It's Cyber Monday - fantastic 70% discount

Buy Now

Limited time offer:

03

Days

/

00

Hrs

/

04

Min

/

04

Sec

Cant log in to facebook

Posted 1/8/2010 5:25 PM
#81789
User avatar

migi99 Member

Date Joined Nov 2016
Total Posts: 8
i cant log in to facebook. whenever i get to log in my account, this URL will appear (http://chips01.t35.com/01.php) and it redirects me to facebook log in.. please help me solve this problem.. pls.
Posted 1/9/2010 2:21 AM
#81810
User avatar

Jintan Advanced member

Date Joined Nov 2016
Total Posts: 1049
Good, you did start your own thread. Two actually, so be sure to only post one request in the future. <br/> <br/>That website you are redirected to actually uses Facebook's legit login page to present to people, but has source code that suggests if someone entered their login information then, it would fail, or possibly t35.com would receive the information. <br/> <br/>You had post some logs in other threads already, so do the following, but if you already have the tool then just use it: <br/> <br/> <br/>To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs. <br/> <br/> <br/> Download RSIT (random's system information tool) from here to your desktop. Then click on the RSIT.exe to open the RSIT display, and click the Continue button. <br/> <br/>If necessary allow it to locate or download a copy of HijackThis as needed. <br/> <br/>Once the scan completes a textbox will open - copy/paste those contents here for review please. The log can also be found at C:\rsit\log.txt. <br/> <br/>RSIT will also create a second log, info.txt, which will be minimized to your taskbar. Post that here as well please (it will also be stored at C:\rsit\info.txt). <br/> <br/>You can break logs into parts and use separate posts here when replying and posting the log files, if needed. <br/> <br/>-------------- <br/> <br/>Also click here and download the installer for Gmer to your desktop, then click that file to run Gmer. <br/> <br/> <br/>Once the opening scan finishes, click on Scan (before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan). <br/> <br/>When completed, click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please.
Posted 1/9/2010 11:07 AM
#81821
User avatar

migi99 Member

Date Joined Nov 2016
Total Posts: 8
i'm not sure how to do it.. i dont know how to disable the antivirus. u mean uninstalling it?
Posted 1/9/2010 11:49 AM
#81822
User avatar

migi99 Member

Date Joined Nov 2016
Total Posts: 8
Posted 1/9/2010 12:03 PM
#81823
User avatar

migi99 Member

Date Joined Nov 2016
Total Posts: 8
1st LOG: <br/> <br/>Logfile of random's system information tool 1.06 (written by random/random) <br/>Run by kate at 2010-01-09 20:15:27 <br/>Microsoft Windows XP Professional Service Pack 3 <br/>System drive C: has 26 GB (67%) free of 39 GB <br/>Total RAM: 503 MB (11% free) <br/> <br/>Logfile of Trend Micro HijackThis v2.0.2 <br/>Scan saved at 8:16:12 PM, on 1/9/2010 <br/>Platform: Windows XP SP3 (WinNT 5.01.2600) <br/>MSIE: Internet Explorer v8.00 (8.00.6001.18702) <br/>Boot mode: Normal <br/> <br/>Running processes: <br/>C:\WINDOWS\System32\smss.exe <br/>C:\WINDOWS\system32\winlogon.exe <br/>C:\WINDOWS\system32\services.exe <br/>C:\WINDOWS\system32\lsass.exe <br/>C:\WINDOWS\system32\svchost.exe <br/>C:\WINDOWS\System32\svchost.exe <br/>C:\WINDOWS\system32\spoolsv.exe <br/>C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe <br/>C:\WINDOWS\system32\svchost.exe <br/>C:\Program Files\Java\jre6\bin\jqs.exe <br/>C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe <br/>C:\WINDOWS\system32\svchost.exe <br/>C:\PROGRA~1\AVG\AVG8\avgam.exe <br/>C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe <br/>C:\PROGRA~1\AVG\AVG8\avgrsx.exe <br/>C:\PROGRA~1\AVG\AVG8\avgnsx.exe <br/>C:\PROGRA~1\AVG\AVG8\avgemc.exe <br/>C:\Program Files\AVG\AVG8\avgcsrvx.exe <br/>C:\WINDOWS\Explorer.exe <br/>C:\WINDOWS\system32\WgaTray.exe <br/>C:\WINDOWS\system32\RVHOST.exe <br/>C:\PROGRA~1\AVG\AVG8\avgtray.exe <br/>C:\Program Files\HP\HP Software Update\HPWuSchd2.exe <br/>C:\Program Files\Java\jre6\bin\jusched.exe <br/>C:\WINDOWS\RTHDCPL.EXE <br/>C:\WINDOWS\system32\ctfmon.exe <br/>C:\Program Files\Windows Live\Messenger\msnmsgr.exe <br/>C:\WINDOWS\system32\RVHOST.exe <br/>C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe <br/>C:\Program Files\LimeWire\LimeWire.exe <br/>C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe <br/>C:\Program Files\Mozilla Firefox\firefox.exe <br/>C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe <br/>C:\Program Files\AVG\AVG8\avgscanx.exe <br/>C:\Program Files\AVG\AVG8\avgcsrvx.exe <br/>C:\WINDOWS\system32\wscntfy.exe <br/>C:\Documents and Settings\kate\My Documents\Downloads\RSIT(2).exe <br/>C:\Program Files\trend micro\kate.exe <br/> <br/>R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html <br/>R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/ <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ <br/>R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com <br/>F2 - REG:system.ini: Shell=Explorer.exe RVHOST.exe <br/>O1 - Hosts: 79.106.2.131 localhost <br/>O1 - Hosts: 79.106.2.131 facebook.com <br/>O1 - Hosts: 79.106.2.131 www.facebook.com <br/>O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll <br/>O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll <br/>O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) <br/>O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll <br/>O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll <br/>O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL <br/>O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll <br/>O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll <br/>O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll <br/>O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll <br/>O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL <br/>O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll <br/>O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll <br/>O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe <br/>O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe <br/>O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe <br/>O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe <br/>O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE <br/>O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.EXE <br/>O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe <br/>O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" <br/>O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH) <br/>O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe <br/>O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE <br/>O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE <br/>O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe <br/>O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background <br/>O4 - HKCU\..\Run: [LREC75DND7] C:\DOCUME~1\kate\LOCALS~1\Temp\c.exe <br/>O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet <br/>O4 - HKCU\..\Run: [Yahoo Messengger] C:\WINDOWS\system32\RVHOST.exe <br/>O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe <br/>O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe <br/>O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 <br/>O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll <br/>O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll <br/>O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL <br/>O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe <br/>O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe <br/>O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe <br/>O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe <br/>O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1214837377265 <br/>O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll <br/>O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll <br/>O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe <br/>O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe <br/>O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe <br/>O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe <br/>O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe <br/>O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe <br/> <br/>-- <br/>End of file - 8192 bytes <br/> <br/>======Scheduled tasks folder====== <br/> <br/>C:\WINDOWS\tasks\At1.job <br/>C:\WINDOWS\tasks\User_Feed_Synchronization-{C0ECAFC6-6EE8-4AB6-A74B-D1EC26237580}.job <br/> <br/>======Registry dump====== <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] <br/>&Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2009-09-19 1172280] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] <br/>AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-12-31 1111320] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] <br/>Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] <br/>Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}] <br/>AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2009-12-31 1968920] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] <br/>Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-01 41760] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] <br/>Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] <br/>JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-01 73728] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}] <br/>SingleInstance Class - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2009-09-19 158008] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] <br/>{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2009-12-31 1968920] <br/>{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2009-09-19 1172280] <br/>{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] <br/>Locked <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <br/>"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [] <br/>"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [] <br/>"Persistence"=C:\WINDOWS\system32\igfxpers.exe [] <br/>"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-12-31 2043160] <br/>"VMSnap3"=C:\WINDOWS\VMSnap3.EXE [2006-08-29 49152] <br/>"Domino"=C:\WINDOWS\Domino.EXE [2006-06-28 49152] <br/>"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152] <br/>"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2010-01-01 149280] <br/>"BigDog303"=C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH) [] <br/>"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136] <br/>"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-11-22 16858112] <br/>"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] <br/> <br/>[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <br/>"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] <br/>"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] <br/>"LREC75DND7"=C:\DOCUME~1\kate\LOCALS~1\Temp\c.exe [] <br/>"Messenger (Yahoo!)"=C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2009-05-26 4351216] <br/>"Yahoo Messengger"=C:\WINDOWS\system32\RVHOST.exe [2008-05-25 603648] <br/> <br/>C:\Documents and Settings\All Users\Start Menu\Programs\Startup <br/>HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe <br/> <br/>C:\Documents and Settings\kate\Start Menu\Programs\Startup <br/>LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter] <br/>C:\WINDOWS\system32\avgrsstx.dll [2009-12-31 11952] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] <br/>igfxdev.dll [] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] <br/>C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496] <br/> <br/>[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] <br/>"DisableTaskMgr"=1 <br/>"DisableRegistryTools"=1 <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] <br/>"dontdisplaylastusername"=0 <br/>"legalnoticecaption"= <br/>"legalnoticetext"= <br/>"shutdownwithoutlogon"=1 <br/>"undockwithoutlogon"=1 <br/> <br/>[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] <br/>"NoDriveTypeAutoRun"=145 <br/>"NofolderOptions"=1 <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] <br/>"HonorAutoRunSetting"= <br/> <br/>[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] <br/>"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" <br/>"C:\Program Files\AVG\AVG8\avgam.exe"="C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe" <br/>"C:\Program Files\AVG\AVG8\avgdiag.exe"="C:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe" <br/>"C:\Program Files\AVG\AVG8\avgdiagex.exe"="C:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe" <br/>"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe" <br/>"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe" <br/>"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe" <br/>"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger" <br/>"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" <br/>"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App" <br/>"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire" <br/>"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" <br/>"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" <br/>"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" <br/>"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser" <br/>"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox" <br/> <br/>[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] <br/>"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" <br/>"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" <br/>"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" <br/>"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" <br/>"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" <br/> <br/>======List of files/folders created in the last 1 months====== <br/> <br/>2010-01-10 07:44:21 ----D---- C:\Program Files\Mozilla Firefox <br/>2010-01-10 07:25:55 ----A---- C:\WINDOWS\ntbtlog.txt <br/>2010-01-09 20:15:27 ----D---- C:\rsit <br/>2010-01-09 12:03:35 ----D---- C:\WINDOWS\LastGood <br/>2010-01-09 12:03:32 ----RA---- C:\WINDOWS\VMSnap3.EXE <br/>2010-01-09 12:03:32 ----RA---- C:\WINDOWS\VM303Cap.exe <br/>2010-01-09 12:03:32 ----RA---- C:\WINDOWS\system32\VM303STI.dll <br/>2010-01-09 12:03:32 ----RA---- C:\WINDOWS\system32\setupfilter.exe <br/>2010-01-09 12:03:32 ----RA---- C:\WINDOWS\Domino.EXE <br/>2010-01-09 12:03:32 ----R---- C:\WINDOWS\Zoom.exe <br/>2010-01-09 12:03:32 ----R---- C:\WINDOWS\VMPipe.dll <br/>2010-01-09 12:03:31 ----RA---- C:\WINDOWS\amcap.exe <br/>2010-01-09 12:03:31 ----A---- C:\WINDOWS\VMInstNT.exe <br/>2010-01-09 12:03:31 ----A---- C:\WINDOWS\VM303UninstNT.exe <br/>2010-01-09 12:03:30 ----D---- C:\WINDOWS\EffectResources <br/>2010-01-09 01:58:30 ----A---- C:\WINDOWS\Pool.INI <br/>2010-01-09 01:34:21 ----D---- C:\Documents and Settings\All Users\Application Data\Oberon Media <br/>2010-01-09 00:21:51 ----D---- C:\Program Files\trend micro <br/>2010-01-08 23:12:41 ----RASH---- C:\WINDOWS\system32\RVHOST.exe <br/>2010-01-08 20:29:15 ----D---- C:\Program Files\Spybot - Search & Destroy <br/>2010-01-08 20:29:15 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy <br/>2010-01-08 01:47:53 ----D---- C:\Documents and Settings\kate\Application Data\funkitron <br/>2010-01-07 00:51:59 ----D---- C:\Documents and Settings\kate\Application Data\Opera <br/>2010-01-07 00:51:40 ----D---- C:\Program Files\Opera <br/>2010-01-07 00:24:16 ----D---- C:\Documents and Settings\kate\Application Data\Flock <br/>2010-01-06 22:17:58 ----D---- C:\Documents and Settings\kate\Application Data\Macromedia <br/>2010-01-06 18:38:12 ----D---- C:\Program Files\GameHouse Games Collection <br/>2010-01-06 18:22:16 ----RA---- C:\WINDOWS\system32\ChCfg.exe <br/>2010-01-06 18:20:45 ----RA---- C:\WINDOWS\Alcmtr.exe <br/>2010-01-06 18:20:41 ----A---- C:\WINDOWS\HideWin.exe <br/>2010-01-06 07:44:24 ----A---- C:\WINDOWS\ODBC.INI <br/>2010-01-06 07:43:38 ----D---- C:\Program Files\Microsoft ActiveSync <br/>2010-01-06 07:43:32 ----D---- C:\Program Files\Common Files\DESIGNER <br/>2010-01-06 07:43:04 ----D---- C:\WINDOWS\SHELLNEW <br/>2010-01-06 07:43:04 ----D---- C:\Program Files\Microsoft.NET <br/>2010-01-06 07:43:04 ----D---- C:\Program Files\Microsoft Office <br/>2010-01-06 06:19:29 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$ <br/>2010-01-06 04:10:38 ----D---- C:\WINDOWS\Performance <br/>2010-01-06 03:59:07 ----D---- C:\Program Files\Microsoft Sync Framework <br/>2010-01-06 03:58:22 ----A---- C:\WINDOWS\system32\d3dx9_32.dll <br/>2010-01-06 03:58:16 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition <br/>2010-01-06 03:58:00 ----HDC---- C:\WINDOWS\$NtUninstallKB954708$ <br/>2010-01-06 03:56:58 ----D---- C:\Program Files\Microsoft <br/>2010-01-06 03:56:41 ----D---- C:\Program Files\Windows Live SkyDrive <br/>2010-01-06 03:56:18 ----D---- C:\Program Files\Windows Live <br/>2010-01-06 03:36:20 ----D---- C:\Program Files\Common Files\Windows Live <br/>2010-01-06 03:35:45 ----D---- C:\Program Files\Microsoft Silverlight <br/>2010-01-06 03:33:03 ----A---- C:\WINDOWS\system32\mucltui.dll.mui <br/>2010-01-06 03:33:03 ----A---- C:\WINDOWS\system32\mucltui.dll <br/>2010-01-02 22:27:09 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$ <br/>2010-01-02 03:07:45 ----D---- C:\WINDOWS\system32\XPSViewer <br/>2010-01-02 03:07:39 ----D---- C:\Program Files\MSBuild <br/>2010-01-02 03:07:28 ----D---- C:\Program Files\Reference Assemblies <br/>2010-01-02 03:06:51 ----N---- C:\WINDOWS\system32\prntvpt.dll <br/>2010-01-02 03:06:50 ----N---- C:\WINDOWS\system32\xpssvcs.dll <br/>2010-01-02 03:06:50 ----N---- C:\WINDOWS\system32\xpsshhdr.dll <br/>2010-01-01 22:01:08 ----A---- C:\WINDOWS\NeroDigital.ini <br/>2010-01-01 21:56:08 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$ <br/>2010-01-01 18:09:31 ----D---- C:\Documents and Settings\kate\Application Data\Mozilla <br/>2010-01-01 18:08:58 ----D---- C:\Documents and Settings\kate\Application Data\LimeWire <br/>2010-01-01 18:08:39 ----D---- C:\Program Files\LimeWire <br/>2010-01-01 14:52:07 ----D---- C:\Documents and Settings\kate\Application Data\Ahead <br/>2010-01-01 14:51:28 ----D---- C:\Documents and Settings\All Users\Application Data\Ahead <br/>2010-01-01 14:48:39 ----D---- C:\Program Files\Nero <br/>2010-01-01 14:48:39 ----D---- C:\Program Files\Common Files\Ahead <br/>2010-01-01 14:48:39 ----D---- C:\Documents and Settings\All Users\Application Data\Nero <br/>2010-01-01 14:47:17 ----D---- C:\WINDOWS\RegisteredPackages <br/>2010-01-01 14:46:54 ----A---- C:\WINDOWS\system32\d3dx9_30.dll <br/>2010-01-01 14:46:48 ----A---- C:\WINDOWS\system32\d3dx9_28.dll <br/>2010-01-01 12:51:20 ----A---- C:\WINDOWS\system32\RtkCoInstXP.dll <br/>2010-01-01 12:05:31 ----HD---- C:\$AVG8.VAULT$ <br/>2010-01-01 11:35:01 ----RA---- C:\WINDOWS\system32\igxpun.exe <br/>2010-01-01 11:29:06 ----A---- C:\WINDOWS\VidCap32.exe <br/>2010-01-01 11:29:06 ----A---- C:\WINDOWS\MMVEM.EXE <br/>2010-01-01 11:29:06 ----A---- C:\WINDOWS\JAPI2.DLL <br/>2010-01-01 11:29:06 ----A---- C:\WINDOWS\JAPI.DLL <br/>2010-01-01 11:27:44 ----D---- C:\VP-EYE <br/>2010-01-01 11:26:39 ----HD---- C:\Program Files\InstallShield Installation Information <br/>2010-01-01 11:23:43 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage <br/>2010-01-01 11:17:18 ----D---- C:\Documents and Settings\kate\Application Data\HP <br/>2010-01-01 09:54:12 ----A---- C:\WINDOWS\system32\wmpns.dll <br/>2010-01-01 05:18:49 ----D---- C:\WINDOWS\Sun <br/>2010-01-01 05:08:18 ----A---- C:\WINDOWS\system32\javaws.exe <br/>2010-01-01 05:08:18 ----A---- C:\WINDOWS\system32\deploytk.dll <br/>2010-01-01 05:08:17 ----A---- C:\WINDOWS\system32\javaw.exe <br/>2010-01-01 05:08:17 ----A---- C:\WINDOWS\system32\java.exe <br/>2010-01-01 05:08:08 ----D---- C:\Program Files\Java <br/>2010-01-01 05:05:43 ----D---- C:\Documents and Settings\kate\Application Data\Sun <br/>2010-01-01 03:54:46 ----D---- C:\Documents and Settings\All Users\Application Data\HPSSUPPLY <br/>2010-01-01 03:52:54 ----D---- C:\Documents and Settings\All Users\Application Data\HP Product Assistant <br/>2010-01-01 03:52:53 ----D---- C:\Documents and Settings\All Users\Application Data\HP <br/>2010-01-01 03:50:09 ----D---- C:\Program Files\Common Files\HP <br/>2010-01-01 03:22:03 ----D---- C:\WINDOWS\system32\appmgmt <br/>2010-01-01 03:20:38 ----D---- C:\Temp <br/>2010-01-01 03:20:34 ----A---- C:\WINDOWS\GPInstall.exe <br/>2010-01-01 02:48:21 ----A---- C:\WINDOWS\system32\vfwwdm32.dll <br/>2010-01-01 01:25:27 ----D---- C:\Documents and Settings\All Users\Application Data\UAB <br/>2010-01-01 01:25:26 ----D---- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters <br/>2010-01-01 01:23:57 ----D---- C:\Program Files\PC Drivers HeadQuarters <br/>2010-01-01 01:22:02 ----RSD---- C:\WINDOWS\assembly <br/>2010-01-01 01:21:44 ----D---- C:\WINDOWS\Microsoft.NET <br/>2010-01-01 01:16:14 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$ <br/>2010-01-01 01:16:06 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$ <br/>2010-01-01 01:15:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$ <br/>2010-01-01 01:12:08 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$ <br/>2010-01-01 01:12:03 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$ <br/>2010-01-01 00:59:32 ----D---- C:\Intel <br/>2010-01-01 00:44:30 ----D---- C:\Program Files\HP <br/>2010-01-01 00:44:22 ----HD---- C:\Config.Msi <br/>2010-01-01 00:39:19 ----A---- C:\WINDOWS\UPGRADE.TXT <br/>2010-01-01 00:37:38 ----D---- C:\WINDOWS\Prefetch <br/>2010-01-01 00:35:51 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$ <br/>2010-01-01 00:35:43 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$ <br/>2010-01-01 00:35:37 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$ <br/>2010-01-01 00:35:31 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ <br/>2010-01-01 00:35:25 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$ <br/>2010-01-01 00:35:19 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$ <br/>2010-01-01 00:35:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$ <br/>2010-01-01 00:35:04 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$ <br/>2010-01-01 00:34:58 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$ <br/>2010-01-01 00:34:48 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$ <br/>2010-01-01 00:34:43 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$ <br/>2010-01-01 00:34:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$ <br/>2010-01-01 00:34:29 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$ <br/>2010-01-01 00:34:24 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$ <br/>2010-01-01 00:34:15 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$ <br/>2010-01-01 00:34:07 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$ <br/>2010-01-01 00:34:01 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$ <br/>2010-01-01 00:33:55 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$ <br/>2010-01-01 00:33:47 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$ <br/>2010-01-01 00:33:40 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$ <br/>2010-01-01 00:33:34 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$ <br/>2010-01-01 00:33:28 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$ <br/>2010-01-01 00:33:21 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$ <br/>2010-01-01 00:33:15 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$ <br/>2010-01-01 00:33:09 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$ <br/>2010-01-01 00:33:03 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$ <br/>2010-01-01 00:32:57 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$ <br/>2010-01-01 00:32:51 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ <br/>2010-01-01 00:32:45 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$ <br/>2010-01-01 00:32:39 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$ <br/>2010-01-01 00:32:34 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ <br/>2010-01-01 00:32:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ <br/>2010-01-01 00:32:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$ <br/>2010-01-01 00:32:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$ <br/>2010-01-01 00:32:03 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$ <br/>2010-01-01 00:31:57 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ <br/>2010-01-01 00:31:51 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ <br/>2010-01-01 00:31:44 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$ <br/>2010-01-01 00:31:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ <br/>2010-01-01 00:31:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ <br/>2010-01-01 00:31:25 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$ <br/>2010-01-01 00:31:20 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ <br/>2010-01-01 00:31:14 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ <br/>2010-01-01 00:31:08 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ <br/>2010-01-01 00:31:01 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$ <br/>2010-01-01 00:26:24 ----D---- C:\WINDOWS\system32\scripting <br/>2010-01-01 00:26:24 ----D---- C:\WINDOWS\l2schemas <br/>2010-01-01 00:26:23 ----D---- C:\WINDOWS\system32\en <br/>2010-01-01 00:26:23 ----D---- C:\WINDOWS\system32\bits <br/>2010-01-01 00:20:12 ----D---- C:\WINDOWS\network diagnostic <br/>2010-01-01 00:19:03 ----D---- C:\WINDOWS\system32\ReinstallBackups <br/>2010-01-01 00:16:14 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$ <br/>2010-01-01 00:12:04 ----A---- C:\WINDOWS\Ascd_tmp.ini <br/>2009-12-31 22:59:20 ----D---- C:\WINDOWS\ie8updates <br/>2009-12-31 22:58:50 ----D---- C:\WINDOWS\WBEM <br/>2009-12-31 22:58:05 ----HDC---- C:\WINDOWS\ie8 <br/>2009-12-31 22:58:05 ----D---- C:\WINDOWS\system32\en-US <br/>2009-12-31 22:52:12 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$ <br/>2009-12-31 22:52:07 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$ <br/>2009-12-31 22:52:01 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$ <br/>2009-12-31 22:51:55 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$ <br/>2009-12-31 22:51:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$ <br/>2009-12-31 22:51:45 ----HDC---- C:\WINDOWS\$NtUninstallKB960859_0$ <br/>2009-12-31 22:51:40 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$ <br/>2009-12-31 22:51:35 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$ <br/>2009-12-31 22:51:32 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$ <br/>2009-12-31 22:51:09 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$ <br/>2009-12-31 22:51:04 ----HDC---- C:\WINDOWS\$NtUninstallKB969059_0$ <br/>2009-12-31 22:50:59 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2_0$ <br/>2009-12-31 22:50:43 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$ <br/>2009-12-31 22:42:34 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$ <br/>2009-12-31 22:42:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971657_0$ <br/>2009-12-31 22:42:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971557_0$ <br/>2009-12-31 22:42:20 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$ <br/>2009-12-31 22:42:15 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_0$ <br/>2009-12-31 22:42:01 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$ <br/>2009-12-31 22:41:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956844_0$ <br/>2009-12-31 22:41:44 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$ <br/>2009-12-31 22:41:39 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$ <br/>2009-12-31 22:41:35 ----HDC---- C:\WINDOWS\$NtUninstallKB971633_0$ <br/>2009-12-31 22:41:30 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$ <br/>2009-12-31 22:41:26 ----HDC---- C:\WINDOWS\$NtUninstallKB973869_0$ <br/>2009-12-31 22:41:21 ----HDC---- C:\WINDOWS\$NtUninstallKB975025_0$ <br/>2009-12-31 22:41:14 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$ <br/>2009-12-31 22:41:08 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$ <br/>2009-12-31 22:41:02 ----HDC---- C:\WINDOWS\$NtUninstallKB974571_0$ <br/>2009-12-31 22:40:48 ----HDC---- C:\WINDOWS\$NtUninstallKB976325$ <br/>2009-12-31 22:40:39 ----HDC---- C:\WINDOWS\$NtUninstallKB973507_0$ <br/>2009-12-31 22:40:34 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$ <br/>2009-12-31 22:40:29 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$ <br/>2009-12-31 22:40:24 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$ <br/>2009-12-31 22:40:19 ----HDC---- C:\WINDOWS\$NtUninstallKB958687_0$ <br/>2009-12-31 22:40:14 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$ <br/>2009-12-31 22:40:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973354_0$ <br/>2009-12-31 22:40:04 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$ <br/>2009-12-31 22:39:56 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$ <br/>2009-12-31 22:39:50 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$ <br/>2009-12-31 22:39:45 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$ <br/>2009-12-31 22:39:39 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$ <br/>2009-12-31 22:39:33 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$ <br/>2009-12-31 22:39:28 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$ <br/>2009-12-31 22:39:19 ----HDC---- C:\WINDOWS\$NtUninstallKB971486_0$ <br/>2009-12-31 22:39:11 ----D---- C:\WINDOWS\ServicePackFiles <br/>2009-12-31 22:39:10 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$ <br/>2009-12-31 22:39:04 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$ <br/>2009-12-31 22:38:59 ----HDC---- C:\WINDOWS\$NtUninstallKB973815_0$ <br/>2009-12-31 22:38:53 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$ <br/>2009-12-31 22:36:50 ----A---- C:\WINDOWS\system32\MRT.exe <br/>2009-12-31 22:36:41 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$ <br/>2009-12-31 22:36:34 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$ <br/>2009-12-31 22:36:29 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$ <br/>2009-12-31 22:36:24 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$ <br/>2009-12-31 22:36:19 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$ <br/>2009-12-31 22:36:14 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$ <br/>2009-12-31 22:36:08 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_0$ <br/>2009-12-31 22:36:02 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$ <br/>2009-12-31 22:35:54 ----HDC---- C:\WINDOWS\$NtUninstallKB969947_0$ <br/>2009-12-31 22:12:52 ----N---- C:\WINDOWS\system32\tzchange.exe <br/>2009-12-31 22:07:16 ----N---- C:\WINDOWS\system32\xpsp4res.dll <br/>2009-12-31 22:07:15 ----A---- C:\WINDOWS\system32\xpsp3res.dll <br/>2009-12-31 22:01:24 ----D---- C:\Program Files\Common Files\InstallShield <br/>2009-12-31 21:58:06 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$ <br/>2009-12-31 21:57:51 ----N---- C:\WINDOWS\system32\spmsg.dll <br/>2009-12-31 21:57:51 ----D---- C:\WINDOWS\system32\PreInstall <br/>2009-12-31 21:57:51 ----A---- C:\WINDOWS\system32\spupdsvc.exe <br/>2009-12-31 21:57:50 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$ <br/>2009-12-31 21:57:50 ----HD---- C:\WINDOWS\$hf_mig$ <br/>2009-12-31 21:18:46 ----A---- C:\WINDOWS\system32\ksuser.dll <br/>2009-12-31 20:46:03 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion <br/>2009-12-31 20:46:02 ----D---- C:\Documents and Settings\kate\Application Data\Yahoo! <br/>2009-12-31 20:45:40 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! <br/>2009-12-31 20:45:01 ----D---- C:\WINDOWS\SxsCaPendDel <br/>2009-12-31 20:41:18 ----D---- C:\Documents and Settings\kate\Application Data\Adobe <br/>2009-12-31 20:40:41 ----SHD---- C:\RECYCLER <br/>2009-12-31 20:38:52 ----D---- C:\Program Files\Yahoo! <br/>2009-12-31 20:20:24 ----A---- C:\WINDOWS\system32\avgrsstx.dll <br/>2009-12-31 20:20:17 ----D---- C:\Documents and Settings\kate\Application Data\AVGTOOLBAR <br/>2009-12-31 20:20:10 ----D---- C:\Program Files\AVG <br/>2009-12-31 20:20:10 ----D---- C:\Documents and Settings\All Users\Application Data\avg8 <br/>2009-12-31 20:17:47 ----RASH---- C:\WINDOWS\system32\setting.ini <br/>2009-12-31 20:17:37 ----A---- C:\WINDOWS\RVHOST.exe <br/>2009-12-31 20:13:57 ----D---- C:\WINDOWS\system32\SoftwareDistribution <br/> <br/>======List of files/folders modified in the last 1 months====== <br/> <br/>2010-01-10 07:16:09 ----SHD---- C:\WINDOWS\Installer <br/>2010-01-10 06:46:50 ----A---- C:\WINDOWS\system.ini <br/>2010-01-10 05:33:10 ----D---- C:\WINDOWS\Help <br/>2010-01-09 20:16:14 ----D---- C:\WINDOWS\Temp <br/>2010-01-09 18:53:19 ----D---- C:\WINDOWS\system32 <br/>2010-01-09 17:22:19 ----A---- C:\WINDOWS\win.ini <br/>2010-01-09 16:38:40 ----SD---- C:\Documents and Settings\kate\Application Data\Microsoft <br/>2010-01-09 13:27:49 ----D---- C:\WINDOWS <br/>2010-01-09 13:23:18 ----RD---- C:\Program Files <br/>2010-01-09 12:04:30 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft <br/>2010-01-09 12:03:46 ----RSHDC---- C:\WINDOWS\system32\dllcache <br/>2010-01-09 12:03:40 ----D---- C:\WINDOWS\system32\drivers <br/>2010-01-09 12:03:36 ----HD---- C:\WINDOWS\inf <br/>2010-01-09 12:03:36 ----D---- C:\WINDOWS\system32\CatRoot <br/>2010-01-09 12:03:32 ----D---- C:\WINDOWS\twain_32 <br/>2010-01-09 12:00:11 ----D---- C:\WINDOWS\system32\CatRoot2 <br/>2010-01-09 11:59:47 ----SD---- C:\WINDOWS\Tasks <br/>2010-01-09 11:58:02 ----A---- C:\WINDOWS\SchedLgU.Txt <br/>2010-01-09 11:45:06 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI <br/>2010-01-06 20:37:14 ----RSD---- C:\WINDOWS\Fonts <br/>2010-01-06 18:50:17 ----D---- C:\Program Files\Common Files\Microsoft Shared <br/>2010-01-06 18:22:16 ----D---- C:\WINDOWS\system32\RTCOM <br/>2010-01-06 07:43:32 ----D---- C:\Program Files\Common Files <br/>2010-01-06 07:43:07 ----D---- C:\Program Files\Common Files\System <br/>2010-01-06 07:42:44 ----D---- C:\WINDOWS\system <br/>2010-01-06 04:39:34 ----D---- C:\WINDOWS\WinSxS <br/>2010-01-06 03:59:40 ----DC---- C:\WINDOWS\system32\DRVSTORE <br/>2010-01-06 03:58:23 ----D---- C:\WINDOWS\system32\DirectX <br/>2010-01-06 03:58:10 ----A---- C:\WINDOWS\imsins.BAK <br/>2010-01-02 03:07:07 ----D---- C:\WINDOWS\system32\spool <br/>2010-01-02 03:04:08 ----D---- C:\Program Files\Internet Explorer <br/>2010-01-01 14:48:12 ----D---- C:\Program Files\Windows Media Player <br/>2010-01-01 14:48:10 ----D---- C:\WINDOWS\security <br/>2010-01-01 00:55:08 ----D---- C:\WINDOWS\SoftwareDistribution <br/>2010-01-01 00:37:58 ----A---- C:\WINDOWS\OEWABLog.txt <br/>2010-01-01 00:37:41 ----A---- C:\WINDOWS\setuplog.txt <br/>2010-01-01 00:37:25 ----D---- C:\WINDOWS\system32\Setup <br/>2010-01-01 00:37:25 ----D---- C:\WINDOWS\AppPatch <br/>2010-01-01 00:34:44 ----D---- C:\Program Files\Outlook Express <br/>2010-01-01 00:31:10 ----D---- C:\Program Files\Messenger <br/>2010-01-01 00:26:41 ----D---- C:\WINDOWS\system32\inetsrv <br/>2010-01-01 00:26:40 ----D---- C:\WINDOWS\ime <br/>2010-01-01 00:26:25 ----D---- C:\WINDOWS\system32\usmt <br/>2010-01-01 00:26:23 ----D---- C:\WINDOWS\PeerNet <br/>2010-01-01 00:26:23 ----D---- C:\Program Files\Movie Maker <br/>2010-01-01 00:22:04 ----D---- C:\WINDOWS\system32\npp <br/>2010-01-01 00:22:04 ----D---- C:\WINDOWS\mui <br/>2010-01-01 00:22:03 ----D---- C:\WINDOWS\msagent <br/>2010-01-01 00:22:02 ----D---- C:\WINDOWS\srchasst <br/>2010-01-01 00:22:02 ----D---- C:\Program Files\NetMeeting <br/>2010-01-01 00:22:00 ----D---- C:\WINDOWS\system32\Com <br/>2010-01-01 00:21:58 ----D---- C:\Program Files\Windows NT <br/>2010-01-01 00:21:37 ----D---- C:\WINDOWS\system32\oobe <br/>2010-01-01 00:16:13 ----D---- C:\WINDOWS\ehome <br/>2009-12-31 22:58:45 ----D---- C:\WINDOWS\Media <br/>2009-12-31 22:17:29 ----D---- C:\WINDOWS\Debug <br/>2009-12-25 17:50:20 ----A---- C:\WINDOWS\vncutil.exe <br/>2009-12-25 17:50:08 ----A---- C:\WINDOWS\RtkAudioService.exe <br/> <br/>======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== <br/> <br/>R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-12-31 335240] <br/>R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-12-31 27784] <br/>R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-12-31 108552] <br/>R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352] <br/>R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752] <br/>R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] <br/>R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-11-27 4630016] <br/>R3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] <br/>R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-10-23 103296] <br/>R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] <br/>R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] <br/>R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] <br/>R3 vmfilter303;vmfilter303; C:\WINDOWS\system32\drivers\vmfilter303.sys [2006-04-24 428160] <br/>R3 ZSMC303;A4 TECH PC Camera H; C:\WINDOWS\System32\Drivers\usbVM303.sys [2006-11-30 392122] <br/>S3 ac97intc;Intel(r) 82801 Audio Driver Install Service (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256] <br/>S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480] <br/>S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] <br/>S3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] <br/>S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [] <br/>S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800] <br/>S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12160] <br/>S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] <br/>S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] <br/>S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] <br/>S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] <br/>S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] <br/>S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] <br/>S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] <br/> <br/>======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== <br/> <br/>R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-12-31 908056] <br/>R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-12-31 297752] <br/>R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] <br/>R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-01-01 153376] <br/>R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] <br/>R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912] <br/>R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392] <br/>R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] <br/>R3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] <br/>S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] <br/>S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] <br/>S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] <br/>S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] <br/>S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112] <br/>S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920] <br/>S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] <br/>S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] <br/> <br/>-----------------EOF-----------------
Posted 1/9/2010 12:04 PM
#81824
User avatar

migi99 Member

Date Joined Nov 2016
Total Posts: 8
2nd LOG.. info txt.. <br/> <br/> <br/>info.txt logfile of random's system information tool 1.06 2010-01-09 20:16:22 <br/> <br/>======Uninstall list====== <br/> <br/>-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE <br/>-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL <br/>-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL <br/>-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL <br/>-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL <br/>-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL <br/>-->C:\WINDOWS\UNRecode.exe /UNINSTALL <br/>-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf <br/>A4 TECH PC Camera H-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{362483B1-91EB-4CB4-B9BB-3B4B4C644404}\setup.exe" -l0x9 -removeonly <br/>Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe <br/>Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe <br/>AVG 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL <br/>Driver Detective-->MsiExec.exe /X{4640FDE1-B83A-4376-84ED-86F86BEE2D41} <br/>GameHouse Games Collection: Academy of Magic-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\ACADEM~1\Install.log <br/>GameHouse Games Collection: Adventure Inlay - Safari Edition-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\ADVENT~2\Install.log <br/>GameHouse Games Collection: Adventure Inlay-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\ADVENT~1\Install.log <br/>GameHouse Games Collection: Air Strike 3D-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\AIRSTR~1\Install.log <br/>GameHouse Games Collection: Alien Sky-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\ALIENS~1\Install.log <br/>GameHouse Games Collection: Aloha Solitaire-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\ALOHAS~1\Install.log <br/>GameHouse Games Collection: Aloha TriPeaks-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\ALOHAT~1\Install.log <br/>GameHouse Games Collection: Ancient Tri-Jong-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\ANCIEN~1\Install.log <br/>GameHouse Games Collection: Ancient Tripeaks-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\ANCIEN~2\Install.log <br/>GameHouse Games Collection: Astrobatics-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\ASTROB~1\Install.log <br/>GameHouse Games Collection: Atlantis-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\Atlantis\Install.log <br/>GameHouse Games Collection: Atomaders-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\ATOMAD~1\Install.log <br/>GameHouse Games Collection: Bejeweled 2-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\BEJEWE~1\Install.log <br/>GameHouse Games Collection: Bewitched-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\BEWITC~1\Install.log <br/>GameHouse Games Collection: Big Kahuna Reef-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\BIGKAH~1\Install.log <br/>GameHouse Games Collection: Boggle Supreme-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\BOGGLE~1\Install.log <br/>GameHouse Games Collection: Bounce Out Blitz-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\BOUNCE~1\Install.log <br/>GameHouse Games Collection: Digby's Donuts-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\DIGBY'~1\Install.log <br/>GameHouse Games Collection: Diner Dash-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\DINERD~1\Install.log <br/>GameHouse Games Collection: Feeding Frenzy-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\FEEDIN~1\Install.log <br/>GameHouse Games Collection: Flip Words-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\FLIPWO~1\Install.log <br/>GameHouse Games Collection: GameHouse Sudoku-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\GAMEHO~1\Install.log <br/>GameHouse Games Collection: Inspector Parker-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\INSPEC~1\Install.log <br/>GameHouse Games Collection: Pin High Country Club Golf-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\PINHIG~1\Install.log <br/>GameHouse Games Collection: Pizza Frenzy-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\PIZZAF~1\Install.log <br/>GameHouse Games Collection: Poker Superstars-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\POKERS~1\Install.log <br/>GameHouse Games Collection: Reader's Digest Super Word Power-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\READER~1\Install.log <br/>GameHouse Games Collection: SCRABBLE-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\SCRABBLE\Install.log <br/>GameHouse Games Collection: Super Pool-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\SUPERP~1\Install.log <br/>GameHouse Games Collection: Super TextTwist-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\SUPERT~1\Install.log <br/>GameHouse Games Collection: Super WHATword-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\SUPERW~1\Install.log <br/>GameHouse Games Collection: Ten Pin Championship Bowling Pro-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\TENPIN~1\Install.log <br/>GameHouse Games Collection: Tennis Titans-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\TENNIS~1\Install.log <br/>GameHouse Games Collection: Varmintz Deluxe-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\VARMIN~1\Install.log <br/>GameHouse Games Collection: Word Jolt-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\WORDJO~1\Install.log <br/>GameHouse Games Collection: Word Slinger-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\WORDSL~1\Install.log <br/>GameHouse Games Collection: Zuma Deluxe-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\ZUMADE~1\Install.log <br/>HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall <br/>Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" <br/>Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" <br/>Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" <br/>Hotfix for Windows XP (KB954708)-->"C:\WINDOWS\$NtUninstallKB954708$\spuninst\spuninst.exe" <br/>Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" <br/>Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe" <br/>HP Customer Participation Program 9.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat <br/>HP Deskjet Printer Driver Software 9.0-->C:\Program Files\HP\Digital Imaging\{03E66394-42F0-4745-85F7-0A2F8F35C09F}\setup\hpzscr01.exe -datfile hphscr15.dat -showdisconnect -forcereboot <br/>HP Imaging Device Functions 9.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat <br/>HP Photosmart Essential 2.01-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat <br/>HP Solution Center 9.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat <br/>HP Update-->MsiExec.exe /X{AB40272D-92AB-4F30-B36B-22EDE16F8FE5} <br/>HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3} <br/>Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall <br/>Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF} <br/>Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} <br/>LimeWire 5.4.6-->"C:\Program Files\LimeWire\uninstall.exe" <br/>Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} <br/>Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} <br/>Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe <br/>Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} <br/>Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} <br/>Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9} <br/>Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} <br/>Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} <br/>Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} <br/>Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} <br/>Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} <br/>Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} <br/>Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} <br/>Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} <br/>Mozilla Firefox (3.5.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe <br/>MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} <br/>Nero 7 Essentials-->MsiExec.exe /X{9F5AFBD2-AF6D-41E9-AFE8-F67AD7AF1033} <br/>Office Animation Runtime-->MsiExec.exe /X{AEEB3643-71DE-414d-9E3F-1159177FE211} <br/>Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly <br/>Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" <br/>Security Update for Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe" <br/>Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" <br/>Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" <br/>Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" <br/>Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" <br/>Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB976325)-->"C:\WINDOWS\$NtUninstallKB976325$\spuninst\spuninst.exe" <br/>Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} <br/>Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" <br/>Update for Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe" <br/>Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" <br/>Update for Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe" <br/>Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" <br/>Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" <br/>Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" <br/>Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" <br/>Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" <br/>VP-EYE-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC17B2BE-BA6F-4696-8E5D-ED2A62981CDA}\setup.exe" -l0x9 <br/>Windows Live Call-->MsiExec.exe /I{F6BD194C-4190-4D73-B1B1-C48C99921BFE} <br/>Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956} <br/>Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe <br/>Windows Live Essentials-->MsiExec.exe /I{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71} <br/>Windows Live Family Safety-->MsiExec.exe /X{139E303E-1050-497F-98B1-9AE87B15C463} <br/>Windows Live Mail-->MsiExec.exe /I{6412CECE-8172-4BE5-935B-6CECACD2CA87} <br/>Windows Live Messenger-->MsiExec.exe /X{A85FD55B-891B-4314-97A5-EA96C0BD80B5} <br/>Windows Live Photo Gallery-->MsiExec.exe /X{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA} <br/>Windows Live Sign-in Assistant-->MsiExec.exe /I{45338B07-A236-4270-9A77-EBB4115517B5} <br/>Windows Live Sync-->MsiExec.exe /X{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1} <br/>Windows Live Toolbar-->MsiExec.exe /X{995F1E2E-F542-4310-8E1D-9926F5A279B3} <br/>Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} <br/>Windows Live Writer-->MsiExec.exe /X{178832DE-9DE0-4C87-9F82-9315A9B03985} <br/>Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll <br/>Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" <br/>Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG <br/>Yahoo! Search Protection-->C:\PROGRA~1\Yahoo!\SEARCH~1\UNINST~1.EXE <br/>Yahoo! Software Update-->C:\PROGRA~1\Yahoo!\SOFTWA~1\UNINST~1.EXE <br/>Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE <br/> <br/>======Hosts File====== <br/> <br/>79.106.2.131 localhost <br/>79.106.2.131 facebook.com <br/>79.106.2.131 www.facebook.com <br/>127.0.0.1 www.007guard.com <br/>127.0.0.1 007guard.com <br/>127.0.0.1 008i.com <br/>127.0.0.1 www.008k.com <br/>127.0.0.1 008k.com <br/>127.0.0.1 www.00hq.com <br/>127.0.0.1 00hq.com <br/> <br/>======Security center information====== <br/> <br/>AV: AVG Anti-Virus (disabled) <br/> <br/>======System event log====== <br/> <br/>Computer Name: KATE-505C9D6E98 <br/>Event Code: 7 <br/>Message: The device, \Device\CdRom0, has a bad block. <br/> <br/>Record Number: 665 <br/>Source Name: Cdrom <br/>Time Written: 20091231220543.000000-480 <br/>Event Type: error <br/>User: <br/> <br/>Computer Name: KATE-505C9D6E98 <br/>Event Code: 7 <br/>Message: The device, \Device\CdRom0, has a bad block. <br/> <br/>Record Number: 664 <br/>Source Name: Cdrom <br/>Time Written: 20091231220540.000000-480 <br/>Event Type: error <br/>User: <br/> <br/>Computer Name: KATE-505C9D6E98 <br/>Event Code: 7 <br/>Message: The device, \Device\CdRom0, has a bad block. <br/> <br/>Record Number: 663 <br/>Source Name: Cdrom <br/>Time Written: 20091231220536.000000-480 <br/>Event Type: error <br/>User: <br/> <br/>Computer Name: KATE-505C9D6E98 <br/>Event Code: 7 <br/>Message: The device, \Device\CdRom0, has a bad block. <br/> <br/>Record Number: 662 <br/>Source Name: Cdrom <br/>Time Written: 20091231220531.000000-480 <br/>Event Type: error <br/>User: <br/> <br/>Computer Name: KATE-505C9D6E98 <br/>Event Code: 7 <br/>Message: The device, \Device\CdRom0, has a bad block. <br/> <br/>Record Number: 661 <br/>Source Name: Cdrom <br/>Time Written: 20091231220526.000000-480 <br/>Event Type: error <br/>User: <br/> <br/>=====Application event log===== <br/> <br/>Computer Name: KATE-505C9D6E98 <br/>Event Code: 5603 <br/>Message: A provider, Rsop Planning Mode Provider, has been registered in the WMI namespace, root\RSOP, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality. <br/> <br/>Record Number: 18 <br/>Source Name: WinMgmt <br/>Time Written: 20080701104143.000000-420 <br/>Event Type: warning <br/>User: NT AUTHORITY\SYSTEM <br/> <br/>Computer Name: KATE-505C9D6E98 <br/>Event Code: 5603 <br/>Message: A provider, Rsop Planning Mode Provider, has been registered in the WMI namespace, root\RSOP, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality. <br/> <br/>Record Number: 17 <br/>Source Name: WinMgmt <br/>Time Written: 20080701104143.000000-420 <br/>Event Type: warning <br/>User: NT AUTHORITY\SYSTEM <br/> <br/>Computer Name: KATE-505C9D6E98 <br/>Event Code: 63 <br/>Message: A provider, CmdTriggerConsumer, has been registered in the WMI namespace, Root\cimv2, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. <br/> <br/>Record Number: 13 <br/>Source Name: WinMgmt <br/>Time Written: 20080701103949.000000-420 <br/>Event Type: warning <br/>User: NT AUTHORITY\SYSTEM <br/> <br/>Computer Name: KATE-505C9D6E98 <br/>Event Code: 63 <br/>Message: A provider, CmdTriggerConsumer, has been registered in the WMI namespace, Root\cimv2, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. <br/> <br/>Record Number: 12 <br/>Source Name: WinMgmt <br/>Time Written: 20080701103949.000000-420 <br/>Event Type: warning <br/>User: NT AUTHORITY\SYSTEM <br/> <br/>Computer Name: KATE-505C9D6E98 <br/>Event Code: 63 <br/>Message: A provider, HiPerfCooker_v1, has been registered in the WMI namespace, Root\WMI, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. <br/> <br/>Record Number: 11 <br/>Source Name: WinMgmt <br/>Time Written: 20080701103948.000000-420 <br/>Event Type: warning <br/>User: NT AUTHORITY\SYSTEM <br/> <br/>======Environment variables====== <br/> <br/>"ComSpec"=%SystemRoot%\system32\cmd.exe <br/>"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem <br/>"windir"=%SystemRoot% <br/>"FP_NO_HOST_CHECK"=NO <br/>"OS"=Windows_NT <br/>"PROCESSOR_ARCHITECTURE"=x86 <br/>"PROCESSOR_LEVEL"=6 <br/>"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel <br/>"PROCESSOR_REVISION"=0f0d <br/>"NUMBER_OF_PROCESSORS"=2 <br/>"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH <br/>"TEMP"=%SystemRoot%\TEMP <br/>"TMP"=%SystemRoot%\TEMP <br/> <br/>-----------------EOF-----------------
Posted 1/9/2010 10:35 PM
#81846
User avatar

Jintan Advanced member

Date Joined Nov 2016
Total Posts: 1049
Sorry, I hadn't seen your question about disabling AVG. That log shows a malware startup, as well as some altered Hosts file settings that would redirect Facebook accesses to a different server (the wrong one, we assume). <br/> <br/>To disable the Resident Shield, please: <br/> <br/> * Open AVG User Interface. <br/> * Double-click on the Resident Shield. <br/> * Un-tick the option Resident Shield active. <br/> * Save the changes. <br/> <br/>------------------ <br/> <br/>To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs. <br/> <br/>Download ComboFix.exe from here to your desktop, but I would like you to rename the file as you download it (do not download it directly without renaming it - use right click "Save Target/Link As" ). For this, rename the downloading file to 456out.com, then click the renamed 456out.com to run that scan. <br/> <br/>Be sure to install the Recovery Console if you are asked to do so. When the scan completes, a text window with your log will open. Please copy and paste that log back here. <br/> <br/>A caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. <br/> <br/>Allow the scan to run. When completed a text window will appear - please copy/paste the contents back here. This log can also be found at C:\ComboFix.txt.
Posted 1/13/2010 5:17 PM
#81963
User avatar

migi99 Member

Date Joined Nov 2016
Total Posts: 8
this is the Combo fix log report: <br/> <br/> <br/> <br/> <br/>ComboFix 10-01-12.05 - kate 06/30/2008 6:02.1.2 - x86 <br/>Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.503.114 [GMT -7:00] <br/>Running from: c:\documents and settings\kate\My Documents\Downloads\456out.com.exe <br/>AV: AVG Anti-Virus *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} <br/>. <br/> <br/>((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/> <br/>c:\docume~1\kate\LOCALS~1\Temp\jna650983625273843451.tmp <br/>c:\documents and settings\kate\Local Settings\Temp\jna650983625273843451.tmp <br/>c:\windows\rvhost.exe <br/>c:\windows\system32\AutoRun.inf <br/>c:\windows\system32\rvhost.exe <br/>c:\windows\system32\setting.ini <br/> <br/>Infected copy of c:\windows\system32\mqbkup.exe was found and disinfected <br/>Restored copy from - c:\windows\ServicePackFiles\i386\mqbkup.exe <br/> <br/>Infected copy of c:\windows\system32\mqsvc.exe was found and disinfected <br/>Restored copy from - c:\windows\ServicePackFiles\i386\mqsvc.exe <br/> <br/>Infected copy of c:\windows\system32\mqtgsvc.exe was found and disinfected <br/>Restored copy from - c:\windows\ServicePackFiles\i386\mqtgsvc.exe <br/> <br/>. <br/>((((((((((((((((((((((((( Files Created from 2008-05-28 to 2008-06-30 ))))))))))))))))))))))))))))))) <br/>. <br/> <br/>2017-01-03 00:46 . 2017-01-03 00:46 -------- d-----w- c:\documents and settings\kate\Local Settings\Application Data\WMTools Downloaded Files <br/>2010-01-12 09:32 . 2006-10-27 03:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll <br/>2010-01-12 09:32 . 2006-10-27 03:56 32592 ----a-w- c:\windows\system32\msonpmon.dll <br/>2010-01-12 09:29 . 2010-01-12 09:29 -------- d-----w- c:\program files\Microsoft Works <br/>2010-01-12 09:27 . 2010-01-12 09:27 -------- d-----w- c:\program files\Microsoft.NET <br/>2010-01-12 09:21 . 2010-01-12 09:21 -------- d-----w- c:\program files\Microsoft Visual Studio 8 <br/>2010-01-12 09:20 . 2010-01-12 09:20 -------- d-----w- c:\documents and settings\kate\Local Settings\Application Data\Microsoft Help <br/>2010-01-12 09:20 . 2008-06-30 14:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help <br/>2010-01-12 09:18 . 2010-01-12 09:18 -------- d-----r- C:\MSOCache <br/>2010-01-12 08:02 . 2010-01-12 08:02 -------- d-----w- c:\documents and settings\All Users\Application Data\WEBREG <br/>2010-01-12 07:53 . 2010-01-12 07:53 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache <br/>2010-01-12 07:53 . 2010-01-12 07:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Hewlett-Packard <br/>2010-01-12 07:53 . 2007-03-30 15:11 267864 ----a-r- c:\windows\system32\hpzids01.dll <br/>2010-01-12 07:53 . 2007-03-28 22:01 117760 ----a-w- c:\windows\system32\hpzll5ha.dll <br/>2010-01-12 07:53 . 2007-03-28 21:57 274944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp5ha.dll <br/>2010-01-10 23:32 . 2010-01-10 23:32 -------- d-sh--w- c:\windows\ftpcache <br/>2010-01-09 09:34 . 2010-01-09 09:34 -------- d-----w- c:\documents and settings\kate\Local Settings\Application Data\Oberon Media <br/>2010-01-09 09:34 . 2010-01-09 09:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Oberon Media <br/>2010-01-09 09:33 . 2010-01-11 00:59 10 ----a-w- c:\windows\popcinfo.dat <br/>2010-01-09 08:21 . 2010-01-10 04:15 -------- d-----w- c:\program files\trend micro <br/>2010-01-09 04:29 . 2010-01-09 19:50 -------- d-----w- c:\program files\Spybot - Search & Destroy <br/>2010-01-09 04:29 . 2010-01-09 19:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy <br/>2010-01-08 09:47 . 2010-01-08 09:47 -------- d-----w- c:\documents and settings\kate\Application Data\funkitron <br/>2010-01-07 08:52 . 2010-01-07 08:52 -------- d-----w- c:\documents and settings\kate\Local Settings\Application Data\Opera <br/>2010-01-07 08:51 . 2010-01-07 08:57 -------- d-----w- c:\program files\Opera <br/>2010-01-07 08:24 . 2010-01-07 08:24 -------- d-----w- c:\documents and settings\kate\Local Settings\Application Data\Flock <br/>2010-01-07 08:24 . 2010-01-07 08:24 -------- d-----w- c:\documents and settings\kate\Application Data\Flock <br/>2010-01-07 02:41 . 1999-02-16 16:02 49664 ----a-w- c:\windows\SSMaui Wowee.scr <br/>2010-01-07 02:39 . 2004-09-21 00:00 802816 ----a-w- c:\windows\FeedingFrenzy.scr <br/>2010-01-07 02:38 . 2005-01-07 19:39 57344 ----a-w- c:\windows\system32\Big Kahuna Reef.scr <br/>2010-01-07 02:38 . 2005-08-03 21:48 389120 ----a-w- c:\windows\Adventure Inlay.scr <br/>2010-01-07 02:38 . 2010-01-08 10:02 -------- d-----w- c:\program files\GameHouse Games Collection <br/>2010-01-07 02:22 . 2006-08-01 23:02 49152 ----a-r- c:\windows\system32\ChCfg.exe <br/>2010-01-07 02:20 . 2005-05-04 02:43 69632 ----a-r- c:\windows\Alcmtr.exe <br/>2010-01-07 02:20 . 2010-01-07 02:20 319488 ----a-w- c:\windows\HideWin.exe <br/>2010-01-06 15:43 . 2008-06-30 07:16 -------- d-----w- c:\windows\SHELLNEW <br/>2010-01-06 12:10 . 2010-01-06 12:10 -------- d-----w- c:\windows\Performance <br/>2010-01-06 12:10 . 2010-01-06 12:10 -------- d-----w- c:\documents and settings\kate\Local Settings\Application Data\Microsoft Corporation <br/>2010-01-06 12:00 . 2008-06-30 13:08 -------- d-----w- c:\documents and settings\kate\Tracing <br/>2010-01-06 11:59 . 2009-08-06 06:48 54752 ----a-w- c:\windows\system32\drivers\fssfltr_tdi.sys <br/>2010-01-06 11:59 . 2010-01-06 11:59 -------- d-----w- c:\program files\Microsoft Sync Framework <br/>2010-01-06 11:58 . 2006-11-29 21:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll <br/>2010-01-06 11:58 . 2010-01-06 11:58 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition <br/>2010-01-06 11:56 . 2010-01-06 11:56 -------- d-----w- c:\program files\Microsoft <br/>2010-01-06 11:56 . 2010-01-06 11:56 -------- d-----w- c:\program files\Windows Live SkyDrive <br/>2010-01-06 11:56 . 2010-01-06 11:59 -------- d-----w- c:\program files\Windows Live <br/>2010-01-06 11:36 . 2010-01-06 11:36 -------- d-----w- c:\program files\Common Files\Windows Live <br/>2010-01-06 11:35 . 2010-01-06 11:35 -------- d-----w- c:\program files\Microsoft Silverlight <br/>2010-01-06 11:33 . 2009-08-07 03:23 274288 ----a-w- c:\windows\system32\mucltui.dll <br/>2010-01-05 07:54 . 2010-01-07 03:50 -------- d-----w- c:\documents and settings\kate\Local Settings\Application Data\Deployment <br/>2010-01-02 11:07 . 2010-01-02 11:07 -------- d-----w- c:\windows\system32\XPSViewer <br/>2010-01-02 11:07 . 2010-01-12 09:29 -------- d-----w- c:\program files\MSBuild <br/>2010-01-02 11:07 . 2010-01-02 11:07 -------- d-----w- c:\program files\Reference Assemblies <br/>2010-01-02 11:07 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll <br/>2010-01-02 11:06 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll <br/>2010-01-02 11:06 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll <br/>2010-01-02 11:06 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe <br/>2010-01-02 11:06 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe <br/>2010-01-02 11:06 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll <br/>2010-01-02 11:06 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll <br/>2010-01-02 11:06 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll <br/>2010-01-02 11:06 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll <br/>2010-01-02 02:08 . 2008-06-30 13:09 -------- d-----w- c:\documents and settings\kate\Application Data\LimeWire <br/>2010-01-02 02:08 . 2010-01-02 02:08 -------- d-----w- c:\program files\LimeWire <br/>2010-01-01 22:58 . 2010-01-01 22:58 -------- d-----w- c:\documents and settings\kate\Local Settings\Application Data\Ahead <br/>2010-01-01 22:52 . 2010-01-01 22:52 -------- d-----w- c:\documents and settings\kate\Application Data\Ahead <br/>2010-01-01 22:51 . 2010-01-01 22:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Ahead <br/>2010-01-01 22:48 . 2010-01-01 22:50 -------- d-----w- c:\program files\Common Files\Ahead <br/>2010-01-01 22:48 . 2010-01-01 22:48 -------- d-----w- c:\program files\Nero <br/>2010-01-01 22:48 . 2010-01-01 22:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero <br/>2010-01-01 21:18 . 2010-01-01 21:18 -------- d-sh--w- c:\documents and settings\kate\PrivacIE <br/>2010-01-01 20:51 . 2009-12-26 01:50 51232 ----a-w- c:\windows\system32\RtkCoInstXP.dll <br/>2010-01-01 20:05 . 2008-06-30 09:21 -------- d-----w- C:\$AVG8.VAULT$ <br/>2010-01-01 19:35 . 2007-01-18 03:22 389120 ----a-r- c:\windows\system32\igxpun.exe <br/>2010-01-01 19:29 . 2004-12-03 20:19 102400 ----a-w- c:\windows\MMVEM.EXE <br/>2010-01-01 19:29 . 2002-05-28 17:52 106496 ----a-w- c:\windows\JAPI.DLL <br/>2010-01-01 19:29 . 2001-06-25 01:32 172032 ----a-w- c:\windows\JAPI2.DLL <br/>2010-01-01 19:29 . 1999-07-26 18:47 109840 ----a-w- c:\windows\VidCap32.exe <br/>2010-01-01 19:26 . 2010-01-09 20:03 -------- d--h--w- c:\program files\InstallShield Installation Information <br/>2010-01-01 19:17 . 2010-01-01 19:17 -------- d-----w- c:\documents and settings\kate\Application Data\HP <br/>2010-01-01 17:54 . 2008-04-14 00:12 221184 ----a-w- c:\windows\system32\wmpns.dll <br/>2010-01-01 13:18 . 2008-06-30 07:03 664 ----a-w- c:\windows\system32\d3d9caps.dat <br/>2010-01-01 13:18 . 2010-01-01 13:18 -------- d-----w- c:\windows\Sun <br/>2010-01-01 13:08 . 2010-01-01 13:08 411368 ----a-w- c:\windows\system32\deploytk.dll <br/>2010-01-01 13:08 . 2010-01-01 13:08 -------- d-----w- c:\program files\Java <br/>2010-01-01 11:54 . 2010-01-01 11:54 -------- d-----w- c:\documents and settings\All Users\Application Data\HPSSUPPLY <br/>2010-01-01 11:52 . 2010-01-01 11:52 -------- d-----w- c:\documents and settings\All Users\Application Data\HP Product Assistant <br/>2010-01-01 11:52 . 2010-01-01 11:55 -------- d-----w- c:\documents and settings\All Users\Application Data\HP <br/>2010-01-01 11:50 . 2010-01-01 11:50 -------- d-----w- c:\program files\Common Files\HP <br/>2010-01-01 11:45 . 2010-01-12 08:04 137655 ----a-w- c:\windows\HPHins15.dat <br/>2010-01-01 11:45 . 2007-08-28 06:45 2828 ------w- c:\windows\hphmdl15.dat <br/>2010-01-01 11:20 . 2010-01-01 11:20 -------- d-----w- C:\Temp <br/>2010-01-01 11:20 . 2004-09-07 23:54 2400256 ----a-w- c:\temp\AutoVolumeControl.msi <br/>2010-01-01 11:20 . 2004-09-07 23:25 28672 ----a-w- c:\temp\custinfo.exe <br/>2010-01-01 11:20 . 2010-01-01 11:20 796672 ----a-w- c:\windows\GPInstall.exe <br/>2010-01-01 10:51 . 2010-01-01 21:18 -------- d-----w- c:\documents and settings\kate\Local Settings\Application Data\Yahoo <br/>2010-01-01 10:48 . 2008-04-14 00:12 53760 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll <br/>2010-01-01 10:48 . 2008-04-14 00:12 53760 ----a-w- c:\windows\system32\vfwwdm32.dll <br/>2010-01-01 09:25 . 2010-01-12 09:32 -------- d-----w- c:\documents and settings\All Users\Application Data\UAB <br/>2010-01-01 09:25 . 2010-01-01 09:25 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters <br/>2010-01-01 09:25 . 2010-01-01 09:25 -------- d-----w- c:\documents and settings\kate\Local Settings\Application Data\PC_Drivers_Headquarters <br/>2010-01-01 09:23 . 2010-01-01 09:23 -------- d-----w- c:\program files\PC Drivers HeadQuarters <br/>2010-01-01 08:59 . 2010-01-01 08:59 -------- d-----w- C:\Intel <br/>2010-01-01 08:44 . 2010-01-01 11:54 -------- d-----w- c:\program files\HP <br/>2010-01-01 08:44 . 2008-04-13 18:45 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys <br/>2010-01-01 08:44 . 2008-04-13 18:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys <br/>2010-01-01 08:44 . 2008-04-13 18:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys <br/>2010-01-01 08:44 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys <br/>2010-01-01 08:37 . 2010-01-01 08:37 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache <br/>2010-01-01 08:26 . 2010-01-01 08:26 -------- d-----w- c:\windows\system32\scripting <br/>2010-01-01 08:26 . 2010-01-01 08:26 -------- d-----w- c:\windows\l2schemas <br/>2010-01-01 08:26 . 2010-01-01 08:26 -------- d-----w- c:\windows\system32\en <br/>2010-01-01 08:26 . 2010-01-01 08:26 -------- d-----w- c:\windows\system32\bits <br/>2010-01-01 07:03 . 2010-01-01 07:03 -------- d-sh--w- c:\documents and settings\kate\IETldCache <br/>2010-01-01 06:59 . 2009-10-29 07:45 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll <br/>2010-01-01 06:59 . 2009-10-29 07:45 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll <br/>2010-01-01 06:59 . 2009-10-29 07:45 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll <br/>2010-01-01 06:59 . 2009-10-29 07:45 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll <br/>2010-01-01 06:59 . 2009-10-29 07:45 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll <br/>2010-01-01 06:59 . 2009-10-29 07:45 11069952 -c----w- c:\windows\system32\dllcache\ieframe.dll <br/>2010-01-01 06:59 . 2010-01-01 06:59 -------- d-----w- c:\windows\ie8updates <br/>2010-01-01 06:59 . 2009-10-02 04:44 92160 -c----w- c:\windows\system32\dllcache\iecompat.dll <br/>2010-01-01 06:58 . 2010-01-01 06:58 -------- dc-h--w- c:\windows\ie8 <br/>2010-01-01 06:39 . 2010-01-01 08:22 -------- d-----w- c:\windows\ServicePackFiles <br/>2010-01-01 06:32 . 2004-08-04 06:41 11868 ------w- c:\windows\system32\drivers\mdmxsdk.sys <br/> <br/>. <br/>(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>2010-01-12 09:39 . 2008-06-30 12:38 -------- d-----w- c:\documents and settings\kate\Application Data\BitTorrent <br/>2010-01-12 09:33 . 2010-01-12 09:33 54608 ----a-w- c:\documents and settings\All Users\Application Data\UAB\d2ee9d41-b445-47a9-89e4-b6a715dab900\XPBurnComponent.dll <br/>2010-01-12 09:33 . 2010-01-12 09:33 28040 ----a-w- c:\documents and settings\All Users\Application Data\UAB\d2ee9d41-b445-47a9-89e4-b6a715dab900\DriversHQ.DriverDetective.ExceptionLogging.dll <br/>2010-01-12 09:33 . 2010-01-12 09:33 21944 ----a-w- c:\documents and settings\All Users\Application Data\UAB\d2ee9d41-b445-47a9-89e4-b6a715dab900\DriversHQ.DriverDetective.Client.ExceptionLogging.XmlSerializers.dll <br/>2010-01-12 09:33 . 2010-01-12 09:33 66968 ----a-w- c:\documents and settings\All Users\Application Data\UAB\d2ee9d41-b445-47a9-89e4-b6a715dab900\DriversHQ.DriverDetective.Client.ExceptionLogging.dll <br/>2010-01-12 09:33 . 2010-01-12 09:33 100176 ----a-w- c:\documents and settings\All Users\Application Data\UAB\d2ee9d41-b445-47a9-89e4-b6a715dab900\DriversHQ.Common.dll <br/>2010-01-12 09:33 . 2010-01-12 09:33 161200 ----a-w- c:\documents and settings\All Users\Application Data\UAB\d2ee9d41-b445-47a9-89e4-b6a715dab900\DriversHQ.DriverDetective.Client.Communication.XmlSerializers.dll <br/>2010-01-12 09:33 . 2010-01-12 09:33 128400 ----a-w- c:\documents and settings\All Users\Application Data\UAB\d2ee9d41-b445-47a9-89e4-b6a715dab900\DriversHQ.DriverDetective.Client.Communication.dll <br/>2010-01-12 09:33 . 2010-01-12 09:33 152944 ----a-w- c:\documents and settings\All Users\Application Data\UAB\d2ee9d41-b445-47a9-89e4-b6a715dab900\DriversHQ.DriverDetective.Common.dll <br/>2010-01-12 09:33 . 2010-01-12 09:32 128384 ----a-w- c:\documents and settings\All Users\Application Data\UAB\d2ee9d41-b445-47a9-89e4-b6a715dab900\DriversHQ.DriverDetective.Client.Updater.exe <br/>2010-01-12 09:32 . 2010-01-12 09:32 2356592 ----a-w- c:\documents and settings\All Users\Application Data\UAB\d2ee9d41-b445-47a9-89e4-b6a715dab900\DriversHQ.DriverDetective.Client.exe <br/>2010-01-12 09:32 . 2010-01-12 09:32 745320 ----a-w- c:\documents and settings\All Users\Application Data\UAB\d2ee9d41-b445-47a9-89e4-b6a715dab900\DriversHQ.ThemePack.Default.dll <br/>2010-01-06 13:07 . 2010-01-06 13:07 34304 ----a-r- c:\documents and settings\kate\Application Data\Microsoft\Installer\{AEEB3643-71DE-414d-9E3F-1159177FE211}\misc.exe.D0DF3458_A845_11D3_8D0A_0050046416B9.exe <br/>2010-01-01 13:07 . 2010-01-01 13:07 152576 ----a-w- c:\documents and settings\kate\Application Data\Sun\Java\jre1.6.0_17\lzma.dll <br/>2010-01-01 13:05 . 2010-01-01 13:05 79488 ----a-w- c:\documents and settings\kate\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll <br/>2010-01-01 08:29 . 2008-07-01 17:41 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat <br/>2009-12-26 01:50 . 2008-06-30 08:35 358944 ----a-w- c:\windows\vncutil.exe <br/>2009-12-26 01:50 . 2008-06-30 08:35 129568 ----a-w- c:\windows\RtkAudioService.exe <br/>2009-11-25 00:40 . 2008-06-30 08:35 838176 ----a-w- c:\windows\RtlExUpd.dll <br/>2009-11-18 14:17 . 2008-06-30 08:35 1395800 ----a-w- c:\windows\system32\drivers\Monfilt.sys <br/>2009-11-18 14:16 . 2008-06-30 08:35 1691480 ----a-w- c:\windows\system32\drivers\Ambfilt.sys <br/>2009-10-29 07:45 . 2004-08-03 22:56 916480 ----a-w- c:\windows\system32\wininet.dll <br/>2009-10-21 05:38 . 2004-08-03 22:56 75776 ----a-w- c:\windows\system32\strmfilt.dll <br/>2009-10-21 05:38 . 2004-08-03 22:56 25088 ----a-w- c:\windows\system32\httpapi.dll <br/>2009-10-20 16:20 . 2004-08-03 21:00 265728 ----a-w- c:\windows\system32\drivers\http.sys <br/>2009-10-13 10:30 . 2004-08-03 22:56 270336 ----a-w- c:\windows\system32\oakley.dll <br/>2009-10-12 13:38 . 2004-08-03 22:56 149504 ----a-w- c:\windows\system32\rastls.dll <br/>2009-10-12 13:38 . 2004-08-03 22:56 79872 ----a-w- c:\windows\system32\raschap.dll <br/>2009-09-11 14:18 . 2004-08-03 22:56 136192 ----a-w- c:\windows\system32\msv1_0.dll <br/>2009-09-04 21:03 . 2004-08-03 22:56 58880 ----a-w- c:\windows\system32\msasn1.dll <br/>2009-08-26 08:00 . 2004-08-03 22:56 247326 ----a-w- c:\windows\system32\strmdll.dll <br/>2009-08-25 09:17 . 2004-08-03 22:56 354816 ----a-w- c:\windows\system32\winhttp.dll <br/>2009-08-14 13:21 . 2004-08-03 21:17 1850624 ----a-w- c:\windows\system32\win32k.sys <br/>2009-08-07 03:24 . 2008-07-01 17:40 327896 ----a-w- c:\windows\system32\wucltui.dll <br/>2009-08-07 03:24 . 2008-07-01 17:40 209632 ----a-w- c:\windows\system32\wuweb.dll <br/>2009-08-07 03:24 . 2008-07-01 17:40 35552 ----a-w- c:\windows\system32\wups.dll <br/>2009-08-07 03:24 . 2008-07-01 17:40 53472 ----a-w- c:\windows\system32\wuauclt.exe <br/>2009-08-07 03:24 . 2004-08-03 22:56 96480 ----a-w- c:\windows\system32\cdm.dll <br/>2009-08-07 03:23 . 2008-07-01 17:40 575704 ----a-w- c:\windows\system32\wuapi.dll <br/>2009-08-07 03:23 . 2008-07-01 17:40 1929952 ----a-w- c:\windows\system32\wuaueng.dll <br/>2009-08-05 09:01 . 2004-08-03 22:56 204800 ----a-w- c:\windows\system32\mswebdvd.dll <br/>2009-08-04 15:13 . 2004-08-03 21:18 2145280 ----a-w- c:\windows\system32\ntoskrnl.exe <br/>2009-08-04 14:20 . 2004-08-03 22:59 2023936 ----a-w- c:\windows\system32\ntkrnlpa.exe <br/>2009-07-31 18:05 . 2008-04-14 00:12 1372672 ------w- c:\windows\system32\msxml6.dll <br/>2009-07-31 04:35 . 2004-08-03 22:56 1172480 ----a-w- c:\windows\system32\msxml3.dll <br/>2009-07-29 04:37 . 2004-08-03 22:56 119808 ----a-w- c:\windows\system32\t2embed.dll <br/>2009-07-29 04:37 . 2001-08-23 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll <br/>2009-07-17 19:01 . 2004-08-03 22:56 58880 ----a-w- c:\windows\system32\atl.dll <br/>2009-07-17 16:22 . 2004-08-03 22:56 1435648 ----a-w- c:\windows\system32\query.dll <br/>2009-07-12 20:21 . 2004-08-03 22:56 233472 ----a-w- c:\windows\system32\wmpdxm.dll <br/>2009-06-25 18:36 . 2004-08-03 22:56 95744 ----a-w- c:\windows\system32\mqsec.dll <br/>2009-06-25 18:36 . 2004-08-03 22:56 661504 ----a-w- c:\windows\system32\mqqm.dll <br/>2009-06-25 18:36 . 2004-08-03 22:56 517120 ----a-w- c:\windows\system32\mqsnap.dll <br/>2009-06-25 18:36 . 2004-08-03 22:56 48640 ----a-w- c:\windows\system32\mqupgrd.dll <br/>2009-06-25 18:36 . 2004-08-03 22:56 471552 ----a-w- c:\windows\system32\mqutil.dll <br/>2009-06-25 18:36 . 2004-08-03 22:56 47104 ----a-w- c:\windows\system32\mqdscli.dll <br/>2009-06-25 18:36 . 2004-08-03 22:56 225280 ----a-w- c:\windows\system32\mqoa.dll <br/>2009-06-25 18:36 . 2004-08-03 22:56 186880 ----a-w- c:\windows\system32\mqtrig.dll <br/>2009-06-25 18:36 . 2004-08-03 22:56 177152 ----a-w- c:\windows\system32\mqrt.dll <br/>2009-06-25 18:36 . 2004-08-03 22:56 16896 ----a-w- c:\windows\system32\mqise.dll <br/>2009-06-25 18:36 . 2004-08-03 22:56 138240 ----a-w- c:\windows\system32\mqad.dll <br/>2009-06-25 18:36 . 2004-08-03 22:56 123392 ----a-w- c:\windows\system32\mqrtdep.dll <br/>2009-06-25 08:25 . 2004-08-03 22:56 54272 ----a-w- c:\windows\system32\wdigest.dll <br/>2009-06-25 08:25 . 2004-08-03 22:56 56832 ----a-w- c:\windows\system32\secur32.dll <br/>2009-06-25 08:25 . 2004-08-03 22:56 147456 ----a-w- c:\windows\system32\schannel.dll <br/>2009-06-25 08:25 . 2004-08-03 22:56 730112 ----a-w- c:\windows\system32\lsasrv.dll <br/>2009-06-25 08:25 . 2004-08-03 22:56 301568 ----a-w- c:\windows\system32\kerberos.dll <br/>2009-06-24 11:18 . 2004-08-03 20:59 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys <br/>2009-06-22 11:48 . 2004-08-03 20:58 91776 ----a-w- c:\windows\system32\drivers\mqac.sys <br/>2009-06-12 12:31 . 2004-08-03 22:56 80896 ----a-w- c:\windows\system32\tlntsess.exe <br/>2009-06-12 12:31 . 2004-08-03 22:56 76288 ----a-w- c:\windows\system32\telnet.exe <br/>2009-06-10 17:19 . 2008-07-01 17:38 2066432 ----a-w- c:\windows\system32\mstscax.dll <br/>2009-06-10 14:13 . 2004-08-03 22:56 84992 ----a-w- c:\windows\system32\avifil32.dll <br/>2009-06-10 06:14 . 2004-08-03 22:56 132096 ----a-w- c:\windows\system32\wkssvc.dll <br/>2009-06-03 19:09 . 2004-08-03 22:56 1291264 ----a-w- c:\windows\system32\quartz.dll <br/>2009-05-27 03:50 . 2010-01-10 15:47 607472 ----a-w- c:\documents and settings\All Users\Application Data\Yahoo!\YUpdater\yupdater.exe <br/>2009-05-07 15:32 . 2004-08-03 22:56 345600 ----a-w- c:\windows\system32\localspl.dll <br/>2009-04-15 14:51 . 2004-08-03 22:56 585216 ----a-w- c:\windows\system32\rpcrt4.dll <br/>2009-04-10 09:01 . 2004-08-03 22:56 530280 ----a-w- c:\windows\system32\wmspdmod.dll <br/>2009-03-08 12:34 . 2004-08-03 22:56 43008 ----a-w- c:\windows\system32\licmgr10.dll <br/>2009-03-08 12:33 . 2004-08-03 22:56 18944 ----a-w- c:\windows\system32\corpol.dll <br/>2009-03-08 12:33 . 2004-08-03 22:56 420352 ----a-w- c:\windows\system32\vbscript.dll <br/>2009-03-08 12:32 . 2004-08-03 22:56 72704 ----a-w- c:\windows\system32\admparse.dll <br/>2009-03-08 12:32 . 2004-08-03 22:56 71680 ----a-w- c:\windows\system32\iesetup.dll <br/>2009-03-08 12:31 . 2004-08-03 22:56 34816 ----a-w- c:\windows\system32\imgutil.dll <br/>2009-03-08 12:31 . 2004-08-03 22:56 48128 ----a-w- c:\windows\system32\mshtmler.dll <br/>2009-03-08 12:31 . 2004-08-03 22:56 45568 ----a-w- c:\windows\system32\mshta.exe <br/>2009-03-08 12:22 . 2001-08-23 12:00 156160 ----a-w- c:\windows\system32\msls31.dll <br/>2009-03-06 14:22 . 2004-08-03 22:56 284160 ----a-w- c:\windows\system32\pdh.dll <br/>2009-02-09 12:10 . 2008-07-01 17:38 453120 ----a-w- c:\windows\system32\wbem\wmiprvsd.dll <br/>2009-02-09 12:10 . 2008-07-01 17:38 473600 ----a-w- c:\windows\system32\wbem\fastprox.dll <br/>2009-02-09 12:10 . 2004-08-03 22:56 401408 ----a-w- c:\windows\system32\rpcss.dll <br/>2009-02-09 12:10 . 2004-08-03 22:56 617472 ----a-w- c:\windows\system32\advapi32.dll <br/>2009-02-09 12:10 . 2004-08-03 22:56 714752 ----a-w- c:\windows\system32\ntdll.dll <br/>2009-02-06 11:11 . 2004-08-03 22:56 110592 ----a-w- c:\windows\system32\services.exe <br/>2009-02-06 10:39 . 2001-08-23 12:00 35328 ----a-w- c:\windows\system32\sc.exe <br/>2009-02-06 10:10 . 2008-07-01 17:38 227840 ----a-w- c:\windows\system32\wbem\wmiprvse.exe <br/>2008-12-11 10:57 . 2004-08-03 21:14 333952 ----a-w- c:\windows\system32\drivers\srv.sys <br/>2008-10-24 11:21 . 2004-08-03 21:15 455296 ----a-w- c:\windows\system32\drivers\mrxsmb.sys <br/>2008-10-23 12:36 . 2004-08-03 22:56 286720 ----a-w- c:\windows\system32\gdi32.dll <br/>. <br/> <br/>((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>*Note* empty entries & legit default entries are not shown <br/>REGEDIT4 <br/> <br/>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] <br/>"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-11-19 1196936] <br/> <br/>[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}] <br/> <br/>[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] <br/>2009-11-19 01:40 1196936 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] <br/>"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-11-19 1196936] <br/> <br/>[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] <br/>[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] <br/>[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] <br/>[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] <br/> <br/>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] <br/>"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-11-19 1196936] <br/> <br/>[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] <br/>[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] <br/>[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] <br/>[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] <br/> <br/>[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <br/>"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-27 3883856] <br/>"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-05-27 4351216] <br/>"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <br/>"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2010-01-01 2043160] <br/>"VMSnap3"="c:\windows\VMSnap3.EXE" [2006-08-30 49152] <br/>"Domino"="c:\windows\Domino.EXE" [2006-06-28 49152] <br/>"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-12 49152] <br/>"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-01 149280] <br/>"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] <br/>"RTHDCPL"="RTHDCPL.EXE" [2007-11-23 16858112] <br/>"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016] <br/> <br/>c:\documents and settings\kate\Start Menu\Programs\Startup\ <br/>LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2009-12-16 503808] <br/> <br/>c:\documents and settings\All Users\Start Menu\Programs\Startup\ <br/>HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520] <br/> <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] <br/>2010-01-01 04:29 11952 ----a-w- c:\windows\system32\avgrsstx.dll <br/> <br/>[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] <br/>"%windir%\\system32\\sessmgr.exe"= <br/>"c:\\Program Files\\AVG\\AVG8\\avgam.exe"= <br/>"c:\\Program Files\\AVG\\AVG8\\avgdiag.exe"= <br/>"c:\\Program Files\\AVG\\AVG8\\avgdiagex.exe"= <br/>"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= <br/>"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= <br/>"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"= <br/>"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= <br/>"%windir%\\Network Diagnostic\\xpnetdiag.exe"= <br/>"c:\\Program Files\\LimeWire\\LimeWire.exe"= <br/>"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= <br/>"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= <br/>"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= <br/>"c:\\Program Files\\Mozilla Firefox\\firefox.exe"= <br/>"c:\\Program Files\\BitTorrent\\bittorrent.exe"= <br/>"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= <br/>"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= <br/>"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= <br/> <br/>R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [12/31/2009 9:20 PM 12552] <br/>R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [12/31/2009 9:20 PM 335240] <br/>R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [12/31/2009 9:20 PM 108552] <br/>R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [12/31/2009 9:20 PM 908056] <br/>R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [12/31/2009 9:20 PM 297752] <br/>R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [1/6/2010 4:59 AM 54752] <br/>R3 vmfilter303;vmfilter303;c:\windows\system32\drivers\vmfilter303.sys [1/9/2010 1:03 PM 428160] <br/>S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [6/30/2008 1:35 AM 1691480] <br/>S3 fsssvc;Windows Live Family Safety Service;c:\program files\Windows Live\Family Safety\fsssvc.exe [8/5/2009 11:48 PM 704864] <br/> <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] <br/>hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc <br/>. <br/>Contents of the 'Scheduled Tasks' folder <br/> <br/>2008-06-30 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job <br/>- c:\program files\Ask.com\UpdateTask.exe [2009-11-19 01:40] <br/> <br/>2008-06-30 c:\windows\Tasks\User_Feed_Synchronization-{C0ECAFC6-6EE8-4AB6-A74B-D1EC26237580}.job <br/>- c:\windows\system32\msfeedssync.exe [2009-03-08 12:31] <br/>. <br/>. <br/>------- Supplementary Scan ------- <br/>. <br/>uStart Page = hxxp://www.ask.com/?o=15446&l=dis <br/>mStart Page = hxxp://www.yahoo.com/ <br/>mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html <br/>uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com <br/>IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000 <br/>FF - ProfilePath - c:\documents and settings\kate\Application Data\Mozilla\Firefox\Profiles\9zepu20g.default\ <br/>FF - prefs.js: browser.search.selectedEngine - Yahoo <br/>FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com?o=15446&l=dis <br/>FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=BT5&o=15443&locale=en_US&q= <br/>FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll <br/>FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ <br/>. <br/>- - - - ORPHANS REMOVED - - - - <br/> <br/>Toolbar-Locked - (no file) <br/>HKLM-Run-IgfxTray - c:\windows\system32\igfxtray.exe <br/>HKLM-Run-HotKeysCmds - c:\windows\system32\hkcmd.exe <br/>HKLM-Run-Persistence - c:\windows\system32\igfxpers.exe <br/>HKLM-Run-BigDog303 - c:\windows\VM303_STI.EXE <br/>HKU-Default-Run-Yahoo Messengger - c:\windows\system32\RVHOST.exe <br/> <br/> <br/> <br/>************************************************************************** <br/> <br/>catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net <br/>Rootkit scan 2008-06-30 06:09 <br/>Windows 5.1.2600 Service Pack 3 NTFS <br/> <br/>scanning hidden processes ... <br/> <br/>scanning hidden autostart entries ... <br/> <br/>HKLM\Software\Microsoft\Windows\CurrentVersion\Run <br/> BigDog303 = c:\windows\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)????????????????0?????????@?????????????? <br/> <br/>scanning hidden files ... <br/> <br/>scan completed successfully <br/>hidden files: 0 <br/> <br/>************************************************************************** <br/>. <br/>--------------------- DLLs Loaded Under Running Processes --------------------- <br/> <br/>- - - - - - - > 'explorer.exe'(2580) <br/>c:\windows\system32\WININET.dll <br/>c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll <br/>c:\windows\system32\webcheck.dll <br/>c:\windows\system32\IEFRAME.dll <br/>. <br/>------------------------ Other Running Processes ------------------------ <br/>. <br/>c:\windows\system32\WgaTray.exe <br/>c:\program files\Java\jre6\bin\jqs.exe <br/>c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe <br/>c:\progra~1\AVG\AVG8\avgam.exe <br/>c:\progra~1\AVG\AVG8\avgrsx.exe <br/>c:\windows\system32\wdfmgr.exe <br/>c:\progra~1\AVG\AVG8\avgnsx.exe <br/>c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe <br/>c:\windows\RTHDCPL.EXE <br/>c:\program files\AVG\AVG8\avgcsrvx.exe <br/>c:\windows\system32\wscntfy.exe <br/>c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe <br/>c:\program files\Yahoo!\Messenger\ymsgr_tray.exe <br/>. <br/>************************************************************************** <br/>. <br/>Completion time: 2008-06-30 06:14:11 - machine was rebooted <br/>ComboFix-quarantined-files.txt 2008-06-30 13:14 <br/> <br/>Pre-Run: 24,864,075,776 bytes free <br/>Post-Run: 25,555,894,272 bytes free <br/> <br/>WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe <br/>[boot loader] <br/>timeout=2 <br/>default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS <br/>[operating systems] <br/>c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons <br/>multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect <br/> <br/>- - End Of File - - 3DF4F63F6914E0C5E1FA1B820BDF08BE
Posted 1/13/2010 5:19 PM
#81964
User avatar

migi99 Member

Date Joined Nov 2016
Total Posts: 8
thank u for helping me.. i can now log in to facebook..
Posted 1/17/2010 10:15 PM
#82102
User avatar

Jintan Advanced member

Date Joined Nov 2016
Total Posts: 1049
Darn migi99, I am not quite sure how I missed that you had responded here. Good that ComboFix did make those corrections, but there would also still be some more malware to be removed. If you would still like to follow up now, please run and post back a new RSIT scan log and a new GMER scan log please.
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Friday, December 2, 2016, 7:05 PM (GMT +1)
There are a total of 61,157 posts in 13,447 threads.
In the last 3 days there were 1 new threads and 1 reply posts.

Who's online

This forum has 37,966 registered members. Please welcome our newest member, Don Tee.
There are currently no users on-line.