PDA

View Full Version : Virtumonde once again...please help



sikink
2008-12-25, 01:32
Seems as thought caught Virtumonde again.... ran spybot 5 times and it keeps popping up with 3 entries. keep getting popups and virus alerts through AVG....

please help
thank you



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:28:42 PM, on 12/24/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Creative\VoiceCenter\AndreaVC.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\DOCUME~1\RHC332~1.MCC\LOCALS~1\Temp\clclean.0001
C:\Program Files\Saitek\Saitek Gaming Extensions\saicnfig.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\EarthLink TotalAccess\FastLane2\IPMon32.exe
C:\Program Files\EarthLink TotalAccess\FastLane2\IPClient.exe
C:\WINDOWS\system32\NVAREM.EXE
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\EarthLink TotalAccess\WENGINE\wmonitor.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\EarthLink TotalAccess\TaskPanl.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\x10nets.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Sprint\Sprint SmartView\SprintSV.exe
C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe
C:\Program Files\Sprint\Sprint SmartView\SwiApiMuxCdma.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
C:\Program Files\Trend Micro\Hijack This\sikink.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sikink.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: SrchHook Class - {44F9B173-041C-4825-A9B9-D914BD9DCBB3} - C:\Program Files\EarthLink TotalAccess\elnIE.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {21f8a54b-8724-4a86-a65b-ac2eaa8cde7e} - C:\WINDOWS\system32\balayoyu.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: IE_PopupBlocker Class - {656EC4B7-072B-4698-B504-2A414C1F0037} - C:\Program Files\EarthLink TotalAccess\Accelerator\prpl_IePopupBlocker.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [ShowLOMControl] 
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [VoiceCenter] "C:\Program Files\Creative\VoiceCenter\AndreaVC.exe" /tray
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SAITEKAUTOCONFIGURE] C:\Program Files\Saitek\Saitek Gaming Extensions\saicnfig.exe /autorun
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [Fellowes Proxy] C:\WINDOWS\system32\r3proxy.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\EarthLink TotalAccess\FastLane2\IPMon32.exe"
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\Program Files\EarthLink TotalAccess\FastLane2\IPClient.exe" -l
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NVIDIA Remote Control Panel] NVAREM.EXE /S /Q /R /L /A1 /B0 /C0 /D2 /E0
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Sprint SmartView] "C:\Program Files\Sprint\Sprint SmartView\SprintSV.exe" -a
O4 - HKLM\..\Run: [MATH DOES FIRST MODE] C:\Documents and Settings\All Users\Application Data\live 64 math does\Mix Love.exe
O4 - HKLM\..\Run: [difomufuwe] Rundll32.exe "C:\WINDOWS\system32\vapesawi.dll",s
O4 - HKLM\..\Run: [ec27dc43] rundll32.exe "C:\WINDOWS\system32\lawakuwi.dll",b
O4 - HKLM\..\Run: [CPMef14efdf] Rundll32.exe "c:\windows\system32\fotuliza.dll",a
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [64 Enc] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\DATESE~1\CastLocks.exe
O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart
O4 - HKUS\S-1-5-19\..\Run: [difomufuwe] Rundll32.exe "C:\WINDOWS\system32\vapesawi.dll",s (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [difomufuwe] Rundll32.exe "C:\WINDOWS\system32\vapesawi.dll",s (User 'NETWORK SERVICE')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\digital imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Search - ?p=ZUxdm080MFUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: http://orock1059.listenernetwork.com
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {02A2D714-433E-46E4-B217-7C3B3FAF8EAE} (ScrabbleCubes Control) - http://www.worldwinner.com/games/v46/scrabblecubes/scrabblecubes.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab
O16 - DPF: {0645D7F3-C20E-4E0B-A545-557527497C0B} (NMInstall Control) - http://a14.g.akamai.net/f/14/7141/1d/www.nielsennetpanel.com/netmeter4_6/NetMeter_preinstaller_activex_en_4.70.21.0_MEGAPANEL_USA.cab
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47/shared/FunGamesLoader.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4B9F2C37-C0CF-42BC-BB2D-DCFA8B25CABF} - http://zone.msn.com/bingame/rock/default/popcaploader1.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
O16 - DPF: {64D01C7F-810D-446E-A07E-16C764235644} (AtlAtomadersCtlAttrib Class) - http://zone.msn.com/bingame/amad/default/atomaders.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1160883041296
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/amun/default/mjolauncher.cab
O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} (UnoCtrl Class) - http://zone.msn.com/bingame/zpagames/GAME_UNO1.cab60096.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (MSN Games – Texas Holdem Poker) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab60231.cab
O16 - DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} (Hangman Control) - http://www.worldwinner.com/games/v41/hangman/hangman.cab
O16 - DPF: {B33E9AC8-169E-4346-BCD9-C98A8BE3F1E9} - http://www.piclens.com/shared/plinstll.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {C86FF4B0-AA1D-46D4-8612-025FB86583C7} (AstoundLauncher Control) - http://sympatico.zone.msn.com/bingame/jobo/default/AstoundLauncher.cab#version=1,0,0,10
O16 - DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} (Paint Control) - http://www.worldwinner.com/games/v43/paint/paint.cab
O16 - DPF: {CAC181B0-4D70-402D-B571-C596A47D0CE0} (CBankshotZoneCtrl Class) - http://zone.msn.com/bingame/zpagames/zpa_pool.cab56649.cab
O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} (Photodex Presenter AX control) - http://www.photodex.com/pxplay.cab
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinner.com/games/v47/familyfeud/familyfeud.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://zone.msn.com/bingame/feed/default/SproutLauncher.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/popcaploader_v10.cab
O16 - DPF: {F773E7B2-62A9-4524-9109-87D2F0BEFAA4} (ChessControl Class) - http://zone.msn.com/bingame/zpagames/zpa_kqrp.cab56961.cab
O16 - DPF: {FAE74270-E5EE-49C3-B816-EA8B4D55F38F} (H2hPool Control) - http://www.worldwinner.com/games/v53/h2hpool/h2hpool.cab
O16 - DPF: {FF3C5A9F-5A91-4930-80E8-4709194C2AD3} (CheckersZPA Object) - http://zone.msn.com/bingame/zpagames/CheckersZPA.cab55579.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D2B6201C-AC2B-4597-BE2F-7BC33A3E27EE}: NameServer = 68.28.58.92 68.28.50.91
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\lepokajo.dll c:\windows\system32\dakomira.dll c:\windows\system32\fotuliza.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\fotuliza.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\fotuliza.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EarthLink Monitor Service (EarthLinkMonitor) - Boingo Wireless, Inc. - C:\Program Files\EarthLink TotalAccess\WENGINE\wmonitor.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate1c9556c59cbc448) (gupdate1c9556c59cbc448) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: Sprint RcAppSvc (SprintRcAppSvc) - PCTEL - C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\WINDOWS\system32\x10nets.exe

--
End of file - 22730 bytes

Shaba
2008-12-29, 13:05
Hi sikink

We will begin with ComboFix.

Please download ComboFix from one of these locations:

Link 1 (http://subs.geekstogo.com/ComboFix.exe)
Link 2 (http://www.forospyware.com/sUBs/ComboFix.exe)
Link 3 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

Double click on ComboFix.exe & follow the prompts.

As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.


**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


http://img.photobucket.com/albums/v706/ried7/RcAuto1.gif

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

http://img.photobucket.com/albums/v706/ried7/whatnext.png

Click on Yes, to continue scanning for malware.

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply along with a fresh HijackThis log.

This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper

If you need help, see this link:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

sikink
2008-12-29, 19:59
ComboFix 08-12-28.04 - R.H.McCLURG 2008-12-29 9:07:05.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1384 [GMT -8:00]
Running from: c:\documents and settings\R.H.McCLURG\Desktop\ComboFix.exe
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
FW: COMODO Firewall Pro *enabled*
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\404Fix.exe
c:\windows\system32\ayiyamuj.ini
c:\windows\system32\dumphive.exe
c:\windows\system32\gomuliwe.dll
c:\windows\system32\IEDFix.exe
c:\windows\system32\ipolanob.ini
c:\windows\system32\iwukawal.ini
c:\windows\system32\jumayiya.dll
c:\windows\system32\kabifoti.dll
c:\windows\system32\owitipid.ini
c:\windows\system32\peyuweli.dll
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe
c:\windows\system32\yapipije.dll

.
((((((((((((((((((((((((( Files Created from 2008-11-28 to 2008-12-29 )))))))))))))))))))))))))))))))
.

2008-12-29 09:11 . 2008-12-29 09:11 72 --ah----- c:\windows\system32\x10prod.sys
2008-12-28 21:25 . 2008-12-28 21:24 410,984 --a------ c:\windows\system32\deploytk.dll
2008-12-26 14:31 . 2008-12-26 14:31 <DIR> d-------- c:\program files\Date Settings Long
2008-12-24 11:25 . 2008-12-29 08:41 664 --a------ c:\windows\system32\d3d9caps.dat
2008-12-23 19:50 . 2008-12-26 14:31 <DIR> d-------- c:\documents and settings\All Users\Application Data\live 64 math does
2008-12-23 19:49 . 2008-12-26 14:32 <DIR> d-------- c:\documents and settings\R.H.McCLURG\Application Data\Date Settings Long
2008-12-22 08:42 . 2008-12-22 08:42 <DIR> d-------- c:\documents and settings\All Users\Application Data\Gogii
2008-12-21 21:05 . 2008-12-21 21:05 <DIR> d-------- c:\documents and settings\R.H.McCLURG\Application Data\Playrix Entertainment
2008-12-21 20:43 . 2008-12-21 20:43 <DIR> d-------- c:\program files\bfgclient
2008-12-21 20:41 . 2008-12-23 16:33 <DIR> d-------- c:\documents and settings\All Users\Application Data\BigFishGamesCache
2008-12-20 12:59 . 2008-12-20 12:59 <DIR> d-------- c:\program files\BearShare Applications
2008-12-20 12:59 . 2008-09-25 05:20 483,328 --a------ c:\windows\system32\actskn45.ocx
2008-12-19 12:23 . 2008-12-19 12:23 7,168 --ahs---- c:\windows\Thumbs.db
2008-12-19 12:23 . 2008-12-19 12:23 5,632 --ahs---- c:\documents and settings\Thumbs.db
2008-12-16 08:52 . 2008-12-16 08:52 <DIR> d-------- c:\documents and settings\R.H.McCLURG\Saved Games
2008-12-16 08:52 . 2008-12-23 17:29 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP
2008-12-16 08:49 . 2008-12-21 21:04 <DIR> d-------- c:\program files\Oberon Media
2008-12-16 08:49 . 2008-12-22 22:10 <DIR> d-------- c:\program files\MSN Games
2008-12-06 14:52 . 2008-12-06 14:52 145 --a------ C:\Shortcut to CD Drive.lnk
2008-12-06 12:32 . 2008-12-06 12:32 <DIR> d-------- c:\documents and settings\R.H.McCLURG\Application Data\Unity
2008-12-06 11:08 . 2008-12-06 11:08 <DIR> d-------- c:\program files\Unity
2008-12-02 20:53 . 2008-12-02 20:53 <DIR> d-------- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2008-12-02 20:52 . 2008-12-02 20:52 <DIR> d-------- c:\program files\Yahoo!

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-29 17:11 --------- d-----w c:\program files\DNA
2008-12-29 17:11 --------- d-----w c:\documents and settings\R.H.McCLURG\Application Data\DNA
2008-12-29 05:24 --------- d-----w c:\program files\Java
2008-12-28 17:59 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-28 17:35 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2008-12-24 20:46 --------- d-----w c:\program files\iTunes
2008-12-24 06:52 --------- d-----w c:\program files\DivX
2008-12-23 23:59 --------- d-----w c:\documents and settings\All Users\Application Data\MumboJumbo
2008-12-20 21:07 --------- d-----w c:\program files\LimeWire
2008-12-19 20:23 --------- d-----w c:\program files\SWiSH Max2
2008-12-03 17:27 --------- d-----w c:\program files\Google
2008-12-03 04:53 --------- d--h--r c:\documents and settings\R.H.McCLURG\Application Data\yahoo!
2008-12-02 21:29 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-11-29 06:27 --------- d-----w c:\program files\Photodex Presenter
2008-11-29 06:27 --------- d-----w c:\documents and settings\R.H.McCLURG\Application Data\Netscape
2008-11-23 03:13 --------- d-----w c:\program files\NickOnline
2008-11-20 06:26 --------- d-----w c:\documents and settings\NetworkService\Application Data\X10 Commander
2008-11-19 06:00 --------- d-----w c:\program files\PicLensIE
2008-11-14 15:12 --------- d-----w c:\program files\Incomplete
2008-11-14 14:14 263,528 ----a-w c:\documents and settings\R.H.McCLURG\Application Data\GDIPFONTCACHEV1.DAT
2008-11-14 13:22 --------- d-----w c:\program files\MSXML 4.0
2008-11-08 21:31 --------- d-----w c:\documents and settings\R.H.McCLURG\Application Data\Sierra Wireless
2008-11-08 21:14 --------- d-----w c:\program files\Sprint
2008-11-08 21:14 --------- d-----w c:\program files\Sierra Wireless
2008-11-08 21:14 --------- d-----w c:\program files\Novatel Wireless
2008-11-08 21:14 --------- d-----w c:\program files\Common Files\Research in Motion
2008-11-08 21:14 --------- d-----w c:\program files\Common Files\Motorola Shared
2008-11-08 21:14 --------- d-----w c:\documents and settings\All Users\Application Data\Sprint
2008-09-08 21:57 191,095 ----a-w c:\documents and settings\R.H.McCLURG\base.dat
2008-09-02 00:57 644,645,866 ----a-w c:\program files\Curious Labs.rar
2007-09-18 03:43 656,135,330 ----a-w c:\program files\Curious Labs.zip
2007-05-14 22:40 12,432,112 ----a-w c:\documents and settings\R.H.McCLURG\BackCompat_04-2007.zip
2005-06-01 21:50 204,418 ----a-w c:\program files\MediaPlayerPluginSource.zip
2006-06-18 01:54 56 --sha-r c:\windows\system32\10CE9A7140.sys
2007-12-19 18:20 88 --sh--r c:\windows\system32\1EA96AFCD9.sys
2008-07-05 15:04 88 --sh--r c:\windows\system32\40719ACE10.sys
2008-07-05 19:59 8,142 --sha-w c:\windows\system32\KGyGaAvL.sys
2008-08-23 21:58 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008082320080824\index.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ModemOnHold"="c:\program files\NetWaiting\netWaiting.exe" [2003-09-09 20480]
"Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2005-10-11 1961984]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2008-12-20 342848]
"64 Enc"="c:\docume~1\RHC332~1.MCC\APPLIC~1\DATESE~1\CastLocks.exe" [2008-12-26 618496]
"E6TaskPanel"="c:\program files\EarthLink TotalAccess\TaskPanl.exe" [2005-09-01 942080]
"SetDefaultMIDI"="MIDIDef.exe" [2004-12-22 c:\windows\MIDIDEF.EXE]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShowLOMControl"="1 (0x1)" [X]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-03-21 7557120]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-28 136600]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2006-02-28 839680]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947]
"DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208]
"CTSysVol"="c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-10-31 57344]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"VoiceCenter"="c:\program files\Creative\VoiceCenter\AndreaVC.exe" [2006-01-02 1126400]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"MSKDetectorExe"="c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2005-07-12 1117184]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 4.0\apdproxy.exe" [2005-09-08 57344]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2004-04-14 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2004-04-14 40960]
"SAITEKAUTOCONFIGURE"="c:\program files\Saitek\Saitek Gaming Extensions\saicnfig.exe" [2001-01-19 45056]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb11.exe" [2006-01-06 172032]
"HPHUPD06"="c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2006-01-06 49152]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-18 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"HPHmon06"="c:\windows\system32\hphmon06.exe" [2006-01-06 659456]
"Fellowes Proxy"="c:\windows\system32\r3proxy.exe" [2004-03-25 86016]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648]
"IPInSightMonitor 01"="c:\program files\EarthLink TotalAccess\FastLane2\IPMon32.exe" [2005-08-10 122880]
"IPInSightLAN 01"="c:\program files\EarthLink TotalAccess\FastLane2\IPClient.exe" [2005-08-10 380928]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-04-21 185896]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-11-27 1261336]
"IntelZeroConfig"="c:\program files\Intel\WiFi\bin\ZCfgSvc.exe" [2008-07-10 1351680]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2008-07-10 1191936]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"Sprint SmartView"="c:\program files\Sprint\Sprint SmartView\SprintSV.exe" [2008-10-15 17664]
"MATH DOES FIRST MODE"="c:\documents and settings\All Users\Application Data\live 64 math does\city mags.exe" [2008-12-26 724992]
"nwiz"="nwiz.exe" [2006-03-21 c:\windows\system32\nwiz.exe]
"NVHotkey"="nvHotkey.dll" [2006-03-21 c:\windows\system32\nvhotkey.dll]
"SigmatelSysTrayApp"="stsystra.exe" [2006-02-10 c:\windows\stsystra.exe]
"MBMon"="CTMBHA.DLL" [2006-03-03 c:\windows\system32\CTMBHA.DLL]
"NVIDIA Remote Control Panel"="NVAREM.EXE" [2003-07-30 c:\windows\system32\nvarem.exe]

c:\documents and settings\R.H.McCLURG\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-09-08 110592]
PowerReg Scheduler V3.exe [2006-11-18 225280]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-09-08 110592]
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2005-11-18 1724416]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-05-03 24576]
HP Digital Imaging Monitor.lnk - c:\program files\HP\digital imaging\bin\hpqtra08.exe [2006-02-19 288472]
HP Photosmart Premier Fast Start.lnk - c:\program files\HP\digital imaging\bin\hpqthb08.exe [2006-02-10 73728]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-12 83360]
TabUserW.exe.lnk - c:\windows\system32\WTablet\TabUserW.exe [2006-05-18 114688]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"difomufuwe"=Rundll32.exe "c:\windows\system32\vapesawi.dll",s

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"=
"c:\\Program Files\\Autodesk\\3dsMax8\\3dsmax.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgtray.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgui.exe"=
"c:\\Program Files\\USPS\\Shipping Assistant\\ShippingAssistant.exe"=
"c:\\Program Files\\Autodesk\\backburner\\manager.exe"=
"c:\\Program Files\\SWiSH Max2\\SwishMax2.exe"=
"c:\\Program Files\\Lavasoft\\Ad-Aware\\Ad-Aware.exe"=
"c:\\Program Files\\Lavasoft\\Ad-Aware\\Ad-Watch.exe"=
"c:\\Program Files\\Toshiba\\Bluetooth Toshiba Stack\\TosBtProc1.exe"=
"c:\\Program Files\\Toshiba\\Bluetooth Toshiba Stack\\ECCenter1.exe"=
"c:\\Program Files\\Lavasoft\\Ad-Aware\\lsupdatemanager.exe"=
"c:\\Program Files\\Outlook Express\\msimn.exe"=
"c:\\Program Files\\DellSupport\\DSAgnt.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\EarthLink TotalAccess\\MailClnt.exe"=
"c:\\Program Files\\EarthLink TotalAccess\\Webspace.exe"=
"c:\\Program Files\\Sprint\\Sprint SmartView\\SprintSV.exe"=
"c:\\Program Files\\SmartFTP Client\\SmartFTP.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Common Files\\Creative Labs Shared\\Service\\CreativeLicensing.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\Intel\\WiFi\\bin\\EvtEng.exe"=
"c:\\WINDOWS\\system32\\spoolsv.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-09-08 97928]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-09-08 875288]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-09-08 231704]
R2 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2008-09-08 76040]
R2 EarthLinkMonitor;EarthLink Monitor Service;"c:\program files\EarthLink TotalAccess\WENGINE\wmonitor.exe" [2005-01-26 65604]
R3 BW2NDIS5;BW2NDIS5;c:\windows\system32\Drivers\BW2NDIS5.sys [2004-11-01 17536]
S2 gupdate1c9556c59cbc448;Google Update Service (gupdate1c9556c59cbc448);"c:\program files\Google\Update\GoogleUpdate.exe" /svc [2008-12-03 133104]
S3 FeMouWDM;Fellowes Mouse Driver;c:\windows\system32\DRIVERS\FeMouWDM.sys [2007-09-04 11393]
S4 LMIRfsClientNP;LMIRfsClientNP; []
.
Contents of the 'Scheduled Tasks' folder

2008-12-29 c:\windows\Tasks\ADE9E8E6918A95A2.job
- c:\docume~1\rhc332~1.mcc\applic~1\datese~1\axissafeglobal.exe [2008-12-26 14:31]

2008-12-16 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 08:34]

2008-12-29 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2008-12-03 09:26]

2008-12-29 c:\windows\Tasks\HP Usg Daily FY04.job
- c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\pexpress\hphped06.exe [2006-01-06 21:09]

2008-12-27 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job
- c:\program files\Spybot - Search & Destroy\SpybotSD.exe [2008-07-30 10:45]

2008-09-18 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2005-03-31 13:32]
.
- - - - ORPHANS REMOVED - - - -

BHO-{21f8a54b-8724-4a86-a65b-ac2eaa8cde7e} - c:\windows\system32\kabifoti.dll
HKLM-Run-difomufuwe - c:\windows\system32\kafimehe.dll


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.sikink.com/
IE: &Search - ?p=ZUxdm080MFUS
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office10\EXCEL.EXE/3000
Trusted Zone: orock1059.listenernetwork.com
Handler: skyline - {3a4f9195-65a8-11d5-85c1-0001023952c1} - c:\program files\Skyline\TerraExplorer\TerraExplorerX.dll

c:\windows\system32\nminstall.dll - O16 -: {0645D7F3-C20E-4E0B-A545-557527497C0B}
hxxp://a14.g.akamai.net/f/14/7141/1d/www.nielsennetpanel.com/netmeter4_6/NetMeter_preinstaller_activex_en_4.70.21.0_MEGAPANEL_USA.cab
c:\windows\Downloaded Program Files\nminstall.inf

c:\windows\Downloaded Program Files\plinstll.dll - O16 -: {B33E9AC8-169E-4346-BCD9-C98A8BE3F1E9}
hxxp://www.piclens.com/shared/plinstll.cab
c:\windows\Downloaded Program Files\plinstll.inf
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-29 09:10:47
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1060)
c:\windows\system32\netprovcredman.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Intel\WiFi\bin\S24EvMon.exe
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\windows\system32\brss01a.exe
c:\windows\system32\scardsvr.exe
c:\program files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
c:\windows\system32\CTSVCCDA.EXE
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
c:\program files\Dell\NicConfigSvc\NicConfigSvc.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\windows\system32\locator.exe
c:\windows\system32\snmp.exe
c:\windows\system32\Tablet.exe
c:\progra~1\AVG\AVG8\avgrsx.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\rundll32.exe
c:\docume~1\RHC332~1.MCC\LOCALS~1\temp\clclean.0001
c:\program files\Internet Explorer\iexplore.exe
c:\windows\system32\x10nets.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
c:\program files\HP\digital imaging\bin\hpqimzone.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\HP\digital imaging\bin\hpqste08.exe
.
**************************************************************************
.
Completion time: 2008-12-29 9:16:45 - machine was rebooted
ComboFix-quarantined-files.txt 2008-12-29 17:16:37

Pre-Run: 21,144,846,336 bytes free
Post-Run: 21,016,518,656 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptOut

778 --- E O F --- 2008-12-19 01:10:55

sikink
2008-12-29, 20:08
ComboFix 08-12-28.04 - R.H.McCLURG 2008-12-29 9:07:05.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1384 [GMT -8:00]
Running from: c:\documents and settings\R.H.McCLURG\Desktop\ComboFix.exe
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
FW: COMODO Firewall Pro *enabled*
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\404Fix.exe
c:\windows\system32\ayiyamuj.ini
c:\windows\system32\dumphive.exe
c:\windows\system32\gomuliwe.dll
c:\windows\system32\IEDFix.exe
c:\windows\system32\ipolanob.ini
c:\windows\system32\iwukawal.ini
c:\windows\system32\jumayiya.dll
c:\windows\system32\kabifoti.dll
c:\windows\system32\owitipid.ini
c:\windows\system32\peyuweli.dll
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe
c:\windows\system32\yapipije.dll

.
((((((((((((((((((((((((( Files Created from 2008-11-28 to 2008-12-29 )))))))))))))))))))))))))))))))
.

2008-12-29 09:11 . 2008-12-29 09:11 72 --ah----- c:\windows\system32\x10prod.sys
2008-12-28 21:25 . 2008-12-28 21:24 410,984 --a------ c:\windows\system32\deploytk.dll
2008-12-26 14:31 . 2008-12-26 14:31 <DIR> d-------- c:\program files\Date Settings Long
2008-12-24 11:25 . 2008-12-29 08:41 664 --a------ c:\windows\system32\d3d9caps.dat
2008-12-23 19:50 . 2008-12-26 14:31 <DIR> d-------- c:\documents and settings\All Users\Application Data\live 64 math does
2008-12-23 19:49 . 2008-12-26 14:32 <DIR> d-------- c:\documents and settings\R.H.McCLURG\Application Data\Date Settings Long
2008-12-22 08:42 . 2008-12-22 08:42 <DIR> d-------- c:\documents and settings\All Users\Application Data\Gogii
2008-12-21 21:05 . 2008-12-21 21:05 <DIR> d-------- c:\documents and settings\R.H.McCLURG\Application Data\Playrix Entertainment
2008-12-21 20:43 . 2008-12-21 20:43 <DIR> d-------- c:\program files\bfgclient
2008-12-21 20:41 . 2008-12-23 16:33 <DIR> d-------- c:\documents and settings\All Users\Application Data\BigFishGamesCache
2008-12-20 12:59 . 2008-12-20 12:59 <DIR> d-------- c:\program files\BearShare Applications
2008-12-20 12:59 . 2008-09-25 05:20 483,328 --a------ c:\windows\system32\actskn45.ocx
2008-12-19 12:23 . 2008-12-19 12:23 7,168 --ahs---- c:\windows\Thumbs.db
2008-12-19 12:23 . 2008-12-19 12:23 5,632 --ahs---- c:\documents and settings\Thumbs.db
2008-12-16 08:52 . 2008-12-16 08:52 <DIR> d-------- c:\documents and settings\R.H.McCLURG\Saved Games
2008-12-16 08:52 . 2008-12-23 17:29 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP
2008-12-16 08:49 . 2008-12-21 21:04 <DIR> d-------- c:\program files\Oberon Media
2008-12-16 08:49 . 2008-12-22 22:10 <DIR> d-------- c:\program files\MSN Games
2008-12-06 14:52 . 2008-12-06 14:52 145 --a------ C:\Shortcut to CD Drive.lnk
2008-12-06 12:32 . 2008-12-06 12:32 <DIR> d-------- c:\documents and settings\R.H.McCLURG\Application Data\Unity
2008-12-06 11:08 . 2008-12-06 11:08 <DIR> d-------- c:\program files\Unity
2008-12-02 20:53 . 2008-12-02 20:53 <DIR> d-------- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2008-12-02 20:52 . 2008-12-02 20:52 <DIR> d-------- c:\program files\Yahoo!

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-29 17:11 --------- d-----w c:\program files\DNA
2008-12-29 17:11 --------- d-----w c:\documents and settings\R.H.McCLURG\Application Data\DNA
2008-12-29 05:24 --------- d-----w c:\program files\Java
2008-12-28 17:59 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-28 17:35 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2008-12-24 20:46 --------- d-----w c:\program files\iTunes
2008-12-24 06:52 --------- d-----w c:\program files\DivX
2008-12-23 23:59 --------- d-----w c:\documents and settings\All Users\Application Data\MumboJumbo
2008-12-20 21:07 --------- d-----w c:\program files\LimeWire
2008-12-19 20:23 --------- d-----w c:\program files\SWiSH Max2
2008-12-03 17:27 --------- d-----w c:\program files\Google
2008-12-03 04:53 --------- d--h--r c:\documents and settings\R.H.McCLURG\Application Data\yahoo!
2008-12-02 21:29 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-11-29 06:27 --------- d-----w c:\program files\Photodex Presenter
2008-11-29 06:27 --------- d-----w c:\documents and settings\R.H.McCLURG\Application Data\Netscape
2008-11-23 03:13 --------- d-----w c:\program files\NickOnline
2008-11-20 06:26 --------- d-----w c:\documents and settings\NetworkService\Application Data\X10 Commander
2008-11-19 06:00 --------- d-----w c:\program files\PicLensIE
2008-11-14 15:12 --------- d-----w c:\program files\Incomplete
2008-11-14 14:14 263,528 ----a-w c:\documents and settings\R.H.McCLURG\Application Data\GDIPFONTCACHEV1.DAT
2008-11-14 13:22 --------- d-----w c:\program files\MSXML 4.0
2008-11-08 21:31 --------- d-----w c:\documents and settings\R.H.McCLURG\Application Data\Sierra Wireless
2008-11-08 21:14 --------- d-----w c:\program files\Sprint
2008-11-08 21:14 --------- d-----w c:\program files\Sierra Wireless
2008-11-08 21:14 --------- d-----w c:\program files\Novatel Wireless
2008-11-08 21:14 --------- d-----w c:\program files\Common Files\Research in Motion
2008-11-08 21:14 --------- d-----w c:\program files\Common Files\Motorola Shared
2008-11-08 21:14 --------- d-----w c:\documents and settings\All Users\Application Data\Sprint
2008-09-08 21:57 191,095 ----a-w c:\documents and settings\R.H.McCLURG\base.dat
2008-09-02 00:57 644,645,866 ----a-w c:\program files\Curious Labs.rar
2007-09-18 03:43 656,135,330 ----a-w c:\program files\Curious Labs.zip
2007-05-14 22:40 12,432,112 ----a-w c:\documents and settings\R.H.McCLURG\BackCompat_04-2007.zip
2005-06-01 21:50 204,418 ----a-w c:\program files\MediaPlayerPluginSource.zip
2006-06-18 01:54 56 --sha-r c:\windows\system32\10CE9A7140.sys
2007-12-19 18:20 88 --sh--r c:\windows\system32\1EA96AFCD9.sys
2008-07-05 15:04 88 --sh--r c:\windows\system32\40719ACE10.sys
2008-07-05 19:59 8,142 --sha-w c:\windows\system32\KGyGaAvL.sys
2008-08-23 21:58 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008082320080824\index.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ModemOnHold"="c:\program files\NetWaiting\netWaiting.exe" [2003-09-09 20480]
"Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2005-10-11 1961984]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2008-12-20 342848]
"64 Enc"="c:\docume~1\RHC332~1.MCC\APPLIC~1\DATESE~1\CastLocks.exe" [2008-12-26 618496]
"E6TaskPanel"="c:\program files\EarthLink TotalAccess\TaskPanl.exe" [2005-09-01 942080]
"SetDefaultMIDI"="MIDIDef.exe" [2004-12-22 c:\windows\MIDIDEF.EXE]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShowLOMControl"="1 (0x1)" [X]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-03-21 7557120]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-28 136600]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2006-02-28 839680]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947]
"DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208]
"CTSysVol"="c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-10-31 57344]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"VoiceCenter"="c:\program files\Creative\VoiceCenter\AndreaVC.exe" [2006-01-02 1126400]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"MSKDetectorExe"="c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2005-07-12 1117184]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 4.0\apdproxy.exe" [2005-09-08 57344]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2004-04-14 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2004-04-14 40960]
"SAITEKAUTOCONFIGURE"="c:\program files\Saitek\Saitek Gaming Extensions\saicnfig.exe" [2001-01-19 45056]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb11.exe" [2006-01-06 172032]
"HPHUPD06"="c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2006-01-06 49152]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-18 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"HPHmon06"="c:\windows\system32\hphmon06.exe" [2006-01-06 659456]
"Fellowes Proxy"="c:\windows\system32\r3proxy.exe" [2004-03-25 86016]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648]
"IPInSightMonitor 01"="c:\program files\EarthLink TotalAccess\FastLane2\IPMon32.exe" [2005-08-10 122880]
"IPInSightLAN 01"="c:\program files\EarthLink TotalAccess\FastLane2\IPClient.exe" [2005-08-10 380928]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-04-21 185896]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-11-27 1261336]
"IntelZeroConfig"="c:\program files\Intel\WiFi\bin\ZCfgSvc.exe" [2008-07-10 1351680]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2008-07-10 1191936]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"Sprint SmartView"="c:\program files\Sprint\Sprint SmartView\SprintSV.exe" [2008-10-15 17664]
"MATH DOES FIRST MODE"="c:\documents and settings\All Users\Application Data\live 64 math does\city mags.exe" [2008-12-26 724992]
"nwiz"="nwiz.exe" [2006-03-21 c:\windows\system32\nwiz.exe]
"NVHotkey"="nvHotkey.dll" [2006-03-21 c:\windows\system32\nvhotkey.dll]
"SigmatelSysTrayApp"="stsystra.exe" [2006-02-10 c:\windows\stsystra.exe]
"MBMon"="CTMBHA.DLL" [2006-03-03 c:\windows\system32\CTMBHA.DLL]
"NVIDIA Remote Control Panel"="NVAREM.EXE" [2003-07-30 c:\windows\system32\nvarem.exe]

c:\documents and settings\R.H.McCLURG\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-09-08 110592]
PowerReg Scheduler V3.exe [2006-11-18 225280]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-09-08 110592]
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2005-11-18 1724416]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-05-03 24576]
HP Digital Imaging Monitor.lnk - c:\program files\HP\digital imaging\bin\hpqtra08.exe [2006-02-19 288472]
HP Photosmart Premier Fast Start.lnk - c:\program files\HP\digital imaging\bin\hpqthb08.exe [2006-02-10 73728]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-12 83360]
TabUserW.exe.lnk - c:\windows\system32\WTablet\TabUserW.exe [2006-05-18 114688]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"difomufuwe"=Rundll32.exe "c:\windows\system32\vapesawi.dll",s

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"=
"c:\\Program Files\\Autodesk\\3dsMax8\\3dsmax.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgtray.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgui.exe"=
"c:\\Program Files\\USPS\\Shipping Assistant\\ShippingAssistant.exe"=
"c:\\Program Files\\Autodesk\\backburner\\manager.exe"=
"c:\\Program Files\\SWiSH Max2\\SwishMax2.exe"=
"c:\\Program Files\\Lavasoft\\Ad-Aware\\Ad-Aware.exe"=
"c:\\Program Files\\Lavasoft\\Ad-Aware\\Ad-Watch.exe"=
"c:\\Program Files\\Toshiba\\Bluetooth Toshiba Stack\\TosBtProc1.exe"=
"c:\\Program Files\\Toshiba\\Bluetooth Toshiba Stack\\ECCenter1.exe"=
"c:\\Program Files\\Lavasoft\\Ad-Aware\\lsupdatemanager.exe"=
"c:\\Program Files\\Outlook Express\\msimn.exe"=
"c:\\Program Files\\DellSupport\\DSAgnt.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\EarthLink TotalAccess\\MailClnt.exe"=
"c:\\Program Files\\EarthLink TotalAccess\\Webspace.exe"=
"c:\\Program Files\\Sprint\\Sprint SmartView\\SprintSV.exe"=
"c:\\Program Files\\SmartFTP Client\\SmartFTP.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Common Files\\Creative Labs Shared\\Service\\CreativeLicensing.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\Intel\\WiFi\\bin\\EvtEng.exe"=
"c:\\WINDOWS\\system32\\spoolsv.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-09-08 97928]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-09-08 875288]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-09-08 231704]
R2 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2008-09-08 76040]
R2 EarthLinkMonitor;EarthLink Monitor Service;"c:\program files\EarthLink TotalAccess\WENGINE\wmonitor.exe" [2005-01-26 65604]
R3 BW2NDIS5;BW2NDIS5;c:\windows\system32\Drivers\BW2NDIS5.sys [2004-11-01 17536]
S2 gupdate1c9556c59cbc448;Google Update Service (gupdate1c9556c59cbc448);"c:\program files\Google\Update\GoogleUpdate.exe" /svc [2008-12-03 133104]
S3 FeMouWDM;Fellowes Mouse Driver;c:\windows\system32\DRIVERS\FeMouWDM.sys [2007-09-04 11393]
S4 LMIRfsClientNP;LMIRfsClientNP; []
.
Contents of the 'Scheduled Tasks' folder

2008-12-29 c:\windows\Tasks\ADE9E8E6918A95A2.job
- c:\docume~1\rhc332~1.mcc\applic~1\datese~1\axissafeglobal.exe [2008-12-26 14:31]

2008-12-16 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 08:34]

2008-12-29 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2008-12-03 09:26]

2008-12-29 c:\windows\Tasks\HP Usg Daily FY04.job
- c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\pexpress\hphped06.exe [2006-01-06 21:09]

2008-12-27 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job
- c:\program files\Spybot - Search & Destroy\SpybotSD.exe [2008-07-30 10:45]

2008-09-18 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2005-03-31 13:32]
.
- - - - ORPHANS REMOVED - - - -

BHO-{21f8a54b-8724-4a86-a65b-ac2eaa8cde7e} - c:\windows\system32\kabifoti.dll
HKLM-Run-difomufuwe - c:\windows\system32\kafimehe.dll


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.sikink.com/
IE: &Search - ?p=ZUxdm080MFUS
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office10\EXCEL.EXE/3000
Trusted Zone: orock1059.listenernetwork.com
Handler: skyline - {3a4f9195-65a8-11d5-85c1-0001023952c1} - c:\program files\Skyline\TerraExplorer\TerraExplorerX.dll

c:\windows\system32\nminstall.dll - O16 -: {0645D7F3-C20E-4E0B-A545-557527497C0B}
hxxp://a14.g.akamai.net/f/14/7141/1d/www.nielsennetpanel.com/netmeter4_6/NetMeter_preinstaller_activex_en_4.70.21.0_MEGAPANEL_USA.cab
c:\windows\Downloaded Program Files\nminstall.inf

c:\windows\Downloaded Program Files\plinstll.dll - O16 -: {B33E9AC8-169E-4346-BCD9-C98A8BE3F1E9}
hxxp://www.piclens.com/shared/plinstll.cab
c:\windows\Downloaded Program Files\plinstll.inf
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-29 09:10:47
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1060)
c:\windows\system32\netprovcredman.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Intel\WiFi\bin\S24EvMon.exe
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\windows\system32\brss01a.exe
c:\windows\system32\scardsvr.exe
c:\program files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
c:\windows\system32\CTSVCCDA.EXE
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
c:\program files\Dell\NicConfigSvc\NicConfigSvc.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\windows\system32\locator.exe
c:\windows\system32\snmp.exe
c:\windows\system32\Tablet.exe
c:\progra~1\AVG\AVG8\avgrsx.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\rundll32.exe
c:\docume~1\RHC332~1.MCC\LOCALS~1\temp\clclean.0001
c:\program files\Internet Explorer\iexplore.exe
c:\windows\system32\x10nets.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
c:\program files\HP\digital imaging\bin\hpqimzone.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\HP\digital imaging\bin\hpqste08.exe
.
**************************************************************************
.
Completion time: 2008-12-29 9:16:45 - machine was rebooted
ComboFix-quarantined-files.txt 2008-12-29 17:16:37

Pre-Run: 21,144,846,336 bytes free
Post-Run: 21,016,518,656 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptOut

778 --- E O F --- 2008-12-19 01:10:55

sikink
2008-12-29, 20:13
sorry for multiple posts.... kept getting errors while replying. and had to post combofix and hijack this seperately because was too big for one post.



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:18:51 AM, on 12/29/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\EarthLink TotalAccess\WENGINE\wmonitor.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Creative\VoiceCenter\AndreaVC.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\DOCUME~1\RHC332~1.MCC\LOCALS~1\Temp\clclean.0001
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\EarthLink TotalAccess\FastLane2\IPMon32.exe
C:\Program Files\EarthLink TotalAccess\FastLane2\IPClient.exe
C:\WINDOWS\system32\NVAREM.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\EarthLink TotalAccess\TaskPanl.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\system32\x10nets.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\Hijack This\sikink.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sikink.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: SrchHook Class - {44F9B173-041C-4825-A9B9-D914BD9DCBB3} - C:\Program Files\EarthLink TotalAccess\elnIE.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: IE_PopupBlocker Class - {656EC4B7-072B-4698-B504-2A414C1F0037} - C:\Program Files\EarthLink TotalAccess\Accelerator\prpl_IePopupBlocker.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [ShowLOMControl] 
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [VoiceCenter] "C:\Program Files\Creative\VoiceCenter\AndreaVC.exe" /tray
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SAITEKAUTOCONFIGURE] C:\Program Files\Saitek\Saitek Gaming Extensions\saicnfig.exe /autorun
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [Fellowes Proxy] C:\WINDOWS\system32\r3proxy.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\EarthLink TotalAccess\FastLane2\IPMon32.exe"
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\Program Files\EarthLink TotalAccess\FastLane2\IPClient.exe" -l
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NVIDIA Remote Control Panel] NVAREM.EXE /S /Q /R /L /A1 /B0 /C0 /D2 /E0
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Sprint SmartView] "C:\Program Files\Sprint\Sprint SmartView\SprintSV.exe" -a
O4 - HKLM\..\Run: [MATH DOES FIRST MODE] C:\Documents and Settings\All Users\Application Data\live 64 math does\city mags.exe
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [64 Enc] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\DATESE~1\CastLocks.exe
O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\digital imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Search - ?p=ZUxdm080MFUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: http://orock1059.listenernetwork.com
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {02A2D714-433E-46E4-B217-7C3B3FAF8EAE} (ScrabbleCubes Control) - http://www.worldwinner.com/games/v46/scrabblecubes/scrabblecubes.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab
O16 - DPF: {0645D7F3-C20E-4E0B-A545-557527497C0B} (NMInstall Control) - http://a14.g.akamai.net/f/14/7141/1d/www.nielsennetpanel.com/netmeter4_6/NetMeter_preinstaller_activex_en_4.70.21.0_MEGAPANEL_USA.cab
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47/shared/FunGamesLoader.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4B9F2C37-C0CF-42BC-BB2D-DCFA8B25CABF} - http://zone.msn.com/bingame/rock/default/popcaploader1.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
O16 - DPF: {64D01C7F-810D-446E-A07E-16C764235644} (AtlAtomadersCtlAttrib Class) - http://zone.msn.com/bingame/amad/default/atomaders.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1160883041296
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/amun/default/mjolauncher.cab
O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} (UnoCtrl Class) - http://zone.msn.com/bingame/zpagames/GAME_UNO1.cab60096.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (MSN Games – Texas Holdem Poker) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab60231.cab
O16 - DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} (Hangman Control) - http://www.worldwinner.com/games/v41/hangman/hangman.cab
O16 - DPF: {B33E9AC8-169E-4346-BCD9-C98A8BE3F1E9} - http://www.piclens.com/shared/plinstll.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {C86FF4B0-AA1D-46D4-8612-025FB86583C7} (AstoundLauncher Control) - http://sympatico.zone.msn.com/bingame/jobo/default/AstoundLauncher.cab#version=1,0,0,10
O16 - DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} (Paint Control) - http://www.worldwinner.com/games/v43/paint/paint.cab
O16 - DPF: {CAC181B0-4D70-402D-B571-C596A47D0CE0} (CBankshotZoneCtrl Class) - http://zone.msn.com/bingame/zpagames/zpa_pool.cab56649.cab
O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} (Photodex Presenter AX control) - http://www.photodex.com/pxplay.cab
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinner.com/games/v47/familyfeud/familyfeud.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://zone.msn.com/bingame/feed/default/SproutLauncher.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab
O16 - DPF: {F773E7B2-62A9-4524-9109-87D2F0BEFAA4} (ChessControl Class) - http://zone.msn.com/bingame/zpagames/zpa_kqrp.cab56961.cab
O16 - DPF: {FAE74270-E5EE-49C3-B816-EA8B4D55F38F} (H2hPool Control) - http://www.worldwinner.com/games/v53/h2hpool/h2hpool.cab
O16 - DPF: {FF3C5A9F-5A91-4930-80E8-4709194C2AD3} (CheckersZPA Object) - http://zone.msn.com/bingame/zpagames/CheckersZPA.cab55579.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EarthLink Monitor Service (EarthLinkMonitor) - Boingo Wireless, Inc. - C:\Program Files\EarthLink TotalAccess\WENGINE\wmonitor.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate1c9556c59cbc448) (gupdate1c9556c59cbc448) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: Sprint RcAppSvc (SprintRcAppSvc) - PCTEL - C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\WINDOWS\system32\x10nets.exe

--
End of file - 21417 bytes

Shaba
2008-12-29, 20:13
To access the Uninstall Manager you would do the following:

1. Start HijackThis
2. Click on the Config button
3. Click on the Misc Tools button
4. Click on the Open Uninstall Manager button.

You will now be presented with a screen similar to the one below:

http://img.bleepingcomputer.com/tutorials/hijackthis/uninstall-man.jpg

5. Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad here on your next reply.

sikink
2008-12-29, 20:17
3D Groove Playback Engine
Ad-Aware
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player 10 ActiveX
Adobe Help Center 2.0
Adobe Illustrator 9.0.1
Adobe Photoshop CS2
Adobe Photoshop Elements 4.0
Adobe Reader 8.1.2
Adobe Shockwave Player 11
Adobe Stock Photos 1.0
Adobe SVG Viewer
Andrea VoiceCenter
Apple Mobile Device Support
Apple Software Update
Autodesk 3ds Max 8
Autodesk 3ds Max 8 Additional Maps and Materials
Autodesk 3ds Max 8 Architectural Materials
Autodesk 3ds Max 8 Reference Files
Autodesk DWF Viewer
Avatar - Legends of The Arena
Avery Wizard 3.0
AVG Free 8.0
Backburner
Big Fish Games Client
Bluetooth Stack for Windows by Toshiba
Bonjour
Broadcom Advanced Control Suite
CCleaner (remove only)
Conexant HDA D110 MDC V.92 Modem
Cooliris for Internet Explorer
Corel Photo Album 6
Creative MediaSource
Dell CinePlayer
DellSupport
Digimarc MyPictureMarc Watermarking Plugin
Digital Content Portal
Digital Line Detect
EarthLink FastLane
EarthLink setup files
EarthLink Software
EasyPoint Mouse Software
EPSON Copy Utility
EPSON Photo Print
EPSON Smart Panel
EPSON TWAIN 5
Get High Speed Internet!
Google Earth
Google Gears
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update
Google Updater
High Definition Audio Driver Package - KB835221
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
HP Customer Participation Program 7.0
HP Document Viewer 7.0
HP Imaging Device Functions 7.0
HP Photosmart Premier Software 6.5
HP Photosmart, Officejet and Deskjet 7.0.A
HP Software Update
HP Solution Center 7.0
HP Unload DLL Patch
Intel PROSet Wireless
Internal Network Card Power Management
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 8
Jasc Paint Shop Pro 9
Java 2 Runtime Environment, SE v1.4.2_03
Java(TM) 6 Update 11
Java(TM) 6 Update 2
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
Lame ACM MP3 Codec
Learn2 Player (Uninstall Only)
LiveUpdate 2.6 (Symantec Corporation)
Macromedia Dreamweaver MX
Macromedia Dreamweaver UltraDev 4
Macromedia Extension Manager
Macromedia Fireworks MX
Macromedia Flash 4
MAGIX audio cleaning lab 2005
Malwarebytes' Anti-Malware
MCU
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional with FrontPage
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Modem Helper
MSN
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
Musicmatch for Windows Media Player
Nero Suite
NetWaiting
NetZeroInstallers
NVDVD
NVIDIA Drivers
NVRemote
OCR Software by I.R.I.S 7.0
PaperPort
Photodex Presenter
Photosmart 320,370,7400,8100,8400 Series
PicLens for Internet Explorer
Poser 6
QuickSet
QuickTime
RealPlayer
Revo Uninstaller 1.71
Saitek Gaming Extensions
ScanToWeb
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Shipping Assistant 3.5
SmartFTP Client
SmartFTP Client 2.5 Setup Files (remove only)
SmartFTP Client 3.0 Setup Files (remove only)
SmartSound Quicktracks Plugin
Snood for Windows version 3.52-W
Sonic Activation Module
Sonic Update Manager
Sound Blaster ADVANCED MB Drivers
Sound Blaster Audigy ADVANCED MB
Sound Blaster Audigy ADVANCED MB Product Registration
Sprint SmartView
Spybot - Search & Destroy
SWiSH Max2
SWiSH Video3
SWiSHpix
Synaptics Pointing Device Driver
Tablet
TerraExplorer
Tone Mapping Plug-In 1.2
Unity Web Player
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Viewpoint Media Player
WebCyberCoach 3.2 Dell
Windows Imaging Component
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows Media Player 11
Windows XP Service Pack 3
WinRAR archiver
WinZip 11.1
WinZip Self-Extractor
Yahoo! Toolbar

Shaba
2008-12-29, 20:23
IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

BitTorrent DNA

I'd like you to read the this thread (http://forums.spybot.info/showthread.php?t=282).

Please go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).

Please run a new HJT scan when finished and post the log back here.

sikink
2008-12-29, 20:40
removed what I could find....





Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:39:15 AM, on 12/29/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\EarthLink TotalAccess\WENGINE\wmonitor.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Creative\VoiceCenter\AndreaVC.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\DOCUME~1\RHC332~1.MCC\LOCALS~1\Temp\clclean.0001
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\EarthLink TotalAccess\FastLane2\IPMon32.exe
C:\Program Files\EarthLink TotalAccess\FastLane2\IPClient.exe
C:\WINDOWS\system32\NVAREM.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\EarthLink TotalAccess\TaskPanl.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\system32\x10nets.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Sprint\Sprint SmartView\SprintSV.exe
C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe
C:\Program Files\Sprint\Sprint SmartView\SwiApiMuxCdma.exe
C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\Hijack This\sikink.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sikink.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: SrchHook Class - {44F9B173-041C-4825-A9B9-D914BD9DCBB3} - C:\Program Files\EarthLink TotalAccess\elnIE.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: IE_PopupBlocker Class - {656EC4B7-072B-4698-B504-2A414C1F0037} - C:\Program Files\EarthLink TotalAccess\Accelerator\prpl_IePopupBlocker.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [ShowLOMControl] 
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [VoiceCenter] "C:\Program Files\Creative\VoiceCenter\AndreaVC.exe" /tray
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SAITEKAUTOCONFIGURE] C:\Program Files\Saitek\Saitek Gaming Extensions\saicnfig.exe /autorun
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [Fellowes Proxy] C:\WINDOWS\system32\r3proxy.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\EarthLink TotalAccess\FastLane2\IPMon32.exe"
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\Program Files\EarthLink TotalAccess\FastLane2\IPClient.exe" -l
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NVIDIA Remote Control Panel] NVAREM.EXE /S /Q /R /L /A1 /B0 /C0 /D2 /E0
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Sprint SmartView] "C:\Program Files\Sprint\Sprint SmartView\SprintSV.exe" -a
O4 - HKLM\..\Run: [MATH DOES FIRST MODE] C:\Documents and Settings\All Users\Application Data\live 64 math does\city mags.exe
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [64 Enc] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\DATESE~1\CastLocks.exe
O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\digital imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Search - ?p=ZUxdm080MFUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: http://orock1059.listenernetwork.com
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {02A2D714-433E-46E4-B217-7C3B3FAF8EAE} (ScrabbleCubes Control) - http://www.worldwinner.com/games/v46/scrabblecubes/scrabblecubes.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab
O16 - DPF: {0645D7F3-C20E-4E0B-A545-557527497C0B} (NMInstall Control) - http://a14.g.akamai.net/f/14/7141/1d/www.nielsennetpanel.com/netmeter4_6/NetMeter_preinstaller_activex_en_4.70.21.0_MEGAPANEL_USA.cab
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47/shared/FunGamesLoader.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4B9F2C37-C0CF-42BC-BB2D-DCFA8B25CABF} - http://zone.msn.com/bingame/rock/default/popcaploader1.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
O16 - DPF: {64D01C7F-810D-446E-A07E-16C764235644} (AtlAtomadersCtlAttrib Class) - http://zone.msn.com/bingame/amad/default/atomaders.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1160883041296
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/amun/default/mjolauncher.cab
O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} (UnoCtrl Class) - http://zone.msn.com/bingame/zpagames/GAME_UNO1.cab60096.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (MSN Games – Texas Holdem Poker) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab60231.cab
O16 - DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} (Hangman Control) - http://www.worldwinner.com/games/v41/hangman/hangman.cab
O16 - DPF: {B33E9AC8-169E-4346-BCD9-C98A8BE3F1E9} - http://www.piclens.com/shared/plinstll.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {C86FF4B0-AA1D-46D4-8612-025FB86583C7} (AstoundLauncher Control) - http://sympatico.zone.msn.com/bingame/jobo/default/AstoundLauncher.cab#version=1,0,0,10
O16 - DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} (Paint Control) - http://www.worldwinner.com/games/v43/paint/paint.cab
O16 - DPF: {CAC181B0-4D70-402D-B571-C596A47D0CE0} (CBankshotZoneCtrl Class) - http://zone.msn.com/bingame/zpagames/zpa_pool.cab56649.cab
O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} (Photodex Presenter AX control) - http://www.photodex.com/pxplay.cab
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinner.com/games/v47/familyfeud/familyfeud.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://zone.msn.com/bingame/feed/default/SproutLauncher.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab
O16 - DPF: {F773E7B2-62A9-4524-9109-87D2F0BEFAA4} (ChessControl Class) - http://zone.msn.com/bingame/zpagames/zpa_kqrp.cab56961.cab
O16 - DPF: {FAE74270-E5EE-49C3-B816-EA8B4D55F38F} (H2hPool Control) - http://www.worldwinner.com/games/v53/h2hpool/h2hpool.cab
O16 - DPF: {FF3C5A9F-5A91-4930-80E8-4709194C2AD3} (CheckersZPA Object) - http://zone.msn.com/bingame/zpagames/CheckersZPA.cab55579.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D2B6201C-AC2B-4597-BE2F-7BC33A3E27EE}: NameServer = 68.28.58.92 68.28.50.91
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EarthLink Monitor Service (EarthLinkMonitor) - Boingo Wireless, Inc. - C:\Program Files\EarthLink TotalAccess\WENGINE\wmonitor.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate1c9556c59cbc448) (gupdate1c9556c59cbc448) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: Sprint RcAppSvc (SprintRcAppSvc) - PCTEL - C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\WINDOWS\system32\x10nets.exe

--
End of file - 21526 bytes

Shaba
2008-12-29, 20:41
Disable resident protections (Antivirus...); you'll re-enable them after the scan

DownloadLop S&D here (http://eric.71.mespages.googlepages.com/LopSD.exe)

Double-click Lop S&D.exe
Choose the language, then choose Option 1 (Search)
Wait till the end of the scan
Post the log which is created: (C:\lopR.txt)

sikink
2008-12-29, 20:49
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2400 @ 1.83GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A00
USER : R.H.McCLURG ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 0.0.0.0 (Activated)
Firewall : COMODO Firewall Pro 3.0 (Activated)
C:\ (Local Disk) - NTFS - Total:54 Go (Free:19 Go)
D:\ (CD or DVD)
E:\ (USB)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( Mon 12/29/2008|10:46 )

--------------------\\ Listing folders in APPLIC~1

[08/11/2004|02:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Identities
[08/02/2006|11:46] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Intel
[09/08/2008|06:39] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Microsoft
[05/03/2006|01:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Sun

[02/10/2008|05:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[09/30/2006|06:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe Systems
[11/04/2006|11:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Ahead
[08/23/2007|10:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL
[08/23/2007|10:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL Downloads
[08/23/2007|10:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL OCP
[03/24/2008|09:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple
[10/06/2008|05:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer
[05/18/2006|08:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Autodesk
[09/08/2008|06:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> avg8
[12/23/2008|04:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> BigFishGamesCache
[06/01/2006|05:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Brother
[05/03/2006|02:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Creative Labs
[05/21/2006|07:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> espionServerData
[05/06/2008|11:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> FunGames
[12/03/2007|06:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> GameHouse
[12/22/2008|08:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Gogii
[01/10/2007|06:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
[12/29/2008|10:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google Updater
[05/03/2006|02:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> GTek
[07/26/2008|05:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> HP
[05/03/2006|02:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> InstallShield
[08/02/2006|04:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Intel
[04/03/2008|12:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> InterVideo
[05/03/2006|02:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Intuit
[06/16/2008|07:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Lavasoft
[09/09/2008|04:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> lgdufkzy
[12/26/2008|02:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> live 64 math does
[10/10/2008|03:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Malwarebytes
[05/03/2006|02:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> McAfee
[05/03/2006|02:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> McAfee.com
[05/16/2006|07:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> McAfee.com Personal Firewall
[12/16/2008|08:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[12/23/2008|03:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> MumboJumbo
[10/03/2007|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> NCH Swift Sound
[05/16/2006|09:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> NVIDIA
[08/26/2008|11:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> nView_Profiles
[11/20/2006|12:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Office Genuine Advantage
[01/21/2008|06:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> pixelStorm
[08/25/2006|07:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> PopCap
[05/16/2006|08:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> QuickTime
[08/11/2004|02:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SBSI
[06/01/2006|05:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> ScanSoft
[06/25/2008|09:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Skyline
[04/03/2008|12:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SmartSound Software Inc
[07/26/2008|05:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Sonic
[11/08/2008|01:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Sprint
[12/28/2008|09:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Spybot - Search & Destroy
[09/18/2008|10:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Symantec
[12/23/2008|05:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
[07/21/2006|01:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Trymedia
[05/12/2008|03:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Ulead Systems
[05/03/2006|02:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Viewpoint
[07/07/2006|07:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Visual Networks
[05/27/2006|02:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage
[10/29/2007|12:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> WinZip
[09/04/2007|01:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> WinZipSE
[05/12/2008|02:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> yahoo!
[12/02/2008|08:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Yahoo! Companion

[09/16/2008|07:03] C:\DOCUME~1\APPLIC~1\APPLIC~1\<DIR> Intel
[04/15/2007|07:20] C:\DOCUME~1\APPLIC~1\APPLIC~1\<DIR> Microsoft

[08/11/2004|02:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Identities
[08/02/2006|11:46] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Intel
[08/11/2004|02:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft
[05/03/2006|01:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Sun

[09/16/2008|07:03] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Intel
[05/12/2006|09:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> McAfee.com Personal Firewall
[09/08/2008|06:39] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft
[07/02/2008|11:25] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> X10 Commander

[08/11/2004|02:20] C:\DOCUME~1\LOGMEI~1\APPLIC~1\<DIR> Identities
[08/02/2006|11:46] C:\DOCUME~1\LOGMEI~1\APPLIC~1\<DIR> Intel
[09/08/2008|06:39] C:\DOCUME~1\LOGMEI~1\APPLIC~1\<DIR> Microsoft
[05/03/2006|01:59] C:\DOCUME~1\LOGMEI~1\APPLIC~1\<DIR> Sun

[09/18/2008|10:35] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> AVGTOOLBAR
[08/02/2006|11:46] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Intel
[09/08/2008|06:39] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft
[11/19/2008|10:26] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> X10 Commander

[04/21/2008|04:50] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Adobe
[01/29/2007|07:44] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> AdobeUM
[05/12/2008|11:37] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Ahead
[08/14/2006|12:49] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Aim
[05/20/2006|05:00] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> AOL
[11/03/2006|03:14] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Apple Computer
[09/08/2008|07:04] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> AVGTOOLBAR
[06/01/2006|05:50] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Brother
[07/05/2008|07:00] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Corel
[05/15/2006|09:33] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Corel Photo Album
[05/16/2006|09:31] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Creative
[12/26/2008|02:32] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Date Settings Long
[10/13/2006|09:03] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> DivX
[05/20/2006|05:11] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Earthlink
[10/29/2007|01:12] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> EPSON
[01/18/2008|07:10] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> FileZilla
[05/26/2007|06:17] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Google
[04/12/2007|05:16] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Gtek
[05/13/2006|08:41] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Help
[07/26/2008|05:55] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> HP
[08/11/2004|02:20] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Identities
[08/02/2006|04:15] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Intel
[09/30/2006|06:30] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Jasc Software Inc
[06/16/2008|07:04] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Lavasoft
[05/18/2006|12:38] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Leadertech
[09/17/2008|06:03] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Macromedia
[10/10/2008|03:26] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Malwarebytes
[05/12/2006|07:08] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> McAfee.com Personal Firewall
[09/10/2008|07:12] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Microsoft
[07/17/2008|09:07] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Move Networks
[11/28/2008|10:27] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Mozilla
[05/17/2006|08:20] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> MSNInstaller
[11/25/2006|11:50] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> MySpace
[10/03/2007|11:55] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> NCH Swift Sound
[08/14/2006|12:47] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Neopets Toolbar
[11/28/2008|10:27] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Netscape
[05/25/2006|11:33] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Opera
[12/31/2007|08:24] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> PlayFirst
[12/21/2008|09:05] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Playrix Entertainment
[04/17/2008|07:26] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Real
[07/01/2006|09:54] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> ScamBlocker
[07/05/2006|04:52] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> ScanSoft
[11/08/2008|01:31] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Sierra Wireless
[08/14/2007|07:10] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> SmartFTP
[05/18/2006|12:38] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Sonic
[09/24/2008|06:43] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Sprint
[05/03/2006|01:59] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Sun
[04/03/2008|12:34] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Ulead Systems
[12/06/2008|12:32] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Unity
[01/10/2007|08:45] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Viewpoint
[09/04/2007|01:44] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> WinRAR
[10/23/2008|08:38] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> XPSLights
[12/02/2008|08:53] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> yahoo!
[01/17/2008|09:57] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> YouSendIt

[09/16/2008|07:03] C:\DOCUME~1\RHC332~1\APPLIC~1\<DIR> Intel
[04/15/2007|07:20] C:\DOCUME~1\RHC332~1\APPLIC~1\<DIR> Microsoft

[09/17/2008|09:45] C:\DOCUME~1\Work\APPLIC~1\<DIR> AVGTOOLBAR
[09/17/2008|09:44] C:\DOCUME~1\Work\APPLIC~1\<DIR> Google
[09/17/2008|09:42] C:\DOCUME~1\Work\APPLIC~1\<DIR> GTek
[09/17/2008|09:42] C:\DOCUME~1\Work\APPLIC~1\<DIR> HP
[08/11/2004|02:20] C:\DOCUME~1\Work\APPLIC~1\<DIR> Identities
[08/02/2006|11:46] C:\DOCUME~1\Work\APPLIC~1\<DIR> Intel
[09/17/2008|09:43] C:\DOCUME~1\Work\APPLIC~1\<DIR> Jasc Software Inc
[08/11/2004|02:06] C:\DOCUME~1\Work\APPLIC~1\<DIR> Microsoft
[09/17/2008|09:42] C:\DOCUME~1\Work\APPLIC~1\<DIR> Real
[09/17/2008|09:43] C:\DOCUME~1\Work\APPLIC~1\<DIR> Sprint
[05/03/2006|01:59] C:\DOCUME~1\Work\APPLIC~1\<DIR> Sun

--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

[12/27/2008 11:23 AM][--a------] C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job
[12/29/2008 10:00 AM][--ah-----] C:\WINDOWS\tasks\ADE9E8E6918A95A2.job
[12/29/2008 09:10 AM][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
[09/18/2008 10:18 AM][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[12/28/2008 04:22 PM][--a------] C:\WINDOWS\tasks\HP Usg Daily FY04.job
[12/16/2008 01:37 PM][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[12/29/2008 09:10 AM][--ah-----] C:\WINDOWS\tasks\SA.DAT
[08/04/2004 02:00 AM][-r-h-----] C:\WINDOWS\tasks\desktop.ini

( ADE9E8E6918A95A2.job )=( c:\docume~1\rhc332~1.mcc\applic~1\datese~1\axissafeglobal.exe )

--------------------\\ Listing Folders in C:\Program Files

[10/04/2006|05:38] C:\Program Files\<DIR> 3DGroove
[09/16/2008|07:03] C:\Program Files\<DIR> ACW
[02/10/2008|05:35] C:\Program Files\<DIR> Adobe
[09/17/2007|05:57] C:\Program Files\<DIR> Ahead
[06/16/2008|11:34] C:\Program Files\<DIR> Alwil Software
[10/06/2008|05:39] C:\Program Files\<DIR> Apple Software Update
[05/18/2006|08:14] C:\Program Files\<DIR> Autodesk
[06/27/2007|09:11] C:\Program Files\<DIR> Avery Wizard 3.0
[09/08/2008|06:41] C:\Program Files\<DIR> AVG
[08/14/2006|12:18] C:\Program Files\<DIR> AVPersonal
[12/21/2008|08:43] C:\Program Files\<DIR> bfgclient
[05/03/2006|02:05] C:\Program Files\<DIR> BlueTooth
[10/06/2008|05:12] C:\Program Files\<DIR> Bonjour
[05/03/2006|02:05] C:\Program Files\<DIR> Broadcom
[09/17/2008|04:07] C:\Program Files\<DIR> CCleaner
[12/29/2008|09:07] C:\Program Files\<DIR> Common Files
[05/03/2006|02:02] C:\Program Files\<DIR> CONEXANT
[07/06/2008|06:39] C:\Program Files\<DIR> Corel
[05/03/2006|02:09] C:\Program Files\<DIR> Creative
[05/18/2006|08:38] C:\Program Files\<DIR> Curious Labs
[12/26/2008|02:31] C:\Program Files\<DIR> Date Settings Long
[05/03/2006|02:18] C:\Program Files\<DIR> Dell
[04/11/2007|06:59] C:\Program Files\<DIR> DellSupport
[05/21/2008|05:25] C:\Program Files\<DIR> Digimarc
[05/03/2006|02:06] C:\Program Files\<DIR> Digital Line Detect
[12/23/2008|10:52] C:\Program Files\<DIR> DivX
[05/03/2006|02:15] C:\Program Files\<DIR> EarthLink Setup
[09/16/2008|04:46] C:\Program Files\<DIR> EarthLink TotalAccess
[10/29/2007|01:11] C:\Program Files\<DIR> EPSON
[09/04/2007|02:02] C:\Program Files\<DIR> Fellowes
[12/03/2008|09:27] C:\Program Files\<DIR> Google
[07/26/2008|05:41] C:\Program Files\<DIR> Hewlett-Packard
[03/07/2007|07:26] C:\Program Files\<DIR> HP
[11/14/2008|07:12] C:\Program Files\<DIR> Incomplete
[09/25/2008|06:05] C:\Program Files\<DIR> InstallShield Installation Information
[09/11/2008|08:07] C:\Program Files\<DIR> Intel
[05/03/2006|02:06] C:\Program Files\<DIR> InterActual
[12/11/2008|04:25] C:\Program Files\<DIR> Internet Explorer
[04/03/2008|12:23] C:\Program Files\<DIR> InterVideo
[05/21/2008|05:25] C:\Program Files\<DIR> Intuit
[06/15/2007|05:11] C:\Program Files\<DIR> Ipswitch
[12/24/2008|12:46] C:\Program Files\<DIR> iTunes
[09/30/2006|06:30] C:\Program Files\<DIR> Jasc Software Inc
[12/28/2008|09:24] C:\Program Files\<DIR> Java
[06/16/2008|07:04] C:\Program Files\<DIR> Lavasoft
[05/03/2006|02:14] C:\Program Files\<DIR> Learn2.com
[12/20/2008|01:07] C:\Program Files\<DIR> LimeWire
[09/25/2008|06:05] C:\Program Files\<DIR> Macromedia
[10/10/2008|03:28] C:\Program Files\<DIR> Malwarebytes' Anti-Malware
[05/03/2006|02:21] C:\Program Files\<DIR> McAfee
[09/17/2007|04:26] C:\Program Files\<DIR> MediaMonkey
[08/23/2008|12:59] C:\Program Files\<DIR> Messenger
[05/18/2006|08:04] C:\Program Files\<DIR> Microsoft ActiveSync
[05/10/2007|03:16] C:\Program Files\<DIR> Microsoft CAPICOM 2.1.0.2
[08/11/2004|02:15] C:\Program Files\<DIR> microsoft frontpage
[02/12/2007|01:06] C:\Program Files\<DIR> Microsoft Office
[05/03/2006|02:13] C:\Program Files\<DIR> Microsoft Plus! Digital Media Edition
[05/03/2006|02:13] C:\Program Files\<DIR> Microsoft Plus! Photo Story 2 LE
[10/21/2008|04:13] C:\Program Files\<DIR> Microsoft Silverlight
[07/12/2008|01:55] C:\Program Files\<DIR> Modem Helper
[08/23/2008|12:53] C:\Program Files\<DIR> Movie Maker
[05/17/2006|08:19] C:\Program Files\<DIR> MSN
[12/22/2008|10:10] C:\Program Files\<DIR> MSN Games
[08/11/2004|02:11] C:\Program Files\<DIR> MSN Gaming Zone
[11/14/2008|05:22] C:\Program Files\<DIR> MSXML 4.0
[05/03/2006|02:12] C:\Program Files\<DIR> MUSICMATCH
[10/03/2007|11:57] C:\Program Files\<DIR> NCH Swift Sound
[08/23/2008|12:50] C:\Program Files\<DIR> NetMeeting
[07/12/2008|01:55] C:\Program Files\<DIR> NetWaiting
[05/03/2006|02:12] C:\Program Files\<DIR> NetZeroInstallers
[11/22/2008|07:13] C:\Program Files\<DIR> NickOnline
[11/08/2008|01:14] C:\Program Files\<DIR> Novatel Wireless
[04/03/2008|12:22] C:\Program Files\<DIR> NVIDIA Corporation
[12/21/2008|09:04] C:\Program Files\<DIR> Oberon Media
[08/11/2004|02:11] C:\Program Files\<DIR> Online Services
[08/23/2008|12:50] C:\Program Files\<DIR> Outlook Express
[11/28/2008|10:27] C:\Program Files\<DIR> Photodex Presenter
[11/18/2008|10:00] C:\Program Files\<DIR> PicLensIE
[10/06/2008|05:11] C:\Program Files\<DIR> QuickTime
[05/03/2006|02:14] C:\Program Files\<DIR> Real
[10/16/2006|07:56] C:\Program Files\<DIR> Redminibox
[09/17/2007|05:31] C:\Program Files\<DIR> Roxio
[06/01/2006|07:40] C:\Program Files\<DIR> Saitek
[06/01/2006|05:42] C:\Program Files\<DIR> ScanSoft
[11/08/2008|01:14] C:\Program Files\<DIR> Sierra Wireless
[05/03/2006|02:02] C:\Program Files\<DIR> Sigmatel
[06/25/2008|09:03] C:\Program Files\<DIR> Skyline
[09/25/2008|08:33] C:\Program Files\<DIR> SmartFTP Client
[01/08/2008|04:32] C:\Program Files\<DIR> SmartFTP Client 2.5 Setup Files
[09/25/2008|08:28] C:\Program Files\<DIR> SmartFTP Client 3.0 Setup Files
[04/03/2008|12:40] C:\Program Files\<DIR> SmartSound Software
[08/15/2007|06:10] C:\Program Files\<DIR> Snap Shots
[05/03/2006|02:23] C:\Program Files\<DIR> Sonic
[11/08/2008|01:14] C:\Program Files\<DIR> Sprint
[12/02/2008|01:29] C:\Program Files\<DIR> Spybot - Search & Destroy
[12/19/2008|12:23] C:\Program Files\<DIR> SWiSH Max2
[02/01/2008|10:31] C:\Program Files\<DIR> SWiSH Video3
[11/09/2007|05:57] C:\Program Files\<DIR> SWiSHpix
[09/18/2008|10:41] C:\Program Files\<DIR> Symantec
[09/18/2008|10:41] C:\Program Files\<DIR> Symantec Client Security
[05/03/2006|02:04] C:\Program Files\<DIR> Synaptics
[10/22/2006|04:01] C:\Program Files\<DIR> Synthesoft
[05/18/2006|08:29] C:\Program Files\<DIR> Tablet
[05/03/2006|02:05] C:\Program Files\<DIR> Toshiba
[06/17/2008|06:39] C:\Program Files\<DIR> Trend Micro
[08/11/2004|02:20] C:\Program Files\<DIR> Uninstall Information
[12/06/2008|11:08] C:\Program Files\<DIR> Unity
[05/20/2008|09:22] C:\Program Files\<DIR> USPS
[05/03/2006|02:14] C:\Program Files\<DIR> Viewpoint
[07/30/2007|07:09] C:\Program Files\<DIR> Virtools
[09/17/2008|04:12] C:\Program Files\<DIR> VS Revo Group
[05/03/2006|02:18] C:\Program Files\<DIR> WebCyberCoach
[04/03/2008|12:26] C:\Program Files\<DIR> Windows Media Components
[09/17/2007|04:04] C:\Program Files\<DIR> Windows Media Connect 2
[08/23/2008|12:50] C:\Program Files\<DIR> Windows Media Player
[08/23/2008|12:50] C:\Program Files\<DIR> Windows NT
[08/11/2004|02:13] C:\Program Files\<DIR> WindowsUpdate
[09/04/2007|01:49] C:\Program Files\<DIR> WinRAR
[10/29/2007|12:39] C:\Program Files\<DIR> WinZip
[09/04/2007|01:41] C:\Program Files\<DIR> WinZip Self-Extractor
[08/11/2004|02:15] C:\Program Files\<DIR> xerox
[10/23/2008|08:18] C:\Program Files\<DIR> XPS LED Controller
[12/02/2008|08:52] C:\Program Files\<DIR> Yahoo!

--------------------\\ Listing Folders in C:\Program Files\Common Files

[10/02/2008|07:58] C:\Program Files\Common Files\<DIR> Adobe
[09/30/2006|06:38] C:\Program Files\Common Files\<DIR> Adobe Systems Shared
[09/17/2007|05:56] C:\Program Files\Common Files\<DIR> Ahead
[05/12/2008|02:06] C:\Program Files\Common Files\<DIR> AOL
[10/06/2008|05:10] C:\Program Files\Common Files\<DIR> Apple
[05/18/2006|08:13] C:\Program Files\Common Files\<DIR> Autodesk Shared
[12/05/2006|12:45] C:\Program Files\Common Files\<DIR> Avery
[07/06/2008|06:38] C:\Program Files\Common Files\<DIR> Corel
[05/03/2006|02:06] C:\Program Files\Common Files\<DIR> Creative Labs Shared
[05/18/2006|08:04] C:\Program Files\Common Files\<DIR> Designer
[11/03/2006|06:14] C:\Program Files\Common Files\<DIR> EarthLink
[07/26/2008|05:41] C:\Program Files\Common Files\<DIR> Hewlett-Packard
[07/26/2008|05:45] C:\Program Files\Common Files\<DIR> HP
[06/21/2006|11:54] C:\Program Files\Common Files\<DIR> InstallShield
[09/11/2008|08:07] C:\Program Files\Common Files\<DIR> Intel
[05/21/2008|05:55] C:\Program Files\Common Files\<DIR> Intuit
[09/30/2006|06:31] C:\Program Files\Common Files\<DIR> Jasc Software Inc
[05/03/2006|01:58] C:\Program Files\Common Files\<DIR> Java
[09/17/2007|05:58] C:\Program Files\Common Files\<DIR> LightScribe
[09/25/2008|05:42] C:\Program Files\Common Files\<DIR> Macromedia
[09/17/2008|08:04] C:\Program Files\Common Files\<DIR> Microsoft Shared
[11/08/2008|01:14] C:\Program Files\Common Files\<DIR> Motorola Shared
[08/11/2004|02:12] C:\Program Files\Common Files\<DIR> MSSoap
[09/17/2007|05:58] C:\Program Files\Common Files\<DIR> Nero
[05/03/2006|02:14] C:\Program Files\Common Files\<DIR> Nullsoft
[08/11/2004|02:07] C:\Program Files\Common Files\<DIR> ODBC
[10/29/2007|01:12] C:\Program Files\Common Files\<DIR> Python
[10/12/2006|10:56] C:\Program Files\Common Files\<DIR> Real
[11/08/2008|01:14] C:\Program Files\Common Files\<DIR> Research in Motion
[05/03/2006|02:05] C:\Program Files\Common Files\<DIR> Roxio Shared
[06/01/2006|05:42] C:\Program Files\Common Files\<DIR> ScanSoft Shared
[08/11/2004|02:12] C:\Program Files\Common Files\<DIR> Services
[09/17/2007|05:31] C:\Program Files\Common Files\<DIR> Sonic Shared
[08/11/2004|02:07] C:\Program Files\Common Files\<DIR> SpeechEngines
[05/13/2006|02:53] C:\Program Files\Common Files\<DIR> SWF Studio
[09/18/2008|10:41] C:\Program Files\Common Files\<DIR> Symantec Shared
[08/23/2008|12:50] C:\Program Files\Common Files\<DIR> System
[05/12/2008|03:52] C:\Program Files\Common Files\<DIR> Ulead Systems
[06/16/2008|07:02] C:\Program Files\Common Files\<DIR> Wise Installation Wizard
[04/21/2008|06:08] C:\Program Files\Common Files\<DIR> xing shared

--------------------\\ Process

( 91 Processes )

IEXPLORE.EXE ~ [PID:3444]
iexplore.exe ~ [PID:3240]

--------------------\\ Searching with S_Lop

C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\DATESE~1
C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\DATESE~1\axissafeglobal.exe
C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\DATESE~1\CastLocks.exe
C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\DATESE~1\sviezjab.exe
C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\DATESE~1\ulptcegt.exe

--------------------\\ Searching for Lop Files - Folders

C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData
C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData\globData.mk4
C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does
C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\city mags.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\city mags.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\Mix Love.exe
C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\datese~1
C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\datese~1\axissafeglobal.exe
C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\datese~1\CastLocks.exe
C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\datese~1\sviezjab.exe
C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\datese~1\ulptcegt.exe
C:\Program Files\datese~1
C:\WINDOWS\Tasks\ADE9E8E6918A95A2.job

--------------------\\ Searching within the Registry

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Size frag plus]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\RHC332~1.MCC\\APPLIC~1\\DATESE~1\\CastLocks.exe -uninstall"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"64 Enc"="C:\\DOCUME~1\\RHC332~1.MCC\\APPLIC~1\\DATESE~1\\CastLocks.exe"
"64 Enc"="C:\\DOCUME~1\\RHC332~1.MCC\\APPLIC~1\\DATESE~1\\CastLocks.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MATH DOES FIRST MODE"="C:\\Documents and Settings\\All Users\\Application Data\\live 64 math does\\city mags.exe"

--------------------\\ Checking the Hosts file

Hosts file CLEAN


--------------------\\ Searching for hidden files with Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-29 10:47:02
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Searching for other infections


No other infections found !

[F:8][D:2]-> C:\DOCUME~1\RHC332~1.MCC\LOCALS~1\Temp
[F:32][D:0]-> C:\DOCUME~1\RHC332~1.MCC\Cookies
[F:749][D:4]-> C:\DOCUME~1\RHC332~1.MCC\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - Mon 12/29/2008|10:48 - Option : [1]

--------------------\\ Scan completed at 10:48:01

Shaba
2008-12-29, 20:50
Restart Lop S&D

This time choose Option 3 (Fix - Hosts)
Don't close the window during suppression!
Post the log which is created: (C:\lopR.txt)

sikink
2008-12-29, 20:54
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2400 @ 1.83GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A00
USER : R.H.McCLURG ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 0.0.0.0 (Activated)
Firewall : COMODO Firewall Pro 3.0 (Activated)
C:\ (Local Disk) - NTFS - Total:54 Go (Free:19 Go)
D:\ (CD or DVD)
E:\ (USB)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [3] ( Mon 12/29/2008|10:51 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ FIX

Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData\globData.mk4
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\city mags.dat
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\city mags.exe
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\Mix Love.exe
Deleted! - C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\datese~1\axissafeglobal.exe
Deleted! - C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\datese~1\CastLocks.exe
Deleted! - C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\datese~1\sviezjab.exe
Deleted! - C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\datese~1\ulptcegt.exe
Deleted! - C:\WINDOWS\Tasks\ADE9E8E6918A95A2.job
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does
Deleted! - C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\datese~1
Deleted! - C:\Program Files\datese~1

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Deleted! - C:\Program Files\Viewpoint
Deleted! - C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\Viewpoint
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing folders in APPLIC~1

[08/11/2004|02:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Identities
[08/02/2006|11:46] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Intel
[09/08/2008|06:39] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Microsoft
[05/03/2006|01:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Sun

[02/10/2008|05:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[09/30/2006|06:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe Systems
[11/04/2006|11:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Ahead
[08/23/2007|10:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL
[08/23/2007|10:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL Downloads
[08/23/2007|10:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL OCP
[03/24/2008|09:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple
[10/06/2008|05:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer
[05/18/2006|08:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Autodesk
[09/08/2008|06:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> avg8
[12/23/2008|04:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> BigFishGamesCache
[06/01/2006|05:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Brother
[05/03/2006|02:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Creative Labs
[05/06/2008|11:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> FunGames
[12/03/2007|06:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> GameHouse
[12/22/2008|08:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Gogii
[01/10/2007|06:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
[12/29/2008|10:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google Updater
[05/03/2006|02:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> GTek
[07/26/2008|05:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> HP
[05/03/2006|02:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> InstallShield
[08/02/2006|04:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Intel
[04/03/2008|12:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> InterVideo
[05/03/2006|02:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Intuit
[06/16/2008|07:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Lavasoft
[09/09/2008|04:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> lgdufkzy
[10/10/2008|03:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Malwarebytes
[05/03/2006|02:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> McAfee
[05/03/2006|02:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> McAfee.com
[05/16/2006|07:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> McAfee.com Personal Firewall
[12/16/2008|08:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[12/23/2008|03:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> MumboJumbo
[10/03/2007|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> NCH Swift Sound
[05/16/2006|09:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> NVIDIA
[08/26/2008|11:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> nView_Profiles
[11/20/2006|12:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Office Genuine Advantage
[01/21/2008|06:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> pixelStorm
[08/25/2006|07:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> PopCap
[05/16/2006|08:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> QuickTime
[08/11/2004|02:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SBSI
[06/01/2006|05:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> ScanSoft
[06/25/2008|09:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Skyline
[04/03/2008|12:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SmartSound Software Inc
[07/26/2008|05:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Sonic
[11/08/2008|01:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Sprint
[12/28/2008|09:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Spybot - Search & Destroy
[09/18/2008|10:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Symantec
[12/23/2008|05:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
[07/21/2006|01:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Trymedia
[05/12/2008|03:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Ulead Systems
[07/07/2006|07:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Visual Networks
[05/27/2006|02:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage
[10/29/2007|12:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> WinZip
[09/04/2007|01:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> WinZipSE
[05/12/2008|02:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> yahoo!
[12/02/2008|08:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Yahoo! Companion

[09/16/2008|07:03] C:\DOCUME~1\APPLIC~1\APPLIC~1\<DIR> Intel
[04/15/2007|07:20] C:\DOCUME~1\APPLIC~1\APPLIC~1\<DIR> Microsoft

[08/11/2004|02:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Identities
[08/02/2006|11:46] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Intel
[08/11/2004|02:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft
[05/03/2006|01:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Sun

[09/16/2008|07:03] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Intel
[05/12/2006|09:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> McAfee.com Personal Firewall
[09/08/2008|06:39] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft
[07/02/2008|11:25] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> X10 Commander

[08/11/2004|02:20] C:\DOCUME~1\LOGMEI~1\APPLIC~1\<DIR> Identities
[08/02/2006|11:46] C:\DOCUME~1\LOGMEI~1\APPLIC~1\<DIR> Intel
[09/08/2008|06:39] C:\DOCUME~1\LOGMEI~1\APPLIC~1\<DIR> Microsoft
[05/03/2006|01:59] C:\DOCUME~1\LOGMEI~1\APPLIC~1\<DIR> Sun

[09/18/2008|10:35] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> AVGTOOLBAR
[08/02/2006|11:46] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Intel
[09/08/2008|06:39] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft
[11/19/2008|10:26] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> X10 Commander

[04/21/2008|04:50] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Adobe
[01/29/2007|07:44] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> AdobeUM
[05/12/2008|11:37] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Ahead
[08/14/2006|12:49] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Aim
[05/20/2006|05:00] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> AOL
[11/03/2006|03:14] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Apple Computer
[09/08/2008|07:04] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> AVGTOOLBAR
[06/01/2006|05:50] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Brother
[07/05/2008|07:00] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Corel
[05/15/2006|09:33] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Corel Photo Album
[05/16/2006|09:31] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Creative
[10/13/2006|09:03] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> DivX
[05/20/2006|05:11] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Earthlink
[10/29/2007|01:12] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> EPSON
[01/18/2008|07:10] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> FileZilla
[05/26/2007|06:17] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Google
[04/12/2007|05:16] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Gtek
[05/13/2006|08:41] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Help
[07/26/2008|05:55] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> HP
[08/11/2004|02:20] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Identities
[08/02/2006|04:15] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Intel
[09/30/2006|06:30] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Jasc Software Inc
[06/16/2008|07:04] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Lavasoft
[05/18/2006|12:38] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Leadertech
[09/17/2008|06:03] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Macromedia
[10/10/2008|03:26] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Malwarebytes
[05/12/2006|07:08] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> McAfee.com Personal Firewall
[09/10/2008|07:12] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Microsoft
[07/17/2008|09:07] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Move Networks
[11/28/2008|10:27] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Mozilla
[05/17/2006|08:20] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> MSNInstaller
[11/25/2006|11:50] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> MySpace
[10/03/2007|11:55] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> NCH Swift Sound
[08/14/2006|12:47] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Neopets Toolbar
[11/28/2008|10:27] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Netscape
[05/25/2006|11:33] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Opera
[12/31/2007|08:24] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> PlayFirst
[12/21/2008|09:05] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Playrix Entertainment
[04/17/2008|07:26] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Real
[07/01/2006|09:54] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> ScamBlocker
[07/05/2006|04:52] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> ScanSoft
[11/08/2008|01:31] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Sierra Wireless
[08/14/2007|07:10] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> SmartFTP
[05/18/2006|12:38] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Sonic
[09/24/2008|06:43] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Sprint
[05/03/2006|01:59] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Sun
[04/03/2008|12:34] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Ulead Systems
[12/06/2008|12:32] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> Unity
[09/04/2007|01:44] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> WinRAR
[10/23/2008|08:38] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> XPSLights
[12/02/2008|08:53] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> yahoo!
[01/17/2008|09:57] C:\DOCUME~1\RHC332~1.MCC\APPLIC~1\<DIR> YouSendIt

[09/16/2008|07:03] C:\DOCUME~1\RHC332~1\APPLIC~1\<DIR> Intel
[04/15/2007|07:20] C:\DOCUME~1\RHC332~1\APPLIC~1\<DIR> Microsoft

[09/17/2008|09:45] C:\DOCUME~1\Work\APPLIC~1\<DIR> AVGTOOLBAR
[09/17/2008|09:44] C:\DOCUME~1\Work\APPLIC~1\<DIR> Google
[09/17/2008|09:42] C:\DOCUME~1\Work\APPLIC~1\<DIR> GTek
[09/17/2008|09:42] C:\DOCUME~1\Work\APPLIC~1\<DIR> HP
[08/11/2004|02:20] C:\DOCUME~1\Work\APPLIC~1\<DIR> Identities
[08/02/2006|11:46] C:\DOCUME~1\Work\APPLIC~1\<DIR> Intel
[09/17/2008|09:43] C:\DOCUME~1\Work\APPLIC~1\<DIR> Jasc Software Inc
[08/11/2004|02:06] C:\DOCUME~1\Work\APPLIC~1\<DIR> Microsoft
[09/17/2008|09:42] C:\DOCUME~1\Work\APPLIC~1\<DIR> Real
[09/17/2008|09:43] C:\DOCUME~1\Work\APPLIC~1\<DIR> Sprint
[05/03/2006|01:59] C:\DOCUME~1\Work\APPLIC~1\<DIR> Sun

--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

[12/27/2008 11:23 AM][--a------] C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job
[12/29/2008 09:10 AM][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
[09/18/2008 10:18 AM][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[12/28/2008 04:22 PM][--a------] C:\WINDOWS\tasks\HP Usg Daily FY04.job
[12/16/2008 01:37 PM][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[12/29/2008 09:10 AM][--ah-----] C:\WINDOWS\tasks\SA.DAT
[08/04/2004 02:00 AM][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing Folders in C:\Program Files

[10/04/2006|05:38] C:\Program Files\<DIR> 3DGroove
[09/16/2008|07:03] C:\Program Files\<DIR> ACW
[02/10/2008|05:35] C:\Program Files\<DIR> Adobe
[09/17/2007|05:57] C:\Program Files\<DIR> Ahead
[06/16/2008|11:34] C:\Program Files\<DIR> Alwil Software
[10/06/2008|05:39] C:\Program Files\<DIR> Apple Software Update
[05/18/2006|08:14] C:\Program Files\<DIR> Autodesk
[06/27/2007|09:11] C:\Program Files\<DIR> Avery Wizard 3.0
[09/08/2008|06:41] C:\Program Files\<DIR> AVG
[08/14/2006|12:18] C:\Program Files\<DIR> AVPersonal
[12/21/2008|08:43] C:\Program Files\<DIR> bfgclient
[05/03/2006|02:05] C:\Program Files\<DIR> BlueTooth
[10/06/2008|05:12] C:\Program Files\<DIR> Bonjour
[05/03/2006|02:05] C:\Program Files\<DIR> Broadcom
[09/17/2008|04:07] C:\Program Files\<DIR> CCleaner
[12/29/2008|09:07] C:\Program Files\<DIR> Common Files
[05/03/2006|02:02] C:\Program Files\<DIR> CONEXANT
[07/06/2008|06:39] C:\Program Files\<DIR> Corel
[05/03/2006|02:09] C:\Program Files\<DIR> Creative
[05/18/2006|08:38] C:\Program Files\<DIR> Curious Labs
[05/03/2006|02:18] C:\Program Files\<DIR> Dell
[04/11/2007|06:59] C:\Program Files\<DIR> DellSupport
[05/21/2008|05:25] C:\Program Files\<DIR> Digimarc
[05/03/2006|02:06] C:\Program Files\<DIR> Digital Line Detect
[12/23/2008|10:52] C:\Program Files\<DIR> DivX
[05/03/2006|02:15] C:\Program Files\<DIR> EarthLink Setup
[09/16/2008|04:46] C:\Program Files\<DIR> EarthLink TotalAccess
[10/29/2007|01:11] C:\Program Files\<DIR> EPSON
[09/04/2007|02:02] C:\Program Files\<DIR> Fellowes
[12/03/2008|09:27] C:\Program Files\<DIR> Google
[07/26/2008|05:41] C:\Program Files\<DIR> Hewlett-Packard
[03/07/2007|07:26] C:\Program Files\<DIR> HP
[11/14/2008|07:12] C:\Program Files\<DIR> Incomplete
[09/25/2008|06:05] C:\Program Files\<DIR> InstallShield Installation Information
[09/11/2008|08:07] C:\Program Files\<DIR> Intel
[05/03/2006|02:06] C:\Program Files\<DIR> InterActual
[12/11/2008|04:25] C:\Program Files\<DIR> Internet Explorer
[04/03/2008|12:23] C:\Program Files\<DIR> InterVideo
[05/21/2008|05:25] C:\Program Files\<DIR> Intuit
[06/15/2007|05:11] C:\Program Files\<DIR> Ipswitch
[12/24/2008|12:46] C:\Program Files\<DIR> iTunes
[09/30/2006|06:30] C:\Program Files\<DIR> Jasc Software Inc
[12/28/2008|09:24] C:\Program Files\<DIR> Java
[06/16/2008|07:04] C:\Program Files\<DIR> Lavasoft
[05/03/2006|02:14] C:\Program Files\<DIR> Learn2.com
[12/20/2008|01:07] C:\Program Files\<DIR> LimeWire
[09/25/2008|06:05] C:\Program Files\<DIR> Macromedia
[10/10/2008|03:28] C:\Program Files\<DIR> Malwarebytes' Anti-Malware
[05/03/2006|02:21] C:\Program Files\<DIR> McAfee
[09/17/2007|04:26] C:\Program Files\<DIR> MediaMonkey
[08/23/2008|12:59] C:\Program Files\<DIR> Messenger
[05/18/2006|08:04] C:\Program Files\<DIR> Microsoft ActiveSync
[05/10/2007|03:16] C:\Program Files\<DIR> Microsoft CAPICOM 2.1.0.2
[08/11/2004|02:15] C:\Program Files\<DIR> microsoft frontpage
[02/12/2007|01:06] C:\Program Files\<DIR> Microsoft Office
[05/03/2006|02:13] C:\Program Files\<DIR> Microsoft Plus! Digital Media Edition
[05/03/2006|02:13] C:\Program Files\<DIR> Microsoft Plus! Photo Story 2 LE
[10/21/2008|04:13] C:\Program Files\<DIR> Microsoft Silverlight
[07/12/2008|01:55] C:\Program Files\<DIR> Modem Helper
[08/23/2008|12:53] C:\Program Files\<DIR> Movie Maker
[05/17/2006|08:19] C:\Program Files\<DIR> MSN
[12/22/2008|10:10] C:\Program Files\<DIR> MSN Games
[08/11/2004|02:11] C:\Program Files\<DIR> MSN Gaming Zone
[11/14/2008|05:22] C:\Program Files\<DIR> MSXML 4.0
[05/03/2006|02:12] C:\Program Files\<DIR> MUSICMATCH
[10/03/2007|11:57] C:\Program Files\<DIR> NCH Swift Sound
[08/23/2008|12:50] C:\Program Files\<DIR> NetMeeting
[07/12/2008|01:55] C:\Program Files\<DIR> NetWaiting
[05/03/2006|02:12] C:\Program Files\<DIR> NetZeroInstallers
[11/22/2008|07:13] C:\Program Files\<DIR> NickOnline
[11/08/2008|01:14] C:\Program Files\<DIR> Novatel Wireless
[04/03/2008|12:22] C:\Program Files\<DIR> NVIDIA Corporation
[12/21/2008|09:04] C:\Program Files\<DIR> Oberon Media
[08/11/2004|02:11] C:\Program Files\<DIR> Online Services
[08/23/2008|12:50] C:\Program Files\<DIR> Outlook Express
[11/28/2008|10:27] C:\Program Files\<DIR> Photodex Presenter
[11/18/2008|10:00] C:\Program Files\<DIR> PicLensIE
[10/06/2008|05:11] C:\Program Files\<DIR> QuickTime
[05/03/2006|02:14] C:\Program Files\<DIR> Real
[10/16/2006|07:56] C:\Program Files\<DIR> Redminibox
[09/17/2007|05:31] C:\Program Files\<DIR> Roxio
[06/01/2006|07:40] C:\Program Files\<DIR> Saitek
[06/01/2006|05:42] C:\Program Files\<DIR> ScanSoft
[11/08/2008|01:14] C:\Program Files\<DIR> Sierra Wireless
[05/03/2006|02:02] C:\Program Files\<DIR> Sigmatel
[06/25/2008|09:03] C:\Program Files\<DIR> Skyline
[09/25/2008|08:33] C:\Program Files\<DIR> SmartFTP Client
[01/08/2008|04:32] C:\Program Files\<DIR> SmartFTP Client 2.5 Setup Files
[09/25/2008|08:28] C:\Program Files\<DIR> SmartFTP Client 3.0 Setup Files
[04/03/2008|12:40] C:\Program Files\<DIR> SmartSound Software
[08/15/2007|06:10] C:\Program Files\<DIR> Snap Shots
[05/03/2006|02:23] C:\Program Files\<DIR> Sonic
[11/08/2008|01:14] C:\Program Files\<DIR> Sprint
[12/02/2008|01:29] C:\Program Files\<DIR> Spybot - Search & Destroy
[12/19/2008|12:23] C:\Program Files\<DIR> SWiSH Max2
[02/01/2008|10:31] C:\Program Files\<DIR> SWiSH Video3
[11/09/2007|05:57] C:\Program Files\<DIR> SWiSHpix
[09/18/2008|10:41] C:\Program Files\<DIR> Symantec
[09/18/2008|10:41] C:\Program Files\<DIR> Symantec Client Security
[05/03/2006|02:04] C:\Program Files\<DIR> Synaptics
[10/22/2006|04:01] C:\Program Files\<DIR> Synthesoft
[05/18/2006|08:29] C:\Program Files\<DIR> Tablet
[05/03/2006|02:05] C:\Program Files\<DIR> Toshiba
[06/17/2008|06:39] C:\Program Files\<DIR> Trend Micro
[08/11/2004|02:20] C:\Program Files\<DIR> Uninstall Information
[12/06/2008|11:08] C:\Program Files\<DIR> Unity
[05/20/2008|09:22] C:\Program Files\<DIR> USPS
[07/30/2007|07:09] C:\Program Files\<DIR> Virtools
[09/17/2008|04:12] C:\Program Files\<DIR> VS Revo Group
[05/03/2006|02:18] C:\Program Files\<DIR> WebCyberCoach
[04/03/2008|12:26] C:\Program Files\<DIR> Windows Media Components
[09/17/2007|04:04] C:\Program Files\<DIR> Windows Media Connect 2
[08/23/2008|12:50] C:\Program Files\<DIR> Windows Media Player
[08/23/2008|12:50] C:\Program Files\<DIR> Windows NT
[08/11/2004|02:13] C:\Program Files\<DIR> WindowsUpdate
[09/04/2007|01:49] C:\Program Files\<DIR> WinRAR
[10/29/2007|12:39] C:\Program Files\<DIR> WinZip
[09/04/2007|01:41] C:\Program Files\<DIR> WinZip Self-Extractor
[08/11/2004|02:15] C:\Program Files\<DIR> xerox
[10/23/2008|08:18] C:\Program Files\<DIR> XPS LED Controller
[12/02/2008|08:52] C:\Program Files\<DIR> Yahoo!

--------------------\\ Listing Folders in C:\Program Files\Common Files

[10/02/2008|07:58] C:\Program Files\Common Files\<DIR> Adobe
[09/30/2006|06:38] C:\Program Files\Common Files\<DIR> Adobe Systems Shared
[09/17/2007|05:56] C:\Program Files\Common Files\<DIR> Ahead
[05/12/2008|02:06] C:\Program Files\Common Files\<DIR> AOL
[10/06/2008|05:10] C:\Program Files\Common Files\<DIR> Apple
[05/18/2006|08:13] C:\Program Files\Common Files\<DIR> Autodesk Shared
[12/05/2006|12:45] C:\Program Files\Common Files\<DIR> Avery
[07/06/2008|06:38] C:\Program Files\Common Files\<DIR> Corel
[05/03/2006|02:06] C:\Program Files\Common Files\<DIR> Creative Labs Shared
[05/18/2006|08:04] C:\Program Files\Common Files\<DIR> Designer
[11/03/2006|06:14] C:\Program Files\Common Files\<DIR> EarthLink
[07/26/2008|05:41] C:\Program Files\Common Files\<DIR> Hewlett-Packard
[07/26/2008|05:45] C:\Program Files\Common Files\<DIR> HP
[06/21/2006|11:54] C:\Program Files\Common Files\<DIR> InstallShield
[09/11/2008|08:07] C:\Program Files\Common Files\<DIR> Intel
[05/21/2008|05:55] C:\Program Files\Common Files\<DIR> Intuit
[09/30/2006|06:31] C:\Program Files\Common Files\<DIR> Jasc Software Inc
[05/03/2006|01:58] C:\Program Files\Common Files\<DIR> Java
[09/17/2007|05:58] C:\Program Files\Common Files\<DIR> LightScribe
[09/25/2008|05:42] C:\Program Files\Common Files\<DIR> Macromedia
[09/17/2008|08:04] C:\Program Files\Common Files\<DIR> Microsoft Shared
[11/08/2008|01:14] C:\Program Files\Common Files\<DIR> Motorola Shared
[08/11/2004|02:12] C:\Program Files\Common Files\<DIR> MSSoap
[09/17/2007|05:58] C:\Program Files\Common Files\<DIR> Nero
[05/03/2006|02:14] C:\Program Files\Common Files\<DIR> Nullsoft
[08/11/2004|02:07] C:\Program Files\Common Files\<DIR> ODBC
[10/29/2007|01:12] C:\Program Files\Common Files\<DIR> Python
[10/12/2006|10:56] C:\Program Files\Common Files\<DIR> Real
[11/08/2008|01:14] C:\Program Files\Common Files\<DIR> Research in Motion
[05/03/2006|02:05] C:\Program Files\Common Files\<DIR> Roxio Shared
[06/01/2006|05:42] C:\Program Files\Common Files\<DIR> ScanSoft Shared
[08/11/2004|02:12] C:\Program Files\Common Files\<DIR> Services
[09/17/2007|05:31] C:\Program Files\Common Files\<DIR> Sonic Shared
[08/11/2004|02:07] C:\Program Files\Common Files\<DIR> SpeechEngines
[05/13/2006|02:53] C:\Program Files\Common Files\<DIR> SWF Studio
[09/18/2008|10:41] C:\Program Files\Common Files\<DIR> Symantec Shared
[08/23/2008|12:50] C:\Program Files\Common Files\<DIR> System
[05/12/2008|03:52] C:\Program Files\Common Files\<DIR> Ulead Systems
[06/16/2008|07:02] C:\Program Files\Common Files\<DIR> Wise Installation Wizard
[04/21/2008|06:08] C:\Program Files\Common Files\<DIR> xing shared

--------------------\\ Process

( 88 Processes )

... OK !

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

No Lop folder found !

--------------------\\ Searching within the Registry

..... OK !

--------------------\\ Checking the Hosts file

Hosts file CLEAN


--------------------\\ Searching for hidden files with Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-29 10:52:43
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Searching for other infections


No other infections found !

[F:7][D:2]-> C:\DOCUME~1\RHC332~1.MCC\LOCALS~1\Temp
[F:32][D:0]-> C:\DOCUME~1\RHC332~1.MCC\Cookies
[F:752][D:4]-> C:\DOCUME~1\RHC332~1.MCC\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - Mon 12/29/2008|10:48 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - Mon 12/29/2008|10:53 - Option : [3]

--------------------\\ Scan completed at 10:53:43

Shaba
2008-12-29, 21:00
Open notepad and copy/paste the text in the codebox below into it:


DirLook::
C:\DOCUME~1\ALLUSE~1\APPLIC~1\lgdufkzy

Folder::
C:\Program Files\LimeWire
c:\program files\BearShare Applications
c:\program files\DNA
c:\documents and settings\R.H.McCLURG\Application Data\DNA


Save this as "CFScript"

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif

This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new HijackThis log.

Combofix should never take more that 20 minutes including the reboot if malware is detected.
If it does, open Task Manager then Processes tab (press ctrl, alt and del at the same time) and end any processes of findstr, find, sed or swreg, then combofix should continue.
If that happened we want to know, and also what process you had to end.

sikink
2008-12-29, 21:10
ComboFix 08-12-28.04 - R.H.McCLURG 2008-12-29 11:05:30.5 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1390 [GMT -8:00]
Running from: c:\documents and settings\R.H.McCLURG\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\R.H.McCLURG\Desktop\CFScript.txt
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
FW: COMODO Firewall Pro *enabled*
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\LimeWire

.
((((((((((((((((((((((((( Files Created from 2008-11-28 to 2008-12-29 )))))))))))))))))))))))))))))))
.

2008-12-29 10:45 . 2008-12-29 10:53 <DIR> d-------- C:\Lop SD
2008-12-29 09:11 . 2008-12-29 09:11 72 --ah----- c:\windows\system32\x10prod.sys
2008-12-28 21:25 . 2008-12-28 21:24 410,984 --a------ c:\windows\system32\deploytk.dll
2008-12-24 11:25 . 2008-12-29 08:41 664 --a------ c:\windows\system32\d3d9caps.dat
2008-12-22 08:42 . 2008-12-22 08:42 <DIR> d-------- c:\documents and settings\All Users\Application Data\Gogii
2008-12-21 21:05 . 2008-12-21 21:05 <DIR> d-------- c:\documents and settings\R.H.McCLURG\Application Data\Playrix Entertainment
2008-12-21 20:43 . 2008-12-21 20:43 <DIR> d-------- c:\program files\bfgclient
2008-12-21 20:41 . 2008-12-23 16:33 <DIR> d-------- c:\documents and settings\All Users\Application Data\BigFishGamesCache
2008-12-20 12:59 . 2008-09-25 05:20 483,328 --a------ c:\windows\system32\actskn45.ocx
2008-12-19 12:23 . 2008-12-19 12:23 7,168 --ahs---- c:\windows\Thumbs.db
2008-12-19 12:23 . 2008-12-19 12:23 5,632 --ahs---- c:\documents and settings\Thumbs.db
2008-12-16 08:52 . 2008-12-16 08:52 <DIR> d-------- c:\documents and settings\R.H.McCLURG\Saved Games
2008-12-16 08:52 . 2008-12-23 17:29 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP
2008-12-16 08:49 . 2008-12-21 21:04 <DIR> d-------- c:\program files\Oberon Media
2008-12-16 08:49 . 2008-12-22 22:10 <DIR> d-------- c:\program files\MSN Games
2008-12-06 14:52 . 2008-12-06 14:52 145 --a------ C:\Shortcut to CD Drive.lnk
2008-12-06 12:32 . 2008-12-06 12:32 <DIR> d-------- c:\documents and settings\R.H.McCLURG\Application Data\Unity
2008-12-06 11:08 . 2008-12-06 11:08 <DIR> d-------- c:\program files\Unity
2008-12-02 20:53 . 2008-12-02 20:53 <DIR> d-------- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2008-12-02 20:52 . 2008-12-02 20:52 <DIR> d-------- c:\program files\Yahoo!

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-29 18:35 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2008-12-29 05:24 --------- d-----w c:\program files\Java
2008-12-28 17:59 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-24 20:46 --------- d-----w c:\program files\iTunes
2008-12-24 06:52 --------- d-----w c:\program files\DivX
2008-12-23 23:59 --------- d-----w c:\documents and settings\All Users\Application Data\MumboJumbo
2008-12-19 20:23 --------- d-----w c:\program files\SWiSH Max2
2008-12-13 06:40 3,593,216 ----a-w c:\windows\system32\dllcache\mshtml.dll
2008-12-06 22:52 74,079 ----a-w c:\windows\Fonts\kaligraff.zip
2008-12-03 17:27 --------- d-----w c:\program files\Google
2008-12-03 04:53 --------- d--h--r c:\documents and settings\R.H.McCLURG\Application Data\yahoo!
2008-12-02 21:29 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-11-29 06:27 --------- d-----w c:\program files\Photodex Presenter
2008-11-29 06:27 --------- d-----w c:\documents and settings\R.H.McCLURG\Application Data\Netscape
2008-11-23 03:13 --------- d-----w c:\program files\NickOnline
2008-11-21 21:44 161,096 ----a-w c:\windows\system32\DivXCodecVersionChecker.exe
2008-11-20 06:26 --------- d-----w c:\documents and settings\NetworkService\Application Data\X10 Commander
2008-11-19 06:00 --------- d-----w c:\program files\PicLensIE
2008-11-14 15:12 --------- d-----w c:\program files\Incomplete
2008-11-14 14:14 263,528 ----a-w c:\documents and settings\R.H.McCLURG\Application Data\GDIPFONTCACHEV1.DAT
2008-11-14 13:22 --------- d-----w c:\program files\MSXML 4.0
2008-11-08 21:31 --------- d-----w c:\documents and settings\R.H.McCLURG\Application Data\Sierra Wireless
2008-11-08 21:14 --------- d-----w c:\program files\Sprint
2008-11-08 21:14 --------- d-----w c:\program files\Sierra Wireless
2008-11-08 21:14 --------- d-----w c:\program files\Novatel Wireless
2008-11-08 21:14 --------- d-----w c:\program files\Common Files\Research in Motion
2008-11-08 21:14 --------- d-----w c:\program files\Common Files\Motorola Shared
2008-11-08 21:14 --------- d-----w c:\documents and settings\All Users\Application Data\Sprint
2008-10-24 11:21 455,296 ------w c:\windows\system32\dllcache\mrxsmb.sys
2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll
2008-10-23 12:36 286,720 ------w c:\windows\system32\dllcache\gdi32.dll
2008-10-16 22:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 22:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll
2008-10-16 22:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 22:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll
2008-10-16 22:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 22:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll
2008-10-16 22:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 22:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll
2008-10-16 22:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll
2008-10-16 22:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 22:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 22:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe
2008-10-16 22:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 22:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 22:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll
2008-10-16 22:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 22:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-16 13:11 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe
2008-10-16 13:11 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
2008-10-15 16:56 61,440 ----a-w c:\windows\system32\pxfhwmcp.dll
2008-10-15 16:56 32,408 ----a-w c:\windows\system32\PCTINDIS5.sys
2008-10-15 16:56 138,016 ----a-w c:\windows\system32\PCTIN50.dll
2008-10-15 16:34 337,408 ------w c:\windows\system32\dllcache\netapi32.dll
2008-10-15 07:06 633,632 ------w c:\windows\system32\dllcache\iexplore.exe
2008-10-15 07:04 161,792 ------w c:\windows\system32\dllcache\ieakui.dll
2008-10-03 10:02 247,326 ----a-w c:\windows\system32\strmdll.dll
2008-10-03 10:02 247,326 ------w c:\windows\system32\dllcache\strmdll.dll
2008-09-30 21:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-08 21:57 191,095 ----a-w c:\documents and settings\R.H.McCLURG\base.dat
2008-09-02 00:57 644,645,866 ----a-w c:\program files\Curious Labs.rar
2007-09-18 03:43 656,135,330 ----a-w c:\program files\Curious Labs.zip
2007-05-14 22:40 12,432,112 ----a-w c:\documents and settings\R.H.McCLURG\BackCompat_04-2007.zip
2005-06-01 21:50 204,418 ----a-w c:\program files\MediaPlayerPluginSource.zip
2006-06-18 01:54 56 --sha-r c:\windows\system32\10CE9A7140.sys
2007-12-19 18:20 88 --sh--r c:\windows\system32\1EA96AFCD9.sys
2008-07-05 15:04 88 --sh--r c:\windows\system32\40719ACE10.sys
2008-07-05 19:59 8,142 --sha-w c:\windows\system32\KGyGaAvL.sys
2008-08-23 21:58 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008082320080824\index.dat
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

---- Directory of c:\docume~1\ALLUSE~1\APPLIC~1\lgdufkzy ----



((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ModemOnHold"="c:\program files\NetWaiting\netWaiting.exe" [2003-09-09 20480]
"Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2005-10-11 1961984]
"E6TaskPanel"="c:\program files\EarthLink TotalAccess\TaskPanl.exe" [2005-09-01 942080]
"SetDefaultMIDI"="MIDIDef.exe" [2004-12-22 c:\windows\MIDIDEF.EXE]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShowLOMControl"="1 (0x1)" [X]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-03-21 7557120]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-28 136600]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2006-02-28 839680]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947]
"DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208]
"CTSysVol"="c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-10-31 57344]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"VoiceCenter"="c:\program files\Creative\VoiceCenter\AndreaVC.exe" [2006-01-02 1126400]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"MSKDetectorExe"="c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2005-07-12 1117184]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 4.0\apdproxy.exe" [2005-09-08 57344]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2004-04-14 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2004-04-14 40960]
"SAITEKAUTOCONFIGURE"="c:\program files\Saitek\Saitek Gaming Extensions\saicnfig.exe" [2001-01-19 45056]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb11.exe" [2006-01-06 172032]
"HPHUPD06"="c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2006-01-06 49152]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-18 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"HPHmon06"="c:\windows\system32\hphmon06.exe" [2006-01-06 659456]
"Fellowes Proxy"="c:\windows\system32\r3proxy.exe" [2004-03-25 86016]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648]
"IPInSightMonitor 01"="c:\program files\EarthLink TotalAccess\FastLane2\IPMon32.exe" [2005-08-10 122880]
"IPInSightLAN 01"="c:\program files\EarthLink TotalAccess\FastLane2\IPClient.exe" [2005-08-10 380928]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-04-21 185896]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-11-27 1261336]
"IntelZeroConfig"="c:\program files\Intel\WiFi\bin\ZCfgSvc.exe" [2008-07-10 1351680]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2008-07-10 1191936]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"Sprint SmartView"="c:\program files\Sprint\Sprint SmartView\SprintSV.exe" [2008-10-15 17664]
"nwiz"="nwiz.exe" [2006-03-21 c:\windows\system32\nwiz.exe]
"NVHotkey"="nvHotkey.dll" [2006-03-21 c:\windows\system32\nvhotkey.dll]
"SigmatelSysTrayApp"="stsystra.exe" [2006-02-10 c:\windows\stsystra.exe]
"MBMon"="CTMBHA.DLL" [2006-03-03 c:\windows\system32\CTMBHA.DLL]
"NVIDIA Remote Control Panel"="NVAREM.EXE" [2003-07-30 c:\windows\system32\nvarem.exe]

c:\documents and settings\R.H.McCLURG\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-09-08 110592]
PowerReg Scheduler V3.exe [2006-11-18 225280]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-09-08 110592]
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2005-11-18 1724416]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-05-03 24576]
HP Digital Imaging Monitor.lnk - c:\program files\HP\digital imaging\bin\hpqtra08.exe [2006-02-19 288472]
HP Photosmart Premier Fast Start.lnk - c:\program files\HP\digital imaging\bin\hpqthb08.exe [2006-02-10 73728]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-12 83360]
TabUserW.exe.lnk - c:\windows\system32\WTablet\TabUserW.exe [2006-05-18 114688]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"difomufuwe"=Rundll32.exe "c:\windows\system32\vapesawi.dll",s

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"=
"c:\\Program Files\\Autodesk\\3dsMax8\\3dsmax.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgtray.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgui.exe"=
"c:\\Program Files\\USPS\\Shipping Assistant\\ShippingAssistant.exe"=
"c:\\Program Files\\Autodesk\\backburner\\manager.exe"=
"c:\\Program Files\\SWiSH Max2\\SwishMax2.exe"=
"c:\\Program Files\\Lavasoft\\Ad-Aware\\Ad-Aware.exe"=
"c:\\Program Files\\Lavasoft\\Ad-Aware\\Ad-Watch.exe"=
"c:\\Program Files\\Toshiba\\Bluetooth Toshiba Stack\\TosBtProc1.exe"=
"c:\\Program Files\\Toshiba\\Bluetooth Toshiba Stack\\ECCenter1.exe"=
"c:\\Program Files\\Lavasoft\\Ad-Aware\\lsupdatemanager.exe"=
"c:\\Program Files\\Outlook Express\\msimn.exe"=
"c:\\Program Files\\DellSupport\\DSAgnt.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\EarthLink TotalAccess\\MailClnt.exe"=
"c:\\Program Files\\EarthLink TotalAccess\\Webspace.exe"=
"c:\\Program Files\\Sprint\\Sprint SmartView\\SprintSV.exe"=
"c:\\Program Files\\SmartFTP Client\\SmartFTP.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Common Files\\Creative Labs Shared\\Service\\CreativeLicensing.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\Intel\\WiFi\\bin\\EvtEng.exe"=
"c:\\WINDOWS\\system32\\spoolsv.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-09-08 97928]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-09-08 875288]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-09-08 231704]
R2 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2008-09-08 76040]
R2 EarthLinkMonitor;EarthLink Monitor Service;"c:\program files\EarthLink TotalAccess\WENGINE\wmonitor.exe" [2005-01-26 65604]
R3 BW2NDIS5;BW2NDIS5;c:\windows\system32\Drivers\BW2NDIS5.sys [2004-11-01 17536]
S2 gupdate1c9556c59cbc448;Google Update Service (gupdate1c9556c59cbc448);"c:\program files\Google\Update\GoogleUpdate.exe" /svc [2008-12-03 133104]
S3 FeMouWDM;Fellowes Mouse Driver;c:\windows\system32\DRIVERS\FeMouWDM.sys [2007-09-04 11393]
S4 LMIRfsClientNP;LMIRfsClientNP; []

*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder

2008-12-16 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 08:34]

2008-12-29 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2008-12-03 09:26]

2008-12-29 c:\windows\Tasks\HP Usg Daily FY04.job
- c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\pexpress\hphped06.exe [2006-01-06 21:09]

2008-12-27 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job
- c:\program files\Spybot - Search & Destroy\SpybotSD.exe [2008-07-30 10:45]

2008-09-18 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2005-03-31 13:32]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.sikink.com/
IE: &Search - ?p=ZUxdm080MFUS
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office10\EXCEL.EXE/3000
Trusted Zone: orock1059.listenernetwork.com
Handler: skyline - {3a4f9195-65a8-11d5-85c1-0001023952c1} - c:\program files\Skyline\TerraExplorer\TerraExplorerX.dll

c:\windows\system32\nminstall.dll - O16 -: {0645D7F3-C20E-4E0B-A545-557527497C0B}
hxxp://a14.g.akamai.net/f/14/7141/1d/www.nielsennetpanel.com/netmeter4_6/NetMeter_preinstaller_activex_en_4.70.21.0_MEGAPANEL_USA.cab
c:\windows\Downloaded Program Files\nminstall.inf

c:\windows\Downloaded Program Files\plinstll.dll - O16 -: {B33E9AC8-169E-4346-BCD9-C98A8BE3F1E9}
hxxp://www.piclens.com/shared/plinstll.cab
c:\windows\Downloaded Program Files\plinstll.inf
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-29 11:06:43
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1060)
c:\windows\system32\netprovcredman.dll
.
Completion time: 2008-12-29 11:08:47
ComboFix-quarantined-files.txt 2008-12-29 19:07:39
ComboFix2.txt 2008-12-29 17:16:46

Pre-Run: 21,043,720,192 bytes free
Post-Run: 21,045,424,128 bytes free

741 --- E O F --- 2008-12-19 01:10:55

Shaba
2008-12-29, 21:31
Please post also a fresh HijackThis log :)

sikink
2008-12-29, 21:35
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:34:38 AM, on 12/29/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\EarthLink TotalAccess\WENGINE\wmonitor.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Creative\VoiceCenter\AndreaVC.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\EarthLink TotalAccess\FastLane2\IPMon32.exe
C:\Program Files\EarthLink TotalAccess\FastLane2\IPClient.exe
C:\WINDOWS\system32\NVAREM.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\system32\x10nets.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Sprint\Sprint SmartView\SprintSV.exe
C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe
C:\Program Files\Sprint\Sprint SmartView\SwiApiMuxCdma.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\Hijack This\sikink.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sikink.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: SrchHook Class - {44F9B173-041C-4825-A9B9-D914BD9DCBB3} - C:\Program Files\EarthLink TotalAccess\elnIE.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: IE_PopupBlocker Class - {656EC4B7-072B-4698-B504-2A414C1F0037} - C:\Program Files\EarthLink TotalAccess\Accelerator\prpl_IePopupBlocker.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [ShowLOMControl] 
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [VoiceCenter] "C:\Program Files\Creative\VoiceCenter\AndreaVC.exe" /tray
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SAITEKAUTOCONFIGURE] C:\Program Files\Saitek\Saitek Gaming Extensions\saicnfig.exe /autorun
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [Fellowes Proxy] C:\WINDOWS\system32\r3proxy.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\EarthLink TotalAccess\FastLane2\IPMon32.exe"
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\Program Files\EarthLink TotalAccess\FastLane2\IPClient.exe" -l
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NVIDIA Remote Control Panel] NVAREM.EXE /S /Q /R /L /A1 /B0 /C0 /D2 /E0
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Sprint SmartView] "C:\Program Files\Sprint\Sprint SmartView\SprintSV.exe" -a
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\digital imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Search - ?p=ZUxdm080MFUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: http://orock1059.listenernetwork.com
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {02A2D714-433E-46E4-B217-7C3B3FAF8EAE} (ScrabbleCubes Control) - http://www.worldwinner.com/games/v46/scrabblecubes/scrabblecubes.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab
O16 - DPF: {0645D7F3-C20E-4E0B-A545-557527497C0B} (NMInstall Control) - http://a14.g.akamai.net/f/14/7141/1d/www.nielsennetpanel.com/netmeter4_6/NetMeter_preinstaller_activex_en_4.70.21.0_MEGAPANEL_USA.cab
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47/shared/FunGamesLoader.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4B9F2C37-C0CF-42BC-BB2D-DCFA8B25CABF} - http://zone.msn.com/bingame/rock/default/popcaploader1.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
O16 - DPF: {64D01C7F-810D-446E-A07E-16C764235644} (AtlAtomadersCtlAttrib Class) - http://zone.msn.com/bingame/amad/default/atomaders.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1160883041296
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/amun/default/mjolauncher.cab
O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} (UnoCtrl Class) - http://zone.msn.com/bingame/zpagames/GAME_UNO1.cab60096.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (MSN Games – Texas Holdem Poker) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab60231.cab
O16 - DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} (Hangman Control) - http://www.worldwinner.com/games/v41/hangman/hangman.cab
O16 - DPF: {B33E9AC8-169E-4346-BCD9-C98A8BE3F1E9} - http://www.piclens.com/shared/plinstll.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {C86FF4B0-AA1D-46D4-8612-025FB86583C7} (AstoundLauncher Control) - http://sympatico.zone.msn.com/bingame/jobo/default/AstoundLauncher.cab#version=1,0,0,10
O16 - DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} (Paint Control) - http://www.worldwinner.com/games/v43/paint/paint.cab
O16 - DPF: {CAC181B0-4D70-402D-B571-C596A47D0CE0} (CBankshotZoneCtrl Class) - http://zone.msn.com/bingame/zpagames/zpa_pool.cab56649.cab
O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} (Photodex Presenter AX control) - http://www.photodex.com/pxplay.cab
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinner.com/games/v47/familyfeud/familyfeud.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://zone.msn.com/bingame/feed/default/SproutLauncher.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab
O16 - DPF: {F773E7B2-62A9-4524-9109-87D2F0BEFAA4} (ChessControl Class) - http://zone.msn.com/bingame/zpagames/zpa_kqrp.cab56961.cab
O16 - DPF: {FAE74270-E5EE-49C3-B816-EA8B4D55F38F} (H2hPool Control) - http://www.worldwinner.com/games/v53/h2hpool/h2hpool.cab
O16 - DPF: {FF3C5A9F-5A91-4930-80E8-4709194C2AD3} (CheckersZPA Object) - http://zone.msn.com/bingame/zpagames/CheckersZPA.cab55579.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D2B6201C-AC2B-4597-BE2F-7BC33A3E27EE}: NameServer = 68.28.58.92 68.28.50.91
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EarthLink Monitor Service (EarthLinkMonitor) - Boingo Wireless, Inc. - C:\Program Files\EarthLink TotalAccess\WENGINE\wmonitor.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate1c9556c59cbc448) (gupdate1c9556c59cbc448) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: Sprint RcAppSvc (SprintRcAppSvc) - PCTEL - C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\WINDOWS\system32\x10nets.exe

--
End of file - 21096 bytes

Shaba
2008-12-29, 21:52
Please go to Kaspersky website (http://www.kaspersky.com/kos/eng/partner/default/kavwebscan.html) and perform an online antivirus scan.

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select ''Run as administrator'' to perform this scan.

Read through the requirements and privacy statement and click on Accept button.
It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
When the downloads have finished, click on Settings.
Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button: Spyware, Adware, Dialers, and other potentially dangerous programs
Archives
Click on My Computer under Scan.
Once the scan is complete, it will display the results. Click on View Scan Report.
You will see a list of infected items there. Click on Save Report As....
Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
Please post this log in your next reply along with a fresh HijackThis log.

If you need a tutorial, see here (http://i275.photobucket.com/albums/jj285/Bleeping/KAS/KAS9.gif)

sikink
2008-12-30, 02:23
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Monday, December 29, 2008
Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Monday, December 29, 2008 17:52:38
Records in database: 1529114
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: no

Scan area - My Computer:
C:\
D:\
E:\

Scan statistics:
Files scanned: 136757
Threat name: 0
Infected objects: 0
Suspicious objects: 0
Duration of the scan: 02:34:55

No malware has been detected. The scan area is clean.

The selected area was scanned.





Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:23:27 PM, on 12/29/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\EarthLink TotalAccess\WENGINE\wmonitor.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Creative\VoiceCenter\AndreaVC.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\EarthLink TotalAccess\FastLane2\IPMon32.exe
C:\Program Files\EarthLink TotalAccess\FastLane2\IPClient.exe
C:\WINDOWS\system32\NVAREM.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\system32\x10nets.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Sprint\Sprint SmartView\SprintSV.exe
C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe
C:\Program Files\Sprint\Sprint SmartView\SwiApiMuxCdma.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Java\jre6\bin\java.exe
C:\Program Files\Trend Micro\Hijack This\sikink.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sikink.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: SrchHook Class - {44F9B173-041C-4825-A9B9-D914BD9DCBB3} - C:\Program Files\EarthLink TotalAccess\elnIE.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: IE_PopupBlocker Class - {656EC4B7-072B-4698-B504-2A414C1F0037} - C:\Program Files\EarthLink TotalAccess\Accelerator\prpl_IePopupBlocker.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [ShowLOMControl] 
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [VoiceCenter] "C:\Program Files\Creative\VoiceCenter\AndreaVC.exe" /tray
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SAITEKAUTOCONFIGURE] C:\Program Files\Saitek\Saitek Gaming Extensions\saicnfig.exe /autorun
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [Fellowes Proxy] C:\WINDOWS\system32\r3proxy.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\EarthLink TotalAccess\FastLane2\IPMon32.exe"
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\Program Files\EarthLink TotalAccess\FastLane2\IPClient.exe" -l
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NVIDIA Remote Control Panel] NVAREM.EXE /S /Q /R /L /A1 /B0 /C0 /D2 /E0
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Sprint SmartView] "C:\Program Files\Sprint\Sprint SmartView\SprintSV.exe" -a
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart
O4 - HKUS\S-1-5-21-3565773455-3296871243-2741178767-1007\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe (User '?')
O4 - HKUS\S-1-5-21-3565773455-3296871243-2741178767-1007\..\Run: [SetDefaultMIDI] MIDIDef.exe (User '?')
O4 - HKUS\S-1-5-21-3565773455-3296871243-2741178767-1007\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R (User '?')
O4 - HKUS\S-1-5-21-3565773455-3296871243-2741178767-1007\..\Run: [Creative MediaSource Go] "C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe" /SCB (User '?')
O4 - HKUS\S-1-5-21-3565773455-3296871243-2741178767-1007\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup (User '?')
O4 - HKUS\S-1-5-21-3565773455-3296871243-2741178767-1007\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\digital imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Search - ?p=ZUxdm080MFUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: http://orock1059.listenernetwork.com
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {02A2D714-433E-46E4-B217-7C3B3FAF8EAE} (ScrabbleCubes Control) - http://www.worldwinner.com/games/v46/scrabblecubes/scrabblecubes.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab
O16 - DPF: {0645D7F3-C20E-4E0B-A545-557527497C0B} (NMInstall Control) - http://a14.g.akamai.net/f/14/7141/1d/www.nielsennetpanel.com/netmeter4_6/NetMeter_preinstaller_activex_en_4.70.21.0_MEGAPANEL_USA.cab
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47/shared/FunGamesLoader.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4B9F2C37-C0CF-42BC-BB2D-DCFA8B25CABF} - http://zone.msn.com/bingame/rock/default/popcaploader1.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
O16 - DPF: {64D01C7F-810D-446E-A07E-16C764235644} (AtlAtomadersCtlAttrib Class) - http://zone.msn.com/bingame/amad/default/atomaders.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1160883041296
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/amun/default/mjolauncher.cab
O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} (UnoCtrl Class) - http://zone.msn.com/bingame/zpagames/GAME_UNO1.cab60096.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (MSN Games – Texas Holdem Poker) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab60231.cab
O16 - DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} (Hangman Control) - http://www.worldwinner.com/games/v41/hangman/hangman.cab
O16 - DPF: {B33E9AC8-169E-4346-BCD9-C98A8BE3F1E9} - http://www.piclens.com/shared/plinstll.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {C86FF4B0-AA1D-46D4-8612-025FB86583C7} (AstoundLauncher Control) - http://sympatico.zone.msn.com/bingame/jobo/default/AstoundLauncher.cab#version=1,0,0,10
O16 - DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} (Paint Control) - http://www.worldwinner.com/games/v43/paint/paint.cab
O16 - DPF: {CAC181B0-4D70-402D-B571-C596A47D0CE0} (CBankshotZoneCtrl Class) - http://zone.msn.com/bingame/zpagames/zpa_pool.cab56649.cab
O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} (Photodex Presenter AX control) - http://www.photodex.com/pxplay.cab
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinner.com/games/v47/familyfeud/familyfeud.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://zone.msn.com/bingame/feed/default/SproutLauncher.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab
O16 - DPF: {F773E7B2-62A9-4524-9109-87D2F0BEFAA4} (ChessControl Class) - http://zone.msn.com/bingame/zpagames/zpa_kqrp.cab56961.cab
O16 - DPF: {FAE74270-E5EE-49C3-B816-EA8B4D55F38F} (H2hPool Control) - http://www.worldwinner.com/games/v53/h2hpool/h2hpool.cab
O16 - DPF: {FF3C5A9F-5A91-4930-80E8-4709194C2AD3} (CheckersZPA Object) - http://zone.msn.com/bingame/zpagames/CheckersZPA.cab55579.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D2B6201C-AC2B-4597-BE2F-7BC33A3E27EE}: NameServer = 68.28.58.92 68.28.50.91
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EarthLink Monitor Service (EarthLinkMonitor) - Boingo Wireless, Inc. - C:\Program Files\EarthLink TotalAccess\WENGINE\wmonitor.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate1c9556c59cbc448) (gupdate1c9556c59cbc448) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: Sprint RcAppSvc (SprintRcAppSvc) - PCTEL - C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\WINDOWS\system32\x10nets.exe

--
End of file - 21964 bytes

Shaba
2008-12-30, 15:37
That looks good :)

Still problems?

sikink
2008-12-30, 19:33
Nope no more problems. Thank you very much for your help! :)

Shaba
2008-12-30, 19:42
Great :)

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

Looking over your log, it seems you don't have any evidence of a third party firewall.

As the term conveys, a firewall is an extra layer of security installed onto computers, which restricts access to systems from the outside world. Firewalls protect against hackers and malicious intruders. I want you to download a free firewall NOW from one of these excellent vendors:

1) Comodo (http://www.personalfirewall.comodo.com/download_firewall.html) (Uncheck during installation "Install COMODO Antivirus (Recommended)"!, "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage")
2) Online Armor (http://www.tallemu.com/online_armor_free.html)
3) PC Tools (http://www.pctools.com/firewall/download/)
4) Sunbelt/Kerio (http://www.sunbelt-software.com/Kerio-Download.cfm)
5) ZoneAlarm (http://www.zonelabs.com/store/content/catalog/products/sku_list_za.jsp?dc=12bms&ctry=US&lang=en&lid=nav_za) (uncheck ZoneAlarm Spy Blocker during installation if you choose this one)

If you are using the built-in Windows XP firewall, it is not recommended as it does not block outgoing connections. This means that any malware on your computer is free to "phone home" for more instructions. Simply put, Windows XP contains a mediocre firewall. This firewall is NO replacement for a dedicated software solution. Remember to use only one firewall at the same time.

Now lets uninstall ComboFix:

Click START then RUN
Now type Combofix /u in the runbox and click OK

Next we remove all used tools.

You can remove LOP S&D.

Please download OTCleanIt (http://download.bleepingcomputer.com/oldtimer/OTCleanIt.exe) and save it to desktop.

Double-click OTCleanIt.exe.
Click the CleanUp! button.
Select Yes when the "Begin cleanup Process?" prompt appears.
If you are prompted to Reboot during the cleanup, select Yes.
The tool will delete itself once it finishes, if not delete it by yourself.


Note: If you receive a warning from your firewall or other security programs regarding OTCleanIt attempting to contact the internet, please allow it to do so.

Disable and Enable System Restore. - If you are using Windows XP then you should disable and re-enable system restore to make sure there are no infected files found in a restore point.

You can find instructions on how to enable and re-enable system restore here:

Windows XP System Restore Guide (http://www.bleepingcomputer.com/forums/tutorial56.html)

Re-enable system restore with instructions from tutorial above

Make your Internet Explorer more secure - This can be done by following these simple instructions:
From within Internet Explorer click on the Tools menu and then click on Options.
Click once on the Security tab
Click once on the Internet icon so it becomes highlighted.
Click once on the Custom Level button.
Change the Download signed ActiveX controls to Prompt

Change the Download unsigned ActiveX controls to Disable

Change the Initialize and script ActiveX controls not marked as safe to Disable

Change the Installation of desktop items to Prompt

Change the Launching programs and files in an IFRAME to Prompt

Change the Navigate sub-frames across different domains to Prompt

When all these settings have been made, click on the OK button.

If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.

Update your AntiVirus Software and keep your other programs up-to-date Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system.
You can use one of these sites to check if any updates are needed for your pc.
Secunia Software Inspector (http://secunia.com/software_inspector/)
F-secure Health Check (http://www.f-secure.com/weblog/archives/00001356.html)

Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com (http://www.windowsupdate.com) regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

Install Malwarebytes' Anti-Malware - Malwarebytes' Anti-Malware is a new and powerful anti-malware tool. It is
totally free but for real-time protection you will have to pay a small one-time fee. Tutorial on installing & using this product can be found below:

Malwarebytes' Anti-Malware Setup Guide (http://www.bfccomputers.com/forum/index.php?showtopic=1644)

Malwarebytes' Anti-Malware Scanning Guide (http://www.bfccomputers.com/forum/index.php?showtopic=1645)


Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.

A tutorial on installing & using this product can be found here:

Using SpywareBlaster to protect your computer from Spyware and Malware (http://www.bleepingcomputer.com/tutorials/tutorial49.html)


Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
Follow this list and your potential for being infected again will reduce dramatically.

Here are some additional utilities that will enhance your safety

MVPS Hosts file (http://mvps.org/winhelp2002/hosts.htm) <= The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer. See also a hosts file tutorial here (http://malwareremoval.com/forum/viewtopic.php?t=22187)
Winpatrol (http://www.winpatrol.com/) <= Download and install the free version of Winpatrol. a tutorial for this product is located here:
Using Winpatrol to protect your computer from malicious software (http://www.winpatrol.com/features.html)

Stand Up and Be Counted ---> Malware Complaints (http://www.malwarecomplaints.info/index.php) <--- where you can make difference!

The site offers people who have been (or are) victims of malware the opportunity to document their story and, in that way, launch a complaint against the malware and the makers of the malware.

Also, please read this great article by Tony Klein So How Did I Get Infected In First Place (http://forums.spybot.info/showthread.php?t=279)

Happy surfing and stay clean! :bigthumb:

Shaba
2009-01-01, 11:59
Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.

Note: If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

If it has been less than four days since your last response and you need the thread re-opened, please send me or your helper a private message (pm). A valid, working link to the closed topic is required.