Bullguard Antivirus Forum Download A Free Copy Of Bullguard Antivirus Software
Free Antivirus Forum - Learn about antivirus, firewalls and personal security Free Antivirus Forum - Learn about antivirus, firewalls and personal security
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
Had some serious issues
   
BullGuard Antivirus Forum > Virus > Virus Questions > Had some serious issues  
Forum Quick Jump
 
New Topic Post reply to : Had some serious issues Printable version of : Had some serious issues
[ << Previous Thread | Next Thread >> ]

sataraau
New Member


Date Joined Jun 2008
Total Posts : 1
  		   Posted 7-31-2008 3:12 (GMT +1)    Quote: Had some serious issuesAlert an admin about: Had some serious issues
Hi, i recently, had issues with my computer heaps of problems nothing worked,everything disabled by administrater, missing programs, icons ect.i have run ccleaner, superspywear, combofix and hijackthis. computer seems to be working fine now but i will post the logs anyway to make sure its all fixed now.
here is the hijack this log
 
 
 
 
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:18, on 31/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\System32\svchost.exe
C:\windows\system\hpsysdrv.exe
C:\Windows\system32\HpSrvUI.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\system32\ps2.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Telstra\BigPond Wireless Broadband 2.0\BigPond_CM.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\hjt\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.bigpond.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/customize/ie/defaults/stp/ymsgr*http://my.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 0;<local>;localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: prjBHO_New.CBrowserHelpObj - {A2E1AE65-BB68-11D6-B1B2-96787719A248} - C:\Program Files\SimCastMedia\SimCast\prjBHO.DLL
O2 - BHO: BigPond Wireless Broadband 2.0 Auto Dial - {DB92EC3F-697D-4C3B-9A3B-3ABBD23D4A85} - C:\Program Files\Telstra\BigPond Wireless Broadband 2.0\bpwbb2ad.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [hp Silent Service] C:\Windows\system32\HpSrvUI.exe
O4 - HKLM\..\Run: [hpScannerFirstBoot] c:\hp\drivers\scanners\scannerfb.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [BigPondWirelessBroadbandCM] "C:\Program Files\Telstra\BigPond Wireless Broadband 2.0\BigPond_CM.exe" -tsr
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O4 - Global Startup: CreataCard Gold 2 Forget Me Not Reminders.lnk = C:\Program Files\CreataCard\Gold\FMRMD32.EXE
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: Logitech Harmony Remote Software 7.lnk = ?
O4 - Global Startup: officejet 6100.lnk = ?
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Search - http://km.bar.need2find.com/KM/menusearch.html?p=KM
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.optusnet.com.au/
O17 - HKLM\System\CCS\Services\Tcpip\..\{AD6948C1-A5AE-4BC8-BF5D-CE7C54647CF5}: Domain = vic.bigpond.net.au
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
--
End of file - 8838 bytes
 
here is the superspywear log
 
 
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 07/31/2008 at 00:10 AM
Application Version : 4.15.1000
Core Rules Database Version : 3521
Trace Rules Database Version: 1511
Scan type       : Complete Scan
Total Scan Time : 01:19:55
Memory items scanned      : 455
Memory threats detected   : 1
Registry items scanned    : 5384
Registry threats detected : 166
File items scanned        : 36637
File threats detected     : 52
Trojan.Net-MSV/VPS-Variant
 C:\WINDOWS\NFAVXWDBSXB.DLL
 C:\WINDOWS\NFAVXWDBSXB.DLL
 HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AEFFF7D6-917C-4D8D-A780-7C2D69F1B01A}
 HKCR\CLSID\{AEFFF7D6-917C-4D8D-A780-7C2D69F1B01A}
 HKCR\CLSID\{AEFFF7D6-917C-4D8D-A780-7C2D69F1B01A}
 HKCR\CLSID\{AEFFF7D6-917C-4D8D-A780-7C2D69F1B01A}\InprocServer32
 HKCR\CLSID\{AEFFF7D6-917C-4D8D-A780-7C2D69F1B01A}\InprocServer32#ThreadingModel
 HKCR\CLSID\{AEFFF7D6-917C-4D8D-A780-7C2D69F1B01A}\ProgID
 HKCR\CLSID\{AEFFF7D6-917C-4D8D-A780-7C2D69F1B01A}\Programmable
 HKCR\CLSID\{AEFFF7D6-917C-4D8D-A780-7C2D69F1B01A}\TypeLib
 HKCR\CLSID\{AEFFF7D6-917C-4D8D-A780-7C2D69F1B01A}\VersionIndependentProgID
Adware.MyWay
 HKLM\Software\Classes\CLSID\{0494D0D9-F8E0-41ad-92A3-14154ECE70AC}
 HKCR\CLSID\{0494D0D9-F8E0-41AD-92A3-14154ECE70AC}
 HKCR\CLSID\{0494D0D9-F8E0-41AD-92A3-14154ECE70AC}
 HKCR\CLSID\{0494D0D9-F8E0-41AD-92A3-14154ECE70AC}\InprocServer32
 HKCR\CLSID\{0494D0D9-F8E0-41AD-92A3-14154ECE70AC}\InprocServer32#ThreadingModel
 HKCR\CLSID\{0494D0D9-F8E0-41AD-92A3-14154ECE70AC}\Programmable
 HKCR\CLSID\{0494D0D9-F8E0-41AD-92A3-14154ECE70AC}\TypeLib
 C:\PROGRAM FILES\MYWAY\MYBAR\1.BIN\MYBAR.DLL
 HKLM\Software\Microsoft\Internet Explorer\Toolbar#{0494D0D9-F8E0-41ad-92A3-14154ECE70AC}
 HKCR\TypeLib\{0494D0D0-F8E0-41ad-92A3-14154ECE70AC}
 HKCR\TypeLib\{0494D0D0-F8E0-41ad-92A3-14154ECE70AC}\1.0
 HKCR\TypeLib\{0494D0D0-F8E0-41ad-92A3-14154ECE70AC}\1.0\0
 HKCR\TypeLib\{0494D0D0-F8E0-41ad-92A3-14154ECE70AC}\1.0\0\win32
 HKCR\TypeLib\{0494D0D0-F8E0-41ad-92A3-14154ECE70AC}\1.0\FLAGS
 HKCR\TypeLib\{0494D0D0-F8E0-41ad-92A3-14154ECE70AC}\1.0\HELPDIR
 HKU\S-1-5-21-181486688-3301028022-890924152-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser#{0494D0D9-F8E0-41AD-92A3-14154ECE70AC}
 HKCR\MyWayToolBar.NetscapeShutdown
 HKCR\MyWayToolBar.NetscapeShutdown\CLSID
 HKCR\MyWayToolBar.NetscapeShutdown\CurVer
 HKCR\MyWayToolBar.NetscapeShutdown.1
 HKCR\MyWayToolBar.NetscapeShutdown.1\CLSID
 HKCR\MyWayToolBar.NetscapeStartup
 HKCR\MyWayToolBar.NetscapeStartup\CLSID
 HKCR\MyWayToolBar.NetscapeStartup\CurVer
 HKCR\MyWayToolBar.NetscapeStartup.1
 HKCR\MyWayToolBar.NetscapeStartup.1\CLSID
 HKCR\MyWayToolBar.SettingsPlugin
 HKCR\MyWayToolBar.SettingsPlugin\CLSID
 HKCR\MyWayToolBar.SettingsPlugin\CurVer
 HKCR\MyWayToolBar.SettingsPlugin.1
 HKCR\MyWayToolBar.SettingsPlugin.1\CLSID
 HKCR\CLSID\{014DA6CD-189F-421a-88CD-07CFE51CFF10}
 HKCR\CLSID\{014DA6CD-189F-421a-88CD-07CFE51CFF10}\InProcServer32
 HKCR\CLSID\{0494D0D2-F8E0-41ad-92A3-14154ECE70AC}
 HKCR\CLSID\{0494D0D2-F8E0-41ad-92A3-14154ECE70AC}\Control
 HKCR\CLSID\{0494D0D2-F8E0-41ad-92A3-14154ECE70AC}\InprocServer32
 HKCR\CLSID\{0494D0D2-F8E0-41ad-92A3-14154ECE70AC}\InprocServer32#ThreadingModel
 HKCR\CLSID\{0494D0D2-F8E0-41ad-92A3-14154ECE70AC}\MiscStatus
 HKCR\CLSID\{0494D0D2-F8E0-41ad-92A3-14154ECE70AC}\MiscStatus\1
 HKCR\CLSID\{0494D0D2-F8E0-41ad-92A3-14154ECE70AC}\Programmable
 HKCR\CLSID\{0494D0D2-F8E0-41ad-92A3-14154ECE70AC}\TypeLib
 HKCR\CLSID\{0494D0D2-F8E0-41ad-92A3-14154ECE70AC}\Version
 HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}
 HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\Control
 HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\InprocServer32
 HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\InprocServer32#ThreadingModel
 HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\MiscStatus
 HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\MiscStatus\1
 HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\Programmable
 HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\TypeLib
 HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\Version
 HKCR\CLSID\{0494D0D5-F8E0-41ad-92A3-14154ECE70AC}
 HKCR\CLSID\{0494D0D5-F8E0-41ad-92A3-14154ECE70AC}\InprocServer32
 HKCR\CLSID\{0494D0D5-F8E0-41ad-92A3-14154ECE70AC}\InprocServer32#ThreadingModel
 HKCR\CLSID\{0494D0D5-F8E0-41ad-92A3-14154ECE70AC}\ProgID
 HKCR\CLSID\{0494D0D5-F8E0-41ad-92A3-14154ECE70AC}\Programmable
 HKCR\CLSID\{0494D0D5-F8E0-41ad-92A3-14154ECE70AC}\TypeLib
 HKCR\CLSID\{0494D0D5-F8E0-41ad-92A3-14154ECE70AC}\VersionIndependentProgID
 HKCR\CLSID\{0494D0D7-F8E0-41ad-92A3-14154ECE70AC}
 HKCR\CLSID\{0494D0D7-F8E0-41ad-92A3-14154ECE70AC}\InprocServer32
 HKCR\CLSID\{0494D0D7-F8E0-41ad-92A3-14154ECE70AC}\InprocServer32#ThreadingModel
 HKCR\CLSID\{0494D0D7-F8E0-41ad-92A3-14154ECE70AC}\ProgID
 HKCR\CLSID\{0494D0D7-F8E0-41ad-92A3-14154ECE70AC}\Programmable
 HKCR\CLSID\{0494D0D7-F8E0-41ad-92A3-14154ECE70AC}\TypeLib
 HKCR\CLSID\{0494D0D7-F8E0-41ad-92A3-14154ECE70AC}\VersionIndependentProgID
 HKCR\CLSID\{0494D0DB-F8E0-41ad-92A3-14154ECE70AC}
 HKCR\CLSID\{0494D0DB-F8E0-41ad-92A3-14154ECE70AC}\Control
 HKCR\CLSID\{0494D0DB-F8E0-41ad-92A3-14154ECE70AC}\InprocServer32
 HKCR\CLSID\{0494D0DB-F8E0-41ad-92A3-14154ECE70AC}\InprocServer32#ThreadingModel
 HKCR\CLSID\{0494D0DB-F8E0-41ad-92A3-14154ECE70AC}\MiscStatus
 HKCR\CLSID\{0494D0DB-F8E0-41ad-92A3-14154ECE70AC}\MiscStatus\1
 HKCR\CLSID\{0494D0DB-F8E0-41ad-92A3-14154ECE70AC}\ProgID
 HKCR\CLSID\{0494D0DB-F8E0-41ad-92A3-14154ECE70AC}\Programmable
 HKCR\CLSID\{0494D0DB-F8E0-41ad-92A3-14154ECE70AC}\TypeLib
 HKCR\CLSID\{0494D0DB-F8E0-41ad-92A3-14154ECE70AC}\Version
 HKCR\CLSID\{0494D0DB-F8E0-41ad-92A3-14154ECE70AC}\VersionIndependentProgID
 HKLM\Software\MyWay
 HKLM\Software\MyWay\myBar
 HKLM\Software\MyWay\myBar#Dir
 HKLM\Software\MyWay\myBar#ShzmCurInstall
 HKLM\Software\MyWay\myBar#CurInstall
 HKLM\Software\MyWay\myBar#Id
 HKLM\Software\MyWay\myBar#Build
 HKLM\Software\MyWay\myBar#CacheDir
 HKLM\Software\MyWay\myBar#HistoryDir
 HKLM\Software\MyWay\myBar#Visible
 HKLM\Software\MyWay\myBar#Maximized
 HKLM\Software\MyWay\myBar#SettingsDir
 HKLM\Software\MyWay\myBar#ConfigRevision
 HKLM\Software\MyWay\myBar#ConfigRevisionURL
 HKLM\Software\MyWay\myBar#ConfigDateStamp
 HKLM\Software\MyWay\myBar#Branding
 HKLM\Software\MyWay\myBar\Partner
 HKLM\Software\MyWay\myBar\Partner#test
 HKLM\Software\MyWay\myBar\Partner#PM-Home
 HKLM\Software\MyWay\myBar\Partner#PM-Points
 HKLM\Software\MyWay\myBar\Partner#PM-Redeem
 HKLM\Software\MyWay\myBar\Partner#PM-Wallet
 HKLM\Software\MyWay\myBar\Partner#PM-Settings
 HKLM\Software\MyWay\myBar\Partner#autologin
 HKLM\Software\MyWay\myBar\Partner#bitmap
 HKLM\Software\MyWay\myBar\Partner#cfg
 HKLM\Software\MyWay\myBar\Partner#mywayurl
 HKLM\Software\MyWay\myBar\Partner#name
 HKLM\Software\MyWay\myBar\Partner#search
 HKLM\Software\MyWay\myBar\Partner#uninstallurl
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\My Way Speedbar Uninstall
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\My Way Speedbar Uninstall#DisplayName
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\My Way Speedbar Uninstall#UninstallString
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\My Way Speedbar Uninstall#HelpLink
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\My Way Speedbar Uninstall#Publisher
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\My Way Speedbar Uninstall#UrlInfoAbout
Unclassified.Unknown Origin
 HKLM\Software\Classes\CLSID\{2AB289AE-4B90-4281-B2AE-1F4BB034B647}
 HKCR\CLSID\{2AB289AE-4B90-4281-B2AE-1F4BB034B647}
 HKCR\CLSID\{2AB289AE-4B90-4281-B2AE-1F4BB034B647}
 HKCR\CLSID\{2AB289AE-4B90-4281-B2AE-1F4BB034B647}\InprocServer32
 HKCR\CLSID\{2AB289AE-4B90-4281-B2AE-1F4BB034B647}\InprocServer32#ThreadingModel
 HKCR\CLSID\{2AB289AE-4B90-4281-B2AE-1F4BB034B647}\KeyPhrasesFileName
 HKCR\CLSID\{2AB289AE-4B90-4281-B2AE-1F4BB034B647}\ProgID
 HKCR\CLSID\{2AB289AE-4B90-4281-B2AE-1F4BB034B647}\VersionIndependentProgID
 C:\PROGRA~1\RXTOOL~1\SFCONT.DLL
 HKCR\PROTOCOLS\Filter\text/html
 HKCR\PROTOCOLS\Filter\text/html#CLSID
Adware.RX Toolbar
 HKLM\Software\Classes\CLSID\{59879FA4-4790-461c-A1CC-4EC4DE4CA483}
 HKCR\CLSID\{59879FA4-4790-461C-A1CC-4EC4DE4CA483}
 HKCR\CLSID\{59879FA4-4790-461C-A1CC-4EC4DE4CA483}
 HKCR\CLSID\{59879FA4-4790-461C-A1CC-4EC4DE4CA483}\InprocServer32
 HKCR\CLSID\{59879FA4-4790-461C-A1CC-4EC4DE4CA483}\InprocServer32#ThreadingModel
 HKCR\CLSID\{59879FA4-4790-461C-A1CC-4EC4DE4CA483}\ProgID
 HKCR\CLSID\{59879FA4-4790-461C-A1CC-4EC4DE4CA483}\VersionIndependentProgID
 HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59879FA4-4790-461c-A1CC-4EC4DE4CA483}
Trojan.Unclassified/FDKOWVBP
 HKLM\Software\Classes\CLSID\{BF53502D-3BEF-4273-9925-89D7526A5F87}
 HKCR\CLSID\{BF53502D-3BEF-4273-9925-89D7526A5F87}
 HKCR\CLSID\{BF53502D-3BEF-4273-9925-89D7526A5F87}
 HKCR\CLSID\{BF53502D-3BEF-4273-9925-89D7526A5F87}\InprocServer32
 HKCR\CLSID\{BF53502D-3BEF-4273-9925-89D7526A5F87}\InprocServer32#ThreadingModel
 HKCR\CLSID\{BF53502D-3BEF-4273-9925-89D7526A5F87}\ProgID
 HKCR\CLSID\{BF53502D-3BEF-4273-9925-89D7526A5F87}\Programmable
 HKCR\CLSID\{BF53502D-3BEF-4273-9925-89D7526A5F87}\TypeLib
 HKCR\CLSID\{BF53502D-3BEF-4273-9925-89D7526A5F87}\VersionIndependentProgID
 C:\WINDOWS\FDKOWVBP.DLL
 HKLM\Software\Microsoft\Internet Explorer\Toolbar#{BF53502D-3BEF-4273-9925-89D7526A5F87}
 HKCR\fdkowvbp.1
 HKCR\fdkowvbp
 HKCR\TypeLib\{F0A426BC-CB51-4D2B-B720-F959540B0AB2}
 HKCR\TypeLib\{F0A426BC-CB51-4D2B-B720-F959540B0AB2}\1.0
 HKCR\TypeLib\{F0A426BC-CB51-4D2B-B720-F959540B0AB2}\1.0\0
 HKCR\TypeLib\{F0A426BC-CB51-4D2B-B720-F959540B0AB2}\1.0\0\win32
 HKCR\TypeLib\{F0A426BC-CB51-4D2B-B720-F959540B0AB2}\1.0\FLAGS
 HKCR\TypeLib\{F0A426BC-CB51-4D2B-B720-F959540B0AB2}\1.0\HELPDIR
Adware.Tracking Cookie
 C:\Documents and Settings\Owner\Cookies\owner@indextools[2].txt
 .doubleclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Default User\ravwzdah.slt\cookies.txt ]
 .atwola.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Default User\ravwzdah.slt\cookies.txt ]
 .2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Default User\ravwzdah.slt\cookies.txt ]
 .2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Default User\ravwzdah.slt\cookies.txt ]
 .2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Default User\ravwzdah.slt\cookies.txt ]
 .2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Default User\ravwzdah.slt\cookies.txt ]
 .2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Default User\ravwzdah.slt\cookies.txt ]
 .imrworldwide.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Default User\ravwzdah.slt\cookies.txt ]
 .atdmt.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Default User\ravwzdah.slt\cookies.txt ]
 .edge.ru4.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Default User\ravwzdah.slt\cookies.txt ]
 .edge.ru4.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Default User\ravwzdah.slt\cookies.txt ]
 .atwola.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .advertising.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .advertising.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .advertising.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .doubleclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .edge.ru4.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .atdmt.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .edge.ru4.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .edge.ru4.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .revsci.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .revsci.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .questionmarket.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .questionmarket.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 tracker.mediatracker.co.nz [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .cnn.122.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .webstat.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .webstat.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .imrworldwide.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .imrworldwide.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .112.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .112.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .112.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 stat.onestat.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 stat.onestat.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .hitbox.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .hypertracker.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .hypertracker.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .hypertracker.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .hypertracker.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .hypertracker.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .checkmystats.com.au [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .overture.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .overture.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .perf.overture.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 ad2.pamedia.com.au [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 statse.webtrendslive.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .statcounter.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .statcounter.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .statcounter.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .fastclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 www.addfreestats.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 tracker.roitesting.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .ehg-thesedays.hitbox.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .bs.serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .icc.intellisrv.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .mediaplex.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .cnetaustralia.122.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 www5.addfreestats.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .tribalfusion.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .hurricanedigitalmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .hurricanedigitalmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .hurricanedigitalmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 www3.addfreestats.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .nbcuniversal.122.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
 .clickauditor.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Tamara & Steven\lqvbu4ek.slt\cookies.txt ]
Trojan.Unknown Origin
 HKLM\Software\Microsoft\Windows\CurrentVersion\Run#advap32 [ C:\DOCUME~1\Owner\LOCALS~1\Temp\scksexde.exe/r ]
Browser Hijacker.Internet Explorer Settings Hijack
 HKU\S-1-5-21-181486688-3301028022-890924152-1003\Software\Microsoft\Internet Explorer\Main#Start Page [ http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2 ]
Desktop Hijacker.AboutYourPrivacy
 C:\Documents and Settings\Owner\Favorites\Error Cleaner.url
 C:\Documents and Settings\Owner\Favorites\Privacy Protector.url
 C:\Documents and Settings\Owner\Favorites\Spyware&Malware Protection.url
Trojan.Net-MU/Gen
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebVideo
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebVideo#DisplayName
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebVideo#uninstallString
Rogue.AntiSpywareExpert
 HKLM\Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\WinCtrl32
 HKLM\Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\WinCtrl32#DLLName
 HKLM\Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\WinCtrl32#StartShell
 HKLM\Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\WinCtrl32#Impersonate
 HKLM\Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\WinCtrl32#Asynchronous
Rogue.Dropper/Gen
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{D97058E4-EF03-45C5-8FFE-3DC881C25C4F}\RP964\A0120238.EXE
Adware.Vundo-Variant/J
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{D97058E4-EF03-45C5-8FFE-3DC881C25C4F}\RP965\A0120253.DLL
Trojan.Unclassified/GTS
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{D97058E4-EF03-45C5-8FFE-3DC881C25C4F}\RP965\A0120254.DLL
Trojan.Dropper/Gen
 C:\WINDOWS\EOVP.EXE
 C:\WINDOWS\GRSWPTDL.EXE
Trace.Known Threat Sources
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\K5MZ0LAN\load_txt[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\O1EB0XEJ\cut2_2[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\O1EB0XEJ\bord_bttm[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\SDMFKLY7\cut4_2[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\5T9QVRHI\cut4_4[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\SDMFKLY7\cut1_2[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\K5MBSH6J\con4[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\K5MZ0LAN\shadow_left[1].png
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\SLIJ4967\cut1[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\SDMFKLY7\shadow_bottom[1].png
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\SLIJ4967\buy_n[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\8DEZOLEJ\cut2_4[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\O1EB0XEJ\supp_n[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\SLIJ4967\load_bg[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\O1EB0XEJ\main[1].html
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\SDMFKLY7\cut1_4[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\O1EB0XEJ\css_land[1].css
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\SLIJ4967\load_pointer[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\O1EB0XEJ\con2[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\O1EB0XEJ\shadow_right[1].png
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\SDMFKLY7\bord_lr[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\K5MZ0LAN\load_bttn[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\SDMFKLY7\cut2[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\K5MZ0LAN\main_top2[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\SLIJ4967\load_txt3[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\O1EB0XEJ\con3[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\O1EB0XEJ\down_n[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\K5MZ0LAN\load_img2[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\K5MZ0LAN\cut3_4[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\K5MBSH6J\bord_lr2[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\5T9QVRHI\cut3_2[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\O1EB0XEJ\home_s[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\SLIJ4967\load_slogan[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\SLIJ4967\shadow_con_right[1].png
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\SLIJ4967\load_img1[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\SDMFKLY7\03[1].swf
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\SDMFKLY7\bg[1].jpeg
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\O1EB0XEJ\main_top[1].gif
 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\SLIJ4967\load_flash_bg[1].gif
 

and finally the combofix log
 
ComboFix 08-07-26.1 - Owner 2008-07-31 10:08:12.2 - NTFSx86
Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Program Files\Altnet
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\plugins.cab
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\plugins.cab.cab
C:\Program Files\Altnet\My Altnet Shares\cueclub.exe
C:\Program Files\FunWebProducts
C:\Program Files\MyWay
C:\Program Files\MyWay\myBar\1.bin\MY2NS.EXE
C:\Program Files\MyWay\myBar\1.bin\MYWAYPLUGINPROXY.CLASS
C:\Program Files\MyWay\myBar\1.bin\NPMYWAY.DLL
C:\Program Files\MyWay\myBar\1.bin\PARTNER.BMP
C:\Program Files\MyWay\myBar\1.bin\PARTNER.DAT
C:\Program Files\MyWay\myBar\1.bin\PARTNER2.DAT
C:\Program Files\MyWay\myBar\1.bin\PARTNER3.DAT
C:\Program Files\MyWay\myBar\1.bin\UNINSTALL.INF
C:\Program Files\MyWay\myBar\Cache\[u]0[/u]002892B
C:\Program Files\MyWay\myBar\Cache\[u]0[/u]0031C91
C:\Program Files\MyWay\myBar\Cache\[u]0[/u]0034150.bin
C:\Program Files\MyWay\myBar\Cache\[u]0[/u]00346CE.bin
C:\Program Files\MyWay\myBar\Cache\[u]0[/u]0034D65.bin
C:\Program Files\MyWay\myBar\Cache\[u]0[/u]03D63F1
C:\Program Files\MyWay\myBar\Cache\[u]0[/u]161197E.bmp
C:\Program Files\MyWay\myBar\Cache\[u]0[/u]1645456.bmp
C:\Program Files\MyWay\myBar\Cache\[u]0[/u]164AAB3.bmp
C:\Program Files\MyWay\myBar\Cache\files.ini
C:\Program Files\MyWay\myBar\History\search
C:\Program Files\MyWay\myBar\Settings\prevcfg.htm
C:\Program Files\MyWebSearch
C:\Program Files\MyWebSearch\bar\History\search
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat
C:\Program Files\Need2Find
C:\Program Files\Need2Find\bar\History\search
C:\WINDOWS\eqvwamkl.dll
C:\WINDOWS\fdkowvbp.dll
C:\WINDOWS\privacy_danger
C:\WINDOWS\privacy_danger\images\capt.gif
C:\WINDOWS\privacy_danger\images\danger.jpg
C:\WINDOWS\privacy_danger\images\down.gif
C:\WINDOWS\privacy_danger\images\spacer.gif
C:\WINDOWS\smdat32a.sys
C:\WINDOWS\smdat32m.sys
C:\WINDOWS\system32\cache329
C:\WINDOWS\system32\WinCtrl32.dll
C:\WINDOWS\wnslvxtf.dll
.
(((((((((((((((((((((((((   Files Created from 2008-06-28 to 2008-07-31  )))))))))))))))))))))))))))))))
.
2008-07-30 22:46 . 2008-07-30 22:46 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-07-30 22:45 . 2008-07-30 22:45 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-07-30 22:45 . 2008-07-30 22:45 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
2008-07-30 22:12 . 2008-07-30 22:12 <DIR> d-------- C:\Program Files\CCleaner
2008-07-30 19:30 . 2008-07-31 09:55 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-07-30 19:30 . 2008-07-31 00:12 1,409 --a------ C:\WINDOWS\QTFont.for
2008-07-29 21:16 . 2008-07-29 21:16 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-07-28 20:03 . 2008-06-13 23:10 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-07-27 21:09 . 2008-07-27 21:09 <DIR> d-------- C:\Program Files\PerfectTablePlan
2008-07-27 17:02 . 2008-07-27 17:02 <DIR> d-------- C:\WINDOWS\provisioning
2008-07-27 17:02 . 2008-07-27 17:02 <DIR> d-------- C:\WINDOWS\peernet
2008-07-27 16:57 . 2008-07-27 16:57 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-07-27 16:42 . 2008-07-27 16:42 <DIR> d-------- C:\WINDOWS\EHome
2008-07-27 16:16 . 2008-07-29 11:50 <DIR> dr-h----- C:\$VAULT$.AVG
2008-07-26 23:12 . 2004-08-04 16:15 145,792 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2008-07-26 23:12 . 2004-08-04 16:07 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2008-07-26 22:37 . 2002-04-15 21:11 67,866 --------- C:\WINDOWS\system32\drivers\netwlan5.img
2008-07-26 22:37 . 2004-08-04 00:56 11,776 --------- C:\WINDOWS\system32\spnpinst.exe
2008-07-26 22:37 . 2004-08-02 14:20 7,208 --------- C:\WINDOWS\system32\secupd.sig
2008-07-26 22:37 . 2004-08-02 14:20 4,569 --------- C:\WINDOWS\system32\secupd.dat
2008-07-26 22:37 . 2002-08-28 22:51 929 --a------ C:\WINDOWS\system32\homepage.inf
2008-07-26 21:39 . 2008-07-26 21:39 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-07-26 19:43 . 2007-07-13 17:25 27,072 --a------ C:\WINDOWS\system32\drivers\PCASp50.sys
2008-07-26 19:41 . 2008-07-26 19:41 <DIR> d-------- C:\Program Files\Telstra
2008-07-26 16:05 . 2008-07-26 16:05 <DIR> d-------- C:\Program Files\Veoh Networks
2008-07-23 23:22 . 2008-07-28 01:33 <DIR> d-------- C:\Program Files\Lavasoft Ad-Aware
2008-07-22 23:09 . 2008-07-22 23:09 11,836,623 --------- C:\AVG7QT.DAT
2008-07-22 23:08 . 2008-07-31 09:19 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\AVG7
2008-07-22 23:07 . 2008-07-22 23:07 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2008-07-22 23:07 . 2008-07-26 21:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg7
2008-07-18 19:41 . 2008-07-18 19:41 17 --a------ C:\WINDOWS\popcinfo.dat
2008-06-21 03:41 . 2008-06-21 03:41 245,248 -----c--- C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 20:44 . 2008-06-20 20:44 138,368 -----c--- C:\WINDOWS\system32\dllcache\afd.sys
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-30 12:44 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-07-27 06:23 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-26 06:07 --------- d-----w C:\Program Files\Yahoo!
2008-07-26 06:02 --------- d-----w C:\Program Files\Infogrames Interactive
2008-07-26 06:02 --------- d-----w C:\Program Files\Atari
2008-07-26 05:59 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-07-23 08:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\WildTangent
2008-07-22 13:07 --------- d-----w C:\Program Files\Symantec
2008-07-21 03:50 --------- d-----w C:\Program Files\Easy Internet signup
2008-07-20 11:04 --------- d-----w C:\Documents and Settings\Owner\Application Data\MSN6
2008-07-18 01:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\InterAction studios
2008-07-14 05:46 --------- d-----w C:\Documents and Settings\All Users\Application Data\Fugazo
2008-07-14 05:43 --------- d-----w C:\Program Files\WildGames
2008-07-12 01:09 --------- d-----w C:\Documents and Settings\Owner\Application Data\PlayFirst
2008-07-12 01:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\PlayFirst
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-13 13:10 272,128 ------w C:\WINDOWS\system32\drivers\bthport.sys
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2004-12-26 15:24 188459]
"MSMSGS"="C:\Program Files\Messenger\MSMSGS.EXE" [2004-08-04 17:56 1667584]
"MoneyAgent"="C:\Program Files\Microsoft Money\System\mnyexpr.exe" [2002-07-17 18:00 200767]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-05-28 10:33 1506544]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 16:04 52736]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [2003-03-11 17:11 114688]
"hp Silent Service"="C:\Windows\system32\HpSrvUI.exe" [2002-06-18 19:24 32768]
"hpScannerFirstBoot"="c:\hp\drivers\scanners\scannerfb.exe" [2001-12-13 18:24 20480]
"CamMonitor"="c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe" [2002-06-22 07:27 69632]
"Share-to-Web Namespace Daemon"="c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 17:42 69632]
"StorageGuard"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-02-13 08:01 155648]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2002-09-13 21:42 212992]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2002-10-16 16:57 81920]
"mmtask"="C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe" [2003-06-26 17:04 53248]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2004-04-11 18:05 77824]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0\bin\jusched.exe" [2008-02-23 16:37 77824]
"BigPondWirelessBroadbandCM"="C:\Program Files\Telstra\BigPond Wireless Broadband 2.0\BigPond_CM.exe" [2008-02-26 15:21 2162688]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-07-26 21:39 579584]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 13:47 57344 C:\WINDOWS\ALCXMNTR.EXE]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-07-26 21:39 219136]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2004-08-04 17:56 53760 C:\WINDOWS\system32\narrator.exe]
C:\Documents and Settings\Owner\Start Menu\Programs\Startup\
Office Startup.lnk - C:\Program Files\Microsoft Office\Office\OSA.EXE [1996-11-21 51984]
PowerReg Scheduler V3.exe [2006-09-21 19:50:53 225280]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2005-09-20 10:28:16 1200128]
CreataCard Gold 2 Forget Me Not Reminders.lnk - C:\Program Files\CreataCard\Gold\FMRMD32.EXE [2004-01-13 12:47:17 55296]
hp psc 2000 Series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe [2002-06-27 01:20:58 323646]
Logitech Harmony Remote Software 7.lnk - C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe [2006-10-13 17:29:43 86112]
officejet 6100.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe [2002-06-27 01:21:30 147456]
Updates from HP.lnk - C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe [2003-04-23 21:09:09 16384]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 10:13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winbe13.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winlm88.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winml18.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winuh20.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winxb66.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\Logitech\\Logitech Harmony Remote Software 7\\HarmonyRemote.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IMApp.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Updates from HP\\137903\\Program\\BackWeb-137903.exe"=
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
S0 Winbe13;Winbe13;C:\WINDOWS\system32\Drivers\Winbe13.sys []
S0 Winlm88;Winlm88;C:\WINDOWS\system32\Drivers\Winlm88.sys []
S0 Winml18;Winml18;C:\WINDOWS\system32\Drivers\Winml18.sys []
S0 Winuh20;Winuh20;C:\WINDOWS\system32\Drivers\Winuh20.sys []
S0 Winxb66;Winxb66;C:\WINDOWS\system32\Drivers\Winxb66.sys []
S3 2WIREPCP;2Wire USB;C:\WINDOWS\system32\DRIVERS\2WirePCP.sys [2007-12-20 00:43]
S3 cmusbnet;WAN Driver @ 3GPP (6280);C:\WINDOWS\system32\DRIVERS\cmusbnet.sys [2007-06-22 10:54]
S3 cmusbser;%CMUSBSER%;C:\WINDOWS\system32\DRIVERS\cmusbser.sys [2006-12-13 19:31]
S3 GameConsoleService;GameConsoleService;C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe [2008-05-06 08:25]
S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2007-07-13 17:25]
.
Contents of the 'Scheduled Tasks' folder
2003-12-10 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 2100 series#1061781386.job - s !BC:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe4-I "#Hewlett-Packard#hp psc 2100 series#1061781386"Owner []
2008-07-30 C:\WINDOWS\Tasks\Symantec NetDetect.job - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE [2004-12-14 12:24]
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-Yahoo! Pager - C:\Program Files\Yahoo!\Messenger\ypager.exe
SSODL-wnslvxtf-{8823C8DF-FAF0-4B9C-B207-9FB4D6BB2A9C} - C:\WINDOWS\wnslvxtf.dll
SSODL-eqvwamkl-{558DC6A1-20D1-4C0E-A19D-8666AB08400C} - C:\WINDOWS\eqvwamkl.dll

.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = www.bigpond.com
R0 -: HKLM-Main,Start Page = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/stp/ymsgr*http://my.yahoo.com
R1 -: HKCU-Internet Settings,ProxyOverride = 0;<local>;localhost
O8 -: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 -: &Search - http://km.bar.need2find.com/KM/menusearch.html?p=KM
O8 -: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 -: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 -: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 -: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O16 -: DirectAnimation Java Classes - file://C:\WINDOWS\Java\classes\dajava.cab
C:\WINDOWS\Downloaded Program Files\DirectAnimation Java Classes.osd
O16 -: Microsoft XML Parser for Java - file://C:\WINDOWS\Java\classes\xmldso.cab
C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd

**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-31 10:20:48
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-07-31 10:33:51
ComboFix-quarantined-files.txt  2008-07-31 00:33:43
Pre-Run: 15,986,434,048 bytes free
Post-Run: 15,971,057,664 bytes free
222 --- E O F --- 2008-07-30 04:53:56
Thankyou for your time.


 
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 13812
  		   Posted 7-31-2008 8:19 (GMT +1)    Quote: Had some serious issuesAlert an admin about: Had some serious issues
Looks clean smile

Do NOT post your problem in someone elses thread.
Member of - Alliance of Security Analysis Professionals
Please do NOT PM me any logs. They will be deleted

Back to Top
 
New Topic Post reply to : Had some serious issues Printable version of : Had some serious issues
 
Forum Information
Currently it is Tuesday, December 02, 2008 11:38 PM (GMT +1)
There are a total of 64.507 posts in 15.908 threads.
In the last 3 days there were 17 new threads and 84 reply posts. View Active Threads
Who's Online
This forum has 27322 registered members. Please welcome our newest member, imezeguy.
36 Guest(s), 0 Registered Member(s) are currently online.  Details
5 Latest Threads
Need virus removal help - malwarebytes etc (5)02-12-2008 19:12:25 (Jonathan_ll)
Help please !!!!! (0)02-12-2008 18:12:57 (RERAZOR)
Trojan Horse Downloader Generic EPY (0)02-12-2008 17:40:36 (ah ying)
Command Service (8)02-12-2008 17:11:50 (yogendra)
Virtrigger removal (10)02-12-2008 15:16:23 (JHT)


Need Support? Write to: | Forum Help Manual

Download free trial version of Bullguard