Unsolved
This post is more than 5 years old
30 Posts
0
4059
January 19th, 2009 12:00
Pop-up Trojan
Keep getting this pop-up and I've run many scans and used spyware doctor but am still getting one particular pop-up that is 2 x 2 inches.
HIjackTHis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:38:22 PM, on 1/19/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\AOL\1133608311\ee\AOLSoftware.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\RarSFX2\services.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\SoulseekNS\slsk.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Vuze\Azureus.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\dumprep.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - (no file)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" /r
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1133608311\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [MPFExe] C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [wincam] C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\RarSFX2\services.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O15 - Trusted Zone: *.stumbleupon.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1141114797880
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O20 - AppInit_DLLs: inster.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
--
End of file - 12690 bytes
0 events found
bamajim
10.4K Posts
0
January 19th, 2009 13:00
Please describe this pop-up.
What does it say?
Cheech519
30 Posts
0
January 20th, 2009 00:00
there is a large i inside a blue circle on the top left and the text to the right reads:
This program cannot display the webpage
Most likely causes:
What you can try:
The pop-up displays directly in the center of my monitor
Go back to the previous page.
bamajim
10.4K Posts
0
January 20th, 2009 06:00
1. Go HERE and download File Lister.
Rt Click ->> Extract all ->> And extract it to your Desktop
Additional help on extracting zip files can be found HERE
Open the File Lister Folder.
Rt Click FileLister.vbe ->>Select Open Then Open to confirm.
As the program runs, it will appear that nothing is happening.
When the program is fnished it will produce a log for you C:\Files.txt
Copy and paste the contents of that log in your reply.
Sathish_Duraive
2 Posts
0
January 20th, 2009 13:00
any spyware or virus u can run Smit fraud fix. it will remove malicious things from computer for sure. can be downloaded from www.no1fix.notlong.com . additional to this if u suspect more issue can also run malware bytes. issue will be resolved for sure.
Cheech519
30 Posts
0
January 20th, 2009 15:00
+++++++++++++++++++++++++++++++++ + File Lister Version 1.0.5 + + By bamajim / bamajim.com +++++++++++++++++++++++++++++++++ Report ran on --->>> 1/20/2009 3:04:52 PM ====== Running Processes ====== C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\ewido\security suite\ewidoctrl.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\WINDOWS\ehome\ehtray.exe c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE C:\WINDOWS\system32\CTHELPER.EXE C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Common Files\AOL\1133608311\ee\AOLSoftware.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\mcafee.com\personal firewall\MPfTray.exe C:\Program Files\Dell Support Center\bin\sprtsvc.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\WINDOWS\wanmpsvc.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\ehome\mcrdsvc.exe C:\Program Files\iTunes\iTunesHelper.exe C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\RarSFX2\services.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\WINDOWS\eHome\ehmsas.exe c:\PROGRA~1\mcafee\msc\mcuimgr.exe c:\PROGRA~1\mcafee\msc\mcupdmgr.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\System32\WScript.exe C:\WINDOWS\system32\wbem\wmiprvse.exe ====== BHO's under HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects ====== BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll BHO: WormRadar.com IESiteBlocker.NavFilter - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll BHO: WormRadar.com IESiteBlocker.NavFilter - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll BHO: WormRadar.com IESiteBlocker.NavFilter - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll ====== Values under HKLM\~\Run ====== REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="C:\\WINDOWS\\ehome\\ehtray.exe" "IAAnotif"="\"C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\iaanotif.exe\"" "ATIPTA"="\"C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\"" "CTSysVol"="\"C:\\Program Files\\Creative\\SBAudigy2ZS\\Surround Mixer\\CTSysVol.exe\" /r" "CTDVDDET"="\"C:\\Program Files\\Creative\\SBAudigy2ZS\\DVDAudio\\CTDVDDET.EXE\"" "CTHelper"="CTHELPER.EXE" "UpdReg"="C:\\WINDOWS\\UpdReg.EXE" "DVDLauncher"="\"C:\\Program Files\\CyberLink\\PowerDVD\\DVDLauncher.exe\"" "dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe" "ISUSPM Startup"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\isuspm.exe\" -startup" "ISUSScheduler"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start" "HostManager"="C:\\Program Files\\Common Files\\AOL\\1133608311\\ee\\AOLSoftware.exe" "AOLDialer"="\"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe\"" "Adobe Photo Downloader"="\"C:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.2\\Apps\\apdproxy.exe\"" "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre6\\bin\\jusched.exe\"" "dscactivate"="\"C:\\Program Files\\Dell Support Center\\gs_agent\\custom\\dsca.exe\"" "Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\"" "WinampAgent"="\"C:\\Program Files\\Winamp\\winampa.exe\"" "MPFExe"="C:\\Program Files\\mcafee.com\\personal firewall\\MPfTray.exe" "DellSupportCenter"="\"C:\\Program Files\\Dell Support Center\\bin\\sprtcmd.exe\" /P DellSupportCenter" "mcagent_exe"="C:\\Program Files\\McAfee.com\\Agent\\mcagent.exe /runkey" "RegistryMechanic"="" "TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime" "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" "NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe" "wincam"="C:\\DOCUME~1\\RICHAR~1\\LOCALS~1\\Temp\\RarSFX2\\services.exe" "ISTray"="\"C:\\Program Files\\Spyware Doctor\\pctsTray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents] @="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL] "Installed"="1" @="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI] "NoChange"="1" "Installed"="1" @="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS] "Installed"="1" @="" ====== Values under HKCU\~\Run ====== REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" "Aim6"="" "DellSupportCenter"="\"C:\\Program Files\\Dell Support Center\\bin\\sprtcmd.exe\" /P DellSupportCenter" "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\"" "AdobeUpdater"="C:\\Program Files\\Common Files\\Adobe\\Updater5\\AdobeUpdater.exe" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater] @="" ====== Folders and Files from "%\" and "%\Windows" Created Last 60 Days ====== 1/20/2009 3:04:52 PM 6574 32 C:\Files.txt 12/16/2008 3:01:14 AM 1214 32 C:\images.sql 1/15/2009 1:56:00 AM 94897 34 C:\Mozilla.html 1/14/2009 11:07:30 PM 344064 34 C:\windll_v354.exe 1/15/2009 11:13:57 AM 11615 32 C:\WINDOWS\KB925720.log 1/14/2009 3:05:23 PM 13755 32 C:\WINDOWS\KB952069.log 1/14/2009 3:05:08 PM 7883 32 C:\WINDOWS\KB954600.log 1/14/2009 2:58:44 PM 33055 32 C:\WINDOWS\KB955839.log 1/14/2009 2:58:30 PM 12698 32 C:\WINDOWS\KB956802.log 1/14/2009 3:05:44 PM 19071 32 C:\WINDOWS\KB958215-IE7.log 1/14/2009 3:05:17 PM 8193 32 C:\WINDOWS\KB958687.log 1/14/2009 3:05:36 PM 8297 32 C:\WINDOWS\KB960714-IE7.log 1/15/2009 11:16:10 AM 508970 32 C:\WINDOWS\msxml6-KB954459-enu-x86.LOG 1/14/2009 11:07:24 PM 6190 34 C:\WINDOWS\windat.txt 1/15/2009 10:42:28 AM 386780 C:\WINDOWS\system32\XPSViewer 1/15/2009 10:42:28 AM 3584 C:\WINDOWS\system32\XPSViewer\en-us 1/14/2009 11:16:20 PM 20 32 C:\WINDOWS\system32\6312b13c-.txt 1/14/2009 11:16:49 PM 103936 32 C:\WINDOWS\system32\cphxkpul.dll 12/3/2008 11:41:13 PM 410984 32 C:\WINDOWS\system32\deploytk.dll 1/15/2009 1:42:37 AM 1365469 38 C:\WINDOWS\system32\dvdttgec.ini 12/3/2008 11:41:13 PM 144792 32 C:\WINDOWS\system32\java.exe 12/3/2008 11:41:13 PM 144792 32 C:\WINDOWS\system32\javaw.exe 12/3/2008 11:41:13 PM 148888 32 C:\WINDOWS\system32\javaws.exe 1/15/2009 11:04:30 AM 38709280 32 C:\WINDOWS\system32\kavsetup1.exe 1/15/2009 12:32:04 PM 66108 32 C:\WINDOWS\system32\kavsetup2.exe 1/15/2009 12:32:24 AM 103936 32 C:\WINDOWS\system32\kpeixeln.dll 1/14/2009 11:16:49 PM 103936 32 C:\WINDOWS\system32\mjernt.dll 1/14/2009 3:03:25 PM 276 32 C:\WINDOWS\system32\MRT.INI 1/15/2009 1:45:22 AM 103936 32 C:\WINDOWS\system32\mwyfdz.dll 1/15/2009 12:32:22 AM 1365469 38 C:\WINDOWS\system32\pmndingv.ini 1/15/2009 11:52:41 AM 567501 32 C:\WINDOWS\system32\rn.tmp 1/15/2009 1:45:21 AM 103936 32 C:\WINDOWS\system32\rnxdrhsk.dll 1/15/2009 1:43:42 AM 1 32 C:\WINDOWS\system32\sn.txt 1/15/2009 10:41:58 AM 14048 0 C:\WINDOWS\system32\spmsg2.dll 1/15/2009 12:32:25 AM 103936 32 C:\WINDOWS\system32\vwzodl.dll 1/14/2009 11:16:54 PM 1365469 38 C:\WINDOWS\system32\wqmtmnnc.ini 1/19/2009 12:39:30 PM 167936 32 C:\WINDOWS\system32\wr13144.dll 1/19/2009 12:39:28 PM 13920660 32 C:\WINDOWS\system32\xa10233687.exe 1/19/2009 12:39:30 PM 13920660 32 C:\WINDOWS\system32\xa10234734.exe ====== Files under "\Administrator\Startup" Last 60 Days====== ====== Files under "\All Users\Startup" Last 60 Days====== ====== Folders under "\Program Files" Last 60 Days====== 12/1/2008 10:56:29 PM 13584462 C:\Program Files\FileZilla FTP Client 12/11/2008 2:47:10 PM 2676 C:\Program Files\FileZilla FTP Client\docs 12/11/2008 2:47:11 PM 4939772 C:\Program Files\FileZilla FTP Client\locales 12/11/2008 2:47:11 PM 81093 C:\Program Files\FileZilla FTP Client\locales\ar 12/11/2008 2:47:11 PM 166412 C:\Program Files\FileZilla FTP Client\locales\bg_BG 12/11/2008 2:47:11 PM 132597 C:\Program Files\FileZilla FTP Client\locales\ca 12/11/2008 2:47:11 PM 129316 C:\Program Files\FileZilla FTP Client\locales\ca_ES@valencia 12/11/2008 2:47:11 PM 129182 C:\Program Files\FileZilla FTP Client\locales\cs_CZ 12/11/2008 2:47:11 PM 74101 C:\Program Files\FileZilla FTP Client\locales\da_DK 12/11/2008 2:47:11 PM 135136 C:\Program Files\FileZilla FTP Client\locales\de 12/11/2008 2:47:11 PM 180585 C:\Program Files\FileZilla FTP Client\locales\el 12/11/2008 2:47:11 PM 132423 C:\Program Files\FileZilla FTP Client\locales\es 12/11/2008 2:47:11 PM 123899 C:\Program Files\FileZilla FTP Client\locales\et_EE 12/11/2008 2:47:11 PM 34573 C:\Program Files\FileZilla FTP Client\locales\eu_ES 12/11/2008 2:47:11 PM 112555 C:\Program Files\FileZilla FTP Client\locales\fi_FI 12/11/2008 2:47:11 PM 133318 C:\Program Files\FileZilla FTP Client\locales\fr 12/11/2008 2:47:11 PM 134042 C:\Program Files\FileZilla FTP Client\locales\fr_CA 12/11/2008 2:47:11 PM 92539 C:\Program Files\FileZilla FTP Client\locales\gl_ES 12/11/2008 2:47:11 PM 57690 C:\Program Files\FileZilla FTP Client\locales\he_IL 12/11/2008 2:47:11 PM 116903 C:\Program Files\FileZilla FTP Client\locales\hu_HU 12/11/2008 2:47:11 PM 125614 C:\Program Files\FileZilla FTP Client\locales\id_ID 12/11/2008 2:47:11 PM 130042 C:\Program Files\FileZilla FTP Client\locales\it 12/11/2008 2:47:11 PM 138026 C:\Program Files\FileZilla FTP Client\locales\ja_JP 12/11/2008 2:47:11 PM 43658 C:\Program Files\FileZilla FTP Client\locales\ka 12/11/2008 2:47:11 PM 3733 C:\Program Files\FileZilla FTP Client\locales\km_KH 12/11/2008 2:47:11 PM 116859 C:\Program Files\FileZilla FTP Client\locales\ko_KR 12/11/2008 2:47:11 PM 20567 C:\Program Files\FileZilla FTP Client\locales\ku 12/11/2008 2:47:11 PM 128333 C:\Program Files\FileZilla FTP Client\locales\lt_LT 12/11/2008 2:47:11 PM 62144 C:\Program Files\FileZilla FTP Client\locales\lv_LV 12/11/2008 2:47:11 PM 103415 C:\Program Files\FileZilla FTP Client\locales\mk_MK 12/11/2008 2:47:11 PM 123629 C:\Program Files\FileZilla FTP Client\locales\nb_NO 12/11/2008 2:47:11 PM 105647 C:\Program Files\FileZilla FTP Client\locales\ne 12/11/2008 2:47:11 PM 129112 C:\Program Files\FileZilla FTP Client\locales\nl 12/11/2008 2:47:11 PM 68908 C:\Program Files\FileZilla FTP Client\locales\nn_NO 12/11/2008 2:47:11 PM 127937 C:\Program Files\FileZilla FTP Client\locales\pl_PL 12/11/2008 2:47:11 PM 131427 C:\Program Files\FileZilla FTP Client\locales\pt_BR 12/11/2008 2:47:11 PM 131482 C:\Program Files\FileZilla FTP Client\locales\pt_PT 12/11/2008 2:47:11 PM 131518 C:\Program Files\FileZilla FTP Client\locales\ro_RO 12/11/2008 2:47:11 PM 161914 C:\Program Files\FileZilla FTP Client\locales\ru 12/11/2008 2:47:11 PM 131222 C:\Program Files\FileZilla FTP Client\locales\sk_SK 12/11/2008 2:47:11 PM 127902 C:\Program Files\FileZilla FTP Client\locales\sl_SI 12/11/2008 2:47:11 PM 85735 C:\Program Files\FileZilla FTP Client\locales\sv 12/11/2008 2:47:11 PM 30784 C:\Program Files\FileZilla FTP Client\locales\th_TH 12/11/2008 2:47:11 PM 63723 C:\Program Files\FileZilla FTP Client\locales\tr 12/11/2008 2:47:11 PM 170146 C:\Program Files\FileZilla FTP Client\locales\uk_UA 12/11/2008 2:47:11 PM 142832 C:\Program Files\FileZilla FTP Client\locales\vi_VN 12/11/2008 2:47:11 PM 118851 C:\Program Files\FileZilla FTP Client\locales\zh_CN 12/11/2008 2:47:11 PM 118248 C:\Program Files\FileZilla FTP Client\locales\zh_TW 12/11/2008 2:47:09 PM 810739 C:\Program Files\FileZilla FTP Client\resources 12/11/2008 2:47:09 PM 6155 C:\Program Files\FileZilla FTP Client\resources\16x16 12/11/2008 2:47:09 PM 1534 C:\Program Files\FileZilla FTP Client\resources\32x32 12/11/2008 2:47:09 PM 1216 C:\Program Files\FileZilla FTP Client\resources\48x48 12/11/2008 2:47:10 PM 116484 C:\Program Files\FileZilla FTP Client\resources\blukis 12/11/2008 2:47:10 PM 12089 C:\Program Files\FileZilla FTP Client\resources\blukis\16x16 12/11/2008 2:47:10 PM 38008 C:\Program Files\FileZilla FTP Client\resources\blukis\32x32 12/11/2008 2:47:10 PM 66156 C:\Program Files\FileZilla FTP Client\resources\blukis\48x48 12/11/2008 2:47:10 PM 8420 C:\Program Files\FileZilla FTP Client\resources\cyril 12/11/2008 2:47:10 PM 8201 C:\Program Files\FileZilla FTP Client\resources\cyril\16x16 12/11/2008 2:47:11 PM 163831 C:\Program Files\FileZilla FTP Client\resources\lone 12/11/2008 2:47:11 PM 24707 C:\Program Files\FileZilla FTP Client\resources\lone\16x16 12/11/2008 2:47:11 PM 61121 C:\Program Files\FileZilla FTP Client\resources\lone\32x32 12/11/2008 2:47:11 PM 77718 C:\Program Files\FileZilla FTP Client\resources\lone\48x48 12/11/2008 2:47:11 PM 152461 C:\Program Files\FileZilla FTP Client\resources\opencrystal 12/11/2008 2:47:11 PM 19365 C:\Program Files\FileZilla FTP Client\resources\opencrystal\16x16 12/11/2008 2:47:11 PM 50224 C:\Program Files\FileZilla FTP Client\resources\opencrystal\32x32 12/11/2008 2:47:11 PM 82573 C:\Program Files\FileZilla FTP Client\resources\opencrystal\48x48 1/8/2009 1:59:29 PM 3103775 C:\Program Files\MagicISO 1/15/2009 10:09:51 AM 4114750 C:\Program Files\Malwarebytes' Anti-Malware 1/15/2009 10:09:52 AM 372752 C:\Program Files\Malwarebytes' Anti-Malware\Languages 12/15/2008 10:56:16 AM 2161478 C:\Program Files\Monkey's Audio 12/15/2008 10:56:17 AM 165904 C:\Program Files\Monkey's Audio\Documentation 12/15/2008 10:56:17 AM 264864 C:\Program Files\Monkey's Audio\External 12/15/2008 10:56:17 AM 78708 C:\Program Files\Monkey's Audio\Resources 12/15/2008 10:56:17 AM 593920 C:\Program Files\Monkey's Audio\Tools 1/15/2009 10:42:34 AM 23758 C:\Program Files\MSBuild 1/15/2009 10:42:34 AM 23758 C:\Program Files\MSBuild\Microsoft 1/15/2009 10:42:34 AM 23758 C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation 1/15/2009 10:42:34 AM 9908 C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0 1/15/2009 10:43:49 AM 13850 C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5 1/15/2009 10:41:37 AM 6849 C:\Program Files\MSXML 6.0 1/15/2009 10:41:37 AM 6849 C:\Program Files\MSXML 6.0\EULA 1/15/2009 10:42:20 AM 31308314 C:\Program Files\Reference Assemblies 1/15/2009 10:42:20 AM 31308314 C:\Program Files\Reference Assemblies\Microsoft 1/15/2009 10:42:20 AM 31308314 C:\Program Files\Reference Assemblies\Microsoft\Framework 1/15/2009 10:42:20 AM 25299132 C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0 1/15/2009 10:42:21 AM 5682 C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList 1/15/2009 10:43:48 AM 6009182 C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5 1/15/2009 10:43:57 AM 7454 C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList 1/15/2009 11:39:42 AM 54540455 C:\Program Files\Spyware Doctor 1/15/2009 11:39:42 AM 11897 C:\Program Files\Spyware Doctor\avdb 1/15/2009 11:39:42 AM 0 C:\Program Files\Spyware Doctor\avdb\quarantine 1/15/2009 11:39:42 AM 0 C:\Program Files\Spyware Doctor\avdb\temp 1/15/2009 11:39:42 AM 1142544 C:\Program Files\Spyware Doctor\avengine 1/15/2009 11:40:00 AM 204082 C:\Program Files\Spyware Doctor\history 1/15/2009 11:39:42 AM 0 C:\Program Files\Spyware Doctor\log 1/15/2009 11:39:48 AM 324404 C:\Program Files\Spyware Doctor\LuLng 1/15/2009 11:39:49 AM 2033200 C:\Program Files\Spyware Doctor\NetworkLayer 1/15/2009 11:39:48 AM 3753056 C:\Program Files\Spyware Doctor\plugins 1/15/2009 11:40:00 AM 1420016 C:\Program Files\Spyware Doctor\quarantine 1/15/2009 11:40:06 AM 0 C:\Program Files\Spyware Doctor\sdnet 1/15/2009 11:40:05 AM 0 C:\Program Files\Spyware Doctor\shbackup 1/15/2009 11:39:42 AM 0 C:\Program Files\Spyware Doctor\tools 1/15/2009 11:39:48 AM 78302 C:\Program Files\Spyware Doctor\ugLng 1/15/2009 12:03:00 PM 0 C:\Program Files\Spyware Doctor\~tmp 1/16/2009 5:10:56 PM 408980 C:\Program Files\Trend Micro 1/16/2009 5:10:56 PM 408980 C:\Program Files\Trend Micro\HijackThis ====== Files under "\System32\Drivers" Last 60 Days====== 1/15/2009 11:39:48 AM 42376 32 C:\WINDOWS\system32\drivers\ikfilesec.sys 1/15/2009 11:39:48 AM 66952 32 C:\WINDOWS\system32\drivers\iksysflt.sys 1/15/2009 11:39:48 AM 81288 32 C:\WINDOWS\system32\drivers\iksyssec.sys 1/15/2009 11:39:48 AM 29576 32 C:\WINDOWS\system32\drivers\kcom.sys 1/15/2009 10:09:55 AM 15504 32 C:\WINDOWS\system32\drivers\mbam.sys 1/15/2009 10:09:53 AM 38496 32 C:\WINDOWS\system32\drivers\mbamswissarmy.sys ====== Files Deleted under "%Temp%" ====== C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\141df99.mst C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\42d8_appcompat.txt C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\6fa8_appcompat.txt C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC11A.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC14.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC143.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC144.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC145.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC15.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC150.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC151.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC152.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC153.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC154.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC155.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC156.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC19B.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC19C.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC19D.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC19E.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC19F.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC21.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC22.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC27.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC28.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC29.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC2D.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC2E.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC2F.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC41.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC46.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC53.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC54.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC56.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC57.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC58.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC59.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC5A.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC5B.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC69.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC6A.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC6B.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC6C.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC733.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC759.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC75A.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC75C.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC75D.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC75E.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC75F.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC760.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC778.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC780.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC7C9.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC7CA.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC7CB.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC7CC.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC7CD.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC7CE.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC7CF.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC7D6.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC7D7.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC7DC.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC7DD.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC7E0.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC7E1.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC7EF.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC7F0.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC7F1.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC7F2.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC7F6.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC7F7.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC7F8.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC7F9.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC7FB.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC7FC.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC7FD.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC7FE.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC7FF.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC800.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC803.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC804.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC80D.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC80E.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC819.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC81A.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC81C.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC81F.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC835.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC836.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC838.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC839.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC83A.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC84E.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC84F.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC850.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC86.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC875.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC876.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC877.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC878.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC879.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC87A.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC87B.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC87C.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC87E.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC885.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC886.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC8C0.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC8C1.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC8EB.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC8FE.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC8FF.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC900.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC901.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC902.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC903.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC904.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC907.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC908.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC909.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC90D.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC90E.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC90F.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC910.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC911.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC912.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC913.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC914.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC91B.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC920.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC927.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC928.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC929.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC92A.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC92B.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC932.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC934.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC935.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC936.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC93E.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC93F.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC940.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC941.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC942.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC943.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC944.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC945.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC946.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC947.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC948.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC949.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC94A.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC94B.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC94C.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC94D.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC94E.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC952.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC953.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC954.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC955.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC956.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC957.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC958.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC959.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC95A.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC95B.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC95C.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC95D.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC95E.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC95F.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9A0.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9A1.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9A2.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9A3.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9A4.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9A5.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9A6.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9A7.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9A8.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9A9.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9AA.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9AB.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9AC.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9AD.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9AE.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9AF.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9B0.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9B1.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9B2.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9B3.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9B4.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9B5.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9B6.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9B7.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9B8.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9B9.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9BA.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9C1.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9C2.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9C3.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9C4.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9C5.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9C6.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9C7.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9C8.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9C9.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9CA.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9CB.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9CC.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9CD.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9CE.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9CF.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9D0.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9D1.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9D2.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9D3.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9D4.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9D5.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC9D6.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\ACA5.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\ACA6.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\ACA7.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\Adobelm_Cleanup.0001 C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\alm.log C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\amt.log C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\avg8inst.log C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\bch2E.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\bch31.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\bch34.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\bch37.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\bch3A.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\bch3D.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\bch40.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\bch43.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\bch46.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\bch49.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\bch4C.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\bch4F.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\bch52.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\bch55.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\bch58.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\bch5B.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\BIT43.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\caevents.log C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\D1B5B4F1.TMP C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\dd_depcheck_NETFX_EXP_35.txt C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\dd_dotnetfx35error.txt C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\dd_dotnetfx35install.txt C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\dd_MSXML6_MSI4CDD.txt C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\dd_NET_Framework30_Setup4D4F.txt C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\dd_NET_Framework35_MSI4E7F.txt C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\dd_RGB9RAST_x86.msi4CD7.txt C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\dd_wcf_retCA29B5.txt C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\dd_WIC.txt C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\dd_XPS.txt C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\etilqs_25IVf8aDA0IupBLQoqhu C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\etilqs_CeczzWi8WDCEfc1Chi8c C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\etilqs_ejMWNoqttZrlyrE8qqhH C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\etilqs_peNzUbYJhHaUhr8Jk2ck C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\fccdeCTn.bat C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\GLC27.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\GLF29.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\GLF2A.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\i4jdel0.exe C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\iwedantar.exe C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\java_install_reg.log C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\java_install_sp.log C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\jinstall.cfg C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\jusched.log C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\kl-install-2009-01-15-11-24-32.log C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\kl-install-2009-01-15-12-28-44.log C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\kl-install-2009-01-15-12-32-19.log C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\kl-install-2009-01-15-12-40-12.log C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\kl-setup-2009-01-15-11-24-32.log C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\kl-setup-2009-01-15-12-28-44.log C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\kl-setup-2009-01-15-12-32-19.log C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\kl-setup-2009-01-15-12-40-12.log C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\kleaner (pid 2376) 2009-01-15 12-40-55.log C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\kleaner (pid 4212) 2009-01-15 12-29-34.log C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\kleaner (pid 5508) 2009-01-15 11-25-58.log C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\kleaner (pid 728) 2009-01-15 12-32-40.log C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\lilo2 C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\lilo3 C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\lilo4 C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\Perflib_Perfdata_15c8.dat C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\Perflib_Perfdata_3bc.dat C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\service.exe C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\Setup Log 2009-01-15 #001.txt C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\Setup Log 2009-01-15 #002.txt C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\swt-gdip-win32-3448.dll C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\swt-win32-3448.dll C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\SymNRT 1-15-2009 10h42m57s.log C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\TMP1E.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\tmp29.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\tmp2A.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\tmp35.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\tmp4C.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\TWAIN.LOG C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\Twain001.Mtx C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\Twunk001.MTX C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\Twunk002.MTX C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\uninst.dll C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\uninst.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\uxeventlog.txt C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\WSFC7.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\WSFC8.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\{193F8A7B-1853-48D5-88AC-19446C2C1D13}estk_ribs_bgd.png C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\{24D77A7C-E10B-4057-9974-FAB8BFDAC853}background.png C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\{24D77A7C-E10B-4057-9974-FAB8BFDAC853}installer.ico C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\{61D23D99-3398-414E-974E-EBAE498BB298}bridge.ico C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\~DF636A.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\~DF6641.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\~DF7489.tmp C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\~DF7B1F.tmp 315 Files deleted ====== Files and Folders under "All Users\Application Data" Last 60 Days====== 12/12/2008 12:14:30 PM 47207 C:\Documents and Settings\All Users\Application Data\acccore 12/12/2008 12:14:30 PM 47207 C:\Documents and Settings\All Users\Application Data\acccore\plugins 12/12/2008 12:15:26 PM 4788 C:\Documents and Settings\All Users\Application Data\acccore\plugins\{64613142-4B62-7879-6563-337541545364} 12/12/2008 12:15:26 PM 5660 C:\Documents and Settings\All Users\Application Data\acccore\plugins\{64653137-6737-6936-486A-3566764D7375} 12/12/2008 12:15:26 PM 3756 C:\Documents and Settings\All Users\Application Data\acccore\plugins\{64653150-6D73-7770-5F76-636F6D57765A} 12/12/2008 12:15:26 PM 6057 C:\Documents and Settings\All Users\Application Data\acccore\plugins\{64653157-664A-4542-6A4C-6A39334B3934} 12/12/2008 12:15:26 PM 2526 C:\Documents and Settings\All Users\Application Data\acccore\plugins\{696D3136-4A6C-374C-4837-5779504C5455} 12/12/2008 12:15:26 PM 2572 C:\Documents and Settings\All Users\Application Data\acccore\plugins\{696D3152-4F7A-4462-355F-51737669496D} 1/15/2009 11:24:19 AM 40450880 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files 1/15/2009 11:24:19 AM 40450880 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 2009 1/15/2009 11:24:19 AM 40450880 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 2009\English 1/15/2009 10:09:51 AM 4265505 C:\Documents and Settings\All Users\Application Data\Malwarebytes 1/15/2009 10:09:51 AM 4265505 C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware 1/15/2009 10:42:43 AM 101764 C:\Documents and Settings\All Users\Application Data\NortonInstaller 1/15/2009 10:42:43 AM 101764 C:\Documents and Settings\All Users\Application Data\NortonInstaller\Logs 1/15/2009 10:42:43 AM 75676 C:\Documents and Settings\All Users\Application Data\NortonInstaller\Logs\1-15-2009-10h42m43s 1/15/2009 10:43:52 AM 26088 C:\Documents and Settings\All Users\Application Data\NortonInstaller\Logs\1-15-2009-10h43m52s ====== Possible Rootkit Scan (Note: Items listed here are not necessarily bad)====== ====== Values under HKLM\Software\microsoft\shared tools\msconfig\startupreg ====== ====== Services ( Services that are Whitelisted are not shown) ====== Apple Mobile Device (Apple Mobile Device) "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe" - Auto DSBrokerService (DSBrokerService) "C:\Program Files\DellSupport\brkrsvc.exe" - Manual Media Center Receiver Service (ehRecvr) C:\WINDOWS\eHome\ehRecvr.exe - Auto Media Center Scheduler Service (ehSched) C:\WINDOWS\eHome\ehSched.exe - Auto FLEXnet Licensing Service (FLEXnet Licensing Service) "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" - Manual Intel(R) Matrix Storage Event Monitor (IAANTMon) C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe - Auto Java Quick Starter (JavaQuickStarterService) "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" - Auto MHN (MHN) C:\WINDOWS\System32\svchost.exe -k netsvcs - Manual MSSQL$SONY_MEDIAMGR (MSSQL$SONY_MEDIAMGR) C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -sSONY_MEDIAMGR - Auto MSSQLServerADHelper (MSSQLServerADHelper) C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe - Manual Intel NCS NetService (NetSvc) C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe - Manual NMIndexingService (NMIndexingService) "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe" - Manual PC Tools Auxiliary Service (sdAuxService) C:\Program Files\Spyware Doctor\pctsAuxs.exe - Auto ServiceLayer (ServiceLayer) "C:\Program Files\PC Connectivity Solution\ServiceLayer.exe" - Manual SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter - Auto SQLAgent$SONY_MEDIAMGR (SQLAgent$SONY_MEDIAMGR) C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -i SONY_MEDIAMGR - Manual Upload Manager (uploadmgr) C:\WINDOWS\System32\svchost.exe -k netsvcs - Auto Viewpoint Manager Service (Viewpoint Manager Service) "C:\Program Files\Viewpoint\Common\ViewpointService.exe" - Auto WAN Miniport (ATW) Service (WANMiniportService) "C:\WINDOWS\wanmpsvc.exe" - Auto ====== Uninstall List From Registry ====== Windows Driver Package - Nokia Modem (02/15/2007 3.1) GemMaster Mystic 7-Zip 4.42 AC-3 ACM Codec Adi Dassler 1.0 Adobe Flash Player ActiveX Adobe Flash Player 10 Plugin Adobe Illustrator CS2 Adobe SVG Viewer 3.0 Adobe InDesign CS3 Adobe ExtendScript Toolkit 2 Adobe Dreamweaver CS3 Adobe Color Common Settings Adobe Photoshop CS3 Adobe Flash CS3 Professional Adobe® Photoshop® Album Starter Edition 3.2 AIM 6 AOL Instant Messenger AOL Toolbar 2.0 AOL Uninstaller (Choose which Products to Remove) AOL Coach Version 1.0(Build:20040229.1 en) Ask Toolbar ATI Display Driver Otto Bejeweled Deluxe 1.87 CDisplay 1.8 Chopper XP 2.3 Conexant D850 56K V.9x DFVc Modem Command & Conquer Windows 95 Console Classix 3.1 Dell Digital Jukebox Driver Dell Game Console DFX for Winamp DFX for Windows Media Player DVD Decrypter (Remove Only) DVD Shrink 3.2 Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information] ewido security suite Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1) FileZilla Client 3.1.6 FLAC Installer 1.1.2a (remove only) FramefileWizard Drug Wars getPlus(R)_ocx HijackThis 2.0.2 Microsoft Internationalized Domain Names Mitigation APIs Windows Internet Explorer 7 Canon Utilities PhotoStitch 3.1 Canon Camera Window for ZoomBrowser EX iPod for Windows 2006-06-28 Canon Utilities RemoteCapture 2.7 Canon Utilities File Viewer Utility 1.2 High Definition Audio Driver Package - KB835221 Windows XP Hotfix - KB873339 Windows XP Hotfix - KB885250 Windows XP Hotfix - KB885835 Windows XP Hotfix - KB885836 Windows XP Hotfix - KB886185 Windows XP Hotfix - KB887472 Windows XP Hotfix - KB887742 Microsoft .NET Framework 1.0 Hotfix (KB887998) Windows XP Hotfix - KB888113 Windows XP Hotfix - KB888302 Windows XP Hotfix - KB888310 Hotfix for Windows XP (KB888795) Windows XP Hotfix - KB889673 Security Update for Windows XP (KB890046) Windows XP Hotfix - KB890175 Windows XP Hotfix - KB890859 Windows XP Hotfix - KB890927 Hotfix for Windows XP (KB891593) Windows XP Hotfix - KB891781 Windows Genuine Advantage Validation Tool (KB892130) Security Update for Windows XP (KB893066) Security Update for Windows XP (KB893756) Windows Installer 3.1 (KB893803) Update for Windows XP (KB894391) Windows Media Player 10 Hotfix - KB895316 Hotfix for Windows XP (KB895961) Security Update for Windows XP (KB896358) Security Update for Windows XP (KB896422) Security Update for Windows XP (KB896423) Security Update for Windows XP (KB896424) Security Update for Windows XP (KB896428) Security Update for Windows XP (KB896688) Update for Windows XP (KB896727) Update for Windows XP (KB898461) Hotfix for Windows XP (KB899337) Hotfix for Windows XP (KB899510) Security Update for Windows XP (KB899587) Security Update for Windows XP (KB899589) Security Update for Windows XP (KB899591) Update Rollup 2 for Windows XP Media Center Edition 2005 Update for Windows XP (KB900485) Security Update for Windows XP (KB900725) Security Update for Windows XP (KB901017) Security Update for Windows XP (KB901214) Security Update for Windows XP (KB902400) Hotfix for Windows XP (KB902841) Hotfix for Windows Media Player 10 (KB903157) Security Update for Windows XP (KB904706) Update for Windows XP (KB904942) Security Update for Windows XP (KB905414) Security Update for Windows XP (KB905749) Security Update for Windows XP (KB905915) Security Update for Windows XP (KB908519) Security Update for Windows XP (KB908531) Hotfix for Windows Media Player 10 (KB910393) Update for Windows XP (KB910437) Security Update for Windows XP (KB911280) Security Update for Windows XP (KB911562) Security Update for Windows Media Player 10 (KB911565) Security Update for Windows XP (KB911567) Security Update for Windows XP (KB911927) Security Update for Windows XP (KB912812) Security Update for Windows XP (KB912919) Security Update for Windows XP (KB913446) Security Update for Windows XP (KB913580) Update for Windows Media Player 10 (KB913800) Security Update for Windows XP (KB914388) Security Update for Windows XP (KB914389) Hotfix for Windows XP (KB914440) Hotfix for Windows XP (KB915865) Security Update for Windows XP (KB916281) Update for Windows XP (KB916595) Security Update for Windows XP (KB917159) Security Update for Windows XP (KB917344) Security Update for Windows XP (KB917422) Security Update for Windows Media Player 10 (KB917734) Security Update for Windows XP (KB917953) Security Update for Windows XP (KB918118) Security Update for Windows XP (KB918439) Security Update for Windows XP (KB918899) Security Update for Windows XP (KB919007) Security Update for Windows XP (KB920213) Security Update for Windows XP (KB920214) Security Update for Windows XP (KB920670) Security Update for Windows XP (KB920683) Security Update for Windows XP (KB920685) Update for Windows XP (KB920872) Security Update for Windows XP (KB921398) Security Update for Windows XP (KB921503) Security Update for Windows XP (KB921883) Update for Windows XP (KB922582) Security Update for Windows XP (KB922616) Security Update for Windows XP (KB922819) Security Update for Windows XP (KB923191) Security Update for Windows XP (KB923414) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB923694) Security Update for Windows XP (KB923980) Security Update for Windows XP (KB924191) Security Update for Windows XP (KB924270) Security Update for Windows XP (KB924496) Security Update for Windows XP (KB924667) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows XP (KB925486) Update for Windows XP (KB925720) Windows XP Media Center Edition 2005 KB925766 Security Update for Windows XP (KB925902) Hotfix for Windows XP (KB926239) Update for Windows Media Player 10 (KB926251) Security Update for Windows XP (KB926255) Security Update for Windows XP (KB926436) Security Update for Windows XP (KB927779) Security Update for Windows XP (KB927802) Update for Windows XP (KB927891) Security Update for Windows Internet Explorer 7 (KB928090) Security Update for Windows XP (KB928255) Security Update for Windows XP (KB928843) Security Update for Windows XP (KB929123) Update for Windows XP (KB929338) Hotfix for Windows Media Format 11 SDK (KB929399) Security Update for Windows Internet Explorer 7 (KB929969) Security Update for Windows XP (KB930178) Microsoft .NET Framework 1.0 Hotfix (KB930494) Update for Windows XP (KB930916) Security Update for Windows XP (KB931261) Security Update for Windows Internet Explorer 7 (KB931768) Security Update for Windows XP (KB931784) Update for Windows XP (KB931836) Security Update for Windows XP (KB932168) Update for Windows XP (KB932823-v3) Update for Windows XP (KB933360) Security Update for Windows Internet Explorer 7 (KB933566) Security Update for Windows XP (KB933729) Security Update for Windows XP (KB935839) Security Update for Windows XP (KB935840) Security Update for Windows XP (KB936021) Update for Windows XP (KB936357) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Internet Explorer 7 (KB937143) Security Update for Windows XP (KB937894) Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows XP (KB938464) Update for Windows XP (KB938828) Security Update for Windows XP (KB938829) Security Update for Windows Internet Explorer 7 (KB939653) Hotfix for Windows Media Player 11 (KB939683) Security Update for Windows XP (KB941202) Security Update for Windows XP (KB941568) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB941644) Security Update for Windows XP (KB941693) Security Update for Windows Internet Explorer 7 (KB942615) Update for Windows XP (KB942763) Security Update for Windows XP (KB943055) Security Update for Windows XP (KB943460) Security Update for Windows XP (KB943485) Security Update for Windows Internet Explorer 7 (KB944533) Security Update for Windows XP (KB944653) Security Update for Windows XP (KB945553) Security Update for Windows XP (KB946026) Security Update for Windows XP (KB946648) Hotfix for Windows Internet Explorer 7 (KB947864) Security Update for Windows XP (KB948590) Security Update for Windows XP (KB948881) Security Update for Windows XP (KB950749) Security Update for Windows Internet Explorer 7 (KB950759) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Update for Windows XP (KB951072-v2) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows Media Player (KB952069) Hotfix for Windows XP (KB952287) Security Update for Windows XP (KB952954) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows XP (KB953839) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Update for Windows XP (KB955839) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows Internet Explorer 7 (KB960714) Microsoft .NET Framework 1.1 Hotfix (KB928366) Magic ISO Maker v5.5 (build 0273) Malwarebytes' Anti-Malware Microsoft .NET Framework 1.1 Microsoft .NET Framework 3.5 Monkey's Audio Mozilla Firefox (3.0.5) McAfee SecurityCenter Microsoft Compression Client Pack 1.0 for Windows XP Microsoft National Language Support Downlevel APIs Intel(R) PRO Network Connections Drivers RealPlayer Registry Mechanic 7.0 ScummVM 0.7.1 Serials 2000 7.1+ SoulSeek Client 156c SoulSeek 157 NS 12d Spyware Doctor 5.5 Learn2 Player (Uninstall Only) TablEdit 2.65 Viewpoint Manager (Remove Only) Viewpoint Media Player VideoLAN VLC media player 0.8.6c Vuze Westwood Online WebCyberCoach 3.2 Dell Windows Genuine Advantage Validation Tool (KB892130) Windows Genuine Advantage Notifications (KB905474) Windows Imaging Component WildTangent Web Driver Winamp Windows Live Safety scanner Windows Media Format 11 runtime Windows Media Player 11 Windows Media Format 11 runtime Windows Media Player 11 Microsoft User-Mode Driver Framework Feature Pack 1.0 XML Paper Specification Shared Components Pack 1.0 Microsoft Office 2000 Premium PhotoStitch Adobe Help Viewer CS3 PC Connectivity Solution Sonic RecordNow Data Adobe Bridge Start Meeting Camera Window ATI Control Panel Microsoft Plus! Photo Story 2 LE Sonic DLA QuickBooks Simple Start Special Edition Adobe WinSoft Linguistics Plugin AutoUpdate MSXML 6 Service Pack 2 (KB954459) Sonic MyDVD LE Google Toolbar for Internet Explorer Adobe ExtendScript Toolkit 2 Java(TM) 6 Update 11 Adobe Stock Photos CS3 Adobe Extension Manager CS3 Microsoft .NET Framework 3.0 Service Pack 1 Adobe Flash Video Encoder Microsoft .NET Framework 3.5 Sonic Update Manager J2SE Runtime Environment 5.0 Update 9 J2SE Runtime Environment 5.0 Update 10 J2SE Runtime Environment 5.0 Update 11 Java(TM) SE Runtime Environment 6 Update 1 Java(TM) 6 Update 3 Java(TM) 6 Update 5 Java(TM) 6 Update 7 Windows Media Player 10 WebFldrs XP Internet Explorer Default Page MSXML 4.0 SP2 (KB927978) Adobe Setup Adobe Photoshop CS3 Google Earth Adobe SING CS3 Intel(R) PROSet for Wired Connections Adobe Color EU Extra Settings Adobe Linguistics CS3 Sony Sound Forge 8.0d Adobe Setup neroxml Creative MediaSource Dell Driver Reset Tool Nero 9 McAfee Shredder Nero CoverDesigner AOLIcon Adobe Setup PowerDVD 5.5 Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) Apple Software Update Windows Media Player Firefox Plugin Adobe Fonts All Adobe Flash CS3 Adobe Color Common Settings Digital Content Portal Microsoft Plus! Digital Media Edition Installer Adobe Asset Services CS3 Java 2 Runtime Environment, SE v1.4.2_03 EarthLink setup files Microsoft Visual C++ 2005 Redistributable Dell System Restore Get High Speed Internet! DivX DellSupport Modem Helper Adobe XMP Panels CS3 Rhapsody Player Engine MSXML 4.0 SP2 (KB954430) Bonjour Corel Photo Album 6 DivX Player Adobe Device Central CS3 QuickTime Adobe Type Support Adobe Anchor Service CS3 Intel Matrix Storage Manager Adobe Color NA Recommended Settings Nokia Connectivity Cable Driver Sonic Encoders Adobe Bridge CS3 Sound Blaster Audigy 2 ZS DiscWizard for Windows Adobe CMaps Adobe Color - Photoshop Specific 2Wire Wireless Client Adobe® Photoshop® Album Starter Edition 3.2 EducateU ImagXpress MSXML 4.0 SP2 (KB925672) Sonic RecordNow Audio PDF Settings Adobe Reader 8.1.2 Adobe Reader 8.1.2 Security Update 1 (KB403742) WordPerfect Office 12 Sonic RecordNow Copy Advertising Center Adobe Illustrator CS2 Adobe Camera Raw 4.0 Adobe Setup Microsoft .NET Framework 2.0 Service Pack 1 DivX Web Player Adobe Default Language CS3 iPod for Windows 2006-06-28 Nero ControlCenter RemoteCapture 2.7.0 MSXML 4.0 SP2 (KB936181) Canon Utilities ZoomBrowser EX Apple Mobile Device Support Sony Media Manager 2.1 Microsoft .NET Framework 1.1 Adobe InDesign CS3 NeroBurningROM Adobe Version Cue CS3 Client Adobe PDF Library Files Adobe Color JA Extra Settings Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR) Dell Support Center (Support Software) Digital Line Detect Adobe Update Manager CS3 Nero Installer Musicmatch for Windows Media Player iTunes Adobe InDesign CS3 Icon Handler File Viewer Utility 1.2 Adobe Dreamweaver CS3 Nero 7 Ultra Edition Adobe Setup Adobe Setup ======== Other Info ======== TOTAL PHYSICAL RAM: 1072 MB
bamajim
10.4K Posts
0
January 20th, 2009 18:00
1. Please download The Avenger by Swandog46 to your Desktop.
2. Copy all the text contained in the bold below to your Clipboard by highlighting it and pressing (Ctrl+C):
Files to delete:
C:\windll_v354.exe
C:\WINDOWS\windat.txt
C:\WINDOWS\system32\6312b13c-.txt
C:\WINDOWS\system32\cphxkpul.dll
C:\WINDOWS\system32\dvdttgec.ini
C:\WINDOWS\system32\kavsetup1.exe
C:\WINDOWS\system32\kavsetup2.exe
C:\WINDOWS\system32\kpeixeln.dll
C:\WINDOWS\system32\mjernt.dll
C:\WINDOWS\system32\mwyfdz.dll
C:\WINDOWS\system32\pmndingv.ini
C:\WINDOWS\system32\rn.tmp
C:\WINDOWS\system32\rnxdrhsk.dll
C:\WINDOWS\system32\sn.txt
C:\WINDOWS\system32\spmsg2.dll
C:\WINDOWS\system32\vwzodl.dll
C:\WINDOWS\system32\wqmtmnnc.ini
C:\WINDOWS\system32\wr13144.dll
C:\WINDOWS\system32\xa10233687.exe
C:\WINDOWS\system32\xa10234734.exe
Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.
3. Now, start The Avenger program by clicking on its icon on your desktop.
4. The Avenger will automatically do the following:
5. Please copy/paste the content of c:\avenger.txt into your reply along with a fresh HJT log
Cheech519
30 Posts
0
January 21st, 2009 02:00
//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////
Platform: Windows XP (build 2600, Service Pack 2)
Wed Jan 21 01:50:33 2009
01:50:33: Error: Invalid script. A valid script must begin with a command directive.
Aborting execution!
//////////////////////////////////////////
//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////
Platform: Windows XP (build 2600, Service Pack 2)
Wed Jan 21 01:50:55 2009
01:50:55: Error: Could not set driver ImagePath.
Aborting execution! (error 0: the operation completed successfully.)
//////////////////////////////////////////
//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////
Platform: Windows XP (build 2600, Service Pack 2)
Wed Jan 21 01:52:29 2009
01:52:29: Error: Invalid script. A valid script must begin with a command directive.
Aborting execution!
//////////////////////////////////////////
//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////
Platform: Windows XP (build 2600, Service Pack 2)
Wed Jan 21 01:54:14 2009
01:54:14: Error: Could not set driver ImagePath.
Aborting execution! (error 0: the operation completed successfully.)
//////////////////////////////////////////
//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////
Platform: Windows XP (build 2600, Service Pack 2)
Wed Jan 21 01:54:17 2009
01:54:17: Error: Could not set driver ImagePath.
Aborting execution! (error 0: the operation completed successfully.)
//////////////////////////////////////////
//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////
Platform: Windows XP (build 2600, Service Pack 2)
Wed Jan 21 01:54:21 2009
01:54:21: Error: Could not set driver ImagePath.
Aborting execution! (error 0: the operation completed successfully.)
//////////////////////////////////////////
//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////
Platform: Windows XP (build 2600, Service Pack 2)
Wed Jan 21 01:54:32 2009
01:54:32: Error: Invalid script. A valid script must begin with a command directive.
Aborting execution!
//////////////////////////////////////////
//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////
Platform: Windows XP (build 2600, Service Pack 2)
Wed Jan 21 02:01:42 2009
02:01:42: Error: Could not set driver ImagePath.
Aborting execution! (error 0: the operation completed successfully.)
//////////////////////////////////////////
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
File "C:\windll_v354.exe" deleted successfully.
File "C:\WINDOWS\windat.txt" deleted successfully.
File "C:\WINDOWS\system32\6312b13c-.txt" deleted successfully.
File "C:\WINDOWS\system32\cphxkpul.dll" deleted successfully.
File "C:\WINDOWS\system32\dvdttgec.ini" deleted successfully.
File "C:\WINDOWS\system32\kavsetup1.exe" deleted successfully.
File "C:\WINDOWS\system32\kavsetup2.exe" deleted successfully.
File "C:\WINDOWS\system32\kpeixeln.dll" deleted successfully.
File "C:\WINDOWS\system32\mjernt.dll" deleted successfully.
File "C:\WINDOWS\system32\mwyfdz.dll" deleted successfully.
File "C:\WINDOWS\system32\pmndingv.ini" deleted successfully.
File "C:\WINDOWS\system32\rn.tmp" deleted successfully.
File "C:\WINDOWS\system32\rnxdrhsk.dll" deleted successfully.
File "C:\WINDOWS\system32\sn.txt" deleted successfully.
File "C:\WINDOWS\system32\spmsg2.dll" deleted successfully.
File "C:\WINDOWS\system32\vwzodl.dll" deleted successfully.
File "C:\WINDOWS\system32\wqmtmnnc.ini" deleted successfully.
File "C:\WINDOWS\system32\wr13144.dll" deleted successfully.
File "C:\WINDOWS\system32\xa10233687.exe" deleted successfully.
File "C:\WINDOWS\system32\xa10234734.exe" deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:09:04, on 1/21/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\WINDOWS\system32\NOTEPAD.EXE
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\AOL\1133608311\ee\AOLSoftware.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Winamp\winampa.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\RarSFX2\services.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - (no file)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" /r
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1133608311\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [MPFExe] C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [wincam] C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\RarSFX2\services.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O15 - Trusted Zone: *.stumbleupon.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1141114797880
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5501/mcfscan.cab
O20 - AppInit_DLLs: inster.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
--
End of file - 12772 bytes
bamajim
10.4K Posts
0
January 21st, 2009 05:00
Ceech519
How is your PC running at this point?
Cheech519
30 Posts
0
January 21st, 2009 10:00
so far so good, i'll run some malware and spyware scans, and if that pop-up comes up again I will let you know.
thanks
bamajim
10.4K Posts
0
January 21st, 2009 11:00
That's good news.
1. I need you to help us out with some research
Please go HERE
Put Your Name, and Dell HJT forum
And In the file to submit box, click Browse.Using Windows Explorer
Locate the file
In the comments tell them that I asked you to upload the file
Then Select Send File.
2. I see that youu have Viewpoint Manager installed. It is faustware, and not required to use Viewpoint.
See this LINK
I would recommend that you uninstall it through Add or Remove Programs
Finally
You may now remove/delete/uninstall the tools we used to clean your PC
Now that your log is clean
There are some final notes:
the instructions are here
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version Java components and update.
Updating Java:
Java Runtime Environment (JRE) 6.u11.
Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
Click the " Download" button to the right.
Check the box that says: " Accept License Agreement".
The page will refresh.
Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
Check any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java versions.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on jre-6u11-windowsi586-p.exe to install the newest version.
Update your Anti Virus Software
Use and maintain a Firewall
Visit Microsoft's Windows Update Site Frequently for critical updates
Backup your Important Documents and Files on a regular basis
You may want to read this article" So how did I get infected in the first place" by Tony Klein
surf safe
Cheech519
30 Posts
0
January 22nd, 2009 16:00
So everything was going smooth after I did the avenger clean, but now it is back again. I downloaded avast anti-virus and it found a file kjda.exe in documents and settings that was a trojan and got rid of it. I also tried to upload my avenger file to malware upload but it would not process. There is also a BOOM sound every once in a while that seems to come from no where, and the same 2 x 2 inch pop-up with the "i" inside a blue circle comes up every once in a while. Also avast and other anti-virus have been making my computer run extremely slow, and when i get rid of them my computer runs fast as usual. My computer also displays the time in military format which i cannot change.
here is another HJT log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:53:25, on 1/22/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
C:\WINDOWS\system32\CTHELPER.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\AOL\1133608311\ee\AOLSoftware.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\RarSFX2\services.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\eHome\ehmsas.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Program Files\DFX\WMP\Apps\dfxgApp.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\iTunes\iTunes.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: D - {FBD56E18-B068-3F9E-9809-8E5081E57D30} - C:\WINDOWS\system32\xwr13144.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - (no file)
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" /r
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1133608311\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [MPFExe] C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [wincam] C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\RarSFX2\services.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: &AIM Toolbar Search - C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O15 - Trusted Zone: *.stumbleupon.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1141114797880
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5501/mcfscan.cab
O20 - AppInit_DLLs: inster.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
--
End of file - 13284 bytes
bamajim
10.4K Posts
0
January 22nd, 2009 17:00
Cheech519
Post a fresh FileLister log please
Cheech519
30 Posts
0
January 22nd, 2009 18:00
+++++++++++++++++++++++++++++++++
+ File Lister Version 1.0.5
+
+ By bamajim / bamajim.com
+++++++++++++++++++++++++++++++++
Report ran on --->>> 1/22/2009 6:39:46 PM
====== Running Processes ======
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
C:\WINDOWS\system32\CTHELPER.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\AOL\1133608311\ee\AOLSoftware.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\RarSFX2\services.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\eHome\ehmsas.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Program Files\DFX\WMP\Apps\dfxgApp.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\iTunes\iTunes.exe
C:\WINDOWS\system32\rundll32.exe
c:\PROGRA~1\mcafee\msc\mcupdmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\WScript.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
====== BHO's under HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects ======
BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
BHO: WormRadar.com IESiteBlocker.NavFilter - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
BHO: WormRadar.com IESiteBlocker.NavFilter - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll
BHO: AIM Toolbar Loader - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: JQSIEStartDetectorImpl - {FBD56E18-B068-3F9E-9809-8E5081E57D30} - C:\WINDOWS\system32\xwr13144.dll
====== Values under HKLM\~\Run ======
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\\WINDOWS\\ehome\\ehtray.exe"
"IAAnotif"="\"C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\iaanotif.exe\""
"ATIPTA"="\"C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\""
"CTSysVol"="\"C:\\Program Files\\Creative\\SBAudigy2ZS\\Surround Mixer\\CTSysVol.exe\" /r"
"CTDVDDET"="\"C:\\Program Files\\Creative\\SBAudigy2ZS\\DVDAudio\\CTDVDDET.EXE\""
"CTHelper"="CTHELPER.EXE"
"UpdReg"="C:\\WINDOWS\\UpdReg.EXE"
"DVDLauncher"="\"C:\\Program Files\\CyberLink\\PowerDVD\\DVDLauncher.exe\""
"dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe"
"ISUSPM Startup"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\isuspm.exe\" -startup"
"ISUSScheduler"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start"
"HostManager"="C:\\Program Files\\Common Files\\AOL\\1133608311\\ee\\AOLSoftware.exe"
"AOLDialer"="\"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe\""
"Adobe Photo Downloader"="\"C:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.2\\Apps\\apdproxy.exe\""
"dscactivate"="\"C:\\Program Files\\Dell Support Center\\gs_agent\\custom\\dsca.exe\""
"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""
"WinampAgent"="\"C:\\Program Files\\Winamp\\winampa.exe\""
"MPFExe"="C:\\Program Files\\mcafee.com\\personal firewall\\MPfTray.exe"
"DellSupportCenter"="\"C:\\Program Files\\Dell Support Center\\bin\\sprtcmd.exe\" /P DellSupportCenter"
"mcagent_exe"="C:\\Program Files\\McAfee.com\\Agent\\mcagent.exe /runkey"
"RegistryMechanic"=""
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
"wincam"="C:\\DOCUME~1\\RICHAR~1\\LOCALS~1\\Temp\\RarSFX2\\services.exe"
"ISTray"="\"C:\\Program Files\\Spyware Doctor\\pctsTray.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre6\\bin\\jusched.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"
@=""
====== Values under HKCU\~\Run ======
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Aim6"=""
"DellSupportCenter"="\"C:\\Program Files\\Dell Support Center\\bin\\sprtcmd.exe\" /P DellSupportCenter"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\""
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
@=""
====== Folders and Files from "%\" and "%\Windows" Created Last 60 Days ======
1/21/2009 2:03:49 AM 68124123 C:\Avenger
1/21/2009 1:50:33 AM 9176 32 C:\avenger.txt
1/20/2009 3:04:52 PM 4082 32 C:\Files.txt
12/16/2008 3:01:14 AM 1214 32 C:\images.sql
1/22/2009 3:53:13 PM 367 34 C:\IPH.PH
1/15/2009 1:56:00 AM 94897 34 C:\Mozilla.html
1/20/2009 3:10:08 PM 6600 32 C:\rapport.txt
1/20/2009 3:48:27 PM 72485154 C:\WINDOWS\McAfee.com
1/20/2009 3:48:27 PM 72485154 C:\WINDOWS\McAfee.com\FreeScan
1/15/2009 11:13:57 AM 11615 32 C:\WINDOWS\KB925720.log
1/14/2009 3:05:23 PM 13755 32 C:\WINDOWS\KB952069.log
1/14/2009 3:05:08 PM 7883 32 C:\WINDOWS\KB954600.log
1/14/2009 2:58:44 PM 33055 32 C:\WINDOWS\KB955839.log
1/14/2009 2:58:30 PM 12698 32 C:\WINDOWS\KB956802.log
1/14/2009 3:05:44 PM 19071 32 C:\WINDOWS\KB958215-IE7.log
1/14/2009 3:05:17 PM 8193 32 C:\WINDOWS\KB958687.log
1/14/2009 3:05:36 PM 8297 32 C:\WINDOWS\KB960714-IE7.log
1/15/2009 11:16:10 AM 508970 32 C:\WINDOWS\msxml6-KB954459-enu-x86.LOG
1/15/2009 10:42:28 AM 386780 C:\WINDOWS\system32\XPSViewer
1/15/2009 10:42:28 AM 3584 C:\WINDOWS\system32\XPSViewer\en-us
12/3/2008 11:41:13 PM 410984 32 C:\WINDOWS\system32\deploytk.dll
1/21/2009 4:06:49 PM 144792 32 C:\WINDOWS\system32\java.exe
1/21/2009 4:06:49 PM 73728 32 C:\WINDOWS\system32\javacpl.cpl
1/21/2009 4:06:49 PM 144792 32 C:\WINDOWS\system32\javaw.exe
1/21/2009 4:06:49 PM 148888 32 C:\WINDOWS\system32\javaws.exe
1/14/2009 3:03:25 PM 276 32 C:\WINDOWS\system32\MRT.INI
1/20/2009 3:10:13 PM 5374 32 C:\WINDOWS\system32\tmp.reg
1/20/2009 3:10:13 PM 0 32 C:\WINDOWS\system32\tmp.txt
1/22/2009 1:31:15 PM 167936 32 C:\WINDOWS\system32\wr13144.dll
1/22/2009 1:51:57 PM 13920660 32 C:\WINDOWS\system32\xa471812.exe
1/22/2009 1:52:00 PM 13920660 32 C:\WINDOWS\system32\xa472968.exe
1/22/2009 1:31:13 PM 13920660 32 C:\WINDOWS\system32\xa6817953.exe
1/22/2009 1:31:14 PM 13920660 32 C:\WINDOWS\system32\xa6819343.exe
1/22/2009 1:31:16 PM 167936 32 C:\WINDOWS\system32\xwr13144.dll
====== Files under "\Administrator\Startup" Last 60 Days======
====== Files under "\All Users\Startup" Last 60 Days======
====== Folders under "\Program Files" Last 60 Days======
1/22/2009 3:54:15 PM 2323957 C:\Program Files\AIM Toolbar
1/21/2009 4:42:46 PM 0 C:\Program Files\Alwil Software
1/21/2009 4:42:46 PM 0 C:\Program Files\Alwil Software\Avast4
1/21/2009 4:42:46 PM 0 C:\Program Files\Alwil Software\Avast4\Setup
12/1/2008 10:56:29 PM 13584462 C:\Program Files\FileZilla FTP Client
12/11/2008 2:47:10 PM 2676 C:\Program Files\FileZilla FTP Client\docs
12/11/2008 2:47:11 PM 4939772 C:\Program Files\FileZilla FTP Client\locales
12/11/2008 2:47:11 PM 81093 C:\Program Files\FileZilla FTP Client\locales\ar
12/11/2008 2:47:11 PM 166412 C:\Program Files\FileZilla FTP Client\locales\bg_BG
12/11/2008 2:47:11 PM 132597 C:\Program Files\FileZilla FTP Client\locales\ca
12/11/2008 2:47:11 PM 129316 C:\Program Files\FileZilla FTP Client\locales\ca_ES@valencia
12/11/2008 2:47:11 PM 129182 C:\Program Files\FileZilla FTP Client\locales\cs_CZ
12/11/2008 2:47:11 PM 74101 C:\Program Files\FileZilla FTP Client\locales\da_DK
12/11/2008 2:47:11 PM 135136 C:\Program Files\FileZilla FTP Client\locales\de
12/11/2008 2:47:11 PM 180585 C:\Program Files\FileZilla FTP Client\locales\el
12/11/2008 2:47:11 PM 132423 C:\Program Files\FileZilla FTP Client\locales\es
12/11/2008 2:47:11 PM 123899 C:\Program Files\FileZilla FTP Client\locales\et_EE
12/11/2008 2:47:11 PM 34573 C:\Program Files\FileZilla FTP Client\locales\eu_ES
12/11/2008 2:47:11 PM 112555 C:\Program Files\FileZilla FTP Client\locales\fi_FI
12/11/2008 2:47:11 PM 133318 C:\Program Files\FileZilla FTP Client\locales\fr
12/11/2008 2:47:11 PM 134042 C:\Program Files\FileZilla FTP Client\locales\fr_CA
12/11/2008 2:47:11 PM 92539 C:\Program Files\FileZilla FTP Client\locales\gl_ES
12/11/2008 2:47:11 PM 57690 C:\Program Files\FileZilla FTP Client\locales\he_IL
12/11/2008 2:47:11 PM 116903 C:\Program Files\FileZilla FTP Client\locales\hu_HU
12/11/2008 2:47:11 PM 125614 C:\Program Files\FileZilla FTP Client\locales\id_ID
12/11/2008 2:47:11 PM 130042 C:\Program Files\FileZilla FTP Client\locales\it
12/11/2008 2:47:11 PM 138026 C:\Program Files\FileZilla FTP Client\locales\ja_JP
12/11/2008 2:47:11 PM 43658 C:\Program Files\FileZilla FTP Client\locales\ka
12/11/2008 2:47:11 PM 3733 C:\Program Files\FileZilla FTP Client\locales\km_KH
12/11/2008 2:47:11 PM 116859 C:\Program Files\FileZilla FTP Client\locales\ko_KR
12/11/2008 2:47:11 PM 20567 C:\Program Files\FileZilla FTP Client\locales\ku
12/11/2008 2:47:11 PM 128333 C:\Program Files\FileZilla FTP Client\locales\lt_LT
12/11/2008 2:47:11 PM 62144 C:\Program Files\FileZilla FTP Client\locales\lv_LV
12/11/2008 2:47:11 PM 103415 C:\Program Files\FileZilla FTP Client\locales\mk_MK
12/11/2008 2:47:11 PM 123629 C:\Program Files\FileZilla FTP Client\locales\nb_NO
12/11/2008 2:47:11 PM 105647 C:\Program Files\FileZilla FTP Client\locales\ne
12/11/2008 2:47:11 PM 129112 C:\Program Files\FileZilla FTP Client\locales\nl
12/11/2008 2:47:11 PM 68908 C:\Program Files\FileZilla FTP Client\locales\nn_NO
12/11/2008 2:47:11 PM 127937 C:\Program Files\FileZilla FTP Client\locales\pl_PL
12/11/2008 2:47:11 PM 131427 C:\Program Files\FileZilla FTP Client\locales\pt_BR
12/11/2008 2:47:11 PM 131482 C:\Program Files\FileZilla FTP Client\locales\pt_PT
12/11/2008 2:47:11 PM 131518 C:\Program Files\FileZilla FTP Client\locales\ro_RO
12/11/2008 2:47:11 PM 161914 C:\Program Files\FileZilla FTP Client\locales\ru
12/11/2008 2:47:11 PM 131222 C:\Program Files\FileZilla FTP Client\locales\sk_SK
12/11/2008 2:47:11 PM 127902 C:\Program Files\FileZilla FTP Client\locales\sl_SI
12/11/2008 2:47:11 PM 85735 C:\Program Files\FileZilla FTP Client\locales\sv
12/11/2008 2:47:11 PM 30784 C:\Program Files\FileZilla FTP Client\locales\th_TH
12/11/2008 2:47:11 PM 63723 C:\Program Files\FileZilla FTP Client\locales\tr
12/11/2008 2:47:11 PM 170146 C:\Program Files\FileZilla FTP Client\locales\uk_UA
12/11/2008 2:47:11 PM 142832 C:\Program Files\FileZilla FTP Client\locales\vi_VN
12/11/2008 2:47:11 PM 118851 C:\Program Files\FileZilla FTP Client\locales\zh_CN
12/11/2008 2:47:11 PM 118248 C:\Program Files\FileZilla FTP Client\locales\zh_TW
12/11/2008 2:47:09 PM 810739 C:\Program Files\FileZilla FTP Client\resources
12/11/2008 2:47:09 PM 6155 C:\Program Files\FileZilla FTP Client\resources\16x16
12/11/2008 2:47:09 PM 1534 C:\Program Files\FileZilla FTP Client\resources\32x32
12/11/2008 2:47:09 PM 1216 C:\Program Files\FileZilla FTP Client\resources\48x48
12/11/2008 2:47:10 PM 116484 C:\Program Files\FileZilla FTP Client\resources\blukis
12/11/2008 2:47:10 PM 12089 C:\Program Files\FileZilla FTP Client\resources\blukis\16x16
12/11/2008 2:47:10 PM 38008 C:\Program Files\FileZilla FTP Client\resources\blukis\32x32
12/11/2008 2:47:10 PM 66156 C:\Program Files\FileZilla FTP Client\resources\blukis\48x48
12/11/2008 2:47:10 PM 8420 C:\Program Files\FileZilla FTP Client\resources\cyril
12/11/2008 2:47:10 PM 8201 C:\Program Files\FileZilla FTP Client\resources\cyril\16x16
12/11/2008 2:47:11 PM 163831 C:\Program Files\FileZilla FTP Client\resources\lone
12/11/2008 2:47:11 PM 24707 C:\Program Files\FileZilla FTP Client\resources\lone\16x16
12/11/2008 2:47:11 PM 61121 C:\Program Files\FileZilla FTP Client\resources\lone\32x32
12/11/2008 2:47:11 PM 77718 C:\Program Files\FileZilla FTP Client\resources\lone\48x48
12/11/2008 2:47:11 PM 152461 C:\Program Files\FileZilla FTP Client\resources\opencrystal
12/11/2008 2:47:11 PM 19365 C:\Program Files\FileZilla FTP Client\resources\opencrystal\16x16
12/11/2008 2:47:11 PM 50224 C:\Program Files\FileZilla FTP Client\resources\opencrystal\32x32
12/11/2008 2:47:11 PM 82573 C:\Program Files\FileZilla FTP Client\resources\opencrystal\48x48
1/8/2009 1:59:29 PM 3103775 C:\Program Files\MagicISO
1/15/2009 10:09:51 AM 4114750 C:\Program Files\Malwarebytes' Anti-Malware
1/15/2009 10:09:52 AM 372752 C:\Program Files\Malwarebytes' Anti-Malware\Languages
12/15/2008 10:56:16 AM 2161478 C:\Program Files\Monkey's Audio
12/15/2008 10:56:17 AM 165904 C:\Program Files\Monkey's Audio\Documentation
12/15/2008 10:56:17 AM 264864 C:\Program Files\Monkey's Audio\External
12/15/2008 10:56:17 AM 78708 C:\Program Files\Monkey's Audio\Resources
12/15/2008 10:56:17 AM 593920 C:\Program Files\Monkey's Audio\Tools
1/15/2009 10:42:34 AM 23758 C:\Program Files\MSBuild
1/15/2009 10:42:34 AM 23758 C:\Program Files\MSBuild\Microsoft
1/15/2009 10:42:34 AM 23758 C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation
1/15/2009 10:42:34 AM 9908 C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0
1/15/2009 10:43:49 AM 13850 C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5
1/15/2009 10:41:37 AM 6849 C:\Program Files\MSXML 6.0
1/15/2009 10:41:37 AM 6849 C:\Program Files\MSXML 6.0\EULA
1/15/2009 10:42:20 AM 31308314 C:\Program Files\Reference Assemblies
1/15/2009 10:42:20 AM 31308314 C:\Program Files\Reference Assemblies\Microsoft
1/15/2009 10:42:20 AM 31308314 C:\Program Files\Reference Assemblies\Microsoft\Framework
1/15/2009 10:42:20 AM 25299132 C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0
1/15/2009 10:42:21 AM 5682 C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList
1/15/2009 10:43:48 AM 6009182 C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5
1/15/2009 10:43:57 AM 7454 C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList
1/15/2009 11:39:42 AM 54572269 C:\Program Files\Spyware Doctor
1/15/2009 11:39:42 AM 11897 C:\Program Files\Spyware Doctor\avdb
1/15/2009 11:39:42 AM 0 C:\Program Files\Spyware Doctor\avdb\quarantine
1/15/2009 11:39:42 AM 0 C:\Program Files\Spyware Doctor\avdb\temp
1/15/2009 11:39:42 AM 1142544 C:\Program Files\Spyware Doctor\avengine
1/15/2009 11:40:00 AM 235896 C:\Program Files\Spyware Doctor\history
1/15/2009 11:39:42 AM 0 C:\Program Files\Spyware Doctor\log
1/15/2009 11:39:48 AM 324404 C:\Program Files\Spyware Doctor\LuLng
1/15/2009 11:39:49 AM 2033200 C:\Program Files\Spyware Doctor\NetworkLayer
1/15/2009 11:39:48 AM 3753056 C:\Program Files\Spyware Doctor\plugins
1/15/2009 11:40:00 AM 1420016 C:\Program Files\Spyware Doctor\quarantine
1/15/2009 11:40:06 AM 0 C:\Program Files\Spyware Doctor\sdnet
1/15/2009 11:40:05 AM 0 C:\Program Files\Spyware Doctor\shbackup
1/15/2009 11:39:42 AM 0 C:\Program Files\Spyware Doctor\tools
1/15/2009 11:39:48 AM 78302 C:\Program Files\Spyware Doctor\ugLng
1/15/2009 12:03:00 PM 0 C:\Program Files\Spyware Doctor\~tmp
1/21/2009 4:07:05 PM 26751483 C:\Program Files\Sun
1/21/2009 4:07:05 PM 26751483 C:\Program Files\Sun\JavaDB
1/21/2009 4:07:06 PM 29717 C:\Program Files\Sun\JavaDB\bin
1/21/2009 4:07:06 PM 4061070 C:\Program Files\Sun\JavaDB\demo
1/21/2009 4:07:08 PM 2543087 C:\Program Files\Sun\JavaDB\demo\databases
1/21/2009 4:07:08 PM 2253780 C:\Program Files\Sun\JavaDB\demo\databases\toursdb
1/21/2009 4:07:08 PM 1048672 C:\Program Files\Sun\JavaDB\demo\databases\toursdb\log
1/21/2009 4:07:09 PM 1204224 C:\Program Files\Sun\JavaDB\demo\databases\toursdb\seg0
1/21/2009 4:07:06 PM 1512714 C:\Program Files\Sun\JavaDB\demo\programs
1/21/2009 4:07:06 PM 95378 C:\Program Files\Sun\JavaDB\demo\programs\localcal
1/21/2009 4:07:06 PM 87958 C:\Program Files\Sun\JavaDB\demo\programs\localcal\src
1/21/2009 4:07:06 PM 977 C:\Program Files\Sun\JavaDB\demo\programs\localcal\src\images
1/21/2009 4:07:06 PM 90298 C:\Program Files\Sun\JavaDB\demo\programs\nserverdemo
1/21/2009 4:07:06 PM 72685 C:\Program Files\Sun\JavaDB\demo\programs\scores
1/21/2009 4:07:06 PM 70671 C:\Program Files\Sun\JavaDB\demo\programs\scores\java
1/21/2009 4:07:06 PM 50676 C:\Program Files\Sun\JavaDB\demo\programs\scores\java\client
1/21/2009 4:07:06 PM 50676 C:\Program Files\Sun\JavaDB\demo\programs\scores\java\client\org
1/21/2009 4:07:06 PM 50676 C:\Program Files\Sun\JavaDB\demo\programs\scores\java\client\org\apache
1/21/2009 4:07:06 PM 50676 C:\Program Files\Sun\JavaDB\demo\programs\scores\java\client\org\apache\derbyDemo
1/21/2009 4:07:06 PM 50676 C:\Program Files\Sun\JavaDB\demo\programs\scores\java\client\org\apache\derbyDemo\scores
1/21/2009 4:07:06 PM 4848 C:\Program Files\Sun\JavaDB\demo\programs\scores\java\client\org\apache\derbyDemo\scores\app
1/21/2009 4:07:06 PM 45828 C:\Program Files\Sun\JavaDB\demo\programs\scores\java\client\org\apache\derbyDemo\scores\data
1/21/2009 4:07:06 PM 9908 C:\Program Files\Sun\JavaDB\demo\programs\scores\java\common
1/21/2009 4:07:06 PM 9908 C:\Program Files\Sun\JavaDB\demo\programs\scores\java\common\org
1/21/2009 4:07:06 PM 9908 C:\Program Files\Sun\JavaDB\demo\programs\scores\java\common\org\apache
1/21/2009 4:07:06 PM 9908 C:\Program Files\Sun\JavaDB\demo\programs\scores\java\common\org\apache\derbyDemo
1/21/2009 4:07:06 PM 9908 C:\Program Files\Sun\JavaDB\demo\programs\scores\java\common\org\apache\derbyDemo\scores
1/21/2009 4:07:06 PM 9908 C:\Program Files\Sun\JavaDB\demo\programs\scores\java\common\org\apache\derbyDemo\scores\util
1/21/2009 4:07:07 PM 10087 C:\Program Files\Sun\JavaDB\demo\programs\scores\java\server
1/21/2009 4:07:07 PM 10087 C:\Program Files\Sun\JavaDB\demo\programs\scores\java\server\org
1/21/2009 4:07:07 PM 10087 C:\Program Files\Sun\JavaDB\demo\programs\scores\java\server\org\apache
1/21/2009 4:07:07 PM 10087 C:\Program Files\Sun\JavaDB\demo\programs\scores\java\server\org\apache\derbyDemo
1/21/2009 4:07:07 PM 10087 C:\Program Files\Sun\JavaDB\demo\programs\scores\java\server\org\apache\derbyDemo\scores
1/21/2009 4:07:07 PM 10087 C:\Program Files\Sun\JavaDB\demo\programs\scores\java\server\org\apache\derbyDemo\scores\proc
1/21/2009 4:07:07 PM 54946 C:\Program Files\Sun\JavaDB\demo\programs\simple
1/21/2009 4:07:07 PM 35363 C:\Program Files\Sun\JavaDB\demo\programs\simplemobile
1/21/2009 4:07:07 PM 158448 C:\Program Files\Sun\JavaDB\demo\programs\toursdb
1/21/2009 4:07:08 PM 950914 C:\Program Files\Sun\JavaDB\demo\programs\vtis
1/21/2009 4:07:08 PM 790256 C:\Program Files\Sun\JavaDB\demo\programs\vtis\data
1/21/2009 4:07:08 PM 148899 C:\Program Files\Sun\JavaDB\demo\programs\vtis\java
1/21/2009 4:07:08 PM 148899 C:\Program Files\Sun\JavaDB\demo\programs\vtis\java\org
1/21/2009 4:07:08 PM 148899 C:\Program Files\Sun\JavaDB\demo\programs\vtis\java\org\apache
1/21/2009 4:07:08 PM 148899 C:\Program Files\Sun\JavaDB\demo\programs\vtis\java\org\apache\derbyDemo
1/21/2009 4:07:08 PM 148899 C:\Program Files\Sun\JavaDB\demo\programs\vtis\java\org\apache\derbyDemo\vtis
1/21/2009 4:07:08 PM 91295 C:\Program Files\Sun\JavaDB\demo\programs\vtis\java\org\apache\derbyDemo\vtis\core
1/21/2009 4:07:08 PM 32115 C:\Program Files\Sun\JavaDB\demo\programs\vtis\java\org\apache\derbyDemo\vtis\example
1/21/2009 4:07:08 PM 25489 C:\Program Files\Sun\JavaDB\demo\programs\vtis\java\org\apache\derbyDemo\vtis\snapshot
1/21/2009 4:07:08 PM 10228 C:\Program Files\Sun\JavaDB\demo\programs\vtis\sql
1/21/2009 4:07:08 PM 30208 C:\Program Files\Sun\JavaDB\demo\programs\workingwithderby
1/21/2009 4:07:08 PM 4176 C:\Program Files\Sun\JavaDB\demo\templates
1/21/2009 4:07:09 PM 16218844 C:\Program Files\Sun\JavaDB\docs
1/21/2009 4:07:09 PM 12619136 C:\Program Files\Sun\JavaDB\docs\html
1/21/2009 4:07:09 PM 1206854 C:\Program Files\Sun\JavaDB\docs\html\adminguide
1/21/2009 4:07:10 PM 2641492 C:\Program Files\Sun\JavaDB\docs\html\devguide
1/21/2009 4:07:11 PM 535551 C:\Program Files\Sun\JavaDB\docs\html\getstart
1/21/2009 4:07:11 PM 34217 C:\Program Files\Sun\JavaDB\docs\html\images
1/21/2009 4:07:11 PM 5069298 C:\Program Files\Sun\JavaDB\docs\html\ref
1/21/2009 4:07:13 PM 1275987 C:\Program Files\Sun\JavaDB\docs\html\tools
1/21/2009 4:07:15 PM 1855737 C:\Program Files\Sun\JavaDB\docs\html\tuning
1/21/2009 4:07:16 PM 3599708 C:\Program Files\Sun\JavaDB\docs\pdf
1/21/2009 4:07:16 PM 301118 C:\Program Files\Sun\JavaDB\docs\pdf\adminguide
1/21/2009 4:07:16 PM 777533 C:\Program Files\Sun\JavaDB\docs\pdf\devguide
1/21/2009 4:07:16 PM 197358 C:\Program Files\Sun\JavaDB\docs\pdf\getstart
1/21/2009 4:07:16 PM 1510709 C:\Program Files\Sun\JavaDB\docs\pdf\ref
1/21/2009 4:07:16 PM 323296 C:\Program Files\Sun\JavaDB\docs\pdf\tools
1/21/2009 4:07:16 PM 489694 C:\Program Files\Sun\JavaDB\docs\pdf\tuning
1/21/2009 4:07:16 PM 1736923 C:\Program Files\Sun\JavaDB\javadoc
1/21/2009 4:07:16 PM 902099 C:\Program Files\Sun\JavaDB\javadoc\jdbc3
1/21/2009 4:07:17 PM 690985 C:\Program Files\Sun\JavaDB\javadoc\jdbc3\org
1/21/2009 4:07:17 PM 690985 C:\Program Files\Sun\JavaDB\javadoc\jdbc3\org\apache
1/21/2009 4:07:17 PM 690985 C:\Program Files\Sun\JavaDB\javadoc\jdbc3\org\apache\derby
1/21/2009 4:07:17 PM 24715 C:\Program Files\Sun\JavaDB\javadoc\jdbc3\org\apache\derby\authentication
1/21/2009 4:07:17 PM 68300 C:\Program Files\Sun\JavaDB\javadoc\jdbc3\org\apache\derby\drda
1/21/2009 4:07:17 PM 328141 C:\Program Files\Sun\JavaDB\javadoc\jdbc3\org\apache\derby\jdbc
1/21/2009 4:07:17 PM 123725 C:\Program Files\Sun\JavaDB\javadoc\jdbc3\org\apache\derby\mbeans
1/21/2009 4:07:17 PM 54373 C:\Program Files\Sun\JavaDB\javadoc\jdbc3\org\apache\derby\mbeans\drda
1/21/2009 4:07:17 PM 32439 C:\Program Files\Sun\JavaDB\javadoc\jdbc3\org\apache\derby\security
1/21/2009 4:07:17 PM 69380 C:\Program Files\Sun\JavaDB\javadoc\jdbc3\org\apache\derby\tools
1/21/2009 4:07:18 PM 44285 C:\Program Files\Sun\JavaDB\javadoc\jdbc3\org\apache\derby\vti
1/21/2009 4:07:18 PM 1898 C:\Program Files\Sun\JavaDB\javadoc\jdbc3\resources
1/21/2009 4:07:18 PM 834824 C:\Program Files\Sun\JavaDB\javadoc\jdbc4
1/21/2009 4:07:18 PM 641821 C:\Program Files\Sun\JavaDB\javadoc\jdbc4\org
1/21/2009 4:07:18 PM 641821 C:\Program Files\Sun\JavaDB\javadoc\jdbc4\org\apache
1/21/2009 4:07:18 PM 641821 C:\Program Files\Sun\JavaDB\javadoc\jdbc4\org\apache\derby
1/21/2009 4:07:19 PM 24715 C:\Program Files\Sun\JavaDB\javadoc\jdbc4\org\apache\derby\authentication
1/21/2009 4:07:19 PM 68300 C:\Program Files\Sun\JavaDB\javadoc\jdbc4\org\apache\derby\drda
1/21/2009 4:07:19 PM 278977 C:\Program Files\Sun\JavaDB\javadoc\jdbc4\org\apache\derby\jdbc
1/21/2009 4:07:20 PM 123725 C:\Program Files\Sun\JavaDB\javadoc\jdbc4\org\apache\derby\mbeans
1/21/2009 4:07:20 PM 54373 C:\Program Files\Sun\JavaDB\javadoc\jdbc4\org\apache\derby\mbeans\drda
1/21/2009 4:07:20 PM 32439 C:\Program Files\Sun\JavaDB\javadoc\jdbc4\org\apache\derby\security
1/21/2009 4:07:20 PM 69380 C:\Program Files\Sun\JavaDB\javadoc\jdbc4\org\apache\derby\tools
1/21/2009 4:07:20 PM 44285 C:\Program Files\Sun\JavaDB\javadoc\jdbc4\org\apache\derby\vti
1/21/2009 4:07:20 PM 1898 C:\Program Files\Sun\JavaDB\javadoc\jdbc4\resources
1/21/2009 4:07:05 PM 4579451 C:\Program Files\Sun\JavaDB\lib
1/16/2009 5:10:56 PM 409574 C:\Program Files\Trend Micro
1/16/2009 5:10:56 PM 409574 C:\Program Files\Trend Micro\HijackThis
====== Files under "\System32\Drivers" Last 60 Days======
1/15/2009 11:39:48 AM 42376 32 C:\WINDOWS\system32\drivers\ikfilesec.sys
1/15/2009 11:39:48 AM 66952 32 C:\WINDOWS\system32\drivers\iksysflt.sys
1/15/2009 11:39:48 AM 81288 32 C:\WINDOWS\system32\drivers\iksyssec.sys
1/15/2009 11:39:48 AM 29576 32 C:\WINDOWS\system32\drivers\kcom.sys
1/15/2009 10:09:55 AM 15504 32 C:\WINDOWS\system32\drivers\mbam.sys
1/15/2009 10:09:53 AM 38496 32 C:\WINDOWS\system32\drivers\mbamswissarmy.sys
====== Files Deleted under "%Temp%" ======
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC2D.tmp
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC2E.tmp
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC2F.tmp
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC30.tmp
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC31.tmp
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC32.tmp
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC33.tmp
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC34.tmp
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC35.tmp
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC36.tmp
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC37.tmp
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC38.tmp
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC39.tmp
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC3A.tmp
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC3B.tmp
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC5C.tmp
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC5D.tmp
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC5E.tmp
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC68.tmp
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\AC69.tmp
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\alm.log
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\amt.log
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\avg8inst.log
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\D1B5B4F1.TMP
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\etilqs_VglGZdnPiD9Uhcvp5Tj9
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\javaws2
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\java_install.log
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\java_install_reg.log
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\jusched.log
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\MSI46a77.LOG
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\setup.ini
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\TWAIN.LOG
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\Twain001.Mtx
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\Twunk001.MTX
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\Twunk002.MTX
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\vmgrremok.exe
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\WT5D.tmp
C:\DOCUME~1\RICHAR~1\LOCALS~1\Temp\~DF763E.tmp
38 Files deleted
====== Files and Folders under "All Users\Application Data" Last 60 Days======
12/12/2008 12:14:30 PM 56423 C:\Documents and Settings\All Users\Application Data\acccore
12/12/2008 12:14:30 PM 56423 C:\Documents and Settings\All Users\Application Data\acccore\plugins
12/12/2008 12:15:26 PM 4788 C:\Documents and Settings\All Users\Application Data\acccore\plugins\{64613142-4B62-7879-6563-337541545364}
12/12/2008 12:15:26 PM 11804 C:\Documents and Settings\All Users\Application Data\acccore\plugins\{64653137-6737-6936-486A-3566764D7375}
12/12/2008 12:15:26 PM 3756 C:\Documents and Settings\All Users\Application Data\acccore\plugins\{64653150-6D73-7770-5F76-636F6D57765A}
12/12/2008 12:15:26 PM 6057 C:\Documents and Settings\All Users\Application Data\acccore\plugins\{64653157-664A-4542-6A4C-6A39334B3934}
12/12/2008 12:15:26 PM 2526 C:\Documents and Settings\All Users\Application Data\acccore\plugins\{696D3136-4A6C-374C-4837-5779504C5455}
12/12/2008 12:15:26 PM 5644 C:\Documents and Settings\All Users\Application Data\acccore\plugins\{696D3152-4F7A-4462-355F-51737669496D}
1/22/2009 3:54:15 PM 272647 C:\Documents and Settings\All Users\Application Data\AIM Toolbar
1/22/2009 3:54:15 PM 272647 C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar
1/22/2009 3:54:15 PM 272647 C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources
1/22/2009 3:54:15 PM 272647 C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US
1/22/2009 3:54:15 PM 24288 C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\buttons
1/22/2009 3:54:15 PM 747 C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local
1/22/2009 3:54:16 PM 9402 C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\rss
1/22/2009 3:54:16 PM 135239 C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\ui
1/21/2009 12:28:07 PM 0 C:\Documents and Settings\All Users\Application Data\Avg8
1/15/2009 10:09:51 AM 4265505 C:\Documents and Settings\All Users\Application Data\Malwarebytes
1/15/2009 10:09:51 AM 4265505 C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware
1/15/2009 10:42:43 AM 101764 C:\Documents and Settings\All Users\Application Data\NortonInstaller
1/15/2009 10:42:43 AM 101764 C:\Documents and Settings\All Users\Application Data\NortonInstaller\Logs
1/15/2009 10:42:43 AM 75676 C:\Documents and Settings\All Users\Application Data\NortonInstaller\Logs\1-15-2009-10h42m43s
1/15/2009 10:43:52 AM 26088 C:\Documents and Settings\All Users\Application Data\NortonInstaller\Logs\1-15-2009-10h43m52s
====== Possible Rootkit Scan (Note: Items listed here are not necessarily bad)======
====== Values under HKLM\Software\microsoft\shared tools\msconfig\startupreg ======
====== Services ( Services that are Whitelisted are not shown) ======
Apple Mobile Device (Apple Mobile Device) "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe" - Auto
DSBrokerService (DSBrokerService) "C:\Program Files\DellSupport\brkrsvc.exe" - Manual
Media Center Receiver Service (ehRecvr) C:\WINDOWS\eHome\ehRecvr.exe - Auto
Media Center Scheduler Service (ehSched) C:\WINDOWS\eHome\ehSched.exe - Auto
FLEXnet Licensing Service (FLEXnet Licensing Service) "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" - Manual
Intel(R) Matrix Storage Event Monitor (IAANTMon) C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe - Auto
Java Quick Starter (JavaQuickStarterService) "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" - Auto
MHN (MHN) C:\WINDOWS\System32\svchost.exe -k netsvcs - Manual
MSSQL$SONY_MEDIAMGR (MSSQL$SONY_MEDIAMGR) C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -sSONY_MEDIAMGR - Auto
MSSQLServerADHelper (MSSQLServerADHelper) C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe - Manual
Intel NCS NetService (NetSvc) C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe - Manual
NMIndexingService (NMIndexingService) "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe" - Manual
PC Tools Auxiliary Service (sdAuxService) C:\Program Files\Spyware Doctor\pctsAuxs.exe - Auto
ServiceLayer (ServiceLayer) "C:\Program Files\PC Connectivity Solution\ServiceLayer.exe" - Manual
SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter - Auto
SQLAgent$SONY_MEDIAMGR (SQLAgent$SONY_MEDIAMGR) C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -i SONY_MEDIAMGR - Manual
Upload Manager (uploadmgr) C:\WINDOWS\System32\svchost.exe -k netsvcs - Auto
Viewpoint Manager Service (Viewpoint Manager Service) "C:\Program Files\Viewpoint\Common\ViewpointService.exe" - Auto
WAN Miniport (ATW) Service (WANMiniportService) "C:\WINDOWS\wanmpsvc.exe" - Auto
====== Uninstall List From Registry ======
Windows Driver Package - Nokia Modem (02/15/2007 3.1)
GemMaster Mystic
7-Zip 4.42
AC-3 ACM Codec
Adi Dassler 1.0
Adobe Flash Player ActiveX
Adobe Flash Player 10 Plugin
Adobe Illustrator CS2
Adobe SVG Viewer 3.0
Adobe InDesign CS3
Adobe ExtendScript Toolkit 2
Adobe Dreamweaver CS3
Adobe Color Common Settings
Adobe Photoshop CS3
Adobe Flash CS3 Professional
Adobe® Photoshop® Album Starter Edition 3.2
AIM Toolbar
AIM 6
AOL Instant Messenger
AOL Toolbar 2.0
AOL Uninstaller (Choose which Products to Remove)
AOL Coach Version 1.0(Build:20040229.1 en)
Ask Toolbar
ATI Display Driver
Otto
Bejeweled Deluxe 1.87
CDisplay 1.8
Chopper XP 2.3
Conexant D850 56K V.9x DFVc Modem
Command & Conquer Windows 95
Console Classix 3.1
Dell Digital Jukebox Driver
Dell Game Console
DFX for Winamp
DFX for Windows Media Player
DVD Decrypter (Remove Only)
DVD Shrink 3.2
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1)
FileZilla Client 3.1.6
FLAC Installer 1.1.2a (remove only)
FramefileWizard
Drug Wars
getPlus(R)_ocx
HijackThis 2.0.2
Microsoft Internationalized Domain Names Mitigation APIs
Windows Internet Explorer 7
Canon Utilities PhotoStitch 3.1
Canon Camera Window for ZoomBrowser EX
iPod for Windows 2006-06-28
Canon Utilities RemoteCapture 2.7
Canon Utilities File Viewer Utility 1.2
High Definition Audio Driver Package - KB835221
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Microsoft .NET Framework 1.0 Hotfix (KB887998)
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB888310
Hotfix for Windows XP (KB888795)
Windows XP Hotfix - KB889673
Security Update for Windows XP (KB890046)
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890927
Hotfix for Windows XP (KB891593)
Windows XP Hotfix - KB891781
Windows Genuine Advantage Validation Tool (KB892130)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Windows Installer 3.1 (KB893803)
Update for Windows XP (KB894391)
Windows Media Player 10 Hotfix - KB895316
Hotfix for Windows XP (KB895961)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Hotfix for Windows XP (KB899337)
Hotfix for Windows XP (KB899510)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Update Rollup 2 for Windows XP Media Center Edition 2005
Update for Windows XP (KB900485)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Hotfix for Windows XP (KB902841)
Hotfix for Windows Media Player 10 (KB903157)
Security Update for Windows XP (KB904706)
Update for Windows XP (KB904942)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Hotfix for Windows Media Player 10 (KB910393)
Update for Windows XP (KB910437)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Update for Windows Media Player 10 (KB913800)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Security Update for Windows XP (KB916281)
Update for Windows XP (KB916595)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Update for Windows XP (KB920872)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Update for Windows XP (KB922582)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB925486)
Update for Windows XP (KB925720)
Windows XP Media Center Edition 2005 KB925766
Security Update for Windows XP (KB925902)
Hotfix for Windows XP (KB926239)
Update for Windows Media Player 10 (KB926251)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Update for Windows XP (KB927891)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Update for Windows XP (KB929338)
Hotfix for Windows Media Format 11 SDK (KB929399)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows XP (KB930178)
Microsoft .NET Framework 1.0 Hotfix (KB930494)
Update for Windows XP (KB930916)
Security Update for Windows XP (KB931261)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows XP (KB931784)
Update for Windows XP (KB931836)
Security Update for Windows XP (KB932168)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB933360)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Update for Windows XP (KB936357)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows XP (KB937894)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows XP (KB938464)
Update for Windows XP (KB938828)
Security Update for Windows XP (KB938829)
Security Update for Windows Internet Explorer 7 (KB939653)
Hotfix for Windows Media Player 11 (KB939683)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows Internet Explorer 7 (KB942615)
Update for Windows XP (KB942763)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Hotfix for Windows Internet Explorer 7 (KB947864)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Update for Windows XP (KB951072-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows Media Player (KB952069)
Hotfix for Windows XP (KB952287)
Security Update for Windows XP (KB952954)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Update for Windows XP (KB955839)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows Internet Explorer 7 (KB960714)
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Magic ISO Maker v5.5 (build 0273)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 3.5
Monkey's Audio
Mozilla Firefox (3.0.5)
McAfee SecurityCenter
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft National Language Support Downlevel APIs
Intel(R) PRO Network Connections Drivers
RealPlayer
Registry Mechanic 7.0
ScummVM 0.7.1
Download Updater (AOL LLC)
SoulSeek Client 156c
SoulSeek 157 NS 12d
Spyware Doctor 5.5
Learn2 Player (Uninstall Only)
TablEdit 2.65
Viewpoint Media Player
VideoLAN VLC media player 0.8.6c
Vuze
Westwood Online
WebCyberCoach 3.2 Dell
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Notifications (KB905474)
Windows Imaging Component
WildTangent Web Driver
Winamp
Windows Live Safety scanner
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Format 11 runtime
Windows Media Player 11
Microsoft User-Mode Driver Framework Feature Pack 1.0
XML Paper Specification Shared Components Pack 1.0
Microsoft Office 2000 Premium
PhotoStitch
Adobe Help Viewer CS3
PC Connectivity Solution
Sonic RecordNow Data
Adobe Bridge Start Meeting
Camera Window
ATI Control Panel
Microsoft Plus! Photo Story 2 LE
Sonic DLA
QuickBooks Simple Start Special Edition
Adobe WinSoft Linguistics Plugin
AutoUpdate
MSXML 6 Service Pack 2 (KB954459)
Sonic MyDVD LE
Google Toolbar for Internet Explorer
Adobe ExtendScript Toolkit 2
Java(TM) 6 Update 11
Adobe Stock Photos CS3
Adobe Extension Manager CS3
Microsoft .NET Framework 3.0 Service Pack 1
Adobe Flash Video Encoder
Microsoft .NET Framework 3.5
Sonic Update Manager
Java(TM) SE Development Kit 6 Update 11
Windows Media Player 10
WebFldrs XP
Internet Explorer Default Page
MSXML 4.0 SP2 (KB927978)
Adobe Setup
Adobe Photoshop CS3
Google Earth
Adobe SING CS3
Intel(R) PROSet for Wired Connections
Adobe Color EU Extra Settings
Adobe Linguistics CS3
Sony Sound Forge 8.0d
Adobe Setup
neroxml
Creative MediaSource
Dell Driver Reset Tool
Nero 9
McAfee Shredder
Nero CoverDesigner
AOLIcon
Adobe Setup
PowerDVD 5.5
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Apple Software Update
Windows Media Player Firefox Plugin
Adobe Fonts All
Adobe Flash CS3
Adobe Color Common Settings
Digital Content Portal
Microsoft Plus! Digital Media Edition Installer
Adobe Asset Services CS3
EarthLink setup files
Microsoft Visual C++ 2005 Redistributable
Dell System Restore
DivX
DellSupport
Modem Helper
Adobe XMP Panels CS3
Rhapsody Player Engine
MSXML 4.0 SP2 (KB954430)
Bonjour
Corel Photo Album 6
DivX Player
Adobe Device Central CS3
QuickTime
Adobe Type Support
Adobe Anchor Service CS3
Intel Matrix Storage Manager
Adobe Color NA Recommended Settings
Nokia Connectivity Cable Driver
Sonic Encoders
Java DB 10.4.1.3
Adobe Bridge CS3
Sound Blaster Audigy 2 ZS
DiscWizard for Windows
Adobe CMaps
Adobe Color - Photoshop Specific
2Wire Wireless Client
Adobe® Photoshop® Album Starter Edition 3.2
ImagXpress
MSXML 4.0 SP2 (KB925672)
Sonic RecordNow Audio
PDF Settings
Adobe Reader 8.1.2
Adobe Reader 8.1.2 Security Update 1 (KB403742)
WordPerfect Office 12
Sonic RecordNow Copy
Advertising Center
Adobe Illustrator CS2
Adobe Camera Raw 4.0
Adobe Setup
Microsoft .NET Framework 2.0 Service Pack 1
DivX Web Player
Adobe Default Language CS3
iPod for Windows 2006-06-28
Nero ControlCenter
RemoteCapture 2.7.0
MSXML 4.0 SP2 (KB936181)
Canon Utilities ZoomBrowser EX
Apple Mobile Device Support
Sony Media Manager 2.1
Microsoft .NET Framework 1.1
Adobe InDesign CS3
NeroBurningROM
Adobe Version Cue CS3 Client
Adobe PDF Library Files
Adobe Color JA Extra Settings
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
Dell Support Center (Support Software)
Digital Line Detect
Adobe Update Manager CS3
Nero Installer
Musicmatch for Windows Media Player
iTunes
Adobe InDesign CS3 Icon Handler
File Viewer Utility 1.2
Adobe Dreamweaver CS3
Nero 7 Ultra Edition
Adobe Setup
Adobe Setup
======== Other Info ========
TOTAL PHYSICAL RAM: 1072 MB
bamajim
10.4K Posts
0
January 23rd, 2009 06:00
cheech519
Yes we have a return of the infection, 2 questions;
1. Do you use a router?
2. Do you still have Avenger?
Cheech519
30 Posts
0
January 23rd, 2009 10:00
no router, just time warner cable modem, and no i will re-download avenger.