Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Vundo on machine

Started by Slugkiller , Oct 25 2007 04:43 AM

  • Please log in to reply

#1
Slugkiller
Posted 25 October 2007 - 04:43 AM

Slugkiller

    New Member

  • Member
  • Pip
  • 2 posts
I have been trying to delete Vundo I have tried both VundoFix, SpyBot and VirtumundoBeGone and they do not fix the problem. I have run HiJackThis and WinPFind3, please find the logs below. Please help on this its driving me mad.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:58:08, on 10/25/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Microsoft SQL Server\MSSQL$CRM\Binn\sqlservr.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\Isass.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft CRM\Client\res\Web\bin\Microsoft.Crm.Application.Hoster.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\PerSono\PersTray.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
G:\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://extra.eonic.co.uk
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://extra.eonic.co.uk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Workflow] F:\Workflow.exe
O4 - HKLM\..\Run: [Local Security Authority Service] C:\WINDOWS\system32\Isass.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [54a58e5f] rundll32.exe "C:\WINDOWS\system32\lkmsiaqw.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSCRMStartup] "C:\Program Files\Microsoft CRM\Client\res\Web\bin\Microsoft.Crm.Application.Hoster.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MXIE User.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Perstray.lnk = C:\Program Files\PerSono\PersTray.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://extra.eonic.co.uk
O15 - Trusted Zone: *.eonic.co.uk
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/VaioInfo.CAB
O16 - DPF: {2DEF4530-8CE6-41C9-84B6-A54536C90213} (Crystal Report Viewer Control 9) - http://crm.prod.eoni...tiveXViewer.Cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1147164324872
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.c.../acclaim_v4.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1147164494141
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = office.eonic.co.uk
O17 - HKLM\Software\..\Telephony: DomainName = office.eonic.co.uk
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = office.eonic.co.uk
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = office.eonic.co.uk
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (file missing)
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe

--
End of file - 11305 bytes


-----------------------------------------------------------------------------------------------------------------------------------

WinPFind3 logfile created on: 10/25/2007 11:04:39
WinPFind3U by OldTimer - Version 1.0.42 Folder = C:\Program Files\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 7.0.5730.11)

2.00 Gb Total Physical Memory | 1.35 Gb Available Physical Memory | 67.39% Memory free
2.60 Gb Paging File | 2.05 Gb Available in Paging File | 78.96% Paging File free
Paging file location(s): c:\pagefile.sys 768 1536;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 32.60 Gb Total Space | 10.14 Gb Free Space | 31.12% Space Free
Drive D: | 34.94 Gb Total Space | 34.17 Gb Free Space | 97.80% Space Free
E: Drive not present or media not loaded
F: Drive not present or media not loaded

Computer Name: *************
Current User Name: *****
Logged in as Administrator.
Current Boot Mode: Normal


[Processes - Non-Microsoft Only]
acrotray.exe -> %ProgramFiles%\Adobe\Acrobat 7.0\Distillr\acrotray.exe -> Adobe Systems Inc. [Ver = 7.0.1.2005092300 | Size = 483328 bytes | Modified Date = 9/24/2005 06:30:38 | Attr = ]
apntex.exe -> %ProgramFiles%\Apoint\ApntEx.exe -> Alps Electric Co., Ltd. [Ver = 5.0.1.15 | Size = 45056 bytes | Modified Date = 2/26/2003 03:08:42 | Attr = ]
apoint.exe -> %ProgramFiles%\Apoint\Apoint.exe -> Alps Electric Co., Ltd. [Ver = 5.5.7.136 | Size = 114688 bytes | Modified Date = 11/7/2003 09:21:28 | Attr = ]
ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4117 | Size = 376832 bytes | Modified Date = 6/28/2005 14:55:40 | Attr = ]
ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4117 | Size = 376832 bytes | Modified Date = 6/28/2005 14:55:40 | Attr = ]
atiptaxx.exe -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5157 | Size = 344064 bytes | Modified Date = 6/28/2005 21:05:00 | Attr = ]
azmixersel.exe -> %ProgramFiles%\Realtek\InstallShield\AzMixerSel.exe -> Realtek Semiconductor Corp. [Ver = 1, 0, 0, 2 | Size = 53248 bytes | Modified Date = 2/14/2005 03:18:36 | Attr = ]
ccapp.exe -> %CommonProgramFiles%\Symantec Shared\ccApp.exe -> Symantec Corporation [Ver = 103.5.6.3 | Size = 48752 bytes | Modified Date = 10/4/2005 12:42:40 | Attr = ]
ccevtmgr.exe -> %CommonProgramFiles%\Symantec Shared\ccEvtMgr.exe -> Symantec Corporation [Ver = 103.5.6.3 | Size = 185968 bytes | Modified Date = 10/4/2005 12:42:42 | Attr = ]
ccsetmgr.exe -> %CommonProgramFiles%\Symantec Shared\ccSetMgr.exe -> Symantec Corporation [Ver = 103.5.6.3 | Size = 177776 bytes | Modified Date = 10/4/2005 12:42:50 | Attr = ]
defwatch.exe -> %ProgramFiles%\Symantec AntiVirus\DefWatch.exe -> Symantec Corporation [Ver = 10.0.2.2000 | Size = 20208 bytes | Modified Date = 11/15/2005 13:27:44 | Attr = ]
evteng.exe -> %ProgramFiles%\Intel\Wireless\Bin\EvtEng.exe -> Intel Corporation [Ver = 10.5.0.20 | Size = 434176 bytes | Modified Date = 8/2/2006 01:39:20 | Attr = ]
hijackthis.exe -> G:\HiJackThis.exe -> Trend Micro Inc. [Ver = 2.00.0002 | Size = 401720 bytes | Modified Date = 10/24/2007 14:07:26 | Attr = ]
hpqgalry.exe -> %ProgramFiles%\HP\Digital Imaging\bin\hpqgalry.exe -> Hewlett-Packard Co. [Ver = 045.004.157.000 | Size = 425984 bytes | Modified Date = 11/4/2004 19:36:46 | Attr = ]
hpwuschd2.exe -> %ProgramFiles%\HP\HP Software Update\HPWuSchd2.exe -> Hewlett-Packard Company [Ver = 5, 0, 0, 0 | Size = 49152 bytes | Modified Date = 9/13/2004 15:49:00 | Attr = ]
hpzipm12.exe -> %System32%\HPZipm12.exe -> HP [Ver = 10, 1, 0, 2 | Size = 69632 bytes | Modified Date = 12/24/2004 11:11:46 | Attr = ]
ico.exe -> %System32%\ico.exe -> Primax Electronics Ltd. [Ver = 1, 0, 0, 8 | Size = 45056 bytes | Modified Date = 3/14/2002 16:46:58 | Attr = ]
ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 6.0.2.23 | Size = 323584 bytes | Modified Date = 12/20/2005 21:54:34 | Attr = ]
isass.exe -> %System32%\Isass.exe -> [Ver = | Size = 38912 bytes | Modified Date = 6/13/2007 11:23:08 | Attr = H ]
ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 6.0.2.23 | Size = 278528 bytes | Modified Date = 12/20/2005 21:54:48 | Attr = ]
jusched.exe -> %ProgramFiles%\Java\jre1.6.0_03\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 132496 bytes | Modified Date = 9/25/2007 01:11:36 | Attr = ]
perstray.exe -> %ProgramFiles%\PerSono\PersTray.exe -> Plantronics [Ver = 2.04.000 | Size = 32768 bytes | Modified Date = 10/9/2002 16:25:58 | Attr = R ]
photoshopelementsdeviceconnect.exe -> %ProgramFiles%\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe -> [Ver = | Size = 118784 bytes | Modified Date = 10/4/2004 03:40:50 | Attr = ]
photoshopelementsfileagent.exe -> %ProgramFiles%\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe -> [Ver = | Size = 98304 bytes | Modified Date = 10/4/2004 04:47:04 | Attr = ]
realsched.exe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3492 | Size = 180269 bytes | Modified Date = 2/8/2006 20:07:12 | Attr = ]
regsrvc.exe -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> Intel Corporation [Ver = 10.5.0.4 | Size = 327680 bytes | Modified Date = 8/2/2006 01:24:22 | Attr = ]
rtvscan.exe -> %ProgramFiles%\Symantec AntiVirus\Rtvscan.exe -> Symantec Corporation [Ver = 10.0.2.2000 | Size = 1777392 bytes | Modified Date = 11/15/2005 13:28:44 | Attr = ]
s24evmon.exe -> %ProgramFiles%\Intel\Wireless\Bin\S24EvMon.exe -> Intel Corporation [Ver = 10.5.0.34 | Size = 937984 bytes | Modified Date = 8/2/2006 01:31:22 | Attr = ]
savroam.exe -> %ProgramFiles%\Symantec AntiVirus\SavRoam.exe -> symantec [Ver = 10.0.2.2000 | Size = 169200 bytes | Modified Date = 11/15/2005 13:27:56 | Attr = ]
tosa2dp.exe -> %ProgramFiles%\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe -> TOSHIBA CORPORATION. [Ver = 3.01.5520.US | Size = 262144 bytes | Modified Date = 5/20/2005 14:27:06 | Attr = ]
tosbthsp.exe -> %ProgramFiles%\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe -> TOSHIBA CORPORATION. [Ver = 1.01.03.5311 | Size = 217088 bytes | Modified Date = 3/11/2005 12:48:54 | Attr = ]
tosbtmng.exe -> %ProgramFiles%\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe -> TOSHIBA CORPORATION. [Ver = 3.03.5621.US | Size = 487424 bytes | Modified Date = 6/21/2005 18:50:48 | Attr = ]
vptray.exe -> %ProgramFiles%\Symantec AntiVirus\VPTray.exe -> Symantec Corporation [Ver = 10.0.2.2000 | Size = 85744 bytes | Modified Date = 11/15/2005 13:28:04 | Attr = ]
winpfind3u.exe -> %ProgramFiles%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.42.0 | Size = 322560 bytes | Modified Date = 9/4/2007 10:47:26 | Attr = ]

[Win32 Services - Non-Microsoft Only]
(AdobeActiveFileMonitor) Adobe Active File Monitor [Win32_Own | Auto | Running] -> %ProgramFiles%\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe -> [Ver = | Size = 98304 bytes | Modified Date = 10/4/2004 04:47:04 | Attr = ]
(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4117 | Size = 376832 bytes | Modified Date = 6/28/2005 14:55:40 | Attr = ]
(ccEvtMgr) Symantec Event Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\ccEvtMgr.exe -> Symantec Corporation [Ver = 103.5.6.3 | Size = 185968 bytes | Modified Date = 10/4/2005 12:42:42 | Attr = ]
(ccPwdSvc) Symantec Password Validation [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Symantec Shared\ccPwdSvc.exe -> Symantec Corporation [Ver = 103.5.6.3 | Size = 83568 bytes | Modified Date = 10/4/2005 12:42:48 | Attr = ]
(ccSetMgr) Symantec Settings Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\ccSetMgr.exe -> Symantec Corporation [Ver = 103.5.6.3 | Size = 177776 bytes | Modified Date = 10/4/2005 12:42:50 | Attr = ]
(DefWatch) Symantec AntiVirus Definition Watcher [Win32_Own | Auto | Running] -> %ProgramFiles%\Symantec AntiVirus\DefWatch.exe -> Symantec Corporation [Ver = 10.0.2.2000 | Size = 20208 bytes | Modified Date = 11/15/2005 13:27:44 | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 13:00:00 | Attr = ]
(EvtEng) Intel® PROSet/Wireless Event Log [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\EvtEng.exe -> Intel Corporation [Ver = 10.5.0.20 | Size = 434176 bytes | Modified Date = 8/2/2006 01:39:20 | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 4/4/2005 01:41:10 | Attr = ]
(Image Converter video recording monitor for VAIO Entertainment) Image Converter video recording monitor for VAIO Entertainment [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Sony\Image Converter 2\IcVzMon.exe -> Sony Corporation [Ver = 1, 0, 0, 12270 | Size = 32768 bytes | Modified Date = 4/5/2005 13:06:36 | Attr = ]
(iPodService) iPodService [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 6.0.2.23 | Size = 323584 bytes | Modified Date = 12/20/2005 21:54:34 | Attr = ]
(MSCSPTISRV) MSCSPTISRV [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\MSCSPTISRV.exe -> Sony Corporation [Ver = 4.2.00.06070 | Size = 53337 bytes | Modified Date = 6/7/2005 01:32:54 | Attr = ]
(PACSPTISVR) PACSPTISVR [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\PACSPTISVR.exe -> Sony Corporation [Ver = 4.2.00.06070 | Size = 53337 bytes | Modified Date = 6/7/2005 01:28:04 | Attr = ]
(PhotoshopElementsDeviceConnect) Photoshop Elements Device Connect [Win32_Own | Auto | Running] -> %ProgramFiles%\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe -> [Ver = | Size = 118784 bytes | Modified Date = 10/4/2004 03:40:50 | Attr = ]
(Pml Driver HPZ12) Pml Driver HPZ12 [Win32_Own | Auto | Running] -> %System32%\HPZipm12.exe -> HP [Ver = 10, 1, 0, 2 | Size = 69632 bytes | Modified Date = 12/24/2004 11:11:46 | Attr = ]
(RegSrvc) Intel® PROSet/Wireless Registry Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> Intel Corporation [Ver = 10.5.0.4 | Size = 327680 bytes | Modified Date = 8/2/2006 01:24:22 | Attr = ]
(S24EventMonitor) Intel® PROSet/Wireless Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\S24EvMon.exe -> Intel Corporation [Ver = 10.5.0.34 | Size = 937984 bytes | Modified Date = 8/2/2006 01:31:22 | Attr = ]
(SavRoam) SavRoam [Win32_Own | Auto | Running] -> %ProgramFiles%\Symantec AntiVirus\SavRoam.exe -> symantec [Ver = 10.0.2.2000 | Size = 169200 bytes | Modified Date = 11/15/2005 13:27:56 | Attr = ]
(SNDSrvc) Symantec Network Drivers Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Symantec Shared\SNDSrvc.exe -> Symantec Corporation [Ver = 6.0.1.105 | Size = 214672 bytes | Modified Date = 10/19/2005 17:39:34 | Attr = ]
(SPBBCSvc) Symantec SPBBCSvc [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Symantec Shared\SPBBC\SPBBCSvc.exe -> Symantec Corporation [Ver = 1,5,1,3 | Size = 992864 bytes | Modified Date = 3/30/2005 21:48:22 | Attr = ]
(SPTISRV) Sony SPTI Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\SPTISRV.exe -> Sony Corporation [Ver = 4.2.00.06070 | Size = 69718 bytes | Modified Date = 6/7/2005 01:22:34 | Attr = ]
(Symantec AntiVirus) Symantec AntiVirus [Win32_Own | Auto | Running] -> %ProgramFiles%\Symantec AntiVirus\Rtvscan.exe -> Symantec Corporation [Ver = 10.0.2.2000 | Size = 1777392 bytes | Modified Date = 11/15/2005 13:28:44 | Attr = ]
(VAIO Entertainment TV Device Arbitration Service) VAIO Entertainment TV Device Arbitration Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -> File not found
(VCI) VAIO Cooporated Initialisation [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Sony\VAIO Cooperated Initialisation\VCI_svc.exe -> Sony Corporation [Ver = 1.1.0.0 | Size = 398336 bytes | Modified Date = 1/4/2005 11:09:36 | Attr = ]

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
54a58e5f -> %System32%\mljaeuxa.dll [rundll32.exe "C:\WINDOWS\system32\mljaeuxa.dll",b] -> [Ver = | Size = 84544 bytes | Modified Date = 10/25/2007 10:58:18 | Attr = ]
Acrobat Assistant 7.0 -> %ProgramFiles%\Adobe\Acrobat 7.0\Distillr\acrotray.exe -> Adobe Systems Inc. [Ver = 7.0.1.2005092300 | Size = 483328 bytes | Modified Date = 9/24/2005 06:30:38 | Attr = ]
Alcmtr -> %SystemRoot%\ALCMTR.EXE -> Realtek Semiconductor Corp. [Ver = 1.6.0.2 | Size = 69632 bytes | Modified Date = 5/3/2005 10:43:28 | Attr = ]
Apoint -> %ProgramFiles%\Apoint\Apoint.exe -> Alps Electric Co., Ltd. [Ver = 5.5.7.136 | Size = 114688 bytes | Modified Date = 11/7/2003 09:21:28 | Attr = ]
ATIPTA -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5157 | Size = 344064 bytes | Modified Date = 6/28/2005 21:05:00 | Attr = ]
AzMixerSel -> %ProgramFiles%\Realtek\InstallShield\AzMixerSel.exe -> Realtek Semiconductor Corp. [Ver = 1, 0, 0, 2 | Size = 53248 bytes | Modified Date = 2/14/2005 03:18:36 | Attr = ]
ccApp -> %CommonProgramFiles%\Symantec Shared\ccApp.exe -> Symantec Corporation [Ver = 103.5.6.3 | Size = 48752 bytes | Modified Date = 10/4/2005 12:42:40 | Attr = ]
Hcontrol -> %SystemRoot%\ATK0100\Hcontrol.exe -> [Ver = 1043, 2, 15, 28 | Size = 61440 bytes | Modified Date = 7/19/2004 06:05:38 | Attr = ]
HP Software Update -> %ProgramFiles%\HP\HP Software Update\HPWuSchd2.exe -> Hewlett-Packard Company [Ver = 5, 0, 0, 0 | Size = 49152 bytes | Modified Date = 9/13/2004 15:49:00 | Attr = ]
ISBMgr.exe -> %ProgramFiles%\Sony\ISB Utility\ISBMgr.exe -> Sony Corporation [Ver = 1, 0, 0, 2180 | Size = 32768 bytes | Modified Date = 2/20/2004 14:12:34 | Attr = ]
iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 6.0.2.23 | Size = 278528 bytes | Modified Date = 12/20/2005 21:54:48 | Attr = ]
Local Security Authority Service -> %System32%\Isass.exe -> [Ver = | Size = 38912 bytes | Modified Date = 6/13/2007 11:23:08 | Attr = H ]
Mouse Suite 98 Daemon -> %System32%\ico.exe -> Primax Electronics Ltd. [Ver = 1, 0, 0, 8 | Size = 45056 bytes | Modified Date = 3/14/2002 16:46:58 | Attr = ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.0.4 | Size = 155648 bytes | Modified Date = 1/16/2006 11:25:48 | Attr = ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_03\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 132496 bytes | Modified Date = 9/25/2007 01:11:36 | Attr = ]
Switcher.exe -> %ProgramFiles%\Sony\Wireless Switch Setting Utility\Switcher.exe -> Sony Corporation [Ver = 3.3.00.02140 | Size = 176128 bytes | Modified Date = 2/14/2006 13:11:46 | Attr = ]
TkBellExe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3492 | Size = 180269 bytes | Modified Date = 2/8/2006 20:07:12 | Attr = ]
VAIO Update 2 -> %ProgramFiles%\Sony\VAIO Update 2\VAIOUpdt.exe -> Sony Corporation [Ver = 2, 1, 2, 1140 | Size = 151552 bytes | Modified Date = 1/14/2005 13:43:28 | Attr = ]
vptray -> %ProgramFiles%\Symantec AntiVirus\VPTray.exe -> Symantec Corporation [Ver = 10.0.2.2000 | Size = 85744 bytes | Modified Date = 11/15/2005 13:28:04 | Attr = ]
Workflow -> F:\Workflow.exe -> File not found
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
updateMgr -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe -> Adobe Systems Incorporated [Ver = 3.1.0.10 | Size = 313472 bytes | Modified Date = 3/30/2006 17:45:08 | Attr = R ]
Yahoo! Pager -> %ProgramFiles%\Yahoo!\Messenger\ypager.exe -> File not found
< Common Startup > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
%AllUsersStartup%\Adobe Reader Speed Launch.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 7.0.5.2005092300 | Size = 29696 bytes | Modified Date = 9/23/2005 23:05:26 | Attr = ]
%AllUsersStartup%\Bluetooth Manager.lnk -> %ProgramFiles%\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe -> TOSHIBA CORPORATION. [Ver = 3.03.5621.US | Size = 487424 bytes | Modified Date = 6/21/2005 18:50:48 | Attr = ]
%AllUsersStartup%\HP Digital Imaging Monitor.lnk -> %ProgramFiles%\HP\Digital Imaging\bin\hpqtra08.exe -> Hewlett-Packard Co. [Ver = 45.4.157.000 | Size = 258048 bytes | Modified Date = 11/4/2004 19:28:24 | Attr = ]
%AllUsersStartup%\HP Image Zone Fast Start.lnk -> %ProgramFiles%\HP\Digital Imaging\bin\hpqthb08.exe -> Hewlett-Packard Co. [Ver = 045.004.157.000 | Size = 53248 bytes | Modified Date = 11/4/2004 19:50:52 | Attr = ]
%AllUsersStartup%\Perstray.lnk -> %ProgramFiles%\PerSono\PersTray.exe -> Plantronics [Ver = 2.04.000 | Size = 32768 bytes | Modified Date = 10/9/2002 16:25:58 | Attr = R ]
< User Startup > -> C:\Documents and Settings\Iaine\Start Menu\Programs\Startup ->
%UserStartup%\MXIE User.lnk -> %ProgramFiles%\Zultys\MXIE\bin\mxie.exe -> Zultys Technologies [Ver = 3.0.23.0 | Size = 6713344 bytes | Modified Date = 7/8/2006 00:30:32 | Attr = ]
< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
{BACEB7AF-8D88-456E-82D0-7BEB9A4410FE} [HKLM] -> Reg Data - Key not found [] -> File not found
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
AtiExtEvent -> %System32%\ati2evxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4117 | Size = 46080 bytes | Modified Date = 6/28/2005 14:56:50 | Attr = ]
NavLogon -> %System32%\NavLogon.dll -> Symantec Corporation [Ver = 10.0.2.2000 | Size = 43760 bytes | Modified Date = 11/15/2005 13:28:12 | Attr = ]
< CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\\{17492023-C23A-453E-A040-C7C580BBF700} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
< HOSTS File > (192978 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
< Internet Explorer Settings > -> ->
HKLM: Default_Page_URL -> http://uk.yahoo.com ->
HKLM: Main\\Default_Search_URL -> http://go.microsoft....k/?LinkId=54896 ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Start Page -> http://www.msn.com/ ->
HKLM: CustomizeSearch -> http://ie.search.msn...st/srchcust.htm ->
HKLM: Search\\Default_Search_URL -> http://www.google.com/ie ->
HKLM: SearchAssistant -> http://www.google.com/ie ->
HKCU: Default_Page_URL -> http://extra.eonic.co.uk ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Bar -> http://www.google.com/ie ->
HKCU: Search Page -> http://www.google.com ->
HKCU: Start Page -> http://extra.eonic.co.uk ->
HKCU: SearchAssistant -> http://www.google.com/ie ->
HKCU: ProxyEnable -> 0 ->
HKCU: ProxyOverride -> <local> ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
msn.com [ - ] -> ->
< Trusted Sites > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
eonic.co.uk [*] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.9.2006121800 | Size = 59032 bytes | Modified Date = 12/18/2006 05:16:42 | Attr = ]
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> Safer Networking Limited [Ver = 1, 5, 0, 8 | Size = 1122128 bytes | Modified Date = 8/31/2007 16:46:14 | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_03\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 501136 bytes | Modified Date = 9/25/2007 01:11:34 | Attr = ]
{89AD4D75-2429-462e-BD4E-443F233F6033} [HKLM] -> %System32%\cpjcyeoc.dll [Reg Data - Value does not exist] -> [Ver = | Size = 76864 bytes | Modified Date = 10/25/2007 11:01:18 | Attr = ]
{A5C96568-3D07-4577-9EF7-905217567903} [HKLM] -> %System32%\awvtr.dll [Reg Data - Value does not exist] -> [Ver = | Size = 307808 bytes | Modified Date = 10/19/2007 11:34:50 | Attr = ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> Reg Data - Key not found [Yahoo! Toolbar] -> File not found
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_03\bin\npjpi160_03.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 132496 bytes | Modified Date = 9/25/2007 01:11:34 | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.6.0_03\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 501136 bytes | Modified Date = 9/25/2007 01:11:34 | Attr = ]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Research] -> File not found
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [MenuText: Spybot - Search & Destroy Configuration] -> Safer Networking Limited [Ver = 1, 5, 0, 8 | Size = 1122128 bytes | Modified Date = 8/31/2007 16:46:14 | Attr = ]
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
E&xport to Microsoft Excel -> -> File not found
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{297F82D7-632A-4C41-8C2C-231A13E0C956} -> (Intel® PRO/Wireless 2200BG Network Connection) ->
{59F8B86B-8F5F-4E4B-8FE3-E0DDE173032A} -> (Realtek RTL8169/8110 Family Gigabit Ethernet NIC) ->
{6F227D1E-AED6-472C-836A-FD7455495B7C} -> () ->
{7E4B1EE2-0AD4-4F26-843C-4DFF96B4AFF1} -> (1394 Net Adapter) ->
{D9F49B82-6672-4FF6-814B-C1167F0AD21F} -> () ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{02CF1781-EA91-4FA5-A200-646E8241987C} -> VaioInfo.CMClass - CodeBase = http://esupport.sony.com/VaioInfo.CAB ->
{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} -> Office Genuine Advantage Validation Tool - CodeBase = http://download.micr.../OGAControl.cab ->
{2DEF4530-8CE6-41C9-84B6-A54536C90213} -> Crystal Report Viewer Control 9 - CodeBase = http://crm.prod.eoni...tiveXViewer.Cab ->
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} -> Office Update Installation Engine - CodeBase = http://office.micros...ntent/opuc3.cab ->
{6414512B-B978-451D-A0D8-FCFDF33E833C} -> WUWebControl Class - CodeBase = http://update.micros...b?1147164324872 ->
{69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} -> GameLauncher Control - CodeBase = http://www.acclaim.c.../acclaim_v4.cab ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -> MUWebControl Class - CodeBase = http://update.micros...b?1147164494141 ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.6.0_03 - CodeBase = http://java.sun.com/...indows-i586.cab ->
{C7DB51B4-BCF7-4923-8874-7F1A0DC92277} -> Office Update Installation Engine - CodeBase = http://office.micros...ntent/opuc4.cab ->
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_03 - CodeBase = http://java.sun.com/...indows-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_03 - CodeBase = http://java.sun.com/...indows-i586.cab ->
Microsoft XML Parser for Java -> - CodeBase = file:///C:/WINDOWS/Java/classes/xmldso.cab ->


[Files/Folders - Created Within 30 days]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 2146816000 bytes | Created Date = 1/1/1601 | Attr = HS]
HiJackThis -> %SystemDrive%\HiJackThis -> [Folder | Created Date = 10/23/2007 12:46:43 | Attr = ]
spybotsd15.exe -> %SystemDrive%\spybotsd15.exe -> Safer Networking Ltd. [Ver = 1.5.1.15 | Size = 7467056 bytes | Created Date = 10/23/2007 12:53:12 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\spybotsd15.exe:Zone.Identifier ->
VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Created Date = 10/24/2007 13:36:57 | Attr = ]
$NtUninstallKB933729$ -> %SystemRoot%\$NtUninstallKB933729$ -> [Folder | Created Date = 10/12/2007 07:17:02 | Attr = H ]
$NtUninstallKB941202$ -> %SystemRoot%\$NtUninstallKB941202$ -> [Folder | Created Date = 10/12/2007 07:14:47 | Attr = H ]
.jagex_cache_32 -> %SystemRoot%\.jagex_cache_32 -> [Folder | Created Date = 10/13/2007 19:10:43 | Attr = ]
awvtr.dll -> %System32%\awvtr.dll -> [Ver = | Size = 307808 bytes | Created Date = 10/19/2007 10:34:47 | Attr = ]
axueajlm.ini -> %System32%\axueajlm.ini -> [Ver = | Size = 834 bytes | Created Date = 10/25/2007 09:58:16 | Attr = HS]
cpjcyeoc.dll -> %System32%\cpjcyeoc.dll -> [Ver = | Size = 76864 bytes | Created Date = 10/25/2007 10:01:15 | Attr = ]
dlmczthe.exe -> %System32%\dlmczthe.exe -> [Ver = 1.00 | Size = 15785 bytes | Created Date = 10/22/2007 16:49:26 | Attr = ]
esqavgyk.ini -> %System32%\esqavgyk.ini -> [Ver = | Size = 230400 bytes | Created Date = 10/23/2007 12:47:05 | Attr = HS]
exegzlr.exe -> %System32%\exegzlr.exe -> [Ver = 1.00 | Size = 15785 bytes | Created Date = 10/21/2007 10:25:39 | Attr = ]
hnkuw.exe -> %System32%\hnkuw.exe -> [Ver = | Size = 24442 bytes | Created Date = 10/22/2007 16:49:26 | Attr = ]
java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 135168 bytes | Created Date = 10/18/2007 07:15:56 | Attr = ]
javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 135168 bytes | Created Date = 10/18/2007 07:15:56 | Attr = ]
javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.30.5 | Size = 139264 bytes | Created Date = 10/18/2007 07:15:56 | Attr = ]
kygvaqse.dll -> %System32%\kygvaqse.dll -> [Ver = | Size = 84544 bytes | Created Date = 10/23/2007 12:46:54 | Attr = ]
lkmsiaqw.dll -> %System32%\lkmsiaqw.dll -> [Ver = | Size = 84544 bytes | Created Date = 10/25/2007 08:10:29 | Attr = ]
mljaeuxa.dll -> %System32%\mljaeuxa.dll -> [Ver = | Size = 84544 bytes | Created Date = 10/25/2007 09:58:16 | Attr = ]
mljihee.dll -> %System32%\mljihee.dll -> [Ver = | Size = 0 bytes | Created Date = 10/22/2007 09:24:21 | Attr = ]
mswdch.exe -> %System32%\mswdch.exe -> [Ver = 1.00 | Size = 15785 bytes | Created Date = 10/22/2007 17:09:58 | Attr = ]
oftxuswh.ini -> %System32%\oftxuswh.ini -> [Ver = | Size = 654 bytes | Created Date = 10/24/2007 19:26:42 | Attr = HS]
osjgrlnn.ini -> %System32%\osjgrlnn.ini -> [Ver = | Size = 534 bytes | Created Date = 10/24/2007 16:50:44 | Attr = HS]
qaihzmxe.exe -> %System32%\qaihzmxe.exe -> [Ver = 1.00 | Size = 15785 bytes | Created Date = 10/22/2007 09:24:04 | Attr = ]
rtvwa.bak1 -> %System32%\rtvwa.bak1 -> [Ver = | Size = 6465 bytes | Created Date = 10/19/2007 10:36:14 | Attr = HS]
rtvwa.bak2 -> %System32%\rtvwa.bak2 -> [Ver = | Size = 297256 bytes | Created Date = 10/21/2007 17:40:25 | Attr = HS]
rtvwa.ini -> %System32%\rtvwa.ini -> [Ver = | Size = 297742 bytes | Created Date = 10/24/2007 12:47:36 | Attr = HS]
rtvwa.ini2 -> %System32%\rtvwa.ini2 -> [Ver = | Size = 294703 bytes | Created Date = 10/23/2007 21:00:52 | Attr = HS]
rtvwa.tmp -> %System32%\rtvwa.tmp -> [Ver = | Size = 297777 bytes | Created Date = 10/23/2007 14:56:43 | Attr = HS]
ruogtb.exe -> %System32%\ruogtb.exe -> [Ver = 1.00 | Size = 15785 bytes | Created Date = 10/19/2007 08:03:51 | Attr = ]
wqaismkl.ini -> %System32%\wqaismkl.ini -> [Ver = | Size = 774 bytes | Created Date = 10/25/2007 08:10:30 | Attr = HS]
xoiybswl.ini -> %System32%\xoiybswl.ini -> [Ver = | Size = 414 bytes | Created Date = 10/24/2007 15:17:03 | Attr = HS]
zbhqfo.drv -> %System32%\zbhqfo.drv -> [Ver = | Size = 123169 bytes | Created Date = 10/13/2007 19:04:51 | Attr = ]
hosts.20071024-154651.backup -> %System32%\drivers\etc\hosts.20071024-154651.backup -> [Ver = | Size = 758 bytes | Created Date = 10/24/2007 14:46:51 | Attr = ]
hosts.20071024-162047.backup -> %System32%\drivers\etc\hosts.20071024-162047.backup -> [Ver = | Size = 192978 bytes | Created Date = 10/24/2007 15:20:47 | Attr = R ]
hosts.20071024-165510.backup -> %System32%\drivers\etc\hosts.20071024-165510.backup -> [Ver = | Size = 192978 bytes | Created Date = 10/24/2007 15:55:10 | Attr = R ]

[Files/Folders - Modified Within 30 days]
Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Modified Date = 10/24/2007 16:10:02 | Attr = ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 2146816000 bytes | Modified Date = 10/25/2007 10:53:08 | Attr = HS]
HiJackThis -> %SystemDrive%\HiJackThis -> [Folder | Modified Date = 10/23/2007 15:02:06 | Attr = ]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 10/25/2007 10:09:22 | Attr = R ]
spybotsd15.exe -> %SystemDrive%\spybotsd15.exe -> Safer Networking Ltd. [Ver = 1.5.1.15 | Size = 7467056 bytes | Modified Date = 10/23/2007 13:52:46 | Attr = ]
@Alternate Data Stream - 26 bytes -> %SystemDrive%\spybotsd15.exe:Zone.Identifier ->
sqmdata03.sqm -> %SystemDrive%\sqmdata03.sqm -> [Ver = | Size = 268 bytes | Modified Date = 10/4/2007 17:57:08 | Attr = H ]
sqmdata04.sqm -> %SystemDrive%\sqmdata04.sqm -> [Ver = | Size = 268 bytes | Modified Date = 10/5/2007 07:50:58 | Attr = H ]
sqmdata05.sqm -> %SystemDrive%\sqmdata05.sqm -> [Ver = | Size = 268 bytes | Modified Date = 10/5/2007 16:38:44 | Attr = H ]
sqmdata06.sqm -> %SystemDrive%\sqmdata06.sqm -> [Ver = | Size = 268 bytes | Modified Date = 10/8/2007 17:43:54 | Attr = H ]
sqmdata07.sqm -> %SystemDrive%\sqmdata07.sqm -> [Ver = | Size = 268 bytes | Modified Date = 10/9/2007 16:49:34 | Attr = H ]
sqmdata08.sqm -> %SystemDrive%\sqmdata08.sqm -> [Ver = | Size = 268 bytes | Modified Date = 10/10/2007 08:38:24 | Attr = H ]
sqmdata09.sqm -> %SystemDrive%\sqmdata09.sqm -> [Ver = | Size = 268 bytes | Modified Date = 10/12/2007 14:42:02 | Attr = H ]
sqmdata10.sqm -> %SystemDrive%\sqmdata10.sqm -> [Ver = | Size = 268 bytes | Modified Date = 10/13/2007 21:39:48 | Attr = H ]
sqmdata11.sqm -> %SystemDrive%\sqmdata11.sqm -> [Ver = | Size = 268 bytes | Modified Date = 10/13/2007 23:16:54 | Attr = H ]
sqmdata12.sqm -> %SystemDrive%\sqmdata12.sqm -> [Ver = | Size = 268 bytes | Modified Date = 10/16/2007 16:44:02 | Attr = H ]
sqmdata13.sqm -> %SystemDrive%\sqmdata13.sqm -> [Ver = | Size = 268 bytes | Modified Date = 10/16/2007 23:38:58 | Attr = H ]
sqmdata14.sqm -> %SystemDrive%\sqmdata14.sqm -> [Ver = | Size = 268 bytes | Modified Date = 10/17/2007 17:40:22 | Attr = H ]
sqmdata15.sqm -> %SystemDrive%\sqmdata15.sqm -> [Ver = | Size = 268 bytes | Modified Date = 10/17/2007 22:23:36 | Attr = H ]
sqmdata16.sqm -> %SystemDrive%\sqmdata16.sqm -> [Ver = | Size = 268 bytes | Modified Date = 10/18/2007 13:54:32 | Attr = H ]
sqmdata17.sqm -> %SystemDrive%\sqmdata17.sqm -> [Ver = | Size = 268 bytes | Modified Date = 10/19/2007 09:25:34 | Attr = H ]
sqmdata18.sqm -> %SystemDrive%\sqmdata18.sqm -> [Ver = | Size = 268 bytes | Modified Date = 10/19/2007 11:26:08 | Attr = H ]
sqmnoopt03.sqm -> %SystemDrive%\sqmnoopt03.sqm -> [Ver = | Size = 244 bytes | Modified Date = 10/4/2007 17:57:08 | Attr = H ]
sqmnoopt04.sqm -> %SystemDrive%\sqmnoopt04.sqm -> [Ver = | Size = 244 bytes | Modified Date = 10/5/2007 07:50:58 | Attr = H ]
sqmnoopt05.sqm -> %SystemDrive%\sqmnoopt05.sqm -> [Ver = | Size = 244 bytes | Modified Date = 10/5/2007 16:38:44 | Attr = H ]
sqmnoopt06.sqm -> %SystemDrive%\sqmnoopt06.sqm -> [Ver = | Size = 244 bytes | Modified Date = 10/8/2007 17:43:54 | Attr = H ]
sqmnoopt07.sqm -> %SystemDrive%\sqmnoopt07.sqm -> [Ver = | Size = 244 bytes | Modified Date = 10/9/2007 16:49:34 | Attr = H ]
sqmnoopt08.sqm -> %SystemDrive%\sqmnoopt08.sqm -> [Ver = | Size = 244 bytes | Modified Date = 10/10/2007 08:38:24 | Attr = H ]
sqmnoopt09.sqm -> %SystemDrive%\sqmnoopt09.sqm -> [Ver = | Size = 244 bytes | Modified Date = 10/12/2007 14:42:02 | Attr = H ]
sqmnoopt10.sqm -> %SystemDrive%\sqmnoopt10.sqm -> [Ver = | Size = 244 bytes | Modified Date = 10/13/2007 21:39:48 | Attr = H ]
sqmnoopt11.sqm -> %SystemDrive%\sqmnoopt11.sqm -> [Ver = | Size = 244 bytes | Modified Date = 10/13/2007 23:16:52 | Attr = H ]
sqmnoopt12.sqm -> %SystemDrive%\sqmnoopt12.sqm -> [Ver = | Size = 244 bytes | Modified Date = 10/16/2007 16:44:02 | Attr = H ]
sqmnoopt13.sqm -> %SystemDrive%\sqmnoopt13.sqm -> [Ver = | Size = 244 bytes | Modified Date = 10/16/2007 23:38:58 | Attr = H ]
sqmnoopt14.sqm -> %SystemDrive%\sqmnoopt14.sqm -> [Ver = | Size = 244 bytes | Modified Date = 10/17/2007 17:40:22 | Attr = H ]
sqmnoopt15.sqm -> %SystemDrive%\sqmnoopt15.sqm -> [Ver = | Size = 244 bytes | Modified Date = 10/17/2007 22:23:36 | Attr = H ]
sqmnoopt16.sqm -> %SystemDrive%\sqmnoopt16.sqm -> [Ver = | Size = 244 bytes | Modified Date = 10/18/2007 13:54:32 | Attr = H ]
sqmnoopt17.sqm -> %SystemDrive%\sqmnoopt17.sqm -> [Ver = | Size = 244 bytes | Modified Date = 10/19/2007 09:25:34 | Attr = H ]
sqmnoopt18.sqm -> %SystemDrive%\sqmnoopt18.sqm -> [Ver = | Size = 244 bytes | Modified Date = 10/19/2007 11:26:08 | Attr = H ]
VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Modified Date = 10/25/2007 10:45:38 | Attr = ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 10/25/2007 10:58:06 | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 10/12/2007 08:17:02 | Attr = H ]
$NtUninstallKB933729$ -> %SystemRoot%\$NtUninstallKB933729$ -> [Folder | Modified Date = 10/12/2007 08:17:06 | Attr = H ]
$NtUninstallKB941202$ -> %SystemRoot%\$NtUninstallKB941202$ -> [Folder | Modified Date = 10/12/2007 08:14:50 | Attr = H ]
.jagex_cache_32 -> %SystemRoot%\.jagex_cache_32 -> [Folder | Modified Date = 10/13/2007 20:13:04 | Attr = ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 10/25/2007 10:53:56 | Attr = S]
CSC -> %SystemRoot%\CSC -> [Folder | Modified Date = 10/25/2007 10:54:04 | Attr = HS]
ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 10/12/2007 08:15:12 | Attr = ]
imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1393 bytes | Modified Date = 10/12/2007 08:15:34 | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 10/24/2007 19:34:44 | Attr = H ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 10/24/2007 19:22:44 | Attr = HS]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 10/25/2007 10:55:32 | Attr = ]
security -> %SystemRoot%\security -> [Folder | Modified Date = 10/25/2007 09:29:22 | Attr = ]
system32 -> %System32% -> [Folder | Modified Date = 10/25/2007 11:04:46 | Attr = ]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 10/25/2007 10:58:46 | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 10/25/2007 10:54:10 | Attr = H ]
awvtr.dll -> %System32%\awvtr.dll -> [Ver = | Size = 307808 bytes | Modified Date = 10/19/2007 11:34:50 | Attr = ]
axueajlm.ini -> %System32%\axueajlm.ini -> [Ver = | Size = 834 bytes | Modified Date = 10/25/2007 10:58:28 | Attr = HS]
CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 10/24/2007 14:33:32 | Attr = ]
cpjcyeoc.dll -> %System32%\cpjcyeoc.dll -> [Ver = | Size = 76864 bytes | Modified Date = 10/25/2007 11:01:18 | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Modified Date = 10/12/2007 14:43:38 | Attr = RHS]
dlmczthe.exe -> %System32%\dlmczthe.exe -> [Ver = 1.00 | Size = 15785 bytes | Modified Date = 10/22/2007 17:49:28 | Attr = ]
drivers -> %System32%\drivers -> [Folder | Modified Date = 10/13/2007 20:01:06 | Attr = ]
esqavgyk.ini -> %System32%\esqavgyk.ini -> [Ver = | Size = 230400 bytes | Modified Date = 10/23/2007 13:47:10 | Attr = HS]
exegzlr.exe -> %System32%\exegzlr.exe -> [Ver = 1.00 | Size = 15785 bytes | Modified Date = 10/21/2007 11:25:40 | Attr = ]
hnkuw.exe -> %System32%\hnkuw.exe -> [Ver = | Size = 24442 bytes | Modified Date = 10/22/2007 17:49:28 | Attr = ]
kygvaqse.dll -> %System32%\kygvaqse.dll -> [Ver = | Size = 84544 bytes | Modified Date = 10/23/2007 13:46:56 | Attr = ]
lkmsiaqw.dll -> %System32%\lkmsiaqw.dll -> [Ver = | Size = 84544 bytes | Modified Date = 10/25/2007 09:10:32 | Attr = ]
mljaeuxa.dll -> %System32%\mljaeuxa.dll -> [Ver = | Size = 84544 bytes | Modified Date = 10/25/2007 10:58:18 | Attr = ]
mljihee.dll -> %System32%\mljihee.dll -> [Ver = | Size = 0 bytes | Modified Date = 10/22/2007 12:58:16 | Attr = ]
mswdch.exe -> %System32%\mswdch.exe -> [Ver = 1.00 | Size = 15785 bytes | Modified Date = 10/22/2007 18:10:00 | Attr = ]
oftxuswh.ini -> %System32%\oftxuswh.ini -> [Ver = | Size = 654 bytes | Modified Date = 10/25/2007 09:02:08 | Attr = HS]
osjgrlnn.ini -> %System32%&#
  • 0

Advertisements

#2
Slugkiller
Posted 25 October 2007 - 07:30 AM

Slugkiller

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
bump
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP