Jump to content

bubbleboi

Honorary Members
 View Profile  See their activity

  • Posts

    31

  • Joined

  • Last visited

 Content Type 

Everything posted by bubbleboi

  1. bubbleboi
    Thanks anywayz man, i no u couldnt help me any further bcuz of that and hey, ur right, so thanx anyway, ur a great help. Malwarebytes ROCK!!!
  2. bubbleboi
    .....and the Extra.Txt OTListIt Extras logfile created on: 05/11/2008 01:52:28 PM - Run OTListIt by OldTimer - Version 1.0.12.0 Folder = C:\Documents and Settings\Admin\Desktop\downloads etc Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00002C09 | Country: Trinidad and Tobago | Language: ENT | Date Format: dd/MM/yyyy 2.00 Gb Total Physical Memory | 1.33 Gb Available Physical Memory | 66.36% Memory free 3.85 Gb Paging File | 3.28 Gb Available in Paging File | 85.16% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 149.04 Gb Total Space | 54.69 Gb Free Space | 36.70% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: PAL Current User Name: Admin Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Whitelist: On File Age = 30 Days ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] "DisableMonitoring" = 1 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts] ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [2008/04/13 10:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 [2007/07/23 09:33:58 | 05,803,368 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office Communicator\communicator.exe:*:Enabled:Microsoft Office Communicator 2007 [2007/01/19 11:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 [2007/01/04 15:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [2008/04/13 10:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 [2006/12/19 10:24:50 | 00,104,000 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service File not found -- C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD [2008/05/21 03:37:24 | 12,844,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook [2007/08/28 23:23:36 | 00,340,856 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove [2008/05/21 04:54:40 | 01,022,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote [2007/07/23 09:33:58 | 05,803,368 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office Communicator\communicator.exe:*:Enabled:Microsoft Office Communicator 2007 [2007/01/19 11:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 [2007/01/04 15:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) [2008/04/13 16:12:25 | 01,414,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mmc.exe:*:Disabled:Microsoft Management Console [2006/10/31 20:07:32 | 08,904,704 | ---- | M] () -- C:\Program Files\Electronic Arts\Need for Speed Carbon\nfsc.exe:*:Enabled:nfsc [2008/09/18 11:01:52 | 00,147,456 | ---- | M] (Lime Wire, LLC) -- C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire [2007/08/30 16:43:18 | 04,670,704 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger [2007/08/30 16:43:18 | 00,091,376 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server File not found -- C:\Program Files\BitTorrent\bittorrent.exe:*:Disabled:BitTorrent File not found -- C:\Program Files\FrostWire\FrostWire.exe:*:Disabled:FrostWire [2008/09/06 14:09:38 | 07,685,424 | ---- | M] (Apple Inc.) -- C:\Program Files\QuickTime\QuickTimePlayer.exe:*:Enabled:QuickTime Player File not found -- C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client [2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour [2008/04/13 16:12:17 | 00,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper [2000/08/08 02:13:34 | 02,695,213 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Admin\Desktop\game\aoe 2\age2_x1.exe:*:Enabled:Age of Empires II Expansion File not found -- C:\Program Files\Activision Value\Apache AH-64 Air Assault\Apache.exe:*:Enabled:Apache [2008/10/01 17:57:04 | 14,258,472 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes [2008/10/15 23:55:41 | 00,289,088 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\DNA\btdna.exe:*:Enabled:DNA [2008/10/22 23:47:45 | 00,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA [2008/11/05 11:56:07 | 00,183,120 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB [2008/06/20 14:43:00 | 03,330,048 | ---- | M] () -- C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare [2008/10/27 11:43:11 | 00,270,128 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:
  3. bubbleboi
    Oh and i also ran the FixPolicies.exe. Now this is the results for the OTList. Txt: OTListIt logfile created on: 05/11/2008 01:52:28 PM - Run OTListIt by OldTimer - Version 1.0.12.0 Folder = C:\Documents and Settings\Admin\Desktop\downloads etc Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00002C09 | Country: Trinidad and Tobago | Language: ENT | Date Format: dd/MM/yyyy 2.00 Gb Total Physical Memory | 1.33 Gb Available Physical Memory | 66.36% Memory free 3.85 Gb Paging File | 3.28 Gb Available in Paging File | 85.16% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 149.04 Gb Total Space | 54.69 Gb Free Space | 36.70% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: PAL Current User Name: Admin Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Whitelist: On File Age = 30 Days ========== Processes ========== [2008/07/09 08:05:18 | 00,075,304 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008/10/01 12:06:14 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe [2008/10/08 12:04:44 | 00,203,280 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2006/12/19 10:24:50 | 00,104,000 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe [2007/02/22 19:50:00 | 00,144,960 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe [2007/02/22 19:50:00 | 00,054,872 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe [2006/10/26 12:40:34 | 00,335,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2008/09/17 22:55:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe [2008/10/22 23:47:45 | 00,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe [2006/12/19 10:27:54 | 00,136,768 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\naPrdMgr.exe [2006/11/02 19:40:12 | 00,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe [2008/05/26 21:18:44 | 00,439,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\searchindexer.exe [2007/10/16 17:30:10 | 16,855,552 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe [2007/02/22 19:50:00 | 00,112,216 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe [2006/12/19 10:27:00 | 00,136,768 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\UdaterUI.exe [2007/08/24 06:00:48 | 00,033,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008/06/10 03:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008/07/09 08:05:20 | 00,919,016 | ---- | M] (Zone Labs, LLC) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008/04/13 16:12:33 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe [2008/10/01 17:57:12 | 00,289,576 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe [2007/01/19 11:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe [2006/12/19 14:06:00 | 00,086,016 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\Mctray.exe [2007/09/02 12:58:52 | 00,495,616 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\kern\themes\RocketDock\RocketDock.exe [2008/04/13 16:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe [2008/10/15 23:55:41 | 00,289,088 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\DNA\btdna.exe [2008/10/01 17:57:00 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe [2008/09/16 11:16:08 | 01,833,296 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008/05/26 21:18:18 | 00,184,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\searchprotocolhost.exe [2008/05/26 21:17:56 | 00,087,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\searchfilterhost.exe [2008/11/05 13:51:18 | 00,418,304 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Desktop\downloads etc\OTListIt.exe ========== (O23) Win32 Services ========== [2008/10/01 12:06:14 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running]) [2007/10/24 00:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped]) [2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running]) [2007/10/24 00:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) [2008/08/20 20:15:48 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped]) [2007/10/09 11:58:12 | 00,036,864 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped]) [2005/11/14 00:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped]) [2007/10/11 08:55:10 | 00,864,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [unknown | Stopped]) [2008/10/01 17:57:00 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running]) [2008/10/08 12:04:44 | 00,203,280 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service [Auto | Running]) [2006/12/19 10:24:50 | 00,104,000 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework [unknown | Running]) [2007/02/22 19:50:00 | 00,144,960 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe -- (McShield [unknown | Running]) [2007/02/22 19:50:00 | 00,054,872 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe -- (McTaskManager [unknown | Running]) [2006/10/26 12:40:34 | 00,335,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe -- (MDM [Auto | Running]) [2007/08/24 05:59:20 | 00,068,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped]) [2007/10/11 08:55:14 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped]) File not found -- -- (NMSAccessU [Auto | Stopped]) [2008/09/17 22:55:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running]) [2007/08/24 02:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped]) [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped]) [2008/10/22 23:47:45 | 00,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA [Auto | Running]) [2006/11/02 19:40:12 | 00,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing [Auto | Running]) [2007/01/19 11:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped]) [2008/07/09 08:05:18 | 00,075,304 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- (vsmon [Auto | Running]) [2006/10/18 19:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped]) [2008/05/26 21:18:44 | 00,439,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\searchindexer.exe -- (WSearch [Auto | Running]) ========== Driver Services ========== [2006/06/18 19:37:34 | 00,036,864 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8 [system | Running]) [2005/11/20 21:48:20 | 00,016,512 | ---- | M] (Adaptec) -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI32 [Auto | Running]) [2005/03/15 22:23:54 | 00,013,696 | R--- | M] (BIOSTAR Group) -- C:\WINDOWS\system32\drivers\BIOS.sys -- (BIOS [system | Running]) [2008/04/17 12:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running]) [1996/04/03 11:33:26 | 00,005,248 | ---- | M] () -- C:\WINDOWS\system32\giveio.sys -- (giveio [boot | Running]) [2007/10/13 04:03:45 | 00,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus [On_Demand | Running]) [2008/04/13 10:36:38 | 00,020,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\hidbatt.sys -- (HidBatt [On_Demand | Running]) [2007/10/16 17:38:30 | 04,615,168 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running]) [2007/07/19 14:10:28 | 00,127,768 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF [system | Running]) [2006/11/30 07:50:00 | 00,064,360 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk [On_Demand | Running]) [2006/11/30 07:50:00 | 00,072,264 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk [On_Demand | Running]) [2006/11/30 07:50:00 | 00,034,152 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk [On_Demand | Running]) [2007/02/22 19:50:00 | 00,170,408 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk [On_Demand | Running]) [2006/11/30 07:50:00 | 00,031,944 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys -- (mferkdk [system | Running]) [2006/11/30 07:50:00 | 00,052,136 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfetdik.sys -- (mfetdik [system | Running]) [2007/11/02 14:36:10 | 00,018,176 | ---- | M] (Motorola) -- C:\WINDOWS\system32\drivers\motccgp.sys -- (motccgp [On_Demand | Stopped]) [2007/01/22 18:33:00 | 00,007,680 | ---- | M] (Motorola) -- C:\WINDOWS\system32\drivers\motccgpfl.sys -- (motccgpfl [On_Demand | Stopped]) [2007/10/10 16:41:50 | 00,042,112 | ---- | M] (Motorola Inc) -- C:\WINDOWS\system32\drivers\motodrv.sys -- (MotDev [On_Demand | Stopped]) [2007/06/18 14:18:26 | 00,023,680 | ---- | M] (Motorola) -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem [On_Demand | Stopped]) [2008/09/17 22:55:00 | 06,132,576 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv [On_Demand | Running]) [2006/10/18 00:31:38 | 00,105,472 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata [boot | Running]) [2007/10/13 04:04:29 | 00,100,736 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvatabus.sys -- (nvatabus [boot | Running]) [2006/11/27 00:33:50 | 00,058,368 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD [On_Demand | Running]) [2006/11/27 00:33:54 | 00,019,968 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus [On_Demand | Running]) [2007/10/13 04:04:37 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running]) [2007/10/13 04:04:39 | 00,062,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rspndr.sys -- (rspndr [Auto | Running]) [2008/07/06 23:40:49 | 00,056,108 | ---- | M] (PowerISO Computing, Inc.) -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu [system | Running]) [2008/04/13 08:39:15 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [Auto | Running]) [2006/09/24 05:28:46 | 00,005,248 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\system32\speedfan.sys -- (speedfan [boot | Running]) [2008/10/22 19:10:18 | 00,682,232 | ---- | M] () -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd [boot | Running]) [2008/02/27 02:10:44 | 00,051,176 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan [boot | Running]) [2008/10/01 12:01:28 | 00,032,000 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped]) [2008/04/13 10:56:49 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS [On_Demand | Stopped]) [2008/07/09 08:05:22 | 00,394,952 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant [system | Running]) [2006/11/02 06:22:54 | 00,492,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wdf01000.sys -- (Wdf01000 [On_Demand | Stopped]) ========== Internet Explorer ========== HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes HKU\S-1-5-21-602162358-1229272821-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes HKU\S-1-5-21-602162358-1229272821-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm HKU\S-1-5-21-602162358-1229272821-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 HKU\S-1-5-21-602162358-1229272821-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ HKU\S-1-5-21-602162358-1229272821-1801674531-1003\S-1-5-21-602162358-1229272821-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 HKU\S-1-5-21-602162358-1229272821-1801674531-1003\S-1-5-21-602162358-1229272821-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local O1 HOSTS File: (287274 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.123topsearch.com O1 - Hosts: 127.0.0.1 123topsearch.com O1 - Hosts: 127.0.0.1 www.132.com O1 - Hosts: 127.0.0.1 132.com O1 - Hosts: 127.0.0.1 136136.net O1 - Hosts: 127.0.0.1 www.136136.net O1 - Hosts: 127.0.0.1 www.163ns.com O1 - Hosts: 127.0.0.1 163ns.com O1 - Hosts: 127.0.0.1 171203.com O1 - Hosts: 127.0.0.1 17-plus.com O1 - Hosts: 127.0.0.1 1800searchonline.com O1 - Hosts: 127.0.0.1 www.1800searchonline.com O1 - Hosts: 127.0.0.1 180searchassistant.com O1 - Hosts: 9902 more lines... O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\ScriptCl.dll (McAfee, Inc.) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key does not exist or could not be opened. File not found O2 - BHO: (no name) - {85DD4E0D-2B01-4D4D-9E66-3A165AB6EDA4} - Reg Error: Key does not exist or could not be opened. File not found O2 - BHO: (no name) - {AB89335C-B6EA-468C-A977-EC76F3818274} - Reg Error: Key does not exist or could not be opened. File not found O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll () O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll () O3 - HKLM\..\Toolbar: (Best Security Tips Toolbar) - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBest.dll (Conduit Ltd.) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated) O4 - HKLM..\Run: [Alcmtr] ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.) O4 - HKLM..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" (Microsoft Corporation) O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.) O4 - HKLM..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" File not found O4 - HKLM..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey (McAfee, Inc.) O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] nwiz.exe /install () O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.) O4 - HKLM..\Run: [RTHDCPL] RTHDCPL.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [shStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE (McAfee, Inc.) O4 - HKLM..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot (Simply Super Software) O4 - HKLM..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" (Zone Labs, LLC) O4 - HKCU..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" (BitTorrent, Inc.) O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation) O4 - HKCU..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background (Microsoft Corporation) O4 - HKCU..\Run: [RocketDock] "C:\Documents and Settings\Admin\My Documents\kern\themes\RocketDock\RocketDock.exe" () O4 - HKCU..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - HKU\.DEFAULT..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (Microsoft Corporation) O4 - HKU\S-1-5-18..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (Microsoft Corporation) O4 - HKU\S-1-5-21-602162358-1229272821-1801674531-1003..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" (BitTorrent, Inc.) O4 - HKU\S-1-5-21-602162358-1229272821-1801674531-1003..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation) O4 - HKU\S-1-5-21-602162358-1229272821-1801674531-1003..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background (Microsoft Corporation) O4 - HKU\S-1-5-21-602162358-1229272821-1801674531-1003..\Run: [RocketDock] "C:\Documents and Settings\Admin\My Documents\kern\themes\RocketDock\RocketDock.exe" () O4 - HKU\S-1-5-21-602162358-1229272821-1801674531-1003..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - HKU\.DEFAULT..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (Microsoft Corporation) O4 - HKU\S-1-5-18..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-602162358-1229272821-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - Reg Error: Key does not exist or could not be opened. File not found O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O15 - HKLM\..Trusted Sites: 48 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKCU\..Trusted Sites: 55 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\.DEFAULT\..Trusted Sites: 49 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\S-1-5-18\..Trusted Sites: 49 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\S-1-5-19\..Trusted Sites: 48 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\S-1-5-20\..Trusted Sites: 48 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKU\S-1-5-21-602162358-1229272821-1801674531-1003\..Trusted Sites: 55 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support) O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/...lscbase5036.cab (Windows Live Safety Center Base Module) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdat...b?1187665171156 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_09) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07) O18 - Protocol\Handler: - grooveLocalGWS - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler: - livecall - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation) O18 - Protocol\Handler: - msdaipp - No CLSID value found O18 - Protocol\Handler: - msdaipp\0x00000001 - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler: - msdaipp\oledb - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler: - ms-help - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler: - ms-itss - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler: - msnim - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation) O18 - Protocol\Handler: - sacore - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll () O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - See sections below for AppInitDlls and Winlogon settings ========== Winlogon Notify Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\] mlJApppM: "DllName" = Reg Error: Value DLLName does not exist or could not be read. -- File not found ========== Shell Execute Hooks ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}" (HKLM) -- C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" (HKLM) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) ========== LSA *Authentication Packages* ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "Authentication Packages" = msv1_0,C:\WINDOWS\system32\awtSJabB, >File not found -- ========== Safeboot Options ========== "AlternateShell" = cmd.exe ========== CDRom AutoRun Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] "AutoRun" = 1 ========== Autorun Files on Drives ========== AUTOEXEC.BAT [] [2007/08/19 16:16:47 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ] ========== MountPoints2 ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d02e180e-7d33-11dd-bc83-00e04d6e512d}\Shell\verb1\command] "" = desktop.exe ========== Files/Folders - Created Within 30 Days ========== [2 C:\WINDOWS\*.tmp files] [2008/11/05 12:15:39 | 00,028,544 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys [2008/11/05 12:15:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2008/11/05 12:14:51 | 00,000,000 | ---D | C] -- C:\Program Files\Panda Security [2008/11/05 12:07:09 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt15.sqm [2008/11/05 12:07:09 | 00,000,232 | -H-- | C] () -- C:\sqmdata15.sqm [2008/11/05 11:59:09 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt14.sqm [2008/11/05 11:59:09 | 00,000,232 | -H-- | C] () -- C:\sqmdata14.sqm [2008/11/05 11:47:04 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt13.sqm [2008/11/05 11:47:04 | 00,000,232 | -H-- | C] () -- C:\sqmdata13.sqm [2008/11/05 11:26:36 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt12.sqm [2008/11/05 11:26:36 | 00,000,232 | -H-- | C] () -- C:\sqmdata12.sqm [2008/11/05 02:17:40 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt11.sqm [2008/11/05 02:17:40 | 00,000,232 | -H-- | C] () -- C:\sqmdata11.sqm [2008/11/04 15:09:48 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt10.sqm [2008/11/04 15:09:48 | 00,000,232 | -H-- | C] () -- C:\sqmdata10.sqm [2008/11/04 02:38:27 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt09.sqm [2008/11/04 02:38:27 | 00,000,232 | -H-- | C] () -- C:\sqmdata09.sqm [2008/11/03 15:02:23 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt08.sqm [2008/11/03 15:02:23 | 00,000,232 | -H-- | C] () -- C:\sqmdata08.sqm [2008/11/03 00:21:26 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt07.sqm [2008/11/03 00:21:26 | 00,000,232 | -H-- | C] () -- C:\sqmdata07.sqm [2008/11/02 20:12:18 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt06.sqm [2008/11/02 20:12:18 | 00,000,232 | -H-- | C] () -- C:\sqmdata06.sqm [2008/10/31 00:48:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Simply Super Software [2008/10/31 00:48:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\My Documents\Simply Super Software [2008/10/30 18:13:04 | 00,265,996 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\cc_20081030_191257.reg [2008/10/30 09:46:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Local Settings\Application Data\ApplicationHistory [2008/10/29 22:12:42 | 00,001,740 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\HijackThis.lnk [2008/10/29 22:12:42 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2008/10/29 16:47:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Windows Search [2008/10/29 16:41:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Windows Desktop Search [2008/10/29 16:40:31 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search [2008/10/29 16:40:00 | 00,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\offfilt.dll [2008/10/29 16:40:00 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nlhtml.dll [2008/10/29 16:40:00 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mimefilt.dll [2008/10/29 16:39:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP [2008/10/29 14:59:24 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner [2008/10/29 13:34:08 | 21,459,64032 | -HS- | C] () -- C:\hiberfil.sys [2008/10/29 10:11:19 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center [2008/10/28 20:57:31 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2008/10/27 00:50:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\My Documents\Downloads [2008/10/27 00:34:46 | 00,000,000 | ---D | C] -- C:\Program Files\uTorrent [2008/10/26 00:18:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\uTorrent [2008/10/24 09:46:18 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll [2008/10/23 21:44:12 | 00,004,096 | -H-- | C] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\keyfile3.drm [2008/10/23 12:15:12 | 00,000,143 | ---- | C] () -- C:\WINDOWS\wininit.ini [2008/10/22 20:55:27 | 00,137,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2008/10/22 20:55:27 | 00,022,328 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\PnkBstrK.sys [2008/10/22 20:55:16 | 00,183,120 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2008/10/22 20:55:14 | 00,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2008/10/22 20:55:11 | 00,000,319 | ---- | C] () -- C:\WINDOWS\game.ini [2008/10/22 20:44:16 | 00,000,000 | ---D | C] -- C:\Program Files\Activision [2008/10/22 20:34:58 | 00,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache [2008/10/22 19:15:01 | 00,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DAEMON Tools.lnk [2008/10/22 19:15:00 | 00,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools [2008/10/22 19:10:17 | 00,682,232 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2008/10/22 11:28:27 | 00,000,000 | ---D | C] -- C:\Program Files\directx [2008/10/22 11:26:35 | 00,000,000 | ---D | C] -- C:\DeusEx [2008/10/20 19:51:04 | 00,012,364 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\Trii RECIPE''.docx [2008/10/17 14:19:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\IObit [2008/10/16 16:49:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\My Documents\Max Payne 2 Savegames [2008/10/15 23:10:51 | 00,000,000 | ---D | C] -- C:\Program Files\Ejay [2008/10/15 22:10:52 | 00,030,031 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\The Millennium Bug.docx [2008/10/15 17:19:08 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\compbatt.sys [2008/10/15 17:19:08 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compbatt.sys [2008/10/15 17:19:06 | 00,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidbatt.sys [2008/10/15 17:19:06 | 00,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbatt.sys [2008/10/15 17:19:06 | 00,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys [2008/10/15 17:19:06 | 00,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\battc.sys [2008/10/15 10:25:42 | 00,000,000 | ---D | C] -- C:\Program Files\Blaze Media Pro [2008/10/15 10:15:20 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC [2008/10/15 09:45:40 | 00,333,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys [2008/10/15 09:45:35 | 01,846,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys [2008/10/15 09:45:31 | 02,145,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe [2008/10/15 09:45:30 | 02,189,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe [2008/10/15 09:45:29 | 02,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe [2008/10/15 09:45:29 | 02,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe [2008/10/14 19:57:34 | 00,000,000 | ---D | C] -- C:\Program Files\Acoustica Shared Effects [2008/10/14 19:57:18 | 00,000,000 | ---D | C] -- C:\Program Files\Acoustica Beatcraft [2008/10/14 00:16:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Juce VST Host [2008/10/14 00:01:19 | 00,225,280 | ---- | C] (Propellerhead Software AB) -- C:\WINDOWS\System32\rewire.dll [2008/10/14 00:01:19 | 00,000,000 | ---D | C] -- C:\Program Files\VstPlugins [2008/10/14 00:00:14 | 00,000,000 | ---D | C] -- C:\Program Files\Outsim [2008/10/13 23:57:59 | 00,000,000 | ---D | C] -- C:\Program Files\Image-Line [2008/10/13 21:55:44 | 00,011,813 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\Ms Wendy Fitzwillliams.docx [2008/10/13 16:45:08 | 00,001,588 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\LimeWire PRO 4.18.8.lnk [2008/10/11 23:50:46 | 00,000,406 | ---- | C] () -- C:\WINDOWS\System32\ioloBootDefrag.cfg [2008/10/11 23:50:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\iolo [2008/10/11 23:50:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\iolo [2008/10/10 17:56:51 | 00,000,000 | ---D | C] -- C:\Program Files\IObit [2008/10/10 16:18:17 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSVCP71.DLL [2008/10/10 16:18:17 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSVCR71.DLL [2008/10/10 16:18:16 | 00,409,600 | ---- | C] () -- C:\WINDOWS\System32\vampd.ax [2008/10/10 16:18:16 | 00,348,160 | ---- | C] () -- C:\WINDOWS\System32\cdga.dll [2008/10/10 16:18:16 | 00,014,909 | ---- | C] () -- C:\WINDOWS\System32\A_reg.reg [2008/10/10 16:18:15 | 00,364,544 | ---- | C] (Cucusoft Inc.) -- C:\WINDOWS\System32\cdg.dll [2008/10/10 16:18:15 | 00,114,688 | ---- | C] (Cucusoft Inc.) -- C:\WINDOWS\System32\PropListCtrl.ocx [2008/10/10 00:17:13 | 16,080,498 | -H-- | C] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\IconCache.db [2008/10/09 17:57:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Local Settings\Application Data\Identities [2008/10/07 20:32:58 | 00,010,955 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\mamy computer class work.docx [2008/10/06 22:40:56 | 00,000,000 | ---D | C] -- C:\Program Files\Zuma Deluxe [2008/10/06 22:24:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PlayFirst [2008/10/06 22:24:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\PlayFirst [2008/10/06 22:23:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games [2008/10/06 22:21:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cooking Dash ========== Files - Modified Within 30 Days ========== [2 C:\WINDOWS\*.tmp files] [2008/11/05 13:40:35 | 11,591,712 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat [2008/11/05 12:10:12 | 00,192,554 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2008/11/05 12:09:49 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2008/11/05 12:08:01 | 00,352,917 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml [2008/11/05 12:08:01 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2008/11/05 12:07:54 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2008/11/05 12:07:52 | 21,459,64032 | -HS- | M] () -- C:\hiberfil.sys [2008/11/05 12:07:24 | 00,136,652 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx [2008/11/05 12:07:09 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm [2008/11/05 12:07:09 | 00,000,232 | -H-- | M] () -- C:\sqmdata15.sqm [2008/11/05 11:59:09 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm [2008/11/05 11:59:09 | 00,000,232 | -H-- | M] () -- C:\sqmdata14.sqm [2008/11/05 11:59:07 | 16,080,498 | -H-- | M] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\IconCache.db [2008/11/05 11:56:14 | 00,137,480 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2008/11/05 11:56:07 | 00,183,120 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe [2008/11/05 11:47:04 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm [2008/11/05 11:47:04 | 00,000,232 | -H-- | M] () -- C:\sqmdata13.sqm [2008/11/05 11:34:38 | 00,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat [2008/11/05 11:26:36 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm [2008/11/05 11:26:36 | 00,000,232 | -H-- | M] () -- C:\sqmdata12.sqm [2008/11/05 11:11:57 | 00,287,274 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2008/11/05 02:17:40 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm [2008/11/05 02:17:40 | 00,000,232 | -H-- | M] () -- C:\sqmdata11.sqm [2008/11/04 22:43:01 | 00,023,040 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008/11/04 15:09:48 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm [2008/11/04 15:09:48 | 00,000,232 | -H-- | M] () -- C:\sqmdata10.sqm [2008/11/04 02:38:27 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm [2008/11/04 02:38:27 | 00,000,232 | -H-- | M] () -- C:\sqmdata09.sqm [2008/11/03 15:02:23 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm [2008/11/03 15:02:23 | 00,000,232 | -H-- | M] () -- C:\sqmdata08.sqm [2008/11/03 00:21:26 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm [2008/11/03 00:21:26 | 00,000,232 | -H-- | M] () -- C:\sqmdata07.sqm [2008/11/02 20:12:18 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm [2008/11/02 20:12:18 | 00,000,232 | -H-- | M] () -- C:\sqmdata06.sqm [2008/11/02 15:27:08 | 00,716,840 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2008/11/02 15:27:08 | 00,593,100 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2008/11/02 15:27:08 | 00,110,956 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2008/10/31 19:04:01 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2008/10/30 18:15:50 | 00,073,992 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2008/10/30 18:15:04 | 01,572,592 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2008/10/30 18:13:11 | 00,265,996 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\cc_20081030_191257.reg [2008/10/30 18:03:02 | 00,000,156 | ---- | M] () -- C:\WINDOWS\Twunk001.MTX [2008/10/30 18:03:02 | 00,000,006 | ---- | M] () -- C:\WINDOWS\Twain001.Mtx [2008/10/30 17:45:31 | 00,000,653 | ---- | M] () -- C:\WINDOWS\win.ini [2008/10/30 17:45:31 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2008/10/30 17:45:31 | 00,000,211 | -HS- | M] () -- C:\boot.ini [2008/10/29 22:12:42 | 00,001,740 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\HijackThis.lnk [2008/10/29 13:31:12 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2008/10/27 20:22:40 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk [2008/10/23 21:44:12 | 00,004,096 | -H-- | M] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\keyfile3.drm [2008/10/23 12:15:12 | 00,000,143 | ---- | M] () -- C:\WINDOWS\wininit.ini [2008/10/22 23:47:45 | 00,066,872 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe [2008/10/22 20:55:27 | 00,022,328 | ---- | M] () -- C:\Documents and Settings\Admin\Application Data\PnkBstrK.sys [2008/10/22 20:55:12 | 00,000,319 | ---- | M] () -- C:\WINDOWS\game.ini [2008/10/22 19:15:01 | 00,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DAEMON Tools.lnk [2008/10/22 19:10:18 | 00,682,232 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys [2008/10/20 19:51:05 | 00,012,364 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\Trii RECIPE''.docx [2008/10/17 16:15:00 | 00,000,390 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job [2008/10/17 14:40:35 | 00,267,187 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20081105-111157.backup [2008/10/15 22:10:53 | 00,030,031 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\The Millennium Bug.docx [2008/10/15 08:34:24 | 00,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netapi32.dll [2008/10/15 08:34:24 | 00,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll [2008/10/13 21:55:44 | 00,011,813 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\Ms Wendy Fitzwillliams.docx [2008/10/13 16:45:08 | 00,001,588 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\LimeWire PRO 4.18.8.lnk [2008/10/11 23:50:46 | 00,000,406 | ---- | M] () -- C:\WINDOWS\System32\ioloBootDefrag.cfg [2008/10/09 12:41:57 | 00,266,084 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20081017-154035.backup [2008/10/07 23:28:24 | 00,001,080 | ---- | M] () -- C:\WINDOWS\AUTOLNCH.REG [2008/10/07 20:32:59 | 00,010,955 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\mamy computer class work.docx [2008/10/07 11:19:40 | 16,721,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe [2008/10/06 23:48:22 | 00,000,045 | ---- | M] () -- C:\WINDOWS\popcinfo.dat < End of report >
  4. bubbleboi
    Ok i did a full Spybot Search and Destroy scan with the teatimer disabled and nothing came up. I also did an online scan with Panda but nothing serious came up, here is the log file: ;******************************************************************************* ******************************************************************************** * ******************* ANALYSIS: 2008-11-05 13:30:29 PROTECTIONS: 2 MALWARE: 8 SUSPECTS: 4 ;******************************************************************************* ******************************************************************************** * ******************* PROTECTIONS Description Version Active Updated ;=============================================================================== ================================================================================ = =================== Zone Alarm Security Suite 7.0.483.000 No Yes McAfee VirusScan Enterprise 8.5.0.781 No No ;=============================================================================== ================================================================================ = =================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=============================================================================== ================================================================================ = =================== 00194066 Application/Pskill.E HackTools No 0 Yes No C:\WINDOWS\system32\pskill.exe 02912157 W32/Spamta.gen.worm Virus/Worm No 0 Yes No C:\Documents and Settings\All Users\Desktop\Keys\Firegraphic 8.5.811\KeyGen\Keygen.exe 03429845 Bck/Hupigon.AZG Virus/Trojan No 1 No No C:\Documents and Settings\Admin\My Documents\LimeWire\Saved\FruityLoops Studio 8.0 XXL Edition\flstudio_8.0_install.exe[Toxic Biohazard.dll] 03858877 Bck/Hupigon.AZG Virus/Trojan No 1 No No C:\Documents and Settings\Admin\My Documents\LimeWire\Saved\FruityLoops Studio 8.0 XXL Edition\flstudio_8.0_install.exe[Toxic Biohazard.dll] 03898864 Generic Malware Virus/Trojan No 0 Yes No C:\Documents and Settings\All Users\Desktop\Keys\Nero 8.x Ultra Edition KeyGen\Nero 8.x Ultra Edition KeyGen.exe 03912468 Generic Trojan Virus/Trojan No 0 Yes No C:\Documents and Settings\All Users\Desktop\Keys\CyberScrubPatch\Crack\patch.exe 03914462 Trj/Lineage.BZE Virus/Trojan No 1 Yes No C:\Documents and Settings\All Users\Desktop\Keys\dvd CLONER 4.5 PATCH\patch.exe 03918998 Generic Malware Virus/Trojan No 0 Yes No C:\Documents and Settings\All Users\Desktop\Keys\Abby FineReader keygen\keygen.exe ;=============================================================================== ================================================================================ = =================== SUSPECTS Sent Location t] ;=============================================================================== ================================================================================ = =================== No C:\D\W\SE\2\PRISMSVR.EXE t] No C:\Documents and Settings\Admin\My Documents\LimeWire\Saved\Cucusoft Ultimate DVD Video Converter v7.8.7.6[+Serial]\Atomic.Alarm.Clock.v5.81-TE\ataclock581.exe No C:\Documents and Settings\All Users\Start Menu\Programs\SysInternals stuff\PsTools\psshutdown.exe t] No C:\Program Files\Trojan Remover\Rmvtrjan.exe t] ;=============================================================================== ================================================================================ = =================== VULNERABILITIES Id Severity Description t] ;=============================================================================== ================================================================================ = =================== ;=============================================================================== ================================================================================ = ===================
  5. bubbleboi
    Please help mr Advanced setup, i started my own thread but no 1 replied . I used Malwarebytes Anti malware version 1.30 in the past and its a great great program, i use the free version. But the problem is that i uninstalled it for sum reason i cant remember. Now, trying to reinstall it i get this error: "C:\Program files\Malwarebytes Anti-malware\ssubtmr6.dll Unable to register the DLL/OCX:Reg Svr32 failed with exit code 0x5. Click retry to try again, Ingnor to preceed anyway (not recommended), or abort to cancel installation" I've clicked retry 100 times an it dosnt work, i clicked ignore an i get another error message, can u help me please tell how to solve this prob, i really need this software. My thread is new it shud b on the first page, look for bubbleboi. I used hijack this an this was my log report: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:56:13 PM, on 29/10/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.20900) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\Program Files\McAfee\Common Framework\FrameworkService.exe C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PSIService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\McAfee\Common Framework\UdaterUI.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.2\apdproxy.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\McAfee\Common Framework\McTray.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Documents and Settings\Admin\My Documents\kern\themes\RocketDock\RocketDock.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\DNA\btdna.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {85DD4E0D-2B01-4D4D-9E66-3A165AB6EDA4} - (no file) O2 - BHO: (no name) - {AB89335C-B6EA-468C-A977-EC76F3818274} - (no file) O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll O3 - Toolbar: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBest.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.2\apdproxy.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [RocketDock] "C:\Documents and Settings\Admin\My Documents\kern\themes\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase5036.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1187665171156 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll O20 - Winlogon Notify: mlJApppM - C:\WINDOWS\ O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 11492 bytes Thank you Mr. Advancedsetup
  6. bubbleboi
    Please help any1. I used Malwarebytes Anti malware version 1.30 in the past and its a great great program, i use the free version. But the problem is that i uninstalled it for sum reason i cant remember. Now, trying to reinstall it i get this error: "C:\Program files\Malwarebytes Anti-malware\ssubtmr6.dll Unable to register the DLL/OCX:Reg Svr32 failed with exit code 0x5. Click retry to try again, Ingnor to preceed anyway (not recommended), or abort to cancel installation" I've clicked retry 100 times an it dosnt work, i clicked ignore an i get another error message, can any1 tell me whats going on and how to solve this prob, i really need this software. Thank You.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.