Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Win32.Trojan.Yspy

Started by kelkay , Jun 10 2008 07:09 AM

  • This topic is locked This topic is locked

#286
kelkay
Posted 23 July 2008 - 04:50 PM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
When I tried to run that program again, it got to the copy part, now it won't let me hit copy, I hit it, but nothing happens. I will do the DSS step.
  • 0

Advertisements

#287
kelkay
Posted 23 July 2008 - 05:00 PM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
Deckard's System Scanner v20071014.68
Run by Kelly on 2008-07-23 17:53:29
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Kelly.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:54:20, on 7/23/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Documents and Settings\Kelly\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Kelly.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O3 - Toolbar: WebFerret - {A58686ED-FC46-44C3-95C6-4A812AB776F1} - C:\Program Files\FerretSoft\WebFerret\FerretBand.dll
O4 - HKLM\..\Run: [SmartDefrag] "C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [HostsMan] "C:\Program Files\HostsMan\hm.exe" -s
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\system32\wweb32.dll/lookup.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (file missing)
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative....030/CTSUEng.cab
O16 - DPF: {127CE7BA-AD89-4108-A913-C52EFC037C36} (OMN Player Support) - http://kdx.omn.org/s...ayerSupport.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewid...oOnlineScan.cab
O16 - DPF: {2776DDE9-D4B2-4BF7-9F98-ADC1A1B80AF5} (OMN Media Publisher) - http://kdx.omn.org/s...iaPublisher.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://www.shockwave...h2.1.0.0.67.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1165348971449
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-sec...m/ols/fscax.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative....15030/CTPID.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sansa Updater Service (SansaService) - Unknown owner - C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe

--
End of file - 8823 bytes

-- Files created between 2008-06-23 and 2008-07-23 -----------------------------

2008-07-22 20:51:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-07-22 14:20:44 0 d-------- C:\fsaua.data
2008-07-21 10:12:34 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-07-19 14:40:16 0 dr-hs---- C:\WINDOWS\system32\winwsl.exe
2008-07-19 14:40:16 0 dr-hs---- C:\WINDOWS\system32\wintbpx.exe
2008-07-19 14:40:16 0 dr-hs---- C:\WINDOWS\system32\wintbp.exe
2008-07-19 14:40:16 0 dr-hs---- C:\WINDOWS\system32\winrvl.exe
2008-07-19 14:40:16 0 dr-hs---- C:\WINDOWS\system32\winksl.exe
2008-07-19 14:40:16 0 dr-hs---- C:\WINDOWS\system32\update.exe
2008-07-19 14:40:16 0 dr-hs---- C:\WINDOWS\system32\servises.exe
2008-07-19 14:40:16 0 dr-hs---- C:\WINDOWS\system32\regperf.exe
2008-07-19 14:40:16 0 dr-hs---- C:\WINDOWS\system32\pnp.exe
2008-07-19 14:40:16 0 dr-hs---- C:\WINDOWS\system32\per.exe
2008-07-19 14:40:16 0 dr-hs---- C:\WINDOWS\system32\nvctrl.exe
2008-07-19 14:40:16 0 dr-hs---- C:\WINDOWS\system32\mssearchnet.exe
2008-07-19 14:40:16 0 dr-hs---- C:\WINDOWS\system32\msmsgs.exe
2008-07-19 14:40:16 0 dr-hs---- C:\WINDOWS\system32\mscornet.exe
2008-07-19 14:40:16 0 dr-hs---- C:\WINDOWS\system32\issearch.exe
2008-07-19 14:40:16 0 dr-hs---- C:\WINDOWS\system32\csm.exe
2008-07-19 14:40:16 0 dr-hs---- C:\WINDOWS\system32\botzor.exe
2008-07-19 14:40:16 0 dr-hs---- C:\WINDOWS\pnpasn32.exe
2008-07-19 14:40:16 0 dr-hs---- C:\WINDOWS\hpsv.exe
2008-07-19 14:40:16 230 -r-h----- C:\Program Files\zsearch
2008-07-19 14:40:15 0 dr-hs---- C:\WINDOWS\winupie.exe
2008-07-19 14:40:15 0 dr-hs---- C:\WINDOWS\winmuschi.exe
2008-07-19 14:40:15 0 dr-hs---- C:\WINDOWS\updatewinlocator.exe
2008-07-19 14:40:15 0 dr-hs---- C:\WINDOWS\system32\zp.dll
2008-07-19 14:40:15 0 dr-hs---- C:\WINDOWS\system32\zeropopupbar.dll
2008-07-19 14:40:15 0 dr-hs---- C:\WINDOWS\system32\wintft.dll
2008-07-19 14:40:15 0 dr-hs---- C:\WINDOWS\system32\winshow.dll
2008-07-19 14:40:15 0 dr-hs---- C:\WINDOWS\system32\winsb.dll
2008-07-19 14:40:15 0 dr-hs---- C:\WINDOWS\system32\winpup32.exe
2008-07-19 14:40:15 0 dr-hs---- C:\WINDOWS\system32\winpup.exe
2008-07-19 14:40:15 0 dr-hs---- C:\WINDOWS\system32\winlocatorhelper.dll
2008-07-19 14:40:15 0 dr-hs---- C:\WINDOWS\system32\winlocator.dll
2008-07-19 14:40:15 0 dr-hs---- C:\WINDOWS\system32\systemout.exe
2008-07-19 14:40:15 0 dr-hs---- C:\WINDOWS\system32\sysdll32.dll
2008-07-19 14:40:15 0 dr-hs---- C:\WINDOWS\system32\rx.exe
2008-07-19 14:40:15 0 dr-hs---- C:\WINDOWS\system32\pup.exe
2008-07-19 14:40:15 0 dr-hs---- C:\WINDOWS\system32\norton update.exe
2008-07-19 14:40:15 0 dr-hs---- C:\WINDOWS\system32\isnotify.exe
2008-07-19 14:40:15 0 dr-hs---- C:\WINDOWS\system32\ismon.exe
2008-07-19 14:40:15 0 dr-hs---- C:\WINDOWS\system32\ishost.exe
2008-07-19 14:40:15 0 dr-hs---- C:\WINDOWS\system32\dfrgsrv.exe
2008-07-19 14:40:15 0 dr-hs---- C:\WINDOWS\system32\df_kme.exe
2008-07-19 14:40:15 0 dr-hs---- C:\WINDOWS\system32\dcomcfg.exe
2008-07-19 14:40:15 0 dr-hs---- C:\WINDOWS\system32\bridge.dll
2008-07-19 14:40:15 0 dr-hs---- C:\WINDOWS\system32\axconfig.dll
2008-07-19 14:40:15 0 dr-hs---- C:\WINDOWS\system32\a.exe
2008-07-19 14:40:15 0 dr-hs---- C:\WINDOWS\system32\4ccc3cea.exe
2008-07-19 14:40:15 0 dr-hs---- C:\WINDOWS\cdproxyserv.exe
2008-07-19 14:40:15 240 -r-h----- C:\Program Files\zeropopupbar
2008-07-19 14:40:15 226 -r-h----- C:\Program Files\zangoclient
2008-07-19 14:40:15 226 -r-h----- C:\Program Files\zango games
2008-07-19 14:40:15 228 -r-h----- C:\Program Files\xsoftware
2008-07-19 14:40:15 228 -r-h----- C:\Program Files\xpcspy
2008-07-19 14:40:15 232 -r-h----- C:\Program Files\winfixer 2005
2008-07-19 14:40:15 240 -r-h----- C:\Program Files\winfavorites
2008-07-19 14:40:15 246 -r-h----- C:\Program Files\windows adtools
2008-07-19 14:40:15 250 -r-h----- C:\Program Files\windows adcontrol
2008-07-19 14:40:15 230 -r-h----- C:\Program Files\win comm
2008-07-19 14:40:15 226 -r-h----- C:\Program Files\whenu
2008-07-19 14:40:15 236 -r-h----- C:\Program Files\web_rebates
2008-07-19 14:40:15 236 -r-h----- C:\Program Files\web_cpr
2008-07-19 14:40:15 226 -r-h----- C:\Program Files\vvsdl
2008-07-19 14:40:15 232 -r-h----- C:\Program Files\Common Files\winsoftware
2008-07-19 14:40:15 226 -r-h----- C:\Program Files\Common Files\ucontrol
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\windowsupd4.exe
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\windowsupd2.exe
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\windowsupd1.exe
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\vx2.dll
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\zlbw.dll
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\winntcreate.exe
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\wincom32.sys
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\vx2.dll
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\vwix32.exe
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\uninmyad.exe
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\tps108.dll
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\tisa.dll
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\tips.exe
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\tippcls.dat
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\tipp.dat
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\timesrv.exe
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\ticont.dll
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\ticads.exe
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\tconini.dat
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\sysmonnt.exe
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\spwgoc.exe
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\se.exe
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\rvreg.exe
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\rulesak.dll
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\ppl.exe
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\nordsys.exe
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\myad.dll
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\msview.dll
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\msnavc32.exe
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\messenger.lib.exe
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\lut.dat
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\lspak.dll
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\localnrd.dll
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\lcch.dat
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\ladchkr.exe
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\host.dll
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\hook2.dll
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\hook1.dll
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\gdu.dll
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\dad.bat
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\cidrules.dll
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\adchkr.exe
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\system32\6fo4svc.dll
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\psapi.dll
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\kernellos.dll
2008-07-19 14:40:14 222 -r-h----- C:\WINDOWS\isrvs
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\iehelper.dll
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\cleanhistories.dll
2008-07-19 14:40:14 0 dr-hs---- C:\WINDOWS\ads.js
2008-07-19 14:40:14 224 -r-h----- C:\Program Files\vvsn
2008-07-19 14:40:14 226 -r-h----- C:\Program Files\vomba
2008-07-19 14:40:14 238 -r-h----- C:\Program Files\vmntoolbar
2008-07-19 14:40:14 232 -r-h----- C:\Program Files\ts trial
2008-07-19 14:40:14 232 -r-h----- C:\Program Files\topmoxie
2008-07-19 14:40:14 222 -r-h----- C:\Program Files\hpdll
2008-07-19 14:40:14 222 -r-h----- C:\Program Files\autoupdate
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\t2serv.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\t2serv.dll
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\wshtlprh.dll
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\wshnseri.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\winftsap.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\winftsap.dll
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\w3sskbda.dll
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\vsxmpgpc.dll
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\vnetsmme.dll
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\vb5dmspo.dll
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\v4pbpt51.dll
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\trafracp.dll
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\snmpmssw.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\slbrmqtr.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\slbipsch.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\slbipsch.dll
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\shfoxpob.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\secumsje.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\sd16win.dll
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\scp3jgaw.dll
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\rdpwmsjt.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\rcbdwmpd.dll
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\qdvtscf.dll
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\oebdfc.dll
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\msstersv.dll
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\msnsxole.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\msnsxole.dll
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\mslsicwd.dll
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\msexcred.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\msafiasn.dll
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\mqoacdmo.dll
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\mqadscp3.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\mgmtmtxc.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\mcd3mscm.dll
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\lmrtatkc.dll
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\kbdpkbdr.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\kbdfwshe.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\jgsdrpcn.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\jgsdrpcn.dll
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\jgdwadsn.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\jgdwadsn.dll
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\iuennwcf.dll
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\ir32racp.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\ipxwshel.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\ipxrmfc4.dll
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\imesrdch.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\icmpdx3j.dll
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\google.png.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\game3.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\game2.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\game1.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\system32\alsys.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\sserrvv.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\serrv.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\reggserv.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\msupdtwiz.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\cserv32.exe
2008-07-19 14:40:13 0 dr-hs---- C:\WINDOWS\ccsserv.exe
2008-07-19 14:40:13 234 -r-h----- C:\temp_kl
2008-07-19 14:40:13 244 -r-h----- C:\Program Files\sys detective+
2008-07-19 14:40:13 240 -r-h----- C:\Program Files\surfsidekick
2008-07-19 14:40:13 240 -r-h----- C:\Program Files\surfsidekick 2
2008-07-19 14:40:13 232 -r-h----- C:\Program Files\superbar
2008-07-19 14:40:13 232 -r-h----- C:\Program Files\netmeting
2008-07-19 14:40:13 234 -r-h----- C:\archivos de programa
2008-07-19 14:40:12 236 -r-h----- C:\WINDOWS\winsecurity
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\xkrdk.dll
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\wiatwain.dll
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\unsocul.exe
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\sodahk.dll
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\socul.dll
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\smdnn05.dll
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\servehost.exe
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\searchupdate33.exe
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\searchupdate31.exe
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\searchsquire33.dll
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\searchsquire3.dll
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\searchsquire2.dll
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\searchsquire.dll
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\replmap.dll
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\mslspcg.exe
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\iaspdpus.dll
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\i4n27vl.exe
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\higehsg.dll
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\hhselz32.dll
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\fltlauto.exe
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\fileserv.dll
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\e1.dll
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\dsseds32.exe
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\dsseds32.dll
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\dpugmswe.dll
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\dnsrxpob.exe
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\deskmcd3.dll
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\ddemdmco.dll
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\davctool.exe
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\davctool.dll
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\confbrw.dll
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\comrkbdd.exe
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\comploader.dll
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\chkmfdep.exe
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\camodpnm.exe
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\brwstat.dll
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\brwprf32.dll
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\brwperf.exe
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\brwmgr32.dll
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\brwconf.exe
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\avifipxr.dll
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\admeiolo.dll
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\system32\actidmoc.exe
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\ssmsgr.exe
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\ssls.exe
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\ssdgt.exe
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\sscrg.exe
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\cssswd.exe
2008-07-19 14:40:12 0 dr-hs---- C:\WINDOWS\csssupd.exe
2008-07-19 14:40:12 236 -r-h----- C:\WINDOWS\connectionstatus
2008-07-19 14:40:12 234 -r-h----- C:\spedia
2008-07-19 14:40:12 244 -r-h----- C:\Program Files\swagent
2008-07-19 14:40:12 244 -r-h----- C:\Program Files\stealthwatcher200
2008-07-19 14:40:12 230 -r-h----- C:\Program Files\spytech software
2008-07-19 14:40:12 234 -r-h----- C:\Program Files\spyonthis
2008-07-19 14:40:12 232 -r-h----- C:\Program Files\spyblast
2008-07-19 14:40:12 234 -r-h----- C:\Program Files\softomate
2008-07-19 14:40:12 248 -r-h----- C:\Program Files\selectrebates
2008-07-19 14:40:12 234 -r-h----- C:\Program Files\searchnet
2008-07-19 14:40:12 226 -r-h----- C:\Program Files\p4p
2008-07-19 14:40:12 234 -r-h----- C:\Program Files\ietoolbar
2008-07-19 14:40:12 226 -r-h----- C:\Program Files\Common Files\sogou pxp
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\waladhpr.exe
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\wzhelper.dll
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\webalize.dll
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\speeder.exe
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\somatic.dll
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\shnlog.exe
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\seqsb.dll
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\seantb.dll
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\s4helper.dll
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\rlvknlg.exe
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\rkinstaller.exe
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\rk.exe
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\reg2.exe
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\pqhelper.dll
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\mygeek.dll
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\msqsb.dll
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\msplus4.dll
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\msplus3.dll
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\msplus2.dll
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\msplus1.dll
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\msplus.dll
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\msclt.exe
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\mrkscr.exe
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\mgeekremove.exe
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\intmon.exe
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\ifsomatic.dll
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\ifhelper.dll
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\iebrw.dll
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\hotlink.dll
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\homepage.dll
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\hmepge.dll
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\gsim.dll
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\system32\barbho.dll
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\svrmgr.exe
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\skynetave.exe
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\napatch.exe
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\lsasss.exe
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\lansas.exe
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\infodll.dll
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\gsim.dll
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\cfg32s.dll
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\cfg32r.dll
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\cfg32o.dll
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\cfg32.exe
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\avserve3.exe
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\avserve2.exe
2008-07-19 14:40:11 0 dr-hs---- C:\WINDOWS\adrsb.exe
2008-07-19 14:40:11 232 -r-h----- C:\Program Files\valintines day card
2008-07-19 14:40:11 240 -r-h----- C:\Program Files\searchlocate
2008-07-19 14:40:11 236 -r-h----- C:\Program Files\screenview
2008-07-19 14:40:11 230 -r-h----- C:\Program Files\savenow
2008-07-19 14:40:11 234 -r-h----- C:\Program Files\rxtoolbar
2008-07-19 14:40:11 250 -r-h----- C:\Program Files\relevantknowledge
2008-07-19 14:40:11 230 -r-h----- C:\Program Files\ezthemes_whenusavenow_installer
2008-07-19 14:40:11 242 -r-h----- C:\Program Files\dynamic toolbar
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\wserver.exe
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\winlogon.scr
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\winlogon.exe
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\visualguard.exe
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\userconfig9x.dll
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\system32\vlcx052.dll
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\system32\slpube03.dll
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\system32\optserve.exe
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\system32\optserve.dll
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\system32\mstc.exe
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\system32\lp.exe
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\system32\lp.dll
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\system32\auole4.dll
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\sysmonxp.exe
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\symav.exe
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\switpb.exe
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\switpa.exe
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\services.exe
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\pandaavengine.exe
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\msnmsgrs.exe
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\maja.exe
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\kasperskyaveng.exe
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\jammer2nd.exe
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\fvprotect.exe
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\fooding.exe
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\firewallsvr.exe
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\easyav.exe
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\diskmonitor.exe
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\comp.cpl
2008-07-19 14:40:10 0 dr-hs---- C:\WINDOWS\avprotect9x.exe
2008-07-19 14:40:10 234 -r-h----- C:\Program Files\startup mechanic
2008-07-19 14:40:10 234 -r-h----- C:\Program Files\rax search helper
2008-07-19 14:40:10 228 -r-h----- C:\Program Files\psupport
2008-07-19 14:40:10 228 -r-h----- C:\Program Files\exolon
2008-07-19 14:40:10 234 -r-h----- C:\Program Files\ddr
2008-07-19 14:40:10 236 -r-h----- C:\Program Files\Common Files\nsis
2008-07-19 14:40:10 234 -r-h----- C:\Program Files\arcade!
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\xpfirewall.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\wpwmgrs.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\winvnc.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\wintasker.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\winsyscfg.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\winsys32.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\winsys.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\winsvc32.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\winstart.pif
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\winnt.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\wininfo.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\winhlpapi.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\wingmt32.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\winds.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\windowz.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\windowsfirewall.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\windasz-updote.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\win32.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\win24.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\wid32.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\wfdmgr.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\wfdgmr.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\wdns33.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\w32ntupdt.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\w1nt5k.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\twunk_65.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\timemanager.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\taskgmr32.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\taskgmr.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\taskgamr.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\tagmr.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\sysconf.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\sword.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\svshost.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\stagmr.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\sp2winfix.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\sp2fx.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\skybot.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\shell.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\service5.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\sd.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\scvhost32.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\scrigz.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\scalpe91.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\rundll.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\remote.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\protection.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\plugnplay32.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\picx.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\phantom.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\system32\netcog.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\rundil32.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\rundil.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\phantom.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\netmedia.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\avprotect.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\avpguard.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\avguard.exe
2008-07-19 14:40:09 0 dr-hs---- C:\WINDOWS\avbgle.exe
2008-07-19 14:40:09 234 -r-h----- C:\Program Files\need2find
2008-07-19 14:40:09 226 -r-h----- C:\Program Files\ncase
2008-07-19 14:40:09 232 -r-h----- C:\Program Files\navexcel
2008-07-19 14:40:09 232 -r-h----- C:\Program Files\navexcel search toolbar
2008-07-19 14:40:09 238 -r-h----- C:\Program Files\mywebsearch
2008-07-19 14:40:08 0 dr-hs---- C:\winssystem.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\winnb60.dll
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\winnb58.dll
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\winnb57.dll
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\winnb56.dll
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\winnb52.dll
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\winnb51.dll
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\winnb42.dll
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\winnb41.dll
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\winnb40.dll
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\windmy.dll
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\winats.dll
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\patch31345.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\osalogbe.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\nn_bar31.dll
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\nn_bar22.dll
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\nn_bar21.dll
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\mtrnqs.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\mswins.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\mssck.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\msplus32.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\msnl.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\msmgrxp.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\msgmr.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\msdev32.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\msapasrc.dll
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\msa64chk.dll
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\mouse.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\microupdate.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\microsystem.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\memloader.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\mcscn.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\mailinfo.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\logitechwls.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\logic.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\lienvdk.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\lienvandekelder.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\lientjeuh.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\lien vd kelder.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\lien vande kelder.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\lien Van de kelderrr.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\lien van de kelder.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\lcd32.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\jusched32.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\itunegui.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\internet.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\iexplorer.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\hostdrvxp.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\hbmail.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\gothica.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\fixupdattr.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\evil.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\ds.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\dcomuser.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\coolbot.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\ccsrs.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\avpr.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\abs.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\666.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\1hellbot.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\system32\0.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\patch31345.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\msnarrator.exe
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\mrhop.dll
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\mpgcom.dll
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\iempg2.dll
2008-07-19 14:40:08 0 dr-hs---- C:\WINDOWS\iempg.dll
2008-07-19 14:40:08 0 dr-hs---- C:\hellmsn.exe
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\xwrm.exe
2008-07-19 14:40:07 240 -r-h----- C:\WINDOWS\wintrim
2008-07-19 14:40:07 240 -r-h----- C:\WINDOWS\winmgts
2008-07-19 14:40:07 240 -r-h----- C:\WINDOWS\wincomp
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\unstall.exe
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\windowsie.dll
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\wgavm.exe
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\wgareg.exe
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\vtlbar1.dll
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\version.exe
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\updtscheduler.exe
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\tubby.dll
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\toolbar.dll
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\tbc.dll
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\sys.exe
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\nn_bar.dll
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\nas.dll
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\myaccess.dll
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\mtc.dll
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\msxml4r.exe
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\msklive.dll
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\mseggrpid.dll
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\msegcompid.dll
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\mscache.dll
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\mapisvc32.exe
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\madise.dll
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\keyhost.exe
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\keyactivex.ocx
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\jeired.dll
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\iexplorr29.dll
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\iexplorr27.dll
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\iexplorr26.dll
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\iexplore.exe
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\ia.dll
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\gcasctrl.exe
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\egdial.dll
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\egdhtml_1027.dll
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\egdhtml_1026.dll
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\egdhtml_1025.dll
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\egdhtml_1024.dll
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\egdhtml_1023.dll
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\duel.exe
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\dll.dll
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\aupdate_uninstall.exe
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\aupdate.exe
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\system32\adv.dll
2008-07-19 14:40:07 240 -r-h----- C:\WINDOWS\navpmc
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\mscache.exe
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\mscache.dll
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\mmups.exe
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\mm63.ocx
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\mm21.ocx
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\mm20.ocx
2008-07-19 14:40:07 240 -r-h----- C:\WINDOWS\mc
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\istsvc.exe
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\imgurla.exe
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\exedialer.exe
2008-07-19 14:40:07 0 dr-hs---- C:\WINDOWS\a64sddd.exe
2008-07-19 14:40:07 236 -r-h----- C:\Program Files\support software
2008-07-19 14:40:07 234 -r-h----- C:\Program Files\powersearch
2008-07-19 14:40:07 234 -r-h----- C:\Program Files\perfectnav
2008-07-19 14:40:07 236 -r-h----- C:\Program Files\network essentials
2008-07-19 14:40:07 236 -r-h----- C:\Program Files\medialoads
2008-07-19 14:40:07 236 -r-h----- C:\Program Files\medialoads enhanced
2008-07-19 14:40:07 242 -r-h----- C:\Program Files\media gateway
2008-07-19 14:40:07 232 -r-h----- C:\Program Files\md
2008-07-19 14:40:07 228 -r-h----- C:\Program Files\lstsvc
2008-07-19 14:40:07 244 -r-h----- C:\Program Files\kuaiso toolsbar
2008-07-19 14:40:07 242 -r-h----- C:\Program Files\kgb keylogger
2008-07-19 14:40:07 266 -r-h----- C:\Program Files\invisible secrets toolbar
2008-07-19 14:40:07 240 -r-h----- C:\Program Files\instant buzz
2008-07-19 14:40:07 258 -r-h----- C:\Program Files\instant access
2008-07-19 14:40:07 248 -r-h----- C:\Program Files\install provider
2008-07-19 14:40:07 240 -r-h----- C:\Program Files\instafink
2008-07-19 14:40:07 234 -r-h----- C:\Program Files\incredifind
2008-07-19 14:40:07 228 -r-h----- C:\Program Files\ebayshop
2008-07-19 14:40:07 234 -r-h----- C:\Program Files\Common Files\updmgr
2008-07-19 14:40:07 234 -r-h----- C:\Program Files\Common Files\updater
2008-07-19 14:40:07 234 -r-h----- C:\Program Files\Common Files\keenvalue
2008-07-19 14:40:06 232 -r-h----- C:\WINDOWS\wqzq
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\winserv.exe
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\winobject.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\wdskctl.exe
2008-07-19 14:40:06 232 -r-h----- C:\WINDOWS\wcby
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\ts.exe
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\winstart001.exe
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\winstart.exe
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\winsrm32.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\winenc32.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\windec32.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\waeb.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\update_rsp.DLL
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\update_removeold.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\update_hosts.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\update_com.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\update_bho.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\sbus.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\rsp001.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\rsp.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\install_all.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\ineb.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\iexplorr25.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\iexplorr24.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\iexplorr23.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\iexplorr22.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\iexplorr11.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\iemsg.dll
2008-07-19 14:40:06 232 -r-h----- C:\WINDOWS\system32\iedriver
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\gws.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\drbr.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\chgrgs.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\bundler_mpb_sb.exe
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\bmeb.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\bho001.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\bho.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\belop.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\absnro.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\system32\abeb.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\systb.exe
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\systb.dll
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\ssk.exe
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\snbho.exe
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\rgrt.exe
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\pxckdlauninstall.exe
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\pxckdla.exe
  • 0

#288
kelkay
Posted 23 July 2008 - 05:04 PM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
Only the main.txt came up, not the extra.txt....
As far as the HP Update program, I deleted that several days ago, but it is still showing up. It was showing as an infection...can't remember what type now. I decided I didn't need it, and deleted it. After being deleted it still was recognized by my firewall as trying to connect, or spy...so I blocked it.
  • 0

#289
kelkay
Posted 23 July 2008 - 05:10 PM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
Here is what Kaspersky has detected, some of these keep on bugging me. I am not sure what to do about some of them...like the AOL waol file etc...svc host etc...
I thought the waol file was needed, and svc host..don't know why they keep on, unless they are infected. This is all a bit overwhelming.

I attached this, but don't see it, hopefully you can.

Edited by kelkay, 23 July 2008 - 05:10 PM.

  • 0

#290
JSntgRvr
Posted 23 July 2008 - 06:59 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Something is doggy here. You can paste the DSS report, but not the MGA report?

You are reinfected.

  • Download the attached file and save it to your C:\ drive.
  • When having saved it, the file path should be C:\remove.txt
  • Download and unzip Avenger to your desktop.
  • Open the Avenger.
  • Select Load Script from the menu, then From File .
  • Browse to C:\remove.txt and click open.
  • Then click the Execute button.
  • This will begin the execution of the script currently in memory.
  • The Avenger will set itself up to run the next time you reboot your computer, and then will prompt you to restart immediately.
  • After your system restarts, a log file should open with the results of Avenger’s actions. This log file is located at C:\avenger.txt. The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backups.zip.
Post the contents of the C:\avenger.txt file and attach a fresh DSS main.txt report.
  • 0

#291
kelkay
Posted 23 July 2008 - 08:29 PM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
Logfile of The Avenger Version 2.0, © by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

Folder "C:\fsaua.data" deleted successfully.
Folder "C:\Program Files\Common Files\Wise Installation Wizard" deleted successfully.
Folder "C:\WINDOWS\system32\winwsl.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wintbpx.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wintbp.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winrvl.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winksl.exe" deleted successfully.
Folder "C:\WINDOWS\system32\update.exe" deleted successfully.
Folder "C:\WINDOWS\system32\servises.exe" deleted successfully.
Folder "C:\WINDOWS\system32\regperf.exe" deleted successfully.
Folder "C:\WINDOWS\system32\pnp.exe" deleted successfully.
Folder "C:\WINDOWS\system32\per.exe" deleted successfully.
Folder "C:\WINDOWS\system32\nvctrl.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mssearchnet.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msmsgs.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mscornet.exe" deleted successfully.
Folder "C:\WINDOWS\system32\issearch.exe" deleted successfully.
Folder "C:\WINDOWS\system32\csm.exe" deleted successfully.
Folder "C:\WINDOWS\system32\botzor.exe" deleted successfully.
Folder "C:\WINDOWS\pnpasn32.exe" deleted successfully.
Folder "C:\WINDOWS\hpsv.exe" deleted successfully.
Folder "C:\WINDOWS\winupie.exe" deleted successfully.
Folder "C:\WINDOWS\winmuschi.exe" deleted successfully.
Folder "C:\WINDOWS\updatewinlocator.exe" deleted successfully.
Folder "C:\WINDOWS\system32\zp.dll" deleted successfully.
Folder "C:\WINDOWS\system32\zeropopupbar.dll" deleted successfully.
Folder "C:\WINDOWS\system32\wintft.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winshow.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winsb.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winpup32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winpup.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winlocatorhelper.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winlocator.dll" deleted successfully.
Folder "C:\WINDOWS\system32\systemout.exe" deleted successfully.
Folder "C:\WINDOWS\system32\sysdll32.dll" deleted successfully.
Folder "C:\WINDOWS\system32\rx.exe" deleted successfully.
Folder "C:\WINDOWS\system32\pup.exe" deleted successfully.
Folder "C:\WINDOWS\system32\norton update.exe" deleted successfully.
Folder "C:\WINDOWS\system32\isnotify.exe" deleted successfully.
Folder "C:\WINDOWS\system32\ismon.exe" deleted successfully.
Folder "C:\WINDOWS\system32\ishost.exe" deleted successfully.
Folder "C:\WINDOWS\system32\dfrgsrv.exe" deleted successfully.
Folder "C:\WINDOWS\system32\df_kme.exe" deleted successfully.
Folder "C:\WINDOWS\system32\dcomcfg.exe" deleted successfully.
Folder "C:\WINDOWS\system32\bridge.dll" deleted successfully.
Folder "C:\WINDOWS\system32\axconfig.dll" deleted successfully.
Folder "C:\WINDOWS\system32\a.exe" deleted successfully.
Folder "C:\WINDOWS\system32\4ccc3cea.exe" deleted successfully.
Folder "C:\WINDOWS\cdproxyserv.exe" deleted successfully.
Folder "C:\WINDOWS\windowsupd4.exe" deleted successfully.
Folder "C:\WINDOWS\windowsupd2.exe" deleted successfully.
Folder "C:\WINDOWS\windowsupd1.exe" deleted successfully.
Folder "C:\WINDOWS\vx2.dll" deleted successfully.
Folder "C:\WINDOWS\system32\zlbw.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winntcreate.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wincom32.sys" deleted successfully.
Folder "C:\WINDOWS\system32\vx2.dll" deleted successfully.
Folder "C:\WINDOWS\system32\vwix32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\uninmyad.exe" deleted successfully.
Folder "C:\WINDOWS\system32\tps108.dll" deleted successfully.
Folder "C:\WINDOWS\system32\tisa.dll" deleted successfully.
Folder "C:\WINDOWS\system32\tips.exe" deleted successfully.
Folder "C:\WINDOWS\system32\tippcls.dat" deleted successfully.
Folder "C:\WINDOWS\system32\tipp.dat" deleted successfully.
Folder "C:\WINDOWS\system32\timesrv.exe" deleted successfully.
Folder "C:\WINDOWS\system32\ticont.dll" deleted successfully.
Folder "C:\WINDOWS\system32\ticads.exe" deleted successfully.
Folder "C:\WINDOWS\system32\tconini.dat" deleted successfully.
Folder "C:\WINDOWS\system32\sysmonnt.exe" deleted successfully.
Folder "C:\WINDOWS\system32\spwgoc.exe" deleted successfully.
Folder "C:\WINDOWS\system32\se.exe" deleted successfully.
Folder "C:\WINDOWS\system32\rvreg.exe" deleted successfully.
Folder "C:\WINDOWS\system32\rulesak.dll" deleted successfully.
Folder "C:\WINDOWS\system32\ppl.exe" deleted successfully.
Folder "C:\WINDOWS\system32\nordsys.exe" deleted successfully.
Folder "C:\WINDOWS\system32\myad.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msview.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msnavc32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\messenger.lib.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lut.dat" deleted successfully.
Folder "C:\WINDOWS\system32\lspak.dll" deleted successfully.
Folder "C:\WINDOWS\system32\localnrd.dll" deleted successfully.
Folder "C:\WINDOWS\system32\lcch.dat" deleted successfully.
Folder "C:\WINDOWS\system32\ladchkr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\host.dll" deleted successfully.
Folder "C:\WINDOWS\system32\hook2.dll" deleted successfully.
Folder "C:\WINDOWS\system32\hook1.dll" deleted successfully.
Folder "C:\WINDOWS\system32\gdu.dll" deleted successfully.
Folder "C:\WINDOWS\system32\dad.bat" deleted successfully.
Folder "C:\WINDOWS\system32\cidrules.dll" deleted successfully.
Folder "C:\WINDOWS\system32\adchkr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\6fo4svc.dll" deleted successfully.
Folder "C:\WINDOWS\psapi.dll" deleted successfully.
Folder "C:\WINDOWS\kernellos.dll" deleted successfully.

Error: "C:\WINDOWS\isrvs" is not a folder! It may instead be a file.
Deletion of folder "C:\WINDOWS\isrvs" failed!
Status: 0xc0000103 (STATUS_NOT_A_DIRECTORY)
--> use "Files to delete:" instead of "Folders to delete:" to delete an ordinary file

Folder "C:\WINDOWS\iehelper.dll" deleted successfully.
Folder "C:\WINDOWS\cleanhistories.dll" deleted successfully.
Folder "C:\WINDOWS\ads.js" deleted successfully.
Folder "C:\WINDOWS\t2serv.exe" deleted successfully.
Folder "C:\WINDOWS\t2serv.dll" deleted successfully.
Folder "C:\WINDOWS\system32\wshtlprh.dll" deleted successfully.
Folder "C:\WINDOWS\system32\wshnseri.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winftsap.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winftsap.dll" deleted successfully.
Folder "C:\WINDOWS\system32\w3sskbda.dll" deleted successfully.
Folder "C:\WINDOWS\system32\vsxmpgpc.dll" deleted successfully.
Folder "C:\WINDOWS\system32\vnetsmme.dll" deleted successfully.
Folder "C:\WINDOWS\system32\vb5dmspo.dll" deleted successfully.
Folder "C:\WINDOWS\system32\v4pbpt51.dll" deleted successfully.
Folder "C:\WINDOWS\system32\trafracp.dll" deleted successfully.
Folder "C:\WINDOWS\system32\snmpmssw.exe" deleted successfully.
Folder "C:\WINDOWS\system32\slbrmqtr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\slbipsch.exe" deleted successfully.
Folder "C:\WINDOWS\system32\slbipsch.dll" deleted successfully.
Folder "C:\WINDOWS\system32\shfoxpob.exe" deleted successfully.
Folder "C:\WINDOWS\system32\secumsje.exe" deleted successfully.
Folder "C:\WINDOWS\system32\sd16win.dll" deleted successfully.
Folder "C:\WINDOWS\system32\scp3jgaw.dll" deleted successfully.
Folder "C:\WINDOWS\system32\rdpwmsjt.exe" deleted successfully.
Folder "C:\WINDOWS\system32\rcbdwmpd.dll" deleted successfully.
Folder "C:\WINDOWS\system32\qdvtscf.dll" deleted successfully.
Folder "C:\WINDOWS\system32\oebdfc.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msstersv.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msnsxole.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msnsxole.dll" deleted successfully.
Folder "C:\WINDOWS\system32\mslsicwd.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msexcred.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msafiasn.dll" deleted successfully.
Folder "C:\WINDOWS\system32\mqoacdmo.dll" deleted successfully.
Folder "C:\WINDOWS\system32\mqadscp3.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mgmtmtxc.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mcd3mscm.dll" deleted successfully.
Folder "C:\WINDOWS\system32\lmrtatkc.dll" deleted successfully.
Folder "C:\WINDOWS\system32\kbdpkbdr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\kbdfwshe.exe" deleted successfully.
Folder "C:\WINDOWS\system32\jgsdrpcn.exe" deleted successfully.
Folder "C:\WINDOWS\system32\jgsdrpcn.dll" deleted successfully.
Folder "C:\WINDOWS\system32\jgdwadsn.exe" deleted successfully.
Folder "C:\WINDOWS\system32\jgdwadsn.dll" deleted successfully.
Folder "C:\WINDOWS\system32\iuennwcf.dll" deleted successfully.
Folder "C:\WINDOWS\system32\ir32racp.exe" deleted successfully.
Folder "C:\WINDOWS\system32\ipxwshel.exe" deleted successfully.
Folder "C:\WINDOWS\system32\ipxrmfc4.dll" deleted successfully.
Folder "C:\WINDOWS\system32\imesrdch.exe" deleted successfully.
Folder "C:\WINDOWS\system32\icmpdx3j.dll" deleted successfully.
Folder "C:\WINDOWS\system32\google.png.exe" deleted successfully.
Folder "C:\WINDOWS\system32\game3.exe" deleted successfully.
Folder "C:\WINDOWS\system32\game2.exe" deleted successfully.
Folder "C:\WINDOWS\system32\game1.exe" deleted successfully.
Folder "C:\WINDOWS\system32\alsys.exe" deleted successfully.
Folder "C:\WINDOWS\sserrvv.exe" deleted successfully.
Folder "C:\WINDOWS\serrv.exe" deleted successfully.
Folder "C:\WINDOWS\reggserv.exe" deleted successfully.
Folder "C:\WINDOWS\msupdtwiz.exe" deleted successfully.
Folder "C:\WINDOWS\cserv32.exe" deleted successfully.
Folder "C:\WINDOWS\ccsserv.exe" deleted successfully.
Folder "C:\WINDOWS\system32\xkrdk.dll" deleted successfully.
Folder "C:\WINDOWS\system32\wiatwain.dll" deleted successfully.
Folder "C:\WINDOWS\system32\unsocul.exe" deleted successfully.
Folder "C:\WINDOWS\system32\sodahk.dll" deleted successfully.
Folder "C:\WINDOWS\system32\socul.dll" deleted successfully.
Folder "C:\WINDOWS\system32\smdnn05.dll" deleted successfully.
Folder "C:\WINDOWS\system32\servehost.exe" deleted successfully.
Folder "C:\WINDOWS\system32\searchupdate33.exe" deleted successfully.
Folder "C:\WINDOWS\system32\searchupdate31.exe" deleted successfully.
Folder "C:\WINDOWS\system32\searchsquire33.dll" deleted successfully.
Folder "C:\WINDOWS\system32\searchsquire3.dll" deleted successfully.
Folder "C:\WINDOWS\system32\searchsquire2.dll" deleted successfully.
Folder "C:\WINDOWS\system32\searchsquire.dll" deleted successfully.
Folder "C:\WINDOWS\system32\replmap.dll" deleted successfully.
Folder "C:\WINDOWS\system32\mslspcg.exe" deleted successfully.
Folder "C:\WINDOWS\system32\iaspdpus.dll" deleted successfully.
Folder "C:\WINDOWS\system32\i4n27vl.exe" deleted successfully.
Folder "C:\WINDOWS\system32\higehsg.dll" deleted successfully.
Folder "C:\WINDOWS\system32\hhselz32.dll" deleted successfully.
Folder "C:\WINDOWS\system32\fltlauto.exe" deleted successfully.
Folder "C:\WINDOWS\system32\fileserv.dll" deleted successfully.
Folder "C:\WINDOWS\system32\e1.dll" deleted successfully.
Folder "C:\WINDOWS\system32\dsseds32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\dsseds32.dll" deleted successfully.
Folder "C:\WINDOWS\system32\dpugmswe.dll" deleted successfully.
Folder "C:\WINDOWS\system32\dnsrxpob.exe" deleted successfully.
Folder "C:\WINDOWS\system32\deskmcd3.dll" deleted successfully.
Folder "C:\WINDOWS\system32\ddemdmco.dll" deleted successfully.
Folder "C:\WINDOWS\system32\davctool.exe" deleted successfully.
Folder "C:\WINDOWS\system32\davctool.dll" deleted successfully.
Folder "C:\WINDOWS\system32\confbrw.dll" deleted successfully.
Folder "C:\WINDOWS\system32\comrkbdd.exe" deleted successfully.
Folder "C:\WINDOWS\system32\comploader.dll" deleted successfully.
Folder "C:\WINDOWS\system32\chkmfdep.exe" deleted successfully.
Folder "C:\WINDOWS\system32\camodpnm.exe" deleted successfully.
Folder "C:\WINDOWS\system32\brwstat.dll" deleted successfully.
Folder "C:\WINDOWS\system32\brwprf32.dll" deleted successfully.
Folder "C:\WINDOWS\system32\brwperf.exe" deleted successfully.
Folder "C:\WINDOWS\system32\brwmgr32.dll" deleted successfully.
Folder "C:\WINDOWS\system32\brwconf.exe" deleted successfully.
Folder "C:\WINDOWS\system32\avifipxr.dll" deleted successfully.
Folder "C:\WINDOWS\system32\admeiolo.dll" deleted successfully.
Folder "C:\WINDOWS\system32\actidmoc.exe" deleted successfully.
Folder "C:\WINDOWS\ssmsgr.exe" deleted successfully.
Folder "C:\WINDOWS\ssls.exe" deleted successfully.
Folder "C:\WINDOWS\ssdgt.exe" deleted successfully.
Folder "C:\WINDOWS\sscrg.exe" deleted successfully.
Folder "C:\WINDOWS\cssswd.exe" deleted successfully.
Folder "C:\WINDOWS\csssupd.exe" deleted successfully.
Folder "C:\WINDOWS\waladhpr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wzhelper.dll" deleted successfully.
Folder "C:\WINDOWS\system32\webalize.dll" deleted successfully.
Folder "C:\WINDOWS\system32\speeder.exe" deleted successfully.
Folder "C:\WINDOWS\system32\somatic.dll" deleted successfully.
Folder "C:\WINDOWS\system32\shnlog.exe" deleted successfully.
Folder "C:\WINDOWS\system32\seqsb.dll" deleted successfully.
Folder "C:\WINDOWS\system32\seantb.dll" deleted successfully.
Folder "C:\WINDOWS\system32\s4helper.dll" deleted successfully.
Folder "C:\WINDOWS\system32\rlvknlg.exe" deleted successfully.
Folder "C:\WINDOWS\system32\rkinstaller.exe" deleted successfully.
Folder "C:\WINDOWS\system32\rk.exe" deleted successfully.
Folder "C:\WINDOWS\system32\reg2.exe" deleted successfully.
Folder "C:\WINDOWS\system32\pqhelper.dll" deleted successfully.
Folder "C:\WINDOWS\system32\mygeek.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msqsb.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msplus4.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msplus3.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msplus2.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msplus1.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msplus.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msclt.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mrkscr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mgeekremove.exe" deleted successfully.
Folder "C:\WINDOWS\system32\intmon.exe" deleted successfully.
Folder "C:\WINDOWS\system32\ifsomatic.dll" deleted successfully.
Folder "C:\WINDOWS\system32\ifhelper.dll" deleted successfully.
Folder "C:\WINDOWS\system32\iebrw.dll" deleted successfully.
Folder "C:\WINDOWS\system32\hotlink.dll" deleted successfully.
Folder "C:\WINDOWS\system32\homepage.dll" deleted successfully.
Folder "C:\WINDOWS\system32\hmepge.dll" deleted successfully.
Folder "C:\WINDOWS\system32\gsim.dll" deleted successfully.
Folder "C:\WINDOWS\system32\barbho.dll" deleted successfully.
Folder "C:\WINDOWS\svrmgr.exe" deleted successfully.
Folder "C:\WINDOWS\skynetave.exe" deleted successfully.
Folder "C:\WINDOWS\napatch.exe" deleted successfully.
Folder "C:\WINDOWS\lsasss.exe" deleted successfully.
Folder "C:\WINDOWS\lansas.exe" deleted successfully.
Folder "C:\WINDOWS\infodll.dll" deleted successfully.
Folder "C:\WINDOWS\gsim.dll" deleted successfully.
Folder "C:\WINDOWS\cfg32s.dll" deleted successfully.
Folder "C:\WINDOWS\cfg32r.dll" deleted successfully.
Folder "C:\WINDOWS\cfg32o.dll" deleted successfully.
Folder "C:\WINDOWS\cfg32.exe" deleted successfully.
Folder "C:\WINDOWS\avserve3.exe" deleted successfully.
Folder "C:\WINDOWS\avserve2.exe" deleted successfully.
Folder "C:\WINDOWS\adrsb.exe" deleted successfully.
Folder "C:\WINDOWS\wserver.exe" deleted successfully.
Folder "C:\WINDOWS\winlogon.scr" deleted successfully.
Folder "C:\WINDOWS\winlogon.exe" deleted successfully.
Folder "C:\WINDOWS\visualguard.exe" deleted successfully.
Folder "C:\WINDOWS\userconfig9x.dll" deleted successfully.
Folder "C:\WINDOWS\system32\vlcx052.dll" deleted successfully.
Folder "C:\WINDOWS\system32\slpube03.dll" deleted successfully.
Folder "C:\WINDOWS\system32\optserve.exe" deleted successfully.
Folder "C:\WINDOWS\system32\optserve.dll" deleted successfully.
Folder "C:\WINDOWS\system32\mstc.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lp.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lp.dll" deleted successfully.
Folder "C:\WINDOWS\system32\auole4.dll" deleted successfully.
Folder "C:\WINDOWS\sysmonxp.exe" deleted successfully.
Folder "C:\WINDOWS\symav.exe" deleted successfully.
Folder "C:\WINDOWS\switpb.exe" deleted successfully.
Folder "C:\WINDOWS\switpa.exe" deleted successfully.
Folder "C:\WINDOWS\services.exe" deleted successfully.
Folder "C:\WINDOWS\pandaavengine.exe" deleted successfully.
Folder "C:\WINDOWS\msnmsgrs.exe" deleted successfully.
Folder "C:\WINDOWS\maja.exe" deleted successfully.
Folder "C:\WINDOWS\kasperskyaveng.exe" deleted successfully.
Folder "C:\WINDOWS\jammer2nd.exe" deleted successfully.
Folder "C:\WINDOWS\fvprotect.exe" deleted successfully.
Folder "C:\WINDOWS\fooding.exe" deleted successfully.
Folder "C:\WINDOWS\firewallsvr.exe" deleted successfully.
Folder "C:\WINDOWS\easyav.exe" deleted successfully.
Folder "C:\WINDOWS\diskmonitor.exe" deleted successfully.
Folder "C:\WINDOWS\comp.cpl" deleted successfully.
Folder "C:\WINDOWS\avprotect9x.exe" deleted successfully.
Folder "C:\WINDOWS\system32\xpfirewall.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wpwmgrs.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winvnc.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wintasker.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winsyscfg.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winsys32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winsys.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winsvc32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winstart.pif" deleted successfully.
Folder "C:\WINDOWS\system32\winnt.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wininfo.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winhlpapi.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wingmt32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winds.exe" deleted successfully.
Folder "C:\WINDOWS\system32\windowz.exe" deleted successfully.
Folder "C:\WINDOWS\system32\windowsfirewall.exe" deleted successfully.
Folder "C:\WINDOWS\system32\windasz-updote.exe" deleted successfully.
Folder "C:\WINDOWS\system32\win32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\win24.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wid32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wfdmgr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wfdgmr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wdns33.exe" deleted successfully.
Folder "C:\WINDOWS\system32\w32ntupdt.exe" deleted successfully.
Folder "C:\WINDOWS\system32\w1nt5k.exe" deleted successfully.
Folder "C:\WINDOWS\system32\twunk_65.exe" deleted successfully.
Folder "C:\WINDOWS\system32\timemanager.exe" deleted successfully.
Folder "C:\WINDOWS\system32\taskgmr32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\taskgmr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\taskgamr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\tagmr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\sysconf.exe" deleted successfully.
Folder "C:\WINDOWS\system32\sword.exe" deleted successfully.
Folder "C:\WINDOWS\system32\svshost.exe" deleted successfully.
Folder "C:\WINDOWS\system32\stagmr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\sp2winfix.exe" deleted successfully.
Folder "C:\WINDOWS\system32\sp2fx.exe" deleted successfully.
Folder "C:\WINDOWS\system32\skybot.exe" deleted successfully.
Folder "C:\WINDOWS\system32\shell.exe" deleted successfully.
Folder "C:\WINDOWS\system32\service5.exe" deleted successfully.
Folder "C:\WINDOWS\system32\sd.exe" deleted successfully.
Folder "C:\WINDOWS\system32\scvhost32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\scrigz.exe" deleted successfully.
Folder "C:\WINDOWS\system32\scalpe91.exe" deleted successfully.
Folder "C:\WINDOWS\system32\rundll.exe" deleted successfully.
Folder "C:\WINDOWS\system32\remote.exe" deleted successfully.
Folder "C:\WINDOWS\system32\protection.exe" deleted successfully.
Folder "C:\WINDOWS\system32\plugnplay32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\picx.exe" deleted successfully.
Folder "C:\WINDOWS\system32\phantom.exe" deleted successfully.
Folder "C:\WINDOWS\system32\netcog.exe" deleted successfully.
Folder "C:\WINDOWS\rundil32.exe" deleted successfully.
Folder "C:\WINDOWS\rundil.exe" deleted successfully.
Folder "C:\WINDOWS\phantom.exe" deleted successfully.
Folder "C:\WINDOWS\netmedia.exe" deleted successfully.
Folder "C:\WINDOWS\avprotect.exe" deleted successfully.
Folder "C:\WINDOWS\avpguard.exe" deleted successfully.
Folder "C:\WINDOWS\avguard.exe" deleted successfully.
Folder "C:\WINDOWS\avbgle.exe" deleted successfully.
Folder "C:\winssystem.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winnb60.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winnb58.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winnb57.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winnb56.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winnb52.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winnb51.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winnb42.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winnb41.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winnb40.dll" deleted successfully.
Folder "C:\WINDOWS\system32\windmy.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winats.dll" deleted successfully.
Folder "C:\WINDOWS\system32\patch31345.exe" deleted successfully.
Folder "C:\WINDOWS\system32\osalogbe.exe" deleted successfully.
Folder "C:\WINDOWS\system32\nn_bar31.dll" deleted successfully.
Folder "C:\WINDOWS\system32\nn_bar22.dll" deleted successfully.
Folder "C:\WINDOWS\system32\nn_bar21.dll" deleted successfully.
Folder "C:\WINDOWS\system32\mtrnqs.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mswins.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mssck.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msplus32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msnl.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msmgrxp.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msgmr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msdev32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msapasrc.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msa64chk.dll" deleted successfully.
Folder "C:\WINDOWS\system32\mouse.exe" deleted successfully.
Folder "C:\WINDOWS\system32\microupdate.exe" deleted successfully.
Folder "C:\WINDOWS\system32\microsystem.exe" deleted successfully.
Folder "C:\WINDOWS\system32\memloader.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mcscn.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mailinfo.exe" deleted successfully.
Folder "C:\WINDOWS\system32\logitechwls.exe" deleted successfully.
Folder "C:\WINDOWS\system32\logic.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lienvdk.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lienvandekelder.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lientjeuh.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lien vd kelder.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lien vande kelder.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lien Van de kelderrr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lien van de kelder.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lcd32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\jusched32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\itunegui.exe" deleted successfully.
Folder "C:\WINDOWS\system32\internet.exe" deleted successfully.
Folder "C:\WINDOWS\system32\iexplorer.exe" deleted successfully.
Folder "C:\WINDOWS\system32\hostdrvxp.exe" deleted successfully.
Folder "C:\WINDOWS\system32\hbmail.exe" deleted successfully.
Folder "C:\WINDOWS\system32\gothica.exe" deleted successfully.
Folder "C:\WINDOWS\system32\fixupdattr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\evil.exe" deleted successfully.
Folder "C:\WINDOWS\system32\ds.exe" deleted successfully.
Folder "C:\WINDOWS\system32\dcomuser.exe" deleted successfully.
Folder "C:\WINDOWS\system32\coolbot.exe" deleted successfully.
Folder "C:\WINDOWS\system32\ccsrs.exe" deleted successfully.
Folder "C:\WINDOWS\system32\avpr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\abs.exe" deleted successfully.
Folder "C:\WINDOWS\system32\666.exe" deleted successfully.
Folder "C:\WINDOWS\system32\1hellbot.exe" deleted successfully.
Folder "C:\WINDOWS\system32\0.exe" deleted successfully.
Folder "C:\WINDOWS\patch31345.exe" deleted successfully.
Folder "C:\WINDOWS\msnarrator.exe" deleted successfully.
Folder "C:\WINDOWS\mrhop.dll" deleted successfully.
Folder "C:\WINDOWS\mpgcom.dll" deleted successfully.
Folder "C:\WINDOWS\iempg2.dll" deleted successfully.
Folder "C:\WINDOWS\iempg.dll" deleted successfully.
Folder "C:\hellmsn.exe" deleted successfully.
Folder "C:\WINDOWS\xwrm.exe" deleted successfully.

Error: "C:\WINDOWS\wintrim" is not a folder! It may instead be a file.
Deletion of folder "C:\WINDOWS\wintrim" failed!
Status: 0xc0000103 (STATUS_NOT_A_DIRECTORY)
--> use "Files to delete:" instead of "Folders to delete:" to delete an ordinary file


Error: "C:\WINDOWS\winmgts" is not a folder! It may instead be a file.
Deletion of folder "C:\WINDOWS\winmgts" failed!
Status: 0xc0000103 (STATUS_NOT_A_DIRECTORY)
--> use "Files to delete:" instead of "Folders to delete:" to delete an ordinary file


Error: "C:\WINDOWS\wincomp" is not a folder! It may instead be a file.
Deletion of folder "C:\WINDOWS\wincomp" failed!
Status: 0xc0000103 (STATUS_NOT_A_DIRECTORY)
--> use "Files to delete:" instead of "Folders to delete:" to delete an ordinary file

Folder "C:\WINDOWS\unstall.exe" deleted successfully.
Folder "C:\WINDOWS\system32\windowsie.dll" deleted successfully.
Folder "C:\WINDOWS\system32\wgavm.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wgareg.exe" deleted successfully.
Folder "C:\WINDOWS\system32\vtlbar1.dll" deleted successfully.
Folder "C:\WINDOWS\system32\version.exe" deleted successfully.
Folder "C:\WINDOWS\system32\updtscheduler.exe" deleted successfully.
Folder "C:\WINDOWS\system32\tubby.dll" deleted successfully.
Folder "C:\WINDOWS\system32\toolbar.dll" deleted successfully.
Folder "C:\WINDOWS\system32\tbc.dll" deleted successfully.
Folder "C:\WINDOWS\system32\sys.exe" deleted successfully.
Folder "C:\WINDOWS\system32\nn_bar.dll" deleted successfully.
Folder "C:\WINDOWS\system32\nas.dll" deleted successfully.
Folder "C:\WINDOWS\system32\myaccess.dll" deleted successfully.
Folder "C:\WINDOWS\system32\mtc.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msxml4r.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msklive.dll" deleted successfully.
Folder "C:\WINDOWS\system32\mseggrpid.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msegcompid.dll" deleted successfully.
Folder "C:\WINDOWS\system32\mscache.dll" deleted successfully.
Folder "C:\WINDOWS\system32\mapisvc32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\madise.dll" deleted successfully.
Folder "C:\WINDOWS\system32\keyhost.exe" deleted successfully.
Folder "C:\WINDOWS\system32\keyactivex.ocx" deleted successfully.
Folder "C:\WINDOWS\system32\jeired.dll" deleted successfully.
Folder "C:\WINDOWS\system32\iexplorr29.dll" deleted successfully.
Folder "C:\WINDOWS\system32\iexplorr27.dll" deleted successfully.
Folder "C:\WINDOWS\system32\iexplorr26.dll" deleted successfully.
Folder "C:\WINDOWS\system32\iexplore.exe" deleted successfully.
Folder "C:\WINDOWS\system32\ia.dll" deleted successfully.
Folder "C:\WINDOWS\system32\gcasctrl.exe" deleted successfully.
Folder "C:\WINDOWS\system32\egdial.dll" deleted successfully.
Folder "C:\WINDOWS\system32\egdhtml_1027.dll" deleted successfully.
Folder "C:\WINDOWS\system32\egdhtml_1026.dll" deleted successfully.
Folder "C:\WINDOWS\system32\egdhtml_1025.dll" deleted successfully.
Folder "C:\WINDOWS\system32\egdhtml_1024.dll" deleted successfully.
Folder "C:\WINDOWS\system32\egdhtml_1023.dll" deleted successfully.
Folder "C:\WINDOWS\system32\duel.exe" deleted successfully.
Folder "C:\WINDOWS\system32\dll.dll" deleted successfully.
Folder "C:\WINDOWS\system32\aupdate_uninstall.exe" deleted successfully.
Folder "C:\WINDOWS\system32\aupdate.exe" deleted successfully.
Folder "C:\WINDOWS\system32\adv.dll" deleted successfully.

Error: "C:\WINDOWS\navpmc" is not a folder! It may instead be a file.
Deletion of folder "C:\WINDOWS\navpmc" failed!
Status: 0xc0000103 (STATUS_NOT_A_DIRECTORY)
--> use "Files to delete:" instead of "Folders to delete:" to delete an ordinary file

Folder "C:\WINDOWS\mscache.exe" deleted successfully.
Folder "C:\WINDOWS\mscache.dll" deleted successfully.
Folder "C:\WINDOWS\mmups.exe" deleted successfully.
Folder "C:\WINDOWS\mm63.ocx" deleted successfully.
Folder "C:\WINDOWS\mm21.ocx" deleted successfully.
Folder "C:\WINDOWS\mm20.ocx" deleted successfully.

Error: "C:\WINDOWS\mc" is not a folder! It may instead be a file.
Deletion of folder "C:\WINDOWS\mc" failed!
Status: 0xc0000103 (STATUS_NOT_A_DIRECTORY)
--> use "Files to delete:" instead of "Folders to delete:" to delete an ordinary file

Folder "C:\WINDOWS\istsvc.exe" deleted successfully.
Folder "C:\WINDOWS\imgurla.exe" deleted successfully.
Folder "C:\WINDOWS\exedialer.exe" deleted successfully.
Folder "C:\WINDOWS\a64sddd.exe" deleted successfully.
Folder "C:\WINDOWS\winserv.exe" deleted successfully.
Folder "C:\WINDOWS\winobject.dll" deleted successfully.
Folder "C:\WINDOWS\wdskctl.exe" deleted successfully.
Folder "C:\WINDOWS\ts.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winstart001.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winstart.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winsrm32.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winenc32.dll" deleted successfully.
Folder "C:\WINDOWS\system32\windec32.dll" deleted successfully.
Folder "C:\WINDOWS\system32\waeb.dll" deleted successfully.
Folder "C:\WINDOWS\system32\update_rsp.DLL" deleted successfully.
Folder "C:\WINDOWS\system32\update_removeold.dll" deleted successfully.
Folder "C:\WINDOWS\system32\update_hosts.dll" deleted successfully.
Folder "C:\WINDOWS\system32\update_com.dll" deleted successfully.
Folder "C:\WINDOWS\system32\update_bho.dll" deleted successfully.
Folder "C:\WINDOWS\system32\sbus.dll" deleted successfully.
Folder "C:\WINDOWS\system32\rsp001.dll" deleted successfully.
Folder "C:\WINDOWS\system32\rsp.dll" deleted successfully.
Folder "C:\WINDOWS\system32\install_all.dll" deleted successfully.
Folder "C:\WINDOWS\system32\ineb.dll" deleted successfully.
Folder "C:\WINDOWS\system32\iexplorr25.dll" deleted successfully.
Folder "C:\WINDOWS\system32\iexplorr24.dll" deleted successfully.
Folder "C:\WINDOWS\system32\iexplorr23.dll" deleted successfully.
Folder "C:\WINDOWS\system32\iexplorr22.dll" deleted successfully.
Folder "C:\WINDOWS\system32\iexplorr11.dll" deleted successfully.
Folder "C:\WINDOWS\system32\iemsg.dll" deleted successfully.

Error: "C:\WINDOWS\system32\iedriver" is not a folder! It may instead be a file.
Deletion of folder "C:\WINDOWS\system32\iedriver" failed!
Status: 0xc0000103 (STATUS_NOT_A_DIRECTORY)
--> use "Files to delete:" instead of "Folders to delete:" to delete an ordinary file

Folder "C:\WINDOWS\system32\gws.dll" deleted successfully.
Folder "C:\WINDOWS\system32\drbr.dll" deleted successfully.
Folder "C:\WINDOWS\system32\chgrgs.dll" deleted successfully.
Folder "C:\WINDOWS\system32\bundler_mpb_sb.exe" deleted successfully.
Folder "C:\WINDOWS\system32\bmeb.dll" deleted successfully.
Folder "C:\WINDOWS\system32\bho001.dll" deleted successfully.
Folder "C:\WINDOWS\system32\bho.dll" deleted successfully.
Folder "C:\WINDOWS\system32\belop.dll" deleted successfully.
Folder "C:\WINDOWS\system32\absnro.dll" deleted successfully.
Folder "C:\WINDOWS\system32\abeb.dll" deleted successfully.
Folder "C:\WINDOWS\systb.exe" deleted successfully.
Folder "C:\WINDOWS\systb.dll" deleted successfully.
Folder "C:\WINDOWS\ssk.exe" deleted successfully.
Folder "C:\WINDOWS\snbho.exe" deleted successfully.
Folder "C:\WINDOWS\rgrt.exe" deleted successfully.
Folder "C:\WINDOWS\pxckdlauninstall.exe" deleted successfully.
Folder "C:\WINDOWS\pxckdla.exe" deleted successfully.
File "C:\Program Files\zsearch" deleted successfully.
File "C:\Program Files\zeropopupbar" deleted successfully.
File "C:\Program Files\zangoclient" deleted successfully.
File "C:\Program Files\zango games" deleted successfully.
File "C:\Program Files\xsoftware" deleted successfully.
File "C:\Program Files\xpcspy" deleted successfully.
File "C:\Program Files\winfixer 2005" deleted successfully.
File "C:\Program Files\winfavorites" deleted successfully.
File "C:\Program Files\windows adtools" deleted successfully.
File "C:\Program Files\windows adcontrol" deleted successfully.
File "C:\Program Files\win comm" deleted successfully.
File "C:\Program Files\whenu" deleted successfully.
File "C:\Program Files\web_rebates" deleted successfully.
File "C:\Program Files\web_cpr" deleted successfully.
File "C:\Program Files\vvsdl" deleted successfully.
File "C:\Program Files\Common Files\winsoftware" deleted successfully.
File "C:\Program Files\Common Files\ucontrol" deleted successfully.
File "C:\Program Files\vvsn" deleted successfully.
File "C:\Program Files\vomba" deleted successfully.
File "C:\Program Files\vmntoolbar" deleted successfully.
File "C:\Program Files\ts trial" deleted successfully.
File "C:\Program Files\topmoxie" deleted successfully.
File "C:\Program Files\hpdll" deleted successfully.
File "C:\Program Files\autoupdate" deleted successfully.
File "C:\temp_kl" deleted successfully.
File "C:\Program Files\sys detective+" deleted successfully.
File "C:\Program Files\surfsidekick" deleted successfully.
File "C:\Program Files\surfsidekick 2" deleted successfully.
File "C:\Program Files\superbar" deleted successfully.
File "C:\Program Files\netmeting" deleted successfully.
File "C:\archivos de programa" deleted successfully.
File "C:\WINDOWS\winsecurity" deleted successfully.
File "C:\WINDOWS\connectionstatus" deleted successfully.
File "C:\spedia" deleted successfully.
File "C:\Program Files\swagent" deleted successfully.
File "C:\Program Files\stealthwatcher200" deleted successfully.
File "C:\Program Files\spytech software" deleted successfully.
File "C:\Program Files\spyonthis" deleted successfully.
File "C:\Program Files\spyblast" deleted successfully.
File "C:\Program Files\softomate" deleted successfully.
File "C:\Program Files\selectrebates" deleted successfully.
File "C:\Program Files\searchnet" deleted successfully.
File "C:\Program Files\p4p" deleted successfully.
File "C:\Program Files\ietoolbar" deleted successfully.
File "C:\Program Files\Common Files\sogou pxp" deleted successfully.
File "C:\Program Files\valintines day card" deleted successfully.
File "C:\Program Files\searchlocate" deleted successfully.
File "C:\Program Files\screenview" deleted successfully.
File "C:\Program Files\savenow" deleted successfully.
File "C:\Program Files\rxtoolbar" deleted successfully.
File "C:\Program Files\relevantknowledge" deleted successfully.
File "C:\Program Files\ezthemes_whenusavenow_installer" deleted successfully.
File "C:\Program Files\dynamic toolbar" deleted successfully.
File "C:\Program Files\startup mechanic" deleted successfully.
File "C:\Program Files\rax search helper" deleted successfully.
File "C:\Program Files\psupport" deleted successfully.
File "C:\Program Files\exolon" deleted successfully.
File "C:\Program Files\ddr" deleted successfully.
File "C:\Program Files\Common Files\nsis" deleted successfully.
File "C:\Program Files\arcade!" deleted successfully.
File "C:\Program Files\need2find" deleted successfully.
File "C:\Program Files\ncase" deleted successfully.
File "C:\Program Files\navexcel" deleted successfully.
File "C:\Program Files\navexcel search toolbar" deleted successfully.
File "C:\Program Files\mywebsearch" deleted successfully.
File "C:\Program Files\support software" deleted successfully.
File "C:\Program Files\powersearch" deleted successfully.
File "C:\Program Files\perfectnav" deleted successfully.
File "C:\Program Files\network essentials" deleted successfully.
File "C:\Program Files\medialoads" deleted successfully.
File "C:\Program Files\medialoads enhanced" deleted successfully.
File "C:\Program Files\media gateway" deleted successfully.
File "C:\Program Files\md" deleted successfully.
File "C:\Program Files\lstsvc" deleted successfully.
File "C:\Program Files\kuaiso toolsbar" deleted successfully.
File "C:\Program Files\kgb keylogger" deleted successfully.
File "C:\Program Files\invisible secrets toolbar" deleted successfully.
File "C:\Program Files\instant buzz" deleted successfully.
File "C:\Program Files\instant access" deleted successfully.
File "C:\Program Files\install provider" deleted successfully.
File "C:\Program Files\instafink" deleted successfully.
File "C:\Program Files\incredifind" deleted successfully.
File "C:\Program Files\ebayshop" deleted successfully.
File "C:\Program Files\Common Files\updmgr" deleted successfully.
File "C:\Program Files\Common Files\updater" deleted successfully.
File "C:\Program Files\Common Files\keenvalue" deleted successfully.
File "C:\WINDOWS\wqzq" deleted successfully.
File "C:\WINDOWS\wcby" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.
  • 0

#292
kelkay
Posted 23 July 2008 - 08:36 PM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
Deckard's System Scanner v20071014.68
Run by Kelly on 2008-07-23 21:30:24
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Kelly.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:31:04, on 7/23/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Kelly\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Kelly.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O3 - Toolbar: WebFerret - {A58686ED-FC46-44C3-95C6-4A812AB776F1} - C:\Program Files\FerretSoft\WebFerret\FerretBand.dll
O4 - HKLM\..\Run: [SmartDefrag] "C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [HostsMan] "C:\Program Files\HostsMan\hm.exe" -s
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\system32\wweb32.dll/lookup.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (file missing)
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative....030/CTSUEng.cab
O16 - DPF: {127CE7BA-AD89-4108-A913-C52EFC037C36} (OMN Player Support) - http://kdx.omn.org/s...ayerSupport.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewid...oOnlineScan.cab
O16 - DPF: {2776DDE9-D4B2-4BF7-9F98-ADC1A1B80AF5} (OMN Media Publisher) - http://kdx.omn.org/s...iaPublisher.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://www.shockwave...h2.1.0.0.67.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1165348971449
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-sec...m/ols/fscax.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative....15030/CTPID.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sansa Updater Service (SansaService) - Unknown owner - C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe

--
End of file - 8856 bytes

-- Files created between 2008-06-23 and 2008-07-23 -----------------------------

2008-07-23 21:23:42 135168 --a------ C:\zip.exe
2008-07-22 20:51:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-07-19 14:40:14 222 -r-h----- C:\WINDOWS\isrvs
2008-07-19 14:40:07 240 -r-h----- C:\WINDOWS\wintrim
2008-07-19 14:40:07 240 -r-h----- C:\WINDOWS\winmgts
2008-07-19 14:40:07 240 -r-h----- C:\WINDOWS\wincomp
2008-07-19 14:40:07 240 -r-h----- C:\WINDOWS\navpmc
2008-07-19 14:40:07 240 -r-h----- C:\WINDOWS\mc
2008-07-19 14:40:06 232 -r-h----- C:\WINDOWS\system32\iedriver
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\offerssk.exe
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\invitessk.exe
2008-07-19 14:40:06 230 -r-h----- C:\WINDOWS\ilookup
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\id.exe
2008-07-19 14:40:06 228 -r-h----- C:\Program Files\system soap pro
2008-07-19 14:40:06 230 -r-h----- C:\Program Files\search toolbar
2008-07-19 14:40:06 228 -r-h----- C:\Program Files\httper
2008-07-19 14:40:06 228 -r-h----- C:\Program Files\hotbar
2008-07-19 14:40:06 244 -r-h----- C:\Program Files\homekeylogger
2008-07-19 14:40:06 228 -r-h----- C:\Program Files\hbtools
2008-07-19 14:40:06 228 -r-h----- C:\Program Files\hbinst
2008-07-19 14:40:06 232 -r-h----- C:\Program Files\Common Files\wqzq
2008-07-19 14:40:06 230 -r-h----- C:\Program Files\Common Files\msiets
2008-07-19 14:40:06 230 -r-h----- C:\Program Files\Common Files\btlink
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\zopenssl.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\yvsvga.sys
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\yvsvga.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\yvprgb.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\yvpp02.sys
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\xcdmfree.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\wndtx1.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\tcpwrk.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\tcpgdc.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\tcpg4t.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\sksdll.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\sks2drvr.sys
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\se633mxx.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\se500mdm.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\sdcard98.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\satmmc.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\satdll.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\satau320.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\rsdapi.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\rdrvr2.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\psksds.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\prwsks.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\prw76sks.sys
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\printpnp.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\openglss.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\obbn13t.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\nuclabdll.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\nkunpack.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\nclabydll.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\msplg7.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\mmxeroxk.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\mdfpro.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\mcfg7a.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\mcfcc4.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\lsd_f3.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\logon16x.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\iesdl4l.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\ies4dll.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\ideusr50.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\hpprintx.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\gdwxp3.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\gdiwxp.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\gatexkey.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\flashdrvr.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\extxerox.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\extfpu.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\emldvc.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\dvd4free.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\docent2.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\docent0.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\directut.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\directpt.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\ddirectz.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\bt848rom.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\axdebugl.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\avload32.dll
2008-07-19 14:40:04 236 -r-h----- C:\Program Files\xmod
2008-07-19 14:40:04 236 -r-h----- C:\Program Files\xml
2008-07-19 14:40:04 242 -r-h----- C:\Program Files\vcom
2008-07-19 14:40:04 246 -r-h----- C:\Program Files\sync manager demo
2008-07-19 14:40:04 242 -r-h----- C:\Program Files\scom
2008-07-19 14:40:04 236 -r-h----- C:\Program Files\reg2
2008-07-19 14:40:04 242 -r-h----- C:\Program Files\pvm
2008-07-19 14:40:04 242 -r-h----- C:\Program Files\primesoft
2008-07-19 14:40:04 242 -r-h----- C:\Program Files\paymentone
2008-07-19 14:40:04 252 -r-h----- C:\Program Files\gsr
2008-07-19 14:40:04 242 -r-h----- C:\Program Files\gsoft
2008-07-19 14:40:04 242 -r-h----- C:\Program Files\gmsoft
2008-07-19 14:40:04 228 -r-h----- C:\Program Files\globe7
2008-07-19 14:40:04 240 -r-h----- C:\Program Files\globaldialer
2008-07-19 14:40:04 236 -r-h----- C:\Program Files\ftk
2008-07-19 14:40:04 236 -r-h----- C:\Program Files\ftapp
2008-07-19 14:40:04 250 -r-h----- C:\Program Files\fsw
2008-07-19 14:40:04 236 -r-h----- C:\Program Files\flt
2008-07-19 14:40:04 236 -r-h----- C:\Program Files\fln
2008-07-19 14:40:04 236 -r-h----- C:\Program Files\flcp
2008-07-19 14:40:04 236 -r-h----- C:\Program Files\fla
2008-07-19 14:40:04 236 -r-h----- C:\Program Files\filesubmit
2008-07-19 14:40:04 236 -r-h----- C:\Program Files\fen
2008-07-19 14:40:04 242 -r-h----- C:\Program Files\dialers
2008-07-19 14:40:04 226 -r-h----- C:\Program Files\browserenh
2008-07-19 14:40:03 248 -r-h----- C:\windowsupdate
2008-07-19 14:40:03 242 -r-h----- C:\WINDOWS\winfj
2008-07-19 14:40:03 242 -r-h----- C:\WINDOWS\system32\services
2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\system32\msupdate.exe
2008-07-19 14:40:03 252 -r-h----- C:\WINDOWS\system32\fcyberalert
2008-07-19 14:40:03 226 -r-h----- C:\WINDOWS\system32\f0r0r
2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\system32\emesx.dll
2008-07-19 14:40:03 248 -r-h----- C:\WINDOWS\system32\ctf
2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\system32\bootconf.exe
2008-07-19 14:40:03 228 -r-h----- C:\WINDOWS\system32\adcache
2008-07-19 14:40:03 242 -r-h----- C:\WINDOWS\syspi
2008-07-19 14:40:03 242 -r-h----- C:\WINDOWS\sysbj
2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\sistem.exe
2008-07-19 14:40:03 228 -r-h----- C:\WINDOWS\roodyc
2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\qttasks.exe
2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\olehelp.exe
2008-07-19 14:40:03 242 -r-h----- C:\WINDOWS\msew
2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\msconfd.dll
2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\iexplorer.exe
2008-07-19 14:40:03 242 -r-h----- C:\WINDOWS\ieoo
2008-07-19 14:40:03 226 -r-h----- C:\WINDOWS\explorer
2008-07-19 14:40:03 232 -r-h----- C:\WINDOWS\elitetoolbar
2008-07-19 14:40:03 232 -r-h----- C:\WINDOWS\elitesidebar
2008-07-19 14:40:03 232 -r-h----- C:\WINDOWS\elitebar
2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\ctrlpan.dll
2008-07-19 14:40:03 244 -r-h----- C:\WINDOWS\ctb3_shared
2008-07-19 14:40:03 234 -r-h----- C:\WINDOWS\configsys
2008-07-19 14:40:03 240 -r-h----- C:\WINDOWS\coder
2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\avpcc.dll
2008-07-19 14:40:03 260 -r-h----- C:\Program Files\websearch
2008-07-19 14:40:03 260 -r-h----- C:\Program Files\webrebates
2008-07-19 14:40:03 240 -r-h----- C:\Program Files\real-tens
2008-07-19 14:40:03 240 -r-h----- C:\Program Files\movienetworks
2008-07-19 14:40:03 240 -r-h----- C:\Program Files\mlh
2008-07-19 14:40:03 240 -r-h----- C:\Program Files\medch
2008-07-19 14:40:03 238 -r-h----- C:\Program Files\lycos
2008-07-19 14:40:03 240 -r-h----- C:\Program Files\kfh
2008-07-19 14:40:03 258 -r-h----- C:\Program Files\keylog
2008-07-19 14:40:03 228 -r-h----- C:\Program Files\gator.com
2008-07-19 14:40:03 246 -r-h----- C:\Program Files\fwn toolbar
2008-07-19 14:40:03 236 -r-h----- C:\Program Files\fastseeker
2008-07-19 14:40:03 226 -r-h----- C:\Program Files\ezurl
2008-07-19 14:40:03 246 -r-h----- C:\Program Files\exploreanywhere
2008-07-19 14:40:03 248 -r-h----- C:\Program Files\exact
2008-07-19 14:40:03 230 -r-h----- C:\Program Files\emedia codec
2008-07-19 14:40:03 260 -r-h----- C:\Program Files\ebatesmoemoneymaker
2008-07-19 14:40:03 260 -r-h----- C:\Program Files\ebates_moemoneymaker
2008-07-19 14:40:03 228 -r-h----- C:\Program Files\e2give
2008-07-19 14:40:03 240 -r-h----- C:\Program Files\drivecleaner free
2008-07-19 14:40:03 240 -r-h----- C:\Program Files\downloadware
2008-07-19 14:40:03 240 -r-h----- C:\Program Files\downloadware engine
2008-07-19 14:40:03 244 -r-h----- C:\Program Files\dealio
2008-07-19 14:40:03 236 -r-h----- C:\Program Files\dealhelper
2008-07-19 14:40:03 234 -r-h----- C:\Program Files\dateregon
2008-07-19 14:40:03 238 -r-h----- C:\Program Files\date manager
2008-07-19 14:40:03 228 -r-h----- C:\Program Files\data19
2008-07-19 14:40:03 238 -r-h----- C:\Program Files\csbb
2008-07-19 14:40:03 234 -r-h----- C:\Program Files\comsoft
2008-07-19 14:40:03 236 -r-h----- C:\Program Files\commonname
2008-07-19 14:40:03 248 -r-h----- C:\Program Files\Common Files\eacceleration
2008-07-19 14:40:03 240 -r-h----- C:\Program Files\Common Files\drivecleaner free
2008-07-19 14:40:03 226 -r-h----- C:\Program Files\Common Files\cpush
2008-07-19 14:40:03 262 -r-h----- C:\Program Files\colej_uk design toolbar
2008-07-19 14:40:03 238 -r-h----- C:\Program Files\cntrc
2008-07-19 14:40:03 234 -r-h----- C:\Program Files\clocksync
2008-07-19 14:40:03 234 -r-h----- C:\Program Files\clipgenie
2008-07-19 14:40:03 234 -r-h----- C:\Program Files\clientman
2008-07-19 14:40:03 228 -r-h----- C:\e2g
2008-07-19 14:40:00 0 dr-hs---- C:\WINDOWS\system32\ipv6mons.dll
2008-07-19 14:40:00 238 -r-h----- C:\Program Files\tvs
2008-07-19 14:40:00 238 -r-h----- C:\Program Files\rvp
2008-07-19 14:40:00 236 -r-h----- C:\Program Files\letssearch
2008-07-19 14:40:00 236 -r-h----- C:\Program Files\Common Files\psd tools
2008-07-19 14:40:00 228 -r-h----- C:\Program Files\Common Files\gmt
2008-07-19 14:40:00 228 -r-h----- C:\Program Files\Common Files\cmeii
2008-07-19 14:40:00 238 -r-h----- C:\Program Files\btv
2008-07-19 14:40:00 238 -r-h----- C:\Program Files\brp
2008-07-19 14:40:00 236 -r-h----- C:\Program Files\browser pal
2008-07-19 14:40:00 238 -r-h----- C:\Program Files\bpt
2008-07-19 14:40:00 238 -r-h----- C:\Program Files\bpc_search
2008-07-19 14:40:00 238 -r-h----- C:\Program Files\bcpc
2008-07-19 14:40:00 0 dr-hs---- C:\csrss.exe
2008-07-19 14:39:59 0 dr-hs---- C:\winstall.exe
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\zserv.dll
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\voiceip.dll
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\winxp.exe
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\winhost.exe
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\windll.exe
2008-07-19 14:39:59 248 -r-h----- C:\WINDOWS\system32\win type
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\twain32.dll
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\nvms.dll
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\msbe.dll
2008-07-19 14:39:59 248 -r-h----- C:\WINDOWS\system32\ide
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\ginuerep.dll
2008-07-19 14:39:59 230 -r-h----- C:\WINDOWS\system32\feeds
2008-07-19 14:39:59 236 -r-h----- C:\WINDOWS\system32\exefld
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\dxmpp.dll
2008-07-19 14:39:59 248 -r-h----- C:\WINDOWS\system32\dhcp32
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\anti_troj.exe
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\pynix.dll
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\mssvr.exe
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\dlmax.dll
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\btgrab.dll
2008-07-19 14:39:59 222 -r-h----- C:\WINDOWS\bde
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\2020search2.dll
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\2020search.dll
2008-07-19 14:39:59 234 -r-h----- C:\Program Files\windowssa
2008-07-19 14:39:59 230 -r-h----- C:\Program Files\the guard
2008-07-19 14:39:59 230 -r-h----- C:\Program Files\sysal
2008-07-19 14:39:59 274 -r-h----- C:\Program Files\security iguard
2008-07-19 14:39:59 274 -r-h----- C:\Program Files\securemypc
2008-07-19 14:39:59 274 -r-h----- C:\Program Files\scan & repair utilities 2007
2008-07-19 14:39:59 274 -r-h----- C:\Program Files\psguard
2008-07-19 14:39:59 274 -r-h----- C:\Program Files\pcsecurityshield
2008-07-19 14:39:59 246 -r-h----- C:\Program Files\netturbotrial
2008-07-19 14:39:59 246 -r-h----- C:\Program Files\mediaring talk
2008-07-19 14:39:59 240 -r-h----- C:\Program Files\funcade
2008-07-19 14:39:59 228 -r-h----- C:\Program Files\fs
2008-07-19 14:39:59 230 -r-h----- C:\Program Files\cxtpls
2008-07-19 14:39:59 246 -r-h----- C:\Program Files\Common Files\betterinternet
2008-07-19 14:39:59 240 -r-h----- C:\Program Files\cashback
2008-07-19 14:39:59 240 -r-h----- C:\Program Files\cardcrazy
2008-07-19 14:39:59 236 -r-h----- C:\Program Files\bonzibuddy
2008-07-19 14:39:59 222 -r-h----- C:\Program Files\bde
2008-07-19 14:39:59 240 -r-h----- C:\Program Files\bargain buddy
2008-07-19 14:39:59 230 -r-h----- C:\Program Files\backweb
2008-07-19 14:39:59 244 -r-h----- C:\Program Files\arcaderockstar
2008-07-19 14:39:59 230 -r-h----- C:\Program Files\aproposclient
2008-07-19 14:39:59 228 -r-h----- C:\Program Files\altnet
2008-07-19 14:39:59 232 -r-h----- C:\Program Files\adstatus service
2008-07-19 14:39:59 228 -r-h----- C:\Program Files\acetoolbar
2008-07-19 14:39:59 246 -r-h----- C:\Program Files\accoona
2008-07-19 14:39:59 246 -r-h----- C:\Program Files\abetterinternet
2008-07-19 14:39:59 230 -r-h----- C:\Program Files\2search
2008-07-19 14:39:59 222 -r-h----- C:\bde
2008-07-19 14:39:58 274 -r-h----- C:\Program Files\privacy crusader demo
2008-07-19 14:39:58 274 -r-h----- C:\Program Files\privacy champion
2008-07-19 14:39:58 274 -r-h----- C:\Program Files\pestbot
2008-07-19 14:39:58 274 -r-h----- C:\Program Files\perfectcleaner
2008-07-19 14:39:58 274 -r-h----- C:\Program Files\pal spyrem
2008-07-19 14:39:58 274 -r-h----- C:\Program Files\neospace
2008-07-19 14:39:58 274 -r-h----- C:\Program Files\malwarewipers
2008-07-19 14:39:57 274 -r-h----- C:\Program Files\malwaresweeper.com
2008-07-19 14:39:55 0 dr-hs---- C:\WINDOWS\xpupdate.exe
2008-07-19 14:39:55 274 -r-h----- C:\Program Files\kazaap
2008-07-19 14:39:55 274 -r-h----- C:\Program Files\guardbar
2008-07-19 14:39:55 274 -r-h----- C:\Program Files\goodbye spy
2008-07-19 14:39:55 274 -r-h----- C:\Program Files\froggie scan demo
2008-07-19 14:39:55 274 -r-h----- C:\Program Files\flobo spyware clean
2008-07-19 14:39:55 274 -r-h----- C:\Program Files\expertantivirus
2008-07-19 14:39:55 274 -r-h----- C:\Program Files\easy erase spyware remover
2008-07-19 14:39:55 274 -r-h----- C:\Program Files\curepcsolution
2008-07-19 14:39:55 274 -r-h----- C:\Program Files\codeclean2007
2008-07-19 14:39:55 274 -r-h----- C:\Program Files\allume systems
2008-07-19 14:39:54 274 -r-h----- C:\Program Files\cleanx2007
2008-07-19 14:39:54 274 -r-h----- C:\Program Files\bulletproofsoft.com
2008-07-19 14:39:53 274 -r-h----- C:\Program Files\softwaredoctor
2008-07-19 14:39:53 274 -r-h----- C:\Program Files\bps remover
2008-07-19 14:39:53 274 -r-h----- C:\Program Files\antivirusgoldenpro
2008-07-19 14:39:53 274 -r-h----- C:\Program Files\antivirus solution
2008-07-19 14:39:53 274 -r-h----- C:\Program Files\adwareX eliminator
2008-07-19 14:39:53 274 -r-h----- C:\Program Files\adware spyWare removal
2008-07-19 14:39:52 274 -r-h----- C:\Program Files\adwareremovergold.com
2008-07-19 14:39:51 274 -r-h----- C:\Program Files\adware remover
2008-07-19 14:39:50 274 -r-h----- C:\Program Files\pcprivacysoftware.com
2008-07-19 14:39:50 274 -r-h----- C:\Program Files\adware agent
2008-07-19 14:39:50 274 -r-h----- C:\Program Files\ads adware remover
2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\system32\winupd.exe
2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\system32\winsvc.exe
2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\system32\svhost.exe
2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\system32\svchost32.exe
2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\system32\server.exe
2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\svchost.exe
2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\rundll16.exe
2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\explore.exe
2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\csrss.exe
2008-07-19 14:39:44 277 -r-h----- C:\Program Files\winferno
2008-07-19 14:39:44 274 -r-h----- C:\Program Files\secure pc solutions
2008-07-19 14:39:44 274 -r-h----- C:\Program Files\scorpio software
2008-07-19 14:39:44 284 -r-h----- C:\Program Files\fix my registry
2008-07-19 14:39:44 276 -r-h----- C:\Program Files\beclean
2008-07-19 14:39:44 274 -r-h----- C:\Program Files\ad armor
2008-07-19 14:39:44 274 -r-h----- C:\Program Files\1stantivirus
2008-07-17 21:50:47 0 d-------- C:\Program Files\FlySim
2008-07-15 09:08:46 96966 --a------ C:\WINDOWS\system32\drivers\klin.dat
2008-07-15 09:08:46 88774 --a------ C:\WINDOWS\system32\drivers\klick.dat
2008-07-15 09:08:03 88352 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-07-15 09:08:03 8578336 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-07-15 09:08:03 0 d-------- C:\Program Files\Kaspersky Lab
2008-07-15 09:08:03 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-07-15 09:06:33 0 d-------- C:\kav
2008-07-13 15:00:54 313 --a------ C:\avexport.bat
2008-07-11 10:24:46 0 d-------- C:\Documents and Settings\Kelly\Application Data\abelhadigital.com
2008-07-11 10:24:46 0 d-------- C:\Documents and Settings\All Users\Application Data\abelhadigital.com
2008-07-11 10:21:50 6735942 --a------ C:\backup.reg
2008-07-09 19:58:38 19286 --a------ C:\cleanup.exe
2008-07-09 19:58:38 574 --a------ C:\cleanup.bat
2008-07-09 18:45:48 0 d-------- C:\Documents and Settings\Kelly\Application Data\OnlineArmor
2008-07-09 18:45:48 0 d-------- C:\Documents and Settings\All Users\Application Data\OnlineArmor
2008-07-09 18:45:34 28872 --a------ C:\WINDOWS\system32\drivers\oanet.sys
2008-07-09 18:45:34 25600 --a------ C:\WINDOWS\system32\drivers\OAmon.sys
2008-07-09 18:45:34 75776 --a------ C:\WINDOWS\system32\drivers\OADriver.sys
2008-07-09 18:45:34 0 d-------- C:\Program Files\Tall Emu
2008-07-04 14:02:01 0 d-------- C:\Program Files\HostsMan
2008-07-03 22:34:18 0 d-------- C:\Program Files\HD Tune
2008-07-01 01:15:01 0 d-------- C:\WINDOWS\Prefetch
2008-07-01 01:04:25 0 d-------- C:\WINDOWS\system32\scripting
2008-07-01 01:04:24 0 d-------- C:\WINDOWS\system32\en
2008-07-01 01:04:24 0 d-------- C:\WINDOWS\l2schemas
2008-07-01 01:04:23 0 d-------- C:\WINDOWS\system32\bits
2008-07-01 01:02:31 0 d-------- C:\WINDOWS\ServicePackFiles
2008-06-28 14:40:13 0 d-------- C:\Documents and Settings\All Users\Application Data\ESET
2008-06-28 11:59:58 39424 --a------ C:\WINDOWS\zipinst.exe <Not Verified; NirSoft; ZipInstaller>
2008-06-27 23:32:13 0 d-------- C:\Program Files\Common Files\Java
2008-06-23 17:06:15 0 d-------- C:\WINDOWS\ERUNT


-- Find3M Report ---------------------------------------------------------------

2008-07-23 21:25:04 0 d-------- C:\Program Files\Common Files
2008-07-22 20:57:22 0 d-------- C:\Program Files\SpywareBlaster
2008-07-21 10:14:15 0 d-------- C:\Program Files\Lavasoft
2008-07-19 22:45:20 0 d-------- C:\Documents and Settings\Kelly\Application Data\OpenOffice.org2
2008-07-19 14:41:02 0 d-------- C:\Program Files\Malware Immunizer
2008-07-19 14:40:15 234 -r-h----- C:\Program Files\websnitch v3.0
2008-07-19 14:40:03 240 -r-h----- C:\Program Files\popcorn.net
2008-07-19 14:40:03 236 -r-h----- C:\Program Files\dealhelper.com inc
2008-07-19 14:40:00 236 -r-h----- C:\Program Files\buddylinks.net
2008-07-19 14:39:59 274 -r-h----- C:\Program Files\scanspyware v3.8.0.4
2008-07-19 14:39:59 274 -r-h----- C:\Program Files\prvdef4.0
2008-07-19 14:39:59 274 -r-h----- C:\Program Files\btppdv2.2
2008-07-19 14:39:55 274 -r-h----- C:\Program Files\killspy.net
2008-07-19 14:39:53 274 -r-h----- C:\Program Files\antispyzone 5.0
2008-07-19 14:39:44 274 -r-h----- C:\Program Files\#1spywarekillerv2.1
2008-07-19 14:38:09 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-18 09:03:11 0 d-------- C:\Program Files\SpywareGuard
2008-07-16 05:29:52 118784 --a------ C:\WINDOWS\SeaMonkeyUninstall.exe
2008-07-16 05:29:50 16267 --a------ C:\WINDOWS\mozver.dat
2008-07-16 05:29:21 118784 --a------ C:\WINDOWS\GREUninstall.exe
2008-07-14 11:08:44 0 d-------- C:\Program Files\Java
2008-07-09 21:00:44 0 d-------- C:\Program Files\HP
2008-07-09 20:52:11 0 d-------- C:\Program Files\kontiki
2008-07-09 14:19:25 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-07-04 10:59:44 0 d-------- C:\Program Files\SpeedFan
2008-07-01 01:04:47 0 d-------- C:\Program Files\Messenger
2008-07-01 01:04:23 0 d-------- C:\Program Files\Movie Maker
2008-07-01 01:02:15 0 d-------- C:\Program Files\Windows NT
2008-06-29 18:15:35 0 d-------- C:\Program Files\Napster
2008-06-29 10:55:37 0 d-------- C:\Program Files\MSECache
2008-06-28 17:03:27 0 d-------- C:\Program Files\Yahoo!
2008-06-28 17:03:24 0 d-------- C:\Program Files\SureThing
2008-06-28 17:03:01 0 d-------- C:\Program Files\QuickTime
2008-06-28 17:03:01 0 d-------- C:\Program Files\OpenTalk
2008-06-28 17:02:26 0 d-------- C:\Program Files\Logitech
2008-06-28 17:02:24 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-28 17:02:22 0 d-------- C:\Program Files\Hewlett-Packard
2008-06-28 17:02:17 0 d-------- C:\Program Files\GemMaster
2008-06-28 17:02:12 0 d-------- C:\Program Files\Common Files\aolshare
2008-06-28 17:02:11 0 d-------- C:\Program Files\Common Files\AOL
2008-06-28 17:02:04 0 d-------- C:\Program Files\CD to MP3 Freeware
2008-06-28 17:02:04 0 d-------- C:\Program Files\BitComet
2008-06-28 17:02:04 0 d-------- C:\Program Files\Audible
2008-06-28 14:34:28 0 d-------- C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com
2008-06-28 14:24:33 0 d-------- C:\Program Files\DrWeb
2008-06-28 12:09:39 0 d-------- C:\Program Files\WinUpdatesList
2008-06-28 00:19:13 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-06-24 18:57:59 0 d-------- C:\Program Files\Shockwave.com
2008-06-15 21:31:43 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-06-12 15:36:36 0 d-------- C:\Documents and Settings\Kelly\Application Data\Apple Computer
2008-06-12 15:36:26 0 d-------- C:\Program Files\iTunes
2008-06-12 15:35:16 0 d-------- C:\Program Files\iPod
2008-06-12 15:29:35 0 d-------- C:\Program Files\Apple Software Update
2008-06-08 16:20:06 0 d-------- C:\Documents and Settings\Kelly\Application Data\Adobe
2008-06-06 08:57:39 0 d-------- C:\Program Files\Common Files\Adobe
2008-06-05 23:32:44 0 d-------- C:\Documents and Settings\Kelly\Application Data\Malwarebytes
2008-06-04 19:37:15 0 d-------- C:\Program Files\Trend Micro
2008-06-04 19:25:50 0 d-------- C:\Program Files\7-Zip
2008-05-28 23:22:30 0 d-------- C:\Documents and Settings\Kelly\Application Data\AdobeUM
2008-05-28 14:39:11 0 d-------- C:\Program Files\MTV Virtual World
2008-05-23 00:43:40 0 d-------- C:\Documents and Settings\Kelly\Application Data\PlayFirst


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartDefrag"="C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" [11/20/2006 23:59]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [05/09/2006 17:50]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [05/08/2007 16:24]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [06/10/2008 04:27]
"OnlineArmor GUI"="C:\Program Files\Tall Emu\Online Armor\oaui.exe" [04/17/2008 05:22]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [02/08/2008 18:36]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" []
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [04/13/2008 19:12]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [01/28/2008 11:43]
"HostsMan"="C:\Program Files\HostsMan\hm.exe" [06/16/2008 04:19]

C:\Documents and Settings\Kelly\Start Menu\Programs\Startup\
SpywareGuard.lnk - C:\Program Files\SpywareGuard\sgmain.exe [8/29/2003 7:05:35 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsHistory"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"= C:\PROGRA~1\TALLEM~1\ONLINE~1\oaevent.dll [04/17/2008 05:22 671432]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates From HP.lnk]
backup=C:\WINDOWS\pss\Updates From HP.lnkCommon Startup


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlwaysReady Power Message APP]
ARPWRMSG.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSyncU.exe]
"C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPBootOp]
"C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kdx]
C:\Program Files\Kontiki\KHost.exe -all

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PwrUpTweakMe]
C:\WINDOWS\system32\PuXpTwks.exe /TWEAK

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
C:\WINDOWS\SMINST\RECGUARD.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Symantec Core LC"=2 (0x2)
"SPBBCSvc"=2 (0x2)
"SNDSrvc"=2 (0x2)
"SAVScan"=3 (0x3)
"NSCService"=3 (0x3)
"ccSetMgr"=2 (0x2)
"ccProxy"=2 (0x2)
"ccISPwdSvc"=3 (0x3)
"ccEvtMgr"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc




-- End of Deckard's System Scanner: finished at 2008-07-23 21:35:13 ------------
  • 0

#293
kelkay
Posted 24 July 2008 - 08:17 AM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
I ran a scan with Kaspersky last night on my home computer. It now shows no infections during the scan. It still shows detected files...I will attach this for you to see.
  • 0

#294
JSntgRvr
Posted 24 July 2008 - 10:07 AM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Hi, kelkay :)

You are still infected.

  • Download the attached file and save it to your C:\ drive. Overwrite the existing one.
  • When having saved it, the file path should be C:\remove.txt
  • Open the Avenger.
  • Select Load Script from the menu, then From File .
  • Browse to C:\remove.txt and click open.
  • Then click the Execute button.
  • This will begin the execution of the script currently in memory.
  • The Avenger will set itself up to run the next time you reboot your computer, and then will prompt you to restart immediately.
  • After your system restarts, a log file should open with the results of Avenger’s actions. This log file is located at C:\avenger.txt. The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backups.zip.
Post the contents of the C:\avenger.txt file and attach a fresh DSS main.txt report.
  • 0

#295
kelkay
Posted 24 July 2008 - 10:18 AM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
Hi JS :) I will start it right away. Thank you.
  • 0

Advertisements

#296
kelkay
Posted 24 July 2008 - 10:29 AM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
Logfile of The Avenger Version 2.0, © by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!


Error: could not open folder "2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\qttasks.exe"
Deletion of folder "2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\qttasks.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\olehelp.exe"
Deletion of folder "2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\olehelp.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\offerssk.exe"
Deletion of folder "2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\offerssk.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\invitessk.exe"
Deletion of folder "2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\invitessk.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\id.exe"
Deletion of folder "2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\id.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\zopenssl.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\zopenssl.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\yvsvga.sys"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\yvsvga.sys" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\yvsvga.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\yvsvga.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\yvprgb.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\yvprgb.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\yvpp02.sys"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\yvpp02.sys" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\xcdmfree.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\xcdmfree.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\wndtx1.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\wndtx1.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\tcpwrk.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\tcpwrk.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\tcpgdc.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\tcpgdc.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\tcpg4t.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\tcpg4t.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\sksdll.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\sksdll.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\sks2drvr.sys"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\sks2drvr.sys" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\se633mxx.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\se633mxx.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\se500mdm.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\se500mdm.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\sdcard98.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\sdcard98.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\satmmc.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\satmmc.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\satdll.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\satdll.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\satau320.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\satau320.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\rsdapi.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\rsdapi.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\rdrvr2.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\rdrvr2.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\psksds.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\psksds.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\prwsks.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\prwsks.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\prw76sks.sys"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\prw76sks.sys" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\printpnp.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\printpnp.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\openglss.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\openglss.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\obbn13t.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\obbn13t.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\nuclabdll.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\nuclabdll.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\nkunpack.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\nkunpack.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\nclabydll.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\nclabydll.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\msplg7.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\msplg7.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\mmxeroxk.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\mmxeroxk.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\mdfpro.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\mdfpro.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\mcfg7a.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\mcfg7a.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\mcfcc4.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\mcfcc4.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\lsd_f3.dll"
Deletion of folder "2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\lsd_f3.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\logon16x.dll"
Deletion of folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\logon16x.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\iesdl4l.dll"
Deletion of folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\iesdl4l.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\ies4dll.dll"
Deletion of folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\ies4dll.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\ideusr50.dll"
Deletion of folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\ideusr50.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\hpprintx.dll"
Deletion of folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\hpprintx.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\gdwxp3.dll"
Deletion of folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\gdwxp3.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\gdiwxp.dll"
Deletion of folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\gdiwxp.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\gatexkey.dll"
Deletion of folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\gatexkey.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\flashdrvr.dll"
Deletion of folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\flashdrvr.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\extxerox.dll"
Deletion of folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\extxerox.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\extfpu.dll"
Deletion of folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\extfpu.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\emldvc.dll"
Deletion of folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\emldvc.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\dvd4free.dll"
Deletion of folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\dvd4free.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\docent2.dll"
Deletion of folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\docent2.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\docent0.dll"
Deletion of folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\docent0.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\directut.dll"
Deletion of folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\directut.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\directpt.dll"
Deletion of folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\directpt.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\ddirectz.dll"
Deletion of folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\ddirectz.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\bt848rom.dll"
Deletion of folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\bt848rom.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\axdebugl.dll"
Deletion of folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\axdebugl.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\avload32.dll"
Deletion of folder "2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\avload32.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\system32\msupdate.exe"
Deletion of folder "2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\system32\msupdate.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\system32\emesx.dll"
Deletion of folder "2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\system32\emesx.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\system32\bootconf.exe"
Deletion of folder "2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\system32\bootconf.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\sistem.exe"
Deletion of folder "2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\sistem.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\msconfd.dll"
Deletion of folder "2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\msconfd.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\iexplorer.exe"
Deletion of folder "2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\iexplorer.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\ctrlpan.dll"
Deletion of folder "2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\ctrlpan.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\avpcc.dll"
Deletion of folder "2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\avpcc.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:00 0 dr-hs---- C:\WINDOWS\system32\ipv6mons.dll"
Deletion of folder "2008-07-19 14:40:00 0 dr-hs---- C:\WINDOWS\system32\ipv6mons.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:40:00 0 dr-hs---- C:\csrss.exe"
Deletion of folder "2008-07-19 14:40:00 0 dr-hs---- C:\csrss.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:39:59 0 dr-hs---- C:\winstall.exe"
Deletion of folder "2008-07-19 14:39:59 0 dr-hs---- C:\winstall.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\zserv.dll"
Deletion of folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\zserv.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\voiceip.dll"
Deletion of folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\voiceip.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\winxp.exe"
Deletion of folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\winxp.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\winhost.exe"
Deletion of folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\winhost.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\windll.exe"
Deletion of folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\windll.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\twain32.dll"
Deletion of folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\twain32.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\nvms.dll"
Deletion of folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\nvms.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\msbe.dll"
Deletion of folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\msbe.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\ginuerep.dll"
Deletion of folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\ginuerep.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\dxmpp.dll"
Deletion of folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\dxmpp.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\anti_troj.exe"
Deletion of folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\anti_troj.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\pynix.dll"
Deletion of folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\pynix.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\mssvr.exe"
Deletion of folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\mssvr.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\dlmax.dll"
Deletion of folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\dlmax.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\btgrab.dll"
Deletion of folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\btgrab.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\2020search2.dll"
Deletion of folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\2020search2.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\2020search.dll"
Deletion of folder "2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\2020search.dll" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:39:55 0 dr-hs---- C:\WINDOWS\xpupdate.exe"
Deletion of folder "2008-07-19 14:39:55 0 dr-hs---- C:\WINDOWS\xpupdate.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\system32\winupd.exe"
Deletion of folder "2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\system32\winupd.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\system32\winsvc.exe"
Deletion of folder "2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\system32\winsvc.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\system32\svhost.exe"
Deletion of folder "2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\system32\svhost.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\system32\svchost32.exe"
Deletion of folder "2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\system32\svchost32.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\system32\server.exe"
Deletion of folder "2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\system32\server.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\svchost.exe"
Deletion of folder "2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\svchost.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\rundll16.exe"
Deletion of folder "2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\rundll16.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\explore.exe"
Deletion of folder "2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\explore.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open folder "2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\csrss.exe"
Deletion of folder "2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\csrss.exe" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:14 222 -r-h----- C:\WINDOWS\isrvs"
Deletion of file "2008-07-19 14:40:14 222 -r-h----- C:\WINDOWS\isrvs" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:07 240 -r-h----- C:\WINDOWS\wintrim"
Deletion of file "2008-07-19 14:40:07 240 -r-h----- C:\WINDOWS\wintrim" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:07 240 -r-h----- C:\WINDOWS\winmgts"
Deletion of file "2008-07-19 14:40:07 240 -r-h----- C:\WINDOWS\winmgts" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:07 240 -r-h----- C:\WINDOWS\wincomp"
Deletion of file "2008-07-19 14:40:07 240 -r-h----- C:\WINDOWS\wincomp" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:07 240 -r-h----- C:\WINDOWS\navpmc"
Deletion of file "2008-07-19 14:40:07 240 -r-h----- C:\WINDOWS\navpmc" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:07 240 -r-h----- C:\WINDOWS\mc"
Deletion of file "2008-07-19 14:40:07 240 -r-h----- C:\WINDOWS\mc" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:06 232 -r-h----- C:\WINDOWS\system32\iedriver"
Deletion of file "2008-07-19 14:40:06 232 -r-h----- C:\WINDOWS\system32\iedriver" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:06 230 -r-h----- C:\WINDOWS\ilookup"
Deletion of file "2008-07-19 14:40:06 230 -r-h----- C:\WINDOWS\ilookup" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:06 228 -r-h----- C:\Program Files\system soap pro"
Deletion of file "2008-07-19 14:40:06 228 -r-h----- C:\Program Files\system soap pro" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:06 230 -r-h----- C:\Program Files\search toolbar"
Deletion of file "2008-07-19 14:40:06 230 -r-h----- C:\Program Files\search toolbar" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:06 228 -r-h----- C:\Program Files\httper"
Deletion of file "2008-07-19 14:40:06 228 -r-h----- C:\Program Files\httper" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:06 228 -r-h----- C:\Program Files\hotbar"
Deletion of file "2008-07-19 14:40:06 228 -r-h----- C:\Program Files\hotbar" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:06 244 -r-h----- C:\Program Files\homekeylogger"
Deletion of file "2008-07-19 14:40:06 244 -r-h----- C:\Program Files\homekeylogger" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:06 228 -r-h----- C:\Program Files\hbtools"
Deletion of file "2008-07-19 14:40:06 228 -r-h----- C:\Program Files\hbtools" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:06 228 -r-h----- C:\Program Files\hbinst"
Deletion of file "2008-07-19 14:40:06 228 -r-h----- C:\Program Files\hbinst" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:06 232 -r-h----- C:\Program Files\Common Files\wqzq"
Deletion of file "2008-07-19 14:40:06 232 -r-h----- C:\Program Files\Common Files\wqzq" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:06 230 -r-h----- C:\Program Files\Common Files\msiets"
Deletion of file "2008-07-19 14:40:06 230 -r-h----- C:\Program Files\Common Files\msiets" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:06 230 -r-h----- C:\Program Files\Common Files\btlink"
Deletion of file "2008-07-19 14:40:06 230 -r-h----- C:\Program Files\Common Files\btlink" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:04 236 -r-h----- C:\Program Files\xmod"
Deletion of file "2008-07-19 14:40:04 236 -r-h----- C:\Program Files\xmod" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:04 236 -r-h----- C:\Program Files\xml"
Deletion of file "2008-07-19 14:40:04 236 -r-h----- C:\Program Files\xml" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:04 242 -r-h----- C:\Program Files\vcom"
Deletion of file "2008-07-19 14:40:04 242 -r-h----- C:\Program Files\vcom" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:04 246 -r-h----- C:\Program Files\sync manager demo"
Deletion of file "2008-07-19 14:40:04 246 -r-h----- C:\Program Files\sync manager demo" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:04 242 -r-h----- C:\Program Files\scom"
Deletion of file "2008-07-19 14:40:04 242 -r-h----- C:\Program Files\scom" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:04 236 -r-h----- C:\Program Files\reg2"
Deletion of file "2008-07-19 14:40:04 236 -r-h----- C:\Program Files\reg2" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:04 242 -r-h----- C:\Program Files\pvm"
Deletion of file "2008-07-19 14:40:04 242 -r-h----- C:\Program Files\pvm" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:04 242 -r-h----- C:\Program Files\primesoft"
Deletion of file "2008-07-19 14:40:04 242 -r-h----- C:\Program Files\primesoft" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:04 242 -r-h----- C:\Program Files\paymentone"
Deletion of file "2008-07-19 14:40:04 242 -r-h----- C:\Program Files\paymentone" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:04 252 -r-h----- C:\Program Files\gsr"
Deletion of file "2008-07-19 14:40:04 252 -r-h----- C:\Program Files\gsr" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:04 242 -r-h----- C:\Program Files\gsoft"
Deletion of file "2008-07-19 14:40:04 242 -r-h----- C:\Program Files\gsoft" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:04 242 -r-h----- C:\Program Files\gmsoft"
Deletion of file "2008-07-19 14:40:04 242 -r-h----- C:\Program Files\gmsoft" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:04 228 -r-h----- C:\Program Files\globe7"
Deletion of file "2008-07-19 14:40:04 228 -r-h----- C:\Program Files\globe7" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:04 240 -r-h----- C:\Program Files\globaldialer"
Deletion of file "2008-07-19 14:40:04 240 -r-h----- C:\Program Files\globaldialer" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:04 236 -r-h----- C:\Program Files\ftk"
Deletion of file "2008-07-19 14:40:04 236 -r-h----- C:\Program Files\ftk" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:04 236 -r-h----- C:\Program Files\ftapp"
Deletion of file "2008-07-19 14:40:04 236 -r-h----- C:\Program Files\ftapp" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:04 250 -r-h----- C:\Program Files\fsw"
Deletion of file "2008-07-19 14:40:04 250 -r-h----- C:\Program Files\fsw" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:04 236 -r-h----- C:\Program Files\flt"
Deletion of file "2008-07-19 14:40:04 236 -r-h----- C:\Program Files\flt" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:04 236 -r-h----- C:\Program Files\fln"
Deletion of file "2008-07-19 14:40:04 236 -r-h----- C:\Program Files\fln" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:04 236 -r-h----- C:\Program Files\flcp"
Deletion of file "2008-07-19 14:40:04 236 -r-h----- C:\Program Files\flcp" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:04 236 -r-h----- C:\Program Files\fla"
Deletion of file "2008-07-19 14:40:04 236 -r-h----- C:\Program Files\fla" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:04 236 -r-h----- C:\Program Files\filesubmit"
Deletion of file "2008-07-19 14:40:04 236 -r-h----- C:\Program Files\filesubmit" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:04 236 -r-h----- C:\Program Files\fen"
Deletion of file "2008-07-19 14:40:04 236 -r-h----- C:\Program Files\fen" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:04 242 -r-h----- C:\Program Files\dialers"
Deletion of file "2008-07-19 14:40:04 242 -r-h----- C:\Program Files\dialers" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:04 226 -r-h----- C:\Program Files\browserenh"
Deletion of file "2008-07-19 14:40:04 226 -r-h----- C:\Program Files\browserenh" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 248 -r-h----- C:\windowsupdate"
Deletion of file "2008-07-19 14:40:03 248 -r-h----- C:\windowsupdate" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 242 -r-h----- C:\WINDOWS\winfj"
Deletion of file "2008-07-19 14:40:03 242 -r-h----- C:\WINDOWS\winfj" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 242 -r-h----- C:\WINDOWS\system32\services"
Deletion of file "2008-07-19 14:40:03 242 -r-h----- C:\WINDOWS\system32\services" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 252 -r-h----- C:\WINDOWS\system32\fcyberalert"
Deletion of file "2008-07-19 14:40:03 252 -r-h----- C:\WINDOWS\system32\fcyberalert" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 226 -r-h----- C:\WINDOWS\system32\f0r0r"
Deletion of file "2008-07-19 14:40:03 226 -r-h----- C:\WINDOWS\system32\f0r0r" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 248 -r-h----- C:\WINDOWS\system32\ctf"
Deletion of file "2008-07-19 14:40:03 248 -r-h----- C:\WINDOWS\system32\ctf" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 228 -r-h----- C:\WINDOWS\system32\adcache"
Deletion of file "2008-07-19 14:40:03 228 -r-h----- C:\WINDOWS\system32\adcache" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 242 -r-h----- C:\WINDOWS\syspi"
Deletion of file "2008-07-19 14:40:03 242 -r-h----- C:\WINDOWS\syspi" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 242 -r-h----- C:\WINDOWS\sysbj"
Deletion of file "2008-07-19 14:40:03 242 -r-h----- C:\WINDOWS\sysbj" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 228 -r-h----- C:\WINDOWS\roodyc"
Deletion of file "2008-07-19 14:40:03 228 -r-h----- C:\WINDOWS\roodyc" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 242 -r-h----- C:\WINDOWS\msew"
Deletion of file "2008-07-19 14:40:03 242 -r-h----- C:\WINDOWS\msew" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 242 -r-h----- C:\WINDOWS\ieoo"
Deletion of file "2008-07-19 14:40:03 242 -r-h----- C:\WINDOWS\ieoo" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 226 -r-h----- C:\WINDOWS\explorer"
Deletion of file "2008-07-19 14:40:03 226 -r-h----- C:\WINDOWS\explorer" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 232 -r-h----- C:\WINDOWS\elitetoolbar"
Deletion of file "2008-07-19 14:40:03 232 -r-h----- C:\WINDOWS\elitetoolbar" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 232 -r-h----- C:\WINDOWS\elitesidebar"
Deletion of file "2008-07-19 14:40:03 232 -r-h----- C:\WINDOWS\elitesidebar" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 232 -r-h----- C:\WINDOWS\elitebar"
Deletion of file "2008-07-19 14:40:03 232 -r-h----- C:\WINDOWS\elitebar" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 244 -r-h----- C:\WINDOWS\ctb3_shared"
Deletion of file "2008-07-19 14:40:03 244 -r-h----- C:\WINDOWS\ctb3_shared" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 234 -r-h----- C:\WINDOWS\configsys"
Deletion of file "2008-07-19 14:40:03 234 -r-h----- C:\WINDOWS\configsys" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 240 -r-h----- C:\WINDOWS\coder"
Deletion of file "2008-07-19 14:40:03 240 -r-h----- C:\WINDOWS\coder" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 260 -r-h----- C:\Program Files\websearch"
Deletion of file "2008-07-19 14:40:03 260 -r-h----- C:\Program Files\websearch" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 260 -r-h----- C:\Program Files\webrebates"
Deletion of file "2008-07-19 14:40:03 260 -r-h----- C:\Program Files\webrebates" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 240 -r-h----- C:\Program Files\real-tens"
Deletion of file "2008-07-19 14:40:03 240 -r-h----- C:\Program Files\real-tens" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 240 -r-h----- C:\Program Files\movienetworks"
Deletion of file "2008-07-19 14:40:03 240 -r-h----- C:\Program Files\movienetworks" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 240 -r-h----- C:\Program Files\mlh"
Deletion of file "2008-07-19 14:40:03 240 -r-h----- C:\Program Files\mlh" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 240 -r-h----- C:\Program Files\medch"
Deletion of file "2008-07-19 14:40:03 240 -r-h----- C:\Program Files\medch" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 238 -r-h----- C:\Program Files\lycos"
Deletion of file "2008-07-19 14:40:03 238 -r-h----- C:\Program Files\lycos" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 240 -r-h----- C:\Program Files\kfh"
Deletion of file "2008-07-19 14:40:03 240 -r-h----- C:\Program Files\kfh" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 258 -r-h----- C:\Program Files\keylog"
Deletion of file "2008-07-19 14:40:03 258 -r-h----- C:\Program Files\keylog" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 228 -r-h----- C:\Program Files\gator.com"
Deletion of file "2008-07-19 14:40:03 228 -r-h----- C:\Program Files\gator.com" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 246 -r-h----- C:\Program Files\fwn toolbar"
Deletion of file "2008-07-19 14:40:03 246 -r-h----- C:\Program Files\fwn toolbar" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 236 -r-h----- C:\Program Files\fastseeker"
Deletion of file "2008-07-19 14:40:03 236 -r-h----- C:\Program Files\fastseeker" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 226 -r-h----- C:\Program Files\ezurl"
Deletion of file "2008-07-19 14:40:03 226 -r-h----- C:\Program Files\ezurl" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 246 -r-h----- C:\Program Files\exploreanywhere"
Deletion of file "2008-07-19 14:40:03 246 -r-h----- C:\Program Files\exploreanywhere" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 248 -r-h----- C:\Program Files\exact"
Deletion of file "2008-07-19 14:40:03 248 -r-h----- C:\Program Files\exact" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 230 -r-h----- C:\Program Files\emedia codec"
Deletion of file "2008-07-19 14:40:03 230 -r-h----- C:\Program Files\emedia codec" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: could not open file "2008-07-19 14:40:03 260 -r-h----- C:\Program Files\ebatesmoemoneymaker&qu
  • 0

#297
kelkay
Posted 24 July 2008 - 10:35 AM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
Deckard's System Scanner v20071014.68
Run by Kelly on 2008-07-24 11:30:27
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Kelly.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:31:08, on 7/24/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Kelly\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Kelly.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O3 - Toolbar: WebFerret - {A58686ED-FC46-44C3-95C6-4A812AB776F1} - C:\Program Files\FerretSoft\WebFerret\FerretBand.dll
O4 - HKLM\..\Run: [SmartDefrag] "C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [HostsMan] "C:\Program Files\HostsMan\hm.exe" -s
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\system32\wweb32.dll/lookup.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (file missing)
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative....030/CTSUEng.cab
O16 - DPF: {127CE7BA-AD89-4108-A913-C52EFC037C36} (OMN Player Support) - http://kdx.omn.org/s...ayerSupport.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewid...oOnlineScan.cab
O16 - DPF: {2776DDE9-D4B2-4BF7-9F98-ADC1A1B80AF5} (OMN Media Publisher) - http://kdx.omn.org/s...iaPublisher.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://www.shockwave...h2.1.0.0.67.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1165348971449
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-sec...m/ols/fscax.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative....15030/CTPID.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sansa Updater Service (SansaService) - Unknown owner - C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe

--
End of file - 9198 bytes

-- Files created between 2008-06-24 and 2008-07-24 -----------------------------

2008-07-23 21:23:42 135168 --a------ C:\zip.exe
2008-07-22 20:51:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-07-19 14:40:14 222 -r-h----- C:\WINDOWS\isrvs
2008-07-19 14:40:07 240 -r-h----- C:\WINDOWS\wintrim
2008-07-19 14:40:07 240 -r-h----- C:\WINDOWS\winmgts
2008-07-19 14:40:07 240 -r-h----- C:\WINDOWS\wincomp
2008-07-19 14:40:07 240 -r-h----- C:\WINDOWS\navpmc
2008-07-19 14:40:07 240 -r-h----- C:\WINDOWS\mc
2008-07-19 14:40:06 232 -r-h----- C:\WINDOWS\system32\iedriver
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\offerssk.exe
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\invitessk.exe
2008-07-19 14:40:06 230 -r-h----- C:\WINDOWS\ilookup
2008-07-19 14:40:06 0 dr-hs---- C:\WINDOWS\id.exe
2008-07-19 14:40:06 228 -r-h----- C:\Program Files\system soap pro
2008-07-19 14:40:06 230 -r-h----- C:\Program Files\search toolbar
2008-07-19 14:40:06 228 -r-h----- C:\Program Files\httper
2008-07-19 14:40:06 228 -r-h----- C:\Program Files\hotbar
2008-07-19 14:40:06 244 -r-h----- C:\Program Files\homekeylogger
2008-07-19 14:40:06 228 -r-h----- C:\Program Files\hbtools
2008-07-19 14:40:06 228 -r-h----- C:\Program Files\hbinst
2008-07-19 14:40:06 232 -r-h----- C:\Program Files\Common Files\wqzq
2008-07-19 14:40:06 230 -r-h----- C:\Program Files\Common Files\msiets
2008-07-19 14:40:06 230 -r-h----- C:\Program Files\Common Files\btlink
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\zopenssl.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\yvsvga.sys
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\yvsvga.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\yvprgb.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\yvpp02.sys
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\xcdmfree.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\wndtx1.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\tcpwrk.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\tcpgdc.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\tcpg4t.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\sksdll.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\sks2drvr.sys
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\se633mxx.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\se500mdm.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\sdcard98.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\satmmc.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\satdll.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\satau320.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\rsdapi.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\rdrvr2.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\psksds.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\prwsks.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\prw76sks.sys
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\printpnp.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\openglss.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\obbn13t.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\nuclabdll.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\nkunpack.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\nclabydll.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\msplg7.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\mmxeroxk.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\mdfpro.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\mcfg7a.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\mcfcc4.dll
2008-07-19 14:40:05 0 dr-hs---- C:\WINDOWS\system32\lsd_f3.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\logon16x.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\iesdl4l.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\ies4dll.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\ideusr50.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\hpprintx.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\gdwxp3.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\gdiwxp.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\gatexkey.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\flashdrvr.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\extxerox.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\extfpu.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\emldvc.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\dvd4free.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\docent2.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\docent0.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\directut.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\directpt.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\ddirectz.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\bt848rom.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\axdebugl.dll
2008-07-19 14:40:04 0 dr-hs---- C:\WINDOWS\system32\avload32.dll
2008-07-19 14:40:04 236 -r-h----- C:\Program Files\xmod
2008-07-19 14:40:04 236 -r-h----- C:\Program Files\xml
2008-07-19 14:40:04 242 -r-h----- C:\Program Files\vcom
2008-07-19 14:40:04 246 -r-h----- C:\Program Files\sync manager demo
2008-07-19 14:40:04 242 -r-h----- C:\Program Files\scom
2008-07-19 14:40:04 236 -r-h----- C:\Program Files\reg2
2008-07-19 14:40:04 242 -r-h----- C:\Program Files\pvm
2008-07-19 14:40:04 242 -r-h----- C:\Program Files\primesoft
2008-07-19 14:40:04 242 -r-h----- C:\Program Files\paymentone
2008-07-19 14:40:04 252 -r-h----- C:\Program Files\gsr
2008-07-19 14:40:04 242 -r-h----- C:\Program Files\gsoft
2008-07-19 14:40:04 242 -r-h----- C:\Program Files\gmsoft
2008-07-19 14:40:04 228 -r-h----- C:\Program Files\globe7
2008-07-19 14:40:04 240 -r-h----- C:\Program Files\globaldialer
2008-07-19 14:40:04 236 -r-h----- C:\Program Files\ftk
2008-07-19 14:40:04 236 -r-h----- C:\Program Files\ftapp
2008-07-19 14:40:04 250 -r-h----- C:\Program Files\fsw
2008-07-19 14:40:04 236 -r-h----- C:\Program Files\flt
2008-07-19 14:40:04 236 -r-h----- C:\Program Files\fln
2008-07-19 14:40:04 236 -r-h----- C:\Program Files\flcp
2008-07-19 14:40:04 236 -r-h----- C:\Program Files\fla
2008-07-19 14:40:04 236 -r-h----- C:\Program Files\filesubmit
2008-07-19 14:40:04 236 -r-h----- C:\Program Files\fen
2008-07-19 14:40:04 242 -r-h----- C:\Program Files\dialers
2008-07-19 14:40:04 226 -r-h----- C:\Program Files\browserenh
2008-07-19 14:40:03 248 -r-h----- C:\windowsupdate
2008-07-19 14:40:03 242 -r-h----- C:\WINDOWS\winfj
2008-07-19 14:40:03 242 -r-h----- C:\WINDOWS\system32\services
2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\system32\msupdate.exe
2008-07-19 14:40:03 252 -r-h----- C:\WINDOWS\system32\fcyberalert
2008-07-19 14:40:03 226 -r-h----- C:\WINDOWS\system32\f0r0r
2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\system32\emesx.dll
2008-07-19 14:40:03 248 -r-h----- C:\WINDOWS\system32\ctf
2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\system32\bootconf.exe
2008-07-19 14:40:03 228 -r-h----- C:\WINDOWS\system32\adcache
2008-07-19 14:40:03 242 -r-h----- C:\WINDOWS\syspi
2008-07-19 14:40:03 242 -r-h----- C:\WINDOWS\sysbj
2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\sistem.exe
2008-07-19 14:40:03 228 -r-h----- C:\WINDOWS\roodyc
2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\qttasks.exe
2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\olehelp.exe
2008-07-19 14:40:03 242 -r-h----- C:\WINDOWS\msew
2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\msconfd.dll
2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\iexplorer.exe
2008-07-19 14:40:03 242 -r-h----- C:\WINDOWS\ieoo
2008-07-19 14:40:03 226 -r-h----- C:\WINDOWS\explorer
2008-07-19 14:40:03 232 -r-h----- C:\WINDOWS\elitetoolbar
2008-07-19 14:40:03 232 -r-h----- C:\WINDOWS\elitesidebar
2008-07-19 14:40:03 232 -r-h----- C:\WINDOWS\elitebar
2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\ctrlpan.dll
2008-07-19 14:40:03 244 -r-h----- C:\WINDOWS\ctb3_shared
2008-07-19 14:40:03 234 -r-h----- C:\WINDOWS\configsys
2008-07-19 14:40:03 240 -r-h----- C:\WINDOWS\coder
2008-07-19 14:40:03 0 dr-hs---- C:\WINDOWS\avpcc.dll
2008-07-19 14:40:03 260 -r-h----- C:\Program Files\websearch
2008-07-19 14:40:03 260 -r-h----- C:\Program Files\webrebates
2008-07-19 14:40:03 240 -r-h----- C:\Program Files\real-tens
2008-07-19 14:40:03 240 -r-h----- C:\Program Files\movienetworks
2008-07-19 14:40:03 240 -r-h----- C:\Program Files\mlh
2008-07-19 14:40:03 240 -r-h----- C:\Program Files\medch
2008-07-19 14:40:03 238 -r-h----- C:\Program Files\lycos
2008-07-19 14:40:03 240 -r-h----- C:\Program Files\kfh
2008-07-19 14:40:03 258 -r-h----- C:\Program Files\keylog
2008-07-19 14:40:03 228 -r-h----- C:\Program Files\gator.com
2008-07-19 14:40:03 246 -r-h----- C:\Program Files\fwn toolbar
2008-07-19 14:40:03 236 -r-h----- C:\Program Files\fastseeker
2008-07-19 14:40:03 226 -r-h----- C:\Program Files\ezurl
2008-07-19 14:40:03 246 -r-h----- C:\Program Files\exploreanywhere
2008-07-19 14:40:03 248 -r-h----- C:\Program Files\exact
2008-07-19 14:40:03 230 -r-h----- C:\Program Files\emedia codec
2008-07-19 14:40:03 260 -r-h----- C:\Program Files\ebatesmoemoneymaker
2008-07-19 14:40:03 260 -r-h----- C:\Program Files\ebates_moemoneymaker
2008-07-19 14:40:03 228 -r-h----- C:\Program Files\e2give
2008-07-19 14:40:03 240 -r-h----- C:\Program Files\drivecleaner free
2008-07-19 14:40:03 240 -r-h----- C:\Program Files\downloadware
2008-07-19 14:40:03 240 -r-h----- C:\Program Files\downloadware engine
2008-07-19 14:40:03 244 -r-h----- C:\Program Files\dealio
2008-07-19 14:40:03 236 -r-h----- C:\Program Files\dealhelper
2008-07-19 14:40:03 234 -r-h----- C:\Program Files\dateregon
2008-07-19 14:40:03 238 -r-h----- C:\Program Files\date manager
2008-07-19 14:40:03 228 -r-h----- C:\Program Files\data19
2008-07-19 14:40:03 238 -r-h----- C:\Program Files\csbb
2008-07-19 14:40:03 234 -r-h----- C:\Program Files\comsoft
2008-07-19 14:40:03 236 -r-h----- C:\Program Files\commonname
2008-07-19 14:40:03 248 -r-h----- C:\Program Files\Common Files\eacceleration
2008-07-19 14:40:03 240 -r-h----- C:\Program Files\Common Files\drivecleaner free
2008-07-19 14:40:03 226 -r-h----- C:\Program Files\Common Files\cpush
2008-07-19 14:40:03 262 -r-h----- C:\Program Files\colej_uk design toolbar
2008-07-19 14:40:03 238 -r-h----- C:\Program Files\cntrc
2008-07-19 14:40:03 234 -r-h----- C:\Program Files\clocksync
2008-07-19 14:40:03 234 -r-h----- C:\Program Files\clipgenie
2008-07-19 14:40:03 234 -r-h----- C:\Program Files\clientman
2008-07-19 14:40:03 228 -r-h----- C:\e2g
2008-07-19 14:40:00 0 dr-hs---- C:\WINDOWS\system32\ipv6mons.dll
2008-07-19 14:40:00 238 -r-h----- C:\Program Files\tvs
2008-07-19 14:40:00 238 -r-h----- C:\Program Files\rvp
2008-07-19 14:40:00 236 -r-h----- C:\Program Files\letssearch
2008-07-19 14:40:00 236 -r-h----- C:\Program Files\Common Files\psd tools
2008-07-19 14:40:00 228 -r-h----- C:\Program Files\Common Files\gmt
2008-07-19 14:40:00 228 -r-h----- C:\Program Files\Common Files\cmeii
2008-07-19 14:40:00 238 -r-h----- C:\Program Files\btv
2008-07-19 14:40:00 238 -r-h----- C:\Program Files\brp
2008-07-19 14:40:00 236 -r-h----- C:\Program Files\browser pal
2008-07-19 14:40:00 238 -r-h----- C:\Program Files\bpt
2008-07-19 14:40:00 238 -r-h----- C:\Program Files\bpc_search
2008-07-19 14:40:00 238 -r-h----- C:\Program Files\bcpc
2008-07-19 14:40:00 0 dr-hs---- C:\csrss.exe
2008-07-19 14:39:59 0 dr-hs---- C:\winstall.exe
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\zserv.dll
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\voiceip.dll
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\winxp.exe
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\winhost.exe
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\windll.exe
2008-07-19 14:39:59 248 -r-h----- C:\WINDOWS\system32\win type
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\twain32.dll
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\nvms.dll
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\msbe.dll
2008-07-19 14:39:59 248 -r-h----- C:\WINDOWS\system32\ide
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\ginuerep.dll
2008-07-19 14:39:59 230 -r-h----- C:\WINDOWS\system32\feeds
2008-07-19 14:39:59 236 -r-h----- C:\WINDOWS\system32\exefld
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\dxmpp.dll
2008-07-19 14:39:59 248 -r-h----- C:\WINDOWS\system32\dhcp32
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\system32\anti_troj.exe
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\pynix.dll
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\mssvr.exe
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\dlmax.dll
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\btgrab.dll
2008-07-19 14:39:59 222 -r-h----- C:\WINDOWS\bde
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\2020search2.dll
2008-07-19 14:39:59 0 dr-hs---- C:\WINDOWS\2020search.dll
2008-07-19 14:39:59 234 -r-h----- C:\Program Files\windowssa
2008-07-19 14:39:59 230 -r-h----- C:\Program Files\the guard
2008-07-19 14:39:59 230 -r-h----- C:\Program Files\sysal
2008-07-19 14:39:59 274 -r-h----- C:\Program Files\security iguard
2008-07-19 14:39:59 274 -r-h----- C:\Program Files\securemypc
2008-07-19 14:39:59 274 -r-h----- C:\Program Files\scan & repair utilities 2007
2008-07-19 14:39:59 274 -r-h----- C:\Program Files\psguard
2008-07-19 14:39:59 274 -r-h----- C:\Program Files\pcsecurityshield
2008-07-19 14:39:59 246 -r-h----- C:\Program Files\netturbotrial
2008-07-19 14:39:59 246 -r-h----- C:\Program Files\mediaring talk
2008-07-19 14:39:59 240 -r-h----- C:\Program Files\funcade
2008-07-19 14:39:59 228 -r-h----- C:\Program Files\fs
2008-07-19 14:39:59 230 -r-h----- C:\Program Files\cxtpls
2008-07-19 14:39:59 246 -r-h----- C:\Program Files\Common Files\betterinternet
2008-07-19 14:39:59 240 -r-h----- C:\Program Files\cashback
2008-07-19 14:39:59 240 -r-h----- C:\Program Files\cardcrazy
2008-07-19 14:39:59 236 -r-h----- C:\Program Files\bonzibuddy
2008-07-19 14:39:59 222 -r-h----- C:\Program Files\bde
2008-07-19 14:39:59 240 -r-h----- C:\Program Files\bargain buddy
2008-07-19 14:39:59 230 -r-h----- C:\Program Files\backweb
2008-07-19 14:39:59 244 -r-h----- C:\Program Files\arcaderockstar
2008-07-19 14:39:59 230 -r-h----- C:\Program Files\aproposclient
2008-07-19 14:39:59 228 -r-h----- C:\Program Files\altnet
2008-07-19 14:39:59 232 -r-h----- C:\Program Files\adstatus service
2008-07-19 14:39:59 228 -r-h----- C:\Program Files\acetoolbar
2008-07-19 14:39:59 246 -r-h----- C:\Program Files\accoona
2008-07-19 14:39:59 246 -r-h----- C:\Program Files\abetterinternet
2008-07-19 14:39:59 230 -r-h----- C:\Program Files\2search
2008-07-19 14:39:59 222 -r-h----- C:\bde
2008-07-19 14:39:58 274 -r-h----- C:\Program Files\privacy crusader demo
2008-07-19 14:39:58 274 -r-h----- C:\Program Files\privacy champion
2008-07-19 14:39:58 274 -r-h----- C:\Program Files\pestbot
2008-07-19 14:39:58 274 -r-h----- C:\Program Files\perfectcleaner
2008-07-19 14:39:58 274 -r-h----- C:\Program Files\pal spyrem
2008-07-19 14:39:58 274 -r-h----- C:\Program Files\neospace
2008-07-19 14:39:58 274 -r-h----- C:\Program Files\malwarewipers
2008-07-19 14:39:57 274 -r-h----- C:\Program Files\malwaresweeper.com
2008-07-19 14:39:55 0 dr-hs---- C:\WINDOWS\xpupdate.exe
2008-07-19 14:39:55 274 -r-h----- C:\Program Files\kazaap
2008-07-19 14:39:55 274 -r-h----- C:\Program Files\guardbar
2008-07-19 14:39:55 274 -r-h----- C:\Program Files\goodbye spy
2008-07-19 14:39:55 274 -r-h----- C:\Program Files\froggie scan demo
2008-07-19 14:39:55 274 -r-h----- C:\Program Files\flobo spyware clean
2008-07-19 14:39:55 274 -r-h----- C:\Program Files\expertantivirus
2008-07-19 14:39:55 274 -r-h----- C:\Program Files\easy erase spyware remover
2008-07-19 14:39:55 274 -r-h----- C:\Program Files\curepcsolution
2008-07-19 14:39:55 274 -r-h----- C:\Program Files\codeclean2007
2008-07-19 14:39:55 274 -r-h----- C:\Program Files\allume systems
2008-07-19 14:39:54 274 -r-h----- C:\Program Files\cleanx2007
2008-07-19 14:39:54 274 -r-h----- C:\Program Files\bulletproofsoft.com
2008-07-19 14:39:53 274 -r-h----- C:\Program Files\softwaredoctor
2008-07-19 14:39:53 274 -r-h----- C:\Program Files\bps remover
2008-07-19 14:39:53 274 -r-h----- C:\Program Files\antivirusgoldenpro
2008-07-19 14:39:53 274 -r-h----- C:\Program Files\antivirus solution
2008-07-19 14:39:53 274 -r-h----- C:\Program Files\adwareX eliminator
2008-07-19 14:39:53 274 -r-h----- C:\Program Files\adware spyWare removal
2008-07-19 14:39:52 274 -r-h----- C:\Program Files\adwareremovergold.com
2008-07-19 14:39:51 274 -r-h----- C:\Program Files\adware remover
2008-07-19 14:39:50 274 -r-h----- C:\Program Files\pcprivacysoftware.com
2008-07-19 14:39:50 274 -r-h----- C:\Program Files\adware agent
2008-07-19 14:39:50 274 -r-h----- C:\Program Files\ads adware remover
2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\system32\winupd.exe
2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\system32\winsvc.exe
2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\system32\svhost.exe
2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\system32\svchost32.exe
2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\system32\server.exe
2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\svchost.exe
2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\rundll16.exe
2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\explore.exe
2008-07-19 14:39:44 0 dr-hs---- C:\WINDOWS\csrss.exe
2008-07-19 14:39:44 277 -r-h----- C:\Program Files\winferno
2008-07-19 14:39:44 274 -r-h----- C:\Program Files\secure pc solutions
2008-07-19 14:39:44 274 -r-h----- C:\Program Files\scorpio software
2008-07-19 14:39:44 284 -r-h----- C:\Program Files\fix my registry
2008-07-19 14:39:44 276 -r-h----- C:\Program Files\beclean
2008-07-19 14:39:44 274 -r-h----- C:\Program Files\ad armor
2008-07-19 14:39:44 274 -r-h----- C:\Program Files\1stantivirus
2008-07-17 21:50:47 0 d-------- C:\Program Files\FlySim
2008-07-15 09:08:46 96559 --a------ C:\WINDOWS\system32\drivers\klin.dat
2008-07-15 09:08:46 87855 --a------ C:\WINDOWS\system32\drivers\klick.dat
2008-07-15 09:08:03 92448 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-07-15 09:08:03 8655392 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-07-15 09:08:03 0 d-------- C:\Program Files\Kaspersky Lab
2008-07-15 09:08:03 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-07-15 09:06:33 0 d-------- C:\kav
2008-07-13 15:00:54 313 --a------ C:\avexport.bat
2008-07-11 10:24:46 0 d-------- C:\Documents and Settings\Kelly\Application Data\abelhadigital.com
2008-07-11 10:24:46 0 d-------- C:\Documents and Settings\All Users\Application Data\abelhadigital.com
2008-07-11 10:21:50 6735942 --a------ C:\backup.reg
2008-07-09 19:58:38 19286 --a------ C:\cleanup.exe
2008-07-09 19:58:38 574 --a------ C:\cleanup.bat
2008-07-09 18:45:48 0 d-------- C:\Documents and Settings\Kelly\Application Data\OnlineArmor
2008-07-09 18:45:48 0 d-------- C:\Documents and Settings\All Users\Application Data\OnlineArmor
2008-07-09 18:45:34 28872 --a------ C:\WINDOWS\system32\drivers\oanet.sys
2008-07-09 18:45:34 25600 --a------ C:\WINDOWS\system32\drivers\OAmon.sys
2008-07-09 18:45:34 75776 --a------ C:\WINDOWS\system32\drivers\OADriver.sys
2008-07-09 18:45:34 0 d-------- C:\Program Files\Tall Emu
2008-07-04 14:02:01 0 d-------- C:\Program Files\HostsMan
2008-07-03 22:34:18 0 d-------- C:\Program Files\HD Tune
2008-07-01 01:15:01 0 d-------- C:\WINDOWS\Prefetch
2008-07-01 01:04:25 0 d-------- C:\WINDOWS\system32\scripting
2008-07-01 01:04:24 0 d-------- C:\WINDOWS\system32\en
2008-07-01 01:04:24 0 d-------- C:\WINDOWS\l2schemas
2008-07-01 01:04:23 0 d-------- C:\WINDOWS\system32\bits
2008-07-01 01:02:31 0 d-------- C:\WINDOWS\ServicePackFiles
2008-06-28 14:40:13 0 d-------- C:\Documents and Settings\All Users\Application Data\ESET
2008-06-28 11:59:58 39424 --a------ C:\WINDOWS\zipinst.exe <Not Verified; NirSoft; ZipInstaller>
2008-06-27 23:32:13 0 d-------- C:\Program Files\Common Files\Java


-- Find3M Report ---------------------------------------------------------------

2008-07-23 22:19:49 0 d-------- C:\Program Files\SpywareBlaster
2008-07-23 22:19:01 0 d-------- C:\Program Files\SpywareGuard
2008-07-23 21:25:04 0 d-------- C:\Program Files\Common Files
2008-07-21 10:14:15 0 d-------- C:\Program Files\Lavasoft
2008-07-19 22:45:20 0 d-------- C:\Documents and Settings\Kelly\Application Data\OpenOffice.org2
2008-07-19 14:41:02 0 d-------- C:\Program Files\Malware Immunizer
2008-07-19 14:40:15 234 -r-h----- C:\Program Files\websnitch v3.0
2008-07-19 14:40:03 240 -r-h----- C:\Program Files\popcorn.net
2008-07-19 14:40:03 236 -r-h----- C:\Program Files\dealhelper.com inc
2008-07-19 14:40:00 236 -r-h----- C:\Program Files\buddylinks.net
2008-07-19 14:39:59 274 -r-h----- C:\Program Files\scanspyware v3.8.0.4
2008-07-19 14:39:59 274 -r-h----- C:\Program Files\prvdef4.0
2008-07-19 14:39:59 274 -r-h----- C:\Program Files\btppdv2.2
2008-07-19 14:39:55 274 -r-h----- C:\Program Files\killspy.net
2008-07-19 14:39:53 274 -r-h----- C:\Program Files\antispyzone 5.0
2008-07-19 14:39:44 274 -r-h----- C:\Program Files\#1spywarekillerv2.1
2008-07-19 14:38:09 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-16 05:29:52 118784 --a------ C:\WINDOWS\SeaMonkeyUninstall.exe
2008-07-16 05:29:50 16267 --a------ C:\WINDOWS\mozver.dat
2008-07-16 05:29:21 118784 --a------ C:\WINDOWS\GREUninstall.exe
2008-07-14 11:08:44 0 d-------- C:\Program Files\Java
2008-07-09 21:00:44 0 d-------- C:\Program Files\HP
2008-07-09 20:52:11 0 d-------- C:\Program Files\kontiki
2008-07-09 14:19:25 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-07-04 10:59:44 0 d-------- C:\Program Files\SpeedFan
2008-07-01 01:04:47 0 d-------- C:\Program Files\Messenger
2008-07-01 01:04:23 0 d-------- C:\Program Files\Movie Maker
2008-07-01 01:02:15 0 d-------- C:\Program Files\Windows NT
2008-06-29 18:15:35 0 d-------- C:\Program Files\Napster
2008-06-29 10:55:37 0 d-------- C:\Program Files\MSECache
2008-06-28 17:03:27 0 d-------- C:\Program Files\Yahoo!
2008-06-28 17:03:24 0 d-------- C:\Program Files\SureThing
2008-06-28 17:03:01 0 d-------- C:\Program Files\QuickTime
2008-06-28 17:03:01 0 d-------- C:\Program Files\OpenTalk
2008-06-28 17:02:26 0 d-------- C:\Program Files\Logitech
2008-06-28 17:02:24 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-28 17:02:22 0 d-------- C:\Program Files\Hewlett-Packard
2008-06-28 17:02:17 0 d-------- C:\Program Files\GemMaster
2008-06-28 17:02:12 0 d-------- C:\Program Files\Common Files\aolshare
2008-06-28 17:02:11 0 d-------- C:\Program Files\Common Files\AOL
2008-06-28 17:02:04 0 d-------- C:\Program Files\CD to MP3 Freeware
2008-06-28 17:02:04 0 d-------- C:\Program Files\BitComet
2008-06-28 17:02:04 0 d-------- C:\Program Files\Audible
2008-06-28 14:34:28 0 d-------- C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com
2008-06-28 14:24:33 0 d-------- C:\Program Files\DrWeb
2008-06-28 12:09:39 0 d-------- C:\Program Files\WinUpdatesList
2008-06-28 00:19:13 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-06-24 18:57:59 0 d-------- C:\Program Files\Shockwave.com
2008-06-15 21:31:43 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-06-12 15:36:36 0 d-------- C:\Documents and Settings\Kelly\Application Data\Apple Computer
2008-06-12 15:36:26 0 d-------- C:\Program Files\iTunes
2008-06-12 15:35:16 0 d-------- C:\Program Files\iPod
2008-06-12 15:29:35 0 d-------- C:\Program Files\Apple Software Update
2008-06-08 16:20:06 0 d-------- C:\Documents and Settings\Kelly\Application Data\Adobe
2008-06-06 08:57:39 0 d-------- C:\Program Files\Common Files\Adobe
2008-06-05 23:32:44 0 d-------- C:\Documents and Settings\Kelly\Application Data\Malwarebytes
2008-06-04 19:37:15 0 d-------- C:\Program Files\Trend Micro
2008-06-04 19:25:50 0 d-------- C:\Program Files\7-Zip
2008-05-28 23:22:30 0 d-------- C:\Documents and Settings\Kelly\Application Data\AdobeUM
2008-05-28 14:39:11 0 d-------- C:\Program Files\MTV Virtual World


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartDefrag"="C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" [11/20/2006 23:59]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [05/09/2006 17:50]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [05/08/2007 16:24]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [06/10/2008 04:27]
"OnlineArmor GUI"="C:\Program Files\Tall Emu\Online Armor\oaui.exe" [04/17/2008 05:22]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [02/08/2008 18:36]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" []
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [04/13/2008 19:12]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [01/28/2008 11:43]
"HostsMan"="C:\Program Files\HostsMan\hm.exe" [06/16/2008 04:19]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"RunNarrator"=Narrator.exe

C:\Documents and Settings\Kelly\Start Menu\Programs\Startup\
SpywareGuard.lnk - C:\Program Files\SpywareGuard\sgmain.exe [8/29/2003 7:05:35 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsHistory"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"= C:\PROGRA~1\TALLEM~1\ONLINE~1\oaevent.dll [04/17/2008 05:22 671432]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates From HP.lnk]
backup=C:\WINDOWS\pss\Updates From HP.lnkCommon Startup


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlwaysReady Power Message APP]
ARPWRMSG.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSyncU.exe]
"C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPBootOp]
"C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kdx]
C:\Program Files\Kontiki\KHost.exe -all

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PwrUpTweakMe]
C:\WINDOWS\system32\PuXpTwks.exe /TWEAK

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
C:\WINDOWS\SMINST\RECGUARD.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Symantec Core LC"=2 (0x2)
"SPBBCSvc"=2 (0x2)
"SNDSrvc"=2 (0x2)
"SAVScan"=3 (0x3)
"NSCService"=3 (0x3)
"ccSetMgr"=2 (0x2)
"ccProxy"=2 (0x2)
"ccISPwdSvc"=3 (0x3)
"ccEvtMgr"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc




-- End of Deckard's System Scanner: finished at 2008-07-24 11:35:27 ------------
  • 0

#298
kelkay
Posted 24 July 2008 - 10:38 AM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
Here is what is in backup on KAV. I have to go for a little while, but will be back. :)
  • 0

#299
JSntgRvr
Posted 24 July 2008 - 10:40 AM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Please attach these reports, including the DSS report. I wonder why these files and folders seems not to exist when I collected the information from your latest DSS report.

Again, Please attach these reports rather than copy and paste in the reply. Make sure the DSS main.txt report is the latest.
  • 0

#300
JSntgRvr
Posted 24 July 2008 - 10:53 AM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Either you have posted the wrong DSS main.txt or the Avenger missed those entries. The DSS report show all these entries in the computer as they appear in the fix. Please repeat the fix. Then Attach (Do not copy and paste) the latest reports from the Avenger and DSS main.txt.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP