[ComputingNewbie]

EDIT: RESOLVED. Thank you.

Hello,

I am new here and I really do not know much about computers...
but I have read posts from this forum and tried doing all the scans to remove,
yet I still keep getting pop-ups about anti-virus softwares when I start IE.
I'd really appreciate it if you could help me. Thank you.

My laptop has been infected by trojan and malware (I think that's all...)

Here are my computer specs:

Microsoft Windows XP Professional (5.1, Build 2600)
Acer
Aspire
Ver 1.00PARTTBLP
Intel® Core™2 CPU T7200 @ 2.00GHz (2 CPUs)
1022MB RAM
DirectX 9.0c (4.09.000.0904)

And I have done the following in the order as shown to try remove them:

1. ATFCleaner
2. Malwarebytes' Anti-Malware
3. ComboFix
4. Kaspersky Online Scan
5. Malwarebytes' Anti-Malware

In the next following posts I will post the logs.

Thank you for your patience.

Edited by ComputingNewbie, 06 March 2009 - 06:30 AM.

[Advertisements]

Malwarebytes' Anti-Malware Log 1

Malwarebytes' Anti-Malware 1.28
Database version: 1134
Windows 5.1.2600 Service Pack 2

2009/03/06 0:46:23
mbam-log-2009-03-06 (00-46-23).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 149332
Time elapsed: 54 minute(s), 20 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 3
Registry Keys Infected: 7
Registry Values Infected: 3
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\nunuwege.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\jasoreje.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\jsmlwr.dll (Trojan.Vundo.H) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cf723882-0e17-49e5-9e2c-14e2cebaf6f8} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cf723882-0e17-49e5-9e2c-14e2cebaf6f8} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{224f0037-e35b-4bc5-8ee2-6a98aa5d58fc} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{224f0037-e35b-4bc5-8ee2-6a98aa5d58fc} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\4f15e690 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lejopugizi (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\jsmlwr.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\nunuwege.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\egewunun.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wegabalu.dll (Trojan.BHO.H) -> Delete on reboot.
C:\WINDOWS\system32\jasoreje.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\nuyajuku.dll (Trojan.Agent) -> Quarantined and deleted successfully.

[ComputingNewbie]

Malwarebytes' Anti-Malware Log 1

Malwarebytes' Anti-Malware 1.28
Database version: 1134
Windows 5.1.2600 Service Pack 2

2009/03/06 0:46:23
mbam-log-2009-03-06 (00-46-23).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 149332
Time elapsed: 54 minute(s), 20 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 3
Registry Keys Infected: 7
Registry Values Infected: 3
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\nunuwege.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\jasoreje.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\jsmlwr.dll (Trojan.Vundo.H) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cf723882-0e17-49e5-9e2c-14e2cebaf6f8} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cf723882-0e17-49e5-9e2c-14e2cebaf6f8} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{224f0037-e35b-4bc5-8ee2-6a98aa5d58fc} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{224f0037-e35b-4bc5-8ee2-6a98aa5d58fc} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\4f15e690 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lejopugizi (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\jsmlwr.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\nunuwege.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\egewunun.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wegabalu.dll (Trojan.BHO.H) -> Delete on reboot.
C:\WINDOWS\system32\jasoreje.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\nuyajuku.dll (Trojan.Agent) -> Quarantined and deleted successfully.

[ComputingNewbie]

ComboFix Log

ComboFix 09-03-04.01 - Tony Yuwono 2009-03-06 1:27:45.3 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.2.932.1.1033.18.1022.706 [GMT 0:00]
Running from: c:\documents and settings\Tony Yuwono\Desktop\ComboFix.exe
.
The following files were disabled during the run:
c:\program files\Common Files\Logitech\LVMVFM\LVPrcInj.dll


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\seneka.sys
c:\windows\system32\drivers\senekaslvtvouo.sys
c:\windows\system32\prunnet.exe
c:\windows\system32\senekaaoyknltb.dll
c:\windows\system32\senekaiyegryju.dll
c:\windows\system32\senekaldwrthrk.dll
c:\windows\system32\senekaodcsbiqq.dat
c:\windows\system32\senekapjxvmsot.dat
c:\windows\system32\senekapop.dll
c:\windows\system32\wupobolo.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_SENEKA
-------\Service_SENEKA


((((((((((((((((((((((((( Files Created from 2009-02-06 to 2009-03-06 )))))))))))))))))))))))))))))))
.

2009-03-06 00:47 . 2009-03-06 00:47 0 --a------ c:\windows\system32\drivers\senekalmplwgot.sys
2009-03-05 23:38 . 2009-03-05 23:38 84,992 --ahs---- c:\windows\system32\gopigede.dll
2009-03-05 23:33 . 2009-03-06 01:27 6,456 --ah----- c:\windows\system32\kebobavi
2009-03-05 23:18 . 2009-03-05 23:18 <DIR> d--hs---- c:\windows\system32\lowsec
2009-02-20 04:04 . 2009-02-20 04:04 <DIR> d-------- c:\program files\Microsoft Silverlight

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-18 02:02 --------- d-----w c:\program files\SnailWeb
2009-01-16 21:35 3,594,752 ------w c:\windows\system32\dllcache\mshtml.dll
2009-01-14 02:59 --------- d-----w c:\program files\Veoh Networks
2009-01-12 20:29 --------- d-----w c:\program files\Common Files\xing shared
2009-01-12 20:28 --------- d-----w c:\program files\Real
2009-01-06 16:21 --------- d-----w c:\program files\RedBanana
2009-01-06 03:00 --------- d-----w c:\program files\MSXML 4.0
2009-01-06 00:04 15,232 ----a-w c:\windows\system32\drivers\Neo_0083.sys
2009-01-06 00:03 15,232 ----a-w c:\windows\system32\drivers\Neo_0091.sys
2008-12-19 09:10 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe
2008-12-19 09:10 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
2008-12-19 05:25 634,024 ------w c:\windows\system32\dllcache\iexplore.exe
2008-12-19 05:23 161,792 ------w c:\windows\system32\dllcache\ieakui.dll
2008-12-11 11:57 333,184 ----a-w c:\windows\system32\dllcache\srv.sys
2008-12-11 00:33 86,016 ----a-w c:\windows\system32\dpl100.dll
2008-12-11 00:33 200,704 ----a-w c:\windows\system32\dtu100.dll
2008-12-09 02:28 593,920 ----a-w c:\windows\system32\dpuGUI11.dll
2008-12-09 02:28 57,344 ----a-w c:\windows\system32\dpv11.dll
2008-12-09 02:28 344,064 ----a-w c:\windows\system32\dpus11.dll
2008-12-09 02:28 294,912 ----a-w c:\windows\system32\dpu11.dll
2005-05-13 17:12 217,073 --sha-r c:\windows\meta4.exe
2005-02-28 13:16 240,128 --sha-r c:\windows\system32\x.264.exe
2005-07-14 12:31 27,648 --sha-r c:\windows\system32\AVSredirect.dll
2005-06-26 15:32 616,448 --sha-r c:\windows\system32\cygwin1.dll
2005-06-21 22:37 45,568 --sha-r c:\windows\system32\cygz.dll
2004-01-25 00:00 70,656 --sha-r c:\windows\system32\i420vfw.dll
2008-04-13 17:49 2,828 --sha-w c:\windows\system32\KGyGaAvL.sys
2008-04-13 17:49 168 --sh--r c:\windows\system32\F1386A55A7.sys
2006-05-03 11:06 163,328 --sh--r c:\windows\system32\flvDX.dll
2007-02-21 12:47 31,232 --sh--r c:\windows\system32\msfDX.dll
2007-12-17 14:43 27,648 --sha-w c:\windows\system32\Smab0.dll
.

((((((((((((((((((((((((((((( snapshot_2009-01-05_23.39.27.96 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-12-11 10:24:44 333,184 ------w c:\windows\$hf_mig$\KB958687\SP2QFE\srv.sys
+ 2008-12-11 10:57:10 333,952 ------w c:\windows\$hf_mig$\KB958687\SP3GDR\srv.sys
+ 2008-12-11 12:34:00 333,952 ------w c:\windows\$hf_mig$\KB958687\SP3QFE\srv.sys
+ 2007-11-30 12:39:22 17,272 ------w c:\windows\$hf_mig$\KB958687\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ------w c:\windows\$hf_mig$\KB958687\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ------w c:\windows\$hf_mig$\KB958687\update\spcustom.dll
+ 2007-11-30 11:18:52 755,576 ------w c:\windows\$hf_mig$\KB958687\update\update.exe
+ 2007-11-30 11:18:52 382,840 ------w c:\windows\$hf_mig$\KB958687\update\updspapi.dll
+ 2007-11-30 12:39:22 231,288 ------w c:\windows\$NtUninstallKB958687$\spuninst\spuninst.exe
+ 2007-11-30 11:18:52 382,840 ------w c:\windows\$NtUninstallKB958687$\spuninst\updspapi.dll
+ 2008-08-28 10:04:18 333,056 ------w c:\windows\$NtUninstallKB958687$\srv.sys
+ 2008-03-12 16:20:28 266,240 ----a-w c:\windows\Downloaded Program Files\RedbananaAutoPlay.dll
+ 2008-10-16 20:38:34 124,928 ------w c:\windows\ie7updates\KB961260-IE7\advpack.dll
+ 2008-10-16 20:38:34 347,136 ------w c:\windows\ie7updates\KB961260-IE7\dxtmsft.dll
+ 2008-10-16 20:38:34 214,528 ------w c:\windows\ie7updates\KB961260-IE7\dxtrans.dll
+ 2008-10-16 20:38:36 133,120 ------w c:\windows\ie7updates\KB961260-IE7\extmgr.dll
+ 2008-10-16 20:38:36 63,488 ------w c:\windows\ie7updates\KB961260-IE7\icardie.dll
+ 2008-10-16 13:11:10 70,656 ------w c:\windows\ie7updates\KB961260-IE7\ie4uinit.exe
+ 2008-10-16 20:38:36 153,088 ------w c:\windows\ie7updates\KB961260-IE7\ieakeng.dll
+ 2008-10-16 20:38:36 230,400 ------w c:\windows\ie7updates\KB961260-IE7\ieaksie.dll
+ 2008-10-15 07:04:54 161,792 ------w c:\windows\ie7updates\KB961260-IE7\ieakui.dll
+ 2008-10-16 20:38:36 383,488 ------w c:\windows\ie7updates\KB961260-IE7\ieapfltr.dll
+ 2008-10-16 20:38:36 384,512 ------w c:\windows\ie7updates\KB961260-IE7\iedkcs32.dll
+ 2008-10-16 20:38:38 6,066,176 ------w c:\windows\ie7updates\KB961260-IE7\ieframe.dll
+ 2008-10-16 20:38:38 44,544 ------w c:\windows\ie7updates\KB961260-IE7\iernonce.dll
+ 2008-10-16 20:38:38 267,776 ------w c:\windows\ie7updates\KB961260-IE7\iertutil.dll
+ 2008-10-16 13:11:10 13,824 ------w c:\windows\ie7updates\KB961260-IE7\ieudinit.exe
+ 2008-10-15 07:06:26 633,632 ------w c:\windows\ie7updates\KB961260-IE7\iexplore.exe
+ 2008-10-16 20:38:38 27,648 ------w c:\windows\ie7updates\KB961260-IE7\jsproxy.dll
+ 2008-10-16 20:38:38 459,264 ------w c:\windows\ie7updates\KB961260-IE7\msfeeds.dll
+ 2008-10-16 20:38:38 52,224 ------w c:\windows\ie7updates\KB961260-IE7\msfeedsbs.dll
+ 2008-12-13 06:40:02 3,593,216 ------w c:\windows\ie7updates\KB961260-IE7\mshtml.dll
+ 2008-10-16 20:38:38 477,696 ------w c:\windows\ie7updates\KB961260-IE7\mshtmled.dll
+ 2008-10-16 20:38:38 193,024 ------w c:\windows\ie7updates\KB961260-IE7\msrating.dll
+ 2008-10-16 20:38:40 671,232 ------w c:\windows\ie7updates\KB961260-IE7\mstime.dll
+ 2008-10-16 20:38:40 102,912 ------w c:\windows\ie7updates\KB961260-IE7\occache.dll
+ 2008-10-16 20:38:40 44,544 ------w c:\windows\ie7updates\KB961260-IE7\pngfilt.dll
+ 2007-03-06 01:22:42 213,216 ------w c:\windows\ie7updates\KB961260-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:52 371,424 ------w c:\windows\ie7updates\KB961260-IE7\spuninst\updspapi.dll
+ 2008-10-16 20:38:40 105,984 ------w c:\windows\ie7updates\KB961260-IE7\url.dll
+ 2008-10-16 20:38:40 1,160,192 ------w c:\windows\ie7updates\KB961260-IE7\urlmon.dll
+ 2008-10-16 20:38:40 233,472 ------w c:\windows\ie7updates\KB961260-IE7\webcheck.dll
+ 2008-10-16 20:38:40 826,368 ------w c:\windows\ie7updates\KB961260-IE7\wininet.dll
+ 2006-10-26 20:12:56 396,592 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020011400000000000F01FEC\12.0.6021\MOC.EXE
+ 2007-05-08 11:10:18 16,874,376 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020011400000000000F01FEC\12.0.6021\MSO.DLL
+ 2007-03-21 18:56:50 8,425,856 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020011400000000000F01FEC\12.0.6021\OARTCONV.DLL
+ 2006-10-27 15:18:34 1,658,152 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020011400000000000F01FEC\12.0.6021\OGL.DLL
+ 2007-05-10 09:04:28 846,248 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020011400000000000F01FEC\12.0.6021\OICE.EXE
+ 2007-05-10 10:11:42 1,767,256 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020011400000000000F01FEC\12.0.6021\PPCNV.DLL
+ 2007-03-21 19:00:06 72,096 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020011400000000000F01FEC\12.0.6021\PXBCOM.EXE
+ 2007-03-21 18:58:40 4,145,520 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020011400000000000F01FEC\12.0.6021\WRD12CNV.DLL
+ 2007-03-21 18:58:46 24,416 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020011400000000000F01FEC\12.0.6021\WRD12EXE.EXE
+ 2007-05-10 10:25:40 14,677,368 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020011400000000000F01FEC\12.0.6021\XL12CNV.EXE
+ 2007-09-14 21:45:58 16,901,168 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020011400000000000F01FEC\12.0.6215\MSO.DLL
+ 2007-08-29 00:19:24 1,654,648 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020011400000000000F01FEC\12.0.6215\OGL.DLL
+ 2007-08-24 05:00:34 1,767,768 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020011400000000000F01FEC\12.0.6215\PPCNV.DLL
+ 2007-08-24 05:00:48 72,096 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020011400000000000F01FEC\12.0.6215\PXBCOM.EXE
+ 2007-10-02 20:00:06 14,708,760 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020011400000000000F01FEC\12.0.6215\XL12CNV.EXE
+ 2009-01-06 03:00:42 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
- 2008-12-18 03:05:40 593,920 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2009-02-12 17:34:32 593,920 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-12-18 03:05:40 12,288 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2009-02-12 17:34:32 12,288 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-12-18 03:05:40 86,016 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2009-02-12 17:34:34 86,016 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2008-12-18 03:05:40 135,168 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-02-12 17:34:32 135,168 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-12-18 03:05:40 11,264 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2009-02-12 17:34:34 11,264 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-12-18 03:05:40 27,136 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2009-02-12 17:34:34 27,136 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-12-18 03:05:40 4,096 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2009-02-12 17:34:34 4,096 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-12-18 03:05:40 794,624 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2009-02-12 17:34:34 794,624 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-12-18 03:05:40 249,856 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2009-02-12 17:34:32 249,856 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-12-18 03:05:40 61,440 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2009-02-12 17:34:32 61,440 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-12-18 03:05:40 23,040 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2009-02-12 17:34:34 23,040 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-12-18 03:05:40 286,720 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2009-02-12 17:34:32 286,720 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-12-18 03:05:40 409,600 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2009-02-12 17:34:32 409,600 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2009-02-03 03:01:54 38,240 ----a-r c:\windows\Installer\{90120000-0020-0411-0000-0000000FF1CE}\O12ConvIcon.exe
+ 1998-11-11 20:35:46 306,688 ----a-w c:\windows\IsUn0411.exe
- 2000-08-31 08:00:00 28,672 ----a-w c:\windows\Nircmd.exe
+ 2000-08-31 08:00:00 29,696 ----a-w c:\windows\Nircmd.exe
- 2008-10-16 20:38:34 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-12-20 23:15:12 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-09-17 15:29:12 20,040 ----a-w c:\windows\system32\config\systemprofile\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll
- 2007-05-17 20:05:10 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-03-06 01:33:38 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2007-05-17 20:05:10 32,768 ------w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-03-06 01:33:38 32,768 ------w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2007-05-17 20:05:10 32,768 ------w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-03-06 01:33:38 32,768 ------w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-11-06 16:33:52 684,032 ----a-w c:\windows\system32\DivX.dll
+ 2008-11-06 16:33:54 823,296 ----a-w c:\windows\system32\divx_xx07.dll
+ 2008-11-06 16:33:54 815,104 ----a-w c:\windows\system32\divx_xx0a.dll
+ 2008-11-06 16:33:54 823,296 ----a-w c:\windows\system32\divx_xx0c.dll
+ 2008-11-06 16:33:54 802,816 ----a-w c:\windows\system32\divx_xx11.dll
+ 2008-11-06 16:37:36 524,288 ----a-w c:\windows\system32\DivXsm.exe
+ 2008-11-06 16:33:02 12,288 ----a-w c:\windows\system32\DivXWMPExtType.dll
- 2008-10-16 20:38:34 124,928 ------w c:\windows\system32\dllcache\advpack.dll
+ 2008-12-20 23:15:12 124,928 ------w c:\windows\system32\dllcache\advpack.dll
- 2008-10-16 20:38:34 347,136 ------w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-12-20 23:15:12 347,136 ------w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-10-16 20:38:34 214,528 ------w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-12-20 23:15:14 214,528 ------w c:\windows\system32\dllcache\dxtrans.dll
- 2008-10-16 20:38:36 133,120 ------w c:\windows\system32\dllcache\extmgr.dll
+ 2008-12-20 23:15:14 133,120 ------w c:\windows\system32\dllcache\extmgr.dll
- 2008-10-16 20:38:36 63,488 ------w c:\windows\system32\dllcache\icardie.dll
+ 2008-12-20 23:15:14 63,488 ------w c:\windows\system32\dllcache\icardie.dll
- 2008-10-16 20:38:36 153,088 ------w c:\windows\system32\dllcache\ieakeng.dll
+ 2008-12-20 23:15:14 153,088 ------w c:\windows\system32\dllcache\ieakeng.dll
- 2008-10-16 20:38:36 230,400 ------w c:\windows\system32\dllcache\ieaksie.dll
+ 2008-12-20 23:15:14 230,400 ------w c:\windows\system32\dllcache\ieaksie.dll
- 2008-10-16 20:38:36 383,488 ------w c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-12-20 23:15:16 383,488 ------w c:\windows\system32\dllcache\ieapfltr.dll
- 2008-10-16 20:38:36 384,512 ------w c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-12-20 23:15:16 384,512 ------w c:\windows\system32\dllcache\iedkcs32.dll
- 2008-10-16 20:38:38 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll
+ 2008-12-20 23:15:22 6,066,688 ------w c:\windows\system32\dllcache\ieframe.dll
- 2008-10-16 20:38:38 44,544 ------w c:\windows\system32\dllcache\iernonce.dll
+ 2008-12-20 23:15:22 44,544 ------w c:\windows\system32\dllcache\iernonce.dll
- 2008-10-16 20:38:38 267,776 ------w c:\windows\system32\dllcache\iertutil.dll
+ 2008-12-20 23:15:22 267,776 ------w c:\windows\system32\dllcache\iertutil.dll
- 2008-10-16 20:38:38 27,648 ------w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-12-20 23:15:24 27,648 ------w c:\windows\system32\dllcache\jsproxy.dll
- 2008-10-16 20:38:38 459,264 ------w c:\windows\system32\dllcache\msfeeds.dll
+ 2008-12-20 23:15:24 459,264 ------w c:\windows\system32\dllcache\msfeeds.dll
- 2008-10-16 20:38:38 52,224 ------w c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-12-20 23:15:24 52,224 ------w c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-10-16 20:38:38 477,696 ------w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-12-20 23:15:30 477,696 ------w c:\windows\system32\dllcache\mshtmled.dll
- 2008-10-16 20:38:38 193,024 ------w c:\windows\system32\dllcache\msrating.dll
+ 2008-12-20 23:15:32 193,024 ------w c:\windows\system32\dllcache\msrating.dll
- 2008-10-16 20:38:40 671,232 ------w c:\windows\system32\dllcache\mstime.dll
+ 2008-12-20 23:15:32 671,232 ------w c:\windows\system32\dllcache\mstime.dll
- 2008-10-16 20:38:40 102,912 ------w c:\windows\system32\dllcache\occache.dll
+ 2008-12-20 23:15:38 102,912 ------w c:\windows\system32\dllcache\occache.dll
- 2008-10-16 20:38:40 44,544 ------w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-12-20 23:15:38 44,544 ------w c:\windows\system32\dllcache\pngfilt.dll
- 2007-10-26 04:34:02 8,460,288 ----a-w c:\windows\system32\dllcache\shell32.dll
+ 2008-07-03 13:03:30 8,460,800 ----a-w c:\windows\system32\dllcache\shell32.dll
- 2008-10-16 20:38:40 105,984 ------w c:\windows\system32\dllcache\url.dll
+ 2008-12-20 23:15:40 105,984 ------w c:\windows\system32\dllcache\url.dll
- 2008-10-16 20:38:40 1,160,192 ------w c:\windows\system32\dllcache\urlmon.dll
+ 2008-12-20 23:15:40 1,160,192 ------w c:\windows\system32\dllcache\urlmon.dll
- 2008-10-16 20:38:40 233,472 ------w c:\windows\system32\dllcache\webcheck.dll
+ 2008-12-20 23:15:40 233,472 ------w c:\windows\system32\dllcache\webcheck.dll
- 2008-10-16 20:38:40 826,368 ------w c:\windows\system32\dllcache\wininet.dll
+ 2008-12-20 23:15:42 826,368 ------w c:\windows\system32\dllcache\wininet.dll
- 2008-02-22 04:32:28 15,232 ----a-w c:\windows\system32\drivers\Neo_0069.sys
+ 2009-01-05 23:47:44 15,232 ----a-w c:\windows\system32\drivers\Neo_0069.sys
- 2008-08-28 10:04:18 333,056 ----a-w c:\windows\system32\drivers\srv.sys
+ 2008-12-11 11:57:22 333,184 ----a-w c:\windows\system32\drivers\srv.sys
- 2008-10-16 20:38:34 347,136 ------w c:\windows\system32\dxtmsft.dll
+ 2008-12-20 23:15:12 347,136 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-10-16 20:38:34 214,528 ------w c:\windows\system32\dxtrans.dll
+ 2008-12-20 23:15:14 214,528 ----a-w c:\windows\system32\dxtrans.dll
- 2008-10-16 20:38:36 133,120 ------w c:\windows\system32\extmgr.dll
+ 2008-12-20 23:15:14 133,120 ------w c:\windows\system32\extmgr.dll
- 2008-06-12 18:36:38 7,680 ----a-w c:\windows\system32\ff_vfw.dll
+ 2008-08-22 17:57:52 14,336 ----a-w c:\windows\system32\ff_vfw.dll
- 2008-10-15 15:30:36 271,784 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2009-02-03 13:24:42 290,888 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2007-06-15 10:36:16 229,376 ----a-w c:\windows\system32\GameLink.dll
- 2008-10-16 20:38:36 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2008-12-20 23:15:14 63,488 ----a-w c:\windows\system32\icardie.dll
- 2008-10-16 13:11:10 70,656 ------w c:\windows\system32\ie4uinit.exe
+ 2008-12-19 09:10:16 70,656 ------w c:\windows\system32\ie4uinit.exe
- 2008-10-16 20:38:36 153,088 ------w c:\windows\system32\ieakeng.dll
+ 2008-12-20 23:15:14 153,088 ------w c:\windows\system32\ieakeng.dll
- 2008-10-16 20:38:36 230,400 ------w c:\windows\system32\ieaksie.dll
+ 2008-12-20 23:15:14 230,400 ------w c:\windows\system32\ieaksie.dll
- 2008-10-15 07:04:54 161,792 ------w c:\windows\system32\ieakui.dll
+ 2008-12-19 05:23:56 161,792 ------w c:\windows\system32\ieakui.dll
- 2008-10-16 20:38:36 383,488 ----a-w c:\windows\system32\ieapfltr.dll
+ 2008-12-20 23:15:16 383,488 ----a-w c:\windows\system32\ieapfltr.dll
- 2008-10-16 20:38:36 384,512 ------w c:\windows\system32\iedkcs32.dll
+ 2008-12-20 23:15:16 384,512 ------w c:\windows\system32\iedkcs32.dll
- 2008-10-16 20:38:38 6,066,176 ----a-w c:\windows\system32\ieframe.dll
+ 2008-12-20 23:15:22 6,066,688 ----a-w c:\windows\system32\ieframe.dll
- 2008-10-16 20:38:38 44,544 ------w c:\windows\system32\iernonce.dll
+ 2008-12-20 23:15:22 44,544 ------w c:\windows\system32\iernonce.dll
- 2008-10-16 20:38:38 267,776 ----a-w c:\windows\system32\iertutil.dll
+ 2008-12-20 23:15:22 267,776 ----a-w c:\windows\system32\iertutil.dll
- 2008-10-16 13:11:10 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2008-12-19 09:10:16 13,824 ----a-w c:\windows\system32\ieudinit.exe
- 2008-10-16 20:38:38 27,648 ------w c:\windows\system32\jsproxy.dll
+ 2008-12-20 23:15:24 27,648 ------w c:\windows\system32\jsproxy.dll
+ 2008-11-06 16:35:00 1,044,480 ----a-w c:\windows\system32\libdivx.dll
- 2008-10-16 20:38:38 459,264 ----a-w c:\windows\system32\msfeeds.dll
+ 2008-12-20 23:15:24 459,264 ----a-w c:\windows\system32\msfeeds.dll
- 2008-10-16 20:38:38 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2008-12-20 23:15:24 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
- 2008-12-13 06:40:02 3,593,216 ----a-w c:\windows\system32\mshtml.dll
+ 2009-01-16 21:35:14 3,594,752 ----a-w c:\windows\system32\mshtml.dll
- 2008-10-16 20:38:38 477,696 ------w c:\windows\system32\mshtmled.dll
+ 2008-12-20 23:15:30 477,696 ------w c:\windows\system32\mshtmled.dll
- 2008-10-16 20:38:38 193,024 ------w c:\windows\system32\msrating.dll
+ 2008-12-20 23:15:32 193,024 ------w c:\windows\system32\msrating.dll
- 2008-10-16 20:38:40 671,232 ------w c:\windows\system32\mstime.dll
+ 2008-12-20 23:15:32 671,232 ------w c:\windows\system32\mstime.dll
- 2007-05-08 15:03:04 1,275,392 ----a-w c:\windows\system32\msxml4.dll
+ 2008-09-30 16:43:34 1,286,152 ----a-w c:\windows\system32\msxml4.dll
- 2007-05-15 15:43:10 1,320,800 ----a-w c:\windows\system32\msxml6.dll
+ 2008-08-29 20:06:44 1,350,664 ----a-w c:\windows\system32\msxml6.dll
- 2008-10-16 20:38:40 102,912 ------w c:\windows\system32\occache.dll
+ 2008-12-20 23:15:38 102,912 ------w c:\windows\system32\occache.dll
- 2007-11-06 14:30:38 278,528 ----a-w c:\windows\system32\pncrt.dll
+ 2009-01-12 20:28:46 278,528 ----a-w c:\windows\system32\pncrt.dll
- 2007-11-06 14:30:40 6,656 ----a-w c:\windows\system32\pndx5016.dll
+ 2009-01-12 20:28:48 6,656 ----a-w c:\windows\system32\pndx5016.dll
- 2007-11-06 14:30:40 5,632 ----a-w c:\windows\system32\pndx5032.dll
+ 2009-01-12 20:28:48 5,632 ----a-w c:\windows\system32\pndx5032.dll
- 2008-10-16 20:38:40 44,544 ------w c:\windows\system32\pngfilt.dll
+ 2008-12-20 23:15:38 44,544 ------w c:\windows\system32\pngfilt.dll
+ 2008-08-10 11:55:30 60,273 ----a-w c:\windows\system32\pthreadGC2.dll
- 2007-03-08 07:51:00 547,576 ----a-w c:\windows\system32\px.dll
+ 2008-11-06 16:37:28 551,672 ------w c:\windows\system32\px.dll
- 2007-03-08 07:51:00 129,784 ----a-w c:\windows\system32\pxafs.dll
+ 2008-11-06 16:37:28 129,784 ------w c:\windows\system32\pxafs.dll
- 2007-03-08 07:51:00 64,760 ----a-w c:\windows\system32\pxcpya64.exe
+ 2008-11-06 16:37:28 66,296 ------w c:\windows\system32\pxcpya64.exe
+ 2008-11-06 16:37:28 120,056 ------w c:\windows\system32\pxcpyi64.exe
- 2007-03-08 07:51:00 510,712 ----a-w c:\windows\system32\pxdrv.dll
+ 2008-11-06 16:37:28 518,904 ------w c:\windows\system32\pxdrv.dll
- 2007-03-08 07:51:00 72,440 ----a-w c:\windows\system32\pxhpinst.exe
+ 2008-11-06 16:37:30 72,440 ------w c:\windows\system32\pxhpinst.exe
- 2007-03-08 07:51:00 64,760 ----a-w c:\windows\system32\pxinsa64.exe
+ 2008-11-06 16:37:28 64,760 ------w c:\windows\system32\pxinsa64.exe
+ 2008-11-06 16:37:28 118,520 ------w c:\windows\system32\pxinsi64.exe
- 2007-03-08 07:51:00 187,128 ----a-w c:\windows\system32\pxmas.dll
+ 2008-11-06 16:37:30 187,128 ------w c:\windows\system32\pxmas.dll
- 2007-03-08 07:51:00 1,628,920 ----a-w c:\windows\system32\pxsfs.dll
+ 2008-11-06 16:37:28 1,628,920 ------w c:\windows\system32\pxsfs.dll
- 2007-03-08 07:51:00 379,640 ----a-w c:\windows\system32\pxwave.dll
+ 2008-11-06 16:37:28 379,640 ------w c:\windows\system32\pxwave.dll
+ 2008-11-06 16:37:32 3,596,288 ----a-w c:\windows\system32\qt-dx331.dll
+ 2009-01-06 00:04:12 15,232 ----a-w c:\windows\system32\ReinstallBackups\0020\DriverFiles\Neo_0083.sys
+ 2009-01-05 23:47:24 15,232 ----a-w c:\windows\system32\ReinstallBackups\0021\DriverFiles\Neo_0069.sys
- 2007-11-06 14:30:46 185,688 ----a-w c:\windows\system32\rmoc3260.dll
+ 2009-01-12 20:28:56 185,920 ----a-w c:\windows\system32\rmoc3260.dll
+ 2004-08-10 20:00:00 286,208 ----a-r c:\windows\system32\sdra64.exe
- 2007-10-26 04:34:02 8,460,288 ----a-w c:\windows\system32\shell32.dll
+ 2008-07-03 13:03:30 8,460,800 ----a-w c:\windows\system32\shell32.dll
- 2007-07-27 09:41:40 16,760 ------w c:\windows\system32\spmsg.dll
+ 2008-07-09 07:38:24 17,272 ------w c:\windows\system32\spmsg.dll
+ 2008-11-06 16:35:00 200,704 ----a-w c:\windows\system32\ssldivx.dll
- 2008-10-16 20:38:40 105,984 ----a-w c:\windows\system32\url.dll
+ 2008-12-20 23:15:40 105,984 ----a-w c:\windows\system32\url.dll
- 2008-10-16 20:38:40 1,160,192 ----a-w c:\windows\system32\urlmon.dll
+ 2008-12-20 23:15:40 1,160,192 ----a-w c:\windows\system32\urlmon.dll
- 2007-03-08 07:51:00 39,672 ----a-w c:\windows\system32\vxblock.dll
+ 2008-11-06 16:37:28 88,824 ------w c:\windows\system32\vxblock.dll
- 2008-10-16 20:38:40 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2008-12-20 23:15:40 233,472 ----a-w c:\windows\system32\webcheck.dll
- 2008-10-16 20:38:40 826,368 ----a-w c:\windows\system32\wininet.dll
+ 2008-12-20 23:15:42 826,368 ----a-w c:\windows\system32\wininet.dll
+ 2009-03-06 01:33:38 16,384 --sha-w c:\windows\Temp\Cookies\index.dat
+ 2009-03-06 01:33:38 16,384 --sha-w c:\windows\Temp\History\History.IE5\index.dat
+ 2009-03-06 01:33:44 16,384 ----a-w c:\windows\Temp\Perflib_Perfdata_f4c.dat
+ 2009-03-06 01:33:38 32,768 --sha-w c:\windows\Temp\Temporary Internet Files\Content.IE5\index.dat
+ 2009-03-06 01:33:32 2,240,512 ----a-w c:\windows\Temp\VPN_68D3\9218E5A4.dll
+ 2008-09-30 16:42:08 1,286,152 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll
+ 2008-09-30 16:45:12 91,656 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
+ 2005-09-22 23:48:08 479,232 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll
+ 2005-09-22 23:48:08 548,864 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll
+ 2005-09-22 23:48:06 626,688 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-10 15360]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2006-07-19 53248]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-06-13 118784]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2006-06-23 225280]
"LogitechCameraService(E)"="c:\windows\system32\ElkCtrl.exe" [2004-11-01 262144]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-21 7581696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-07-21 86016]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-07-12 438272]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-06-13 77824]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-06-13 94208]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 59392]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-29 286720]
"CPM4c26d50c"="c:\windows\system32\gopigede.dll" [2009-03-05 84992]
"SkyTel"="SkyTel.EXE" [2006-07-19 c:\windows\SkyTel.exe]
"nwiz"="nwiz.exe" [2006-07-21 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\CTFMON.EXE" [2004-08-10 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-14 1694208]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}"= "c:\windows\system32\gopigede.dll" [2009-03-05 84992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"SSODL"= {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\gopigede.dll [2009-03-05 84992]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\userinit.exe,c:\windows\system32\sdra64.exe,"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acer Empowering Technology.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Acer Empowering Technology.lnk
backup=c:\windows\pss\Acer Empowering Technology.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PacketiX VPN Client タスクトレイ常駐.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\PacketiX VPN Client タスクトレイ常駐.lnk
backup=c:\windows\pss\PacketiX VPN Client タスクトレイ常駐.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Tony Yuwono^Start Menu^Programs^Startup^ﾌﾚﾑｶQQ.lnk]
path=c:\documents and settings\Tony Yuwono\Start Menu\Programs\Startup\ﾌﾚﾑｶQQ.lnk
backup=c:\windows\pss\ﾌﾚﾑｶQQ.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
--a------ 2006-06-07 20:18 208896 c:\acer\Empowering Technology\ePresentation\ePresentation.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
--a------ 2006-03-15 22:12 579584 c:\acer\Empowering Technology\ePower\Boot.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
--a------ 2006-03-17 15:00 345088 c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
--a------ 2006-07-12 15:48 438272 c:\acer\Empowering Technology\ePower\ePower_DMC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]
--a------ 2006-06-01 14:40 413696 c:\acer\Empowering Technology\eRecovery\eRAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
--a------ 2006-07-14 12:13 471040 c:\progra~1\LAUNCH~1\QtZgAcer.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCameraAssistant]
--a------ 2006-06-26 15:47 331776 c:\program files\Acer\OrbiCam\CameraAssistant.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideo[inspector]]
--a------ 2006-06-26 15:55 73728 c:\program files\Acer\OrbiCam\InstallHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2004-10-14 00:24 1694208 c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
--a------ 2006-05-15 11:15 45056 c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-06-29 06:24 286720 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
--a------ 2006-04-29 06:13 766041 c:\program files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeohPlugin]
--a------ 2008-12-16 17:07 3528440 c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
--a------ 2004-08-04 00:56 110592 c:\windows\system32\bthprops.cpl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
--a------ 2006-07-19 09:42 16248320 c:\windows\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\Program Files\\NeffyManSp\\NeffyManSp.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\PacketiX VPN Client\\vpncmd.exe"=
"c:\\Program Files\\PacketiX VPN Client\\vpncmgr.exe"=
"c:\\Program Files\\PacketiX VPN Client\\vpnclient.exe"=
"c:\\Program Files\\Nexon\\MapleStory\\MapleStory.exe"=
"c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\HighStreet 5\\5street\\Film.exe"=
"d:\\HighStreet 5\\5street\\Launch.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"94:TCP"= 94:TCP:VRS Recording System Web Control Panel
"81:TCP"= 81:TCP:Axon Virtual PBX Web Server

R2 EpmPsd;Acer EPM Power Scheme Driver;c:\windows\system32\drivers\epm-psd.sys [2007-05-18 4096]
R2 EpmShd;Acer EPM System Hardware Driver;c:\windows\system32\drivers\epm-shd.sys [2007-05-18 78208]
R2 npkcjpn;npkcjpn;c:\program files\Nexon\MapleStory\npkcjpn.sys [2008-12-17 54824]
R2 vpnclient;PacketiX VPN Client;c:\program files\PacketiX VPN Client\vpnclient.exe [2007-10-22 2191360]
R3 Neo_VPN;VPN Client Device Driver - VPN;c:\windows\system32\drivers\Neo_0069.sys [2008-02-22 15232]
S2 npkjmsvc;npkjmsvc; [x]
S3 libusb0;LibUsb-Win32 - Kernel Driver 08/27/2006, 0.1.12.0;c:\windows\system32\drivers\libusb0.sys [2008-08-15 28672]
S3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [2006-06-20 1097728]
S3 Neo_VPN 2;VPN Client Device Driver - VPN 2;c:\windows\system32\drivers\Neo_0083.sys [2009-01-06 15232]
S3 Neo_VPN Client Adapter 2;VPN Client Device Driver - VPN Client Adapter 2;c:\windows\system32\drivers\Neo_0091.sys [2009-01-06 15232]
S3 npkcujpn;npkcujpn;c:\program files\Nexon\MapleStory\npkcujpn.sys [2008-12-17 44800]
S3 Revolution1;Revolution1; [x]
S3 sejt1;sejt1; [x]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{386b4906-d59f-11dc-9f06-0019d22b4461}]
\Shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{70a00c1e-55db-11dd-9f73-0019d22b4461}]
\Shell\AutoRun\command - g:\wd_windows_tools\Setup.exe
.
- - - - ORPHANS REMOVED - - - -

BHO-{224f0037-e35b-4bc5-8ee2-6a98aa5d58fc} - c:\windows\system32\wegabalu.dll
HKCU-Run-prunnet - c:\windows\system32\prunnet.exe
HKLM-Run-prunnet - c:\windows\system32\prunnet.exe
HKLM-Run-lejopugizi - c:\windows\system32\nuyajuku.dll
MSConfigStartUp-ccApp - c:\program files\Common Files\Symantec Shared\ccApp.exe


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.jp/
mStart Page = hxxp://en.us.acer.yahoo.com
uInternet Settings,ProxyServer = 210.254.61.227:3370
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
IE: c:\program files\Tencent\QQ\SendMMS.htm
IE: Add to QQ Customized Panel - c:\program files\Tencent\QQ\AddPanel.htm
IE: Add to QQ Emoticons - c:\program files\Tencent\QQ\AddEmotion.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send picture by MMS - c:\program files\Tencent\QQ\SendMMS.htm
IE: Send the Picture by QQ MMS - c:\program files\Tencent\QQ\SendMMS.htm
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
LSP: %SystemRoot%\system32\PrxerDrv.dll
Trusted Zone: clubhanbit.jp\x3
Trusted Zone: gamania.co.jp\kd
DPF: {8D9E639C-110C-4F85-9067-3B97C0BDE9C0} - hxxp://down.hangame.co.jp/jp/dist/hgstart/HGPluginJP25.cab
DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} - hxxp://dist.cdnetworks.co.jp/cdndist/neffy/NeffyLauncher.cab
DPF: {C8F5F737-2683-40B8-BFB6-47B15AC20A79} - hxxps://gash.gamania.co.jp/acxauth/cab/1_2_38/lcjggame.cab
DPF: {CD043AC3-CCA0-4415-8BAA-C61A2A7C0A19} - hxxp://pp.clubhanbit.jp/Game/ATL_ElevationLauncher.cab
DPF: {D6440B15-8FD8-455C-AE55-8D3198F49638} - hxxp://x3.clubhanbit.jp/Game/X3Launcher.cab
DPF: {D6855164-25C2-40D2-BA39-D8A57FF0B49C} - hxxp://sangokushi-hero.redbanana.jp/_include/_common/cab/RedbananaAutoPlay.cab
DPF: {F58E877C-4F14-4805-B2D2-EB48927C7580} - hxxp://dist.cdnetworks.co.jp/cdndist/streamport/SPort.cab
.
.
------- File Associations -------
.
chm.file="hh.exe" %1
txtfile=c:\windows\notepad.exe %1
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-06 01:33:37
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1192)
c:\windows\system32\imjp81.ime
c:\windows\system32\imjp81k.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
c:\acer\Empowering Technology\ePerformance\MemCheck.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\conime.exe
c:\windows\eHome\ehmsas.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\PSIService.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Completion time: 2009-03-06 1:36:30 - machine was rebooted
ComboFix-quarantined-files.txt 2009-03-06 01:36:28
ComboFix3.txt 2008-10-04 16:19:26
ComboFix2.txt 2009-01-05 23:39:58

Pre-Run: 22,138,552,320 bytes free
Post-Run: 22,115,188,736 バイトの空き領域

548 --- E O F --- 2009-03-05 01:08:06

[ComputingNewbie]

After reboot I immediately got an error message about "nuyajuku.dll".
I have no idea what that is.

Next,

Kaspersky Online Scanner Log

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Friday, March 6, 2009
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Friday, March 06, 2009 01:58:53
Records in database: 1872567
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\

Scan statistics:
Files scanned: 105875
Threat name: 2
Infected objects: 4
Suspicious objects: 0
Duration of the scan: 01:42:26


File name / Threat name / Threats count
C:\Documents and Settings\Tony Yuwono\My Documents\受信したファイル\AkumaEngine33.zip Infected: Trojan.Win32.Shutdowner.ag 1
C:\system volume information\_restore{B70253F9-5B43-47D0-B5A4-776D3A785FE9}\RP610\A0089760.dll Infected: Packed.Win32.Tdss.c 1
C:\system volume information\_restore{B70253F9-5B43-47D0-B5A4-776D3A785FE9}\RP610\A0089761.dll Infected: Packed.Win32.Tdss.c 1
C:\system volume information\_restore{B70253F9-5B43-47D0-B5A4-776D3A785FE9}\RP610\A0089762.dll Infected: Packed.Win32.Tdss.c 1

The selected area was scanned.

[ComputingNewbie]

Finally,

Malwarebytes' Anti-Malware Log 2

Malwarebytes' Anti-Malware 1.28
Database version: 1134
Windows 5.1.2600 Service Pack 2

2009/03/06 8:30:24
mbam-log-2009-03-06 (08-30-24).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 149267
Time elapsed: 24 minute(s), 34 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

I do not know what to do anymore.

Thank you in advance.

[ComputingNewbie]

Forgive me. I did not know about HijackThis...
Here is the log after having done all the above:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:45:56, on 2009/03/06
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\PacketiX VPN Client\vpnclient.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\ElkCtrl.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
D:\HighStreet 5\5street\Launch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe,
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CPM4c26d50c] Rundll32.exe "c:\windows\system32\gopigede.dll",a
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to QQ Customized Panel - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: Add to QQ Emoticons - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send picture by MMS - C:\Program Files\Tencent\QQ\SendMMS.htm
O8 - Extra context menu item: Send the Picture by QQ MMS - C:\Program Files\Tencent\QQ\SendMMS.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun の Java コンソール - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O15 - Trusted Zone: http://x3.clubhanbit.jp
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.co.../sysreqlab3.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail....es/MSNPUpld.cab
O16 - DPF: {8D9E639C-110C-4F85-9067-3B97C0BDE9C0} (HGPluginJP25 Class) - http://down.hangame....GPluginJP25.cab
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://dist.cdnetwor...ffyLauncher.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zon...nt.cab56907.cab
O16 - DPF: {C8F5F737-2683-40B8-BFB6-47B15AC20A79} (Game Starter Control) - https://gash.gamania...38/lcjggame.cab
O16 - DPF: {CD043AC3-CCA0-4415-8BAA-C61A2A7C0A19} (ElevationLauncher Class) - http://pp.clubhanbit...ionLauncher.cab
O16 - DPF: {D6440B15-8FD8-455C-AE55-8D3198F49638} (ExcuteHbsAudition Class) - http://x3.clubhanbit.../X3Launcher.cab
O16 - DPF: {D6855164-25C2-40D2-BA39-D8A57FF0B49C} (RedbananaVistaPlay Class) - http://sangokushi-he...anaAutoPlay.cab
O16 - DPF: {F58E877C-4F14-4805-B2D2-EB48927C7580} (NeffyManSpLauncherCtl Class) - http://dist.cdnetwor...mport/SPort.cab
O20 - AppInit_DLLs: c:\windows\system32\gopigede.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\gopigede.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\gopigede.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: npkjmsvc - Unknown owner - (no file)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: PacketiX VPN Client (vpnclient) - SoftEther Corporation - C:\Program Files\PacketiX VPN Client\vpnclient.exe

--
End of file - 11010 bytes

[Octagonal]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.