Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Memory dropping in huge chunks [RESOLVED]


  • This topic is locked This topic is locked

#16
eddie5659

eddie5659

    Trusted Helper

  • Malware Removal
  • 1,980 posts
  • MVP
Download SDFix and save it to your Desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, the Advanced Options Menu should appear;
  • Select the first option, to run Windows in Safe Mode, then press Enter.
  • Choose your usual account.
  • Open the extracted SDFix folder and double click RunThis.bat to start the script.
  • Type Y to begin the cleanup process.
  • It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
  • Press any Key and it will restart the PC.
  • When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
  • Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
    (Report.txt will also be copied to Clipboard ready for posting back on the forum).
  • Finally paste the contents of the Report.txt back on the forum with a new HijackThis log



Jotti File Submission:
  • Please go to Jotti's malware scan
  • Copy and paste the following file path into the "File to upload & scan"box on the top of the page:

    • C:\WINDOWS\system32\716D453F9D.sys
  • Click on the submit button
  • Please post the results in your next reply.


So, in your next reply, post the contents of the SDFix log, Jotti log, and a fresh DSS scan.
  • 0

Advertisements


#17
BlackHalo

BlackHalo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 266 posts
Jotti:

Scan taken on 29 Mar 2008 22:45:42 (GMT)
A-Squared
Found nothing
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
CPsecure
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
F-Secure Anti-Virus
Found nothing
Fortinet
Found nothing
Ikarus
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
Panda Antivirus
Found nothing
Rising Antivirus
Found nothing
Sophos Antivirus
Found nothing
VirusBuster
Found nothing
VBA32
Found nothing

SDFix:

SDFix: Version 1.164

Run by UnitShift on 30/03/2008 at 00:30

Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix

Checking Services :


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting


Checking Files :

Trojan Files Found:

C:\autorun.inf - Deleted
C:\WINDOWS\system32\WinUpdating.exe - Deleted





Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-30 00:38:48
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

Remaining Files :


File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes :

Mon 28 Jan 2008 1,404,240 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Mon 28 Jan 2008 5,146,448 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Mon 28 Jan 2008 2,097,488 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Mon 11 Feb 2008 88 ..SHR --- "C:\WINDOWS\system32\716D453F9D.sys"
Mon 11 Feb 2008 952 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Mon 4 Oct 2004 417,792 A..H. --- "C:\Program Files\Canon\Canon Setup Utility 2.0\Maint.exe"
Tue 11 May 2004 61,440 A..H. --- "C:\Program Files\Canon\Canon Setup Utility 2.0\uinstrsc.dll"
Wed 4 Oct 2006 3,072,000 A..H. --- "C:\Documents and Settings\UnitShift\Application Data\U3\temp\Launchpad Removal.exe"
Sun 17 Jun 2007 10,752 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libaccess_output_http_plugin.dll"
Sun 17 Jun 2007 13,312 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libstream_out_mosaic_bridge_plugin.dll"
Sun 17 Jun 2007 44,544 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libaccess_mms_plugin.dll"
Sun 17 Jun 2007 10,240 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libaccess_smb_plugin.dll"
Sun 17 Jun 2007 14,336 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libaccess_output_udp_plugin.dll"
Sun 17 Jun 2007 49,152 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libstream_out_rtp_plugin.dll"
Sun 17 Jun 2007 11,264 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libstream_out_duplicate_plugin.dll"
Sun 17 Jun 2007 11,264 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libaccess_filter_record_plugin.dll"
Sun 17 Jun 2007 7,680 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libaccess_tcp_plugin.dll"
Sun 17 Jun 2007 27,136 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libaccess_http_plugin.dll"
Sun 17 Jun 2007 45,056 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libaccess_realrtsp_plugin.dll"
Sun 17 Jun 2007 9,216 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libmux_wav_plugin.dll"
Sun 17 Jun 2007 12,800 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libaccess_udp_plugin.dll"
Sun 17 Jun 2007 12,288 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libaccess_filter_timeshift_plugin.dll"
Sun 17 Jun 2007 61,952 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libmux_ps_plugin.dll"
Sun 17 Jun 2007 51,712 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libstream_out_transcode_plugin.dll"
Sun 17 Jun 2007 8,704 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libstream_out_gather_plugin.dll"
Sun 17 Jun 2007 8,704 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libmux_mpjpeg_plugin.dll"
Sun 17 Jun 2007 8,192 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libfloat32_mixer_plugin.dll"
Sun 17 Jun 2007 8,704 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\liba52sys_plugin.dll"
Sun 17 Jun 2007 40,448 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\liba52tofloat32_plugin.dll"
Sun 17 Jun 2007 6,656 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\liba52tospdif_plugin.dll"
Sun 17 Jun 2007 10,752 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\liba52_plugin.dll"
Sun 17 Jun 2007 13,312 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libaccess_directory_plugin.dll"
Sun 17 Jun 2007 9,216 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libaccess_fake_plugin.dll"
Sun 17 Jun 2007 12,288 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libaccess_file_plugin.dll"
Sun 17 Jun 2007 10,752 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libaccess_filter_dump_plugin.dll"
Sun 17 Jun 2007 17,920 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libadjust_plugin.dll"
Sun 17 Jun 2007 16,896 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libadpcm_plugin.dll"
Sun 17 Jun 2007 10,752 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libaiff_plugin.dll"
Sun 17 Jun 2007 18,432 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libaout_directx_plugin.dll"
Sun 17 Jun 2007 10,240 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libaout_file_plugin.dll"
Sun 17 Jun 2007 21,504 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libaraw_plugin.dll"
Sun 17 Jun 2007 50,688 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libasf_plugin.dll"
Sun 17 Jun 2007 36,352 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libaudio_format_plugin.dll"
Sun 17 Jun 2007 8,704 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libau_plugin.dll"
Sun 17 Jun 2007 59,392 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libavi_plugin.dll"
Sun 17 Jun 2007 23,040 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libbandlimited_resampler_plugin.dll"
Sun 17 Jun 2007 18,944 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libblend_plugin.dll"
Sun 17 Jun 2007 21,504 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libcaca_plugin.dll"
Sun 17 Jun 2007 24,576 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libcdda_plugin.dll"
Sun 17 Jun 2007 13,312 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libcinepak_plugin.dll"
Sun 17 Jun 2007 11,776 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libclone_plugin.dll"
Sun 17 Jun 2007 25,600 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libcmml_plugin.dll"
Sun 17 Jun 2007 12,800 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libcrop_plugin.dll"
Sun 17 Jun 2007 11,776 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libcvdsub_plugin.dll"
Sun 17 Jun 2007 34,304 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libdeinterlace_plugin.dll"
Sun 17 Jun 2007 8,192 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libdemuxdump_plugin.dll"
Sun 17 Jun 2007 33,280 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libdirect3d_plugin.dll"
Sun 17 Jun 2007 24,576 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libdistort_plugin.dll"
Sun 17 Jun 2007 23,552 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libdmo_plugin.dll"
Sun 17 Jun 2007 10,752 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libdolby_surround_decoder_plugin.dll"
Sun 17 Jun 2007 115,200 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libdshow_plugin.dll"
Sun 17 Jun 2007 9,216 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libdtssys_plugin.dll"
Sun 17 Jun 2007 148,992 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libdtstofloat32_plugin.dll"
Sun 17 Jun 2007 7,680 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libdtstospdif_plugin.dll"
Sun 17 Jun 2007 12,800 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libdts_plugin.dll"
Sun 17 Jun 2007 105,472 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libdvbsub_plugin.dll"
Sun 17 Jun 2007 205,312 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libdvdnav_plugin.dll"
Sun 17 Jun 2007 134,656 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libdvdread_plugin.dll"
Sun 17 Jun 2007 34,816 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libequalizer_plugin.dll"
Sun 17 Jun 2007 11,776 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libexport_plugin.dll"
Sun 17 Jun 2007 291,840 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libfaad_plugin.dll"
Sun 17 Jun 2007 10,240 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libfake_plugin.dll"
Sun 17 Jun 2007 4,214,272 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libffmpeg_plugin.dll"
Sun 17 Jun 2007 7,680 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libfixed32tofloat32_plugin.dll"
Sun 17 Jun 2007 7,168 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libfixed32tos16_plugin.dll"
Sun 17 Jun 2007 134,656 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libflacdec_plugin.dll"
Sun 17 Jun 2007 9,216 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libflac_plugin.dll"
Sun 17 Jun 2007 7,168 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libfloat32tos16_plugin.dll"
Sun 17 Jun 2007 8,192 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libfloat32tos8_plugin.dll"
Sun 17 Jun 2007 8,704 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libfloat32tou16_plugin.dll"
Sun 17 Jun 2007 8,192 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libfloat32tou8_plugin.dll"
Sun 17 Jun 2007 480,768 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libfreetype_plugin.dll"
Sun 17 Jun 2007 9,728 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libgestures_plugin.dll"
Sun 17 Jun 2007 22,528 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libglwin32_plugin.dll"
Sun 17 Jun 2007 1,829,376 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libgnutls_plugin.dll"
Sun 17 Jun 2007 208,384 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libgoom_plugin.dll"
Sun 17 Jun 2007 10,240 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libgrowl_plugin.dll"
Sun 17 Jun 2007 9,216 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libh264_plugin.dll"
Sun 17 Jun 2007 11,776 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libheadphone_channel_mixer_plugin.dll"
Sun 17 Jun 2007 20,480 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libhotkeys_plugin.dll"
Sun 17 Jun 2007 84,992 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libhttp_plugin.dll"
Sun 17 Jun 2007 28,672 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libi420_rgb_plugin.dll"
Sun 17 Jun 2007 6,144 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libi420_ymga_plugin.dll"
Sun 17 Jun 2007 9,216 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libi420_yuy2_plugin.dll"
Sun 17 Jun 2007 8,192 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libi422_yuy2_plugin.dll"
Sun 17 Jun 2007 114,688 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libid3tag_plugin.dll"
Sun 17 Jun 2007 10,752 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libimage_plugin.dll"
Sun 17 Jun 2007 9,728 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libinvert_plugin.dll"
Sun 17 Jun 2007 12,288 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libipv4_plugin.dll"
Sun 17 Jun 2007 10,240 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libipv6_plugin.dll"
Sun 17 Jun 2007 111,616 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\liblibmpeg2_plugin.dll"
Sun 17 Jun 2007 9,728 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\liblinear_resampler_plugin.dll"
Sun 17 Jun 2007 12,800 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\liblogger_plugin.dll"
Sun 17 Jun 2007 20,480 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\liblogo_plugin.dll"
Sun 17 Jun 2007 8,704 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\liblpcm_plugin.dll"
Sun 17 Jun 2007 12,800 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libm3u_plugin.dll"
Sun 17 Jun 2007 8,192 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libm4a_plugin.dll"
Sun 17 Jun 2007 8,192 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libm4v_plugin.dll"
Sun 17 Jun 2007 18,432 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libmagnify_plugin.dll"
Sun 17 Jun 2007 12,288 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libmarq_plugin.dll"
Sun 17 Jun 2007 6,656 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libmemcpy_plugin.dll"
Sun 17 Jun 2007 11,776 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libmjpeg_plugin.dll"
Sun 17 Jun 2007 952,320 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libmkv_plugin.dll"
Sun 17 Jun 2007 256,000 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libmod_plugin.dll"
Sun 17 Jun 2007 32,768 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libmosaic_plugin.dll"
Sun 17 Jun 2007 13,312 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libmotionblur_plugin.dll"
Sun 17 Jun 2007 12,288 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libmotiondetect_plugin.dll"
Sun 17 Jun 2007 138,240 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libmp4_plugin.dll"
Sun 17 Jun 2007 58,880 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libmpc_plugin.dll"
Sun 17 Jun 2007 12,800 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libmpeg_audio_plugin.dll"
Sun 17 Jun 2007 92,160 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libmpgatofixed32_plugin.dll"
Sun 17 Jun 2007 11,776 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libmpga_plugin.dll"
Sun 17 Jun 2007 8,192 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libmpgv_plugin.dll"
Sun 17 Jun 2007 9,728 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libmsn_plugin.dll"
Sun 17 Jun 2007 29,696 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libmux_asf_plugin.dll"
Sun 17 Jun 2007 22,016 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libmux_avi_plugin.dll"
Sun 17 Jun 2007 54,784 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libmux_mp4_plugin.dll"
Sun 17 Jun 2007 10,240 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libnetsync_plugin.dll"
Sun 17 Jun 2007 9,728 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libnormvol_plugin.dll"
Sun 17 Jun 2007 10,240 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libnsc_plugin.dll"
Sun 17 Jun 2007 13,312 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libnsv_plugin.dll"
Sun 17 Jun 2007 11,264 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libntservice_plugin.dll"
Sun 17 Jun 2007 15,872 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libnuv_plugin.dll"
Sun 17 Jun 2007 37,888 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libogg_plugin.dll"
Sun 17 Jun 2007 14,336 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libopengl_plugin.dll"
Sun 17 Jun 2007 11,776 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libosdmenu_plugin.dll"
Sun 17 Jun 2007 8,704 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libpacketizer_copy_plugin.dll"
Sun 17 Jun 2007 22,016 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libpacketizer_h264_plugin.dll"
Sun 17 Jun 2007 10,752 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libpacketizer_mpeg4audio_plugin.dll"
Sun 17 Jun 2007 15,360 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libpacketizer_mpeg4video_plugin.dll"
Sun 17 Jun 2007 11,776 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libparam_eq_plugin.dll"
Sun 17 Jun 2007 45,568 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libplaylist_plugin.dll"
Sun 17 Jun 2007 175,104 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libpng_plugin.dll"
Sun 17 Jun 2007 8,704 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libpodcast_plugin.dll"
Sun 17 Jun 2007 75,776 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libportaudio_plugin.dll"
Sun 17 Jun 2007 27,136 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libps_plugin.dll"
Sun 17 Jun 2007 12,288 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libpva_plugin.dll"
Sun 17 Jun 2007 10,240 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\librawdv_plugin.dll"
Sun 17 Jun 2007 8,704 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\librawvideo_plugin.dll"
Sun 17 Jun 2007 47,104 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\librc_plugin.dll"
Sun 17 Jun 2007 10,240 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\librealaudio_plugin.dll"
Sun 17 Jun 2007 22,016 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libreal_plugin.dll"
Sun 17 Jun 2007 19,968 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\librss_plugin.dll"
Sun 17 Jun 2007 7,168 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\librv32_plugin.dll"
Sun 17 Jun 2007 7,168 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libs16tofixed32_plugin.dll"
Sun 17 Jun 2007 7,680 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libs16tofloat32swab_plugin.dll"
Sun 17 Jun 2007 7,680 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libs16tofloat32_plugin.dll"
Sun 17 Jun 2007 7,168 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libs8tofloat32_plugin.dll"
Sun 17 Jun 2007 52,736 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libsap_plugin.dll"
Sun 17 Jun 2007 7,168 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libscale_plugin.dll"
Sun 17 Jun 2007 10,752 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libscreen_plugin.dll"
Sun 17 Jun 2007 297,472 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libsdl_image_plugin.dll"
Sun 17 Jun 2007 10,752 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libsgimb_plugin.dll"
Sun 17 Jun 2007 9,216 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libshout_plugin.dll"
Sun 17 Jun 2007 8,704 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libshowintf_plugin.dll"
Sun 17 Jun 2007 7,680 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libsimple_channel_mixer_plugin.dll"
Sun 17 Jun 2007 1,835,520 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libskins2_plugin.dll"
Sun 17 Jun 2007 6,656 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libspdif_mixer_plugin.dll"
Sun 17 Jun 2007 107,008 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libspeex_plugin.dll"
Sun 17 Jun 2007 13,824 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libspudec_plugin.dll"
Sun 17 Jun 2007 12,800 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libstream_out_bridge_plugin.dll"
Sun 17 Jun 2007 7,680 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libstream_out_description_plugin.dll"
Sun 17 Jun 2007 8,192 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libstream_out_display_plugin.dll"
Sun 17 Jun 2007 17,408 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libsubsdec_plugin.dll"
Sun 17 Jun 2007 20,480 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libsubtitle_plugin.dll"
Sun 17 Jun 2007 11,264 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libsvcdsub_plugin.dll"
Sun 17 Jun 2007 14,336 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libtelnet_plugin.dll"
Sun 17 Jun 2007 15,360 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libtelx_plugin.dll"
Sun 17 Jun 2007 194,048 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libtheora_plugin.dll"
Sun 17 Jun 2007 11,264 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libtime_plugin.dll"
Sun 17 Jun 2007 13,312 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libtransform_plugin.dll"
Sun 17 Jun 2007 8,192 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libtrivial_channel_mixer_plugin.dll"
Sun 17 Jun 2007 7,168 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libtrivial_mixer_plugin.dll"
Sun 17 Jun 2007 6,656 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libtrivial_resampler_plugin.dll"
Sun 17 Jun 2007 81,920 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libts_plugin.dll"
Sun 17 Jun 2007 9,728 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libtta_plugin.dll"
Sun 17 Jun 2007 113,152 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libtwolame_plugin.dll"
Sun 17 Jun 2007 17,408 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libty_plugin.dll"
Sun 17 Jun 2007 7,168 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libu8tofixed32_plugin.dll"
Sun 17 Jun 2007 7,168 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libu8tofloat32_plugin.dll"
Sun 17 Jun 2007 7,168 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libugly_resampler_plugin.dll"
Sun 17 Jun 2007 23,040 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libvcd_plugin.dll"
Sun 17 Jun 2007 28,672 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libvisual_plugin.dll"
Sun 17 Jun 2007 16,384 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libvobsub_plugin.dll"
Sun 17 Jun 2007 11,776 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libvoc_plugin.dll"
Sun 17 Jun 2007 28,672 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libvod_rtsp_plugin.dll"
Sun 17 Jun 2007 1,171,456 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libvorbis_plugin.dll"
Sun 17 Jun 2007 41,472 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libvout_directx_plugin.dll"
Sun 17 Jun 2007 15,872 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libwall_plugin.dll"
Sun 17 Jun 2007 16,384 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libwaveout_plugin.dll"
Sun 17 Jun 2007 12,800 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libwav_plugin.dll"
Sun 17 Jun 2007 17,408 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libwingdi_plugin.dll"
Sun 17 Jun 2007 2,793,984 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libwxwidgets_plugin.dll"
Sun 17 Jun 2007 510,976 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libx264_plugin.dll"
Sun 17 Jun 2007 8,192 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libxa_plugin.dll"
Sun 17 Jun 2007 1,157,632 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libxml_plugin.dll"
Sun 17 Jun 2007 12,800 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libxtag_plugin.dll"
Sun 17 Jun 2007 9,728 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libaccess_output_file_plugin.dll"
Sun 17 Jun 2007 14,336 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libaccess_ftp_plugin.dll"
Sun 17 Jun 2007 12,800 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libpacketizer_mpegvideo_plugin.dll"
Sun 17 Jun 2007 472,576 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libaccess_output_shout_plugin.dll"
Sun 17 Jun 2007 13,824 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libstream_out_standard_plugin.dll"
Sun 17 Jun 2007 10,752 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libstream_out_es_plugin.dll"
Sun 17 Jun 2007 25,600 A..H. --- "C:\Documents and Settings\UnitShift\Local Settings\Application Data\Jesterware\DVD Ripper Professional\plugins\libmux_ogg_plugin.dll"

Finished!

DSS
Deckard's System Scanner v20071014.68
Run by UnitShift on 2008-03-30 00:46:14
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-03-30 00:46:21
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\agrsmmsg.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Toshiba\E-KEY\CeEKey.exe
C:\Program Files\Toshiba\TouchPad\TPTray.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Apoint2K\ApntEx.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Toshiba\TOSHIBA Controls\TFncKy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
F:\Programs\PC Protection\dss.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\NPJPI150_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\NPJPI150_03.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{0FDF5EEA-593F-443C-BA07-D0E13DB0B1AF}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
O23 - Se
  • 0

#18
BlackHalo

BlackHalo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 266 posts
DSS scan (continued)
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


--
End of file - 11101 bytes

-- Files created between 2008-02-29 and 2008-03-30 -----------------------------

2008-03-30 00:25:49 0 d-------- C:\WINDOWS\ERUNT
2008-03-28 08:10:47 0 d-------- C:\Program Files\DVD Shrink
2008-03-27 19:33:17 1519245 --a------ C:\WINDOWS\Starlight.scr
2008-03-18 16:10:33 691545 --a------ C:\WINDOWS\unins000.exe
2008-03-18 16:10:33 2548 --a------ C:\WINDOWS\unins000.dat
2008-03-18 13:16:13 0 d-------- C:\Program Files\Panda Security
2008-03-18 13:11:42 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-16 16:35:09 68096 --a------ C:\WINDOWS\system32\zip.exe
2008-03-16 16:35:09 98816 --a------ C:\WINDOWS\system32\sed.exe
2008-03-16 16:35:09 80412 --a------ C:\WINDOWS\system32\grep.exe
2008-03-16 16:35:09 73728 --a------ C:\WINDOWS\system32\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-03-15 19:23:20 626688 --a------ C:\WINDOWS\system32\vp7vfw.dll <Not Verified; On2.com; On2_VP70>
2008-03-15 19:23:20 217127 --a------ C:\WINDOWS\system32\drv43260.dll <Not Verified; RealNetworks, Inc.; RealVideo 9 (32-bit)>
2008-03-15 19:23:20 208935 --a------ C:\WINDOWS\system32\drv33260.dll <Not Verified; RealNetworks, Inc.; RealVideo 8 (32-bit)>
2008-03-15 19:23:20 176165 --a------ C:\WINDOWS\system32\drv23260.dll <Not Verified; RealNetworks, Inc.; RealVideo G2 (32-bit)>
2008-03-15 19:23:20 65602 --a------ C:\WINDOWS\system32\cook3260.dll <Not Verified; RealNetworks, Inc.; RealPlayer 10>
2008-03-13 16:01:34 0 d-------- C:\Program Files\Common Files\SWF Studio
2008-03-07 16:39:23 0 d-------- C:\Program Files\Multiquence
2008-03-04 05:56:09 0 dr-h----- C:\Documents and Settings\UnitShift\Recent
2008-03-03 21:09:11 0 d-------- C:\Documents and Settings\UnitShift\Application Data\CD-LabelPrint
2008-03-03 19:45:11 0 d-------- C:\Documents and Settings\UnitShift\Application Data\GetRightToGo
2008-03-02 16:11:18 138752 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-03-02 16:11:16 0 d-------- C:\Documents and Settings\UnitShift\Application Data\Spyware Terminator
2008-03-02 16:11:16 0 d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-03-02 16:11:12 0 d-------- C:\Program Files\Spyware Terminator


-- Find3M Report ---------------------------------------------------------------

2008-03-30 00:37:49 12397 --a------ C:\WINDOWS\system32\tablet.dat
2008-03-28 08:53:28 0 d-------- C:\Documents and Settings\UnitShift\Application Data\Vso
2008-03-18 13:16:15 2515 --a------ C:\WINDOWS\mozver.dat
2008-03-17 17:20:40 0 d-------- C:\Program Files\Winamp
2008-03-16 22:31:24 321 --a------ C:\Documents and Settings\UnitShift\Application Data\Multique.ini
2008-03-16 16:55:52 0 d-------- C:\Documents and Settings\UnitShift\Application Data\Winamp
2008-03-15 21:02:58 668 --a------ C:\Documents and Settings\UnitShift\Application Data\vso_ts_preview.xml
2008-03-15 19:23:22 0 d-------- C:\Program Files\VSO
2008-03-13 16:01:34 0 d-------- C:\Program Files\Common Files
2008-03-13 06:02:58 0 d-------- C:\Documents and Settings\UnitShift\Application Data\Eltima Software
2008-03-11 23:40:05 0 d-------- C:\Documents and Settings\UnitShift\Application Data\CopyToDvd
2008-03-10 05:48:41 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-03-07 16:39:25 1403 --a------ C:\Documents and Settings\UnitShift\Application Data\MQPreset.ini
2008-03-07 16:31:14 0 d-------- C:\Documents and Settings\UnitShift\Application Data\Adobe
2008-03-06 20:42:04 0 d-------- C:\Program Files\Common Files\Adobe
2008-03-02 16:12:12 0 d-------- C:\Documents and Settings\UnitShift\Application Data\SUPERAntiSpyware.com
2008-03-02 16:12:08 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-02 13:36:10 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-02-25 11:29:43 0 d-------- C:\Program Files\QuickTime
2008-02-22 08:16:56 0 d-------- C:\Documents and Settings\UnitShift\Application Data\Help
2008-02-16 21:26:55 0 d-------- C:\Program Files\Apoint2K
2008-02-16 18:35:56 0 d-------- C:\Documents and Settings\UnitShift\Application Data\Grisoft
2008-02-14 18:48:05 0 d-------- C:\Documents and Settings\UnitShift\Application Data\Orbit
2008-02-13 19:47:05 37888 --a------ C:\WINDOWS\system32\rar.exe <Not Verified; Microsoft Corporation; Microsoft® Windows ® 2000 Operating System>
2008-02-11 10:30:26 952 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2008-02-11 10:30:26 88 -r-hs---- C:\WINDOWS\system32\716D453F9D.sys
2008-02-10 20:27:32 0 d-------- C:\Documents and Settings\UnitShift\Application Data\funkitron
2008-02-08 11:09:19 0 d-------- C:\Documents and Settings\UnitShift\Application Data\U3
2008-02-08 10:00:44 695568 --a------ C:\Documents and Settings\UnitShift\Application Data\GDIPFONTCACHEV1.DAT
2008-01-31 00:34:23 0 d-------- C:\Program Files\Apophysis 2.0


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"="AGRSMMSG.exe" [22/12/2004 02:10 C:\WINDOWS\agrsmmsg.exe]
"Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [23/03/2004 23:40]
"CeEKEY"="C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe" [06/09/2005 15:04]
"TPNF"="C:\Program Files\TOSHIBA\TouchPad\TPTray.exe" [25/08/2005 20:11]
"HWSetup"="C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe" [01/05/2004 14:45]
"SVPWUTIL"="C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe" [01/05/2004 14:45]
"Zooming"="ZoomingHook.exe" [06/06/2005 10:58 C:\WINDOWS\system32\ZoomingHook.exe]
"TCtryIOHook"="TCtrlIOHook.exe" [22/08/2005 17:49 C:\WINDOWS\system32\TCtrlIOHook.exe]
"Tvs"="C:\Program Files\TOSHIBA\Tvs\TvsTray.exe" [05/04/2005 17:25]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [05/08/2005 21:05]
"Acrobat Assistant 7.0"="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [14/12/2004 02:12]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [04/12/2007 15:00]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [16/01/2008 00:54]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [15/07/2005 23:48]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [09/07/2001 10:50]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [02/01/2008 12:45]
"Easy-PrintToolBox"="C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.exe" [14/01/2004 03:10]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [11/06/2007 11:25]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [02/03/2008 16:11]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [14/11/2007 16:05]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [11/04/2005 12:26]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 14:00]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
TabUserW.exe.lnk - C:\WINDOWS\system32\WTablet\TabUserW.exe [18/11/2007 23:40:46]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [20/12/2006 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 27/02/2007 11:39 282624 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"




-- End of Deckard's System Scanner: finished at 2008-03-30 00:47:09 ------------
  • 0

#19
eddie5659

eddie5659

    Trusted Helper

  • Malware Removal
  • 1,980 posts
  • MVP
Sorry for the late reply, just graduated, so sorting things out :)


How's the computer running now?



We have a couple of last steps to perform and then you're all set.


Time for some housekeeping
  • Click START then RUN
  • Now type Combofix /u in the runbox and click OK


    • Posted Image

  • When shown the disclaimer, Select "2"

The above procedure will:
  • Delete the following:
    • ComboFix and its associated files and folders.
    • VundoFix backups, if present
    • The C:\Deckard folder, if present
    • The C:_OtMoveIt folder, if present
  • Reset the clock settings.
  • Hide file extensions, if required.
  • Hide System/Hidden files, if required.
  • Reset System Restore.



We have a couple of last steps to perform and then you're all set.

First, let's reset your hidden/system files and folders. System files are hidden for a reason and we don't want to have them openly available and susceptible to accidental deletion.* Click Start.
* Open My Computer.
* Select the Tools menu and click Folder Options.
* Select the View tab.
* Under the Hidden files and folders heading UNSELECT Show hidden files and folders.
* CHECK the Hide protected operating system files (recommended) option.
* Click Yes to confirm.
* Click OK.
Next, let's clean your restore points and set a new one:

Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs from changing those files. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected)1. Turn off System Restore.On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.
2. Restart your computer.

3. Turn ON System Restore.On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check Turn off System Restore.
Click Apply, and then click OK.
[/list]System Restore will now be active again.

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programs:
  • SpywareBlaster to help prevent spyware from installing in the first place.
  • SpywareGuard to catch and block spyware before it can execute.
  • IESpy-Ad to block access to malicious websites so you cannot be redirected to them from an infected site or email.
You should also have a good firewall. Here are 2 free ones available for personal use:and a good antivirus (these are also free for personal use):It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To keep your operating system up to date visit monthly. And to keep your system clean run these free malware scanners
weekly, and be aware of what emails you open and websites you visit.

To learn more about how to protect yourself while on the internet read this article by Tony Klein: So how did I get infected in the first place?

Have a safe and happy computing day!


eddie
  • 0

#20
BlackHalo

BlackHalo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 266 posts
Congratulations on graduation! :)

PC seems to be running fine (apart from an overheat yesterday, but that's hardware issues that I have to get sorted before the week is out).

Thanks very much for the help+effort! Have a good one!
  • 0

#21
eddie5659

eddie5659

    Trusted Helper

  • Malware Removal
  • 1,980 posts
  • MVP
Thanks, and glad hopefully the overheating will be solved soon.

I also get to do this for the first time, so here goes.......
  • 0

#22
eddie5659

eddie5659

    Trusted Helper

  • Malware Removal
  • 1,980 posts
  • MVP
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP