Results for OTmoveit2:
Explorer killed successfully
DllUnregisterServer procedure not found in C:\WINDOWS\system32\amvo0.dll
C:\WINDOWS\system32\amvo0.dll NOT unregistered.
C:\WINDOWS\system32\amvo0.dll moved successfully.
File/Folder C:\WINDOWS\system32\cmd.com not found.
< EmptyTemp >
File delete failed. C:\DOCUME~1\Monju\LOCALS~1\Temp\Perflib_Perfdata_4b0.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Monju\LOCALS~1\Temp\Perflib_Perfdata_558.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Monju\LOCALS~1\Temp\~DF55C0.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Monju\LOCALS~1\Temp\~DF722C.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Monju\LOCALS~1\Temp\~DF7242.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Monju\LOCALS~1\Temp\~DF844A.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Monju\LOCALS~1\Temp\~DF854D.tmp scheduled to be deleted on reboot.
Temp folders emptied.
IE temp folders emptied.
< purity >
Explorer started successfully
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08182008_122536
Files moved on Reboot...
File C:\DOCUME~1\Monju\LOCALS~1\Temp\Perflib_Perfdata_4b0.dat not found!
File C:\DOCUME~1\Monju\LOCALS~1\Temp\Perflib_Perfdata_558.dat not found!
C:\DOCUME~1\Monju\LOCALS~1\Temp\~DF55C0.tmp moved successfully.
File C:\DOCUME~1\Monju\LOCALS~1\Temp\~DF722C.tmp not found!
File C:\DOCUME~1\Monju\LOCALS~1\Temp\~DF7242.tmp not found!
File C:\DOCUME~1\Monju\LOCALS~1\Temp\~DF844A.tmp not found!
File C:\DOCUME~1\Monju\LOCALS~1\Temp\~DF854D.tmp not found!
Results for Kaspersky:
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Monday, August 18, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Monday, August 18, 2008 12:34:26
Records in database: 1105003
--------------------------------------------------------------------------------
Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes
Scan area - My Computer:
C:\
D:\
F:\
G:\
H:\
Scan statistics:
Files scanned: 73679
Threat name: 4
Infected objects: 4
Suspicious objects: 0
Duration of the scan: 02:20:34
File name / Threat name / Threats count
C:\Deckard\System Scanner\20080731205210\backup\DOCUME~1\Monju\LOCALS~1\Temp\cz8.dll Infected: Trojan-PSW.Win32.OnLineGames.ahwj 1
C:\h6o0re.cmd Infected: Trojan-PSW.Win32.OnLineGames.uyy 1
C:\Limit.exe Infected: Worm.Win32.AutoRun.qi 1
C:\_OTMoveIt\MovedFiles\08182008_122536\WINDOWS\system32\amvo0.dll Infected: Trojan-PSW.Win32.OnLineGames.uyx 1
The selected area was scanned.
Results for Virus Total:
Antivirus Version Last Update Result
AhnLab-V3 2008.8.19.0 2008.08.18 -
AntiVir 7.8.1.19 2008.08.18 -
Authentium 5.1.0.4 2008.08.18 -
Avast 4.8.1195.0 2008.08.18 -
AVG 8.0.0.161 2008.08.18 -
BitDefender 7.2 2008.08.18 -
CAT-QuickHeal 9.50 2008.08.18 -
ClamAV 0.93.1 2008.08.18 -
DrWeb 4.44.0.09170 2008.08.18 -
eSafe 7.0.17.0 2008.08.18 -
eTrust-Vet 31.6.6035 2008.08.15 -
Ewido 4.0 2008.08.18 -
F-Prot 4.4.4.56 2008.08.18 -
F-Secure 7.60.13501.0 2008.08.18 -
Fortinet 3.14.0.0 2008.08.18 -
GData 2.0.7306.1023 2008.08.18 -
Ikarus T3.1.1.34.0 2008.08.18 -
K7AntiVirus 7.10.417 2008.08.18 -
Kaspersky 7.0.0.125 2008.08.18 -
McAfee 5362 2008.08.15 -
Microsoft 1.3807 2008.08.18 -
NOD32v2 3365 2008.08.18 -
Norman 5.80.02 2008.08.18 -
Panda 9.0.0.4 2008.08.17 -
PCTools 4.4.2.0 2008.08.18 -
Prevx1 V2 2008.08.18 -
Rising 20.58.02.00 2008.08.18 -
Sophos 4.32.0 2008.08.18 -
Sunbelt 3.1.1546.1 2008.08.15 -
Symantec 10 2008.08.18 -
TheHacker 6.3.0.5.053 2008.08.18 -
TrendMicro 8.700.0.1004 2008.08.18 -
VBA32 3.12.8.3 2008.08.18 -
ViRobot 2008.8.18.1339 2008.08.18 -
VirusBuster 4.5.11.0 2008.08.18 -
Webwasher-Gateway 6.6.2 2008.08.18 -
Additional information
File size: 36864 bytes
MD5...: 69cca5cd2fa1b12648f26e270cacae40
SHA1..: c6970187d00a1bf82f09b432e4bbe177f96d8314
SHA256: bca054fad03890a6a1978336526a5eb10357a36f87b3fc5e398043a3fb82225b
SHA512: db9db6e34fc413c737b2891381c301b532f46e1d9c9de6b65975798fc443aaed
a6f466f9cc77af8bc539ec66cf09d06e59fb5201c6dd102645f89c2c26d5d76f
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x10001756
timedatestamp.....: 0x4533465b (Mon Oct 16 08:44:11 2006)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x3eb6 0x4000 6.55 697a7070b48ff3fae5a4d8065696beb5
.rdata 0x5000 0x1322 0x2000 3.45 60d266875c393b81624cccadc63b8f15
.data 0x7000 0x11bc 0x1000 2.10 20aacedfc47be8c9a5a706f58d6d8a56
.reloc 0x9000 0xb52 0x1000 2.87 b94c8418e3ce4045697b7162f779387c
( 3 imports )
> KERNEL32.dll: CreateProcessA, GetSystemDirectoryA, CopyFileA, DeleteFileA, RtlUnwind, GetCurrentThreadId, TlsSetValue, GetCommandLineA, GetVersionExA, TlsFree, SetLastError, TlsGetValue, GetLastError, TlsAlloc, ExitProcess, GetProcAddress, GetModuleHandleA, HeapFree, HeapAlloc, SetHandleCount, GetStdHandle, GetFileType, GetStartupInfoA, DeleteCriticalSection, GetModuleFileNameA, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, HeapDestroy, HeapCreate, VirtualFree, WriteFile, GetStringTypeA, MultiByteToWideChar, GetStringTypeW, GetCPInfo, LeaveCriticalSection, EnterCriticalSection, GetLocaleInfoA, GetACP, GetOEMCP, VirtualAlloc, HeapReAlloc, InitializeCriticalSection, LoadLibraryA, VirtualProtect, GetSystemInfo, VirtualQuery, LCMapStringA, LCMapStringW
> USER32.dll: SendMessageA, RegisterWindowMessageA
> ADVAPI32.dll: RegCloseKey, RegOpenKeyExA, RegQueryInfoKeyA, RegEnumKeyExA, RegQueryValueExA, RegSetValueExA, RegCreateKeyA
( 3 exports )
GetAegis, InstallNWDLService, fnKill
Results for Dss
Deckard's System Scanner v20071014.68
Run by Monju on 2008-08-18 17:37:39
Computer is in Normal Mode.
--------------------------------------------------------------------------------
System Drive C: has 1.73 GiB (less than 15%) free.
-- HijackThis (run as Monju.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:37:44, on 18/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\NETGEAR\WG511SCU\Utility\Gear511.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Free Download Manager\FUM\fumoei.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\Program Files\Eraser\eraser.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\O2\bin\sprtsvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Monju\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Monju.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tiscali.co.uk/broadband
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AS00_Gear511] C:\Program Files\NETGEAR\WG511SCU\Utility.\Gear511.exe -hide
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Free Upload Manager] "C:\Program Files\Free Download Manager\fum\fum.exe" -autorun
O4 - HKCU\..\Run: [Free Uploader Oe Integration] C:\Program Files\Free Download Manager\FUM\fumoei.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe -hide
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [RapidCheck] C:\Program Files\RapidCheck\RapidCheck.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\gprs.exe
O4 - Global Startup: VersionTrackerPro.lnk = ?
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.tiscali.co.uk/broadband
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\Skype4COM.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Netgear Wireless Domain Login Service (NWDLS) - Unknown owner - C:\WINDOWS\system32\NWDLS.exe (file missing)
O23 - Service: SupportSoft Sprocket Service (O2) (sprtsvc_O2) - SupportSoft, Inc. - C:\Program Files\O2\bin\sprtsvc.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe
--
End of file - 10896 bytes
-- Files created between 2008-07-18 and 2008-08-18 -----------------------------
2008-08-18 12:33:25 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-08-18 12:33:23 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-08-17 17:26:56 48396 --a------ C:\WINDOWS\UninstVeetleTVPlayer.exe
2008-08-17 17:26:56 0 d-------- C:\Program Files\Veetle
2008-08-15 22:06:09 0 d-------- C:\Program Files\RapidCheck
2008-08-15 20:47:47 0 dr-h----- C:\Documents and Settings\Monju\Recent
2008-08-11 21:09:15 0 d-------- C:\Program Files\URUSoft
2008-08-11 16:16:42 0 d-------- C:\Documents and Settings\Monju\Application Data\Adobe
2008-08-11 16:10:13 0 d-------- C:\Program Files\Veoh Networks
2008-08-09 21:25:55 0 d--hs---- C:\found.001
2008-08-04 15:21:26 0 d-------- C:\Documents and Settings\Monju\Application Data\Nero
2008-08-04 15:16:57 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-08-04 15:16:56 0 d-------- C:\Program Files\Common Files\Nero
2008-08-04 13:51:50 0 d-------- C:\BFU
2008-08-04 12:15:28 0 d-------- C:\Documents and Settings\Monju\Application Data\Malwarebytes
2008-08-04 12:15:23 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-04 12:15:23 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-02 15:23:50 0 d-------- C:\Documents and Settings\Monju\Application Data\TVU Networks
2008-08-02 15:23:50 0 d-------- C:\Documents and Settings\All Users\Application Data\TVU Networks
2008-08-02 15:23:36 0 d-------- C:\Documents and Settings\Monju\LocalLow
2008-08-02 15:23:30 0 d-------- C:\Program Files\TVUPlayer
2008-07-29 12:13:12 0 d-------- C:\Program Files\MSXML 6.0
2008-07-29 12:11:06 0 d-------- C:\Program Files\MSXML 4.0
2008-07-28 17:06:43 0 d-------- C:\WINDOWS\system32\CatRoot_bak
2008-07-28 16:44:39 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-07-28 16:10:09 0 d--hs---- C:\found.000
2008-07-27 19:48:23 0 d-------- C:\Program Files\SopCast
2008-07-26 20:39:13 0 d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-07-26 20:23:11 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2008-07-26 20:22:38 0 d-------- C:\Program Files\Rosetta Stone
2008-07-26 20:22:38 0 d-------- C:\Documents and Settings\All Users\Application Data\Rosetta Stone
2008-07-26 17:58:13 0 d-------- C:\Program Files\Trend Micro
2008-07-26 16:28:20 0 d-------- C:\Documents and Settings\All Users\Application Data\LogMeIn
2008-07-26 16:23:50 0 d-------- C:\Program Files\LogMeIn
2008-07-26 15:52:39 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-26 15:17:05 36864 -----n--- C:\WINDOWS\system32\kill.dll
2008-07-26 15:16:57 17801 --a------ C:\WINDOWS\system32\drivers\AegisP.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.2.0.3>
2008-07-26 15:16:43 221184 --a------ C:\WINDOWS\Unin511T.exe <Not Verified; ; NetgearRev Application>
2008-07-26 15:16:43 221184 --a------ C:\WINDOWS\Inst511T.exe <Not Verified; ; NetgearRev Application>
2008-07-26 15:16:41 0 d-------- C:\Program Files\NETGEAR
2008-07-26 15:10:44 393216 --a------ C:\WINDOWS\system32\WG511TFCS.exe <Not Verified; NetGear; FCS Service>
2008-07-26 15:10:44 155745 -----n--- C:\WINDOWS\system32\installservice.exe
2008-07-26 15:10:44 102400 --a------ C:\WINDOWS\system32\ASupplicant.dll <Not Verified; Ambit Microsystems; ASupplicant Dynamic Link Library>
2008-07-26 15:10:44 17801 --a------ C:\WINDOWS\system32\AegisP.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.2.0.3>
2008-07-26 15:01:39 16194 --a------ C:\WINDOWS\system32\AWINDIS5.SYS <Not Verified; AMBIT Microsystems Corporation.; AMBIT WinDis32 Protocol Driver for Windows>
2008-07-26 15:01:39 73728 --a------ C:\WINDOWS\system32\AW32n50.dll <Not Verified; AMBIT Microsystems Corporation.; AMBIT WinDis32 DLL for Windows>
2008-07-22 15:30:18 0 d--h----- C:\WINDOWS\system32\GroupPolicy
-- Find3M Report ---------------------------------------------------------------
2008-08-18 17:27:31 0 d-------- C:\Documents and Settings\Monju\Application Data\Free Download Manager
2008-08-18 17:26:45 0 d-------- C:\Documents and Settings\Monju\Application Data\VersionTracker Pro
2008-08-18 17:26:40 0 d-------- C:\Documents and Settings\Monju\Application Data\DMCache
2008-08-18 15:59:11 0 d-------- C:\Program Files\Eraser
2008-08-18 12:21:53 0 d-------- C:\Program Files\Messenger
2008-08-17 23:10:10 0 d-------- C:\Documents and Settings\Monju\Application Data\OpenOffice.org2
2008-08-15 16:08:38 0 d-------- C:\Documents and Settings\Monju\Application Data\uTorrent
2008-08-13 15:07:35 0 d-------- C:\Documents and Settings\Monju\Application Data\IDM
2008-08-11 16:11:32 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-08-04 15:16:57 0 d-------- C:\Program Files\Nero
2008-08-04 15:16:56 0 d-------- C:\Program Files\Common Files
2008-08-04 15:01:56 0 d-------- C:\Program Files\Common Files\Ahead
2008-07-27 17:46:35 0 d-------- C:\Program Files\AviSynth 2.5
2008-07-26 20:06:35 0 d-------- C:\Program Files\Java
2008-07-18 14:57:23 0 d-------- C:\Documents and Settings\Monju\Application Data\LimeWire
2008-07-16 15:04:47 0 d-------- C:\Program Files\Internet Download Manager
2008-07-16 12:53:50 0 d-------- C:\Program Files\Abbyy FineReader 6.0 Sprint
2008-07-14 10:12:13 0 d-------- C:\Program Files\Lx_cats
2008-07-13 22:45:33 0 d-------- C:\Program Files\Xilisoft
2008-07-11 23:16:49 0 d-------- C:\Program Files\BitComet
2008-07-11 18:38:19 0 d-------- C:\Program Files\YourWare Solutions
2008-07-11 18:16:29 0 d-------- C:\Program Files\Foxit Software
2008-07-11 15:49:44 155648 --a------ C:\WINDOWS\system32\stuninstall.exe <Not Verified; -; Uninstall>
2008-07-11 15:46:29 0 d-------- C:\Program Files\K-Lite Codec Pack
2008-07-11 14:49:03 0 d-------- C:\Program Files\Siber Systems
2008-07-11 14:11:30 0 d-------- C:\Documents and Settings\Monju\Application Data\Real
2008-07-11 14:09:02 0 d-------- C:\Program Files\Common Files\xing shared
2008-07-11 14:08:58 0 d-------- C:\Program Files\Common Files\Real
2008-07-11 14:08:41 0 d-------- C:\Program Files\Real
2008-07-11 09:43:46 0 d-------- C:\Program Files\O2
2008-07-11 09:27:39 0 d-------- C:\Program Files\Common Files\SupportSoft
2008-06-20 16:17:30 0 d-------- C:\Program Files\Sony Ericsson
2008-06-20 16:05:42 0 d-------- C:\Documents and Settings\Monju\Application Data\Teleca
2008-06-19 23:25:49 0 d-------- C:\Documents and Settings\Monju\Application Data\Sony Ericsson
2008-06-19 23:25:34 0 d-------- C:\Program Files\Common Files\Teleca Shared
2008-06-19 23:25:33 0 d-------- C:\Program Files\Common Files\Sony Ericsson Shared
2008-06-19 17:08:18 0 d-------- C:\Program Files\CCleaner
2008-06-19 17:05:07 0 d-------- C:\Documents and Settings\Monju\Application Data\CBL-Electronics
2008-06-19 16:55:24 0 d-------- C:\Program Files\PartyGaming
2008-06-19 16:24:08 0 d-------- C:\Program Files\Smart Projects
2008-06-19 15:04:57 0 d-------- C:\Program Files\DVD Decrypter
2008-06-12 19:36:38 7680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-06-04 23:03:11 43520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
2008-05-31 00:22:46 683520 --a------ C:\WINDOWS\system32\divx.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-22 23:22:18 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-05-22 23:19:46 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
-- Registry Dump ---------------------------------------------------------------
Unable to run batchfile; Access is denied.
ComSpec: C:\WINDOWS\system32\cmd.exe
-- End of Deckard's System Scanner: finished at 2008-08-18 17:38:04 ------------