Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Please help w/ my DSS LOG [RESOLVED]

Started by idrink2much , Aug 08 2008 04:21 PM

  • This topic is locked This topic is locked

#1
idrink2much
Posted 08 August 2008 - 04:21 PM

idrink2much

    New Member

  • Member
  • Pip
  • 3 posts
Any search engine link redirects me to a ad

cant acess any website that has anything to do with anything antivirus, and some others also

it also infected my norton and made my most recent virus defintions corrupted so it had to revert back to older ones and of course i cant update norton because of said problems above.

im accessing this website on a friends computer

heres my logs and thanks for your help in advance!

Deckard's System Scanner v20071014.68
Run by dianna on 2008-08-08 18:13:27
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

System Restore is disabled; attempting to re-enable...success.


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 503 MiB (512 MiB recommended).


-- HijackThis (run as dianna.exe) ----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:15:53 PM, on 8/8/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
I:\dss.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\dianna.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onec...lscbase5036.cab
O16 - DPF: {BDEE1959-AB6B-4745-A29B-F492861102CC} -
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 11933 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 VClone - c:\windows\system32\drivers\vclone.sys <Not Verified; Elaborate Bytes AG; Virtual CloneDrive>
R2 ElbyCDIO (ElbyCDIO Driver) - c:\windows\system32\drivers\elbycdio.sys <Not Verified; Elaborate Bytes AG; CDRTools>
R3 ElbyDelay - c:\windows\system32\drivers\elbydelay.sys <Not Verified; Elaborate Bytes AG; CDRTools>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Diskeeper - "c:\program files\diskeeper corporation\diskeeper\dkservice.exe" <Not Verified; Diskeeper Corporation; Diskeeper ™ Disk Defragmenter>
R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe
R2 PLFlash DeviceIoControl Service - c:\windows\system32\ioctlsvc.exe <Not Verified; Prolific Technology Inc.; IoctlSvc Application>
R2 VzFw (VAIO Entertainment File Import Service) - c:\program files\common files\sony shared\vaio entertainment platform\vzcdb\vzfw.exe
R3 Vcsw (VAIO Entertainment UPnP Client Adapter) - c:\program files\common files\sony shared\vaio entertainment platform\vcsw\vcsw.exe -runbyscm

S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {6BDD1FC6-810F-11D0-BEC7-08002BE2092F}
Description: Canon MX700 ser Network
Device ID: ROOT\CANON_IJ_NETWORK\0000
Manufacturer: Canon
Name: Canon MX700 ser Network
PNP Device ID: ROOT\CANON_IJ_NETWORK\0000
Service: StillCam


-- Scheduled Tasks -------------------------------------------------------------

2008-08-07 12:08:48 566 --a------ C:\WINDOWS\Tasks\dianna scan and fix.job
2008-08-07 12:08:47 556 --a------ C:\WINDOWS\Tasks\dianna backup.job
2008-08-06 03:00:00 254 --a------ C:\WINDOWS\Tasks\dfrg.job
2008-08-02 14:35:05 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2008-08-01 20:52:19 550 --a------ C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer - dianna.job


-- Files created between 2008-07-08 and 2008-08-08 -----------------------------

2008-08-08 16:41:13 0 d-------- C:\Program Files\Trend Micro
2008-08-08 16:22:06 0 d-------- C:\Program Files\Lavasoft
2008-08-08 16:22:05 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-08-08 16:21:43 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-08-08 11:48:47 0 dr-h----- C:\Documents and Settings\dianna\Recent
2008-08-07 12:18:39 0 d-------- C:\Program Files\Windows Live Safety Center
2008-08-07 12:08:43 138552 --a------ C:\WINDOWS\system32\RegCompact.dll <Not Verified; AMUST Software; AMUST Registry Cleaner>
2008-08-07 12:08:43 0 d-------- C:\Program Files\AMUST
2008-08-06 18:06:47 0 d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-06 18:06:28 0 d-------- C:\Documents and Settings\dianna\Application Data\iPod Copy Expert
2008-08-06 17:39:31 0 d-------- C:\Documents and Settings\dianna\Application Data\iPodSoft
2008-08-02 14:46:58 0 d-------- C:\Program Files\iPod
2008-08-02 14:46:45 0 d-------- C:\Program Files\iTunes
2008-08-02 12:19:08 0 d-------- C:\Documents and Settings\All Users\Application Data\HotSync
2008-08-02 12:16:18 0 d-------- C:\Program Files\palmOne
2008-08-02 12:14:34 0 d-------- C:\Documents and Settings\dianna\Application Data\HotSync
2008-08-02 11:16:04 0 d-------- C:\Documents and Settings\dianna\Application Data\Talkback
2008-08-02 11:15:49 0 d-------- C:\Documents and Settings\dianna\Application Data\Mozilla
2008-08-02 11:15:22 0 d-------- C:\Program Files\Mozilla Sunbird
2008-08-01 20:41:45 0 d-------- C:\WINDOWS\Downloaded Installations
2008-08-01 20:41:25 0 d-------- C:\Program Files\Diskeeper Corporation
2008-07-22 03:03:50 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-07-18 23:11:10 0 d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-07-18 22:51:31 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2008-07-18 22:50:54 0 d-------- C:\Program Files\Rosetta Stone
2008-07-18 22:50:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Rosetta Stone
2008-07-18 22:48:47 0 d-------- C:\Program Files\Elaborate Bytes
2008-07-18 09:56:08 0 d-------- C:\Documents and Settings\LocalService\Application Data\Sony Corporation
2008-07-18 09:55:48 0 d-------- C:\Contents
2008-07-18 09:55:45 0 d-------- C:\VAIO Entertainment
2008-07-18 03:00:43 0 d-------- C:\Program Files\MSXML 4.0
2008-07-17 21:23:18 0 d-------- C:\Documents and Settings\dianna\Application Data\Canneverbe_Limited
2008-07-17 21:22:54 0 d-------- C:\Program Files\CDBurnerXP
2008-07-17 21:15:56 0 d-------- C:\WINDOWS\system32\XPSViewer
2008-07-17 21:15:47 0 d-------- C:\Program Files\Reference Assemblies
2008-07-17 21:10:03 0 d-------- C:\Program Files\MSXML 6.0
2008-07-17 17:46:35 0 d-------- C:\Program Files\DivX
2008-07-17 13:39:33 0 d-------- C:\Program Files\Microsoft Works
2008-07-17 13:39:16 0 d-------- C:\Program Files\MSBuild
2008-07-17 13:37:25 0 d-------- C:\Program Files\Microsoft.NET
2008-07-17 13:32:32 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-07-17 13:32:13 0 dr-h----- C:\MSOCache
2008-07-17 12:46:57 0 d-------- C:\Documents and Settings\dianna\Application Data\Nero
2008-07-17 12:43:53 0 d-------- C:\Program Files\Nero
2008-07-17 12:43:53 0 d-------- C:\Program Files\Common Files\Nero
2008-07-17 12:43:53 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-07-17 12:34:10 0 d-------- C:\Program Files\SymNetDrv
2008-07-14 16:45:57 0 d-------- C:\WINDOWS\pss
2008-07-14 13:25:41 0 d-------- C:\Program Files\Common Files\CANON
2008-07-14 13:23:48 0 d--h----- C:\Documents and Settings\All Users\Application Data\CanonBJ
2008-07-14 13:23:42 0 d--h----- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2008-07-14 13:23:17 0 d--h----- C:\Program Files\CanonBJ
2008-07-14 13:22:44 142336 --a------ C:\WINDOWS\system32\CNMNPUI.DLL <Not Verified; CANON INC.; Canon IJ Network 32bit UI Module for Microsoft Windows>
2008-07-14 13:22:44 362496 --a------ C:\WINDOWS\system32\CNMNPPM.DLL <Not Verified; CANON INC.; Canon IJ Network 32bit comm Module for Microsoft Windows>
2008-07-14 13:21:37 0 d-------- C:\Program Files\Canon
2008-07-14 13:18:49 0 d-------- C:\Documents and Settings\dianna\Application Data\AdobeUM
2008-07-14 13:12:12 0 d-------- C:\Documents and Settings\dianna\Application Data\Sonic
2008-07-14 13:10:16 0 d-------- C:\Documents and Settings\dianna\Application Data\Leadertech
2008-07-14 10:11:24 0 d-------- C:\Documents and Settings\dianna\Application Data\Corel
2008-07-12 21:42:09 0 d-------- C:\WINDOWS\system32\LogFiles
2008-07-12 19:33:04 289 --a------ C:\Documents and Settings\dianna\Application Data\iPod Access v4 Prefs
2008-07-12 19:32:49 38 --ah----- C:\Documents and Settings\dianna\Application Data\iPodAccessv4_OwnerName
2008-07-12 19:31:24 11 --ah----- C:\Documents and Settings\dianna\Application Data\iPodAccess_Time
2008-07-12 19:31:07 0 d-------- C:\Program Files\iPod Access for Windows
2008-07-12 19:10:27 0 d--h----- C:\WINDOWS\msdownld.tmp
2008-07-12 19:10:27 0 d-------- C:\Program Files\Yahoo!
2008-07-12 19:10:27 0 d-------- C:\Documents and Settings\dianna\Application Data\Yahoo!
2008-07-12 19:10:13 0 d-------- C:\Program Files\CCleaner
2008-07-12 19:10:01 0 d-------- C:\WINDOWS\system32\PreInstall
2008-07-12 19:09:04 0 d-------- C:\WINDOWS\LastGood(2)
2008-07-12 18:22:03 0 d-------- C:\WINDOWS\network diagnostic
2008-07-12 09:26:29 0 d-------- C:\Documents and Settings\dianna\Application Data\Apple Computer
2008-07-12 09:25:31 2359296 --a------ C:\Documents and Settings\dianna\ntuser.dat
2008-07-12 09:24:16 0 d-------- C:\Program Files\QuickTime
2008-07-12 09:24:07 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-07-12 09:23:34 0 d-------- C:\Program Files\Apple Software Update
2008-07-12 09:23:21 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-07-12 09:22:32 0 d-------- C:\Documents and Settings\dianna\Application Data\LimeWire
2008-07-12 09:22:21 0 d-------- C:\Program Files\Common Files\Apple
2008-07-12 09:22:21 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-07-12 09:22:16 0 d-------- C:\Program Files\LimeWire
2008-07-12 09:21:50 0 d-------- C:\Documents and Settings\dianna\Application Data\WinRAR
2008-07-12 09:21:20 0 d-------- C:\WINDOWS\Sun
2008-07-12 09:21:19 0 d-------- C:\Documents and Settings\dianna\Application Data\Sun
2008-07-12 09:20:24 0 d-------- C:\Program Files\uTorrent
2008-07-12 09:20:22 0 d-------- C:\Documents and Settings\dianna\Application Data\uTorrent
2008-07-11 22:43:49 0 d-------- C:\Program Files\Norton Internet Security
2008-07-11 22:43:11 0 d-------- C:\Documents and Settings\dianna\Application Data\Symantec
2008-07-11 22:42:32 0 d-------- C:\Program Files\Symantec
2008-07-11 22:42:29 0 d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2008-07-11 22:42:25 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-07-11 22:41:17 0 d-------- C:\Program Files\InterMute
2008-07-11 22:41:01 0 d-------- C:\Program Files\MoodLogic
2008-07-11 22:38:16 0 d-------- C:\Documents and Settings\All Users\Application Data\VAIO Media Platform
2008-07-11 22:35:57 0 d-------- C:\Program Files\Quicken
2008-07-11 22:35:57 0 d-------- C:\Documents and Settings\All Users\Application Data\Intuit
2008-07-11 22:35:11 204800 --a------ C:\WINDOWS\system32\IVIresizeW7.dll
2008-07-11 22:35:11 188416 --a------ C:\WINDOWS\system32\IVIresizePX.dll
2008-07-11 22:35:11 192512 --a------ C:\WINDOWS\system32\IVIresizeP6.dll
2008-07-11 22:35:11 192512 --a------ C:\WINDOWS\system32\IVIresizeM6.dll
2008-07-11 22:35:11 200704 --a------ C:\WINDOWS\system32\IVIresizeA6.dll
2008-07-11 22:35:11 20480 --a------ C:\WINDOWS\system32\IVIresize.dll
2008-07-11 22:35:07 0 d-------- C:\Program Files\InterVideo
2008-07-11 22:34:30 0 d-------- C:\Program Files\Common Files\Borland Shared
2008-07-11 22:34:07 0 d-------- C:\WINDOWS\ShellNew
2008-07-11 22:33:50 0 d-------- C:\Program Files\WordPerfect Office 12
2008-07-11 22:33:50 0 d-------- C:\Program Files\Common Files\Corel
2008-07-11 22:27:43 0 d-------- C:\Program Files\Sonic
2008-07-11 22:27:20 2981888 --a------ C:\WINDOWS\system32\iplw7.dll <Not Verified; Intel Corporation.; Intel® Image Processing Library>
2008-07-11 22:27:20 2502656 --a------ C:\WINDOWS\system32\iplpx.dll <Not Verified; Intel Corporation.; Intel® Image Processing Library>
2008-07-11 22:27:20 2531328 --a------ C:\WINDOWS\system32\iplp6.dll <Not Verified; Intel Corporation.; Intel® Image Processing Library>
2008-07-11 22:27:20 2785280 --a------ C:\WINDOWS\system32\iplm6.dll <Not Verified; Intel Corporation.; Intel® Image Processing Library>
2008-07-11 22:27:19 2686976 --a------ C:\WINDOWS\system32\iplm5.dll <Not Verified; Intel Corporation.; Intel® Image Processing Library>
2008-07-11 22:27:19 2973696 --a------ C:\WINDOWS\system32\ipla6.dll <Not Verified; Intel Corporation.; Intel® Image Processing Library>
2008-07-11 22:27:19 53248 --a------ C:\WINDOWS\system32\ipl.dll <Not Verified; Intel Corporation.; Intel® Image Processing Library>
2008-07-11 22:27:19 19968 --a------ C:\WINDOWS\system32\Cpuinf32.dll
2008-07-11 22:25:20 757760 --a------ C:\WINDOWS\system32\CDDBUI.dll <Not Verified; Gracenote; CDDBUIControl Module>
2008-07-11 22:25:20 630784 --a------ C:\WINDOWS\system32\CDDBControl.dll <Not Verified; Gracenote (formerly CDDB, Inc.); CDDBControl Core Module>
2008-07-11 22:21:55 0 d-------- C:\Documents and Settings\dianna\Application Data\Macromedia
2008-07-11 22:19:07 0 d-------- C:\Documents and Settings\dianna\Application Data\Sony Corporation
2008-07-11 22:18:18 0 dr------- C:\Documents and Settings\dianna\Favorites
2008-07-11 22:18:18 0 d-------- C:\Documents and Settings\dianna\Desktop
2008-07-11 22:18:18 0 d--hs---- C:\Documents and Settings\dianna\Cookies
2008-07-11 22:18:18 0 d--h----- C:\Documents and Settings\dianna\Application Data
2008-07-11 22:18:18 0 d-------- C:\Documents and Settings\dianna\Application Data\Identities
2008-07-11 22:18:18 0 d-------- C:\Documents and Settings\dianna\Application Data\Adobe
2008-07-11 22:18:17 0 d--h----- C:\Documents and Settings\dianna\Templates
2008-07-11 22:18:17 0 dr------- C:\Documents and Settings\dianna\Start Menu
2008-07-11 22:18:17 0 dr-h----- C:\Documents and Settings\dianna\SendTo
2008-07-11 22:18:17 0 d--h----- C:\Documents and Settings\dianna\PrintHood
2008-07-11 22:18:17 0 d--h----- C:\Documents and Settings\dianna\NetHood
2008-07-11 22:18:17 0 dr------- C:\Documents and Settings\dianna\My Documents
2008-07-11 22:18:17 0 d--h----- C:\Documents and Settings\dianna\Local Settings
2008-07-11 22:17:09 0 d-------- C:\Documents and Settings\Default User\Application Data\Adobe
2008-07-11 22:16:17 0 d-------- C:\WINDOWS\system32\SoftwareDistribution


-- Find3M Report ---------------------------------------------------------------

2008-08-08 17:48:58 0 d-------- C:\Program Files\Common Files
2008-08-02 13:01:05 12999 --a------ C:\Documents and Settings\dianna\Application Data\Comma Separated Values (Windows).CAL
2008-07-14 16:53:56 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-07-14 10:11:26 61678 --a------ C:\Documents and Settings\dianna\Application Data\PFP120JPR.{PB
2008-07-14 10:11:26 12358 --a------ C:\Documents and Settings\dianna\Application Data\PFP120JCM.{PB
2008-07-12 09:28:13 0 d-------- C:\Program Files\Java
2008-07-11 22:41:34 0 d-------- C:\Program Files\Sony
2008-07-11 22:39:58 0 d-------- C:\Program Files\Common Files\Sony Shared
2008-07-11 22:34:11 0 d-------- C:\Program Files\Common Files\InstallShield


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_USERS\.default\software\microsoft\windows\currentversion\run
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [12/14/2004 8:44:06 AM]
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system
!d;
"NoDispScrSavPage"=1 (0x1)
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer
HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer

Written by Bobbi Flekman 2006 ©
GeneralFlags REG_DWORD 1 (0x1)
RestoredStateInfo REG_BINARY 180000006a02000023000000a40000009a00000001000000

REGEDIT4
"AltDefaultDomainName"="FARM"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\GPExtensions]
"ProcessGroupPolicy"="ProcessGroupPolicy"
00
"MaxNoGPOListChangesInterval"=dword:00000001
00
"RequiresSuccessfulRegistry"=dword:00000001
"RequiresSuccessfulRegistry"=dword:00000001
74,61,6c,6c,65,72,2c,41,70,70,6c,69,63,61,74,69,6f,6e,29,00,00
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\Notify]
"Unlock"="AtiUnLockEvent"
"Logoff"="ChainWlxLogoffEvent"
"Logoff"="CryptnetWlxLogoffEvent"
"Asynchronous"=dword:00000001
"Unlock"="WinlogonUnlockEvent"
"Asynchronous"=dword:00000000
"Asynchronous"=dword:00000001
"Logoff"="SchedEventLogOff"
"DllName"=hex(2):73,63,6c,67,6e,74,66,79,2e,64,6c,6c,00
"Asynchronous"=dword:00000001
"Disconnect"="TSEventDisconnect"
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\SpecialAccounts]
"ASPNET"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\Credentials]
!d;s/.*t//;s/
[hkey.*/n
DLLName REG_SZ Ati2evxx.dll
!d;s/.*t//;s/
[hkey.*/n
Asynchronous REG_DWORD 0 (0x0)
!d;s/.*t//;s/
[hkey.*/n
Asynchronous REG_DWORD 0 (0x0)
!d;s/.*t//;s/
[hkey.*/n
DLLName REG_SZ cscdll.dll
!d;s/.*t//;s/
[hkey.*/n
!d;s/.*t//;s/
[hkey.*/n
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\RegCompact
!d;s/.*t//;s/
[hkey.*/n
DLLName REG_SZ wlnotify.dll
!d;s/.*t//;s/
[hkey.*/n
Asynchronous REG_DWORD 0 (0x0)
!d;s/.*t//;s/
[hkey.*/n
Logoff REG_SZ WLEventLogoff
!d;s/.*t//;s/
[hkey.*/n
DLLName REG_SZ WlNotify.dll
!d;s/.*t//;s/
[hkey.*/n
Asynchronous REG_DWORD 0 (0x0)
!d;s/.*t//;s/
[hkey.*/n
DLLName REG_SZ wlnotify.dll

Written by Bobbi Flekman 2006 ©
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 140200001002000000020000900434000000560053005f00560045005200530049004f004e005f00
49004e0046004f0000000000bd04effe00000100000007000b000000000007000b0000003f000000
0
20000000400010001000000000000000000000000000000440000000100560061007200460069006
c
00650049006e0066006f00000000002400040000005400720061006e0073006c006100740069006f
0
06e00000000000904e404f0030000010053007400720069006e006700460069006c00650049006e0
0
66006f000000cc03000001003000340030003900300034004500340000004a001900010043006f00
6
d006d0065006e007400730000004300720079007300740061006c002000530051004c00200044006
5
007300690067006e0065007200200037002e0030000000000088003400010043006f006d00700061
0
06e0079004e0061006d006500000000005300650061006700610074006500200053006f006600740
0
7700610072006500200049006e0066006f0072006d006100740069006f006e0020004d0061006e00
6
100670065006d0065006e0074002000470072006f00750070002c00200049006e0063002e000000a
e
00450001004c006500670061006c0043006f007000790072006900670068007400000043006f0070
0
07900720069006700680074002000280063002900200031003900390031002d00310039003900100
0
000000000000
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
DisableHeapLookAside REG_SZ 1
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 5409000054020000000200008c0334000000560053005f00560045005200530049004f004e005f00
49004e0046004f0000000000bd04effe000001000200a8112e0400000200a8112e0400003f000000
2
00000000400000001000000000000000000000000000000ec020000010053007400720069006e006
7
00460069006c00650049006e0066006f000000c80200000100300030003000300030003400620030
0
0000038001000010043006f006d006d0065006e007400730000004f007200690067006e0061006c0
0
2000560065007200730069006f006e00000042001100010043006f006d00700061006e0079004e00
6
1006d006500000000005300410050002000410047002c002000570061006c006c0064006f0072006
6
00000000005a0019000100460069006c0065004400650073006300720069007000740069006f006e
0
0000000005300410050002000460072006f006e00740065006e006400200066006f0072002000570
0
69006e0064006f0077007300000000003c000e000100460069006c00650056006500720073006900
6
f006e000000000034003500320030002e0032002e0030002e0031003000370030000000320009000
1
0049006e007400650072006e0061006c004e0061006d0065000000460045005700460052004f004e
0
05400000000007a002b0001004c006500670061006c0043006f00700079007200690067006800020
0
000000000000010000004c0000003cfd060004000000000000006505000002000000030000000000
0
100530065007200760069006300650020005000610063006b0020003300000023005402000000020
0
008c0334000000560053005f00560045005200530049004f004e005f0049004e0046004f00000000
0
0bd04effe0000010003009e112604000003009e11260400003f00000020000000040000000100000
0
000000000000000000000000ec020000010053007400720069006e006700460069006c0065004900
6
e0066006f000000c8020000010030003000300030003000340062003000000038001000010043006
f
006d006d0065006e007400730000004f007200690067006e0061006c002000560065007200730069
0
06f006e00000042001100010043006f006d00700061006e0079004e0061006d00650000000000530
0
410050002000410047002c002000570061006c006c0064006f0072006600000000005a0019000100
4
60069006c0065004400650073006300720069007000740069006f006e00000000005300410050002
0
00460072006f006e00740065006e006400200066006f0072002000570069006e0064006f00770073
0
0000000003c000e000100460069006c006500560065007200730069006f006e00000000003400350
0
310030002e0033002e0030002e003100300036003200000032000900010049006e00740065007200
6
e0061006c004e0061006d0065000000460045005700460052004f004e005400000000007a002b000
1
004c006500670061006c0043006f007000790072006900670068000200000000000000010000004c
0
000003cfd06000400000000000000650500000200000003000000000001005300650072007600690
0
6300650020005000610063006b002000330000002300540200000002000020033400000056005300
5
f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe0000010000000
4
00f003000000000400f00300003f0000000000000004000100010000000000000000000000000000
0
07e020000010053007400720069006e006700460069006c00650049006e0066006f0000005a02000
0
01003000340030003900300034004500340000002e000700010043006f006d00700061006e007900
4
e0061006d00650000000000530041005000200041004700000000005a0019000100460069006c006
5
004400650073006300720069007000740069006f006e00000000005300410050002000460072006f
0
06e00740065006e006400200066006f0072002000570069006e0064006f007700730000000000360
0
0b000100460069006c006500560065007200730069006f006e000000000034002e0030002e003000
2
e003100300030003800000000002c000600010049006e007400650072006e0061006c004e0061006
d
0065000000460052004f004e00540000005e001d0001004c006500670061006c0043006f00700079
0
072006900670068007400000043006f0070007900720069006700680074002000a90020003100390
0
390033002d0031003900390037002000530041005000200041004700000000002800000001004c00
6
500670061006c0054007200610064000200000000000000010000004c0000003cfd0600040000000
0
00000065050000020000000300000000000100530065007200760069006300650020005000610063
0
06b0020003300000023005402000000020000180334000000560053005f005600450052005300490
0
4f004e005f0049004e0046004f0000000000bd04effe0000010000000400dd03000000000400dd03
0
0003f000000000000000400010001000000000000000000000000000000780200000100530074007
2
0069006e006700460069006c00650049006e0066006f000000540200000100300034003000390030
0
034004500340000002e000700010043006f006d00700061006e0079004e0061006d0065000000000
0
530041005000200041004700000000005a0019000100460069006c00650044006500730063007200
6
9007000740069006f006e00000000005300410050002000460072006f006e00740065006e0064002
0
0066006f0072002000570069006e0064006f00770073000000000034000a000100460069006c0065
0
0560065007200730069006f006e000000000034002e0030002e0030002e0039003800390000002c0
0
0600010049006e007400650072006e0061006c004e0061006d0065000000460052004f004e005400
0
0005e001d0001004c006500670061006c0043006f007000790072006900670068007400000043006
f
0070007900720069006700680074002000a900200031003900390033002d00310039003900370020
0
0530041005000200041004700000000002800000001004c006500670061006c00540072006100640
0
65006d000200000000000000010000004c0000003cfd060004000000000000006505000002000000
0
300000000000100530065007200760069006300650020005000610063006b002000330000002300
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 5802000054020000000200006c0734000000560053005f00560045005200530049004f004e005f00
49004e0046004f0000000000bd04effe00000100050005000700a807050005000700a8073f000000
0
00000000400040001000000000000000000000000000000cc060000010053007400720069006e006
7
00460069006c00650049006e0066006f000000540300000100300034003000390030003400420030
0
0000018000000010043006f006d006d0065006e007400730000004c001600010043006f006d00700
0
61006e0079004e0061006d006500000000004d006900630072006f0073006f006600740020004300
6
f00720070006f0072006100740069006f006e000000680020000100460069006c006500440065007
3
006300720069007000740069006f006e00000000004d006900630072006f0073006f006600740020
0
0450078006300680061006e006700650020005300650072007600650072002000530065007400750
0
7000000036000b000100460069006c006500560065007200730069006f006e000000000035002e00
3
5002e0031003900360030002e003700000000002c000600010049006e007400650072006e0061006
c
004e0061006d00650000005300650074007500700000009c003c0001004c006500670061006c0043
0
06f007000790072006900670068007400000043006f0070007900720069006700680074002000020
0
000000000000010000004c0000003cfd060005000000000000006505000002000000030000000200
0
000530065007200760069006300650020005000610063006b002000340000002300
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 580200005402000000020000440234000000560053005f00560045005200530049004f004e005f00
49004e0046004f0000000000bd04effe00000100010001000c000000010001000c00000000000000
0
00000000400000001000000000000000000000000000000440000000000560061007200460069006
c
00650049006e0066006f00000000002400040000005400720061006e0073006c006100740069006f
0
06e00000000000904b004a4010000010053007400720069006e006700460069006c00650049006e0
0
66006f00000080010000010030003400300039003000340042003000000040002000010043006f00
6
d00700061006e0079004e0061006d00650000000000440065004c006f0072006d00650020004d006
1
007000700069006e0067000000440022000100500072006f0064007500630074004e0061006d0065
0
0000000005200650067002000280044004c0069006200620079005c006d007300660029000000000
0
340014000100460069006c006500560065007200730069006f006e000000000031002e0030003100
2
e0030003000310032000000380014000100500072006f00640075006300740056006500720073006
9
006f006e00000031002e00300031002e003000300031003200000034001200010049006e00740065
0
072006e0061006c004e0061006d00650000004d004e0047005200450047003300320000000000020
0
000000000000010000004c0000003cfd060004000000000000006505000002000000030000000000
0
100530065007200760069006300650020005000610063006b002000330000002300
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
GlobalFlag REG_SZ 0x00200000
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
GlobalFlag REG_SZ 0x00200000
DisableHeapLookAside REG_SZ 1
DisableHeapLookAside REG_SZ 1
ApplicationGoo REG_BINARY 140200001002000000020000b40234000000560053005f00560045005200530049004f004e005f00
49004e0046004f0000000000bd04effe00000100350007000000000035000700000000003f000000
0
0000000040000000100000000000000000000000000000012020000010053007400720069006e006
7
00460069006c00650049006e0066006f000000ee0100000100300034003000390030003400620030
0
0000042001100010043006f006d00700061006e0079004e0061006d00650000000000500065006f0
0
70006c00650053006f00660074002c00200049006e0063002e000000000028000000010046006900
6
c0065004400650073006300720069007000740069006f006e00000000002a0005000100460069006
c
006500560065007200730069006f006e000000000037002e0035003300000000009c003c0001004c
0
06500670061006c0043006f007000790072006900670068007400000043006f00700079007200690
0
6700680074002000a900200031003900380038002d0031003900390038002000500065006f007000
6
c00650053006f00660074002c00200049006e0063002e002000200041006c006c002000520069006
7
0068007400730020005200650073006500720076006500640000003c000a0001004f007200690067
0
069006e0061006c00460069006c0065006e0061006d00650000007000730064006d0074002e00100
0
000000000000
DisableHeapLookAside REG_SZ 1
DisableHeapLookAside REG_SZ 1
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 000700005402000000020000840734000000560053005f00560045005200530049004f004e005f00
49004e0046004f0000000000bd04effe00000100050005000700a807050005000700a8073f000000
0
00000000400040001000000000000000000000000000000e4060000010053007400720069006e006
7
00460069006c00650049006e0066006f000000600300000100300034003000390030003400420030
0
0000018000000010043006f006d006d0065006e007400730000004c001600010043006f006d00700
0
61006e0079004e0061006d006500000000004d006900630072006f0073006f006600740020004300
6
f00720070006f0072006100740069006f006e000000680020000100460069006c006500440065007
3
006300720069007000740069006f006e00000000004d006900630072006f0073006f006600740020
0
0450078006300680061006e006700650020005300650072007600650072002000530065007400750
0
7000000036000b000100460069006c006500560065007200730069006f006e000000000035002e00
3
5002e0031003900360030002e003700000000002c000600010049006e007400650072006e0061006
c
004e0061006d00650000005300650074007500700000009e003d0001004c006500670061006c0043
0
06f007000790072006900670068007400000043006f0070007900720069006700680074002000020
0
000000000000010000004c0000003cfd060005000000000000006505000002000000000000000000
0
000530065007200760069006300650020005000610063006b0020003300000024005402000000020
0
00a40834000000560053005f00560045005200530049004f004e005f0049004e0046004f00000000
0
0bd04effe00000100050005000700a807050005000700a8073f00000000000000040004000100000
0
00000000000000000000000004080000010053007400720069006e006700460069006c0065004900
6
e0066006f000000f0030000010030003400300039003000340042003000000018000000010043006
f
006d006d0065006e007400730000004c001600010043006f006d00700061006e0079004e0061006d
0
06500000000004d006900630072006f0073006f0066007400200043006f00720070006f007200610
0
740069006f006e000000680020000100460069006c00650044006500730063007200690070007400
6
9006f006e00000000004d006900630072006f0073006f00660074002000450078006300680061006
e
00670065002000530065007200760065007200200053006500740075007000000036000b00010046
0
069006c006500560065007200730069006f006e000000000035002e0035002e00310039003600300
0
2e003700000000002c000600010049006e007400650072006e0061006c004e0061006d0065000000
5
30065007400750070000000a600410001004c006500670061006c0043006f0070007900720069006
7
0068007400000043006f00700079007200690067006800740020000200000000000000010000004c
0
000003cfd06000500000000000000650500000200000000000000000000005300650072007600690
0
6300650020005000610063006b002000330000002400540200000002000018043400000056005300
5
f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe0000010005000
5
000700a807050005000700a8073f0000000000000004000400010000000000000000000000000000
0
078030000010053007400720069006e006700460069006c00650049006e0066006f0000005403000
0
010030003400300039003000340042003000000018000000010043006f006d006d0065006e007400
7
30000004c001600010043006f006d00700061006e0079004e0061006d006500000000004d0069006
3
0072006f0073006f0066007400200043006f00720070006f0072006100740069006f006e00000068
0
020000100460069006c0065004400650073006300720069007000740069006f006e00000000004d0
0
6900630072006f0073006f00660074002000450078006300680061006e0067006500200053006500
7
200760065007200200053006500740075007000000036000b000100460069006c006500560065007
2
00730069006f006e000000000035002e0035002e0031003900360030002e003700000000002c0006
0
0010049006e007400650072006e0061006c004e0061006d006500000053006500740075007000000
0
9a003b0001004c006500670061006c0043006f007000790072006900670068007400000043006f00
7
00079007200690067006800740020000200000000000000010000004c0000003cfd0600050000000
0
00000065050000020000000000000000000000530065007200760069006300650020005000610063
0
06b002000330000002400
ApplicationGoo REG_BINARY 140200001002000000020000040334000000560053005f00560045005200530049004f004e005f00
49004e0046004f0000000000bd04effe000001001c0008000000000000000800000000003f000000
0
0000000040000000100000000000000000000000000000064020000010053007400720069006e006
7
00460069006c00650049006e0066006f000000400200000100300034003000390030003400620030
0
0000044001200010043006f006d00700061006e0079004e0061006d0065000000000043006f00720
0
65006c00200043006f00720070006f0072006100740069006f006e0000004e001300010046006900
6
c0065004400650073006300720069007000740069006f006e000000000043006f00720065006c002
0
00530065007400750070002000570069007a00610072006400000000002c0006000100460069006c
0
06500560065007200730069006f006e000000000038002e003000320038000000460013000100490
0
6e007400650072006e0061006c004e0061006d006500000043006f00720065006c00200053006500
7
400750070002000570069007a00610072006400000000006c00240001004c006500670061006c004
3
006f007000790072006900670068007400000043006f0070007900720069006700680074002000a9
0
0200031003900390037002c00200043006f00720065006c00200043006f00720070006f007200080
0
000000000000
ApplicationGoo REG_BINARY 140200001002000000020000380334000000560053005f00560045005200530049004f004e005f00
49004e0046004f0000000000bd04effe0000010002000a0001000a0002000a0001000a0000000000
0
0000000040001000100000000000000000000000000000098020000010053007400720069006e006
7
00460069006c00650049006e0066006f000000740200000100300034003000390030003400450034
0
000004a001500010043006f006d00700061006e0079004e0061006d00650000000000530079006d0
0
61006e00740065006300200043006f00720070006f0072006100740069006f006e00000000006000
1
c000100460069006c0065004400650073006300720069007000740069006f006e000000000053007
9
006d0061006e007400650063002000530079006d006500760065006e007400200049006e00730074
0
061006c006c0065007200000034000a000100460069006c006500560065007200730069006f006e0
0
00000000310030002e0032002e00310030002e003100000030000800010049006e00740065007200
6
e0061006c004e0061006d006500000053004500560049004e005300540000007e002d0001004c006
5
00670061006c0043006f007000790072006900670068007400000043006f00700079007200690067
0
06800740020002800430029002000530079006d0061006e00740065006300200043006f007200010
0
000000000000
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
DisableHeapLookAside REG_SZ 1
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
DisableHeapLookAside REG_SZ 1
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 1402000010020000000200007c0334000000560053005f00560045005200530049004f004e005f00
49004e0046004f0000000000bd04effe00000100000001000900260000000100090026003f000000
0
00000000400000001000000000000000000000000000000dc020000010053007400720069006e006
7
00460069006c00650049006e0066006f000000b80200000100300034003000390030003400620030
0
0000066002700010043006f006d006d0065006e0074007300000042007500730069006e006500730
0
7300200049006e00740065006c006c006900670065006e006300650020006f006e00200045007600
6
5007200790020004400650073006b0074006f0070000000000048001400010043006f006d0070006
1
006e0079004e0061006d0065000000000043006f0067006e006f007300200049006e0063006f0072
0
070006f0072006100740065006400000060001c000100460069006c0065004400650073006300720
0
69007000740069006f006e000000000043006f0067006e006f0073002000470065006e0065007200
6
9006300200049006e007300740061006c006c006100740069006f006e00000038000c00010046006
9
006c006500560065007200730069006f006e000000000031002c00200030002c002000330038002c
0
020003900000030000800010049006e007400650072006e0061006c004e0061006d0065000000010
0
000000000000
GlobalFlag REG_SZ 0x000010F0
ApplicationGoo REG_BINARY 140200001002000000020000a40234000000560053005f00560045005200530049004f004e005f00
49004e0046004f0000000000bd04effe00000100000001000100000000000100010000003f000000
0
0000000010001000100000000000000000000000000000004020000010053007400720069006e006
7
00460069006c00650049006e0066006f000000e00100000100300034003000390030003400450034
0
0000020000000010043006f006d00700061006e0079004e0061006d0065000000000058001800010
0
460069006c0065004400650073006300720069007000740069006f006e000000000049004e005300
5
40041004c004c0020004d004600430020004100700070006c00690063006100740069006f006e000
0
00300008000100460069006c006500560065007200730069006f006e000000000031002e0030002e
0
0300030003100000030000800010049006e007400650072006e0061006c004e0061006d006500000
0
49004e005300540041004c004c0000002400000001004c006500670061006c0043006f0070007900
7
200690067006800740000002800000001004c006500670061006c00540072006100640065006d006
1
0072006b0073000000000040000c0001004f0072006900670069006e0061006c00460069006c0065
0
06e0061006d006500000049004e005300540041004c004c002e00450058004500000030000800080
0
000000000000
"Notification Packages scecli

Written by Bobbi Flekman 2006 ©
Error: Key: software\microsoft\windows\currentversion\group policy\state does not exist!

Written by Bobbi Flekman 2006 ©
SecurityProviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders\SaslProfiles
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders\SCHANNEL
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders\WDigest

SafeBoot registry key needs repairs. This machine cannot enter Safe Mode.

[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\File system]
@="Driver Group"

[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\RpcSs]
@="Service"

[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\vgasave.sys]
@="Driver"

[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"

[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"

[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"

[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"

[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"

[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"

SteelWerX Registry Console Tool 2.0
Written by Bobbi Flekman 2006 ©

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder

!d;s/t.*t/=/;s/hkey.*/[&]/;/]/{x;p;x;}
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^dianna^Start Menu^Programs^Startup^LimeWire On Startup.lnk
item REG_SZ LimeWire On Startup
!d;s/t.*t/=/;s/hkey.*/[&]/;/]/{x;p;x;}
path REG_SZ C:\Documents and Settings\dianna\Start Menu\Programs\Startup\LimeWire On Startup.lnk
!d;s/t.*t/=/;s/hkey.*/[&]/;/]/{x;p;x;}
backup REG_SZ C:\WINDOWS\pss\LimeWire On Startup.lnkStartup
location REG_SZ Startup
command REG_SZ C:\PROGRA~1\LimeWire\LimeWire.exe

SteelWerX Registry Console Tool 2.0
Written by Bobbi Flekman 2006 ©

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg

!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ ccApp
hkey REG_SZ HKLM
!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
command REG_SZ "C:\Pr

Edited by Octagonal, 10 August 2008 - 05:47 AM.

  • 0

Advertisements

#2
Mike
Posted 11 August 2008 - 02:37 PM

Mike

    Malware Monger

  • Retired Staff
  • 2,745 posts
Hi there,

Welcome to GeeksToGo!

You have a nasty infection which in turn has caused a bit of a mess on your PC.

  • Go Here and download ERUNT
    (ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)
  • Install ERUNT by following the prompts
    (use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)
  • Start ERUNT
    (either by double clicking on the desktop icon or choosing to start the program at the end of the setup)
  • Choose a location for the backup
    (the default location is C:\WINDOWS\ERDNT which is acceptable).
  • Make sure that at least the first two check boxes are ticked
  • Press OK
  • Press YES to create the folder.
Please download the XP2NetSvc.zip.
Extract the contents to your desktop please.
A file XPSP2_Netsvcs.reg should now be present. Please double click on the file and choose yes when it asks you if you want to merge it with your registry.

Please do NOT run Deckards System Scanner again.

Please go here to install the recovery console and for a guide on using combofix.
Please note: Installing the Recovery Console plays a vital part in making this process of cleaning your computer safe, don't overlook this!

Now please download combofix from here or here. It is important that you save this file to your desktop.

Double click combofix.exe and follow the prompts. Please, never rename Combofix unless instructed.
When finished, it shall produce a log for you. Post that log and a Hijack This log in your next reply.

A quick heads up, if you click on combofix's window when it's running, you may cause it to stall.

Edited by Mike, 11 August 2008 - 02:42 PM.

  • 0

#3
idrink2much
Posted 11 August 2008 - 08:16 PM

idrink2much

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Well mike after many tries of trying to use my recovery partition..i have finally got a clean computer again

Luckly i was able to save my important info and then run a scan on it to make sure i wasnt reinfecting.

Thanks for the help

Hopefully i want ever need you again

Topic can be closed thanks
  • 0

#4
Mike
Posted 12 August 2008 - 02:16 AM

Mike

    Malware Monger

  • Retired Staff
  • 2,745 posts
Thanks for letting me know :)
  • 0

#5
Mike
Posted 12 August 2008 - 02:16 AM

Mike

    Malware Monger

  • Retired Staff
  • 2,745 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP