OTM[Custom Input]
< C:\Documents and Settings\All Users\Application Data\Proxy Long Chin Ping >
C:\Documents and Settings\All Users\Application Data\Proxy Long Chin Ping moved successfully.
< C:\Documents and Settings\Compaq_administrator\Application Data\Openthirddoes >
C:\Documents and Settings\Compaq_administrator\Application Data\OpenThirdDoes moved successfully.
< C:\Documents and Settings\All Users\Application Data\Popcap >
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\PopCap\savedgames\insaniquarium moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\PopCap\savedgames moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\PopCap\insaniquarium\sounds moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\PopCap\insaniquarium\images\upsell moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\PopCap\insaniquarium\images moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\PopCap\insaniquarium moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\PopCap moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap moved successfully.
< C:\Documents and Settings\All Users\Application Data\Popcap(2) >
C:\Documents and Settings\All Users\Application Data\PopCap(2)\PopCapLoader(2)\popcap(2)\savedgames(2)\insaniquarium(2) moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap(2)\PopCapLoader(2)\popcap(2)\savedgames(2) moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap(2)\PopCapLoader(2)\popcap(2)\insaniquarium(2)\sounds(2) moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap(2)\PopCapLoader(2)\popcap(2)\insaniquarium(2)\images(2) moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap(2)\PopCapLoader(2)\popcap(2)\insaniquarium(2) moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap(2)\PopCapLoader(2)\popcap(2) moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap(2)\PopCapLoader(2) moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap(2) moved successfully.
< C:\WINDOWS\system32\libcurl.dll >
DllUnregisterServer procedure not found in C:\WINDOWS\system32\libcurl.dll
C:\WINDOWS\system32\libcurl.dll NOT unregistered.
C:\WINDOWS\system32\libcurl.dll moved successfully.
OTMoveIt2 by OldTimer - Version 1.0.21 log created on 03212008_170939
KASPERSKY-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Friday, March 21, 2008 7:10:38 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 21/03/2008
Kaspersky Anti-Virus database records: 652836
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
Scan Statistics:
Total number of scanned objects: 101999
Number of viruses found: 32
Number of infected objects: 123
Number of suspicious objects: 2
Duration of the scan process: 01:30:56
Infected Object Name / Virus Name / Last Action
C:\Deckard\System Scanner\20080321161635\backup\WINDOWS\Downloaded Program Files\popcaploader.dll Infected: not-a-virus:Downloader.Win32.PopCap.b skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ee77b0fdd1f6b8eb5dc208b050708d53_46f753bc-1d70-4e73-a061-ac88c34f9649 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\feda75eab8301f258a044718d2f4a99e_46f753bc-1d70-4e73-a061-ac88c34f9649 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloaderTsupdateL2.zip/svchostsys.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloaderTsupdateL2.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC1.zip/winstall.exe Infected: not-virus:Hoax.Win32.Renos.cn skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC1.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC14.zip/w0071b75.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC14.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC18.zip/w03cfd76.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC18.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC19.zip/MyToolBar.dll Infected: not-a-virus:AdWare.Win32.Mostofate.q skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC19.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC23.zip/MyToolBar.dll Infected: not-a-virus:AdWare.Win32.Mostofate.q skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC23.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC24.zip/w03cfd76.dll_tobedeleted Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC24.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC34.zip/MyToolBar.dll Infected: not-a-virus:AdWare.Win32.Mostofate.q skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC34.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC5.zip/MyToolBar.dll Infected: not-a-virus:AdWare.Win32.Mostofate.q skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC5.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC9.zip/MyToolBar.dll Infected: not-a-virus:AdWare.Win32.Mostofate.q skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC9.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SolutionsSearchAssistant.zip/ClientAX.dll Infected: not-a-virus:AdWare.Win32.180Solutions.ao skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SolutionsSearchAssistant.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SolutionsSearchAssistant17.zip/ClientAX.dll Infected: not-a-virus:AdWare.Win32.180Solutions.ao skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SolutionsSearchAssistant17.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SolutionsSearchAssistant31.zip/icont.exe Infected: not-a-virus:AdWare.Win32.AdURL.c skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SolutionsSearchAssistant31.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SolutionsZango17.zip/zango.exe Infected: not-a-virus:AdWare.Win32.180Solutions.ao skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SolutionsZango17.zip/zangohook.dll Infected: not-a-virus:AdWare.Win32.180Solutions.au skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SolutionsZango17.zip ZIP: infected - 2 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick13.zip/Ssk.exe Infected: not-a-virus:AdWare.Win32.SurfSide.av skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick13.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick22.zip/Ssk.exe Infected: not-a-virus:AdWare.Win32.SurfSide.av skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick22.zip/SskBho.dll Infected: not-a-virus:AdWare.Win32.SurfSide.ay skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick22.zip/SskCore.dll Infected: not-a-virus:AdWare.Win32.SurfSide.ay skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick22.zip ZIP: infected - 3 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick23.zip/Ssk.exe Infected: not-a-virus:AdWare.Win32.SurfSide.av skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick23.zip/SskBho.dll Infected: not-a-virus:AdWare.Win32.SurfSide.ay skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick23.zip/SskCore.dll Infected: not-a-virus:AdWare.Win32.SurfSide.ay skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick23.zip ZIP: infected - 3 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick29.zip/Ssk.exe Infected: not-a-virus:AdWare.Win32.SurfSide.av skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick29.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick30.zip/Ssk.exe Infected: not-a-virus:AdWare.Win32.SurfSide.av skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick30.zip/SskBho.dll Infected: not-a-virus:AdWare.Win32.SurfSide.ay skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick30.zip/SskCore.dll Infected: not-a-virus:AdWare.Win32.SurfSide.ay skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick30.zip ZIP: infected - 3 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick31.zip/Ssk.exe Infected: not-a-virus:AdWare.Win32.SurfSide.av skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick31.zip/SskBho.dll Infected: not-a-virus:AdWare.Win32.SurfSide.ay skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick31.zip/SskCore.dll Infected: not-a-virus:AdWare.Win32.SurfSide.ay skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick31.zip ZIP: infected - 3 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick34.zip/repairs303169590.dll Infected: not-a-virus:AdWare.Win32.SurfSide.ap skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick34.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick35.zip/SskBho.dll Infected: not-a-virus:AdWare.Win32.SurfSide.ay skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick35.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick36.zip/Ssk.exe Infected: not-a-virus:AdWare.Win32.SurfSide.av skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick36.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick4.zip/gbe90qs.exe Infected: not-a-virus:AdWare.Win32.Suggestor.o skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick4.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick41.zip/Ssk.exe Infected: not-a-virus:AdWare.Win32.SurfSide.av skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick41.zip/SskBho.dll Infected: not-a-virus:AdWare.Win32.SurfSide.ay skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick41.zip/SskCore.dll Infected: not-a-virus:AdWare.Win32.SurfSide.ay skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick41.zip ZIP: infected - 3 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick42.zip/Ssk.exe Infected: not-a-virus:AdWare.Win32.SurfSide.av skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick42.zip/SskBho.dll Infected: not-a-virus:AdWare.Win32.SurfSide.ay skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick42.zip/SskCore.dll Infected: not-a-virus:AdWare.Win32.SurfSide.ay skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SurfSideKick42.zip ZIP: infected - 3 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Targetsaver.zip/tsinstall_4_0_4_0_b4.exe/WISE0009.BIN Infected: Trojan-Downloader.Win32.TSUpdate.n skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Targetsaver.zip/tsinstall_4_0_4_0_b4.exe/WISE0010.BIN Infected: Trojan-Downloader.Win32.TSUpdate.p skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Targetsaver.zip/tsinstall_4_0_4_0_b4.exe/WISE0011.BIN Infected: Trojan-Downloader.Win32.TSUpdate.l skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Targetsaver.zip/tsinstall_4_0_4_0_b4.exe/WISE0012.BIN Infected: Trojan-Downloader.Win32.TSUpdate.f skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Targetsaver.zip/tsinstall_4_0_4_0_b4.exe Infected: Trojan-Downloader.Win32.TSUpdate.f skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Targetsaver.zip ZIP: infected - 5 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Targetsaver3.zip/tsinstall_4_0_4_0_b4.exe/WISE0009.BIN Infected: Trojan-Downloader.Win32.TSUpdate.n skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Targetsaver3.zip/tsinstall_4_0_4_0_b4.exe/WISE0010.BIN Infected: Trojan-Downloader.Win32.TSUpdate.p skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Targetsaver3.zip/tsinstall_4_0_4_0_b4.exe/WISE0011.BIN Infected: Trojan-Downloader.Win32.TSUpdate.l skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Targetsaver3.zip/tsinstall_4_0_4_0_b4.exe/WISE0012.BIN Infected: Trojan-Downloader.Win32.TSUpdate.f skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Targetsaver3.zip/tsinstall_4_0_4_0_b4.exe Infected: Trojan-Downloader.Win32.TSUpdate.f skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Targetsaver3.zip ZIP: infected - 5 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Tibsvq.zip/parad.raw.exe Infected: Trojan-Proxy.Win32.Lager.bu skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Tibsvq.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Tibsvq1.zip/taskdir.dll Infected: Trojan-Proxy.Win32.Lager.aq skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Tibsvq1.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Torpig.zip/ibm00001.exe Infected: Trojan-PSW.Win32.Sinowal.m skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Torpig.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore.zip/UCMTSAIE.dll Infected: not-a-virus:AdWare.Win32.Ucmore.a skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore7.zip/IUCmore.dll Infected: not-a-virus:AdWare.Win32.Ucmore skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore7.zip/UCMTSAIE.dll_tobedeleted Infected: not-a-virus:AdWare.Win32.Ucmore.a skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore7.zip ZIP: infected - 2 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WebBuyingAssistant.zip/uf215.exe Infected: not-a-virus:AdWare.Win32.Agent.co skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WebBuyingAssistant.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WebBuyingAssistant2.zip/webbuying.dll Infected: not-a-virus:AdWare.Win32.Agent.cv skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WebBuyingAssistant2.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WebBuyingAssistant3.zip/webbuying.exe Infected: not-a-virus:AdWare.Win32.Agent.co skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WebBuyingAssistant3.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer14.zip/Programs/webhdll.dll Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer14.zip/Programs/whiehlpr.dll Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer14.zip/Programs/whinstaller.exe Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer14.zip ZIP: infected - 3 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer16.zip/webhdll.dll Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer16.zip/whiehlpr.dll Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer16.zip ZIP: infected - 2 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer3.zip/whagent.exe Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\webHancer3.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WebNexus5.zip/sopcftl(3).dll Infected: Trojan-Downloader.Win32.Qoologic.bj skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WebNexus5.zip ZIP: infected - 1 skipped
C:\Documents and Settings\Compaq_Administrator\Application Data\Sun\Java\Deployment\cache\6.0\32\2f0f91a0-217bb9c4/BlackBox.class Infected: Trojan.Java.ClassLoader.a skipped
C:\Documents and Settings\Compaq_Administrator\Application Data\Sun\Java\Deployment\cache\6.0\32\2f0f91a0-217bb9c4/VerifierBug.class Infected: Trojan.Java.ClassLoader.u skipped
C:\Documents and Settings\Compaq_Administrator\Application Data\Sun\Java\Deployment\cache\6.0\32\2f0f91a0-217bb9c4/Dummy.class Infected: Trojan.Java.Nocheat skipped
C:\Documents and Settings\Compaq_Administrator\Application Data\Sun\Java\Deployment\cache\6.0\32\2f0f91a0-217bb9c4 ZIP: infected - 3 skipped
C:\Documents and Settings\Compaq_Administrator\Application Data\Sun\Java\Deployment\cache\6.0\55\265b8ef7-1325a252/BaaaaBaa.class Infected: Exploit.Java.Gimsh.a skipped
C:\Documents and Settings\Compaq_Administrator\Application Data\Sun\Java\Deployment\cache\6.0\55\265b8ef7-1325a252 ZIP: infected - 1 skipped
C:\Documents and Settings\Compaq_Administrator\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Compaq_Administrator\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Compaq_Administrator\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Compaq_Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Compaq_Administrator\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Compaq_Administrator\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\RECYCLER\S-1-5-21-2050236671-1330105122-2501854101-1008\Dc131.exe/data0002 Infected: not-a-virus:AdWare.Win32.PurityScan.ep skipped
C:\RECYCLER\S-1-5-21-2050236671-1330105122-2501854101-1008\Dc131.exe NSIS: infected - 1 skipped
C:\RECYCLER\S-1-5-21-2050236671-1330105122-2501854101-1008\Dc133.exe/data0002 Infected: not-a-virus:AdWare.Win32.PurityScan.ep skipped
C:\RECYCLER\S-1-5-21-2050236671-1330105122-2501854101-1008\Dc133.exe NSIS: infected - 1 skipped
C:\RECYCLER\S-1-5-21-2050236671-1330105122-2501854101-1008\Dc145.zip/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\RECYCLER\S-1-5-21-2050236671-1330105122-2501854101-1008\Dc145.zip ZIP: infected - 1 skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{D7BD54B8-C977-4903-8CE7-9415B851EC71}\RP3\A0002765.exe/WISE0016.BIN Infected: not-a-virus:AdWare.Win32.MyWay.j skipped
C:\System Volume Information\_restore{D7BD54B8-C977-4903-8CE7-9415B851EC71}\RP3\A0002765.exe WiseSFX: infected - 1 skipped
C:\System Volume Information\_restore{D7BD54B8-C977-4903-8CE7-9415B851EC71}\RP3\A0002765.exe WiseSFXDropper: infected - 1 skipped
C:\System Volume Information\_restore{D7BD54B8-C977-4903-8CE7-9415B851EC71}\RP73\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\popcaploader.dll Infected: not-a-virus:Downloader.Win32.PopCap.b skipped
C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{1983279D-6350-4276-A8A3-99A821ABB8D3}.crmlog Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\Media Ce.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\I386\Apps\APP20301\src\HPSummer2005.exe/WISE0016.BIN Infected: not-a-virus:AdWare.Win32.MyWay.j skipped
D:\I386\Apps\APP20301\src\HPSummer2005.exe WiseSFX: infected - 1 skipped
D:\I386\Apps\APP20301\src\HPSummer2005.exe WiseSFXDropper: infected - 1 skipped
D:\System Volume Information\_restore{D7BD54B8-C977-4903-8CE7-9415B851EC71}\RP73\change.log Object is locked skipped
Scan process completed.
UPDATED DSSDeckard's System Scanner v20071014.68
Run by Compaq_Administrator on 2008-03-21 19:21:07
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- HijackThis (run as Compaq_Administrator.exe) --------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:21:08 PM, on 3/21/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Documents and Settings\Compaq_Administrator\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\COMPAQ~1.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://ie.redirect.h...arm1=seconduserO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) -
http://appldnld.appl...ex/qtplugin.cabO16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky...can_unicode.cabO16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) -
http://dl.tvunetworks.com/TVUAx.cabO16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://www.popcap.co...ploader_v10.cabO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
--
End of file - 5424 bytes
-- Files created between 2008-02-21 and 2008-03-21 -----------------------------
2008-03-21 17:18:55 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-03-21 17:18:54 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-03-21 17:18:53 0 d-------- C:\WINDOWS\LastGood
2008-03-21 16:12:13 0 d-------- C:\NoLopBackups
2008-03-21 14:59:29 0 d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\Malwarebytes
2008-03-21 14:59:22 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-03-21 14:59:22 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-03-21 13:26:32 19805 -ra------ C:\WINDOWS\system32\drivers\usbio.sys <Not Verified; Thesycon GmbH, Germany; Universal USB Device Driver>
2008-03-18 16:59:23 0 d-------- C:\Program Files\QuickTime
2008-03-18 12:02:30 0 d-------- C:\Program Files\Trend Micro
2008-03-17 21:10:17 0 d-------- C:\Program Files\BitDownload
2008-03-17 19:56:03 0 d-------- C:\spoolerlogs
2008-03-16 08:30:37 0 d-------- C:\WINDOWS\Cache
2008-03-15 11:35:28 0 d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\TVU Networks
2008-03-15 11:35:28 0 d-------- C:\Documents and Settings\All Users\Application Data\TVU Networks
2008-03-07 18:21:40 0 d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\LEGO Company
2008-03-07 18:21:33 0 d-------- C:\Program Files\LEGO Company
2008-03-06 12:02:20 0 d---s---- C:\Documents and Settings\Compaq_Administrator\%USERPROFILE% <%USERP~1>
2008-03-06 03:46:00 0 d--hs---- C:\WINDOWS\system32\%USERPROFILE% <%USERP~1>
2008-02-22 12:06:17 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
-- Find3M Report ---------------------------------------------------------------
2008-03-21 17:14:15 0 d-------- C:\Program Files\Viewpoint
2008-03-21 17:14:04 0 d-------- C:\Program Files\LimeWire
2008-03-17 21:09:42 0 d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\LimeWire
2008-03-17 10:25:57 0 d-------- C:\Program Files\AIM6
2008-03-16 08:30:37 31 --ah----- C:\WINDOWS\uccspecc.sys
2008-03-06 09:08:30 0 d-------- C:\Program Files\Easy Internet signup
2008-02-25 22:59:38 0 d-------- C:\Program Files\Microsoft Money 2006
2008-02-25 22:59:38 0 d-------- C:\Program Files\Common Files
2008-02-12 02:17:44 0 d-------- C:\Program Files\DivX
2008-02-11 19:52:07 0 d-------- C:\Program Files\ABBYY FineReader 5.0 Sprint
2008-02-11 19:51:25 0 d-------- C:\Program Files\FaxTools
2008-02-11 19:51:22 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-02-11 19:49:32 0 d-------- C:\Program Files\Lexmark X1100 Series
2008-02-09 00:57:11 0 d-------- C:\Program Files\Common Files\Real
2008-02-09 00:57:01 0 d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\Real
2008-02-05 15:31:46 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-02-05 05:35:56 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-02-05 03:58:16 0 d-------- C:\Program Files\Java
2008-02-05 03:47:50 0 d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\Symantec
2008-02-05 03:47:37 0 d-------- C:\Program Files\Microsoft
2008-02-05 03:47:13 0 d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\Intuit
2008-02-05 03:47:11 0 d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\Apple Computer
2008-02-03 17:24:58 48320 --a----c- C:\Documents and Settings\Compaq_Administrator\Application Data\GDIPFONTCACHEV1.DAT
2008-01-29 16:42:29 0 d-------- C:\Program Files\MSECache
2008-01-28 17:51:36 0 d-------- C:\Program Files\MySQL
2008-01-27 21:43:03 0 d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\GetRightToGo
2008-01-04 17:58:50 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-01-04 17:57:22 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2008-01-04 17:57:22 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-01-04 17:57:12 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2008-01-04 17:57:10 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2008-01-04 17:57:10 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2008-01-04 17:57:10 682496 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2008-01-04 17:56:24 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [08/10/2004 10:04 PM]
"PCDrProfiler"="" []
"SMSERIAL"="sm56hlpr.exe" [01/24/2005 05:56 AM C:\WINDOWS\sm56hlpr.exe]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [05/10/2005 08:50 PM]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPwuSchd2.exe" [02/17/2005 09:11 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 02:11 AM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 11:16 PM]
"Lexmark X1100 Series"="C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" [03/28/2003 10:18 AM]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [06/11/2007 05:25 AM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [03/18/2008 04:59 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/10/2004 03:00 PM]
"Aim6"="" []
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2/13/2001 2:01:04 AM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
-- End of Deckard's System Scanner: finished at 2008-03-21 19:21:25 ------------
It seems like its running faster, and there is no drain on the RAM by IE.exe. If there's anything I need to do, please let me know. Again, thanks a lot for your help and your time in dealing with this problem.
HOTSHOTVZ