOG
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1120 PM, on 6/18/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\ehome\ehtray.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Documents and Settings\Christopher\Local Settings\Application Data\VTShared\GCNotifier.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe
C:\Program Files\TiVo\Desktop\TiVoNotify.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\Digital Line Detect\DLG.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\WINDOWS\ehome\RMSysTry.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe
C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: (no name) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - (no file)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [gcNotifier] C:\Documents and Settings\Christopher\Local Settings\Application Data\VTShared\GCNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [TivoTransfer] "C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe" /service /registry /auto:TivoTransfer
O4 - HKCU\..\Run: [TivoNotify] "C:\Program Files\TiVo\Desktop\TiVoNotify.exe" /service /registry /auto:TivoNotify
O4 - HKCU\..\Run: [TivoServer] "C:\Program Files\TiVo\Desktop\TiVoServer.exe" /service /registry /auto:TivoServer
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Extender Resource Monitor.lnk = C:\WINDOWS\ehome\RMSysTry.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/OnlineScanner.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/...oUploader3.cab
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/...dsolutions.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
O16 - DPF: {B0C45AFD-2802-4285-BE1F-714C50FEE6D9} (HprmfPCFileCtrl1 Class) - file://D:\ALBUMS\ALBUM_A\PLUGIN\HPRMFFC.CAB
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30155.www3.hp.com/ediags/hpf...qdiagh.cab?326
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: TiVo Beacon (TivoBeacon2) - TiVo Inc. - C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe

--
End of file - 14557 bytes
xtopherp is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-24-2008, 06:23 PM   #20 (permalink)
Registered User
 
Join Date: Jun 2008
Location: Nashville
Posts: 21
OS: XP


Re: Pops ups, slowness, and the usual suspects
bump please
running well. wanted to see if you had any final instructions before declaring issue closed. Thanks for all the help.
xtopherp is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
 
Page 1 of 2 1 2

« Previous Thread | Next Thread »

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -7. The time now is 03:37 AM.

Contact Us - Tech Support Forum - Archive - Privacy Statement - Top


Copyright 2001 - 2009, Tech Support Forum
Home Tips Plus | Outdoor Basecamp | Automotive Support Forum

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85