|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Resolved HJT Threads Resolved spyware and popup issues. |
|
|
LinkBack | Thread Tools |
11-06-2008, 07:40 AM
|
#1 (permalink) |
|
Registered User
Join Date: Nov 2008
Posts: 30
OS: xp SP2
|
Infected with Trojan.Adclicker.HB & trojan generic 826214
Hi there :
heres my log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:39:07, on 06/11/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Dell Support\DSAgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Webshots\WebshotsTray.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe c:\program files\internet explorer\iexplore.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Azureus\Azureus.exe C:\Program Files\Java\jre1.6.0_03\bin\javaw.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\PC Apps 3\Hijackthis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://us.mcafee.com/root/learnmore/...ue&lcode=en-us R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'SYSTEM') O4 - S-1-5-18 Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user') O4 - .DEFAULT Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Digital Line Detect.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe -- End of file - 9083 bytes |
|
     |
| Sponsored Links |
|
11-10-2008, 01:49 AM
|
#3 (permalink) |
|
Registered User
Join Date: Nov 2008
Posts: 30
OS: xp SP2
|
cant get rid of Trojan.Adclicker.HB ....Driving me crazy !!
tried a bit of cleaning myself but still cant get rid of Adclicker.
heres an updated log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:47:56, on 10/11/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Dell Support\DSAgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Webshots\WebshotsTray.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe c:\program files\internet explorer\iexplore.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Azureus\Azureus.exe C:\Program Files\Java\jre1.6.0_03\bin\javaw.exe C:\PC Apps 3\Hijackthis\HijackThis.exe |
|
|
|
|
11-10-2008, 05:49 AM
|
#4 (permalink) |
|
Registered User
Join Date: Nov 2008
Posts: 30
OS: xp SP2
|
Re: Infected with Trojan.Adclicker.HB & trojan generic 826214
Ooops...left out half the log
 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:46:52, on 10/11/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Dell Support\DSAgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Webshots\WebshotsTray.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe c:\program files\internet explorer\iexplore.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Azureus\Azureus.exe C:\Program Files\Java\jre1.6.0_03\bin\javaw.exe C:\WINDOWS\system32\rundll32.exe C:\PC Apps 3\Hijackthis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://us.mcafee.com/root/learnmore/...ue&lcode=en-us R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {33107fe9-e799-49ce-a747-8d04d428adec} - C:\WINDOWS\system32\leborivo.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [rizozoribo] Rundll32.exe "C:\WINDOWS\system32\yekugebe.dll",s O4 - HKLM\..\Run: [845f2c22] rundll32.exe "C:\WINDOWS\system32\kajopezi.dll",b O4 - HKLM\..\Run: [CPM876c1fbe] Rundll32.exe "c:\windows\system32\lutirada.dll",a O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 O4 - HKUS\S-1-5-19\..\Run: [rizozoribo] Rundll32.exe "C:\WINDOWS\system32\yekugebe.dll",s (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [rizozoribo] Rundll32.exe "C:\WINDOWS\system32\yekugebe.dll",s (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'SYSTEM') O4 - S-1-5-18 Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user') O4 - .DEFAULT Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Digital Line Detect.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab O20 - AppInit_DLLs: C:\WINDOWS\system32\dagitufa.dll c:\windows\system32\lutirada.dll O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\lutirada.dll O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\lutirada.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe -- End of file - 9868 bytes |
|
|
|
|
11-11-2008, 06:15 AM
|
#6 (permalink) |
|
Moderator, Analyst, Security Team
Join Date: Oct 2006
Location: Dùn Èideann,Scotland.
Posts: 4,531
OS: XP
|
Re: Infected with Trojan.Adclicker.HB & trojan generic 826214
Hello and welcome to TSF
Please follow the instruction outlined in our sticky entitled http://www.techsupportforum.com/secu...oval-help.html If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply. If there is no response to this post within 72hrs, this thread will be closed. |
|
|
|
|
11-12-2008, 02:40 AM
|
#7 (permalink) |
|
Registered User
Join Date: Nov 2008
Posts: 30
OS: xp SP2
|
Re: Infected with Trojan.Adclicker.HB & trojan generic 826214
Hi and thanks for the reply.
My problem is my AV keeps alerting me to Trojan.Adclicker.HB and trojan.Generic 827614 being blocked and moved to quarantine. My Internet Browser is re-directing me to other sites (mainly ads) and even when the internet is closed it can open and go to various sites of its own accord. I have 2 problems with your "first steps" request. 1. DDS is hanging when the dos screen opens and wont run. 2. I dont understand about attaching under the Management attachment buttons. Where are these located ? Heres is the Gmer report anyway: GMER 1.0.14.14536 - http://www.gmer.net Rootkit scan 2008-11-12 10:24:40 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.14 ---- SSDT d347bus.sys (PnP BIOS Extension/ ) ZwClose [0xB9F8E818] SSDT d347bus.sys (PnP BIOS Extension/ ) ZwCreateKey [0xB9F8E7D0] SSDT d347bus.sys (PnP BIOS Extension/ ) ZwCreatePagingFile [0xB9F82A20] SSDT d347bus.sys (PnP BIOS Extension/ ) ZwEnumerateKey [0xB9F832A8] SSDT d347bus.sys (PnP BIOS Extension/ ) ZwEnumerateValueKey [0xB9F8E910] SSDT d347bus.sys (PnP BIOS Extension/ ) ZwOpenKey [0xB9F8E794] SSDT \??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender S.R.L.) ZwOpenProcess [0xAB006B4C] SSDT \??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender S.R.L.) ZwOpenThread [0xAB006C3A] SSDT d347bus.sys (PnP BIOS Extension/ ) ZwQueryKey [0xB9F832C8] SSDT d347bus.sys (PnP BIOS Extension/ ) ZwQueryValueKey [0xB9F8E866] SSDT d347bus.sys (PnP BIOS Extension/ ) ZwSetSystemPowerState [0xB9F8E0B0] SSDT \??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender S.R.L.) ZwTerminateProcess [0xAB006AB0] ---- Kernel code sections - GMER 1.0.14 ---- ? System32\Drivers\6b11c0b9.sys The system cannot find the file specified. ! ? System32\Drivers\4e3c06de.sys The system cannot find the file specified. ! ---- User code sections - GMER 1.0.14 ---- .text C:\Program Files\Mozilla Firefox\firefox.exe[7504] kernel32.dll!ExitProcess 7C81CDDA 5 Bytes JMP 00A42487 c:\windows\system32\hurikupu.dll .text C:\Program Files\Mozilla Firefox\firefox.exe[7504] WS2_32.dll!connect 71AB406A 5 Bytes JMP 00A42A53 c:\windows\system32\hurikupu.dll ---- Devices - GMER 1.0.14 ---- Device \FileSystem\Ntfs \Ntfs 8A079488 AttachedDevice \FileSystem\Ntfs \Ntfs trufos.sys Device \FileSystem\Fastfat \FatCdrom 896F7FB0 AttachedDevice \Driver\Tcpip \Device\Ip bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender SRL) AttachedDevice \Driver\Tcpip \Device\Tcp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender SRL) Device \Driver\Cdrom \Device\CdRom0 89FA8410 Device \FileSystem\Rdbss \Device\FsWrap 8996C030 Device \Driver\iastor \Device\Ide\iaStor0 8AA263C0 Device \Driver\iastor \Device\Ide\IAAStorageDevice-0 8AA263C0 Device \Driver\iastor \Device\Ide\IAAStorageDevice-1 8AA263C0 Device \Driver\iastor \Device\Ide\IAAStorageDevice-2 8AA263C0 Device \Driver\Cdrom \Device\CdRom1 89FA8410 Device \FileSystem\Srv \Device\LanmanServer 89E37C40 AttachedDevice \Driver\Tcpip \Device\Udp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender SRL) AttachedDevice \Driver\Tcpip \Device\RawIp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender SRL) Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 89927320 Device \FileSystem\MRxSmb \Device\LanmanRedirector 89927320 Device \FileSystem\Npfs \Device\NamedPipe 899633D8 Device \FileSystem\Msfs \Device\Mailslot 89DFAC00 Device \Driver\d347prt \Device\Scsi\d347prt1Port1Path0Target0Lun0 89FAEC70 Device \Driver\d347prt \Device\Scsi\d347prt1 89FAEC70 Device \FileSystem\Fastfat \Fat 896F7FB0 AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) AttachedDevice \FileSystem\Fastfat \Fat trufos.sys Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer 89E1B460 Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer 89E1B460 Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer 89E1B460 Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer 89E1B460 Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer 89E1B460 Device \FileSystem\Cdfs \Cdfs 89F0C1A8 ---- Threads - GMER 1.0.14 ---- Thread 4:2092 AC18BAB0 Thread 4:2156 AC1D3AB0 Thread 4:4248 9FA4EAB0 Thread 4:4332 A3A8BAB0 Thread 4:5516 AC1A3AB0 ---- Registry - GMER 1.0.14 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf40 Reg HKLM\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf40@khjeh 0x20 0x02 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf40@hj34z0 0xC3 0xA5 0xFF 0xCC ... ---- EOF - GMER 1.0.14 ---- |
|
|
|
|
11-12-2008, 06:40 AM
|
#8 (permalink) | ||
|
Moderator, Analyst, Security Team
Join Date: Oct 2006
Location: Dùn Èideann,Scotland.
Posts: 4,531
OS: XP
|
Re: Infected with Trojan.Adclicker.HB & trojan generic 826214
Quote:
Quote:
Download DDS again from the link below. Link Last edited by TheBruce1; 11-12-2008 at 07:32 AM. |
||
|
|
|
|
11-12-2008, 05:52 PM
|
#9 (permalink) | |
|
Registered User
Join Date: Nov 2008
Posts: 30
OS: xp SP2
|
Re: Infected with Trojan.Adclicker.HB & trojan generic 826214
Quote:
Also...Ive gotten trojan.adclicker.hb at same location and also at C:\documents and settings\local settings\temp I have trojan.Adclicker and Trojan.generic at C:\Windows\system32. I have Trojan.Rincux located at C:\Windows\temp. I have AdwareAleert.exe .."Trojan.FakeAV" at C:\documents and settings\local settings\Temp\7zS75.tmp\AdwareAlert |
|
|
|
|
|
11-13-2008, 01:53 AM
|
#10 (permalink) |
|
Registered User
Join Date: Nov 2008
Posts: 30
OS: xp SP2
|
Re: Infected with Trojan.Adclicker.HB & trojan generic 826214
Ive tried DDS again and it still doesnt produce a log.
I disconnected fromt he internet, disabled Bitdefender and double clicked on the DDs application. The DOS screen opened and i got the "It doesnt do squat" screen where it tells me that its only "required to run once". the cursor kept flashing but nothing happens after that. Does it run automatically ?? Ive tried this a few times. |
|
|
|
|
11-13-2008, 04:41 AM
|
#11 (permalink) |
|
Moderator, Analyst, Security Team
Join Date: Oct 2006
Location: Dùn Èideann,Scotland.
Posts: 4,531
OS: XP
|
Re: Infected with Trojan.Adclicker.HB & trojan generic 826214
Delete DDS and follow instructions below.
|
|
|
|
|
11-14-2008, 01:44 AM
|
#12 (permalink) |
|
Registered User
Join Date: Nov 2008
Posts: 30
OS: xp SP2
|
Re: Infected with Trojan.Adclicker.HB & trojan generic 826214
As requested :
Logfile of random's system information tool 1.04 (written by random/random) Run by Ken & Caroline at 2008-11-14 09:41:46 Microsoft Windows XP Home Edition Service Pack 2 System drive C: has 37 GB (25%) free of 149 GB Total RAM: 2046 MB (1% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:42:00, on 14/11/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Dell Support\DSAgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Webshots\WebshotsTray.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Ken & Caroline\Desktop\RSIT.exe C:\PC Apps 3\Hijackthis\Ken & Caroline.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://us.mcafee.com/root/learnmore/...ue&lcode=en-us R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {33107fe9-e799-49ce-a747-8d04d428adec} - C:\WINDOWS\system32\leborivo.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: solution Class - {99C6D1BB-7555-474C-91DA-D8FB62A9CC75} - C:\WINDOWS\system32\y0c2k2wj.dll (file missing) O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [rizozoribo] Rundll32.exe "C:\WINDOWS\system32\yekugebe.dll",s O4 - HKLM\..\Run: [845f2c22] rundll32.exe "C:\WINDOWS\system32\mogiwate.dll",b O4 - HKLM\..\Run: [CPM876c1fbe] Rundll32.exe "c:\windows\system32\vomotuzi.dll",a O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 O4 - HKUS\S-1-5-19\..\Run: [rizozoribo] Rundll32.exe "C:\WINDOWS\system32\yekugebe.dll",s (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [rizozoribo] Rundll32.exe "C:\WINDOWS\system32\yekugebe.dll",s (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'SYSTEM') O4 - S-1-5-18 Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user') O4 - .DEFAULT Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Digital Line Detect.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab O20 - AppInit_DLLs: C:\WINDOWS\system32\dagitufa.dll c:\windows\system32\vomotuzi.dll O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\vomotuzi.dll O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\vomotuzi.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe -- End of file - 9958 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AdwareAlert Scheduled Scan.job C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\At1.job C:\WINDOWS\tasks\At10.job C:\WINDOWS\tasks\At11.job C:\WINDOWS\tasks\At12.job C:\WINDOWS\tasks\At13.job C:\WINDOWS\tasks\At14.job C:\WINDOWS\tasks\At15.job C:\WINDOWS\tasks\At16.job C:\WINDOWS\tasks\At17.job C:\WINDOWS\tasks\At18.job C:\WINDOWS\tasks\At19.job C:\WINDOWS\tasks\At2.job C:\WINDOWS\tasks\At20.job C:\WINDOWS\tasks\At21.job C:\WINDOWS\tasks\At22.job C:\WINDOWS\tasks\At23.job C:\WINDOWS\tasks\At24.job C:\WINDOWS\tasks\At25.job C:\WINDOWS\tasks\At26.job C:\WINDOWS\tasks\At27.job C:\WINDOWS\tasks\At28.job C:\WINDOWS\tasks\At29.job C:\WINDOWS\tasks\At3.job C:\WINDOWS\tasks\At30.job C:\WINDOWS\tasks\At31.job C:\WINDOWS\tasks\At32.job C:\WINDOWS\tasks\At33.job C:\WINDOWS\tasks\At34.job C:\WINDOWS\tasks\At35.job C:\WINDOWS\tasks\At36.job C:\WINDOWS\tasks\At37.job C:\WINDOWS\tasks\At38.job C:\WINDOWS\tasks\At39.job C:\WINDOWS\tasks\At4.job C:\WINDOWS\tasks\At40.job C:\WINDOWS\tasks\At41.job C:\WINDOWS\tasks\At42.job C:\WINDOWS\tasks\At43.job C:\WINDOWS\tasks\At44.job C:\WINDOWS\tasks\At45.job C:\WINDOWS\tasks\At46.job C:\WINDOWS\tasks\At47.job C:\WINDOWS\tasks\At48.job C:\WINDOWS\tasks\At5.job C:\WINDOWS\tasks\At6.job C:\WINDOWS\tasks\At7.job C:\WINDOWS\tasks\At8.job C:\WINDOWS\tasks\At9.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33107fe9-e799-49ce-a747-8d04d428adec}] C:\WINDOWS\system32\leborivo.dll [2008-08-07 60928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99C6D1BB-7555-474C-91DA-D8FB62A9CC75}] solution Class - C:\WINDOWS\system32\y0c2k2wj.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll [2008-03-04 86016] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-08-08 7630848] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [2007-09-25 132496] "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2006-07-06 151552] "ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184] "ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-07-27 81920] "IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\point32.exe [2004-06-03 204800] "Easy-PrintToolBox"=C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600] "NWEReboot"= [] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "PCSuiteTrayApplication"=C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE [2006-06-15 229376] "basicsmssmenu"=C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe [2007-10-09 169328] "BDAgent"=C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe [2008-09-15 368640] "BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe [2007-12-26 61440] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576] "rizozoribo"=C:\WINDOWS\system32\yekugebe.dll [2008-08-07 60928] "RegistryMechanic"= [] "845f2c22"=C:\WINDOWS\system32\mogiwate.dll [2008-11-12 86068] "CPM876c1fbe"=c:\windows\system32\vomotuzi.dll [2008-11-13 92212] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DellSupport"=C:\Program Files\Dell Support\DSAgnt.exe [2006-08-28 395776] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360] "updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472] C:\Documents and Settings\All Users\Start Menu\Programs\Startup Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe C:\Documents and Settings\Ken & Caroline\Start Menu\Programs\Startup Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe Webshots.lnk - C:\Program Files\Webshots\WebshotsTray.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\WINDOWS\system32\dagitufa.dll c:\windows\system32\vomotuzi.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\vomotuzi.dll [2008-11-13 92212] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler] STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\vomotuzi.dll [2008-11-13 92212] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"= :\WINDOWS\syste scecli C:\WINDOWS\system32\dagitufa.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Explorer" "C:\WINDOWS\system32\logonui.exe"="C:\WINDOWS\system32\logonui.exe:*:Enabled:logonui" "C:\WINDOWS\system32\winlogon.exe"="C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" ======File associations====== .js - open - "C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe" "%1" ======List of files/folders created in the last 1 months====== 2008-11-14 09:41:46 ----D---- C:\rsit 2008-11-14 04:22:19 ----SH---- C:\WINDOWS\system32\jumobiva.exe 2008-11-12 13:42:27 ----D---- C:\Documents and Settings\Ken & Caroline\Application Data\Publish Providers 2008-11-12 13:42:08 ----D---- C:\Documents and Settings\Ken & Caroline\Application Data\Sony 2008-11-12 13:37:34 ----A---- C:\WINDOWS\system32\w3a5i5uh.exe.a_a 2008-11-12 13:37:27 ----D---- C:\Program Files\Vstplugins 2008-11-12 13:37:24 ----D---- C:\Documents and Settings\All Users\Application Data\Sony 2008-11-12 13:37:11 ----D---- C:\Program Files\Sony 2008-11-12 13:31:48 ----D---- C:\Documents and Settings\Ken & Caroline\Application Data\Sony Setup 2008-11-12 13:31:25 ----D---- C:\Program Files\Sony Setup 2008-11-12 10:17:59 ----SH---- C:\WINDOWS\system32\etawigom.ini 2008-11-12 10:11:25 ----A---- C:\WINDOWS\gmer.ini 2008-11-12 10:11:22 ----A---- C:\WINDOWS\gmer_uninstall.cmd 2008-11-12 10:11:22 ----A---- C:\WINDOWS\gmer.dll 2008-11-12 10:11:21 ----A---- C:\WINDOWS\gmer.exe 2008-11-11 22:17:57 ----SH---- C:\WINDOWS\system32\esumajit.ini 2008-11-11 10:17:44 ----SH---- C:\WINDOWS\system32\asuzarot.ini 2008-11-10 22:29:25 ----A---- C:\WINDOWS\system32\STKIT432.DLL 2008-11-10 22:29:21 ----D---- C:\Program Files\Registry Mechanic 2008-11-10 22:17:31 ----SH---- C:\WINDOWS\system32\oyozonav.ini 2008-11-10 10:17:16 ----SH---- C:\WINDOWS\system32\izepojak.ini 2008-11-09 22:17:06 ----SH---- C:\WINDOWS\system32\uwozedop.ini 2008-11-09 10:16:45 ----SH---- C:\WINDOWS\system32\uzigufan.ini 2008-11-08 22:16:16 ----SH---- C:\WINDOWS\system32\avituvut.ini 2008-11-08 10:16:03 ----SH---- C:\WINDOWS\system32\atilideg.ini 2008-11-07 22:15:45 ----SH---- C:\WINDOWS\system32\ayofugul.ini 2008-11-05 22  33 ----D---- C:\Documents and Settings\Ken & Caroline\Application Data\AdwareAlert2008-11-02 14:11:21 ----D---- C:\Program Files\CDex_150 2008-11-02 12:51:34 ----A---- C:\WINDOWS\system32\4iSOK8ua.exe.a_a 2008-11-02 12:51:33 ----A---- C:\WINDOWS\system32\4iSOK8ua.exe 2008-11-01 10:01:38 ----A---- C:\WINDOWS\system32\xpsp2res.dll 2008-11-01 10:01:38 ----A---- C:\WINDOWS\system32\qmgr.dll 2008-11-01 10:01:06 ----A---- C:\WINDOWS\system32\ntvdm.exe 2008-11-01 10:01:06 ----A---- C:\WINDOWS\system32\ntprint.dll 2008-11-01 10:01:06 ----A---- C:\WINDOWS\system32\ntlsapi.dll 2008-11-01 10:01:06 ----A---- C:\WINDOWS\system32\ntdll.dll 2008-11-01 10:01:06 ----A---- C:\WINDOWS\system32\nslookup.exe 2008-11-01 10:01:06 ----A---- C:\WINDOWS\system32\msv1_0.dll 2008-11-01 10:01:06 ----A---- C:\WINDOWS\system32\msgsvc.dll 2008-11-01 10:01:06 ----A---- C:\WINDOWS\system32\mgmtapi.dll 2008-11-01 10:01:06 ----A---- C:\WINDOWS\system32\lsasrv.dll 2008-11-01 10:01:06 ----A---- C:\WINDOWS\system32\locator.exe 2008-11-01 10:01:06 ----A---- C:\WINDOWS\system32\localspl.dll 2008-11-01 10:01:06 ----A---- C:\WINDOWS\system32\lmhsvc.dll 2008-11-01 10:01:06 ----A---- C:\WINDOWS\system32\kernel32.dll 2008-11-01 10:01:06 ----A---- C:\WINDOWS\system32\imagehlp.dll 2008-11-01 10:01:06 ----A---- C:\WINDOWS\system32\ftp.exe 2008-11-01 10:01:06 ----A---- C:\WINDOWS\system32\format.com 2008-11-01 10:01:06 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll 2008-11-01 10:01:06 ----A---- C:\WINDOWS\system32\csrsrv.dll 2008-11-01 10:01:06 ----A---- C:\WINDOWS\system32\comdlg32.dll 2008-11-01 10:01:06 ----A---- C:\WINDOWS\system32\comctl32.dll 2008-11-01 10:01:06 ----A---- C:\WINDOWS\system32\cmd.exe 2008-11-01 10:01:06 ----A---- C:\WINDOWS\system32\cacls.exe 2008-11-01 10:01:06 ----A---- C:\WINDOWS\system32\autoconv.exe 2008-11-01 10:01:06 ----A---- C:\WINDOWS\system32\autochk.exe 2008-11-01 10:01:06 ----A---- C:\WINDOWS\system32\advapi32.dll 2008-11-01 10:01:05 ----A---- C:\WINDOWS\system32\srvsvc.dll 2008-11-01 10:01:05 ----A---- C:\WINDOWS\system32\smss.exe 2008-11-01 10:01:05 ----A---- C:\WINDOWS\system32\setupapi.dll 2008-11-01 10:01:05 ----A---- C:\WINDOWS\system32\sessmgr.exe 2008-11-01 10:01:05 ----A---- C:\WINDOWS\system32\services.exe 2008-11-01 10:01:05 ----A---- C:\WINDOWS\system32\schannel.dll 2008-11-01 10:01:05 ----A---- C:\WINDOWS\system32\scardsvr.exe 2008-11-01 10:01:05 ----A---- C:\WINDOWS\system32\savedump.exe 2008-11-01 10:01:05 ----A---- C:\WINDOWS\system32\samsrv.dll 2008-11-01 10:01:05 ----A---- C:\WINDOWS\system32\samlib.dll 2008-11-01 10:01:05 ----A---- C:\WINDOWS\system32\rshx32.dll 2008-11-01 10:01:05 ----A---- C:\WINDOWS\system32\rastapi.dll 2008-11-01 10:01:05 ----A---- C:\WINDOWS\system32\rasman.dll 2008-11-01 10:01:05 ----A---- C:\WINDOWS\system32\rasdlg.dll 2008-11-01 10:01:05 ----A---- C:\WINDOWS\system32\rasauto.dll 2008-11-01 10:01:05 ----A---- C:\WINDOWS\system32\rasapi32.dll 2008-11-01 10:01:05 ----A---- C:\WINDOWS\system32\printui.dll 2008-11-01 10:01:05 ----A---- C:\WINDOWS\system32\perfctrs.dll 2008-11-01 10:01:05 ----A---- C:\WINDOWS\system32\olecnv32.dll 2008-11-01 10:01:05 ----A---- C:\WINDOWS\system32\oleaut32.dll 2008-11-01 10:01:05 ----A---- C:\WINDOWS\system32\nwprovau.dll 2008-11-01 10:01:04 ----A---- C:\WINDOWS\system32\wkssvc.dll 2008-11-01 10:01:04 ----A---- C:\WINDOWS\system32\win32spl.dll 2008-11-01 10:01:04 ----A---- C:\WINDOWS\system32\userinit.exe 2008-11-01 10:01:04 ----A---- C:\WINDOWS\system32\untfs.dll 2008-11-01 10:01:04 ----A---- C:\WINDOWS\system32\ulib.dll 2008-11-01 10:01:04 ----A---- C:\WINDOWS\system32\tcpmonui.dll 2008-11-01 10:01:04 ----A---- C:\WINDOWS\system32\syssetup.dll 2008-11-01 10:01:02 ----A---- C:\WINDOWS\system32\ntoskrnl.exe 2008-11-01 10:01:02 ----A---- C:\WINDOWS\system32\hal.dll 2008-11-01 10:01:01 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe 2008-10-31 23:21:56 ----A---- C:\WINDOWS\system32\SET84F.tmp 2008-10-31 23:21:56 ----A---- C:\WINDOWS\system32\SET84B.tmp 2008-10-31 23:21:55 ----A---- C:\WINDOWS\system32\SET847.tmp 2008-10-31 23:21:55 ----A---- C:\WINDOWS\system32\SET844.tmp 2008-10-31 23:21:53 ----A---- C:\WINDOWS\system32\SET83F.tmp 2008-10-31 23:21:53 ----A---- C:\WINDOWS\system32\SET83D.tmp 2008-10-31 23:21:53 ----A---- C:\WINDOWS\system32\SET83A.tmp 2008-10-31 23:21:53 ----A---- C:\WINDOWS\system32\SET839.tmp 2008-10-31 23:21:53 ----A---- C:\WINDOWS\system32\SET835.tmp 2008-10-31 23:21:53 ----A---- C:\WINDOWS\system32\SET834.tmp 2008-10-31 23:21:53 ----A---- C:\WINDOWS\system32\SET831.tmp 2008-10-31 23:21:53 ----A---- C:\WINDOWS\system32\SET830.tmp 2008-10-31 23:21:53 ----A---- C:\WINDOWS\system32\SET82F.tmp 2008-10-31 23:21:53 ----A---- C:\WINDOWS\system32\SET1479.tmp 2008-10-31 23:21:53 ----A---- C:\WINDOWS\system32\SET1478.tmp 2008-10-31 23:21:51 ----A---- C:\WINDOWS\system32\SET82D.tmp 2008-10-31 23:21:51 ----A---- C:\WINDOWS\system32\SET829.tmp 2008-10-31 23:21:51 ----A---- C:\WINDOWS\system32\SET827.tmp 2008-10-31 23:21:51 ----A---- C:\WINDOWS\system32\SET824.tmp 2008-10-31 23:21:51 ----A---- C:\WINDOWS\system32\SET821.tmp 2008-10-31 23:21:51 ----A---- C:\WINDOWS\system32\SET81C.tmp 2008-10-31 23:21:51 ----A---- C:\WINDOWS\system32\SET815.tmp 2008-10-31 23:21:51 ----A---- C:\WINDOWS\system32\SET80D.tmp 2008-10-31 23:21:50 ----A---- C:\WINDOWS\system32\SET80C.tmp 2008-10-31 23:21:50 ----A---- C:\WINDOWS\system32\SET807.tmp 2008-10-31 23:21:50 ----A---- C:\WINDOWS\system32\SET805.tmp 2008-10-31 23:21:50 ----A---- C:\WINDOWS\system32\SET802.tmp 2008-10-31 23:21:49 ----A---- C:\WINDOWS\system32\SET800.tmp 2008-10-31 23:21:49 ----A---- C:\WINDOWS\system32\SET7FF.tmp 2008-10-31 23:21:49 ----A---- C:\WINDOWS\system32\SET7FD.tmp 2008-10-31 23:21:49 ----A---- C:\WINDOWS\system32\SET7FB.tmp 2008-10-31 23:21:49 ----A---- C:\WINDOWS\system32\SET7FA.tmp 2008-10-31 23:21:49 ----A---- C:\WINDOWS\system32\SET7F9.tmp 2008-10-31 23:21:49 ----A---- C:\WINDOWS\system32\SET7F8.tmp 2008-10-31 23:21:49 ----A---- C:\WINDOWS\system32\SET7F6.tmp 2008-10-31 23:21:49 ----A---- C:\WINDOWS\system32\SET7F5.tmp 2008-10-31 23:21:49 ----A---- C:\WINDOWS\system32\SET7F4.tmp 2008-10-31 23:21:49 ----A---- C:\WINDOWS\system32\SET7ED.tmp 2008-10-31 23:21:49 ----A---- C:\WINDOWS\system32\SET7EB.tmp 2008-10-31 23:21:49 ----A---- C:\WINDOWS\system32\SET7E6.tmp 2008-10-31 23:21:49 ----A---- C:\WINDOWS\system32\SET7E3.tmp 2008-10-31 23:21:47 ----A---- C:\WINDOWS\system32\SET7C1.tmp 2008-10-31 23:21:47 ----A---- C:\WINDOWS\system32\SET7C0.tmp 2008-10-31 23:21:47 ----A---- C:\WINDOWS\system32\SET7AE.tmp 2008-10-31 23:21:46 ----A---- C:\WINDOWS\system32\SET7A8.tmp 2008-10-31 23:21:46 ----A---- C:\WINDOWS\system32\SET7A3.tmp 2008-10-31 23:21:46 ----A---- C:\WINDOWS\system32\SET79F.tmp 2008-10-31 23:21:45 ----A---- C:\WINDOWS\system32\SET797.tmp 2008-10-31 23:21:45 ----A---- C:\WINDOWS\system32\SET796.tmp 2008-10-31 23:21:45 ----A---- C:\WINDOWS\system32\SET795.tmp 2008-10-31 23:21:45 ----A---- C:\WINDOWS\system32\SET792.tmp 2008-10-31 23:21:45 ----A---- C:\WINDOWS\system32\SET1456.tmp 2008-10-31 23:21:45 ----A---- C:\WINDOWS\SET876.tmp 2008-10-31 23:21:45 ----A---- C:\WINDOWS\002721_.tmp 2008-10-31 23:21:44 ----A---- C:\WINDOWS\system32\SET77D.tmp 2008-10-31 23:21:44 ----A---- C:\WINDOWS\system32\SET771.tmp 2008-10-31 23:21:44 ----A---- C:\WINDOWS\system32\SET76F.tmp 2008-10-31 23:21:44 ----A---- C:\WINDOWS\system32\SET76A.tmp 2008-10-31 23:21:43 ----A---- C:\WINDOWS\system32\SET760.tmp 2008-10-31 23:21:43 ----A---- C:\WINDOWS\system32\SET75C.tmp 2008-10-31 23:21:43 ----A---- C:\WINDOWS\system32\SET755.tmp 2008-10-31 23:21:43 ----A---- C:\WINDOWS\system32\SET754.tmp 2008-10-31 23:21:43 ----A---- C:\WINDOWS\system32\SET753.tmp 2008-10-31 23:21:43 ----A---- C:\WINDOWS\system32\SET74F.tmp 2008-10-31 23:21:42 ----A---- C:\WINDOWS\system32\SET144F.tmp 2008-10-31 23:21:41 ----A---- C:\WINDOWS\system32\SET746.tmp 2008-10-31 23:21:40 ----A---- C:\WINDOWS\system32\SET72D.tmp 2008-10-31 23:21:40 ----A---- C:\WINDOWS\system32\SET727.tmp 2008-10-31 23:21:39 ----A---- C:\WINDOWS\system32\SET721.tmp 2008-10-31 23:21:39 ----A---- C:\WINDOWS\system32\SET71F.tmp 2008-10-31 23:21:39 ----A---- C:\WINDOWS\system32\SET71D.tmp 2008-10-31 23:21:39 ----A---- C:\WINDOWS\system32\SET719.tmp 2008-10-31 23:21:37 ----A---- C:\WINDOWS\system32\SET707.tmp 2008-10-31 23:21:37 ----A---- C:\WINDOWS\system32\SET703.tmp 2008-10-31 23:21:36 ----A---- C:\WINDOWS\system32\SET700.tmp 2008-10-31 23:21:33 ----A---- C:\WINDOWS\system32\SET6FD.tmp 2008-10-31 23:21:33 ----A---- C:\WINDOWS\system32\SET6FB.tmp 2008-10-31 23:21:33 ----A---- C:\WINDOWS\system32\SET6F4.tmp 2008-10-31 23:21:32 ----A---- C:\WINDOWS\system32\SET6EA.tmp 2008-10-31 23:21:31 ----A---- C:\WINDOWS\system32\SET6E5.tmp 2008-10-31 23:21:31 ----A---- C:\WINDOWS\system32\SET6E3.tmp 2008-10-31 23:21:30 ----A---- C:\WINDOWS\system32\SET6E0.tmp 2008-10-31 23:21:30 ----A---- C:\WINDOWS\system32\SET6D1.tmp 2008-10-31 23:21:29 ----A---- C:\WINDOWS\system32\SET6CB.tmp 2008-10-31 23:21:29 ----A---- C:\WINDOWS\system32\SET6C9.tmp 2008-10-31 23:21:29 ----A---- C:\WINDOWS\system32\SET6C7.tmp 2008-10-31 23:21:28 ----A---- C:\WINDOWS\system32\SET6C0.tmp 2008-10-31 23:21:28 ----A---- C:\WINDOWS\system32\SET6BD.tmp 2008-10-31 23:21:28 ----A---- C:\WINDOWS\system32\SET6BB.tmp 2008-10-31 23:21:28 ----A---- C:\WINDOWS\system32\SET6BA.tmp 2008-10-31 23:21:28 ----A---- C:\WINDOWS\system32\SET6B9.tmp 2008-10-31 23:21:28 ----A---- C:\WINDOWS\system32\SET6B6.tmp 2008-10-31 23:21:28 ----A---- C:\WINDOWS\system32\SET142C.tmp 2008-10-31 23:21:27 ----A---- C:\WINDOWS\system32\SET6A7.tmp 2008-10-31 23:21:27 ----A---- C:\WINDOWS\system32\SET6A3.tmp 2008-10-31 23:21:27 ----A---- C:\WINDOWS\system32\SET6A1.tmp 2008-10-31 23:21:27 ----A---- C:\WINDOWS\system32\SET69F.tmp 2008-10-31 23:21:27 ----A---- C:\WINDOWS\system32\SET69E.tmp 2008-10-31 23:21:27 ----A---- C:\WINDOWS\system32\SET69D.tmp 2008-10-31 23:21:27 ----A---- C:\WINDOWS\system32\SET69C.tmp 2008-10-31 23:21:27 ----A---- C:\WINDOWS\system32\SET69A.tmp 2008-10-31 23:21:23 ----A---- C:\WINDOWS\system32\SET693.tmp 2008-10-31 23:21:23 ----A---- C:\WINDOWS\system32\SET691.tmp 2008-10-31 23:21:23 ----A---- C:\WINDOWS\system32\SET68F.tmp 2008-10-31 23:21:23 ----A---- C:\WINDOWS\system32\SET68E.tmp 2008-10-31 23:21:22 ----A---- C:\WINDOWS\system32\SET685.tmp 2008-10-31 23:21:22 ----A---- C:\WINDOWS\system32\SET683.tmp 2008-10-31 23:21:22 ----A---- C:\WINDOWS\system32\SET680.tmp 2008-10-31 23:21:22 ----A---- C:\WINDOWS\system32\SET67F.tmp 2008-10-31 23:21:22 ----A---- C:\WINDOWS\system32\SET67D.tmp 2008-10-31 23:21:22 ----A---- C:\WINDOWS\system32\SET679.tmp 2008-10-31 23:21:21 ----A---- C:\WINDOWS\system32\SET676.tmp 2008-10-31 23:21:21 ----A---- C:\WINDOWS\system32\SET674.tmp 2008-10-31 23:21:21 ----A---- C:\WINDOWS\system32\SET66D.tmp 2008-10-31 23:21:20 ----A---- C:\WINDOWS\system32\SET669.tmp 2008-10-31 23:21:20 ----A---- C:\WINDOWS\system32\SET667.tmp 2008-10-31 23:21:20 ----A---- C:\WINDOWS\system32\SET664.tmp 2008-10-31 23:21:20 ----A---- C:\WINDOWS\system32\SET660.tmp 2008-10-31 23:21:20 ----A---- C:\WINDOWS\system32\SET65F.tmp 2008-10-31 23:21:20 ----A---- C:\WINDOWS\system32\SET65C.tmp 2008-10-31 23:21:20 ----A---- C:\WINDOWS\system32\SET65B.tmp 2008-10-31 23:21:20 ----A---- C:\WINDOWS\system32\SET658.tmp 2008-10-31 23:21:20 ----A---- C:\WINDOWS\system32\SET653.tmp 2008-10-31 23:21:20 ----A---- C:\WINDOWS\system32\SET650.tmp 2008-10-31 23:21:20 ----A---- C:\WINDOWS\system32\SET64F.tmp 2008-10-31 23:21:19 ----A---- C:\WINDOWS\system32\SET64E.tmp 2008-10-31 23:21:18 ----A---- C:\WINDOWS\system32\SET649.tmp 2008-10-31 23:21:17 ----A---- C:\WINDOWS\system32\SET648.tmp 2008-10-31 23:21:17 ----A---- C:\WINDOWS\system32\SET647.tmp 2008-10-31 23:21:17 ----A---- C:\WINDOWS\system32\SET641.tmp 2008-10-31 23:21:16 ----A---- C:\WINDOWS\system32\SET63B.tmp 2008-10-31 23:21:16 ----A---- C:\WINDOWS\system32\SET639.tmp 2008-10-31 23:21:15 ----A---- C:\WINDOWS\system32\SET637.tmp 2008-10-31 23:21:15 ----A---- C:\WINDOWS\system32\SET635.tmp 2008-10-31 23:21:15 ----A---- C:\WINDOWS\system32\SET62F.tmp 2008-10-31 23:21:15 ----A---- C:\WINDOWS\system32\SET62E.tmp 2008-10-31 23:21:15 ----A---- C:\WINDOWS\system32\SET62D.tmp 2008-10-31 23:21:15 ----A---- C:\WINDOWS\system32\SET62B.tmp 2008-10-31 23:21:15 ----A---- C:\WINDOWS\system32\SET62A.tmp 2008-10-31 23:21:15 ----A---- C:\WINDOWS\system32\SET629.tmp 2008-10-31 23:21:15 ----A---- C:\WINDOWS\system32\SET628.tmp 2008-10-31 23:21:15 ----A---- C:\WINDOWS\system32\SET627.tmp 2008-10-31 23:21:15 ----A---- C:\WINDOWS\system32\SET622.tmp 2008-10-31 23:21:15 ----A---- C:\WINDOWS\system32\SET620.tmp 2008-10-31 23:21:15 ----A---- C:\WINDOWS\system32\SET612.tmp 2008-10-31 23:21:15 ----A---- C:\WINDOWS\system32\SET60F.tmp 2008-10-31 23:21:15 ----A---- C:\WINDOWS\system32\SET60C.tmp 2008-10-31 23:21:14 ----A---- C:\WINDOWS\system32\SET601.tmp 2008-10-31 23:21:14 ----A---- C:\WINDOWS\system32\SET5FB.tmp 2008-10-31 23:21:14 ----A---- C:\WINDOWS\system32\SET5F9.tmp 2008-10-31 23:21:13 ----A---- C:\WINDOWS\system32\SET5F4.tmp 2008-10-31 23:21:13 ----A---- C:\WINDOWS\system32\SET5EE.tmp 2008-10-31 23:21:13 ----A---- C:\WINDOWS\system32\SET5EA.tmp 2008-10-31 23:21:13 ----A---- C:\WINDOWS\system32\SET5E3.tmp 2008-10-31 23:21:13 ----A---- C:\WINDOWS\system32\SET5E1.tmp 2008-10-31 23:21:13 ----A---- C:\WINDOWS\system32\SET5D8.tmp 2008-10-31 23:21:11 ----A---- C:\WINDOWS\system32\SET5CB.tmp 2008-10-31 23:21:11 ----A---- C:\WINDOWS\system32\SET5B8.tmp 2008-10-31 23:21:11 ----A---- C:\WINDOWS\system32\SET5B3.tmp 2008-10-31 23:21:11 ----A---- C:\WINDOWS\system32\SET5AC.tmp 2008-10-31 23:21:11 ----A---- C:\WINDOWS\system32\SET5A7.tmp 2008-10-31 23:21:11 ----A---- C:\WINDOWS\system32\SET5A5.tmp 2008-10-31 23:21:10 ----A---- C:\WINDOWS\system32\SET586.tmp 2008-10-31 23:21:10 ----A---- C:\WINDOWS\system32\SET57A.tmp 2008-10-31 23:21:10 ----A---- C:\WINDOWS\system32\SET575.tmp 2008-10-31 23:21:10 ----A---- C:\WINDOWS\system32\SET574.tmp 2008-10-31 23:21:10 ----A---- C:\WINDOWS\system32\SET571.tmp 2008-10-31 23:21:10 ----A---- C:\WINDOWS\system32\SET56F.tmp 2008-10-31 23:21:10 ----A---- C:\WINDOWS\system32\SET569.tmp 2008-10-31 23:21:09 ----A---- C:\WINDOWS\system32\SET55C.tmp 2008-10-31 23:21:09 ----A---- C:\WINDOWS\system32\SET55B.tmp 2008-10-31 23:21:09 ----A---- C:\WINDOWS\system32\SET55A.tmp 2008-10-31 23:21:09 ----A---- C:\WINDOWS\system32\SET552.tmp 2008-10-31 23:21:09 ----A---- C:\WINDOWS\system32\SET550.tmp 2008-10-31 23:21:08 ----A---- C:\WINDOWS\system32\SET54C.tmp 2008-10-31 23:21:08 ----A---- C:\WINDOWS\system32\SET54A.tmp 2008-10-31 23:21:08 ----A---- C:\WINDOWS\system32\SET541.tmp 2008-10-31 23:21:08 ----A---- C:\WINDOWS\system32\SET540.tmp 2008-10-31 23:21:08 ----A---- C:\WINDOWS\system32\SET53C.tmp 2008-10-31 23:21:08 ----A---- C:\WINDOWS\system32\SET53B.tmp 2008-10-31 23:21:08 ----A---- C:\WINDOWS\system32\SET53A.tmp 2008-10-31 23:21:08 ----A---- C:\WINDOWS\system32\SET539.tmp 2008-10-31 23:21:08 ----A---- C:\WINDOWS\system32\SET536.tmp 2008-10-31 23:21:08 ----A---- C:\WINDOWS\system32\SET530.tmp 2008-10-31 23:21:08 ----A---- C:\WINDOWS\system32\SET525.tmp 2008-10-31 23:21:06 ----A---- C:\WINDOWS\system32\SET506.tmp 2008-10-31 23:21:06 ----A---- C:\WINDOWS\system32\SET505.tmp 2008-10-31 23:21:06 ----A---- C:\WINDOWS\system32\SET503.tmp 2008-10-31 23:21:06 ----A---- C:\WINDOWS\system32\SET502.tmp 2008-10-31 23:21:06 ----A---- C:\WINDOWS\system32\SET501.tmp 2008-10-31 23:21:06 ----A---- C:\WINDOWS\system32\SET500.tmp 2008-10-31 23:21:06 ----A---- C:\WINDOWS\system32\SET4FB.tmp 2008-10-31 23:21:06 ----A---- C:\WINDOWS\system32\SET4F7.tmp 2008-10-31 23:21:06 ----A---- C:\WINDOWS\system32\SET4F6.tmp 2008-10-31 23:21:05 ----A---- C:\WINDOWS\system32\SET4E1.tmp 2008-10-31 23:21:05 ----A---- C:\WINDOWS\system32\SET4DB.tmp 2008-10-31 23:21:05 ----A---- C:\WINDOWS\system32\SET4D5.tmp 2008-10-31 23:21:05 ----A---- C:\WINDOWS\system32\SET4D1.tmp 2008-10-31 23:21:05 ----A---- C:\WINDOWS\system32\SET1405.tmp 2008-10-31 23:21:04 ----A---- C:\WINDOWS\system32\SET4C8.tmp 2008-10-31 23:21:04 ----A---- C:\WINDOWS\system32\SET4C6.tmp 2008-10-31 23:21:04 ----A---- C:\WINDOWS\system32\SET4BF.tmp 2008-10-31 23:21:04 ----A---- C:\WINDOWS\system32\SET4BB.tmp 2008-10-31 23:21:04 ----A---- C:\WINDOWS\system32\SET4B9.tmp 2008-10-31 23:21:04 ----A---- C:\WINDOWS\system32\SET4AC.tmp 2008-10-31 23:21:03 ----A---- C:\WINDOWS\system32\SET49D.tmp 2008-10-31 23:21:03 ----A---- C:\WINDOWS\system32\SET49C.tmp 2008-10-31 23:21:03 ----A---- C:\WINDOWS\system32\SET49B.tmp 2008-10-31 23:21:03 ----A---- C:\WINDOWS\system32\SET49A.tmp 2008-10-31 23:21:03 ----A---- C:\WINDOWS\system32\SET497.tmp 2008-10-31 23:21:03 ----A---- C:\WINDOWS\system32\SET48A.tmp 2008-10-31 23:21:03 ----A---- C:\WINDOWS\system32\SET487.tmp 2008-10-31 23:21:02 ----A---- C:\WINDOWS\system32\SET485.tmp 2008-10-31 23:21:02 ----A---- C:\WINDOWS\system32\SET481.tmp 2008-10-31 23:21:02 ----A---- C:\WINDOWS\system32\SET47E.tmp 2008-10-31 23:21:02 ----A---- C:\WINDOWS\system32\SET462.tmp 2008-10-31 23:21:02 ----A---- C:\WINDOWS\system32\SET45F.tmp 2008-10-31 23:21:02 ----A---- C:\WINDOWS\system32\SET45D.tmp 2008-10-31 23:21:02 ----A---- C:\WINDOWS\system32\SET452.tmp 2008-10-31 23:21:02 ----A---- C:\WINDOWS\system32\SET451.tmp 2008-10-31 23:21:02 ----A---- C:\WINDOWS\system32\SET450.tmp 2008-10-31 23:21:02 ----A---- C:\WINDOWS\system32\SET13FE.tmp 2008-10-31 23:20:59 ----A---- C:\WINDOWS\system32\SET436.tmp 2008-10-31 23:20:59 ----A---- C:\WINDOWS\system32\SET434.tmp 2008-10-31 23:20:59 ----A---- C:\WINDOWS\system32\SET433.tmp 2008-10-31 23:20:59 ----A---- C:\WINDOWS\system32\SET42D.tmp 2008-10-31 23:20:59 ----A---- C:\WINDOWS\system32\SET42C.tmp 2008-10-31 23:20:59 ----A---- C:\WINDOWS\system32\SET42B.tmp 2008-10-31 23:20:59 ----A---- C:\WINDOWS\system32\SET42A.tmp 2008-10-31 23:20:59 ----A---- C:\WINDOWS\system32\SET426.tmp 2008-10-31 23:20:59 ----A---- C:\WINDOWS\system32\SET424.tmp 2008-10-31 23:20:59 ----A---- C:\WINDOWS\system32\SET423.tmp 2008-10-31 23:20:59 ----A---- C:\WINDOWS\system32\SET421.tmp 2008-10-31 23:20:59 ----A---- C:\WINDOWS\system32\SET13FA.tmp 2008-10-31 23:20:58 ----A---- C:\WINDOWS\system32\SET40A.tmp 2008-10-31 23:20:58 ----A---- C:\WINDOWS\system32\SET407.tmp 2008-10-31 23:20:58 ----A---- C:\WINDOWS\system32\SET404.tmp 2008-10-31 23:20:58 ----A---- C:\WINDOWS\system32\SET3FB.tmp 2008-10-31 23:20:58 ----A---- C:\WINDOWS\system32\SET3F9.tmp 2008-10-31 23:20:58 ----A---- C:\WINDOWS\system32\SET3F5.tmp 2008-10-31 23:20:58 ----A---- C:\WINDOWS\system32\SET13F5.tmp 2008-10-31 23:20:58 ----A---- C:\WINDOWS\system32\SET13F2.tmp 2008-10-31 23:20:57 ----A---- C:\WINDOWS\system32\SET3F2.tmp 2008-10-31 23:20:57 ----A---- C:\WINDOWS\system32\SET3F1.tmp 2008-10-31 23 36 ----A---- C:\WINDOWS\system32\muweb.dll2008-10-31 23 36 ----A---- C:\WINDOWS\system32\mucltui.dll.mui2008-10-31 23 36 ----A---- C:\WINDOWS\system32\mucltui.dll2008-10-31 07:46:56 ----D---- C:\Program Files\Microsoft Silverlight 2008-10-24 02:00:35 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ 2008-10-20 17:55:57 ----D---- C:\Documents and Settings\Ken & Caroline\Application Data\VideoEgg 2008-10-18 11:04:29 ----N---- C:\WINDOWS\system32\_003275_.tmp.dll 2008-10-18 11:04:29 ----N---- C:\WINDOWS\system32\_003274_.tmp.dll 2008-10-18 11:03:51 ----N---- C:\WINDOWS\system32\_003272_.tmp.dll 2008-10-18 11:03:51 ----N---- C:\WINDOWS\system32\_003267_.tmp.dll 2008-10-18 11:03:51 ----N---- C:\WINDOWS\system32\_003266_.tmp.dll 2008-10-18 11:03:50 ----N---- C:\WINDOWS\system32\_003265_.tmp.dll 2008-10-18 11:03:50 ----N---- C:\WINDOWS\system32\_003264_.tmp.dll 2008-10-18 11:03:50 ----N---- C:\WINDOWS\system32\_003263_.tmp.dll 2008-10-18 11:03:50 ----N---- C:\WINDOWS\system32\_003260_.tmp.dll 2008-10-18 11:03:50 ----N---- C:\WINDOWS\system32\_003259_.tmp.dll 2008-10-18 11:03:50 ----N---- C:\WINDOWS\system32\_003258_.tmp.dll 2008-10-18 11:03:50 ----N---- C:\WINDOWS\system32\_003257_.tmp.dll 2008-10-18 11:03:50 ----N---- C:\WINDOWS\system32\_003255_.tmp.dll 2008-10-18 11:03:50 ----N---- C:\WINDOWS\system32\_003252_.tmp.dll 2008-10-18 11:03:50 ----N---- C:\WINDOWS\system32\_003250_.tmp.dll 2008-10-18 11:03:50 ----N---- C:\WINDOWS\system32\_003249_.tmp.dll 2008-10-18 11:03:50 ----N---- C:\WINDOWS\system32\_003245_.tmp.dll 2008-10-18 11:03:50 ----N---- C:\WINDOWS\system32\_003244_.tmp.dll 2008-10-18 11:03:50 ----N---- C:\WINDOWS\system32\_003243_.tmp.dll 2008-10-18 11:03:50 ----N---- C:\WINDOWS\system32\_003240_.tmp.dll 2008-10-18 11:03:50 ----N---- C:\WINDOWS\system32\_003237_.tmp.dll 2008-10-18 11:03:49 ----N---- C:\WINDOWS\system32\_003236_.tmp.dll 2008-10-18 11:03:49 ----N---- C:\WINDOWS\system32\_003235_.tmp.dll 2008-10-18 11:03:49 ----N---- C:\WINDOWS\system32\_003228_.tmp.dll 2008-10-18 11:03:49 ----N---- C:\WINDOWS\system32\_003223_.tmp.dll 2008-10-18 11:03:48 ----N---- C:\WINDOWS\system32\_003218_.tmp.dll 2008-10-18 11:03:48 ----N---- C:\WINDOWS\system32\_003215_.tmp.dll 2008-10-18 11:03:48 ----N---- C:\WINDOWS\system32\_003213_.tmp.dll 2008-10-18 11:03:48 ----N---- C:\WINDOWS\system32\_003209_.tmp.dll 2008-10-18 11:03:48 ----N---- C:\WINDOWS\system32\_003207_.tmp.dll 2008-10-18 11:03:48 ----N---- C:\WINDOWS\system32\_003173_.tmp.dll 2008-10-18 11:03:48 ----N---- C:\WINDOWS\system32\_003172_.tmp.dll 2008-10-18 11:03:48 ----N---- C:\WINDOWS\system32\_003171_.tmp.dll 2008-10-18 11:03:48 ----N---- C:\WINDOWS\system32\_003165_.tmp.dll 2008-10-16 02:02:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2008-10-16 02:02:39 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$ 2008-10-16 02:02:32 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$ 2008-10-16 02:02:22 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$ 2008-10-16 02:02:03 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$ ======List of files/folders modified in the last 1 months====== 2008-11-14 09:40:04 ----D---- C:\Program Files\Mozilla Firefox 2008-11-14 04:22:19 ----D---- C:\WINDOWS\system32 2008-11-14 00:00:05 ----A---- C:\WINDOWS\webshots.ini 2008-11-13 13:23:52 ----D---- C:\WINDOWS\Temp 2008-11-13 11:42:14 ----A---- C:\WINDOWS\NeroDigital.ini 2008-11-13 10:18:21 ----ASH---- C:\WINDOWS\system32\vomotuzi.dll 2008-11-12 23:02:09 ----D---- C:\WINDOWS\system32\CatRoot2 2008-11-12 22:18:04 ----ASH---- C:\WINDOWS\system32\porasusa.dll 2008-11-12 22:00:00 ----A---- C:\WINDOWS\SchedLgU.Txt 2008-11-12 14:19:27 ----D---- C:\Documents and Settings\Ken & Caroline\Application Data\Azureus 2008-11-12 14:19:26 ----D---- C:\Program Files\PeerGuardian2 2008-11-12 13:49:33 ----RSD---- C:\WINDOWS\assembly 2008-11-12 13:49:33 ----D---- C:\WINDOWS\Microsoft.NET 2008-11-12 13:37:42 ----SHD---- C:\WINDOWS\Installer 2008-11-12 13:37:35 ----SD---- C:\WINDOWS\Tasks 2008-11-12 13:37:27 ----RD---- C:\Program Files 2008-11-12 13:36:33 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI 2008-11-12 13:35:12 ----D---- C:\WINDOWS\WinSxS 2008-11-12 13:34:56 ----HD---- C:\WINDOWS\inf 2008-11-12 13:34:51 ----D---- C:\Program Files\Internet Explorer 2008-11-12 11:55:17 ----D---- C:\PC Apps 3 2008-11-12 10:17:59 ----ASH---- C:\WINDOWS\system32\yorojopa.dll 2008-11-12 10:17:59 ----ASH---- C:\WINDOWS\system32\mogiwate.dll 2008-11-12 10:11:25 ----D---- C:\WINDOWS 2008-11-12 10:11:22 ----D---- C:\WINDOWS\system32\drivers 2008-11-11 22:17:57 ----N---- C:\WINDOWS\system32\tijamuse.dll 2008-11-11 22:17:57 ----ASH---- C:\WINDOWS\system32\hurikupu.dll 2008-11-11 10:17:53 ----ASH---- C:\WINDOWS\system32\valokiga.dll 2008-11-11 10:17:44 ----N---- C:\WINDOWS\system32\torazusa.dll 2008-11-10 22:17:31 ----N---- C:\WINDOWS\system32\vanozoyo.dll 2008-11-10 22:17:31 ----ASH---- C:\WINDOWS\system32\noginaru.dll 2008-11-10 10:17:16 ----N---- C:\WINDOWS\system32\kajopezi.dll 2008-11-10 10:17:16 ----ASH---- C:\WINDOWS\system32\lutirada.dll 2008-11-09 22:17:06 ----N---- C:\WINDOWS\system32\podezowu.dll 2008-11-09 22:17:06 ----ASH---- C:\WINDOWS\system32\bosetiga.dll 2008-11-09 12:51:01 ----A---- C:\WINDOWS\ModemLog_Conexant D850 56K V.9x DFVc Modem.txt 2008-11-09 12:49:32 ----A---- C:\WINDOWS\bdagent.INI 2008-11-09 12:48:48 ----SHD---- C:\System Volume Information 2008-11-09 12:48:48 ----D---- C:\WINDOWS\system32\Restore 2008-11-09 10:16:42 ----N---- C:\WINDOWS\system32\nafugizu.dll 2008-11-09 10:16:42 ----ASH---- C:\WINDOWS\system32\yejimoya.dll 2008-11-08 22:16:16 ----N---- C:\WINDOWS\system32\tuvutiva.dll 2008-11-08 22:16:15 ----ASH---- C:\WINDOWS\system32\riyoyiga.dll 2008-11-08 10:16:03 ----ASH---- C:\WINDOWS\system32\vatutawi.dll 2008-11-07 22:15:43 ----ASH---- C:\WINDOWS\system32\pifotamo.dll 2008-11-07 16:50:12 ----D---- C:\dvd covers 2008-11-01 23:03:06 ----D---- C:\WINDOWS\system32\CatRoot_bak 2008-11-01 23:03:06 ----D---- C:\WINDOWS\system32\CatRoot 2008-11-01 22:53:51 ----D---- C:\WINDOWS\system32\wbem 2008-11-01 22:53:51 ----D---- C:\WINDOWS\system32\Setup 2008-11-01 22:53:51 ----D---- C:\WINDOWS\AppPatch 2008-11-01 22:53:49 ----RSD---- C:\WINDOWS\Fonts 2008-11-01 10:41:22 ----D---- C:\WINDOWS\system32\dllcache 2008-11-01 10:41:19 ----D---- C:\Program Files\Messenger 2008-11-01 10:41:16 ----D---- C:\WINDOWS\system32\usmt 2008-11-01 10:41:14 ----D---- C:\WINDOWS\system32\oobe 2008-11-01 10:41:13 ----D---- C:\WINDOWS\system32\npp 2008-11-01 10:41:06 ----D---- C:\WINDOWS\system32\Com 2008-11-01 10:40:12 ----D---- C:\WINDOWS\system 2008-11-01 10:40:11 ----D---- C:\WINDOWS\srchasst 2008-11-01 10:40:11 ----D---- C:\WINDOWS\PeerNet 2008-11-01 10:40:10 ----D---- C:\WINDOWS\network diagnostic 2008-11-01 10:40:09 ----D---- C:\WINDOWS\msagent 2008-11-01 10:40:05 ----D---- C:\WINDOWS\ime 2008-11-01 10:40:05 ----D---- C:\WINDOWS\Help 2008-11-01 10:40:00 ----D---- C:\Program Files\Windows NT 2008-11-01 10:40:00 ----D---- C:\Program Files\Windows Media Player 2008-11-01 10:40:00 ----D---- C:\Program Files\Outlook Express 2008-11-01 10:39:59 ----D---- C:\Program Files\NetMeeting 2008-11-01 10:39:58 ----D---- C:\Program Files\Movie Maker 2008-11-01 10:39:54 ----D---- C:\Program Files\Common Files\System 2008-11-01 10:39:38 ----D---- C:\WINDOWS\system32\scripting 2008-11-01 10:39:38 ----D---- C:\WINDOWS\system32\en-US 2008-11-01 10:39:38 ----D---- C:\WINDOWS\system32\en 2008-11-01 10:39:36 ----D---- C:\WINDOWS\system32\bits 2008-11-01 10:38:23 ----D---- C:\WINDOWS\l2schemas 2008-11-01 10:08:06 ----D---- C:\WINDOWS\security 2008-11-01 10:01:59 ----D---- C:\WINDOWS\system32\ReinstallBackups 2008-11-01 09:58:48 ----D---- C:\WINDOWS\EHome 2008-11-01 03:02:11 ----A---- C:\WINDOWS\win.ini 2008-11-01 03:01:31 ----D---- C:\Program Files\Common Files\Microsoft Shared 2008-11-01 03:00:33 ----D---- C:\Program Files\Microsoft Works 2008-10-31 07:33:03 ----D---- C:\WINDOWS\SoftwareDistribution 2008-10-30 03:01:05 ----A---- C:\WINDOWS\imsins.BAK 2008-10-27 10:43:49 ----D---- C:\WINDOWS\system32\config 2008-10-27 10:43:29 ----D---- C:\WINDOWS\Registration 2008-10-24 02:00:29 ----HD---- C:\WINDOWS\$hf_mig$ 2008-10-17 02:01:01 ----D---- C:\WINDOWS\ie7updates 2008-10-15 16:57:55 ----A---- C:\WINDOWS\system32\netapi32.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 bdftdif;bdftdif; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys [] R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 36096] R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2003-04-09 11043] R3 Bdfndisf;BitDefender Firewall NDIS Filter Service; C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-07-02 86792] R3 bdfsfltr;bdfsfltr; 730079007300740065006D00330032005C0044005200490056004500520053005C00620064006600730066006C00740072002E007300790073000000 [] R3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys [] R3 DSproct;DSproct; \??\C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys [] R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2006-07-19 230400] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-08-12 137728] R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2003-11-17 1042432] R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2003-11-17 212224] R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128] R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-08-08 3958272] R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2004-06-03 20352] R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-07-24 1156648] R3 Trufos;Trufos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys [] R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2005-10-25 27264] R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2003-11-17 680704] S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [] S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [] S3 bvrp_pci;bvrp_pci; C:\WINDOWS\system32\drivers\bvrp_pci.sys [] S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-17 117760] S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-11-12 85969] S3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw32.sys [] S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2007-11-29 16896] S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2007-11-29 19328] S3 Profos;Profos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys [] S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2007-11-29 8064] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2007-09-06 30336] S3 usbser;Nokia USB Serial Port; C:\WINDOWS\system32\DRIVERS\usbser.sys [2004-08-03 25600] S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2007-11-29 8064] S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2004-08-03 42368] S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2004-08-03 44928] S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2004-08-03 42752] S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2004-08-03 43008] S4 atapi;Standard IDE/ESDI Hard Disk Controller; C:\WINDOWS\system32\DRIVERS\atapi.sys [2004-08-03 95360] S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952] S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [] S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2004-08-03 5504] S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2004-08-03 41088] S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2004-08-03 42240] S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-11-04 611664] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040] R2 Basics Service;Basics Service; C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe [2007-10-09 124280] R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888] R2 Diskeeper;Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2007-01-30 917504] R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2006-07-06 90112] R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe [2008-07-02 1155072] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-08-08 155715] R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe [2008-09-11 1261568] R2 XCOMM;BitDefender Communicator; C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe [2007-12-26 86016] R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872] R3 scan;BitDefender Threat Scanner; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-04 267776] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-12-26 72704] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-07-03 654848] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2007-03-05 68096] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 ServiceLayer;ServiceLayer; C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe [2006-06-05 174080] S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336] -----------------EOF----------------- info.txt logfile of random's system information tool 1.04 2008-11-14 09:42:03 ======Uninstall list====== -->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu -->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF} Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95} Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61} Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103} Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394} Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23} Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C} Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9} Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2} Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029} Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A} Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39} Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D} Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2} Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B} Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001} Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245} Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E} Adobe InDesign CS3-->C:\Program Files\Common Files\Adobe\Installers\05ba3a63f36684fe0c5dde2ebe6f8f5\Setup.exe Adobe InDesign CS3-->MsiExec.exe /I{CB3F8375-B600-4B9F-83C9-238ED1E583FD} Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078} Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C} Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D} Adobe Reader 7.0.9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002} Adobe Setup-->MsiExec.exe /I{56B8B892-317E-4FDE-9E4D-44B189848A27} Adobe SING CS3-->MsiExec.exe /I{3F9B2FD2-1C83-4401-9967-C3636638E958} Adobe Stock Photos 1.0-->MsiExec.exe /I{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A} Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183} Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312} Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8} Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5} Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6} Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923} Anark Client 1.0-->C:\Program Files\Anark\Client\AMInstal.exe -uninstall Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Azureus-->C:\Program Files\Azureus\Uninstall.exe BitDefender Internet Security 2008-->MsiExec.exe /I{139412E5-09C2-463A-8B1C-26AEB8655BA7} Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959} Canon PhotoRecord-->MsiExec.exe /X{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE} Canon PIXMA iP4000-->C:\WINDOWS\system32\CNMCP64.exe "-PRINTERNAMECanon PIXMA iP4000" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP4000 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP4000 Installer\Inst2\cnmi0409.dll" Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe C:\Program Files\Canon\Easy-PhotoPrint\uninst.ini Canon Utilities Easy-PrintToolBox-->C:\WINDOWS\BJPSUNST.EXE CDex extraction audio-->"C:\Program Files\CDex_150\uninstall.exe" CD-LabelPrint-->"C:\Program Files\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application Conexant D850 56K V.9x DFVc Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1\HXFSETUP.EXE -U -Idel200fk.inf Cucusoft iPod Movie/Video Converter 2.00-->"C:\Program Files\Cucusoft\ipod-converter\unins000.exe" CuteFTP 8 Professional-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{91F34319-08DE-457A-99C0-0BCDFAC145B9}\Setup.exe" -l0x9 DAEMON Tools-->MsiExec.exe /I{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0} Dell Driver Reset Tool-->MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76} Dell Support 3.2.1-->MsiExec.exe /X{CEE2252C-4035-4B27-8EC6-0B085DD3A413} Digital Line Detect-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText Diskeeper 2007 Pro Premier-->MsiExec.exe /X{6EEE934B-F292-4995-95BF-4AE871AC42E8} Drive Manager-->"C:\Program Files\InstallShield Installation Information\{48B0F38D-1913-44F3-99AA-D4C55A2B038E}\setup.exe" -runfromtemp -l0x0409 -removeonly Drive Manager-->MsiExec.exe /I{48B0F38D-1913-44F3-99AA-D4C55A2B038E} Garmin City Navigator Europe NT 2008-->MsiExec.exe /X{EEC8205A-E3DE-4C00-B60C-48E3B9B58B13} Garmin Communicator Plugin-->MsiExec.exe /X{3A7BF905-F37D-4DFB-8308-EC3AA4617B36} Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72} High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe HijackThis 2.0.2-->"C:\PC Apps 3\Hijackthis\HijackThis.exe" /uninstall Holiday Snowflakes Screen Saver 1.2-->C:\WINDOWS\unins000.exe Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Hotfix for Windows XP (KB914440)-->"C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe" Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe" Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe" Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Intel(R) Matrix Storage Manager-->C:\WINDOWS\System32\Imsmudlg.exe iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843} J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100} J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110} J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060} Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010} LimeWire PRO 4.17.1-->"C:\Program Files\LimeWire\uninstall.exe" Macromedia Dreamweaver MX 2004-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}\Setup.exe" -l0x9 mmUninstall Macromedia Extension Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}\setup.exe" -l0x9 mmUninstall MCU-->MsiExec.exe /I{D2988E9B-C73F-422C-AD4B-A66EBE257120} Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Works-->MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1} Modem Helper-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E} Nero 7 Ultra Edition-->MsiExec.exe /I{4781569D-5404-1F26-4B2B-6DF444441031} NetWaiting-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText Nokia Connectivity Cable Driver-->MsiExec.exe /X{4F1DCA42-2030-437C-A94E-736692A499C1} Nokia Flashing Cable Driver-->MsiExec.exe /X{A4E0CA0F-1903-440A-9B98-FEA6CB049999} Nokia Lifeblog 2.1-->MsiExec.exe /I{EE565795-2776-415A-B31C-EB3A8D7C6FA4} Nokia MTP driver-->MsiExec.exe /I{59359B3D-ABE7-46BF-AB55-43B67A64DC68} Nokia N73 highlights-->MsiExec.exe /I{02B71D92-A84B-4DFB-9A10-D12BB01AC1F2} Nokia Nseries Skin for Microsoft Windows Media Player-->MsiExec.exe /I{73E30715-9EC4-4DAE-BE67-64500AEB8012} Nokia PC Connectivity Solution-->MsiExec.exe /I{0D80391C-0A72-43BB-9BC2-143F63CC111D} Nokia PC Suite-->MsiExec.exe /I{531317A5-586A-4E36-87C1-CA823447B375} Nokia themes for your device-->MsiExec.exe /I{77F5816C-64A6-4FBE-BBE5-52EFE5EB84E8} NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5} PeerGuardian 2.0-->"C:\Program Files\PeerGuardian2\unins000.exe" PeerGuardian v1.99 pr14-->"C:\Program Files\PeerGuardian pr14\unins000.exe" QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB} Registry Mechanic 7.0-->"C:\Program Files\Registry Mechanic\unins000.exe" Security Update for Step By Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe" Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Security Update for Windows Media Player 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe" Security Update for Windows Media Player 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe" Security Update for Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe" Security Update for Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe" Security Update for Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe" Security Update for Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe" Security Update for Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe" Security Update for Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe" Security Update for Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe" Security Update for Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe" Security Update for Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe" Security Update for Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe" Security Update for Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe" Security Update for Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe" Security Update for Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe" Security Update for Windows XP (KB918899)-->"C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe" Security Update for Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe" Security Update for Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe" Security Update for Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe" Security Update for Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe" Security Update for Windows XP (KB923694)-->"C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe" Security Update for Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe" Security Update for Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe" Security Update for Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe" Security Update for Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe" Security Update for Windows XP (KB925454)-->"C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe" Security Update for Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe" Security Update for Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe" Security Update for Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe" Security Update for Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe" Security Update for Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe" Security Update for Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe" Security Update for Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe" Security Update for Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe" Security Update for Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe" Security Update for Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe" Security Update for Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe" Security Update for Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe" Security Update for Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe" Security Update for Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe" Security Update for Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe" Security Update for Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe" Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Security Update for Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe" Security Update for Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe" Security Update for Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe" Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Security Update for Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe" Security Update for Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe" Security Update for Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe" Security Update for Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe" Security Update for Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe" Security Update for Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe" Security Update for Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe" Security Update for Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe" Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Security Update for Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe" Security Update for Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe" Security Update for Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe" Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Sonic Activation Module-->MsiExec.exe /I{5B6BE547-21E2-49CA-B2E2-6A5F470593B1} Sony USB Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\setup.exe" UNINSTALL Update for Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe" Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Update for Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe" Update for Windows XP (KB904942)-->"C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe" Update for Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe" Update for Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe" Update for Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe" Update for Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe" Update for Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe" Update for Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe" Update for Windows XP (KB929338)-->"C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe" Update for Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe" Update for Windows XP (KB931836)-->"C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe" Update for Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe" Update for Windows XP (KB933360)-->"C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe" Update for Windows XP (KB936357)-->"C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe" Update for Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe" Update for Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe" Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Vegas Movie Studio Platinum 9.0-->MsiExec.exe /X{97E038E1-41AD-4C93-BCDC-6A2394AEE352} Webshots!-->C:\WINDOWS\WebshotsUninstall.exe Windows Driver Package - Nokia Modem (06/12/2006 6.81.0.21)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_62A340731F8930057B44B8864F236850B0D49D65\nokbtmdm.inf Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe" Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} Windows XP Hotfix - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe Windows XP Hotfix - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe Windows XP Hotfix - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe Windows XP Hotfix - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe" Windows XP Winter Fun Pack Screensavers-->MsiExec.exe /I{27D0C7AB-59F1-4D4D-A0BB-05A31AC919EA} WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe =====HijackThis Backups===== O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.147 85.255.112.211 O23 - Service: Routing Service (Routing) - Unknown owner - C:\WINDOWS\system32\routing.exe (file missing) O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.147 85.255.112.211 O17 - HKLM\System\CCS\Services\Tcpip\..\{5E8089F5-387F-44AC-8F1E-295443C79793}: NameServer = 85.255.116.147,85.255.112.211 O23 - Service: perfmons Service (perfmons) - Unknown owner - C:\WINDOWS\system32\perfs.exe (file missing) ======Security center information====== AV: Bitdefender Antivirus AV: (disabled) (outdated) FW: Bitdefender Firewall FW: (disabled) -----------------EOF----------------- |
|
|
|
|
11-14-2008, 05:40 AM
|
#13 (permalink) | |
|
Moderator, Analyst, Security Team
Join Date: Oct 2006
Location: Dùn Èideann,Scotland.
Posts: 4,531
OS: XP
|
Re: Infected with Trojan.Adclicker.HB & trojan generic 826214
Hello again
Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe. ======== Please follow all instructions and in which order they come, if you have any questions, please ask before proceeding. Its important that you follow this through until i give you the all clear, a lack of symptoms does not mean that it is no longer present. Please DO NOT Attach logs to your posts unless you are advised to do so. ========== P2P P2P - I see you have P2P software Azureus and LimeWire PRO 4.17.1 installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It may be contributing to your current situation. This page will give you further information. Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares and their infections. References for the risk of these programs are Here, Here and Here. =========== Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop. Link 1 Link 2 Link 3   [*]Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix. [*]Double click on combofix.exe & follow the prompts. [*]As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.  The Windows recovery console will allow you to boot up into a special recovery mode that allows us to help you in the case that your computer has a problem after an attempted removal of malware. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement. ComboFix will now automatically install the Microsoft Windows Recovery Console onto your computer, which will show up as a new option when booting up your computer. Do not select the Microsoft Windows Recovery Console option when you start your computer unless requested to by a helper. Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see a message that says: The Recovery Console was successfully installed.  Click on Yes, to continue scanning for malware. [*]Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal. [*] When finished, it shall produce a log for you. Post that log in your next reply Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall. ======== Quote:
========= Open HijackThis and click on 'Do a System Scan and save a Logfile'. Save the log file and post it here. ========= Logs Required C:\Combofix.txt Hijackthis Log |
|
|
|
|
|
11-14-2008, 10:22 AM
|
#14 (permalink) |
|
Registered User
Join Date: Nov 2008
Posts: 30
OS: xp SP2
|
Re: Infected with Trojan.Adclicker.HB & trojan generic 826214
Howdy.
The problem in having now is that when I click on any of your links to download combofix it doesnt give the option to re-name it before saving it. It just downloads straight to the desktop. I disabled Bitdefender and Then when I double click on combofix.exe it tries to run but nothing happens. this has been happening the last few days with other software ive tried to run as well..ie some programs just wont open. |
|
|
|
|
11-14-2008, 10:26 AM
|
#15 (permalink) | |
|
Moderator, Analyst, Security Team
Join Date: Oct 2006
Location: Dùn Èideann,Scotland.
Posts: 4,531
OS: XP
|
Re: Infected with Trojan.Adclicker.HB & trojan generic 826214
Quote:
|
|
|
|
|
|
11-14-2008, 01:24 PM
|
#16 (permalink) | |
|
Registered User
Join Date: Nov 2008
Posts: 30
OS: xp SP2
|
Re: Infected with Trojan.Adclicker.HB & trojan generic 826214
Quote:
I right-clicked on Combofix, re-named it and it asked me if i was sure i wanted to re-name it as changing an extension file could make it become unstable. I clicked ok and it turned into a read-only file. Aaarrrgghh. SO i put back in the ".exe" extension and tried to run it but stil nothing. This is really wrecking my head at this stage. Im real close to wiping the whole PC. Last edited by KennyLegend; 11-14-2008 at 01:26 PM. |
|
|
|
|
|
11-14-2008, 01:52 PM
|
#17 (permalink) | |
|
Moderator, Analyst, Security Team
Join Date: Oct 2006
Location: Dùn Èideann,Scotland.
Posts: 4,531
OS: XP
|
Re: Infected with Trojan.Adclicker.HB & trojan generic 826214
Quote:
Go Start >> Run and copy/paste the following single-line command into the Run box and click OK: "%userprofile%\desktop\kenny.exe" If you have used capitals when renaming, make sure to include them in the command. If this does not work, we`ll try something else. |
|
|
|
|
|
11-14-2008, 02:49 PM
|
#19 (permalink) | |
|
Moderator, Analyst, Security Team
Join Date: Oct 2006
Location: Dùn Èideann,Scotland.
Posts: 4,531
OS: XP
|
Re: Infected with Trojan.Adclicker.HB & trojan generic 826214
Hello again
Please download OTMoveIt3 by OldTimer. Save it to your desktop. Double-click on OTMoveIt3.exe Using notepad copy the lines in the codebox below: Quote:
Click the red Moveit! button. Copy everything in the Results window (under the green bar), and paste into notepad. Save as OTMoveIt3.txt and to your desktop. Post the contents in your next reply. Close OTMoveIt3 If OTMoveIt3 asks you to reboot, please do so after saving the OTMoveIt3.txt. ========= Download Malwarebytes ' Anti-Malware from Here or Here Double-click on mbam-setup.exe to install the application. * Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select Perform Full Scan, then click Scan. * The scan may take some time to finish, so please be patient. * When the scan is complete, click OK, then Show Results to view the results. * Make sure that everything is checked, and click Remove Selected. * When disinfection is completed, a log will open in Notepad and you may be prompted to restart (see Extra Note below). * The log is automatically saved byOTMoveIt3 and can be viewed by clicking the Logs tab in MBAM. * Copy & paste the entire report into your next reply. Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. ======== Run RSIT again. ========= Logs Required OTMoveIt3.txt MBAM.txt log.txt |
|
|
|
|
|
11-14-2008, 04:35 PM
|
#20 (permalink) |
|
Registered User
Join Date: Nov 2008
Posts: 30
OS: xp SP2
|
Re: Infected with Trojan.Adclicker.HB & trojan generic 826214
Ok Bruce....a strange thing just hapened.
I ran that moveit program as you said and the results came up on the RHS stating..."....job moved successfully" for everything that was in the log. however, when i went to copy the results, the program disapperaed off the screen and shut down !!! I ran it again and of course, there was nothing to move now. I managed to get a log of the second run...even though its probably no good to you here it is. ========== REGISTRY ========== HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\"Local Page"|"C:\WINDOWS\system32\blank.htm" /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33107fe9-e799-49ce-a747-8d04d428adec}\\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99C6D1BB-7555-474C-91DA-D8FB62A9CC75}\\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\rizozoribo deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\845f2c22 not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\CPM876c1fbe deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_DLLS"|"" /E : value set successfully! Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\SSODL deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler\\STS not found. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\"notification packages"|hex(7):73,63,65,63,6c,69,00,00 /E : value set successfully! ========== FILES ========== File/Folder C:\WINDOWS\system32\leborivo.dll not found. File/Folder C:\WINDOWS\system32\yekugebe.dll not found. File/Folder C:\WINDOWS\system32\mogiwate.dll not found. File/Folder c:\windows\system32\vomotuzi.dll not found. File/Folder C:\WINDOWS\system32\dagitufa.dll not found. File/Folder C:\WINDOWS\system32\jumobiva.exe not found. File/Folder C:\WINDOWS\system32\w3a5i5uh.exe.a_a not found. File/Folder C:\WINDOWS\system32\esumajit.ini not found. File/Folder C:\WINDOWS\system32\asuzarot.ini not found. File/Folder C:\WINDOWS\system32\oyozonav.ini not found. File/Folder C:\WINDOWS\system32\izepojak.ini not found. File/Folder C:\WINDOWS\system32\uwozedop.ini not found. File/Folder C:\WINDOWS\system32\uzigufan.ini not found. File/Folder C:\WINDOWS\system32\avituvut.ini not found. File/Folder C:\WINDOWS\system32\atilideg.ini not found. File/Folder C:\WINDOWS\system32\ayofugul.ini not found. File/Folder C:\Documents and Settings\Ken & Caroline\Application Data\AdwareAlert not found. File/Folder C:\WINDOWS\system32\4iSOK8ua.exe.a_a not found. File/Folder C:\WINDOWS\system32\4iSOK8ua.exe not found. File/Folder C:\WINDOWS\tasks\At1.job not found. File/Folder C:\WINDOWS\tasks\At10.job not found. File/Folder C:\WINDOWS\tasks\At11.job not found. File/Folder C:\WINDOWS\tasks\At12.job not found. File/Folder C:\WINDOWS\tasks\At13.job not found. File/Folder C:\WINDOWS\tasks\At14.job not found. File/Folder C:\WINDOWS\tasks\At15.job not found. File/Folder C:\WINDOWS\tasks\At16.job not found. File/Folder C:\WINDOWS\tasks\At17.job not found. File/Folder C:\WINDOWS\tasks\At18.job not found. File/Folder C:\WINDOWS\tasks\At19.job not found. File/Folder C:\WINDOWS\tasks\At2.job not found. File/Folder C:\WINDOWS\tasks\At20.job not found. File/Folder C:\WINDOWS\tasks\At21.job not found. File/Folder C:\WINDOWS\tasks\At22.job not found. File/Folder C:\WINDOWS\tasks\At23.job not found. File/Folder C:\WINDOWS\tasks\At24.job not found. File/Folder C:\WINDOWS\tasks\At25.job not found. File/Folder C:\WINDOWS\tasks\At26.job not found. File/Folder C:\WINDOWS\tasks\At27.job not found. File/Folder C:\WINDOWS\tasks\At28.job not found. File/Folder C:\WINDOWS\tasks\At29.job not found. File/Folder C:\WINDOWS\tasks\At3.job not found. File/Folder C:\WINDOWS\tasks\At30.job not found. File/Folder C:\WINDOWS\tasks\At31.job not found. File/Folder C:\WINDOWS\tasks\At32.job not found. File/Folder C:\WINDOWS\tasks\At33.job not found. File/Folder C:\WINDOWS\tasks\At34.job not found. File/Folder C:\WINDOWS\tasks\At35.job not found. File/Folder C:\WINDOWS\tasks\At36.job not found. File/Folder C:\WINDOWS\tasks\At37.job not found. File/Folder C:\WINDOWS\tasks\At38.job not found. File/Folder C:\WINDOWS\tasks\At39.job not found. File/Folder C:\WINDOWS\tasks\At4.job not found. File/Folder C:\WINDOWS\tasks\At40.job not found. File/Folder C:\WINDOWS\tasks\At41.job not found. File/Folder C:\WINDOWS\tasks\At42.job not found. File/Folder C:\WINDOWS\tasks\At43.job not found. File/Folder C:\WINDOWS\tasks\At44.job not found. File/Folder C:\WINDOWS\tasks\At45.job not found. File/Folder C:\WINDOWS\tasks\At46.job not found. File/Folder C:\WINDOWS\tasks\At47.job not found. File/Folder C:\WINDOWS\tasks\At48.job not found. File/Folder C:\WINDOWS\tasks\At5.job not found. File/Folder C:\WINDOWS\tasks\At6.job not found. File/Folder C:\WINDOWS\tasks\At7.job not found. File/Folder C:\WINDOWS\tasks\At8.job not found. File/Folder C:\WINDOWS\tasks\At9.job not found. File/Folder C:\WINDOWS\system32\SET84F.tmp not found. File/Folder C:\WINDOWS\system32\SET84B.tmp not found. File/Folder C:\WINDOWS\system32\SET847.tmp not found. File/Folder C:\WINDOWS\system32\SET844.tmp not found. File/Folder C:\WINDOWS\system32\SET83F.tmp not found. File/Folder C:\WINDOWS\system32\SET83D.tmp not found. File/Folder C:\WINDOWS\system32\SET83A.tmp not found. File/Folder C:\WINDOWS\system32\SET839.tmp not found. File/Folder C:\WINDOWS\system32\SET835.tmp not found. File/Folder C:\WINDOWS\system32\SET834.tmp not found. File/Folder C:\WINDOWS\system32\SET831.tmp not found. File/Folder C:\WINDOWS\system32\SET830.tmp not found. File/Folder C:\WINDOWS\system32\SET82F.tmp not found. File/Folder C:\WINDOWS\system32\SET1479.tmp not found. File/Folder C:\WINDOWS\system32\SET1478.tmp not found. File/Folder C:\WINDOWS\system32\SET82D.tmp not found. File/Folder C:\WINDOWS\system32\SET829.tmp not found. File/Folder C:\WINDOWS\system32\SET827.tmp not found. File/Folder C:\WINDOWS\system32\SET824.tmp not found. File/Folder C:\WINDOWS\system32\SET821.tmp not found. File/Folder C:\WINDOWS\system32\SET81C.tmp not found. File/Folder C:\WINDOWS\system32\SET815.tmp not found. File/Folder C:\WINDOWS\system32\SET80D.tmp not found. File/Folder C:\WINDOWS\system32\SET80C.tmp not found. File/Folder C:\WINDOWS\system32\SET807.tmp not found. File/Folder C:\WINDOWS\system32\SET805.tmp not found. File/Folder C:\WINDOWS\system32\SET802.tmp not found. File/Folder C:\WINDOWS\system32\SET800.tmp not found. File/Folder C:\WINDOWS\system32\SET7FF.tmp not found. File/Folder C:\WINDOWS\system32\SET7FD.tmp not found. File/Folder C:\WINDOWS\system32\SET7FB.tmp not found. File/Folder C:\WINDOWS\system32\SET7FA.tmp not found. File/Folder C:\WINDOWS\system32\SET7F9.tmp not found. File/Folder C:\WINDOWS\system32\SET7F8.tmp not found. File/Folder C:\WINDOWS\system32\SET7F6.tmp not found. File/Folder C:\WINDOWS\system32\SET7F5.tmp not found. File/Folder C:\WINDOWS\system32\SET7F4.tmp not found. File/Folder C:\WINDOWS\system32\SET7ED.tmp not found. File/Folder C:\WINDOWS\system32\SET7EB.tmp not found. File/Folder C:\WINDOWS\system32\SET7E6.tmp not found. File/Folder C:\WINDOWS\system32\SET7E3.tmp not found. File/Folder C:\WINDOWS\system32\SET7C1.tmp not found. File/Folder C:\WINDOWS\system32\SET7C0.tmp not found. File/Folder C:\WINDOWS\system32\SET7AE.tmp not found. File/Folder C:\WINDOWS\system32\SET7A8.tmp not found. File/Folder C:\WINDOWS\system32\SET7A3.tmp not found. File/Folder C:\WINDOWS\system32\SET79F.tmp not found. File/Folder C:\WINDOWS\system32\SET797.tmp not found. File/Folder C:\WINDOWS\system32\SET796.tmp not found. File/Folder C:\WINDOWS\system32\SET795.tmp not found. File/Folder C:\WINDOWS\system32\SET792.tmp not found. File/Folder C:\WINDOWS\system32\SET1456.tmp not found. File/Folder C:\WINDOWS\SET876.tmp not found. File/Folder C:\WINDOWS\002721_.tmp not found. File/Folder C:\WINDOWS\system32\SET77D.tmp not found. File/Folder C:\WINDOWS\system32\SET771.tmp not found. File/Folder C:\WINDOWS\system32\SET76F.tmp not found. File/Folder C:\WINDOWS\system32\SET76A.tmp not found. File/Folder C:\WINDOWS\system32\SET760.tmp not found. File/Folder C:\WINDOWS\system32\SET75C.tmp not found. File/Folder C:\WINDOWS\system32\SET755.tmp not found. File/Folder C:\WINDOWS\system32\SET754.tmp not found. File/Folder C:\WINDOWS\system32\SET753.tmp not found. File/Folder C:\WINDOWS\system32\SET74F.tmp not found. File/Folder C:\WINDOWS\system32\SET144F.tmp not found. File/Folder C:\WINDOWS\system32\SET746.tmp not found. File/Folder C:\WINDOWS\system32\SET72D.tmp not found. File/Folder C:\WINDOWS\system32\SET727.tmp not found. File/Folder C:\WINDOWS\system32\SET721.tmp not found. File/Folder C:\WINDOWS\system32\SET71F.tmp not found. File/Folder C:\WINDOWS\system32\SET71D.tmp not found. File/Folder C:\WINDOWS\system32\SET719.tmp not found. File/Folder C:\WINDOWS\system32\SET707.tmp not found. File/Folder C:\WINDOWS\system32\SET703.tmp not found. File/Folder C:\WINDOWS\system32\SET700.tmp not found. File/Folder C:\WINDOWS\system32\SET6FD.tmp not found. File/Folder C:\WINDOWS\system32\SET6FB.tmp not found. File/Folder C:\WINDOWS\system32\SET6F4.tmp not found. File/Folder C:\WINDOWS\system32\SET6EA.tmp not found. File/Folder C:\WINDOWS\system32\SET6E5.tmp not found. File/Folder C:\WINDOWS\system32\SET6E3.tmp not found. File/Folder C:\WINDOWS\system32\SET6E0.tmp not found. File/Folder C:\WINDOWS\system32\SET6D1.tmp not found. File/Folder C:\WINDOWS\system32\SET6CB.tmp not found. File/Folder C:\WINDOWS\system32\SET6C9.tmp not found. File/Folder C:\WINDOWS\system32\SET6C7.tmp not found. File/Folder C:\WINDOWS\system32\SET6C0.tmp not found. File/Folder C:\WINDOWS\system32\SET6BD.tmp not found. File/Folder C:\WINDOWS\system32\SET6BB.tmp not found. File/Folder C:\WINDOWS\system32\SET6BA.tmp not found. File/Folder C:\WINDOWS\system32\SET6B9.tmp not found. File/Folder C:\WINDOWS\system32\SET6B6.tmp not found. File/Folder C:\WINDOWS\system32\SET142C.tmp not found. File/Folder C:\WINDOWS\system32\SET6A7.tmp not found. File/Folder C:\WINDOWS\system32\SET6A3.tmp not found. File/Folder C:\WINDOWS\system32\SET6A1.tmp not found. File/Folder C:\WINDOWS\system32\SET69F.tmp not found. File/Folder C:\WINDOWS\system32\SET69E.tmp not found. File/Folder C:\WINDOWS\system32\SET69D.tmp not found. File/Folder C:\WINDOWS\system32\SET69C.tmp not found. File/Folder C:\WINDOWS\system32\SET69A.tmp not found. File/Folder C:\WINDOWS\system32\SET693.tmp not found. File/Folder C:\WINDOWS\system32\SET691.tmp not found. File/Folder C:\WINDOWS\system32\SET68F.tmp not found. File/Folder C:\WINDOWS\system32\SET68E.tmp not found. File/Folder C:\WINDOWS\system32\SET685.tmp not found. File/Folder C:\WINDOWS\system32\SET683.tmp not found. File/Folder C:\WINDOWS\system32\SET680.tmp not found. File/Folder C:\WINDOWS\system32\SET67F.tmp not found. File/Folder C:\WINDOWS\system32\SET67D.tmp not found. File/Folder C:\WINDOWS\system32\SET679.tmp not found. File/Folder C:\WINDOWS\system32\SET676.tmp not found. File/Folder C:\WINDOWS\system32\SET674.tmp not found. File/Folder C:\WINDOWS\system32\SET66D.tmp not found. File/Folder C:\WINDOWS\system32\SET669.tmp not found. File/Folder C:\WINDOWS\system32\SET667.tmp not found. File/Folder C:\WINDOWS\system32\SET664.tmp not found. File/Folder C:\WINDOWS\system32\SET660.tmp not found. File/Folder C:\WINDOWS\system32\SET65F.tmp not found. File/Folder C:\WINDOWS\system32\SET65C.tmp not found. File/Folder C:\WINDOWS\system32\SET65B.tmp not found. File/Folder C:\WINDOWS\system32\SET658.tmp not found. File/Folder C:\WINDOWS\system32\SET653.tmp not found. File/Folder C:\WINDOWS\system32\SET650.tmp not found. File/Folder C:\WINDOWS\system32\SET64F.tmp not found. File/Folder C:\WINDOWS\system32\SET64E.tmp not found. File/Folder C:\WINDOWS\system32\SET649.tmp not found. File/Folder C:\WINDOWS\system32\SET648.tmp not found. File/Folder C:\WINDOWS\system32\SET647.tmp not found. File/Folder C:\WINDOWS\system32\SET641.tmp not found. File/Folder C:\WINDOWS\system32\SET63B.tmp not found. File/Folder C:\WINDOWS\system32\SET639.tmp not found. File/Folder C:\WINDOWS\system32\SET637.tmp not found. File/Folder C:\WINDOWS\system32\SET635.tmp not found. File/Folder C:\WINDOWS\system32\SET62F.tmp not found. File/Folder C:\WINDOWS\system32\SET62E.tmp not found. File/Folder C:\WINDOWS\system32\SET62D.tmp not found. File/Folder C:\WINDOWS\system32\SET62B.tmp not found. File/Folder C:\WINDOWS\system32\SET62A.tmp not found. File/Folder C:\WINDOWS\system32\SET629.tmp not found. File/Folder C:\WINDOWS\system32\SET628.tmp not found. File/Folder C:\WINDOWS\system32\SET627.tmp not found. File/Folder C:\WINDOWS\system32\SET622.tmp not found. File/Folder C:\WINDOWS\system32\SET620.tmp not found. File/Folder C:\WINDOWS\system32\SET612.tmp not found. File/Folder C:\WINDOWS\system32\SET60F.tmp not found. File/Folder C:\WINDOWS\system32\SET60C.tmp not found. File/Folder C:\WINDOWS\system32\SET601.tmp not found. File/Folder C:\WINDOWS\system32\SET5FB.tmp not found. File/Folder C:\WINDOWS\system32\SET5F9.tmp not found. File/Folder C:\WINDOWS\system32\SET5F4.tmp not found. File/Folder C:\WINDOWS\system32\SET5EE.tmp not found. File/Folder C:\WINDOWS\system32\SET5EA.tmp not found. File/Folder C:\WINDOWS\system32\SET5E3.tmp not found. File/Folder C:\WINDOWS\system32\SET5E1.tmp not found. File/Folder C:\WINDOWS\system32\SET5D8.tmp not found. File/Folder C:\WINDOWS\system32\SET5CB.tmp not found. File/Folder C:\WINDOWS\system32\SET5B8.tmp not found. File/Folder C:\WINDOWS\system32\SET5B3.tmp not found. File/Folder C:\WINDOWS\system32\SET5AC.tmp not found. File/Folder C:\WINDOWS\system32\SET5A7.tmp not found. File/Folder C:\WINDOWS\system32\SET5A5.tmp not found. File/Folder C:\WINDOWS\system32\SET586.tmp not found. File/Folder C:\WINDOWS\system32\SET57A.tmp not found. File/Folder C:\WINDOWS\system32\SET575.tmp not found. File/Folder C:\WINDOWS\system32\SET574.tmp not found. File/Folder C:\WINDOWS\system32\SET571.tmp not found. File/Folder C:\WINDOWS\system32\SET56F.tmp not found. File/Folder C:\WINDOWS\system32\SET569.tmp not found. File/Folder C:\WINDOWS\system32\SET55C.tmp not found. File/Folder C:\WINDOWS\system32\SET55B.tmp not found. File/Folder C:\WINDOWS\system32\SET55A.tmp not found. File/Folder C:\WINDOWS\system32\SET552.tmp not found. File/Folder C:\WINDOWS\system32\SET550.tmp not found. File/Folder C:\WINDOWS\system32\SET54C.tmp not found. File/Folder C:\WINDOWS\system32\SET54A.tmp not found. File/Folder C:\WINDOWS\system32\SET541.tmp not found. File/Folder C:\WINDOWS\system32\SET540.tmp not found. File/Folder C:\WINDOWS\system32\SET53C.tmp not found. File/Folder C:\WINDOWS\system32\SET53B.tmp not found. File/Folder C:\WINDOWS\system32\SET53A.tmp not found. File/Folder C:\WINDOWS\system32\SET539.tmp not found. File/Folder C:\WINDOWS\system32\SET536.tmp not found. File/Folder C:\WINDOWS\system32\SET530.tmp not found. File/Folder C:\WINDOWS\system32\SET525.tmp not found. File/Folder C:\WINDOWS\system32\SET506.tmp not found. File/Folder C:\WINDOWS\system32\SET505.tmp not found. File/Folder C:\WINDOWS\system32\SET503.tmp not found. File/Folder C:\WINDOWS\system32\SET502.tmp not found. File/Folder C:\WINDOWS\system32\SET501.tmp not found. File/Folder C:\WINDOWS\system32\SET500.tmp not found. File/Folder C:\WINDOWS\system32\SET4FB.tmp not found. File/Folder C:\WINDOWS\system32\SET4F7.tmp not found. File/Folder C:\WINDOWS\system32\SET4F6.tmp not found. File/Folder C:\WINDOWS\system32\SET4E1.tmp not found. File/Folder C:\WINDOWS\system32\SET4DB.tmp not found. File/Folder C:\WINDOWS\system32\SET4D5.tmp not found. File/Folder C:\WINDOWS\system32\SET4D1.tmp not found. File/Folder C:\WINDOWS\system32\SET1405.tmp not found. File/Folder C:\WINDOWS\system32\SET4C8.tmp not found. File/Folder C:\WINDOWS\system32\SET4C6.tmp not found. File/Folder C:\WINDOWS\system32\SET4BF.tmp not found. File/Folder C:\WINDOWS\system32\SET4BB.tmp not found. File/Folder C:\WINDOWS\system32\SET4B9.tmp not found. File/Folder C:\WINDOWS\system32\SET4AC.tmp not found. File/Folder C:\WINDOWS\system32\SET49D.tmp not found. File/Folder C:\WINDOWS\system32\SET49C.tmp not found. File/Folder C:\WINDOWS\system32\SET49B.tmp not found. File/Folder C:\WINDOWS\system32\SET49A.tmp not found. File/Folder C:\WINDOWS\system32\SET497.tmp not found. File/Folder C:\WINDOWS\system32\SET48A.tmp not found. File/Folder C:\WINDOWS\system32\SET487.tmp not found. File/Folder C:\WINDOWS\system32\SET485.tmp not found. File/Folder C:\WINDOWS\system32\SET481.tmp not found. File/Folder C:\WINDOWS\system32\SET47E.tmp not found. File/Folder C:\WINDOWS\system32\SET462.tmp not found. File/Folder C:\WINDOWS\system32\SET45F.tmp not found. File/Folder C:\WINDOWS\system32\SET45D.tmp not found. File/Folder C:\WINDOWS\system32\SET452.tmp not found. File/Folder C:\WINDOWS\system32\SET451.tmp not found. File/Folder C:\WINDOWS\system32\SET450.tmp not found. File/Folder C:\WINDOWS\system32\SET13FE.tmp not found. File/Folder C:\WINDOWS\system32\SET436.tmp not found. File/Folder C:\WINDOWS\system32\SET434.tmp not found. File/Folder C:\WINDOWS\system32\SET433.tmp not found. File/Folder C:\WINDOWS\system32\SET42D.tmp not found. File/Folder C:\WINDOWS\system32\SET42C.tmp not found. File/Folder C:\WINDOWS\system32\SET42B.tmp not found. File/Folder C:\WINDOWS\system32\SET42A.tmp not found. File/Folder C:\WINDOWS\system32\SET426.tmp not found. File/Folder C:\WINDOWS\system32\SET424.tmp not found. File/Folder C:\WINDOWS\system32\SET423.tmp not found. File/Folder C:\WINDOWS\system32\SET421.tmp not found. File/Folder C:\WINDOWS\system32\SET13FA.tmp not found. File/Folder C:\WINDOWS\system32\SET40A.tmp not found. File/Folder C:\WINDOWS\system32\SET407.tmp not found. File/Folder C:\WINDOWS\system32\SET404.tmp not found. File/Folder C:\WINDOWS\system32\SET3FB.tmp not found. File/Folder C:\WINDOWS\system32\SET3F9.tmp not found. File/Folder C:\WINDOWS\system32\SET3F5.tmp not found. File/Folder C:\WINDOWS\system32\SET13F5.tmp not found. File/Folder C:\WINDOWS\system32\SET13F2.tmp not found. File/Folder C:\WINDOWS\system32\SET3F2.tmp not found. File/Folder C:\WINDOWS\system32\SET3F1.tmp not found. File/Folder C:\WINDOWS\system32\_003275_.tmp.dll not found. File/Folder C:\WINDOWS\system32\_003274_.tmp.dll not found. File/Folder C:\WINDOWS\system32\_003272_.tmp.dll not found. File/Folder C:\WINDOWS\system32\_003267_.tmp.dll not found. File/Folder C:\WINDOWS\system32\_003266_.tmp.dll not found. File/Folder C:\WINDOWS\system32\_003265_.tmp.dll not found. File/Folder C:\WINDOWS\system32\_003264_.tmp.dll not found. File/Folder C:\WINDOWS\system32\_003263_.tmp.dll not found. File/Folder C:\WINDOWS\system32\_003260_.tmp.dll not found. File/Folder C:\WINDOWS\system32\_003259_.tmp.dll not found. File/Folder C:\WINDOWS\system32\_003258_.tmp.dll not found. File/Folder C:\WINDOWS\system32\_003257_.tmp.dll not found. File/Folder C:\WINDOWS\system32\_003255_.tmp.dll not found. File/Folder C:\WINDOWS\system32\_003252_.tmp.dll not found. File/Folder C:\WINDOWS\system32\_003250_.tmp.dll not found. File/Folder C:\WINDOWS\system32\_003249_.tmp.dll not found. File/Folder C:\WINDOWS\system32\_003245_.tmp.dll not found. File/Folder C:\WINDOWS\system32\_003244_.tmp.dll not found. File/Folder C:\WINDOWS\system32\_003243_.tmp.dll not found. File/Folder 2C:\WINDOWS\system32\_003240_.tmp.dll not found. File/Folder C:\WINDOWS\system32\_003237_.tmp.dll not found. File/Folder C:\WINDOWS\system32\_003236_.tmp.dll not found. File/Folder C:\WINDOWS\system32\_003235_.tmp.dll not found. File/Folder C:\WINDOWS\system32\_003228_.tmp.dll not found. File/Folder C:\WINDOWS\system32\_003223_.tmp.dll not found. File/Folder C:\WINDOWS\system32\_003218_.tmp.dll not found. File/Folder C:\WINDOWS\system32\_003215_.tmp.dll not found. DllUnregisterServer procedure not found in C:\WINDOWS\system32\_003213_.tmp.dll C:\WINDOWS\system32\_003213_.tmp.dll NOT unregistered. C:\WINDOWS\system32\_003213_.tmp.dll moved successfully. DllUnregisterServer procedure not found in C:\WINDOWS\system32\_003209_.tmp.dll C:\WINDOWS\system32\_003209_.tmp.dll NOT unregistered. C:\WINDOWS\system32\_003209_.tmp.dll moved successfully. DllUnregisterServer procedure not found in C:\WINDOWS\system32\_003207_.tmp.dll C:\WINDOWS\system32\_003207_.tmp.dll NOT unregistered. C:\WINDOWS\system32\_003207_.tmp.dll moved successfully. DllUnregisterServer procedure not found in C:\WINDOWS\system32\_003173_.tmp.dll C:\WINDOWS\system32\_003173_.tmp.dll NOT unregistered. C:\WINDOWS\system32\_003173_.tmp.dll moved successfully. DllUnregisterServer procedure not found in C:\WINDOWS\system32\_003172_.tmp.dll C:\WINDOWS\system32\_003172_.tmp.dll NOT unregistered. C:\WINDOWS\system32\_003172_.tmp.dll moved successfully. DllUnregisterServer procedure not found in C:\WINDOWS\system32\_003171_.tmp.dll C:\WINDOWS\system32\_003171_.tmp.dll NOT unregistered. C:\WINDOWS\system32\_003171_.tmp.dll moved successfully. DllUnregisterServer procedure not found in C:\WINDOWS\system32\_003165_.tmp.dll C:\WINDOWS\system32\_003165_.tmp.dll NOT unregistered. C:\WINDOWS\system32\_003165_.tmp.dll moved successfully. ========== COMMANDS ========== File delete failed. C:\DOCUME~1\KEN&CA~1\LOCALS~1\Temp\etilqs_8BNFXfc4ggrRBaVIivoo scheduled to be deleted on reboot. User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. Local Service Temp folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. Local Service Temporary Internet Files folder emptied. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_7dc.dat scheduled to be deleted on reboot. Windows Temp folder emptied. Java cache emptied. File delete failed. C:\Documents and Settings\Ken & Caroline\Local Settings\Application Data\Mozilla\Firefox\Profiles\rxzako8c.default\Cache\_CACHE_001_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Ken & Caroline\Local Settings\Application Data\Mozilla\Firefox\Profiles\rxzako8c.default\Cache\_CACHE_002_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Ken & Caroline\Local Settings\Application Data\Mozilla\Firefox\Profiles\rxzako8c.default\Cache\_CACHE_003_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Ken & Caroline\Local Settings\Application Data\Mozilla\Firefox\Profiles\rxzako8c.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Ken & Caroline\Local Settings\Application Data\Mozilla\Firefox\Profiles\rxzako8c.default\urlclassifier3.sqlite scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Ken & Caroline\Local Settings\Application Data\Mozilla\Firefox\Profiles\rxzako8c.default\urlclassifier3.sqlite-journal scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Ken & Caroline\Local Settings\Application Data\Mozilla\Firefox\Profiles\rxzako8c.default\XUL.mfl scheduled to be deleted on reboot. FireFox cache emptied. Temp folders emptied. OTMoveIt3 by OldTimer - Version 1.0.7.1 log created on 11152008_003016 |
|
|
|
| Thread Tools | |
|
|
