HELP Needed with Smitfraud-C infection

Hi Shaba, I finally did it, after a few passes with OTMoveIt3 in wich the computer stalled evrey time exept for this last one :) here is the log from OTMoveIt3 that you request, those files missing from the log and that OTMoveIt3 coud'nt move i did it manually as you said. (exept for those i needed) :)
how does it look now?
Thanks

========== FILES ==========
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Abnardella_click-PERMANENTENLARGER.htm I not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Adventureous_spirit_Buy_IncreaseSpermCount.HTML not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Alidatulian_click-PERMANENTENLARGER.htm Infected: not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Beck_Buy_PermanentEnlarger.HTML not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Boggs_Buy_HERBALVIAGRA.HTML not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Buddy1237-Lose-10poundsIn10days.htm Infected: not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\BUY_DIET_SENSATION.HTM not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\BUY_ExplodingOrgasm-BiggerLoads.HTM Infected: not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Buy_ExplodingOrgasms.HTML not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\BUY_GREAT_MALENLARGER.HTML not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\BUY_GUARANTEEDENLARGER.HTML not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\BUY_HERBALVIAGRA.HTM not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\BUY_LASTLONGER.HTM not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\BUY_LAST_LONGER.HTML not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\BUY_MultiOrgasms.HTM not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\BUY_PERMANENTENLARG.HTM not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\BUY_PERMANENT_ENLARG.HTML not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\BUY_SPERMCOUNT.HTML not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\BUY_YOURSPERMCOUNT.HTML not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Carminaherrera_click-onlineRX.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Carminaherrera_click_LAST-LONGER.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Chantal_89_click-onlineRX.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\click-WeightLossSensation.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Conejobustos_10POUNDSIN10DAYSDIET.HTML not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Farris_Buy_PermanentEnlarger.HTML not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Frankmadero_click-sdrfs.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Frtrus.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Gcaldera31_Buy_PermanentEnlarger.HTML not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Hamlin_Buy_PermanentEnlarger.HTML not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Hogue_Buy_PermanentEnlarger.HTML not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Jesines-Lose-10poundsIn10days.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Jlaws27_click-EXPLODING-ORGASMS.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Kim_Buy_PermanentEnlarger.HTML not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Krmuska182_click-BIGGERLOADS.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Krmuska182_click-PERMANENTENLARGER.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Lorettab4_click-PERMANENTENLARGER.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Lori_last_click-PERMANENTENLARGER.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Mackey_Buy_HERBALVIAGRA.HTML not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Mayram56_click-BIGGERLOADS.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Mgaby11_click-onlineRX.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Mmary84_click-PERMANENTENLARGER.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Moreno_Buy_PermanentEnlarger.HTML not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\OpenThisHTML_3DayDeliveryRXmed.HTM not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\OpenThisHTML_FastDeliveryRXmed.HTM not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Osborne_Buy_PermanentEnlarger.HTML not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Paulomarques84_10POUNDSIN10DAYSDIET.HTML not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Paulomarques84_click-ONLINE_PHARM.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Perlunix_click-PERMANENTENLARGER.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Pmc49_click-BIGGERLOADS.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Pmc49_click_PERMANENTGrowth.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Pompier80_click-BIGGERLOADS.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Remacost_10POUNDSIN10DAYSDIET.HTML not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Saeconsultores_click-BIGGERLOADS.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Saeconsultores_click-onlineRX.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Saeconsultores_click-PERMANENTENLARGER.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Sbrittonga_click-onlineRX.htm Infected: not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Shannon_Buy_PermanentEnlarger.HTML not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Stahl_Buy_HERBALVIAGRA.HTML not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Toan_alex_nguyen_10POUNDSIN10DAYSDIET.HTML not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Unforgiv3n_click-BiggerLoads.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Unforgiv3n_click-onlineRX.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Wellsburggirl_Buy_Last-Longer.HTML not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Yutsc_click_LASTLONGER.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Zerosklero-Lose-10poundsIn10days.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\{01C8D34D-DF5D-463E-8CD2-E911826231F2}\BUY_PERMANENTENLARG.HTM not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\{075899CB-20B2-407F-904B-BF952A5230CC}\BUY_PERMANENTENLARG.HTM not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\{0E7C65B6-CD51-4DC4-A2BC-6CDB5A7D09C6}\BUY_PERMANENTENLARG.HTM not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\{2D60A64E-E25D-4FB9-86AE-F16EB0D0A9FB}\Chantal_89_click-onlineRX.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\{354C5E39-0E90-477C-9217-82998227E73E}\BUY_SPERMCOUNT.HTML not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\{36822013-9908-42E6-B647-752E27CB4752}\Lorettab4_click-PERMANENTENLARGER.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\{5C402DBB-BC46-4548-B3E5-5E947B4E3501}\Saeconsultores_click-BIGGERLOADS.htm not found.
C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\{65D1C754-A492-454A-99E1-48B877843A87}\Saeconsultores_click-PERMANENTENLARGER.htm moved successfully.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\{71B68522-D715-4062-9184-B142BCA1CC1A}\Buy_Rx_Here.html not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\{8A3E94EC-ECAE-4D43-8E1D-40FEE42FAABA}\BUY_PERMANENTENLARG.HTM not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\{927AE709-00FF-4BE0-A7F7-2D4FFBA9D24E}\Lori_last_click-PERMANENTENLARGER.htm not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\{93E04E5C-84C0-468E-A5FC-05BE0728B3BC}\BUY_YOURSPERMCOUNT.HTML not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\{95FB89A0-A70A-4725-A645-469075A9D098}\BUY_PERMANENTENLARG.HTM not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\{AC624000-90DF-48E1-AA27-2BA3CED1D596}\BUY_PERMANENTENLARG.HTM not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\{C018DE05-6F18-4C56-886F-F1693CC9AD28}\BUY_PERMANENTENLARG.HTM not found.
File/Folder C:\Documents and Settings\Casa\Local Settings\Application Data\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\{C4F9D6B9-045C-4316-9147-AF9B9C114589}\BUY_MultiOrgasms.HTM Infected: not found.
File/Folder C:\Documents and Settings\Casa\My Documents\Downloads\Acronis Disk Director Server v10.0 Build 2169 [h33t] [Original]\diskdirectorserver100b2169en1.rar I not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Abnardella_click-PERMANENTENLARGER.htm not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Alidatulian_click-PERMANENTENLARGER.htm not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Beck_Buy_PermanentEnlarger.HTML Infected: not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Boggs_Buy_HERBALVIAGRA.HTML Infected: not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Buddy1237-Lose-10poundsIn10days.htm not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\BUY_DIET_SENSATION.HTM not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\BUY_ExplodingOrgasm-BiggerLoads.HTM not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Buy_ExplodingOrgasms.HTML not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\BUY_GREAT_MALENLARGER.HTML not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\BUY_GUARANTEEDENLARGER.HTML not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\BUY_HERBALVIAGRA.HTM not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\BUY_LASTLONGER.HTM not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\BUY_LAST_LONGER.HTML not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\BUY_MultiOrgasms.HTM not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\BUY_PERMANENTENLARG.HTM not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\BUY_PERMANENT_ENLARG.HTML not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\BUY_SPERMCOUNT.HTML not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\BUY_YOURSPERMCOUNT.HTML not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Carminaherrera_click_LAST-LONGER.htm I not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\click-WeightLossSensation.htm not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Conejobustos_10POUNDSIN10DAYSDIET.HTML not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Farris_Buy_PermanentEnlarger.HTML Infected: not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Frankmadero_click-sdrfs.htm Infected: not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Frtrus.htm not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Gcaldera31_Buy_PermanentEnlarger.HTML not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Hamlin_Buy_PermanentEnlarger.HTML not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Hogue_Buy_PermanentEnlarger.HTML not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Jesines-Lose-10poundsIn10days.htm not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Jlaws27_click-EXPLODING-ORGASMS.htm not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Kim_Buy_PermanentEnlarger.HTML Infected: not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Krmuska182_click-PERMANENTENLARGER.htm not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Lorettab4_click-PERMANENTENLARGER.htm not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Lori_last_click-PERMANENTENLARGER.htm not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Mackey_Buy_HERBALVIAGRA.HTML not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Mmary84_click-PERMANENTENLARGER.htm not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Moreno_Buy_PermanentEnlarger.HTML not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\OpenThisHTML_3DayDeliveryRXmed.HTM not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\OpenThisHTML_FastDeliveryRXmed.HTM not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Osborne_Buy_PermanentEnlarger.HTML not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Paulomarques84_10POUNDSIN10DAYSDIET.HTML not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Paulomarques84_click-ONLINE_PHARM.htm not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Perlunix_click-PERMANENTENLARGER.htm not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Pmc49_click_PERMANENTGrowth.htm not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Pompier80_click-BIGGERLOADS.htm not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Remacost_10POUNDSIN10DAYSDIET.HTML not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Saeconsultores_click-PERMANENTENLARGER.htm not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Shannon_Buy_PermanentEnlarger.HTML not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Stahl_Buy_HERBALVIAGRA.HTML not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Toan_alex_nguyen_10POUNDSIN10DAYSDIET.HTML not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Unforgiv3n_click-BiggerLoads.htm not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Wellsburggirl_Buy_Last-Longer.HTML not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Yutsc_click_LASTLONGER.htm not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\Zerosklero-Lose-10poundsIn10days.htm not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\{01C8D34D-DF5D-463E-8CD2-E911826231F2}\BUY_PERMANENTENLARG.HTM not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\{075899CB-20B2-407F-904B-BF952A5230CC}\BUY_PERMANENTENLARG.HTM not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\{0E7C65B6-CD51-4DC4-A2BC-6CDB5A7D09C6}\BUY_PERMANENTENLARG.HTM not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\{354C5E39-0E90-477C-9217-82998227E73E}\BUY_SPERMCOUNT.HTML not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\{36822013-9908-42E6-B647-752E27CB4752}\Lorettab4_click-PERMANENTENLARGER.htm not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\{8A3E94EC-ECAE-4D43-8E1D-40FEE42FAABA}\BUY_PERMANENTENLARG.HTM not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\{927AE709-00FF-4BE0-A7F7-2D4FFBA9D24E}\Lori_last_click-PERMANENTENLARGER.htm not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\{93E04E5C-84C0-468E-A5FC-05BE0728B3BC}\BUY_YOURSPERMCOUNT.HTML not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\{95FB89A0-A70A-4725-A645-469075A9D098}\BUY_PERMANENTENLARG.HTM not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\{C018DE05-6F18-4C56-886F-F1693CC9AD28}\BUY_PERMANENTENLARG.HTM not found.
File/Folder D:\Incredimail\IM\IM\Identities\{BE1587C5-0527-4641-BFA4-3A646EDD576F}\Message Store\Attachments\{C4F9D6B9-045C-4316-9147-AF9B9C114589}\BUY_MultiOrgasms.HTM not found.
File/Folder D:\Programas\Programas\bsplayer\bsplayer141.832.exe not found.
File/Folder D:\Programas\Programas\desktop search tools\vmntoolbox.exe not found.
File/Folder D:\Programas\Programas\FTP Servers\aceftp3\aceftp3free.exe not found.
File/Folder D:\Programas\Programas\games\PacMan not found.
File/Folder D:\Programas\Programas\games\Screensaver\Amazon_Waterfall_Screensaver not found.
File/Folder D:\Programas\Programas\games\Screensaver\Aquarium_Screensaver not found.
File/Folder D:\Programas\Programas\games\Screensaver\Christmas_Night_Screensaver not found.
File/Folder D:\Programas\Programas\games\Screensaver\Sea_Castle_Screensaver not found.
File/Folder D:\Programas\Programas\ie 7\ie7\Add Ons\vmntoolbox.exe not found.
File/Folder D:\Programas\Programas\incredimail\PhotoJoy\PhotoJoy_Install.exe not found.
File/Folder D:\Programas\Programas\MSN\Msn Live Messenger 8\Setup.exe not found.
File/Folder D:\Programas\Programas\MSN\Msn Live Messenger 8\SmileyCentralPFSetup2.1.50.3-3.exe not found.
File/Folder D:\Programas\Programas\Screensavers\sinstaller2(2).exe not found.
File/Folder D:\Programas\Programas\Stardock\themes\105063.exe not found.
File/Folder D:\Programas\Programas\Stardock\themes\tcf1464.exe not found.
File/Folder D:\Programas\Programas\Varios\mailpv.zip Infected: not-a-virus:PSWTool.Win32.MailPassView.e 1 not found.
File/Folder D:\Programas\Programas\Varios\MSN-Password-Recovery-setup.exe not found.
File/Folder D:\Shared Folder\Completos\Programs\Microsoft\Windows\Descodificador Tvcabo Para Winxp Compativel Com Pinnacle.ace not found.
File/Folder D:\Shared Folder\Completos\Programs\Microsoft\Windows\Descodificador Tvcabo Para Winxp Compativel Com Pinnacle.zip not found.

OTMoveIt3 by OldTimer - Version 1.0.5.0 log created on 10192008_030501
 
Hi Shaba,
as far as I can notice, and I've gained about 10Gb of free space on my C: disk, I now have two pop up windows when the computer starts, one from my TV board asking to select the COM (but it's already selectet and function proprely and another saying that windows disabled somethig by the name Direct CD, wich could make windows run with instability, also when windows starts ask me to chose betwen my operating sistem and windows management console but I guess it's normal since we haven't unistaled some programs we used to clean up this mess, but the rest seems alright now, can you help me with that to or do I have to open a new thread? :)
Thanks a lot for all the help you're giving to me. :)
 
Disabling this should help for first error message:

O4 - HKLM\..\Run: [PCTVRemote] C:\Program Files\Pinnacle\Pinnacle PCTV\Remote\Remoterm.exe

"also when windows starts ask me to chose betwen my operating sistem and windows management console but I guess it's normal since we haven't unistaled some programs"

That is due to recovery console. I recommend that you keep. I can give instructions for uninstallation if you like to.
 
Hi Shaba,

Disabling this should help for first error message:

O4 - HKLM\..\Run: [PCTVRemote] C:\Program Files\Pinnacle\Pinnacle PCTV\Remote\Remoterm.exe

How do I disable that? I whent to the program itself and there's not an option to do it?

Thanks
 
Open HijackThis, click do a system scan only and checkmark it.

Close all windows including browser and press fix checked.
 
Hi Shaba,
Thanks :bigthumb:
what about the: and another saying that windows disabled somethig by the name Direct CD, wich could make windows run with instability?
 
All I see is Nero related entries.

You could try uninstalling/re-installing Nero.
 
Hi Shaba,
I did what you sujested and re-instaled nero, after this I made spybot check and he could't find any trace of the damn thing and finally a defragmentation on my disks (wich I could't for ages :) ) and the computer seems like new now, thanks a lot for your suport, you're the best!! :2thumb:
I have a question now on what to do now? are we finished for this? what about the programs we used/instaled, should i keep them or unistaled (for me they could rest there as they don't bother me at all, just in case :rolleyes: ) and should I reenable spybot teatimer again?

I would like to ask you this, but i don't know if I should open a new thread as this is a diferent problem, anyhow I'm sure you may give me some advice first if I shoul'd open a new thread and second where should I post it? or if you may help me with this withought open it or not.
As you know I have another disc C: (in a diferent swapable draw) wich as given me some problems as spybot detects somethig is trying to connect to the net and imeadtley and as teatimer is on it starts to block that thing filling my desktop with popups, i've runed spybot and it detects it but can't remove it so it asks to run on reboot (wich i did) but still hapens the same (i think S&D can't remove it) what should I do? I have tried an online scanner but it could't run also, I have some very important information on that disc and I really really can't want to loose it!! :sad:
 
Hi Shaba,
Here it goes the latest (i think) S&D Report:
thanks

--- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---

2008-07-07 blindman.exe (1.0.0.8)
2008-01-28 SDDelFile.exe (1.0.2.4)
2008-07-07 SDFiles.exe (1.6.0.4)
2008-07-07 SDMain.exe (1.0.0.6)
2008-07-07 SDShred.exe (1.0.2.3)
2008-07-07 SDUpdate.exe (1.6.0.8)
2008-07-07 SDWinSec.exe (1.0.0.12)
2008-07-07 SpybotSD.exe (1.6.0.30)
2008-09-16 TeaTimer.exe (1.6.3.25)
2007-07-09 unins000.exe (51.41.0.0)
2008-08-13 unins001.exe (51.49.0.0)
2008-07-07 Update.exe (1.6.0.7)
2008-07-07 advcheck.dll (1.6.1.12)
2007-04-02 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-09-15 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2008-07-07 Tools.dll (2.1.5.7)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2008-09-02 Includes\Adware.sbi
2008-10-14 Includes\AdwareC.sbi
2008-06-03 Includes\Cookies.sbi
2008-09-02 Includes\Dialer.sbi
2008-09-09 Includes\DialerC.sbi
2008-07-23 Includes\HeavyDuty.sbi
2008-09-02 Includes\Hijackers.sbi
2008-10-07 Includes\HijackersC.sbi
2008-09-09 Includes\Keyloggers.sbi
2008-10-14 Includes\KeyloggersC.sbi
2004-11-29 Includes\LSP.sbi
2008-10-08 Includes\Malware.sbi
2008-10-14 Includes\MalwareC.sbi
2008-09-02 Includes\PUPS.sbi
2008-10-14 Includes\PUPSC.sbi
2007-11-07 Includes\Revision.sbi
2008-06-18 Includes\Security.sbi
2008-09-30 Includes\SecurityC.sbi
2008-06-03 Includes\Spybots.sbi
2008-06-03 Includes\SpybotsC.sbi
2008-09-09 Includes\Spyware.sbi
2008-10-14 Includes\SpywareC.sbi
2008-06-03 Includes\Tracks.uti
2008-10-15 Includes\Trojans.sbi
2008-10-14 Includes\TrojansC.sbi
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll


--- System information ---
Windows XP (Build: 2600) Service Pack 2 (5.1.2600)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB936181)
/ Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
/ Windows / SP1: Microsoft National Language Support Downlevel APIs
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB936782)
/ Windows Media Player 6.4: Security Update for Windows Media Player 6.4 (KB925398)
/ Windows Media Player 9: Security Update for Windows Media Player 9 (KB917734)
/ Windows XP: Security Update for Windows XP (KB923689)
/ Windows XP: Security Update for Windows XP (KB941569)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB938127)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB942615)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB944533)
/ Windows XP / SP0: Hotfix for Windows Internet Explorer 7 (KB947864)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB950759)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB953838)
/ Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP
/ Windows XP / SP2: Windows XP Service Pack 2
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Update for Windows XP (KB894391)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896424)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899589)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Update for Windows XP (KB900485)
/ Windows XP / SP3: Security Update for Windows XP (KB900725)
/ Windows XP / SP3: Security Update for Windows XP (KB901017)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB902400)
/ Windows XP / SP3: Security Update for Windows XP (KB904706)
/ Windows XP / SP3: Update for Windows XP (KB904942)
/ Windows XP / SP3: Security Update for Windows XP (KB905414)
/ Windows XP / SP3: Security Update for Windows XP (KB905749)
/ Windows XP / SP3: Security Update for Windows XP (KB908519)
/ Windows XP / SP3: Update for Windows XP (KB908531)
/ Windows XP / SP3: Update for Windows XP (KB910437)
/ Windows XP / SP3: Update for Windows XP (KB911280)
/ Windows XP / SP3: Security Update for Windows XP (KB911562)
/ Windows XP / SP3: Security Update for Windows XP (KB911567)
/ Windows XP / SP3: Security Update for Windows XP (KB911927)
/ Windows XP / SP3: Security Update for Windows XP (KB912919)
/ Windows XP / SP3: Security Update for Windows XP (KB913580)
/ Windows XP / SP3: Security Update for Windows XP (KB914388)
/ Windows XP / SP3: Security Update for Windows XP (KB914389)
/ Windows XP / SP3: Hotfix for Windows XP (KB914440)
/ Windows XP / SP3: Hotfix for Windows XP (KB915800)
/ Windows XP / SP3: Hotfix for Windows XP (KB915865)
/ Windows XP / SP3: Update for Windows XP (KB916595)
/ Windows XP / SP3: Security Update for Windows XP (KB917159)
/ Windows XP / SP3: Security Update for Windows XP (KB917344)
/ Windows XP / SP3: Security Update for Windows XP (KB917422)
/ Windows XP / SP3: Security Update for Windows XP (KB917953)
/ Windows XP / SP3: Security Update for Windows XP (KB918118)
/ Windows XP / SP3: Security Update for Windows XP (KB918439)
/ Windows XP / SP3: Security Update for Windows XP (KB918899)
/ Windows XP / SP3: Security Update for Windows XP (KB919007)
/ Windows XP / SP3: Security Update for Windows XP (KB920213)
/ Windows XP / SP3: Security Update for Windows XP (KB920214)
/ Windows XP / SP3: Security Update for Windows XP (KB920670)
/ Windows XP / SP3: Security Update for Windows XP (KB920683)
/ Windows XP / SP3: Security Update for Windows XP (KB920685)
/ Windows XP / SP3: Update for Windows XP (KB920872)
/ Windows XP / SP3: Security Update for Windows XP (KB921398)
/ Windows XP / SP3: Security Update for Windows XP (KB921883)
/ Windows XP / SP3: Update for Windows XP (KB922582)
/ Windows XP / SP3: Security Update for Windows XP (KB922616)
/ Windows XP / SP3: Security Update for Windows XP (KB922819)
/ Windows XP / SP3: Security Update for Windows XP (KB923191)
/ Windows XP / SP3: Security Update for Windows XP (KB923414)
/ Windows XP / SP3: Security Update for Windows XP (KB923980)
/ Windows XP / SP3: Security Update for Windows XP (KB924191)
/ Windows XP / SP3: Security Update for Windows XP (KB924270)
/ Windows XP / SP3: Security Update for Windows XP (KB924496)
/ Windows XP / SP3: Security Update for Windows XP (KB924667)
/ Windows XP / SP3: Security Update for Windows XP (KB925486)
/ Windows XP / SP3: Hotfix for Windows XP (KB926239)
/ Windows XP / SP3: Security Update for Windows XP (KB926255)
/ Windows XP / SP3: Security Update for Windows XP (KB926436)
/ Windows XP / SP3: Security Update for Windows XP (KB927779)
/ Windows XP / SP3: Security Update for Windows XP (KB927802)
/ Windows XP / SP3: Update for Windows XP (KB927891)
/ Windows XP / SP3: Security Update for Windows XP (KB928255)
/ Windows XP / SP3: Security Update for Windows XP (KB928843)
/ Windows XP / SP3: Security Update for Windows XP (KB929123)
/ Windows XP / SP3: Security Update for Windows XP (KB929969)
/ Windows XP / SP3: Security Update for Windows XP (KB930178)
/ Windows XP / SP3: Update for Windows XP (KB930916)
/ Windows XP / SP3: Security Update for Windows XP (KB931261)
/ Windows XP / SP3: Security Update for Windows XP (KB931784)
/ Windows XP / SP3: Update for Windows XP (KB931836)
/ Windows XP / SP3: Security Update for Windows XP (KB932168)
/ Windows XP / SP3: Update for Windows XP (KB932823-v3)
/ Windows XP / SP3: Security Update for Windows XP (KB933566)
/ Windows XP / SP3: Security Update for Windows XP (KB933729)
/ Windows XP / SP3: Security Update for Windows XP (KB935839)
/ Windows XP / SP3: Security Update for Windows XP (KB935840)
/ Windows XP / SP3: Security Update for Windows XP (KB936021)
/ Windows XP / SP3: Update for Windows XP (KB936357)
/ Windows XP / SP3: Security Update for Windows XP (KB937894)
/ Windows XP / SP3: Security Update for Windows XP (KB938127)
/ Windows XP / SP3: Update for Windows XP (KB938828)
/ Windows XP / SP3: Security Update for Windows XP (KB938829)
/ Windows XP / SP3: Security Update for Windows XP (KB941202)
/ Windows XP / SP3: Security Update for Windows XP (KB941568)
/ Windows XP / SP3: Security Update for Windows XP (KB941644)
/ Windows XP / SP3: Security Update for Windows XP (KB941693)
/ Windows XP / SP3: Security Update for Windows XP (KB942615)
/ Windows XP / SP3: Update for Windows XP (KB942763)
/ Windows XP / SP3: Update for Windows XP (KB942840)
/ Windows XP / SP3: Security Update for Windows XP (KB943055)
/ Windows XP / SP3: Security Update for Windows XP (KB943460)
/ Windows XP / SP3: Security Update for Windows XP (KB943485)
/ Windows XP / SP3: Security Update for Windows XP (KB944653)
/ Windows XP / SP3: Security Update for Windows XP (KB945553)
/ Windows XP / SP3: Security Update for Windows XP (KB946026)
/ Windows XP / SP3: Update for Windows XP (KB946627)
/ Windows XP / SP3: Security Update for Windows XP (KB948590)
/ Windows XP / SP3: Security Update for Windows XP (KB948881)
/ Windows XP / SP3: Security Update for Windows XP (KB950749)
/ Windows XP / SP4: Security Update for Windows XP (KB938464)
/ Windows XP / SP4: Security Update for Windows XP (KB946648)
/ Windows XP / SP4: Security Update for Windows XP (KB950760)
/ Windows XP / SP4: Security Update for Windows XP (KB950762)
/ Windows XP / SP4: Security Update for Windows XP (KB950974)
/ Windows XP / SP4: Security Update for Windows XP (KB951066)
/ Windows XP / SP4: Update for Windows XP (KB951072-v2)
/ Windows XP / SP4: Security Update for Windows XP (KB951376)
/ Windows XP / SP4: Security Update for Windows XP (KB951376-v2)
/ Windows XP / SP4: Security Update for Windows XP (KB951698)
/ Windows XP / SP4: Security Update for Windows XP (KB951748)
/ Windows XP / SP4: Hotfix for Windows XP (KB952287)
/ Windows XP / SP4: Security Update for Windows XP (KB952954)
/ Windows XP / SP4: Security Update for Windows XP (KB953839)


--- Startup entries list ---
Located: HK_LM:Run, AVG8_TRAY
command: C:\PROGRA~1\AVG\AVG8\avgtray.exe
file: C:\PROGRA~1\AVG\AVG8\avgtray.exe
size: 1234712
MD5: 84A91D110D27B11713C349523F4EA47F

Located: HK_LM:Run, BluetoothAuthenticationAgent
command: rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
file: C:\WINDOWS\system32\bthprops.cpl
size: 110592
MD5: 265F5C94FA9F2DD868517E9DEEA21844

Located: HK_LM:Run, BootSkin Startup Jobs
command: "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
file: C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe
size: 270336
MD5: 998492D3C53EEF257308C016AC9DD825

Located: HK_LM:Run, DiskeeperSystray
command: "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
file: C:\Program Files\Executive Software\Diskeeper\DkIcon.exe
size: 184408
MD5: 1CC38090C948BA34AC7D0CC17AF3F4B4

Located: HK_LM:Run, GrooveMonitor
command: "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
file: C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
size: 33648
MD5: 35DCD380D4D579D8B8EA91D5D8AE444C

Located: HK_LM:Run, IME JPN 2007 Migration
command: C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG.EXE /Preload
file: C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG.EXE
size: 66936
MD5: E163E2B3A8E91B3A716828E06181C904

Located: HK_LM:Run, LogonStudio
command: "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
file: C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe
size: 987187
MD5: E7937FC9392A6040336833D5282259FE

Located: HK_LM:Run, Microsoft Pinyin IME Migration
command: C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
file: C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE
size: 32560
MD5: 0CB52FBC5099ADFA75178EE08F1CD660

Located: HK_LM:Run, Opware12
command: "C:\Program Files\ScanSoft\OmniPagePro12.0\Opware12.exe"
file: C:\Program Files\ScanSoft\OmniPagePro12.0\Opware12.exe
size: 49152
MD5: 2837F5DBBB9B8DB2D4EB02856EAE6E23

Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
file: C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
size: 144784
MD5: 6AB4C021FBD36DC6764924C312428D97

Located: HK_LM:Run, UnlockerAssistant
command: "C:\Program Files\Unlocker\UnlockerAssistant.exe"
file: C:\Program Files\Unlocker\UnlockerAssistant.exe
size: 15872
MD5: 403E928BA217E38485009636C793F3C9

Located: HK_LM:Run, UserFaultCheck
command: %systemroot%\system32\dumprep 0 -u
file: C:\WINDOWS\system32\dumprep 0 -u
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:Run, WinampAgent
command: C:\Program Files\Winamp\winampa.exe
file: C:\Program Files\Winamp\winampa.exe
size: 35328
MD5: 62BD7FC7AD975C163C2D5B5860C61997

Located: HK_CU:Run, ctfmon.exe
where: PE_C_ADMINISTRATOR...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8

Located: HK_CU:Run, LightScribe Control Panel
where: PE_C_ADMINISTRATOR...
command: C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
file: C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
size: 2295072
MD5: E1CFE972E41F7678A0ED7A226C93C250

Located: HK_CU:RunOnce, NeroHomeFirstStart
where: PE_C_ADMINISTRATOR...
command: "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe"
file: C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe
size: 19752
MD5: ABDB4E0027FD39E254854AD710A0CCB6

Located: HK_CU:RunOnce, NeroHomeFirstStart
where: PE_C_ALL USERS...
command: "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe"
file: C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe
size: 19752
MD5: ABDB4E0027FD39E254854AD710A0CCB6

Located: HK_CU:Run, ctfmon.exe
where: PE_C_GUEST...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8

Located: HK_CU:Run, LightScribe Control Panel
where: PE_C_GUEST...
command: C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
file: C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
size: 2295072
MD5: E1CFE972E41F7678A0ED7A226C93C250

Located: HK_CU:Run, msnmsgr
where: PE_C_GUEST...
command: "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
file: C:\Program Files\MSN Messenger\msnmsgr.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:Run, ctfmon.exe
where: PE_C_MãE...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8

Located: HK_CU:Run, IncrediMail
where: PE_C_MãE...
command: C:\Program Files\IncrediMail\bin\IncMail.exe /c
file: C:\Program Files\IncrediMail\bin\IncMail.exe
size: 243072
MD5: 7AD7DAAA39AD39931E5947543084DDF3

Located: HK_CU:Run, SpybotSD TeaTimer
where: PE_C_MãE...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 1833296
MD5: 63B3FF83B87AFCEBA89CED54695DA0F6

Located: HK_CU:Run, Copernic Desktop Search 2
where: S-1-5-21-1715567821-1060284298-854245398-1003...
command: "C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe" /tray
file: C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe
size: 1583624
MD5: 5D39FA0C7AF3313703A94DFA60A93C9A

Located: HK_CU:Run, ctfmon.exe
where: S-1-5-21-1715567821-1060284298-854245398-1003...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8

Located: HK_CU:Run, IncrediMail
where: S-1-5-21-1715567821-1060284298-854245398-1003...
command: C:\Program Files\IncrediMail\bin\IncMail.exe /c
file: C:\Program Files\IncrediMail\bin\IncMail.exe
size: 243072
MD5: 7AD7DAAA39AD39931E5947543084DDF3

Located: HK_CU:Run, LClock
where: S-1-5-21-1715567821-1060284298-854245398-1003...
command: C:\Program Files\LClock\lclock.exe
file: C:\Program Files\LClock\lclock.exe
size: 65536
MD5: 38CC541D105DCBA3D3768D6B191D9505

Located: HK_CU:Run, Rainlendar2
where: S-1-5-21-1715567821-1060284298-854245398-1003...
command: C:\Program Files\Rainlendar2\Rainlendar2.exe
file: C:\Program Files\Rainlendar2\Rainlendar2.exe
size: 4067328
MD5: D0F6C8CA69CA3B1315C9BC9B5746ABE7

Located: HK_CU:Run, ViOrb
where: S-1-5-21-1715567821-1060284298-854245398-1003...
command: C:\Program Files\ViOrb\ViOrb.exe
file: C:\Program Files\ViOrb\ViOrb.exe
size: 167936
MD5: EF13475DEBC95FB0A3D875BB13CB3330

Located: HK_CU:Run, VisualTaskTips
where: S-1-5-21-1715567821-1060284298-854245398-1003...
command: C:\Program Files\VisualTaskTips\VisualTaskTips.exe
file: C:\Program Files\VisualTaskTips\VisualTaskTips.exe
size: 61440
MD5: 8B784694CA9994E3102D2D1DE0D6E3F5

Located: Startup (common), Windows Desktop Search.lnk
where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
command: C:\Program Files\Windows Desktop Search\WindowsSearch.exe
file: C:\Program Files\Windows Desktop Search\WindowsSearch.exe
size: 118784
MD5: 946467B375D696FA073A6B9370A4C6CE

Located: Startup (user), MagicDisc.lnk
where: C:\Documents and Settings\Casa\Start Menu\Programs\Startup...
command: C:\Program Files\MagicDisc\MagicDisc.exe
file: C:\Program Files\MagicDisc\MagicDisc.exe
size: 575488
MD5: BDD713D351F065E20F12865B8CFD956D

Located: Startup (user), OneNote 2007 Screen Clipper and Launcher.lnk
where: C:\Documents and Settings\Casa\Start Menu\Programs\Startup...
command: C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
file: C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
size: 101440
MD5: 9D0EEBDA40D5C33BC63FB8BB984F7681

Located: Startup (user), Styler.lnk
where: C:\Documents and Settings\Casa\Start Menu\Programs\Startup...
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: Startup (user), OneNote 2007 Screen Clipper and Launcher.lnk
where: C:\Documents and Settings\Guest\Start Menu\Programs\Startup...
command: C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
file: C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
size: 101440
MD5: 9D0EEBDA40D5C33BC63FB8BB984F7681

Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!



--- Browser helper object list ---
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Adobe PDF Reader Link Helper
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
info link: http://www.adobe.com/products/acrobat/readstep2.html
info source: TonyKlein
Path: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\
Long name: AcroIEHelper.dll

{22BF413B-C6D2-4d91-82A9-A0F997BA588C} (Skype add-on (mastermind))
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Skype add-on (mastermind)
CLSID name: Skype add-on (mastermind)
Path: C:\Program Files\Skype\Toolbars\Internet Explorer\
Long name: SkypeIEPlugin.dll
Short name: SKYPEI~1.DLL
Date (created): 01-02-2008 18:22:12
Date (last access): 16-05-2008 5:11:26
Date (last write): 01-02-2008 18:22:12
Filesize: 1377576
Attributes: archive
MD5: 23CD1A674E74AA4C1DAE8431E101580B
CRC32: 10D55EA0
Version: 2.2.0.147

{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} (WormRadar.com IESiteBlocker.NavFilter)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: WormRadar.com IESiteBlocker.NavFilter
CLSID name: AVG Safe Search
Path: C:\Program Files\AVG\AVG8\
Long name: avgssie.dll
Short name:
Date (created): 02-07-2008 15:41:32
Date (last access): 31-08-2008 22:48:28
Date (last write): 31-08-2008 22:48:28
Filesize: 455960
Attributes: archive
MD5: 19A9C541D4EE8E3471B26986D785AB4D
CRC32: 93FD7D83
Version: 8.0.0.152

{72853161-30C5-4D22-B7F9-0BBC1D38A37E} (Groove GFS Browser Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Groove GFS Browser Helper
Path: C:\Program Files\Microsoft Office\Office12\
Long name: GrooveShellExtensions.dll
Short name:
Date (created): 24-08-2007 7:01:22
Date (last access): 01-09-2008 3:45:12
Date (last write): 24-08-2007 7:01:22
Filesize: 2212224
Attributes: archive
MD5: 32C4927E013C018A13D8DFBDA4148812
CRC32: 9A9F3D8B
Version: 12.0.6211.1000

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: SSVHelper Class
Path: C:\Program Files\Java\jre1.6.0_07\bin\
Long name: ssv.dll
Short name:
Date (created): 31-08-2008 22:53:16
Date (last access): 10-06-2072 2:32:34
Date (last write): 10-06-2008 4:27:02
Filesize: 509328
Attributes: archive
MD5: F921D875A1CBD69A6A462BA2514BC831
CRC32: 38AC9EE2
Version: 6.0.70.6

{7E853D72-626A-48EC-A868-BA8D5E23E045} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:

{A057A204-BACC-4D26-9990-79A187E2698E} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:

{ADECBED6-0366-4377-A739-E69DFBA04663} (Catcher Class)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Catcher Class
Path: C:\Program Files\Moyea\FLV Downloader\
Long name: MoyeaCth.dll
Short name:
Date (created): 15-03-2008 7:14:38
Date (last access): 22-05-2008 17:52:24
Date (last write): 05-12-2007 10:25:24
Filesize: 94208
Attributes: archive
MD5: 06D8D2F98C70B190F8F14125FD82EBAF
CRC32: 924C9D97
Version: 1.0.0.2

{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Google Toolbar Notifier BHO
Path: C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\
Long name: swg.dll
Short name:
Date (created): 19-10-2008 2:24:06
Date (last access): 19-10-2008 2:24:06
Date (last write): 19-10-2008 2:24:06
Filesize: 652784
Attributes: archive
MD5: 7D566FF02484EA2BCDEF6E8D7E9D9D13
CRC32: 922F62CE
Version: 4.1.805.4472

{C451C08A-EC37-45DF-AAAD-18B51AB5E837} (PDFCreator Toolbar Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: PDFCreator Toolbar Helper
Path: C:\Program Files\PDFCreator Toolbar\v3.3.0.1\
Long name: PDFCreator_Toolbar.dll
Short name: PDFCRE~1.DLL
Date (created): 18-12-2007 4:24:58
Date (last access): 16-05-2008 5:11:28
Date (last write): 04-04-2008 3:51:12
Filesize: 806912
Attributes: archive
MD5: D52377F86DB8582396709803054E94BB
CRC32: 58F0C6FD
Version: 3.3.0.1

{cb90f295-4524-4bd4-adb4-8dc333d67d6a} (The Lynx Internet Radio Network Toolbar)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: The Lynx Internet Radio Network Toolbar
Path: C:\Program Files\The_Lynx_Internet_Radio_Network\
Long name: tbThe_.dll
Short name:
Date (created): 24-03-2008 3:24:04
Date (last access): 26-05-2008 4:32:02
Date (last write): 13-03-2008 11:30:28
Filesize: 1524248
Attributes: archive
MD5: 103C2F9FE6B9D22E900CCA445A042C1C
CRC32: 47EADD92
Version: 4.5.184.0



--- ActiveX list ---
DirectAnimation Java Classes (DirectAnimation Java Classes)
DPF name: DirectAnimation Java Classes
CLSID name:
Installer:
Codebase: file://C:\WINDOWS\Java\classes\dajava.cab
description:
classification: Legitimate
known filename: %WINDIR%\Java\classes\dajava.cab
info link:
info source: Patrick M. Kolla

Microsoft XML Parser for Java (Microsoft XML Parser for Java)
DPF name: Microsoft XML Parser for Java
CLSID name:
Installer:
Codebase: file://C:\WINDOWS\Java\classes\xmldso.cab
description:
classification: Legitimate
known filename: %WINDIR%\Java\classes\xmldso.cab
info link:
info source: Patrick M. Kolla

{166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control)
DPF name:
CLSID name: Shockwave ActiveX Control
Installer: C:\WINDOWS\Downloaded Program Files\setup.inf
Codebase: http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
description: Macromedia ShockWave Flash Player 7
classification: Legitimate
known filename: SWDIR.DLL
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Adobe\Director\
Long name: SwDir.dll
Short name:
Date (created): 09-08-2008 16:41:48
Date (last access): 09-08-2008 16:41:48
Date (last write): 06-08-2008 16:30:48
Filesize: 202168
Attributes: archive
MD5: B8153BAD2E56C50B147867FA9DAEB095
CRC32: D52113FA
Version: 11.0.0.465

{33564D57-0000-0010-8000-00AA00389B71} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\WMV9VCM.inf
Codebase: http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
description:
classification: Legitimate
known filename:
info link:
info source: Safer Networking Ltd.

{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_07
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre1.6.0_07\bin\
Long name: npjpi160_07.dll
Short name:
Date (created): 10-06-2008 2:32:34
Date (last access): 10-06-2072 2:32:34
Date (last write): 10-06-2008 4:27:02
Filesize: 132496
Attributes: archive
MD5: 7C83A2809E13950359189767AC9D5DB8
CRC32: 925C2A88
Version: 6.0.70.6

{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\erma.inf
Codebase: http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
description:
classification: Open for discussion
known filename:
info link:
info source: Safer Networking Ltd.

{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} ()
DPF name:
CLSID name:
Installer:
Codebase:

{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} ()
DPF name:
CLSID name:
Installer:
Codebase:

{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_07
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
Path: C:\Program Files\Java\jre1.6.0_07\bin\
Long name: npjpi160_07.dll
Short name:
Date (created): 10-06-2008 2:32:34
Date (last access): 10-06-2072 2:32:34
Date (last write): 10-06-2008 4:27:02
Filesize: 132496
Attributes: archive
MD5: 7C83A2809E13950359189767AC9D5DB8
CRC32: 925C2A88
Version: 6.0.70.6

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_07
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.6.0_07\bin\
Long name: npjpi160_07.dll
Short name:
Date (created): 10-06-2008 2:32:34
Date (last access): 10-06-2072 2:32:34
Date (last write): 10-06-2008 4:27:02
Filesize: 132496
Attributes: archive
MD5: 7C83A2809E13950359189767AC9D5DB8
CRC32: 925C2A88
Version: 6.0.70.6

{CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class)
DPF name:
CLSID name: get_atlcom Class
Installer: C:\WINDOWS\Downloaded Program Files\gp.inf
Codebase: http://www.adobe.com/products/acrobat/nos/gp.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: gp.ocx
Short name:
Date (created): 16-05-2007 16:22:06
Date (last access): 16-05-2008 5:11:38
Date (last write): 16-05-2007 16:22:06
Filesize: 166512
Attributes: archive
MD5: 9BCFC46ECA1BF28E039ECCE2D331086E
CRC32: A9C6ED85
Version: 1.2.2.50



--- Process list ---
PID: 0 ( 0) [System]
PID: 516 ( 4) \SystemRoot\System32\smss.exe
size: 50688
PID: 596 ( 516) \??\C:\WINDOWS\system32\csrss.exe
size: 6144
PID: 620 ( 516) \??\C:\WINDOWS\system32\winlogon.exe
size: 502272
PID: 728 ( 620) C:\WINDOWS\system32\services.exe
size: 108032
MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID: 740 ( 620) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 940 ( 728) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 984 ( 728) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1100 ( 728) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1184 ( 728) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1284 ( 728) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1424 ( 728) C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
size: 611664
MD5: 17067069B9A7865028C1F2E6971D0CCC
PID: 1588 ( 728) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1748 (1728) C:\WINDOWS\Explorer.EXE
size: 1033216
MD5: 97BD6515465659FF8F3B7BE375B2EA87
PID: 1972 ( 728) C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
size: 124832
MD5: E8FE4FCE23D2809BD88BCC1D0F8408CE
PID: 2000 ( 728) C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
size: 231704
MD5: 9B40D378D4E521464212E878BE8216A4
PID: 2016 ( 728) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 2040 ( 728) C:\Program Files\Executive Software\Diskeeper\DkService.exe
size: 606316
MD5: 15A2F2D06B1F8D2AD2BE055C40CB1B74
PID: 552 ( 728) C:\Program Files\FolderSize\FolderSizeSvc.exe
size: 131072
MD5: 7C2B319EF1F62837AAD0CDD76F0B84C6
PID: 1764 ( 728) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
size: 168432
MD5: 34B56A3C195AEE6AE11001D277ACC83E
PID: 2036 (1748) C:\WINDOWS\system32\rundll32.exe
size: 33280
MD5: DA285490BBD8A1D0CE6623577D5BA1FF
PID: 220 ( 728) C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
size: 1440552
MD5: B983D62CA4AC7C1B68089AE05FDE6888
PID: 228 (1748) C:\Program Files\ScanSoft\OmniPagePro12.0\Opware12.exe
size: 49152
MD5: 2837F5DBBB9B8DB2D4EB02856EAE6E23
PID: 288 (1748) C:\Program Files\Winamp\winampa.exe
size: 35328
MD5: 62BD7FC7AD975C163C2D5B5860C61997
PID: 328 ( 728) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
size: 79136
MD5: 9039717A906DA0AE38420918801D9AB3
PID: 588 ( 728) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
size: 335872
MD5: 7CF1B716372B89568AE4C0FE769F5869
PID: 648 (1748) C:\Program Files\Unlocker\UnlockerAssistant.exe
size: 15872
MD5: 403E928BA217E38485009636C793F3C9
PID: 868 (1748) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
size: 33648
MD5: 35DCD380D4D579D8B8EA91D5D8AE444C
PID: 1120 (1748) C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
size: 144784
MD5: 6AB4C021FBD36DC6764924C312428D97
PID: 1156 ( 728) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
size: 877864
MD5: 40D7D0A208EE863BCA8D89E299216F15
PID: 1176 (1748) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8
PID: 1232 (1748) C:\Program Files\Rainlendar2\Rainlendar2.exe
size: 4067328
MD5: D0F6C8CA69CA3B1315C9BC9B5746ABE7
PID: 1348 (1748) C:\Program Files\ViOrb\ViOrb.exe
size: 167936
MD5: EF13475DEBC95FB0A3D875BB13CB3330
PID: 1420 (1748) C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe
size: 1583624
MD5: 5D39FA0C7AF3313703A94DFA60A93C9A
PID: 1524 (1748) C:\Program Files\LClock\lclock.exe
size: 65536
MD5: 38CC541D105DCBA3D3768D6B191D9505
PID: 1520 (2000) C:\Program Files\AVG\AVG8\avgrsx.exe
size: 287000
MD5: BA1CE056CE1466CA28CE118585EA86C4
PID: 1656 (1748) C:\Program Files\VisualTaskTips\VisualTaskTips.exe
size: 61440
MD5: 8B784694CA9994E3102D2D1DE0D6E3F5
PID: 1208 ( 728) C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
size: 53032
MD5: 3929C15875CC58FAA1048B231FB3E041
PID: 2164 ( 728) C:\WINDOWS\system32\IoctlSvc.exe
size: 81920
MD5: 875E4E0661F3A5994DF9E5E3A0A4F96B
PID: 2336 (1748) C:\Program Files\Windows Desktop Search\WindowsSearch.exe
size: 118784
MD5: 946467B375D696FA073A6B9370A4C6CE
PID: 2344 ( 728) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
size: 173616
MD5: 1D4061CC5BC8E823D05E1E6E6C1224E3
PID: 2364 ( 728) C:\Program Files\Sandboxie\SbieSvc.exe
size: 47104
MD5: D49EAD9AD39A2F443CB2AE86A850F7E9
PID: 2444 ( 728) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 2564 ( 728) C:\PROGRA~1\AVG\AVG8\avgemc.exe
size: 875288
MD5: EC5B6AFF1A0BD1480B3B40CE78FAA527
PID: 2836 ( 728) C:\WINDOWS\system32\SearchIndexer.exe
size: 300032
MD5: 2EC497AA4B728D1B1A368ACF2E309E8B
PID: 3172 ( 940) C:\Program Files\IncrediMail\bin\IMApp.exe
size: 189824
MD5: B019A29934FFE34F44D5D43E76676DA4
PID: 1092 ( 728) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: F1958FBF86D5C004CF19A5951A9514B7
PID: 2172 ( 728) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 2292 (2836) C:\WINDOWS\system32\SearchProtocolHost.exe
size: 182784
MD5: 4B0EA20D942AF11584D2D72A8419E3CB
PID: 2380 (2836) C:\WINDOWS\system32\SearchFilterHost.exe
size: 76800
MD5: 0B57A82B223AA3CFDD264D9DB8491D43
PID: 3136 (1748) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
size: 5724184
MD5: A7BBF67C8A8B061C6393D9A57840268B
PID: 1496 ( 696) C:\Program Files\AVG\AVG8\avgtray.exe
size: 1234712
MD5: 84A91D110D27B11713C349523F4EA47F
PID: 3384 ( 728) C:\Program Files\Windows Live\Messenger\usnsvc.exe
size: 98328
MD5: 9D19B042A4FD5C02195071EA2FE0C821
PID: 3916 (3172) C:\Program Files\IncrediMail\bin\IncMail.exe
size: 243072
MD5: 7AD7DAAA39AD39931E5947543084DDF3
PID: 388 (3916) C:\Program Files\Internet Explorer\IEXPLORE.EXE
size: 625664
MD5: 64E376A47763DAEABCDA14BD5B6EA286
PID: 3480 (1748) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4891472
MD5: 3B1B5D09D3C9C4CD39D4DB06ED7A0855
PID: 4 ( 0) System


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 22-10-2008 0:24:56

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.netcabo.pt/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
C:\windows\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 3: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 4: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 5: MSAFD RfComm [Bluetooth]
GUID: {9FC48064-7298-43E4-B7BD-181F2089792A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Bluetooth
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD RfComm [Bluetooth]

Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{ACC19DD2-9C10-46C8-AAC6-1BF020F6396A}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{ACC19DD2-9C10-46C8-AAC6-1BF020F6396A}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{DF83770A-3C60-482B-9C12-20A14722061C}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{DF83770A-3C60-482B-9C12-20A14722061C}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{AA981308-7F1B-40F1-B789-A3ABB72CAED9}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{AA981308-7F1B-40F1-B789-A3ABB72CAED9}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A74A40F7-901C-4DEB-AF44-AE2454615D81}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A74A40F7-901C-4DEB-AF44-AE2454615D81}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{34070131-F032-4735-940F-278944C222A8}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{34070131-F032-4735-940F-278944C222A8}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Namespace Provider 0: Tcpip
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP

Namespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS

Namespace Provider 2: Network Location Awareness (NLA) Namespace
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace

Namespace Provider 3: Bluetooth Namespace
GUID: {06AA63E0-7D60-41FF-AFB2-3EE6D2D9392D}
Filename: %SystemRoot%\system32\wshbth.dll
Description: Bluetooth
DB filename: %SystemRoot%\system32\wshbth.dll
DB protocol: Bluetooth-Namespace
 
re:

Hi Shaba,
Spybot diddn't recognize any threats on C: exept for the usualy round up cleaning up the sistem (logs, caches, etc) :)
do you want a new fresh HJT log?
 
Hi Shaba, thanks for your time and support, for the moment i don't have other issues exept for this:

tarix said:
Hi Shaba,
I have a question now on what to do now? are we finished for this? what about the programs we used/instaled, should i keep them or unistaled (for me they could rest there as they don't bother me at all, just in case :rolleyes: ) and should I reenable spybot teatimer again?

I would like to ask you this, but i don't know if I should open a new thread as this is a diferent problem, anyhow I'm sure you may give me some advice first if I shoul'd open a new thread and second where should I post it? or if you may help me with this withought open it or not.
As you know I have another disc C: (in a diferent swapable draw) wich as given me some problems as spybot detects somethig is trying to connect to the net and imeadtley and as teatimer is on it starts to block that thing filling my desktop with popups, i've runed spybot and it detects it but can't remove it so it asks to run on reboot (wich i did) but still hapens the same (i think S&D can't remove it) what should I do? I have tried an online scanner but it could't run also, I have some very important information on that disc and I really really can't want to loose it!! :sad:
Click to expand...

Anyhow thanks again for your time and support :2thumb: :)
 
We will remove used tools during final instructions :)

Is that another disc C: problem still there?
 
re:

Hi Shaba, the other c: disc still have the problems unfurtunatly if that was what you asked, this one whoever is good (as far as I can see it)

Thanks :)
 
You must log in or register to reply here.
Back
Top