Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

HJL help comp wont work right [RESOLVED]

Started by crazyeagle , Sep 25 2008 01:36 PM

  • This topic is locked This topic is locked

#1
crazyeagle
Posted 25 September 2008 - 01:36 PM

crazyeagle

    Member

  • Member
  • PipPip
  • 93 posts
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:04:23 AM, on 9/24/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\AOL\1100862348\ee\services\sscFirewallPlugin\ver1_10_3_1\aolavupd.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\mcafee.com\personal firewall\MPFService.exe
C:\WINDOWS\system32\svchost.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Motive\AsstCommon\motmon.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\AOL\1100862348\ee\services\sscAntiSpywarePlugin\ver1_10_3_1\AOLSP Scheduler.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\AOL\1100862348\ee\AOLSoftware.exe
C:\Program Files\Webroot\Accelerate\accelerate2002.exe
C:\PROGRA~1\PicoZip\PicoZipTray.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Digital Lifeline\bin\mpbtn.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
c:\program files\common files\aol\1100862348\ee\aolssc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://minisearch.startnow.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast
R3 - Default URLSearchHook is missing
O2 - BHO: MyWay Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - C:\Program Files\MyWay\SrchAstt\1.bin\MYSRCHAS.DLL
O2 - BHO: ICOOExternal Class - {0519A9C9-064A-4cbc-BC47-D0EACD581477} - C:\Program Files\ICOO Loader\addons\icooue.dll
O2 - BHO: ICOODManager Class - {465A59EC-20E5-4fca-A38A-E5EC3C480218} - C:\Program Files\ICOO Loader\addons\icoou.dll
O2 - BHO: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL
O2 - BHO: (no name) - {60494E2B-8D6E-8D75-D567-66C60B4AB222} - C:\DOCUME~1\HP_Owner\APPLIC~1\CLOSEP~1\five junk.exe (file missing)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll (file missing)
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O3 - Toolbar: (no name) - {2DEA8791-C2B7-48E1-8992-8E8E6A6FE789} - (no file)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [MotiveMonitor] "C:\Program Files\Motive\AsstCommon\motmon.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [outnwkwtmqi] C:\WINDOWS\system32\xmuasob.exe
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AOLSPScheduler] C:\Program Files\Common Files\AOL\1100862348\ee\services\sscAntiSpywarePlugin\ver1_10_3_1\AOLSP Scheduler.exe
O4 - HKLM\..\Run: [sscRun] C:\Program Files\Common Files\AOL\1100862348\ee\services\sscFirewallPlugin\ver1_10_3_1\SSCRun.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\mcafee.com\antivirus\oasclnt.exe
O4 - HKLM\..\Run: [EmailScan] C:\Program Files\mcafee.com\antivirus\mcvsescn.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [MPFExe] C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1100862348\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Accelerate2002] C:\Program Files\Webroot\Accelerate\accelerate2002.exe /S
O4 - HKCU\..\Run: [locks1] C:\DOCUME~1\HP_Owner\APPLIC~1\SURFDR~1\Second Knob.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [PicoZip] C:\PROGRA~1\PicoZip\PicoZipTray.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [Spyware Cleaner] "C:\Program Files\Spyware Cleaner\SpywareCleaner.Exe" /boot
O4 - HKCU\..\Run: [SOProc_SoRefRegSoAlertAjMiniTest] rundll32 shell32.dll,ShellExec_RunDLL C:\PROGRA~1\SOFTWA~1\soproc.exe -pack SoRefRegSoAlertAjMiniTest
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BestPopUpKiller] C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0h\AOL.EXE" -b
O4 - Startup: Allergy Buddy.lnk = C:\Program Files\AllergyBuddy\AllergyBuddy.exe
O4 - Startup: HP Organize.lnk = ?
O4 - Global Startup: Digital Lifeline.lnk = C:\Program Files\Digital Lifeline\bin\mpbtn.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
O8 - Extra context menu item: &AOL Toolbar Search - res://c:\program files\aol\aol toolbar 2.0\aoltbhtml.dll/search.html
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing)
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/...UI.cab40443.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/...dy.cab32846.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - http://aolcc.aol.com...kup/qdiagcc.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.av.a...83/mcinsctl.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/...at.cab32846.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai....23/cpbrkpie.cab
O16 - DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} (ZPA_HRTZ Object) - http://zone.msn.com/...tz.cab37625.cab
O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} (CBSTIEPrint Class) - http://offers.e-cent...bin/actxcab.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.av.a...,20/mcgdmgr.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/...xy.cab35645.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/z...s/heartbeat.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{51E4626B-F65F-4546-8D37-D843B5C9132A}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\..\{E6C10EB8-1ABD-465A-A433-10064B5A181F}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS2\Services\Tcpip\..\{51E4626B-F65F-4546-8D37-D843B5C9132A}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS3\Services\Tcpip\..\{51E4626B-F65F-4546-8D37-D843B5C9132A}: NameServer = 208.67.222.222,208.67.220.220
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Antivirus Update Service (aolavupd) - America Online - C:\Program Files\Common Files\AOL\1100862348\ee\services\sscFirewallPlugin\ver1_10_3_1\aolavupd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe (file missing)
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee McShield (McShield) - McAfee Inc. - C:\PROGRA~1\mcafee.com\ANTIVI~1\mcshield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\Program Files\mcafee.com\personal firewall\MPFService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Software Jukebox v2.0 Service - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\Service\Software Jukebox v2.0 File.exe

--
End of file - 16278 bytes








i ty in advance for any help ty

Edited by crazyeagle, 25 September 2008 - 02:25 PM.

  • 0

Advertisements

#2
RatHat
Posted 25 September 2008 - 09:50 PM

RatHat

    Ex Malware Expert

  • Expert
  • 7,829 posts
Hi there,

Welcome to GeeksToGo. My name is RatHat, and I will help you get through the process of cleaning the malware from your computer.


OK firstly, I need you to print out each post I make so that you can refer to it while we fix your computer. This is because there will be times when you are unable to be online to read my instructions, and I will want you to do everything very carefully. I also need you to follow my instructions in the order that they are given. If however, you cannot carry out one of them, please continue on with the next and let me know what you were unsuccessful with. Please ensure you have word wrap turned off in Notepad. To do this, open Notepad, choose Format, then ensure Word Wrap is Un-checked. (Word Wrap makes reading your logs difficult).

Next, I would like to make sure that you can view hidden files and folders (if possible);
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View tab.
  • Under the Hidden files and folders heading SELECT Show hidden files and folders.
  • UNCHECK the Hide protected operating system files (recommended) option.
  • UNCHECK the Hide extensions for known file types option.
  • Click Yes to confirm.
  • Click OK.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Please re-open HiJackThis and scan. Check the boxes next to all the entries listed below.

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://minisearch.startnow.com/
R3 - Default URLSearchHook is missing
O2 - BHO: MyWay Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - C:\Program Files\MyWay\SrchAstt\1.bin\MYSRCHAS.DLL
O2 - BHO: ICOOExternal Class - {0519A9C9-064A-4cbc-BC47-D0EACD581477} - C:\Program Files\ICOO Loader\addons\icooue.dll
O2 - BHO: ICOODManager Class - {465A59EC-20E5-4fca-A38A-E5EC3C480218} - C:\Program Files\ICOO Loader\addons\icoou.dll
O2 - BHO: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL
O2 - BHO: (no name) - {60494E2B-8D6E-8D75-D567-66C60B4AB222} - C:\DOCUME~1\HP_Owner\APPLIC~1\CLOSEP~1\five junk.exe (file missing)
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll (file missing)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O3 - Toolbar: (no name) - {2DEA8791-C2B7-48E1-8992-8E8E6A6FE789} - (no file)
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [outnwkwtmqi] C:\WINDOWS\system32\xmuasob.exe
O4 - HKCU\..\Run: [locks1] C:\DOCUME~1\HP_Owner\APPLIC~1\SURFDR~1\Second Knob.exe
O4 - HKCU\..\Run: [Spyware Cleaner] "C:\Program Files\Spyware Cleaner\SpywareCleaner.Exe" /boot
O4 - HKCU\..\Run: [SOProc_SoRefRegSoAlertAjMiniTest] rundll32 shell32.dll,ShellExec_RunDLL C:\PROGRA~1\SOFTWA~1\soproc.exe -pack SoRefRegSoAlertAjMiniTest
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai....23/cpbrkpie.cab
O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} (CBSTIEPrint Class) - http://offers.e-cent...bin/actxcab.cab

Now close all windows other than HiJackThis, then click Fix Checked. Close HiJackThis.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Next, lets run a Lop check:

Disable resident protections (Antivirus...); you'll re-enable them after the scan

Download Lop S&D < here

Double-click Lop S&D.exe
Choose the language, then choose Option 1 (Search)
Wait till the end of the scan
Post the log which is created: (%SystemDrive%\lopR.txt) This is usually your C: drive.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Please download ATF Cleaner by Atribune.Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Please download Random's System Information Tool (RSIT) by random/random and save it to your Desktop.
  • Double click on RSIT.exe to run the program.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
Note: A copy of these logs will be saved to your root drive, usually C:\rsit

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


So in your next reply, please include the following logs:
  • The contents of LopR.txt
  • The contents of the MBAM log
  • The contents of the two RSIT logs
Note that you should make two or three posts to ensure that all the logs are complete.

Regards,
RatHat
  • 0

#3
crazyeagle
Posted 25 September 2008 - 11:14 PM

crazyeagle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 93 posts
first i would just like to say thank you sooooo very much for helping

i bought the comp 2nd hand and again i just wanna ty so very much 4 helping


on with what you requested



info.txt logfile of random's system information tool 1.02 2008-09-26 01:00:36

======Uninstall list======

-->"C:\Program Files\mcafee.com\antivirus\uninst.exe" /PopUpMsgBox="N" /CheckMutx="N" /S
-->"C:\Program Files\mcafee.com\personal firewall\aol\uninst.exe" /PopUpMsgBox="N" /CheckMutx="N" /S
-->C:\Program Files\Common Files\McAfee\Installer\mcinst.exe "C:\Program Files\mcafee.com\personal firewall\mpfp.inf" /uninstall
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{39DA87A1-0B26-4562-A70C-2A6147366E47}\Setup.exe"
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F765BD0-B900-4EDE-A90B-61C8A9E95C42}\Setup.exe"
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAD59025-5B73-4E12-B789-0028C5A573C2}\Setup.exe"
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
-->VTUninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Timer'
Accelerate 2002-->C:\WINDOWS\unacc.exe
Acubix PicoZip 3.01-->"C:\Program Files\PicoZip\unins000.exe"
Adobe Acrobat - Reader 6.0.2 Update-->MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01}
Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Reader 6.0.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001}
Agere Systems PCI Soft Modem-->agrsmdel
Album Galaxy-->"C:\Program Files\Album Galaxy\unins000.exe"
Alchemy 1.2-->C:\Program Files\PopCap Games\Alchemy\UnGins.exe "C:\Program Files\PopCap Games\Alchemy\install.log"
Anfy-->C:\PROGRA~1\AnfyTeam\UNWISE.EXE C:\PROGRA~1\AnfyTeam\INSTALL.LOG
AOL Coach Version 1.0(Build:20040229.1 en)-->C:\Program Files\Common Files\aolshare\Coach\AolCInUn.exe
AOL Coach Version 2.0(Build:20041026.5 en)-->C:\Program Files\Common Files\AolCoach\en_en\AolCInUn.exe -lang=en_en -ext=UDP
AOL Connectivity Services-->"C:\Program Files\Common Files\AOL\ACS\AcsUninstall.exe" /c
AOL Deskbar-->"C:\Program Files\AOL Deskbar\UNWISE.EXE" /u "C:\Program Files\AOL Deskbar\INSTALL.LOG"
AOL Instant Messenger-->C:\Program Files\AIM\uninstll.exe -LOG= C:\Program Files\AIM\install.log -OEM=
AOL Toolbar-->"C:\Program Files\AOL Toolbar\UNWISE.EXE" /u "C:\Program Files\AOL Toolbar\INSTALL.LOG"
AOL Uninstaller-->C:\Program Files\Common Files\AOL\uninstaller.exe
AOL You've Got Pictures Screensaver-->C:\Program Files\Common Files\AOL\Screensaver\uninst_ygpss.exe
ArcSoft PhotoImpression 4-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{326D4A09-71E0-401B-9C69-94DBF32088D4}\setup.exe" -l0x9
Argus Digital Camera-->MsiExec.exe /X{44E75850-B838-43D2-8F37-84D3FB71FF6E}
Arkanoid 4000-->C:\Program Files\Alawar\Arkanoid 4000\uninstal.exe
Atomica Deluxe 2.5-->C:\Program Files\PopCap Games\Atomica Deluxe\PopUninstall.exe C:\Program Files\PopCap Games\Atomica Deluxe\Install.log
avast! Antivirus-->rundll32 C:\PROGRA~1\ALWILS~1\Avast4\Setup\setiface.dll,RunSetup
Bejeweled Deluxe 1.6z-->C:\Program Files\PopCap Games\Bejeweled Deluxe\UnGins.exe "C:\Program Files\PopCap Games\Bejeweled Deluxe\install.log"
Big Money Deluxe 1.11-->C:\Program Files\PopCap Games\Big Money Deluxe\PopUninstall.exe C:\Program Files\PopCap Games\Big Money Deluxe\Install.log
BitTorrent 3.4.2-->"C:\Program Files\BitTorrent\uninstall.exe"
Blasterball 2 Deluxe (remove only)-->"C:\Program Files\Zone.com Deluxe Games\Blasterball 2 Deluxe\Uninstall.exe"
Blasterball 2 from Hewlett-Packard Desktops (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\8C4E79CC-03E1-43AA-9910-9A5113F24603\Uninstall.exe"
Blasterball 2 Holidays from Hewlett-Packard Desktops (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\B41503CB-5FE0-47E0-87C1-47BA8E660BCC\Uninstall.exe"
Blasterball 2 Remix from Hewlett-Packard Desktops (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\B151D9AC-5E4E-4AD0-96C9-5A6C9EC23502\Uninstall.exe"
Blasterball 2 Remix from Shockwave.com (remove only)-->"C:\Program Files\Shockwave.com\Blasterball 2 Remix\Uninstall.exe"
Bounce Symphony from Hewlett-Packard Desktops (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\D11F7128-8CBD-408B-8BF8-034604DEDD42\Uninstall.exe"
Brixout XP Demo v2.5-->"C:\Program Files\BrixoutXP Demo\unins000.exe"
Chuzzle-->"C:\Program Files\Chuzzle\unins000.exe"
Club Pogo Badge Screen Saver #1-->C:\WINDOWS\Club Pogo Badge Screen Saver #1.scr /u
ComcastSUPPORT-->"C:\Program Files\support.com\bin\tgfix.exe" /rm /nq
Crystal Maze from Hewlett-Packard Desktops (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\DAE7A92A-BAC7-42FA-AC62-53DEF1DC4292\Uninstall.exe"
deskPDF 2.11 Standard Edition-->"C:\Program Files\Docudesk\deskPDF\unins000.exe"
Digital Lifeline-->C:\PROGRA~1\DIGITA~1\Uninstall.exe DLL
Docudesk GPL Ghostscript 8.15-->"C:\Program Files\Docudesk\GPL Ghostscript\unins000.exe"
Download Accelerator Plus Beta-->C:\PROGRA~1\DAP\UNWISE.EXE C:\PROGRA~1\DAP\INSTALL.LOG
Dynomite 1.20-->C:\Program Files\PopCap Games\Dynomite\UnGins.exe "C:\Program Files\PopCap Games\Dynomite\install.log"
Easy Internet Sign-up-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1033
Force ASPI GUI-->MsiExec.exe /I{2C4B0182-8B51-46A1-89A3-FC16CA885688}
Fraunhofer MP3 Codec Pro 1.263-->C:\WINDOWS\iun507.exe C:\Program Files\Fraunhofer MP3 Codec Pro\irunin.ini
GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Help and Support Additions-->C:\PROGRA~1\HELPAN~1\UNWISE.EXE C:\PROGRA~1\HELPAN~1\INSTALL.LOG
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hoyle Demo-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{3209C8A2-558C-445C-832B-1AC552F59B11}
Hoyle Puzzle Games 2003-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{5D3543CC-82B3-447E-B7D5-430C41946A54}
HP Deskjet Preloaded Printer Drivers-->MsiExec.exe /X{F419D20A-7719-4639-8E30-C073A040D878}
HP Image Zone 4.2-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Image Zone Plus 4.2-->C:\Program Files\HP\Digital Imaging\{5E1494D4-3562-4FFB-B35C-600F80F6934C}\setup\hpzscr01.exe -datfile hpdscr01.dat
HP Multimedia Keyboard Software-->C:\HP\KBD\Install.exe /remove
HP Photo & Imaging 3.5 - HP Devices-->C:\Program Files\HP\Digital Imaging\{15B9DC72-73F9-4d99-9E28-848D66DA8D99}\setup\hpzscr01.exe -datfile hpiscr01.dat
HP PSC & OfficeJet 4.0-->"C:\Program Files\HP\Digital Imaging\{A1062847-0846-427A-92A1-BB8251A91E91}\setup\hpzscr01.exe" -datfile hposcr04.dat
HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
HPIZ402-->MsiExec.exe /X{8D9768AE-DE42-4A04-A461-2361A58C384D}
ICOO Loader 2.5-->"C:\Program Files\ICOO Loader\unins000.exe"
IntelliMover Data Transfer Demo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{14589F05-C658-4594-9429-D437BA688686}\Setup.exe" -l0x9
InterVideo WinDVD Player-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
JAS-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\JAS\ST6UNST.LOG"
Jigs@w Puzzle-->C:\WINDOWS\tbuninst2.exe C:\Program Files\Jigs@w Puzzle\dezo.usc
Learn2 Player (Uninstall Only)-->C:\Program Files\Learn2.com\StRunner\stuninst.exe
Logitech QuickCam Express-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Logitech\QuickCam Express\Uninst.isu"
Logitech QuickCam Software-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x9
Logitech® Camera Driver-->"C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Macromedia Extension Manager-->MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
Macromedia Flash 8 Video Encoder-->MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
Macromedia Flash 8-->MsiExec.exe /I{2BD5C305-1B27-4D41-B690-7A61172D2FEB}
Macromedia Flash Player 8 Plugin-->MsiExec.exe /X{91057632-CA70-413C-B628-2D3CDBBB906B}
Macromedia Flash Player 8-->MsiExec.exe /X{885A63EA-382B-4DD4-A755-14809B8557D6}
Macromedia Flash Player 8-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\swflash.inf,DefaultUninstall,5
Macromedia Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Magic Ball-->"C:\Program Files\Oberon Media\Magic Ball\Uninstall.exe" "C:\Program Files\Oberon Media\Magic Ball\install.log"
Magic Ball-->C:\Program Files\MagicBall\uninstal.exe
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
ManiacBall-->C:\PROGRA~1\UNWISE.EXE C:\PROGRA~1\ManiacBall\INSTALL.LOG
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Halo Trial-->"C:\Program Files\Microsoft Games\Halo Trial\UNINSTAL.EXE" /runtemp /addremove
Microsoft NetShow Tools 2.0-->C:\Program Files\Microsoft NetShow\Tools\_insttoo.exe /U
Microsoft Office Standard Edition 2003-->MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9}
Microsoft Plus! Digital Media Edition Installer-->MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}
Microsoft Plus! Photo Story 2 LE-->MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}
Microsoft Streets and Trips 2005-->MsiExec.exe /I{67E4EE98-59F4-4210-89A6-A20AF5BEC689}
Microsoft Web Publishing Wizard 1.52-->RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie4x86.inf,WebPostUninstall
Microsoft Works 7.0-->MsiExec.exe /I{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}
MSN Gaming Zone-->C:\PROGRA~1\MSNGAM~1\zsetup.exe /Uninstall
MSN Messenger 7.0-->MsiExec.exe /I{ABEB838C-A1A7-4C5D-B7E1-8B4314600816}
MSN Music Assistant-->rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msninst.inf,Uninstall
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Mummy Maze Deluxe 1.1-->C:\Program Files\PopCap Games\Mummy Maze Deluxe\UnGins.exe "C:\Program Files\PopCap Games\Mummy Maze Deluxe\install.log"
muvee autoProducer 3.5 magicMoments - HPD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B103C8A7-D1CC-4B1A-BD41-883F652E097D}\setup.exe" -l0x9
NetBeans IDE 4.1-->C:\Program Files\netbeans-4.1\_uninst\uninstaller.exe
NingPo MahJong Deluxe 1.04-->C:\Program Files\PopCap Games\NingPo MahJong Deluxe\UnGins.exe "C:\Program Files\PopCap Games\NingPo MahJong Deluxe\install.log"
Orbital from Hewlett-Packard Desktops (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\62067F4C-84A9-45B9-8573-B90468B0A3EF\Uninstall.exe"
Overball from Hewlett-Packard Desktops (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\6723E59E-322A-417A-8E03-27A61E18253C\Uninstall.exe"
PacVentureV1.2 - Pac's Oddysee -->C:\WINDOWS\iun6002.exe "c:\pacquest\irunin.ini"
PC-Doctor for Windows-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F7CCFA3-D926-4882-B2A5-A0217ED25597}\Setup.exe"
Photosmart 320,370,7400,8100,8400 Series-->C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\setup\hpzscr01.exe -datfile hphscr01.dat
Polar Bowler from Hewlett-Packard Desktops (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\36317AE4-57EC-4F3E-B828-009A3DD96BE8\Uninstall.exe"
Prassi PrimoDVD 2.0 (English)-->C:\WINDOWS\Unin.exe /U:C:\Program Files\Prassi PrimoDVD 2.0 (English)\Unin01.in
PS2-->C:\WINDOWS\system32\ps2.exe uninstall
Pure Networks Port Magic-->C:\Program Files\Pure Networks\Port Magic\PortAOL.exe -Uninstall -ShowUI
QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
RealArcade-->C:\Program Files\Real\RealArcade\Update\rnuninst.exe RealNetworks|RealArcade|1.2
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Ricochet 1.3-->"C:\Program Files\Ricochet\unins000.exe"
Ricochet Lost Worlds: Recharged-->"C:\Program Files\Ricochet Lost Worlds Recharged\unins000.exe"
Ricochet Lost Worlds-->"C:\Program Files\Ricochet Lost Worlds\unins000.exe"
Ricochet Xtreme-->"C:\Program Files\Ricochet Xtreme\unins000.exe"
S3 S3Display-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Display'
S3 S3Gamma2-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Gamma2'
S3 S3Info2-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Info2'
S3 S3Overlay-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Overlay'
Screensavers Installer-->"C:\Program Files\Screensavers.com\Installer\bin\siuninst.exe"
Search Assistant - My Search-->rundll32 C:\PROGRA~1\MyWay\SrchAstt\1.bin\mysrchas.dll,O
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Step By Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows XP (KB883939)-->"C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst.exe"
Security Update for Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Security Update for Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896688)-->"C:\WINDOWS\$NtUninstallKB896688$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899588)-->"C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Security Update for Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Security Update for Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Security Update for Windows XP (KB903235)-->"C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe"
Security Update for Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905915)-->"C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
Security Update for Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911567)-->"C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Security Update for Windows XP (KB912812)-->"C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
Security Update for Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Security Update for Windows XP (KB913446)-->"C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Sega Bass Fishing-->C:\Games\Sega Bass Fishing\uninstal.exe
Shanghi Demo Version 1.0-->"C:\Program Files\TornadoGames\demo\shanghi\unins000.exe"
ShareazaPlus version 2.3.0.0-->"C:\Program Files\ShareazaPlus\Uninstall\unins000.exe"
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log
Software Jukebox 2.0 NA-01D-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{0271F993-C277-4D14-9D64-B64D9FD09CCA}
SP2 Connection Patcher-->C:\Program Files\WXPSP2ConnectionPatcher\uninstall.exe
Special Internet Offers-->C:\Program Files\Riverdeep\Offers\ELPPC\uninst.exe
SpywareBlaster 4.1-->"C:\Program Files\SpywareBlaster\unins000.exe"
Starkanoid v1.0-->"C:\Program Files\Starkanoid\Uninstall.exe" "C:\Program Files\Starkanoid\install.log"
Super Jigsaw Lighthouses-->C:\PROGRA~1\AOLGAM~1\SUPERJ~1\UN-LIG~1.EXE /U C:\PROGRA~1\AOLGAM~1\SUPERJ~1\Lighthouses-INSTALL.LOG
TetrixMania-->"C:\Program Files\AimGames\TetrixMania\uninstall.exe"
The Great Mahjong-->"C:\Program Files\The Great Mahjong\unins000.exe"
The Print Shop 20-->MsiExec.exe /I{863DCE5B-D6CA-4DC5-9F95-7DCFED15DE8F}
The Sims Complete Collection-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F2527115-B8BF-4FDB-B5DA-5AADFB7C13E1}\setup.exe" -l0x9 -l0009
The Sims File Cop-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D6D4828F-A5B2-11D4-8F73-0050DA0F6297}\setup.exe"
Tradewinds from Hewlett-Packard Desktops (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\F5215F01-DFC0-475D-A910-6F1AF94E807E\Uninstall.exe"
Tumblebugs-->"C:\Program Files\Tumblebugs\unins000.exe"
Ulead DVD Workshop Trial-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A04BF5DC-6DD3-4B6D-BABD-B1BC5DB23CA0}\Setup.exe"
Ultimate ZIP Cracker-->C:\Program Files\UZC\UZC.EXE /uninstall
Update for Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Update for Windows XP (KB896727)-->"C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe"
Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update for Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Update for Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Update for Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Updates from HP-->C:\WINDOWS\BWUnin-6.3.2.62.exe -AppId 309731
VCDEasy-->"C:\Program Files\VCDEasy\unins000.exe"
VIA Rhine-Family Fast Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
VIA/S3G Display Driver-->c:\PROGRA~1\VIA\UChromeP\s3minset.exe /u c:\PROGRA~1\VIA\UChromeP\UChromeP.uns
VIA/S3G Display Driver-->VTsetvga.exe -s -rRundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\system32\hg201hp.inf
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
WCreator2-->"C:\Program Files\InstallShield Installation Information\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}\setup.exe" REMOVEALL
'WE' Group Krakout RE-->C:\Program Files\Krakout RE\Uninstall.exe
'WE' Group Krakout-->"C:\Program Files\Krakout\Uninstall.exe" "C:\Program Files\Krakout\install.log"
'WE' Group Krakout-->C:\Program Files\Krakout\Uninstall.exe
WildTangent Web Driver-->C:\Program Files\WildTangent\Apps\CDA\CDAUninstall.exe
Windows Driver Package - Argus (MR97310_VGA_DUAL_CAMERA) Image 04/27/2005 2.0.1.0-->C:\WINDOWS\system32\DRVSTORE\f1490bc41e7d27129cb157cba768cf63b89e7752\DPInst.exe /u mr97310v_d6b3e748631cc08801850e279fcc0fa0c8d016bf
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows XP Hotfix - KB834707-->C:\WINDOWS\$NtUninstallKB834707$\spuninst\spuninst.exe
Windows XP Hotfix - KB867282-->C:\WINDOWS\$NtUninstallKB867282$\spuninst\spuninst.exe
Windows XP Hotfix - KB873333-->C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
Windows XP Hotfix - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Windows XP Hotfix - KB883667-->C:\WINDOWS\$NtUninstallKB883667$\spuninst\spuninst.exe
Windows XP Hotfix - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
Windows XP Hotfix - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Windows XP Hotfix - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Windows XP Hotfix - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Windows XP Hotfix - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Windows XP Hotfix - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
Windows XP Hotfix - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
Windows XP Hotfix - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Windows XP Hotfix - KB890047-->C:\WINDOWS\$NtUninstallKB890047$\spuninst\spuninst.exe
Windows XP Hotfix - KB890175-->C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
Windows XP Hotfix - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Windows XP Hotfix - KB890923-->"C:\WINDOWS\$NtUninstallKB890923$\spuninst\spuninst.exe"
Windows XP Hotfix - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Windows XP Hotfix - KB893066-->"C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
Windows XP Hotfix - KB893086-->"C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
Word Whomp Whackdown Screen Saver #1-->C:\WINDOWS\Word Whomp Whackdown Screen Saver #1.scr /u
Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\WINDOWS\cache\YINSTH~1.DLL
Yahoo! Toolbar-->rundll32.exe C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\YCOMP5~1.DLL,DllCommand ui
ZoneOrchestrator-->MsiExec.exe /X{8DE4F165-E37F-447D-80F8-DDF32CDC2306}

======Security center information======

AV: AOL Antivirus
AV: avast! antivirus 4.6.691 [VPS 0539-0]
FW: AOL Firewall

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files\PC-Doctor for Windows\services;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG;C:\Program Files\Common Files\Ulead Systems\MPEG
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0a00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------







Logfile of random's system information tool 1.02 (written by random/random)
Run by HP_Owner at 2008-09-26 00:59:53
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 155 GB (84%) free of 185 GB
Total RAM: 447 MB (24% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:00:25 AM, on 9/26/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\AOL\1100862348\ee\services\sscFirewallPlugin\ver1_10_3_1\aolavupd.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\mcafee.com\personal firewall\MPFService.exe
C:\WINDOWS\system32\svchost.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Motive\AsstCommon\motmon.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\AOL\1100862348\ee\services\sscAntiSpywarePlugin\ver1_10_3_1\AOLSP Scheduler.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\AOL\1100862348\ee\AOLSoftware.exe
C:\Program Files\Webroot\Accelerate\accelerate2002.exe
C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\PicoZip\PicoZipTray.exe
C:\DOCUME~1\HP_Owner\LOCALS~1\Temp\PMLSP.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Digital Lifeline\bin\mpbtn.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\common files\aol\1100862348\ee\aolssc.exe
C:\Program Files\America Online 9.0h\waol.exe
C:\Program Files\America Online 9.0h\shellmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SoftwareDistribution\Download\0d3b5d19cc06db007bbe6584808bfa9e\update\update.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\HP_Owner\Desktop\fix\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\HP_Owner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [MotiveMonitor] "C:\Program Files\Motive\AsstCommon\motmon.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AOLSPScheduler] C:\Program Files\Common Files\AOL\1100862348\ee\services\sscAntiSpywarePlugin\ver1_10_3_1\AOLSP Scheduler.exe
O4 - HKLM\..\Run: [sscRun] C:\Program Files\Common Files\AOL\1100862348\ee\services\sscFirewallPlugin\ver1_10_3_1\SSCRun.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\mcafee.com\antivirus\oasclnt.exe
O4 - HKLM\..\Run: [EmailScan] C:\Program Files\mcafee.com\antivirus\mcvsescn.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [MPFExe] C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1100862348\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Accelerate2002] C:\Program Files\Webroot\Accelerate\accelerate2002.exe /S
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [PicoZip] C:\PROGRA~1\PicoZip\PicoZipTray.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BestPopUpKiller] C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0h\AOL.EXE" -b
O4 - Startup: Allergy Buddy.lnk = C:\Program Files\AllergyBuddy\AllergyBuddy.exe
O4 - Startup: HP Organize.lnk = ?
O4 - Global Startup: Digital Lifeline.lnk = C:\Program Files\Digital Lifeline\bin\mpbtn.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
O8 - Extra context menu item: &AOL Toolbar Search - res://c:\program files\aol\aol toolbar 2.0\aoltbhtml.dll/search.html
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing)
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/...UI.cab40443.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/...dy.cab32846.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - http://aolcc.aol.com...kup/qdiagcc.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.av.a...83/mcinsctl.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/...at.cab32846.cab
O16 - DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} (ZPA_HRTZ Object) - http://zone.msn.com/...tz.cab37625.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.av.a...,20/mcgdmgr.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/...xy.cab35645.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/z...s/heartbeat.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{51E4626B-F65F-4546-8D37-D843B5C9132A}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\..\{E6C10EB8-1ABD-465A-A433-10064B5A181F}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS2\Services\Tcpip\..\{51E4626B-F65F-4546-8D37-D843B5C9132A}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS3\Services\Tcpip\..\{51E4626B-F65F-4546-8D37-D843B5C9132A}: NameServer = 208.67.222.222,208.67.220.220
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Antivirus Update Service (aolavupd) - America Online - C:\Program Files\Common Files\AOL\1100862348\ee\services\sscFirewallPlugin\ver1_10_3_1\aolavupd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe (file missing)
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee McShield (McShield) - McAfee Inc. - C:\PROGRA~1\mcafee.com\ANTIVI~1\mcshield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\Program Files\mcafee.com\personal firewall\MPFService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Software Jukebox v2.0 Service - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\Service\Software Jukebox v2.0 File.exe

--
End of file - 14678 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\DA9C7E709C8C448C.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2005-06-26 3900416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll [2005-11-10 184423]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-01-19 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - HP view - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll [2003-11-21 98304]
- C:\WINDOWS\system32\
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll [2004-09-29 292947]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2005-06-26 3900416]
{DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll [2005-06-01 512000]
{4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-01-19 2403392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"=c:\windows\system\hpsysdrv.exe [1998-05-07 52736]
"HPHUPD06"=c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe [2004-06-07 49152]
"HPHmon06"=C:\WINDOWS\system32\hphmon06.exe [2004-06-07 659456]
"Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2004-04-14 233472]
"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2004-10-22 53248]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2005-03-04 88209]
"AOLDialer"=C:\Program Files\Common Files\AOL\ACS\AOLDial.exe [2004-10-20 34904]
"MotiveMonitor"=C:\Program Files\Motive\AsstCommon\motmon.exe [2002-09-27 135168]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [2004-03-24 172032]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2004-12-09 180269]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2004-08-07 98304]
"DXM6Patch_981116"=C:\WINDOWS\p_981116.exe [1998-11-30 497376]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2004-10-08 221184]
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2005-01-18 458752]
"LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2005-01-18 217088]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe []
"KBD"=C:\HP\KBD\KBD.EXE [2005-02-02 61440]
"PS2"=C:\WINDOWS\system32\ps2.exe [2004-10-25 90112]
"AOLSPScheduler"=C:\Program Files\Common Files\AOL\1100862348\ee\services\sscAntiSpywarePlugin\ver1_10_3_1\AOLSP Scheduler.exe [2005-11-30 8808]
"sscRun"=C:\Program Files\Common Files\AOL\1100862348\ee\services\sscFirewallPlugin\ver1_10_3_1\SSCRun.exe [2005-11-30 136808]
"OASClnt"=C:\Program Files\mcafee.com\antivirus\oasclnt.exe [2005-08-18 116272]
"EmailScan"=C:\Program Files\mcafee.com\antivirus\mcvsescn.exe [2005-10-19 460336]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-02-17 49152]
"Pure Networks Port Magic"=C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe [2004-04-05 99480]
"MPFExe"=C:\Program Files\mcafee.com\personal firewall\MPfTray.exe [2005-11-04 988712]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe [2005-11-10 36975]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe []
"HostManager"=C:\Program Files\Common Files\AOL\1100862348\ee\AOLSoftware.exe [2005-12-15 50792]
"Accelerate2002"=C:\Program Files\Webroot\Accelerate\accelerate2002.exe [2001-11-16 1696256]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized []
"PicoZip"=C:\PROGRA~1\PicoZip\PicoZipTray.exe [2004-07-05 449536]
"LogitechSoftwareUpdate"=C:\Program Files\Logitech\Video\ManifestEngine.exe [2005-01-18 196608]
"RoboForm"=C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2005-06-26 118784]
"SpyKiller"=C:\Program Files\SpyKiller\spykiller.exe /startup []
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"Weather"=C:\Program Files\AWS\WeatherBug\Weather.exe 1 []
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2005-06-14 6856704]
"BestPopUpKiller"=C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup []
"AOL Fast Start"=C:\Program Files\America Online 9.0h\AOL.EXE [2005-07-12 50776]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Digital Lifeline.lnk - C:\Program Files\Digital Lifeline\bin\mpbtn.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Updates from HP.lnk - C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe

C:\Documents and Settings\HP_Owner\Start Menu\Programs\Startup
Allergy Buddy.lnk - C:\Program Files\AllergyBuddy\AllergyBuddy.exe
HP Organize.lnk - C:\Program Files\Hewlett-Packard\HP Organize\bin\displayAgent.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2004-08-03 344064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-04-10 144688]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapss
  • 0

#4
crazyeagle
Posted 25 September 2008 - 11:17 PM

crazyeagle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 93 posts
--------------------\\ Lop S&D 4.2.4-4 XP/Vista

Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon™ XP 3200+ )
BIOS : Rev.3.15
USER : HP_Owner ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.6.691 [VPS 0539-0] 4.6.691 (Activated)
Firewall : AOL Firewall 1.10.3.1 (Activated)
C:\ (Local Disk) - NTFS - Total : 180 Go Free : 151 Go
D:\ (Local Disk) - FAT32 - Total : 5 Go Free : 0 Go
E:\ (CD or DVD)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)

"C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
Option : [1] ( Fri 09/26/2008| 0:34 )

--------------------\\ Listing folders in Application Data

[08/07/2004|05:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Apple Computer
[08/07/2004|03:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Identities
[11/01/2004|02:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Microsoft
[08/07/2004|05:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Real
[08/07/2004|05:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> SampleView
[08/07/2004|03:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Sun
[08/08/2004|10:56] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Symantec

[03/21/2006|08:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[03/21/2006|08:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe(2)
[03/23/2006|11:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL
[03/23/2006|11:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL Downloads
[08/07/2004|05:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer
[02/09/2005|07:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Broderbund Software
[09/16/2008|03:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
[12/22/2004|06:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> GTek
[08/07/2004|04:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Hewlett-Packard
[03/25/2006|08:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Macromedia
[11/23/2004|04:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Macrovision
[12/20/2005|07:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> McAfee
[08/04/2005|06:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> McAfee.com
[09/24/2008|11:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> mcafee.com personal firewall
[12/29/2005|05:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[08/07/2004|05:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Motive
[11/25/2004|11:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> muvee Technologies
[09/25/2008|12:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> NortonInstaller
[07/13/2005|03:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> pixelStorm
[03/06/2005|07:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> PopCap
[11/18/2004|10:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Pure Networks
[12/31/2004|09:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> QuickTime
[02/09/2005|07:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Riverdeep Interactive Learning Limited
[06/26/2005|01:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> RoboForm
[08/07/2004|03:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SBSI
[01/03/2005|09:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Skype
[01/27/2006|09:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Starware
[12/03/2004|04:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Support.com
[03/18/2005|05:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Symantec
[09/24/2008|11:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
[02/22/2005|08:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Trymedia
[06/15/2005|07:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Ulead Systems
[12/21/2005|06:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> vgasecondfirstmpeg
[09/23/2008|11:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Viewpoint
[09/15/2008|03:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage

[08/07/2004|05:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Apple Computer
[08/07/2004|03:03] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Identities
[11/01/2004|02:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft
[08/07/2004|05:03] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Real
[08/07/2004|05:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> SampleView
[08/07/2004|03:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Sun
[08/08/2004|10:56] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Symantec

[12/06/2004|08:50] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> Adobe
[12/06/2004|08:51] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> AdobeUM
[03/21/2006|08:46] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> Aim
[03/23/2006|05:51] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> AOL
[08/07/2004|05:20] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> Apple Computer
[10/29/2005|07:27] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> ArcSoft
[09/16/2008|03:29] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> BFGTOOLBAR
[12/20/2005|07:51] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> Close Play
[03/25/2006|08:32] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> Google
[12/22/2004|06:49] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> GTek
[12/08/2004|08:17] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> Help
[08/07/2004|03:03] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> Identities
[01/07/2006|09:23] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> iMesh
[12/23/2004|09:04] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> InterTrust
[12/18/2004|09:13] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> InterVideo
[11/25/2004|11:22] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> Kazaa Lite
[01/21/2006|06:35] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> Lavasoft
[12/07/2004|12:09] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> Leadertech
[11/30/2004|07:37] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> Macromedia
[03/02/2005|07:12] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> McAfee.com Personal Firewall
[01/03/2005|06:48] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> Mercora
[03/25/2006|08:16] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> Microsoft
[11/19/2004|11:04] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> Motive
[12/28/2004|01:46] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> Neo-Modus.com
[09/16/2008|12:20] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> Real
[08/07/2004|05:59] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> SampleView
[06/15/2005|07:32] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> Shareaza
[07/18/2005|03:32] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> ShareazaPlus
[12/07/2004|12:09] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> Sonic
[08/07/2004|03:37] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> Sun
[12/21/2005|06:14] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> Surf Drive Default
[08/08/2004|10:56] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> Symantec
[04/13/2005|07:14] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> Template
[12/08/2004|08:17] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> Ulead Systems
[04/26/2006|09:51] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> WeatherBug
[09/02/2005|07:30] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> Wildfire
[11/18/2004|10:06] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> You've Got Pictures Screensaver
[12/11/2004|10:34] C:\DOCUME~1\HP_Owner\APPLIC~1\<DIR> Zonora

[03/30/2005|07:52] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Macromedia
[12/20/2005|07:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> McAfee.com Personal Firewall
[04/13/2005|08:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft
[12/21/2005|06:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Surf Drive Default

[09/24/2008|03:22] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft
[11/19/2004|09:40] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Symantec

[12/30/2004|08:44] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Symantec

--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

[09/26/2008 12:00 AM][--ah-----] C:\WINDOWS\tasks\DA9C7E709C8C448C.job
[09/26/2008 12:11 AM][--ah-----] C:\WINDOWS\tasks\SA.DAT
[08/04/2004 03:00 PM][-rah-----] C:\WINDOWS\tasks\desktop.ini

( DA9C7E709C8C448C.job )=( c:\docume~1\hp_owner\applic~1\surfdr~1\BalmEggsSettings.exe )

--------------------\\ Listing Folders in C:\Program Files

[03/07/2005|10:28] C:\Program Files\<DIR> 321Studios
[05/25/2005|06:27] C:\Program Files\<DIR> 3D Fish School 3
[09/03/2005|11:38] C:\Program Files\<DIR> AdBeGone
[01/09/2006|09:06] C:\Program Files\<DIR> Adobe
[03/21/2006|08:46] C:\Program Files\<DIR> AIM
[12/11/2004|06:48] C:\Program Files\<DIR> AimGames
[03/21/2006|08:24] C:\Program Files\<DIR> Alawar
[12/03/2004|08:50] C:\Program Files\<DIR> Album Galaxy
[07/29/2005|08:19] C:\Program Files\<DIR> Alwil Software
[03/21/2006|08:19] C:\Program Files\<DIR> America Online 9(2).0
[11/18/2004|10:02] C:\Program Files\<DIR> America Online 9.0
[11/18/2004|10:25] C:\Program Files\<DIR> America Online 9.0a
[11/19/2004|09:15] C:\Program Files\<DIR> America Online 9.0b
[02/26/2005|12:56] C:\Program Files\<DIR> America Online 9.0c
[03/07/2005|11:39] C:\Program Files\<DIR> America Online 9.0d
[03/12/2005|12:11] C:\Program Files\<DIR> America Online 9.0e
[03/22/2006|05:06] C:\Program Files\<DIR> America Online 9.0f
[03/23/2006|09:05] C:\Program Files\<DIR> America Online 9.0g
[09/24/2008|01:21] C:\Program Files\<DIR> America Online 9.0h
[03/25/2006|08:26] C:\Program Files\<DIR> AnfyTeam
[10/01/2005|04:52] C:\Program Files\<DIR> AOD
[03/23/2006|11:56] C:\Program Files\<DIR> AOL
[03/23/2006|11:43] C:\Program Files\<DIR> AOL Deskbar
[10/08/2005|10:41] C:\Program Files\<DIR> AOL Games
[03/23/2006|11:20] C:\Program Files\<DIR> AOL Toolbar
[03/21/2006|08:23] C:\Program Files\<DIR> Aquatica 3D
[10/29/2005|07:24] C:\Program Files\<DIR> ArcSoft
[12/12/2004|07:27] C:\Program Files\<DIR> AWS
[08/07/2004|05:33] C:\Program Files\<DIR> BackWeb
[11/10/2005|12:34] C:\Program Files\<DIR> BadgeHelp
[11/04/2005|08:13] C:\Program Files\<DIR> BFG
[09/16/2008|03:30] C:\Program Files\<DIR> bfgtoolbar
[07/15/2008|09:01] C:\Program Files\<DIR> BrixoutXP Demo
[03/21/2006|08:24] C:\Program Files\<DIR> Chuzzle
[04/18/2006|07:05] C:\Program Files\<DIR> Common Files
[08/07/2004|03:00] C:\Program Files\<DIR> ComPlus Applications
[03/21/2006|08:23] C:\Program Files\<DIR> COSMI
[03/21/2006|08:20] C:\Program Files\<DIR> DAP
[11/18/2004|11:14] C:\Program Files\<DIR> Digital Lifeline
[06/15/2005|10:23] C:\Program Files\<DIR> Direct Connect
[03/21/2006|08:21] C:\Program Files\<DIR> Disspy
[03/07/2005|10:28] C:\Program Files\<DIR> DivX
[05/02/2005|11:06] C:\Program Files\<DIR> Docudesk
[12/22/2004|08:57] C:\Program Files\<DIR> DVD Copy Pal
[06/29/2005|08:36] C:\Program Files\<DIR> Easy Internet signup
[12/23/2004|05:57] C:\Program Files\<DIR> ForceASPIGUI
[12/23/2004|05:46] C:\Program Files\<DIR> Fraunhofer MP3 Codec Pro
[05/21/2005|10:56] C:\Program Files\<DIR> Free Offers from Freeze.com
[05/24/2005|04:21] C:\Program Files\<DIR> Free Offers from RI Soft Systems
[01/11/2005|11:03] C:\Program Files\<DIR> GameHouse
[03/21/2006|08:20] C:\Program Files\<DIR> GameSpy Arcade
[09/16/2008|03:30] C:\Program Files\<DIR> Google
[03/21/2006|08:23] C:\Program Files\<DIR> Grokster
[08/07/2004|05:37] C:\Program Files\<DIR> Help and Support Additions
[07/09/2008|07:34] C:\Program Files\<DIR> Hewlett-Packard
[03/07/2005|10:33] C:\Program Files\<DIR> HP
[02/27/2006|08:03] C:\Program Files\<DIR> ICOO Loader
[03/21/2006|08:23] C:\Program Files\<DIR> iMeshBar
[01/27/2005|02:05] C:\Program Files\<DIR> ImTOO
[04/26/2006|02:05] C:\Program Files\<DIR> Incomplete
[12/10/2004|10:31] C:\Program Files\<DIR> Infogrames
[11/27/2004|05:58] C:\Program Files\<DIR> inKline Global
[07/16/2008|05:16] C:\Program Files\<DIR> InstallShield Installation Information
[08/07/2004|05:08] C:\Program Files\<DIR> IntelliMover Data Transfer Demo
[11/28/2004|09:14] C:\Program Files\<DIR> interMute
[04/27/2006|04:00] C:\Program Files\<DIR> Internet Explorer
[03/07/2005|10:35] C:\Program Files\<DIR> InterVideo
[12/23/2004|05:59] C:\Program Files\<DIR> JAS
[03/25/2006|08:30] C:\Program Files\<DIR> Java
[07/15/2008|09:19] C:\Program Files\<DIR> Krakout
[11/18/2004|09:47] C:\Program Files\<DIR> Learn2.com
[03/21/2006|08:23] C:\Program Files\<DIR> Living Coral Screensaver
[06/21/2005|05:27] C:\Program Files\<DIR> Logitech
[12/03/2004|06:17] C:\Program Files\<DIR> LordofSearch
[03/25/2006|08:18] C:\Program Files\<DIR> Macromedia
[01/13/2005|06:25] C:\Program Files\<DIR> Magic Ball 2
[01/20/2005|08:59] C:\Program Files\<DIR> MagicBall
[12/19/2004|04:45] C:\Program Files\<DIR> MagicDVDRipper
[07/15/2008|08:34] C:\Program Files\<DIR> ManiacBall
[10/29/2005|07:26] C:\Program Files\<DIR> mars
[07/16/2008|05:16] C:\Program Files\<DIR> Maxis
[03/23/2006|11:52] C:\Program Files\<DIR> McAfee.com
[09/24/2008|03:35] C:\Program Files\<DIR> Messenger
[04/13/2005|06:50] C:\Program Files\<DIR> Microsoft ActiveSync
[08/04/2005|06:54] C:\Program Files\<DIR> Microsoft AntiSpyware
[09/24/2008|03:30] C:\Program Files\<DIR> Microsoft CAPICOM 2.1.0.2
[08/07/2004|03:03] C:\Program Files\<DIR> microsoft frontpage
[09/19/2005|08:09] C:\Program Files\<DIR> Microsoft Games
[06/11/2005|05:52] C:\Program Files\<DIR> Microsoft NetShow
[05/17/2005|08:23] C:\Program Files\<DIR> Microsoft Office
[08/07/2004|05:11] C:\Program Files\<DIR> Microsoft Plus! Photo Story 2 LE
[05/17/2005|08:25] C:\Program Files\<DIR> Microsoft Streets and Trips
[08/07/2004|05:16] C:\Program Files\<DIR> Microsoft Visual Studio
[04/13/2005|07:06] C:\Program Files\<DIR> Microsoft Works
[04/13/2005|06:48] C:\Program Files\<DIR> Microsoft.NET
[03/21/2006|08:24] C:\Program Files\<DIR> Morpheus Download Client
[11/18/2004|11:13] C:\Program Files\<DIR> Motive
[08/07/2004|03:01] C:\Program Files\<DIR> Movie Maker
[08/07/2004|05:48] C:\Program Files\<DIR> MSN
[08/07/2004|05:02] C:\Program Files\<DIR> MSN Encarta Standard
[04/07/2006|12:39] C:\Program Files\<DIR> MSN Gaming Zone
[09/23/2008|11:55] C:\Program Files\<DIR> MSN Messenger
[09/21/2005|03:34] C:\Program Files\<DIR> MsnMusic
[12/21/2005|06:45] C:\Program Files\<DIR> MsUpdate
[11/25/2004|11:00] C:\Program Files\<DIR> MSXML 4.0
[11/01/2004|02:53] C:\Program Files\<DIR> muvee Technologies
[09/25/2005|08:31] C:\Program Files\<DIR> MyWay
[07/19/2005|05:03] C:\Program Files\<DIR> netbeans-4.1
[06/11/2005|05:52] C:\Program Files\<DIR> NetMeeting
[09/25/2008|01:14] C:\Program Files\<DIR> NortonInstaller
[12/07/2004|09:01] C:\Program Files\<DIR> Oberon Media
[04/13/2005|07:08] C:\Program Files\<DIR> OfficeUpdate11
[12/07/2004|10:13] C:\Program Files\<DIR> Ondine Computing
[08/07/2004|05:52] C:\Program Files\<DIR> Online Services
[04/27/2006|04:02] C:\Program Files\<DIR> Outlook Express
[08/07/2004|05:38] C:\Program Files\<DIR> PC-Doctor for Windows
[07/17/2005|07:34] C:\Program Files\<DIR> PicoZip
[03/21/2006|08:23] C:\Program Files\<DIR> PopCap Games
[01/26/2005|08:32] C:\Program Files\<DIR> Prassi PrimoDVD 2.0 (English)
[03/21/2006|11:28] C:\Program Files\<DIR> Pure Networks
[03/07/2005|10:40] C:\Program Files\<DIR> Quicken
[08/07/2004|05:20] C:\Program Files\<DIR> QuickTime
[11/28/2004|10:47] C:\Program Files\<DIR> Real
[11/26/2004|10:20] C:\Program Files\<DIR> ReflexiveArcade
[07/17/2008|11:01] C:\Program Files\<DIR> Ricochet
[04/05/2005|05:29] C:\Program Files\<DIR> Ricochet Lost Worlds
[04/26/2006|08:47] C:\Program Files\<DIR> Ricochet Lost Worlds Recharged
[03/23/2006|07:50] C:\Program Files\<DIR> Ricochet Xtreme
[03/21/2006|08:23] C:\Program Files\<DIR> Riverdeep
[03/21/2006|08:23] C:\Program Files\<DIR> ScreenSaver.com
[10/01/2005|04:52] C:\Program Files\<DIR> Screensavers.com
[04/18/2005|07:59] C:\Program Files\<DIR> SearchRelevant
[03/21/2006|08:23] C:\Program Files\<DIR> ShareazaPlus
[02/23/2005|05:20] C:\Program Files\<DIR> Shockwave.com
[01/13/2005|08:50] C:\Program Files\<DIR> Siber Systems
[11/18/2004|09:32] C:\Program Files\<DIR> Software Jukebox 2.0
[04/27/2006|04:02] C:\Program Files\<DIR> SoftwareOnline
[12/19/2004|04:58] C:\Program Files\<DIR> Soulseek
[09/16/2008|05:53] C:\Program Files\<DIR> SpyKiller
[06/29/2005|05:26] C:\Program Files\<DIR> Spyware Cleaner
[09/24/2008|11:27] C:\Program Files\<DIR> SpywareBlaster
[11/24/2004|10:10] C:\Program Files\<DIR> Starkanoid
[11/23/2004|09:05] C:\Program Files\<DIR> StreamCast
[12/03/2004|04:53] C:\Program Files\<DIR> support.com
[10/13/2005|08:59] C:\Program Files\<DIR> Surf Drive Default
[07/17/2005|09:04] C:\Program Files\<DIR> Symantec
[03/23/2006|01:21] C:\Program Files\<DIR> The Great Mahjong
[09/10/2005|02:42] C:\Program Files\<DIR> The Print Shop 20
[11/24/2004|09:47] C:\Program Files\<DIR> TLKGAMES
[03/28/2006|07:35] C:\Program Files\<DIR> TornadoGames
[12/03/2004|05:55] C:\Program Files\<DIR> Torrent Search
[09/24/2008|02:02] C:\Program Files\<DIR> Trend Micro
[09/19/2005|08:08] C:\Program Files\<DIR> TrustyFiles
[12/10/2004|05:51] C:\Program Files\<DIR> TryMedia
[03/21/2006|08:23] C:\Program Files\<DIR> Tumblebugs
[08/07/2004|03:07] C:\Program Files\<DIR> Uninstall Information
[08/07/2004|05:33] C:\Program Files\<DIR> Updates from HP
[11/25/2004|05:18] C:\Program Files\<DIR> UZC
[12/23/2004|05:41] C:\Program Files\<DIR> VCDEasy
[01/08/2005|06:23] C:\Program Files\<DIR> VIA
[09/23/2008|11:27] C:\Program Files\<DIR> Viewpoint
[09/10/2005|02:32] C:\Program Files\<DIR> Web Publish
[11/24/2004|07:23] C:\Program Files\<DIR> Webroot
[01/26/2005|11:02] C:\Program Files\<DIR> WildTangent
[03/22/2006|04:04] C:\Program Files\<DIR> Windows Media Player
[08/16/2004|06:02] C:\Program Files\<DIR> Windows NT
[08/07/2004|03:01] C:\Program Files\<DIR> WindowsUpdate
[11/25/2004|05:59] C:\Program Files\<DIR> WinRAR
[07/18/2005|06:51] C:\Program Files\<DIR> winupdate
[09/08/2005|09:46] C:\Program Files\<DIR> winupdates
[07/17/2005|07:39] C:\Program Files\<DIR> WinZip
[07/23/2005|12:16] C:\Program Files\<DIR> WON
[02/23/2005|07:31] C:\Program Files\<DIR> WXPSP2ConnectionPatcher
[08/07/2004|03:03] C:\Program Files\<DIR> xerox
[08/04/2005|06:55] C:\Program Files\<DIR> Yahoo!
[11/25/2004|11:13] C:\Program Files\<DIR> Zone.com Deluxe Games
[04/27/2006|04:06] C:\Program Files\<DIR> ZoneOrchestrator

--------------------\\ Listing Folders in C:\Program Files\Common Files

[12/23/2004|09:04] C:\Program Files\Common Files\<DIR> Adobe
[09/15/2008|03:12] C:\Program Files\Common Files\<DIR> AOL
[03/07/2005|11:36] C:\Program Files\Common Files\<DIR> aolback
[03/21/2006|08:19] C:\Program Files\Common Files\<DIR> AolCoach
[03/21/2006|08:18] C:\Program Files\Common Files\<DIR> AolCoach(2)
[03/23/2006|11:18] C:\Program Files\Common Files\<DIR> aolshare
[09/10/2005|02:26] C:\Program Files\Common Files\<DIR> Broderbund
[11/26/2004|04:34] C:\Program Files\Common Files\<DIR> Cosmi
[04/13/2005|06:50] C:\Program Files\Common Files\<DIR> DESIGNER
[07/13/2008|03:46] C:\Program Files\Common Files\<DIR> EasyInfo
[08/07/2004|04:25] C:\Program Files\Common Files\<DIR> Hewlett-Packard
[03/30/2005|07:32] C:\Program Files\Common Files\<DIR> hncfdhpt
[08/07/2004|04:25] C:\Program Files\Common Files\<DIR> HP
[12/08/2004|08:14] C:\Program Files\Common Files\<DIR> InstallShield
[11/18/2004|09:17] C:\Program Files\Common Files\<DIR> Intuit
[03/25/2006|08:28] C:\Program Files\Common Files\<DIR> Java
[04/13/2005|06:50] C:\Program Files\Common Files\<DIR> L&H
[06/21/2005|05:27] C:\Program Files\Common Files\<DIR> Logitech
[03/25/2006|08:22] C:\Program Files\Common Files\<DIR> Macromedia
[12/20/2005|07:47] C:\Program Files\Common Files\<DIR> McAfee
[04/05/2006|03:03] C:\Program Files\Common Files\<DIR> Microsoft Shared
[11/18/2004|09:33] C:\Program Files\Common Files\<DIR> MSJB NA01D Shared
[08/07/2004|03:01] C:\Program Files\Common Files\<DIR> MSSoap
[11/01/2004|02:53] C:\Program Files\Common Files\<DIR> muvee Technologies
[12/13/2004|06:42] C:\Program Files\Common Files\<DIR> NSV
[11/18/2004|09:47] C:\Program Files\Common Files\<DIR> Nullsoft
[12/07/2004|09:01] C:\Program Files\Common Files\<DIR> Oberon Media
[08/07/2004|07:55] C:\Program Files\Common Files\<DIR> ODBC
[12/09/2004|09:58] C:\Program Files\Common Files\<DIR> Real
[01/28/2005|08:12] C:\Program Files\Common Files\<DIR> Roxio Shared
[12/20/2005|07:56] C:\Program Files\Common Files\<DIR> Scanner
[08/16/2004|06:02] C:\Program Files\Common Files\<DIR> Services
[08/07/2004|07:55] C:\Program Files\Common Files\<DIR> SpeechEngines
[07/17/2005|07:08] C:\Program Files\Common Files\<DIR> Symantec Shared
[04/27/2006|04:02] C:\Program Files\Common Files\<DIR> System
[12/19/2004|05:01] C:\Program Files\Common Files\<DIR> Ulead Systems
[12/23/2004|05:56] C:\Program Files\Common Files\<DIR> Wise Installation Wizard
[12/09/2004|09:58] C:\Program Files\Common Files\<DIR> xing shared

--------------------\\ Process

( 54 Processes )

... OK !

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

C:\DOCUME~1\HP_Owner\APPLIC~1\surfdr~1
C:\DOCUME~1\LOCALS~1\APPLIC~1\surfdr~1
C:\Program Files\surfdr~1
C:\DOCUME~1\HP_Owner\LOCALS~1\Temp\nsqC.tmp
C:\DOCUME~1\HP_Owner\LOCALS~1\Temp\nsqD.tmp
C:\WINDOWS\Tasks\DA9C7E709C8C448C.job

--------------------\\ Searching within the Registry

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Checking the Hosts file

Hosts file CLEAN


--------------------\\ Searching for hidden files with Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-26 00:35:34
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Searching for other infections

--------------------\\ ROGUES ..

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\HP_Owner\Desktop\music\other music\Monsters of the Midday-Bubba Whoopass Wilson - Generation Buttcrack (Live).mp3
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Cracks
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\ea.games.multi.keygen.exe
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Hackerspider.de.lnk
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Shareaza.lnk
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Yahoo Games and Cracks
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\#.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\a.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\b.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\c.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\d.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\e.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\f.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\g.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\h.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\i.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\j.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\k.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\l.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\m.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\n.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\o.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\p.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\q.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\r.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\s.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\t.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\u.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\v.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\w.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\y.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\z.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Cracks\R
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Cracks\R\A
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Cracks\R\E
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Cracks\R\A\RA_Rebound_Lost_Worlds_Recharged.zip
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Cracks\R\E\Rebound_Lost_Worlds_v1.0_build_11_RN_1024x768_Fix.zip
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Cracks\R\E\Rebound_Lost_Worlds_v1.0_build_11_RN_Patch_by_FFF.zip
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Yahoo Games and Cracks\1My Site.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Yahoo Games and Cracks\Game Cracks.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Yahoo Games and Cracks\Gem Drop.exe
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Yahoo Games and Cracks\Glinx.exe
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Yahoo Games and Cracks\Letter Linker.exe
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Yahoo Games and Cracks\Mahjong.exe
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Yahoo Games and Cracks\Pop & Drop.exe
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Yahoo Games and Cracks\Solitaire 1.exe
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Yahoo Games and Cracks\Super Text Twist.exe
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Yahoo Games and Cracks\What Word.exe
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\dowmload prog\Norton.Antivirus.2004.PRO.KEYGEN.exe
C:\DOCUME~1\HP_Owner\My Documents\Downloads\Limewire Lime Wire Pro v.4.8.1+Crack+Java.zip
C:\DOCUME~1\HP_Owner\My Documents\Downloads\Metadata\2_Magic_Ball_Game_Installer_&_Crack_-Full_Version-.rar.xml
C:\DOCUME~1\HP_Owner\My Documents\Downloads\Metadata\Jenna Haze - Fasttimes At Deep Crack High #4 Porn Flatrix Young Teen Hustler [bleep] Playboy Asian Comedy Preteen Raped Sist.mpg.xml
C:\DOCUME~1\HP_Owner\My Documents\Downloads\Metadata\Limewire Lime Wire Pro v.4.8.1+Crack+Java.zip.xml
C:\DOCUME~1\HP_Owner\My Documents\Downloads\Metadata\Magic Ball 2+crack.rar.xml
C:\DOCUME~1\HP_Owner\My Documents\Downloads\Metadata\McAfee Personal Firewall Plus v5.0 +Crack.zip.xml
C:\DOCUME~1\HP_Owner\My Documents\Downloads\Metadata\Roxio Easy Media Creator v7.0 Activation Crack.rar.xml
C:\DOCUME~1\HP_Owner\My Documents\Downloads\Metadata\Zone Alarm Pro5 Keygen.zip.xml
C:\DOCUME~1\HP_Owner\My Documents\Downloads\Metadata\Zone Alarm Pro5+Keygen.ZIP.xml
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\BearShare Pro 4.6.0 +Crack (Works 100%)
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Grokster Pro 1.7 Ad-Free With Crack And No Spyware - Uses Same Network As Kazaa And The Original Morpheus
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Limewire Lime Wire Pro v.4.8.1+Crack+Java
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\microsoftoffice2003winallfixcrackfff[1]
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\microsoftoffice2003winallgenericfixv2.xcrackfff[1]
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\BearShare Pro 4.6.0 +Crack (Works 100%)\BearShare Pro 4.6.0 +Crack (Works 100%)
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\BearShare Pro 4.6.0 +Crack (Works 100%)\BearShare Pro 4.6.0 +Crack (Works 100%)\BSPROINSTALL.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\BearShare Pro 4.6.0 +Crack (Works 100%)\BearShare Pro 4.6.0 +Crack (Works 100%)\crack.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Grokster Pro 1.7 Ad-Free With Crack And No Spyware - Uses Same Network As Kazaa And The Original Morpheus\EM.nfo
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Grokster Pro 1.7 Ad-Free With Crack And No Spyware - Uses Same Network As Kazaa And The Original Morpheus\GrokLoader.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Grokster Pro 1.7 Ad-Free With Crack And No Spyware - Uses Same Network As Kazaa And The Original Morpheus\groksterpro.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Limewire Lime Wire Pro v.4.8.1+Crack+Java\Limewire Lime Wire Pro v.4.8.1+Crack+Java
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Limewire Lime Wire Pro v.4.8.1+Crack+Java\Limewire Lime Wire Pro v.4.8.1+Crack+Java\Java Runtime Environment.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Limewire Lime Wire Pro v.4.8.1+Crack+Java\Limewire Lime Wire Pro v.4.8.1+Crack+Java\Lime Wire Pro 4.8.1.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\8 PopCap Games\Alchemy\WinAlchemy Crack.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\8 PopCap Games\Atomica Deluxe\Crack.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\8 PopCap Games\Dynomite\Dynomite v1.2 Full Crack.exe


[F:1970][D:25]-> C:\DOCUME~1\HP_Owner\LOCALS~1\Temp
[F:228][D:0]-> C:\DOCUME~1\HP_Owner\Cookies
[F:6981][D:9]-> C:\DOCUME~1\HP_Owner\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - Fri 09/26/2008| 0:37 - Option : [1]

--------------------\\ Scan completed at 0:37:49















Malwarebytes' Anti-Malware 1.27
Database version: 1127
Windows 5.1.2600 Service Pack 2

9/26/2008 12:57:30 AM
mbam-log-2008-09-26 (00-57-30).txt

Scan type: Quick Scan
Objects scanned: 52379
Time elapsed: 10 minute(s), 50 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 34
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 23
Files Infected: 107

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\bfgtoolbar.bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bfgtoolbar.bfgtoolbarmenu button (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bfgtoolbar.bfgtoolbartoggle button (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\gnucdna.core (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\icoou.icooprotocol (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\icoou.icooprotocol.1 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\c:/windows/downloaded program files/popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{014da6c4-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{014da6c6-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{89dc33a2-f86f-42a1-8b5f-d4d1943efc9c} (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{86fe362e-74fa-4f71-8b69-b94d28880628} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{87255c51-cd7d-4506-b9ad-97606daf53f3} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{014da6c9-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3b} (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3c} (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0ab5b0d8-2b74-4c1c-8fa4-e52550b8b45b} (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{760aca60-79c3-4875-9d19-b14a5b3fea77} (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{883ea659-ed80-46f9-9ed2-83327f67789f} (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b64c73d7-459e-4816-91f9-1348f8e36984} (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{722d2939-a14a-41a9-9eac-ab8f4e295819} (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{88d758a3-d33b-45fd-91e3-67749b4057fa} (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Screensavers.com (Adware.Comet) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\Screensavers.com (Adware.Comet) -> Quarantined and deleted successfully.
C:\Program Files\Screensavers.com\Installer (Adware.Comet) -> Quarantined and deleted successfully.
C:\Program Files\Screensavers.com\Installer\bin (Adware.Comet) -> Quarantined and deleted successfully.
C:\Program Files\Screensavers.com\Installer\Ready (Adware.Comet) -> Quarantined and deleted successfully.
C:\Program Files\Screensavers.com\Installer\temp (Adware.Comet) -> Quarantined and deleted successfully.
C:\Program Files\Screensavers.com\Installer\Upload (Adware.Comet) -> Quarantined and deleted successfully.
C:\Program Files\Screensavers.com\Wallpaper (Adware.Comet) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\NewCfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\MyWay (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\0.bin (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\SrchAstt (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\SrchAstt\1.bin (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\SrchAstt\Cache (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\SrchAstt\Settings (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\contexts (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\bfgtoolbar\NewCfg (Adware.OneToolBar) -> Quarantined and deleted successfully.

Files Infected:
C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\RKInstaller.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Program Files\Screensavers.com\Installer\bin\iebyterange.xml (Adware.Comet) -> Quarantined and deleted successfully.
C:\Program Files\Screensavers.com\Installer\bin\iebyterange.xml.backup (Adware.Comet) -> Quarantined and deleted successfully.
C:\Program Files\Screensavers.com\Installer\bin\ScreensaversInst.dll (Adware.Comet) -> Quarantined and deleted successfully.
C:\Program Files\Screensavers.com\Installer\bin\siuninst.exe (Adware.Comet) -> Quarantined and deleted successfully.
C:\Program Files\Screensavers.com\Wallpaper\swpstart.exe (Adware.Comet) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\install.ico (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\toolbar.ini (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\uninstall.exe (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\1.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\10.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\2.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\20off.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\3.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\4.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\5.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\6.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\7.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\8.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\9.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\a.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\action.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\atlantis.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\bfgtoolbartb0401.cfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\bfg_greetings.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\card.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\COMBOSEARCH.acs (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\ErrorLog.txt (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\fgh.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\ivillage.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\logo.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\mahjong.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\mygames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\mygamestoolbar.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\new.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\newgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\nick.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\nickjr.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\puzzle.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\search.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\thelagoon.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\thereef.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\topten.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\webgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\word.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\bfgtoolbar\Cache\y.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\SrchAstt\1.bin\PARTNER.DAT (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\SrchAstt\Cache\0EDEEADC (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\SrchAstt\Cache\0FB07AA0 (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\SrchAstt\Cache\16A1DD3F (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\SrchAstt\Cache\files.ini (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\SrchAstt\Settings\prevcfg.htm (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\cursorcafe.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\cursorcafeA.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\games.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\gamesA.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\screensaver.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\screensaverA.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\contexts\error.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\contexts\related.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\contexts\travel.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\contexts\Travel.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\ProductMessagingConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\ProductMessagingConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\SimpleUpdateConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\SimpleUpdateConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\TimerManagerConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\TimerManagerConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\bfgtoolbar\1.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\bfgtoolbar\10.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\bfgtoolbar\2.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\bfgtoolbar\20off.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\bfgtoolbar\3.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\bfgtoolbar\4.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\bfgtoolbar\5.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\bfgtoolbar\6.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\D
  • 0

#5
RatHat
Posted 25 September 2008 - 11:30 PM

RatHat

    Ex Malware Expert

  • Expert
  • 7,829 posts
There is a lot of junk in this machine! Whoever had it before you really downloaded a load of crap.

OK, this is going to take a fair bit of cleaning work. So lets deal with Lop first:

Disable resident protections (Antivirus...); you'll re-enable them after the scan

Double-click Lop S&D.exe
Choose the language, then choose Option 2 (Fix + Hosts)
Wait till the end of the scan
Post the log which is created: (%SystemDrive%\lopR.txt)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Please read this Combofix tutorial before continuing, then follow the instructions below.

Please ensure you read this guide carefully and install the Recovery Console first.

Next, download ComboFix from Here or Here to your Desktop.

Go to Microsoft's website => http://support.microsoft.com/kb/310994
Select the download that's appropriate for your Operating System.

Posted Image

Download the file & save it as it's originally named, next to ComboFix.exe.

Posted Image

Now close all open windows and programs, then drag the setup package onto ComboFix.exe and drop it. Follow the prompts to start ComboFix and when prompted, agree to the End-User License Agreement to install the Microsoft Recovery Console.

The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

Once installed, you should see a blue screen prompt that says:

The Recovery Console was successfully installed.

Posted Image

Please continue as follows:
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Click Yes to allow ComboFix to continue scanning for malware.
When the tool is finished, it will produce a report for you. Save this log to your desktop as Combofix.txt and post it in your next reply.

(Note: Combofix will also save the report to C:\Combofix.txt)

Regards,
RatHat
  • 0

#6
crazyeagle
Posted 26 September 2008 - 12:25 AM

crazyeagle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 93 posts
ok did as u said dl then dragged
everything was as u said
i got to the blue screen that says
scanning for infected files............
after about 15 sec i got a error box saying the following


Error
this machine already has the recovery console installed
aborting operation

had only the option to click ok
i clicked ok
it dissapeared

did i do something wrong??
  • 0

#7
crazyeagle
Posted 26 September 2008 - 12:40 AM

crazyeagle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 93 posts
ok reboted closed everything tried again same thing
  • 0

#8
RatHat
Posted 26 September 2008 - 12:55 AM

RatHat

    Ex Malware Expert

  • Expert
  • 7,829 posts
OK, just run Combofix by double clicking on the Cat icon and following the prompts.

Do not try to install the recovery console by dragging the MS file into Combofix.

Post me the log it produces along with the log from LopS&D when it has completed running.
  • 0

#9
crazyeagle
Posted 26 September 2008 - 01:54 AM

crazyeagle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 93 posts
ComboFix 08-09-25.03 - HP_Owner 2008-09-26 2:58:10.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.120 [GMT -4:00]
Running from: C:\Documents and Settings\HP_Owner\Desktop\fix\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\iMeshBar
C:\Program Files\msupdate
C:\Program Files\msupdate\a.zip
C:\Program Files\SoftwareOnline
C:\Program Files\winupdate
C:\Program Files\winupdates
C:\WINDOWS\cdmxtras
C:\WINDOWS\pp.exe
C:\WINDOWS\system32\bszip.dll
C:\WINDOWS\system32\cache329
C:\WINDOWS\system32\taskkill.com
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2008-08-26 to 2008-09-26 )))))))))))))))))))))))))))))))
.

2008-09-26 00:59 . 2008-09-26 01:00 <DIR> d-------- C:\rsit
2008-09-26 00:42 . 2008-09-26 00:42 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-26 00:42 . 2008-09-26 00:42 <DIR> d-------- C:\Documents and Settings\HP_Owner\Application Data\Malwarebytes
2008-09-26 00:42 . 2008-09-26 00:42 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-26 00:42 . 2008-09-08 00:11 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-26 00:42 . 2008-09-08 00:11 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-26 00:33 . 2008-09-26 00:37 <DIR> d-------- C:\Lop SD
2008-09-25 00:53 . 2008-09-25 01:14 <DIR> d-------- C:\Program Files\NortonInstaller
2008-09-25 00:53 . 2008-09-25 00:53 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2008-09-25 00:48 . 2008-09-26 01:06 <DIR> d-------- C:\WINDOWS\system32\CatRoot_bak
2008-09-24 23:28 . 2008-09-24 23:45 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-24 23:27 . 2008-09-24 23:27 <DIR> d-------- C:\Program Files\SpywareBlaster
2008-09-24 23:27 . 2005-04-15 20:58 1,071,088 --a------ C:\WINDOWS\system32\MSCOMCTL.OCX
2008-09-24 23:22 . 2008-09-24 23:22 <DIR> d-------- C:\ie-spyad_zo
2008-09-24 23:18 . 2004-04-05 17:33 45,208 --a------ C:\WINDOWS\system32\connwsp.dll
2008-09-24 03:34 . 2005-06-28 10:21 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-09-24 03:30 . 2008-09-24 03:30 <DIR> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-09-24 02:02 . 2008-09-24 02:02 <DIR> d-------- C:\Program Files\Trend Micro
2008-09-24 00:44 . 2008-09-24 00:44 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-09-23 23:56 . 2008-06-13 09:10 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-09-23 23:56 . 2008-06-13 09:10 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-09-23 23:27 . 2008-09-23 23:27 <DIR> d-------- C:\Program Files\Viewpoint
2008-09-23 23:27 . 2008-09-23 23:27 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-09-19 12:07 . 2004-08-04 15:00 1,688 --a------ C:\WINDOWS\system32\autoexec.nt
2008-09-16 12:21 . 2008-07-18 22:07 29,728 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-09-16 12:19 . 2008-07-18 22:10 33,992 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2008-09-16 12:19 . 2008-07-18 22:09 25,800 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2008-09-16 12:19 . 2008-07-18 22:09 25,800 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2008-09-16 12:19 . 2008-07-18 22:08 20,680 --a------ C:\WINDOWS\system32\wuaueng.dll.mui

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-25 03:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\mcafee.com personal firewall
2008-09-24 05:21 --------- d-----w C:\Program Files\America Online 9.0h
2008-09-24 03:55 --------- d-----w C:\Program Files\MSN Messenger
2008-09-16 21:53 --------- d-----w C:\Program Files\SpyKiller
2008-09-16 19:30 --------- d-----w C:\Program Files\Google
2008-09-15 19:12 --------- d-----w C:\Program Files\Common Files\AOL
2008-07-19 02:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-19 02:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-19 02:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-19 02:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-19 02:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-19 02:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-19 02:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-19 02:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-19 02:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-19 02:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-07 20:32 253,952 ----a-w C:\WINDOWS\system32\es.dll
1999-06-25 15:55 149,504 -c--a-w C:\Program Files\UNWISE.EXE
2004-12-07 00:51 56 -csh--r C:\WINDOWS\system32\77A28103A1.sys
2004-12-07 00:51 1,682 -csha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PicoZip"="C:\PROGRA~1\PicoZip\PicoZipTray.exe" [2004-07-05 449536]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-01-18 196608]
"RoboForm"="C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2005-06-26 118784]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2005-06-14 6856704]
"AOL Fast Start"="C:\Program Files\America Online 9.0h\AOL.EXE" [2005-07-12 50776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"HPHUPD06"="c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 49152]
"HPHmon06"="C:\WINDOWS\system32\hphmon06.exe" [2004-06-07 659456]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 233472]
"AOLDialer"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" [2004-10-20 34904]
"MotiveMonitor"="C:\Program Files\Motive\AsstCommon\motmon.exe" [2002-09-27 135168]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-03-24 172032]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2004-12-09 180269]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2004-08-07 98304]
"DXM6Patch_981116"="C:\WINDOWS\p_981116.exe" [1998-11-30 497376]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 221184]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-01-18 458752]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-01-18 217088]
"KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 61440]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2004-10-25 90112]
"AOLSPScheduler"="C:\Program Files\Common Files\AOL\1100862348\ee\services\sscAntiSpywarePlugin\ver1_10_3_1\AOLSP Scheduler.exe" [2005-11-30 8808]
"sscRun"="C:\Program Files\Common Files\AOL\1100862348\ee\services\sscFirewallPlugin\ver1_10_3_1\SSCRun.exe" [2005-11-30 136808]
"OASClnt"="C:\Program Files\mcafee.com\antivirus\oasclnt.exe" [2005-08-18 116272]
"EmailScan"="C:\Program Files\mcafee.com\antivirus\mcvsescn.exe" [2005-10-19 460336]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-17 49152]
"Pure Networks Port Magic"="C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" [2004-04-05 99480]
"MPFExe"="C:\Program Files\mcafee.com\personal firewall\MPfTray.exe" [2005-11-04 988712]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 36975]
"HostManager"="C:\Program Files\Common Files\AOL\1100862348\ee\AOLSoftware.exe" [2005-12-15 50792]
"Accelerate2002"="C:\Program Files\Webroot\Accelerate\accelerate2002.exe" [2001-11-16 1696256]
"VTTimer"="VTTimer.exe" [2004-10-22 C:\WINDOWS\system32\VTTimer.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2005-03-04 C:\WINDOWS\AGRSMMSG.exe]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Digital Lifeline.lnk - C:\Program Files\Digital Lifeline\bin\mpbtn.exe [2004-11-18 172032]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-05-29 241664]
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2004-11-01 163840]
Updates from HP.lnk - C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe [2004-08-07 16423]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3acm"= l3codecp.acm
"VIDC.VDOM"= vdowave.drv
"VIDC.MPG4"= msscmc32.dll
"VIDC.TR20"= tr2032.dll
"msacm.voxacm119"= vdk32119.acm
"vidc.vivo"= ivvideo.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Updates from HP\\309731\\Program\\Updates from HP.exe"=
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"C:\\Program Files\\America Online 9.0a\\waol.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\America Online 9.0b\\waol.exe"=
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"=
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"=
"C:\\Program Files\\Common Files\\AOL\\1100862348\\EE\\AOLServiceHost.exe"=
"C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"=
"C:\\Program Files\\America Online 9.0c\\waol.exe"=
"C:\\Program Files\\StreamCast\\Morpheus\\MorphEXE.exe"=
"C:\\Program Files\\Album Galaxy\\AlbumGalaxy.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=

R3 PxHelper;PxHelper;C:\WINDOWS\system32\drivers\PxHelper.sys [2001-04-10 15776]
S3 memsysdrv;Memory System;C:\WINDOWS\system32\drivers\memsysdrv.sys [2006-04-06 44238]
S3 MR97310_VGA_DUAL_CAMERA;Argus Digital Camera;C:\WINDOWS\system32\DRIVERS\mr97310v.sys [2005-04-27 110336]
S3 usbprint;Microsoft USB PRINTER Class;C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Skype - C:\Program Files\Skype\Phone\Skype.exe
HKCU-Run-SpyKiller - C:\Program Files\SpyKiller\spykiller.exe
HKCU-Run-Weather - C:\Program Files\AWS\WeatherBug\Weather.exe
HKCU-Run-BestPopUpKiller - C:\Program Files\BestPopUpKiller\BestPopupKiller.exe
HKLM-Run-avast! - C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
HKLM-Run-iTunesHelper - C:\Program Files\iTunes\iTunesHelper.exe


.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.yahoo.com/
R0 -: HKLM-Main,Start Page = hxxp://www.msn.com
R0 -: HKLM-Main,Window Title = Microsoft Internet Explorer provided by Comcast
R1 -: HKCU-Internet Connection Wizard,ShellNext = iexplore
O8 -: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\aoltbhtml.dll/search.html
O8 -: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 -: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 -: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 -: E&xport to Microsoft Excel - C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 -: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 -: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 -: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 -: {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/
O9 -: {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/
O9 -: {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/
O9 -: {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ -
O9 -: {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ -
O9 -: {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ -
O17 -: HKLM\CCS\Interface\{51E4626B-F65F-4546-8D37-D843B5C9132A}: NameServer = 208.67.222.222,208.67.220.220
O17 -: HKLM\CCS\Interface\{E6C10EB8-1ABD-465A-A433-10064B5A181F}: NameServer = 208.67.222.222,208.67.220.220
O18 -: Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} -
O18 -: Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} -
O18 -: Name-Space Handler: HTTPS\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} -

O16 -: Microsoft XML Parser for Java - file://C:\WINDOWS\Java\classes\xmldso.cab
C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-26 02:59:32
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-09-26 3:07:44
ComboFix-quarantined-files.txt 2008-09-26 07:07:38

Pre-Run: 162,821,005,312 bytes free
Post-Run: 162,666,893,312 bytes free

209 --- E O F --- 2008-09-25 04:57:12







ComboFix 08-09-25.03 - HP_Owner 2008-09-26 3:23:29.2 - NTFSx86
Running from: C:\Documents and Settings\HP_Owner\Desktop\fix\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2008-08-26 to 2008-09-26 )))))))))))))))))))))))))))))))
.

2008-09-26 00:59 . 2008-09-26 01:00 <DIR> d-------- C:\rsit
2008-09-26 00:42 . 2008-09-26 00:42 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-26 00:42 . 2008-09-26 00:42 <DIR> d-------- C:\Documents and Settings\HP_Owner\Application Data\Malwarebytes
2008-09-26 00:42 . 2008-09-26 00:42 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-26 00:42 . 2008-09-08 00:11 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-26 00:42 . 2008-09-08 00:11 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-26 00:33 . 2008-09-26 03:21 <DIR> d-------- C:\Lop SD
2008-09-25 00:53 . 2008-09-25 01:14 <DIR> d-------- C:\Program Files\NortonInstaller
2008-09-25 00:53 . 2008-09-25 00:53 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2008-09-25 00:48 . 2008-09-26 03:18 <DIR> d-------- C:\WINDOWS\system32\CatRoot_bak
2008-09-24 23:28 . 2008-09-24 23:45 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-24 23:27 . 2008-09-24 23:27 <DIR> d-------- C:\Program Files\SpywareBlaster
2008-09-24 23:27 . 2005-04-15 20:58 1,071,088 --a------ C:\WINDOWS\system32\MSCOMCTL.OCX
2008-09-24 23:22 . 2008-09-24 23:22 <DIR> d-------- C:\ie-spyad_zo
2008-09-24 23:18 . 2004-04-05 17:33 45,208 --a------ C:\WINDOWS\system32\connwsp.dll
2008-09-24 03:34 . 2005-06-28 10:21 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-09-24 03:30 . 2008-09-24 03:30 <DIR> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-09-24 02:02 . 2008-09-24 02:02 <DIR> d-------- C:\Program Files\Trend Micro
2008-09-24 00:44 . 2008-09-24 00:44 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-09-23 23:56 . 2008-06-13 09:10 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-09-23 23:56 . 2008-06-13 09:10 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-09-23 23:27 . 2008-09-23 23:27 <DIR> d-------- C:\Program Files\Viewpoint
2008-09-19 12:07 . 2004-08-04 15:00 1,688 --a------ C:\WINDOWS\system32\autoexec.nt
2008-09-16 12:21 . 2008-07-18 22:07 29,728 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-09-16 12:19 . 2008-07-18 22:10 33,992 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2008-09-16 12:19 . 2008-07-18 22:09 25,800 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2008-09-16 12:19 . 2008-07-18 22:09 25,800 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2008-09-16 12:19 . 2008-07-18 22:08 20,680 --a------ C:\WINDOWS\system32\wuaueng.dll.mui

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-25 03:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\mcafee.com personal firewall
2008-09-24 05:21 --------- d-----w C:\Program Files\America Online 9.0h
2008-09-24 03:55 --------- d-----w C:\Program Files\MSN Messenger
2008-09-16 21:53 --------- d-----w C:\Program Files\SpyKiller
2008-09-16 19:30 --------- d-----w C:\Program Files\Google
2008-09-15 19:12 --------- d-----w C:\Program Files\Common Files\AOL
1999-06-25 15:55 149,504 -c--a-w C:\Program Files\UNWISE.EXE
2004-12-07 00:51 56 -csh--r C:\WINDOWS\system32\77A28103A1.sys
2004-12-07 00:51 1,682 -csha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( snapshot@2008-09-26_ 3.07.08.92 )))))))))))))))))))))))))))))))))))))))))
.
- 2005-04-13 10:50:06 1,100,392 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Excel\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
+ 2008-09-26 07:11:41 1,103,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Excel\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
- 2005-04-13 10:50:06 141,928 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Graph\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll
+ 2008-09-26 07:11:20 144,784 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Graph\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll
- 2005-04-13 10:50:07 408,176 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Outlook\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Outlook.dll
+ 2008-09-26 07:11:48 411,024 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Outlook\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Outlook.dll
- 2005-04-13 10:50:07 35,448 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.OutlookViewCtl\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OutlookViewCtl.dll
+ 2008-09-26 07:11:46 38,304 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.OutlookViewCtl\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OutlookViewCtl.dll
- 2005-04-13 10:50:07 461,416 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Owc11\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Owc11.dll
+ 2008-09-26 07:11:37 464,272 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Owc11\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Owc11.dll
- 2005-04-13 10:50:07 223,856 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.PowerPoint\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2008-09-26 07:11:58 226,712 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.PowerPoint\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
- 2005-04-13 10:50:06 20,080 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.SmartTag\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll
+ 2008-09-26 07:11:33 22,928 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.SmartTag\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll
- 2005-04-13 10:50:07 662,120 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Word\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
+ 2008-09-26 07:11:52 664,968 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Word\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
- 2005-04-13 10:50:06 371,296 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll
+ 2008-09-26 07:11:18 374,152 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll
- 2005-04-13 10:50:07 64,088 -c--a-w C:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
+ 2008-09-26 07:11:17 66,936 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
- 2005-04-13 10:50:07 223,800 -c--a-w C:\WINDOWS\assembly\GAC\office\11.0.0.0__71e9bce111e9429c\OFFICE.DLL
+ 2008-09-26 07:11:12 226,656 ----a-w C:\WINDOWS\assembly\GAC\office\11.0.0.0__71e9bce111e9429c\OFFICE.DLL
+ 2003-07-15 02:57:34 38,968 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\AUTHZAX.DLL
+ 2003-07-15 02:53:06 94,768 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\AW.DLL
+ 2003-07-15 02:53:22 46,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\BLNMGRPS.DLL
+ 2003-07-15 02:56:54 14,904 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\DSITF.DLL
+ 2003-07-15 02:57:14 98,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\DSSM.EXE
+ 2005-04-13 10:50:06 1,100,392 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\EXCELPIA.DLL
+ 2003-07-15 02:41:44 13,368 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\FINDER.EXE
+ 2002-10-07 13:49:36 192,573 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\FORM.DLL
+ 2005-04-13 10:50:06 371,296 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\FORMSPIA.DLL
+ 2003-07-15 02:40:12 179,768 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\FPERSON.DLL
+ 2003-07-15 02:40:12 165,944 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\FPLACE.DLL
+ 2005-04-13 10:50:06 141,928 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\GRAPHPIA.DLL
+ 2003-06-18 21:31:10 252,928 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\MDIINK.DLL
+ 2003-07-15 02:57:14 124,480 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\MSB1CORE.DLL
+ 2003-07-15 03:12:22 47,872 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\MSB1XTOR.DLL
+ 2003-07-15 02:56:14 40,504 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\MSE7.EXE
+ 2003-07-15 12:51:44 87,104 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\MSENCODE.DLL
+ 2003-07-15 02:52:52 17,464 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\MSMH.DLL
+ 2003-07-15 02:57:16 120,888 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\MSOAUTH.DLL
+ 2003-07-15 02:52:52 27,704 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\MSODCW.DLL
+ 2003-07-15 02:44:06 25,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\MSOEURO.DLL
+ 2003-07-15 02:52:56 55,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\MSOHTMED.EXE
+ 2003-07-15 02:56:16 54,328 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\MSOMSE.DLL
+ 2003-07-11 16:15:48 1,292,872 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\MSONSEXT.DLL
+ 2003-07-15 07:18:52 376,888 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\MSORUN.DLL
+ 2003-07-15 02:52:54 28,224 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\MSOSTYLE.DLL
+ 2003-07-15 02:52:52 35,896 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\MSOSV.DLL
+ 2003-07-15 02:53:00 55,872 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\MSOSVABW.DLL
+ 2003-07-15 02:53:20 39,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\MSOSVFBR.DLL
+ 2003-07-15 02:46:16 42,040 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\MSOXEV.DLL
+ 2003-07-15 02:45:12 55,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\MSOXMLED.EXE
+ 2003-07-15 02:45:12 39,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\MSOXMLMF.DLL
+ 2003-06-18 21:31:54 788,480 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\MSPFILT.DLL
+ 2003-06-18 21:31:50 16,384 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\MSPGIMME.DLL
+ 2003-06-19 20:05:52 128,104 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\MSPSCAN.EXE
+ 2003-06-19 20:05:50 364,648 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\MSPVIEW.EXE
+ 2003-07-15 03:02:42 637,496 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\MSQRY32.EXE
+ 2003-07-15 02:52:58 41,528 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\MSSH.DLL
+ 2005-04-13 10:50:06 20,080 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\MSTAGPIA.DLL
+ 2003-07-15 03:00:54 145,984 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\MSWEBCAP.DLL
+ 2003-07-15 02:57:10 56,888 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\NAME.DLL
+ 2003-07-15 02:56:52 13,888 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\NPOFFICE.DLL
+ 2003-06-18 21:31:58 6,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\OCRPS.DLL
+ 2005-04-13 10:50:07 223,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\OFFICE.DLL
+ 2003-07-15 07:14:26 242,240 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\OISGRAPH.DLL
+ 2005-04-13 10:50:07 35,448 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\OLCTLPIA.DLL
+ 2003-07-15 03:05:24 1,054,264 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\OMFC.DLL
+ 2003-07-15 02:44:34 102,968 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\OUTLCTL.DLL
+ 2005-04-13 10:50:07 408,176 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\OUTLPIA.DLL
+ 2003-07-15 02:43:16 49,208 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\OUTLWAB.DLL
+ 2005-04-13 10:50:07 461,416 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\OWC11PIA.DLL
+ 2003-07-15 07:18:44 93,752 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\PP7X32.DLL
+ 2005-04-13 10:50:07 223,856 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\PPTPIA.DLL
+ 2002-10-07 14:11:00 167,997 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\PSOM.DLL
+ 2003-05-09 01:54:00 77,824 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\REFEDIT.DLL
+ 2003-07-15 02:57:08 40,512 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\REFIEBAR.DLL
+ 2002-10-07 13:49:42 81,984 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\REVERSE.DLL
+ 2003-07-21 15:46:38 390,712 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\RTFHTML.DLL
+ 2003-07-15 02:57:18 349,248 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\SELFCERT.EXE
+ 2003-07-15 02:44:16 66,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\SENDTO.DLL
+ 2003-07-15 02:57:08 58,944 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\SEQCHK10.DLL
+ 2003-07-15 02:53:14 11,848 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\SMARTTAGINSTALL.EXE
+ 2002-10-07 13:53:04 106,561 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\THOCRAPI.DLL
+ 2002-10-07 13:50:44 241,729 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\TWCUTCHR.DLL
+ 2002-10-07 13:51:04 180,289 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\TWCUTLIN.DLL
+ 2002-10-07 13:51:14 147,520 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\TWLAY32.DLL
+ 2002-10-07 13:51:20 102,467 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\TWORIENT.DLL
+ 2002-10-07 13:50:04 118,847 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\TWRECE.DLL
+ 2002-10-07 13:49:56 81,983 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\TWRECS.DLL
+ 2002-10-07 13:51:44 221,252 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\TWSTRUCT.DLL
+ 2003-07-15 02:57:40 59,960 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\UNBIND.EXE
+ 2005-04-13 10:50:07 64,088 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\VBIDEPIA.DLL
+ 2005-04-13 10:50:07 662,120 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\WORDPIA.DLL
+ 2002-10-07 14:03:34 1,794,113 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\XIMAGE3B.DLL
+ 2003-04-30 15:52:32 1,581,120 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\XPAGE3C.DLL
+ 2003-01-17 18:03:34 59,466 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.5614\XSCAN32.DAT
+ 2001-06-05 12:13:22 289,926 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.8173\ENGDIC.DAT
+ 2001-06-05 12:13:22 34,168 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.8173\ENGIDX.DAT
+ 2001-06-05 12:13:24 18,844 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.8173\JFONT.DAT
+ 2001-06-05 12:13:26 65,536 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.8173\LOOKUP.DAT
+ 2005-05-04 04:06:28 465,640 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.8173\MSDMENG.DLL
+ 2005-05-04 04:06:32 1,411,816 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.8173\MSDMINE.DLL
+ 2005-05-04 04:06:26 199,408 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.8173\MSMDUN80.DLL
+ 2001-10-23 04:13:42 53,260 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.8173\OCRHC.DAT
+ 2001-06-05 12:13:26 40,972 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\9040211900063D11C8EF10054038389C\11.0.8173\OCRVC.DAT
- 2008-09-24 07:36:22 12,288 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-09-26 07:12:06 12,288 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-09-24 07:36:22 135,168 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-09-26 07:12:06 135,168 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-09-24 07:36:23 11,264 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-09-26 07:12:06 11,264 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-09-24 07:36:23 27,136 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-09-26 07:12:06 27,136 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-09-24 07:36:23 4,096 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-09-26 07:12:06 4,096 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-09-24 07:36:23 794,624 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-09-26 07:12:06 794,624 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-09-24 07:36:22 249,856 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-09-26 07:12:06 249,856 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-09-24 07:36:23 23,040 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-09-26 07:12:06 23,040 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-09-24 07:36:22 286,720 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-09-26 07:12:06 286,720 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-09-24 07:36:22 409,600 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-09-26 07:12:06 409,600 ----a-r C:\WINDOWS\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2005-03-17 18:39:58 1,146,320 ----a-w C:\WINDOWS\system32\FM20.DLL
+ 2007-06-06 14:53:34 1,195,888 ----a-w C:\WINDOWS\system32\FM20.DLL
- 2003-07-15 12:57:04 32,584 -c--a-w C:\WINDOWS\system32\FM20ENU.DLL
+ 2007-03-22 23:17:04 35,440 ----a-w C:\WINDOWS\system32\FM20ENU.DLL
- 2005-11-10 08:08:38 557,544 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-09-26 07:13:52 557,544 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2004-03-22 22:17:05 24,816 ----a-w C:\WINDOWS\system32\mdimon.dll
+ 2007-04-09 17:23:54 28,040 ----a-w C:\WINDOWS\system32\mdimon.dll
- 2004-03-22 22:17:02 765,680 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdigraph.dll
+ 2007-04-09 17:24:04 758,664 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdigraph.dll
- 2004-03-22 22:17:08 42,224 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdiui.dll
+ 2007-04-09 17:23:58 46,472 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mdiui.dll
- 2004-03-22 22:17:02 765,680 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdigraph.dll
+ 2007-04-09 17:24:04 758,664 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdigraph.dll
- 2004-03-22 22:17:08 42,224 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdiui.dll
+ 2007-04-09 17:23:58 46,472 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\mdiui.dll
- 2004-03-22 22:17:06 25,840 ----a-w C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
+ 2007-04-09 17:23:54 28,552 ----a-w C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PicoZip"="C:\PROGRA~1\PicoZip\PicoZipTray.exe" [2004-07-05 449536]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-01-18 196608]
"RoboForm"="C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2005-06-26 118784]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2005-06-14 6856704]
"AOL Fast Start"="C:\Program Files\America Online 9.0h\AOL.EXE" [2005-07-12 50776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"HPHUPD06"="c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 49152]
"HPHmon06"="C:\WINDOWS\system32\hphmon06.exe" [2004-06-07 659456]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 233472]
"AOLDialer"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" [2004-10-20 34904]
"MotiveMonitor"="C:\Program Files\Motive\AsstCommon\motmon.exe" [2002-09-27 135168]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-03-24 172032]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2004-12-09 180269]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2004-08-07 98304]
"DXM6Patch_981116"="C:\WINDOWS\p_981116.exe" [1998-11-30 497376]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 221184]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-01-18 458752]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-01-18 217088]
"KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 61440]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2004-10-25 90112]
"AOLSPScheduler"="C:\Program Files\Common Files\AOL\1100862348\ee\services\sscAntiSpywarePlugin\ver1_10_3_1\AOLSP Scheduler.exe" [2005-11-30 8808]
"sscRun"="C:\Program Files\Common Files\AOL\1100862348\ee\services\sscFirewallPlugin\ver1_10_3_1\SSCRun.exe" [2005-11-30 136808]
"OASClnt"="C:\Program Files\mcafee.com\antivirus\oasclnt.exe" [2005-08-18 116272]
"EmailScan"="C:\Program Files\mcafee.com\antivirus\mcvsescn.exe" [2005-10-19 460336]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-17 49152]
"Pure Networks Port Magic"="C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" [2004-04-05 99480]
"MPFExe"="C:\Program Files\mcafee.com\personal firewall\MPfTray.exe" [2005-11-04 988712]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 36975]
"HostManager"="C:\Program Files\Common Files\AOL\1100862348\ee\AOLSoftware.exe" [2005-12-15 50792]
"Accelerate2002"="C:\Program Files\Webroot\Accelerate\accelerate2002.exe" [2001-11-16 1696256]
"VTTimer"="VTTimer.exe" [2004-10-22 C:\WINDOWS\system32\VTTimer.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2005-03-04 C:\WINDOWS\AGRSMMSG.exe]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Digital Lifeline.lnk - C:\Program Files\Digital Lifeline\bin\mpbtn.exe [2004-11-18 172032]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-05-29 241664]
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2004-11-01 163840]
Updates from HP.lnk - C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe [2004-08-07 16423]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3acm"= l3codecp.acm
"VIDC.VDOM"= vdowave.drv
"VIDC.MPG4"= msscmc32.dll
"VIDC.TR20"= tr2032.dll
"msacm.voxacm119"= vdk32119.acm
"vidc.vivo"= ivvideo.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Updates from HP\\309731\\Program\\Updates from HP.exe"=
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"C:\\Program Files\\America Online 9.0a\\waol.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\America Online 9.0b\\waol.exe"=
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"=
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"=
"C:\\Program Files\\Common Files\\AOL\\1100862348\\EE\\AOLServiceHost.exe"=
"C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"=
"C:\\Program Files\\America Online 9.0c\\waol.exe"=
"C:\\Program Files\\StreamCast\\Morpheus\\MorphEXE.exe"=
"C:\\Program Files\\Album Galaxy\\AlbumGalaxy.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
.
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.yahoo.com/
R0 -: HKLM-Main,Start Page = hxxp://www.msn.com
R0 -: HKLM-Main,Window Title = Microsoft Internet Explorer provided by Comcast
R1 -: HKCU-Internet Connection Wizard,ShellNext = iexplore
O8 -: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\aoltbhtml.dll/search.html
O8 -: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 -: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 -: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 -: E&xport to Microsoft Excel - C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 -: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 -: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 -: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 -: {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/
O9 -: {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/
O9 -: {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/
O9 -: {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ -
O9 -: {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ -
O9 -: {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ -
O17 -: HKLM\CCS\Interface\{51E4626B-F65F-4546-8D37-D843B5C9132A}: NameServer = 208.67.222.222,208.67.220.220
O17 -: HKLM\CCS\Interface\{E6C10EB8-1ABD-465A-A433-10064B5A181F}: NameServer = 208.67.222.222,208.67.220.220
O18 -: Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} -
O18 -: Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} -
O18 -: Name-Space Handler: HTTPS\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} -

O16 -: Microsoft XML Parser for Java - file://C:\WINDOWS\Java\classes\xmldso.cab
C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd
.
.
------- File Associations -------
.
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-26 03:31:43
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-09-26 3:46:24
ComboFix-quarantined-files.txt 2008-09-26 07:46:18
ComboFix2.txt 2008-09-26 07:07:47

Pre-Run: 162,826,493,952 bytes free
Post-Run: 162,811,228,160 bytes free

322 --- E O F --- 2008-09-26 07:12:55
  • 0

#10
RatHat
Posted 26 September 2008 - 04:02 AM

RatHat

    Ex Malware Expert

  • Expert
  • 7,829 posts
Please uninstall the following programs:

BitTorrent 3.4.2
Hoyle Demo
Hoyle Puzzle Games 2003
ICOO Loader 2.5
ShareazaPlus version 2.3.0.0
Ultimate ZIP Cracker
Viewpoint Media Player

  • Go to Start then Settings, then Control Panel
  • Choose Add or Remove Programs
  • Remove all of the above

It also looks like you have two AntiVirus programs installed. Only one is required, so please uninstall one of the following:
  • AOL Antivirus
  • avast! antivirus 4.6.691
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


OK, lets get rid of some more junk.

1. Please open Notepad
  • Click Start , then Run
  • Type notepad .exe in the Run Box.

2. Now copy/paste the entire content of the codebox below into the Notepad window:

File::
C:\DOCUME~1\HP_Owner\LOCALS~1\Temp\nsqC.tmp
C:\DOCUME~1\HP_Owner\LOCALS~1\Temp\nsqD.tmp
C:\WINDOWS\Tasks\DA9C7E709C8C448C.job
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\dowmload prog\Norton.Antivirus.2004.PRO.KEYGEN.exe
C:\DOCUME~1\HP_Owner\My Documents\Downloads\Limewire Lime Wire Pro v.4.8.1+Crack+Java.zip

Folder::
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials
C:\DOCUME~1\HP_Owner\APPLIC~1\surfdr~1
C:\DOCUME~1\LOCALS~1\APPLIC~1\surfdr~1
C:\Program Files\surfdr~1
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Yahoo Games and Cracks
C:\DOCUME~1\HP_Owner\My Documents\Downloads\Metadata
C:\DOCUME~1\HP_Owner\My Documents\Unzipped
C:\Program Files\Viewpoint
C:\Documents and Settings\All Users\Application Data\Viewpoint
C:\DOCUME~1\HP_Owner\APPLIC~1\BFGTOOLBAR
C:\DOCUME~1\HP_Owner\APPLIC~1\Kazaa Lite
C:\DOCUME~1\HP_Owner\APPLIC~1\Shareaza
C:\DOCUME~1\HP_Owner\APPLIC~1\ShareazaPlus
C:\Program Files\BFG
C:\Program Files\bfgtoolbar
C:\Program Files\Free Offers from Freeze.com
C:\Program Files\Free Offers from RI Soft Systems
C:\Program Files\Grokster
C:\Program Files\ICOO Loader
C:\Program Files\ImTOO
C:\Program Files\Incomplete
C:\Program Files\Morpheus Download Client
C:\Program Files\MyWay
C:\Program Files\PopCap Games
C:\Program Files\ScreenSaver.com
C:\Program Files\Screensavers.com
C:\Program Files\ShareazaPlus
C:\Program Files\Torrent Search
C:\Program Files\Zone.com Deluxe Games
C:\Program Files\ZoneOrchestrator

Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\StreamCast\\Morpheus\\MorphEXE.exe"=-

Driver::
memsysdrv

3. Save the above as CFScript.txt

4. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

Posted Image

5. After reboot, (in case it asks to reboot), please post the Combofix.txt report into your next reply.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Please download JavaRa to your desktop and unzip it to its own folder
  • Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.
  • Open JavaRa.exe again and select Search For Updates.
  • Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version (Java Runtime Environment (JRE) 6 Update 7) for your computer.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Please run an online scan with Kaspersky WebScanner.
Note: You must use Internet Explorer to run this scan, and you must disable your Anti Virus program during the scan.

Click the Accept button.

You will be prompted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
    Extended (if available otherwise Standard)
    • Scan Options:
    Scan Archives
    Scan Mail Bases
  • Click OK
  • Now under select a target to scan:Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display the results if your system has been infected.
    • Now click on the View scan report link:
  • Click the Save report as button
  • Under Save as type, choose Text file (*.txt)
  • Save the file to your desktop as Kaspersky.txt
  • Copy and paste that information in your next post.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

So in your next reply, please include the following logs:
  • The contents of Combofix.txt
  • The contents of Kaspersky.txt
Regards,
RatHat
  • 0

Advertisements

#11
crazyeagle
Posted 26 September 2008 - 07:17 AM

crazyeagle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 93 posts
ok to start off again ty for being so nice i ty soooo much

now ... had a few problems with some of the things you asked me to do he is a list of the problems


tried removing all programs u said to
the following error messages came up for each when trying to remove them





avast! antivirus 4.6.691

-error loading C;\progra~1\ALWILS~1\advast\setup\setiface.dll
the specified file could not be found



Hoyle Demo
Hoyle Puzzle Games 2003

would start to uninstall then would just stop i tried 4 times same thing each time


ShareazaPlus version 2.3.0.0

file c:\programfiles\shareazaplus\uninstall\unins000.datdoes not exist cannot uninstall







could not run Kaspersky WebScanner as the bad computer is not able to view web pages at this time
can only use chat programs like AIM am transfering all needed programs your asking for from this comp to
bad comp through AIM







now for the logs you asked for






ComboFix 08-09-25.03 - HP_Owner 2008-09-26 8:31:42.3 - NTFSx86
Running from: C:\Documents and Settings\HP_Owner\Desktop\fix\ComboFix.exe
Command switches used :: C:\Documents and Settings\HP_Owner\Desktop\fix\CFScript.txt

FILE ::
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\dowmload prog\Norton.Antivirus.2004.PRO.KEYGEN.exe
C:\DOCUME~1\HP_Owner\LOCALS~1\Temp\nsqC.tmp
C:\DOCUME~1\HP_Owner\LOCALS~1\Temp\nsqD.tmp
C:\DOCUME~1\HP_Owner\My Documents\Downloads\Limewire Lime Wire Pro v.4.8.1+Crack+Java.zip
C:\WINDOWS\Tasks\DA9C7E709C8C448C.job
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\DOCUME~1\HP_Owner\APPLIC~1\Kazaa Lite
C:\DOCUME~1\HP_Owner\APPLIC~1\Kazaa Lite\db\data1024.dbb
C:\DOCUME~1\HP_Owner\APPLIC~1\Kazaa Lite\db\data256.dbb
C:\DOCUME~1\HP_Owner\APPLIC~1\Kazaa Lite\db\np.tmp
C:\DOCUME~1\HP_Owner\APPLIC~1\Shareaza
C:\DOCUME~1\HP_Owner\APPLIC~1\ShareazaPlus
C:\DOCUME~1\HP_Owner\APPLIC~1\ShareazaPlus\Collections\SThumbs.dat
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\#.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\a.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\b.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\c.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\d.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\e.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\f.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\g.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\h.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\i.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\j.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\k.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\l.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\m.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\n.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\o.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\p.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\q.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\r.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\s.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\t.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\u.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\v.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\w.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\y.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\cerials\z.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Cracks\R\A\RA_Rebound_Lost_Worlds_Recharged.zip
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Cracks\R\E\Rebound_Lost_Worlds_v1.0_build_11_RN_1024x768_Fix.zip
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Cracks\R\E\Rebound_Lost_Worlds_v1.0_build_11_RN_Patch_by_FFF.zip
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\ea.games.multi.keygen.exe
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Hackerspider.de.lnk
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Shareaza.lnk
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Yahoo Games and Cracks\1My Site.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Yahoo Games and Cracks\Game Cracks.txt
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Yahoo Games and Cracks\Gem Drop.exe
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Yahoo Games and Cracks\Glinx.exe
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Yahoo Games and Cracks\Letter Linker.exe
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Yahoo Games and Cracks\Mahjong.exe
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Yahoo Games and Cracks\Pop & Drop.exe
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Yahoo Games and Cracks\Solitaire 1.exe
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Yahoo Games and Cracks\Super Text Twist.exe
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\cracks & serials\Yahoo Games and Cracks\What Word.exe
C:\DOCUME~1\HP_Owner\Desktop\old stuff on here\dowmload prog\Norton.Antivirus.2004.PRO.KEYGEN.exe
C:\DOCUME~1\HP_Owner\My Documents\Downloads\Limewire Lime Wire Pro v.4.8.1+Crack+Java.zip
C:\DOCUME~1\HP_Owner\My Documents\Downloads\Metadata
C:\DOCUME~1\HP_Owner\My Documents\Unzipped
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\(full version) hack zone.com\YSB_toolBar.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\(full version) zone spades hack\License.txt
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\(full version) zone spades hack\YSB_toolBar.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\(livestream) xxx dwarf 43\install.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\(livestream) xxx dwarf 43\main.idx
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\~~ zone spades hack\YSB_toolBar.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\03_back\003_image00451.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\03_back\005_image00672.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\03_back\03_back.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\03_back\ATT4.txt
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\03_back\IMSTP.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\03_back\peaceinthevalley3.mid
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\03_back\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\07[1]\07.mpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\07[1]\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\08[1]\08.mpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\08[1]\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\09[1]\09.mpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\09[1]\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\10[1]\10.mpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\10[1]\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\100_0077\100_0077.JPG
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\100_0077\100_0078.JPG
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\100_0077\100_0079.JPG
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\100_0077\100_0080.JPG
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\100_0077\100_0081.JPG
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\100_0077\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\15[1]\15.mpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\15[1]\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\18[1]\18.mpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\18[1]\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\23[1]\23.mpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\23[1]\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\28519_Rock96974\Rock96974.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\2seattoilet\2seattoilet.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\2seattoilet\ReadMe.txt
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\32238_RRstringstheorystereospeaker\RRstringstheorystereospeaker.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\32238_RRstringstheorystereospeaker\RRstringstheorystereospeaker.txt
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\34968_TSE0_42_4\README.txt
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\34968_TSE0_42_4\setup.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\34968_TSE0_42_4\SETUP.LST
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\34968_TSE0_42_4\TSE.CAB
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\Transmogrifier-1.4.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierChanges.htm
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierDocumentation.htm
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierGlossary.htm
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierImages\ClonedFlamingo.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierImages\CloneFlamingo.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierImages\EditFlamingo.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierImages\EditGreenFlamingo.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierImages\ExploringMyDocuments.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierImages\ExploringSprites.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierImages\ExportedGreenFlamingo.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierImages\ExportGreenFlamingo.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierImages\ExportGreenFlamingoSave.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierImages\GreenFlamingoAfter.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierImages\GreenFlamingoAfterTransparent.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierImages\GreenFlamingoBefore.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierImages\GreenFlamingoBeforeTransparent.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierImages\GreenFlamingoInTheCatalog.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierImages\GreenFlamingoInTheWorldLarge.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierImages\GreenFlamingoInTheWorldLarge2.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierImages\GreenFlamingoInTheWorldMedium.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierImages\GreenFlamingoInTheWorldSmall.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierImages\ImportedGreenFlamingo.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierImages\ImportGreenFlamingoOpen.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierImages\PhotoshopAfter.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierImages\PhotoshopBefore.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierImages\PhotoshopHue.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierImages\SelectedFlamingo.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierImages\TransmogrifierWindow.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierImages\ViewFlamingo.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierImages\ViewGreenFlamingo.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierNotice.htm
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\35008_Transmogrifier1_4\The Sims Transmogrifier 1.4\TransmogrifierDocumentation\TransmogrifierTutorial1.htm
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\36_1_55\36_1_55.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\36_1_55\sig.jsp_pc=ZSzeb064&pp=ZSYYYYYYYYUS
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\36_1_55\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\4757\111122_light_wood.flr
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\4757\111124_medium_wood.flr
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\4757\111126_Natural_wood.flr
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\4757\111132_redwood_Floor.flr
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\4757\111134_rose_tile.flr
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\4757\111138_Wood_floor_a.flr
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\50068_janine\Janine25710.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\51731_sculptures534521\sculptures534521.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\58805_ouijaboardlj\ouijaboardlj33121.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\65892_blueprint-1.0.0\setup.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\72200_RavWhiteLoft\RavWhiteLoft.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\AS3k_cheapmaxchair\AS3k_cheapmaxchair_2298.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\AS3k_cheapmaxchair\Cheap Max Comfort chair.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\AS3k_cheapmaxchair\Read-me.txt
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\AS3k_cheapmaxchair\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\AS3k_excercise_machine\AS3k_excercise machine.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\AS3k_excercise_machine\AS3k_exercimach_0329.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\AS3k_excercise_machine\Read-me.txt
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\AS3k_excercise_machine\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\AS3k_Expensive_Hacked_Diningchair\AS3k_diningchair2677.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\AS3k_Expensive_Hacked_Diningchair\Expensive Hacked Diningchair.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\AS3k_Expensive_Hacked_Diningchair\Read-me.txt
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\AS3k_Expensive_Hacked_Diningchair\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\AS3k_Fountain_of_Relief\as3k_fountain8763.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\AS3k_Fountain_of_Relief\Fountain of Relief.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\AS3k_Fountain_of_Relief\Read-me.txt
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\AS3k_Fountain_of_Relief\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\AS3k_maxcharismamirror\AS3k_maxcharismirror_6719.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\AS3k_maxcharismamirror\Max Charisma Mirror.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\AS3k_maxcharismamirror\Read-me.txt
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\AS3k_maxcharismamirror\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\AS3k_moneysculpture\as3k_moneysculpture.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\AS3k_moneysculpture\as3k_moneysculpture_3880.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\AS3k_moneysculpture\Read-me.txt
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\AS3k_Speedreaderbookcase\AS3k_bookcases__7103.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\AS3k_Speedreaderbookcase\Read-me.txt
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\AS3k_Speedreaderbookcase\Speedreader Bookcase.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\aswrule\aswrule.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\aswrule\clip_image002.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\aswrule\SweetsBkgrd.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\aswrule\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00024\ATT00024.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00024\ATT00027.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00024\ATT00030.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00024\ATT00033.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00024\ATT00036.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00024\ATT00039.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00024\ATT00042.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00024\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00030\ATT00030.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00030\ATT00033.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00030\ATT00036.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00030\ATT00039.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00030\ATT00042.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00030\ATT00045.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00030\ATT00048.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00030\ATT00051.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00030\ATT00054.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00030\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00077\ATT00077.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00077\ATT00080.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00077\ATT00083.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00077\ATT00086.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00077\ATT00089.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00077\ATT00092.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00077\ATT00095.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00077\ATT00098.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00077\ATT00101.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00077\ATT00104.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00077\ATT00107.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00077\ATT00110.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00077\ATT00113.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00077\ATT00116.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00077\ATT00119.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00077\ATT00122.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00077\ATT00125.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00077\ATT00128.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00077\ATT00131.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00077\ATT00134.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00077\ATT00137.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00077\ATT00140.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00077\ATT00143.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT00077\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT166090\ATT166090.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT166090\ATT166090.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT166090\file000.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT166090\file001.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT166090\file002.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT166090\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT388351\ATT388351.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT388351\file000.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT388351\file001.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT388351\file002.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT388351\file003.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ATT388351\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\BearShare Pro 4.6.0 +Crack (Works 100%)\BearShare Pro 4.6.0 +Crack (Works 100%)\BSPROINSTALL.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\BearShare Pro 4.6.0 +Crack (Works 100%)\BearShare Pro 4.6.0 +Crack (Works 100%)\crack.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\burglaralarm142569everythingup100\burglaralarm142569.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\burglaralarm142569everythingup100\HouseRejuv.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\burglaralarm142569everythingup100\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\ccaglasswoodshelf2\ccaglasswoodshelf2.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\converts ALLtrial version software to full working version (works on photoshop flash dreamweaver nor\install.swf
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\converts ALLtrial version software to full working version (works on photoshop flash dreamweaver nor\Undisker\Flash.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\converts ALLtrial version software to full working version (works on photoshop flash dreamweaver nor\Undisker\Help.chm
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\converts ALLtrial version software to full working version (works on photoshop flash dreamweaver nor\Undisker\INSTALL.LOG
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\converts ALLtrial version software to full working version (works on photoshop flash dreamweaver nor\Undisker\license.txt
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\converts ALLtrial version software to full working version (works on photoshop flash dreamweaver nor\Undisker\readme.rtf
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\converts ALLtrial version software to full working version (works on photoshop flash dreamweaver nor\Undisker\register.url
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\converts ALLtrial version software to full working version (works on photoshop flash dreamweaver nor\Undisker\Undisker.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\EmergencyAid\EmergencyAid.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Everyonepainting\Everyonepainting.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\fit_fem_nude_rrw\b300faFit_01.cmx
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\fit_fem_nude_rrw\B300FAFitdrk_nude1_rrw.bmp
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\fit_fem_nude_rrw\B300FAFitdrk_nude2_rrw.bmp
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\fit_fem_nude_rrw\B300FAFitdrk_nude3_rrw.bmp
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\fit_fem_nude_rrw\B300FAFitdrk_nude4_rrw.bmp
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\fit_fem_nude_rrw\B300FAFitlgt_nude1_rrw.bmp
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\fit_fem_nude_rrw\B300FAFitlgt_nude2_rrw.bmp
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\fit_fem_nude_rrw\B300FAFitlgt_nude3_rrw.bmp
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\fit_fem_nude_rrw\B300FAFitlgt_nude4_rrw.bmp
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\fit_fem_nude_rrw\B300FAFitmed_nude1_rrw.bmp
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\fit_fem_nude_rrw\B300FAFitmed_nude2_rrw.bmp
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\fit_fem_nude_rrw\B300FAFitmed_nude3_rrw.bmp
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\fit_fem_nude_rrw\B300FAFitmed_nude4_rrw.bmp
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\fit_fem_nude_rrw\readme.txt
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\fit_fem_nude_rrw\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\fit_fem_nude_rrw\xskin-b300faFit_01-MBODY.skn
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Free ringtones converter software! Download ring tones for your cell phone!(1)\02-camron-family_ties_part_2-whoa.mp3
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\freedom111111\AMERIC~1111222222.GIF
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\freedom111111\america17119887179101011339109.wav
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\freedom111111\forward.txt
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\freedom111111\freedom111111.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\freedom111111\image00121222344333.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\freedom111111\image00232333455444.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\freedom111111\image00343444566555.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\freedom111111\image00454555677666.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\freedom111111\image00565666788777.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\freedom111111\image00676777899888.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\freedom111111\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\FwFWSpre\file000.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\FwFWSpre\file001.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\FwFWSpre\file002.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\FwFWSpre\file003.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\FwFWSpre\file004.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\FwFWSpre\file005.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\FwFWSpre\file006.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\FwFWSpre\file007.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\FwFWSpre\file008.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\FwFWSpre\file009.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\FwFWSpre\file010.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\FwFWSpre\file011.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\FwFWSpre\file012.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\FwFWSpre\file013.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\FwFWSpre\file014.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\FwFWSpre\file015.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\FwFWSpre\file016.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\FwFWSpre\file017.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\FwFWSpre\file018.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\FwFWSpre\file019.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\FwFWSpre\file020.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\FwFWSpre\FwFWSpre.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\FwFWSpre\FwFWSpre.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\FwFWSpre\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\FwSenior\Fw_SeniorSocialParty.eml
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\FwSenior\FwSenior.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\FwSenior\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Grokster Pro 1.7 Ad-Free With Crack And No Spyware - Uses Same Network As Kazaa And The Original Morpheus\EM.nfo
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Grokster Pro 1.7 Ad-Free With Crack And No Spyware - Uses Same Network As Kazaa And The Original Morpheus\GrokLoader.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Grokster Pro 1.7 Ad-Free With Crack And No Spyware - Uses Same Network As Kazaa And The Original Morpheus\groksterpro.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\hack zone.com (1)\YSB_toolBar.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\hack zone.com\YSB_toolBar.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\HappyPainting\Happy Painting.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\image001\image001.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\image001\image002.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\image001\image003.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\image001\image004.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\image001\image005.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\image001\image006.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\image001\image007.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\image001\image008.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\image001\image009.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\image001\image010.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\image001\image011.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\image001\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\image0022\darkimg.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\image0022\image0022.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\image0022\image0033.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\image0022\image0044.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\image0022\image0055.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\image0022\image0066.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\image0022\image0077.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\image0022\image0088.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\image0022\image0099.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\image0022\image01010.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\image0022\image01111.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\image0022\image01212.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\image0022\image01313.gif
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\image0022\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\JudTank\JudTank.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Limewire Lime Wire Pro v.4.8.1+Crack+Java\Limewire Lime Wire Pro v.4.8.1+Crack+Java\Java Runtime Environment.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Limewire Lime Wire Pro v.4.8.1+Crack+Java\Limewire Lime Wire Pro v.4.8.1+Crack+Java\Lime Wire Pro 4.8.1.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\MagicFountain\MagicFountain\readme.txt
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\MagicFountain\MagicFountain\SimsBasementMagicFtn.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\MEN!\MEN!.dat
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\MEN!\unknown.unk
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\mime-attachment\file000.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\mime-attachment\file001.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\mime-attachment\file002.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\mime-attachment\file003.jpg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\mime-attachment\mime-attachment.jpeg
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\mime-attachment\Thumbs.db
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Mobile Music Polyphonic 1.5 + Serial convert midi and mp3 to mmf ringtones\reginfo.txt
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Mobile Music Polyphonic 1.5 + Serial convert midi and mp3 to mmf ringtones\RegMMPoly.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Motive Enhancer\motiveenhancer.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\msmoneytree\msmoneytree234608.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\MysticalGenieGoldPot\MysticalGenieGoldPot.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Negativeracoonalarm[1]\Negativeracoonalarm.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Tetris Arcade - Full Version - Nice Sound And Graphics!\Infos and Hints.txt
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Tetris Arcade - Full Version - Nice Sound And Graphics!\Tetris Arcade!.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Tetris Arcade - Full Version - Nice Sound And Graphics!\X-PRESSIVE QuickLaunch.url
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\3WAY
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\69
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\ABOUT
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\BB1
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\BB2
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\BB3
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\BEDROOM
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\BRM1
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\BRM2
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\BRM3
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\BRM4
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\BRM5
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\BRM6
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\BRM7
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\BRM8
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\BRM9
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\DG1
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\DUNGEON
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\FINALE
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\GARAGE
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\GTF1
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\GTF2
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\H01
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\H02
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\H03
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\H04
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\H05
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\H06
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\H07
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\H08
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\H09
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\H10
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\PANIC
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\SCORE
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\SELF1
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\SELF2
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\SELF3
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\SHARED.DXR
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\DATA\STRAP
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\READ_ME__MAC_
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\README.WRI
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\Valerie2.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\VV2
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\VV2INTRO\A1
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\VV2INTRO\ABOUT
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\VV2INTRO\IB1
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\VV2INTRO\IB10
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\VV2INTRO\IB11
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\VV2INTRO\IB12
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\VV2INTRO\IB13
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\VV2INTRO\IB2
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\VV2INTRO\IB3
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\VV2INTRO\IB4
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\VV2INTRO\IB5
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\VV2INTRO\IB6
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\VV2INTRO\IB7
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\VV2INTRO\IB8
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\VV2INTRO\IB9
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\VV2INTRO\PANIC
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\VV2INTRO\SCORE
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\VV2INTRO\SHARED.DXR
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\PC Games - Virtual Valerie 2 - Adult XXX Sex Game (size 25,317,165)\VV2INTRO\TITLE
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\10 Gamehouse Games\Bounce Out\SERIAL.TXT
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\10 Gamehouse Games\Bounce Out\Setup.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\10 Gamehouse Games\CandyInstall.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\10 Gamehouse Games\GemDropInstall.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\10 Gamehouse Games\GlinxInstall2.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\10 Gamehouse Games\LetterLinkerInstall.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\10 Gamehouse Games\NisquallyInstall.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\10 Gamehouse Games\serials.txt
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\10 Gamehouse Games\SolitaireInstall.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\10 Gamehouse Games\TextTwistInstall.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\10 Gamehouse Games\WhatWordInstall.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\8 PopCap Games\Alchemy\WinAlchemy Crack.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\8 PopCap Games\Alchemy\WinAlchemy_setup.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\8 PopCap Games\Atomica Deluxe\! SCF !.nfo
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\8 PopCap Games\Atomica Deluxe\Crack.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\8 PopCap Games\Atomica Deluxe\WinAtomica_setup.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\8 PopCap Games\bejeweled 123\Bejeweled_setup1.23.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\8 PopCap Games\bejeweled 123\FILE_ID.DIZ
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\8 PopCap Games\bejeweled 123\LasH.nfo
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\8 PopCap Games\bejeweled 123\patch.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\8 PopCap Games\Big Money Deluxe\BigMoney1_11_patch.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\8 PopCap Games\Big Money Deluxe\WinBMSetup.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\8 PopCap Games\Dynomite\Dynomite v1.2 Full Crack.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\8 PopCap Games\Dynomite\WinDynomite_setup.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\8 PopCap Games\MummyMaze Deluxe\MummyMaze1_1_patch.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\8 PopCap Games\MummyMaze Deluxe\WinMummyMaze_setup.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\8 PopCap Games\Noah' Ark Deluxe\NoahsArk1_1_patch.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\Popcap Gamehouse Realarcade Games With Serials [found via www.FileDonkey.com]\Documents and Settings\Brian\Desktop\Temp\Puzzle Games\8 PopCap Games\Noah' Ark Deluxe\WinNoah_setup.exe
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\SimAidFriends\Sim Aid Friends +.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\SimAidSkills\Sim Aid Skills +.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\tsg_picture01\ReadMe.txt
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\tsg_picture01\tsg_picture01.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\tv14775heverything100friendseverything\tvs011166.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\winrar 8.2 + self extractor with keygen + rar password cracker\57000.Nokia.Logos-Ringtones.INC.Logomanager.v1.30.&.Noktool.v1.8.s0m39uy.rar
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\winrar 8.2 + self extractor with keygen + rar password cracker\winrar 8.2 + self extractor with keygen + rar password cracker.iso
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\WishingFountain\WishingFountain.iff
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\wyanekingsmagicialfountain\fountain readme.txt
C:\DOCUME~1\HP_Owner\My Documents\Unzipped\wyanekingsmagicialfountain\wyanekingsmagicialfountain.iff
C:\DOCUME~1\HP_Owner\My Documents\Un
  • 0

#12
RatHat
Posted 26 September 2008 - 07:32 AM

RatHat

    Ex Malware Expert

  • Expert
  • 7,829 posts
The Combofix log was cut off. Could you zip it and attach it for me.

To attach a file, do the following:
  • Click Add Reply
  • Under the reply panel is the Attachments Panel
  • Browse for the attachment file you want to upload, then click the green Upload button
  • Once it has uploaded, click the Manage Current Attachments drop down box
  • Click on Posted Image to insert the attachment into your post

  • 0

#13
crazyeagle
Posted 26 September 2008 - 07:52 AM

crazyeagle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 93 posts
Attached File  log.txt44444444444444444444444.txt   81.71KB   273 downloads


hope i did this right
  • 0

#14
RatHat
Posted 26 September 2008 - 08:01 AM

RatHat

    Ex Malware Expert

  • Expert
  • 7,829 posts
OK, let me see if I've got this right. You have an internet connection, but cannot view any web pages, or use Internet Explorer. Is this right?

Do you have the windows installation disks for this computer? Also do you have any important files on it?
  • 0

#15
crazyeagle
Posted 26 September 2008 - 08:11 AM

crazyeagle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 93 posts
OK, let me see if I've got this right. You have an internet connection, but cannot view any web pages, or use Internet Explorer. Is this right?


correct



Do you have the windows installation disks for this computer? No bought it 2nd hand ( starting to see i paid WAY to much 4 it )


Also do you have any important files on it? no none i have put nothing on it but what you have asked....
also ...
thr restore function through start\all programs\pc help n tools\ system restore i click it i get a blank box ...
also if i do the f10 @ start up nothing happens goes right to desktop
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP