Need Help (HJT Log) Feedback much appreciated

[deanizz]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:41:40 AM, on 9/6/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\ACS.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\WINDOWS\System32\svchost.exe
c:\Toshiba\IVP\swupdate\swupdtmr.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\Logi_MwX.Exe
C:\WINDOWS\system32\TPSBattM.exe
C:\WINDOWS\system32\drivers\svchost.exe
C:\WINDOWS\system32\RAMASST.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Documents and Settings\Dean Martinez\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\\system32\userinit.exe,
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: (no name) - {D9D04AD3-EC7C-40E4-814B-A4713B6AA52f} - C:\WINDOWS\system32\nsdnngsb.dll (file missing)
O2 - BHO: (no name) - {E9BD0828-1FD9-410C-A50F-43EBE65D310F} - C:\WINDOWS\system32\rqrqrrr.dll (file missing)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: &VSToolBar - {821F87FF-8245-4972-9E28-732E92EC2F51} - C:\Program Files\VSToolbar\VSToolBar.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [Pinger] C:\TOSHIBA\IVP\ISM\pinger.exe /run
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [SMrhcp98j0e58t] C:\Program Files\rhcp98j0e58t\rhcp98j0e58t.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\RunServices: [Microsoft Ansti Update] msie.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [SVCHOST.EXE] C:\WINDOWS\system32\drivers\svchost.exe
O4 - HKUS\S-1-5-18\..\Run: [Microsoft Ansti Update] msie.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Microsoft Ansti Update] msie.exe (User 'Default user')
O4 - Startup: TA_Start.lnk = C:\Documents and Settings\Dean Martinez\Local Settings\Temp\thinksnet.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: ACA Capture: Capture all Flash... - C:\Program Files\ACASystems\ACACapturePro\add-ons\ie-flash-all.htm
O8 - Extra context menu item: ACA Capture: Capture all images... - C:\Program Files\ACASystems\ACACapturePro\add-ons\ie-image-all.htm
O8 - Extra context menu item: ACA Capture: Capture current image... - C:\Program Files\ACASystems\ACACapturePro\add-ons\ie-image.htm
O8 - Extra context menu item: ACA Capture: Capture webpage contents to image... - C:\Program Files\ACASystems\ACACapturePro\add-ons\ie-webpage-to-image.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.av.aol.com/molbin/sh...3/mcinsctl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1095607254484
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1133836236531
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.av.aol.com/molbin/sh...20/mcgdmgr.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\System32\ACS.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O24 - Desktop Component 0: (no name) - C:\Program Files\MSN Gaming Zone\profsyv.html

--
End of file - 10738 bytes

Thank you

[pskelley]

Welcome to Safer Networking, I wish to be sure you have viewed and understand this information.
"BEFORE you POST" (READ this Procedure before Requesting Assistance)
http://forums.spybot.info/showthread.php?t=288
All advice given is taken at your own risk.
Please make sure you have read this information so we are on the same page.

Make sure you read and follow the directions, anything else will slow the process and waste both of our time. I suggest you keep this computer offline except when troubleshooting, the junk may download more. If you have any tool I use, delete it and download it new from the link I provide. Read and follow the directions carefully, the tools will not work unless you do.
The junk can be tough to remove, so do not expect fast or easy.

Dean, you have some nasty trojans that really concern me:
http://www.castlecops.com/s7717-msie_exe.html
C:\WINDOWS\system32\drivers\svchost.exe
There is more and because I am not sure what these hackers are after, I think you should have this information for your safety.

You're infected, one or more of the identified infections steal information. If this system is used for online banking or has credit card information on it, all passwords should be changed immediately by using a different computer (not the infected one!) to make the changes. Banking and credit card institutions, if any, should be notified of the possible security breech. I suggest that you read this article too.
How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
http://www.dslreports.com/faq/10451
When Should I Format, How Should I Reinstall
http://www.dslreports.com/faq/10063

Because the "Before you Post" instructions appear to not have been read, HJT is unsafely located. Follow my directions to correct this. We will go after the trojan first.

1) Thanks to andymanchesta and anyone else who helped with the fix.

Download SDFix and save it to your Desktop
http://downloads.andymanchesta.com/R...ools/SDFix.exe

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, the Advanced Options Menu should appear;
Select the first option, to run Windows in Safe Mode, then press Enter.
Choose your usual account.
Open the extracted SDFix folder and double click RunThis.bat to start the script.
Type Y to begin the cleanup process.
It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
Press any Key and it will restart the PC.
When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
(Report.txt will also be copied to Clipboard ready for posting back on the forum).
Finally post the contents of the Report.txt back on the forum with a new HijackThis log <<< follow the instructions in #2 to safely locate and post the HJT log.

2) Download Trend Micro Hijack This™ to your Desktop
http://download.bleepingcomputer.com...HJTInstall.exe
Doubleclick the HJTInstall.exe to start it.
By default it will install HijackThis in the Program Files\Trendmicro folder and create a desktop shortcut.
HijackThis will open after install. Press the Scan button below.
This will start the scan and open a log.
Copy and paste the contents of the log in your next reply.

Thanks...Phil

**if you prefer to reformat this computer, just let me know, I will understand.

[deanizz]

Hi, thank you for the response. Anyway I followed steps 1 and 2 and heres the new HJT log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:45:35 PM, on 9/7/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\ACS.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\System32\svchost.exe
c:\Toshiba\IVP\swupdate\swupdtmr.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\Logi_MwX.Exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: (no name) - {D9D04AD3-EC7C-40E4-814B-A4713B6AA52f} - C:\WINDOWS\system32\nsdnngsb.dll (file missing)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: &VSToolBar - {821F87FF-8245-4972-9E28-732E92EC2F51} - C:\Program Files\VSToolbar\VSToolBar.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [Pinger] C:\TOSHIBA\IVP\ISM\pinger.exe /run
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\RunServices: [Microsoft Ansti Update] msie.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKUS\S-1-5-18\..\Run: [Microsoft Ansti Update] msie.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Microsoft Ansti Update] msie.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: ACA Capture: Capture all Flash... - C:\Program Files\ACASystems\ACACapturePro\add-ons\ie-flash-all.htm
O8 - Extra context menu item: ACA Capture: Capture all images... - C:\Program Files\ACASystems\ACACapturePro\add-ons\ie-image-all.htm
O8 - Extra context menu item: ACA Capture: Capture current image... - C:\Program Files\ACASystems\ACACapturePro\add-ons\ie-image.htm
O8 - Extra context menu item: ACA Capture: Capture webpage contents to image... - C:\Program Files\ACASystems\ACACapturePro\add-ons\ie-webpage-to-image.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.av.aol.com/molbin/sh...3/mcinsctl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1095607254484
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1133836236531
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.av.aol.com/molbin/sh...20/mcgdmgr.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\System32\ACS.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 10191 bytes

[deanizz]

Also here is the content of the Report.txt


SDFix: Version 1.222
Run by Dean Martinez on Sun 09/07/2008 at 03:06 PM

Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix

Checking Services :


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


Checking Files :

Trojan Files Found:

C:\DOCUME~1\DEANMA~1\LOCALS~1\Temp\.tt594.tmp - Deleted
C:\DOCUME~1\DEANMA~1\LOCALS~1\Temp\.tt1.tmp.vbs - Deleted
C:\DOCUME~1\DEANMA~1\LOCALS~1\Temp\.tt5.tmp.vbs - Deleted
C:\DOCUME~1\DEANMA~1\LOCALS~1\Temp\.tt594.tmp.vbs - Deleted
C:\DOCUME~1\DEANMA~1\LOCALS~1\Temp\tmp45.tmp - Deleted
C:\DOCUME~1\DEANMA~1\LOCALS~1\Temp\tmp8E.tmp - Deleted
C:\DOCUME~1\DEANMA~1\LOCALS~1\Temp\tmp95.tmp - Deleted
C:\WINDOWS\system32\TFTP1344 - Deleted
C:\WINDOWS\system32\TFTP1760 - Deleted
C:\WINDOWS\system32\TFTP2440 - Deleted
C:\WINDOWS\system32\TFTP2960 - Deleted
C:\DOCUME~1\DEANMA~1\LOCALS~1\Temp\removalfile.bat - Deleted



Folder C:\Temp\1cb - Removed
Folder C:\Temp\fse - Removed


Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-07 15:24:38
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s0"=dword:ab3de422
"s1"=dword:dbda0182
"s2"=dword:c142b7ef
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000000
"ujdew"=hex:bb,14,27,68,f1,02,70,33,2b,88,00,c6,05,92,e0,9d,0a,a8,f8,b6,ee,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000000
"ujdew"=hex:bb,14,27,68,f1,02,70,33,2b,88,00,c6,05,92,e0,9d,0a,a8,f8,b6,ee,..

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Disabled:Internet Explorer"
"C:\\Toshiba\\IVP\\NetInt\\netint.exe"="C:\\TOSHIBA\\ivp\\NetInt\\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrades Engine"
"C:\\Program Files\\i2hub\\i2hub.exe"="C:\\Program Files\\i2hub\\i2hub.exe:*:Disabled:i2hub"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0a\\waol.exe"="C:\\Program Files\\America Online 9.0a\\waol.exe:*:Enabled:America Online 9.0a"
"C:\\TOSHIBA\\Ivp\\ISM\\pinger.exe"="C:\\TOSHIBA\\Ivp\\ISM\\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger"
"C:\\Program Files\\BitComet\\BitComet.exe"="C:\\Program Files\\BitComet\\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\Common Files\\AOL\\1138158505\\ee\\aolsoftware.exe"="C:\\Program Files\\Common Files\\AOL\\1138158505\\ee\\aolsoftware.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\1138158505\\ee\\aim6.exe"="C:\\Program Files\\Common Files\\AOL\\1138158505\\ee\\aim6.exe:*:Enabled:AIM"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Disabled:Firefox"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\WINDOWS\\system32\\otrnslhe.exe"="C:\\WINDOWS\\system32\\otr"
"C:\\WINDOWS\\system32\\vwjxaifh.exe"="C:\\WINDOWS\\system32\\vwj"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\WINDOWS\\system32\\drivers\\svchost.exe"="C:\\WINDOWS\\system32\\drivers\\svchost.exe:*:Disabled:svchost"
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Disabled:Veoh Client"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0a\\waol.exe"="C:\\Program Files\\America Online 9.0a\\waol.exe:*:Enabled:America Online 9.0a"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

Remaining Files :


File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes :

Wed 6 Dec 2006 104 ..SH. --- "C:\WINDOWS\fmcnifo.dll"
Wed 15 Nov 2006 104 ..SH. --- "C:\WINDOWS\vaniet.dll"
Fri 7 May 2004 54,384 A..H. --- "C:\Program Files\America Online 9.0a\aolphx.exe"
Fri 7 May 2004 156,784 A..H. --- "C:\Program Files\America Online 9.0a\aoltray.exe"
Fri 7 May 2004 31,344 A..H. --- "C:\Program Files\America Online 9.0a\RBM.exe"
Wed 13 Oct 2004 1,694,208 ..SH. --- "C:\Program Files\Messenger\msmsgs.exe"
Wed 4 Aug 2004 60,416 A.SH. --- "C:\Program Files\Outlook Express\msimn.exe"
Wed 4 Aug 2004 4,639 A.SH. --- "C:\Program Files\Windows Media Player\mplayer2.exe"
Wed 18 Oct 2006 64,000 A.SH. --- "C:\Program Files\Windows Media Player\wmplayer.exe"
Tue 5 Dec 2006 104 ..SH. --- "C:\WINDOWS\Config\olgdobc.dll"
Wed 29 Nov 2006 104 ..SH. --- "C:\WINDOWS\Fonts\spodc.dll"
Mon 20 Nov 2006 104 ..SH. --- "C:\WINDOWS\inf\ergpi.dll"
Thu 30 Nov 2006 104 ..SH. --- "C:\WINDOWS\inf\pirsv.dll"
Mon 20 Nov 2006 104 ..SH. --- "C:\WINDOWS\Microsoft.NET\acburn.dll"
Tue 5 Dec 2006 104 ..SH. --- "C:\WINDOWS\Microsoft.NET\rulrc.dll"
Mon 4 Dec 2006 104 A.SH. --- "C:\WINDOWS\Registration\piyss.dll"
Sun 3 Dec 2006 104 ..SH. --- "C:\WINDOWS\ServicePackFiles\ctpolg.dll"
Tue 5 Dec 2006 104 ..SH. --- "C:\WINDOWS\system\bdnu.dll"
Thu 16 Nov 2006 104 ..SH. --- "C:\WINDOWS\system\rdvva.dll"
Sun 12 Nov 2006 104 ..SH. --- "C:\WINDOWS\system\sagva.dll"
Tue 21 Nov 2006 104 ..SH. --- "C:\WINDOWS\system\tfpsmvc.dll"
Thu 7 Dec 2006 825,445 A.SH. --- "C:\WINDOWS\system32\nalbwnyn.bak1"
Sat 1 Sep 2007 1,278,091 A.SH. --- "C:\WINDOWS\system32\oedomqot.tmp"
Wed 22 Aug 2007 1,636,838 A.SH. --- "C:\WINDOWS\system32\ututv.tmp"
Tue 21 Aug 2007 6,473 A.SH. --- "C:\WINDOWS\system32\ututv.bak1"
Sat 1 Sep 2007 1,910,324 A.SH. --- "C:\WINDOWS\system32\ututv.bak2"
Sat 3 Dec 2005 303,082 A.SH. --- "C:\WINDOWS\system32\ybeeg.tmp"
Tue 10 Jan 2006 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Wed 13 Feb 2008 19,968 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0002.tmp"
Wed 13 Jun 2007 36,864 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0003.tmp"
Tue 11 Mar 2008 36,864 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0004.tmp"
Mon 19 Nov 2007 28,672 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0020.tmp"
Sat 15 Mar 2008 36,864 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0022.tmp"
Wed 13 Feb 2008 30,208 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0073.tmp"
Thu 14 Jun 2007 50,176 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0194.tmp"
Thu 14 Jun 2007 58,880 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0212.tmp"
Wed 13 Jun 2007 39,936 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0215.tmp"
Wed 13 Jun 2007 41,984 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0218.tmp"
Thu 14 Jun 2007 48,640 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0248.tmp"
Sun 18 Nov 2007 26,624 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0276.tmp"
Sat 15 Mar 2008 36,864 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0303.tmp"
Wed 13 Jun 2007 37,376 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0343.tmp"
Wed 13 Feb 2008 28,160 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0364.tmp"
Wed 13 Feb 2008 24,576 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0391.tmp"
Wed 13 Jun 2007 40,448 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0417.tmp"
Mon 19 Nov 2007 27,648 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0442.tmp"
Thu 14 Jun 2007 49,664 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0447.tmp"
Thu 14 Feb 2008 33,792 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0488.tmp"
Sun 18 Nov 2007 25,088 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0565.tmp"
Wed 13 Jun 2007 43,520 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0580.tmp"
Thu 14 Jun 2007 59,392 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0634.tmp"
Thu 14 Feb 2008 32,768 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0664.tmp"
Thu 14 Jun 2007 46,592 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0666.tmp"
Sun 18 Nov 2007 23,552 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0679.tmp"
Wed 13 Jun 2007 43,520 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0704.tmp"
Thu 14 Jun 2007 48,128 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0746.tmp"
Mon 19 Nov 2007 28,160 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0825.tmp"
Wed 13 Jun 2007 38,912 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0871.tmp"
Thu 14 Jun 2007 47,104 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0918.tmp"
Tue 20 Nov 2007 28,672 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0921.tmp"
Wed 13 Jun 2007 35,840 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL0998.tmp"
Thu 14 Jun 2007 59,392 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL1031.tmp"
Mon 19 Nov 2007 28,160 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL1100.tmp"
Wed 13 Jun 2007 37,376 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL1116.tmp"
Wed 13 Jun 2007 33,792 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL1129.tmp"
Wed 13 Jun 2007 36,864 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL1168.tmp"
Mon 19 Nov 2007 27,648 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL1219.tmp"
Mon 19 Nov 2007 28,672 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL1224.tmp"
Wed 13 Jun 2007 35,328 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL1321.tmp"
Sun 18 Nov 2007 25,088 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL1344.tmp"
Wed 13 Jun 2007 43,008 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL1371.tmp"
Wed 13 Jun 2007 43,520 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL1436.tmp"
Sun 18 Nov 2007 23,552 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL1527.tmp"
Wed 13 Feb 2008 28,672 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL1560.tmp"
Wed 13 Jun 2007 35,328 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL1644.tmp"
Wed 13 Feb 2008 30,720 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL1663.tmp"
Thu 14 Jun 2007 48,640 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL1679.tmp"
Wed 13 Jun 2007 35,840 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL1709.tmp"
Wed 13 Jun 2007 36,864 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL1716.tmp"
Wed 13 Jun 2007 33,280 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL1752.tmp"
Mon 19 Nov 2007 26,624 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL1826.tmp"
Tue 20 Nov 2007 28,672 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL1845.tmp"
Wed 13 Jun 2007 34,304 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL1888.tmp"
Thu 14 Jun 2007 47,616 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL1967.tmp"
Wed 13 Jun 2007 34,816 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL1968.tmp"
Sat 15 Mar 2008 37,888 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL1993.tmp"
Thu 14 Jun 2007 59,392 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL2054.tmp"
Wed 13 Jun 2007 41,472 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL2061.tmp"
Wed 13 Jun 2007 43,520 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL2080.tmp"
Wed 13 Feb 2008 28,672 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL2118.tmp"
Thu 14 Feb 2008 33,792 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL2175.tmp"
Thu 14 Jun 2007 49,664 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL2215.tmp"
Thu 14 Jun 2007 49,664 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL2277.tmp"
Sat 15 Mar 2008 36,864 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL2291.tmp"
Wed 13 Jun 2007 38,912 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL2293.tmp"
Thu 14 Jun 2007 49,152 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL2304.tmp"
Sun 18 Nov 2007 26,112 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL2366.tmp"
Sun 18 Nov 2007 26,112 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL2373.tmp"
Sat 15 Mar 2008 37,888 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL2431.tmp"
Wed 13 Jun 2007 34,816 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL2440.tmp"
Wed 13 Jun 2007 37,888 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL2522.tmp"
Wed 13 Feb 2008 31,232 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL2554.tmp"
Thu 14 Jun 2007 45,568 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL2574.tmp"
Thu 14 Jun 2007 49,664 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL2652.tmp"
Sun 18 Nov 2007 23,552 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL2669.tmp"
Wed 13 Jun 2007 44,544 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL2711.tmp"
Thu 14 Jun 2007 48,640 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL2798.tmp"
Thu 14 Jun 2007 49,664 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL2847.tmp"
Wed 13 Feb 2008 28,672 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL2880.tmp"
Mon 19 Nov 2007 28,672 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL2917.tmp"
Thu 14 Jun 2007 45,568 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL2983.tmp"
Thu 14 Jun 2007 46,080 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL2984.tmp"
Wed 13 Feb 2008 31,744 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL2995.tmp"
Thu 14 Jun 2007 48,640 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL3038.tmp"
Wed 13 Jun 2007 35,328 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL3052.tmp"
Wed 13 Jun 2007 42,496 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL3235.tmp"
Thu 14 Feb 2008 38,400 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL3328.tmp"
Wed 13 Feb 2008 30,720 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL3338.tmp"
Wed 13 Feb 2008 20,480 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL3393.tmp"
Wed 13 Jun 2007 33,792 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL3412.tmp"
Sun 18 Nov 2007 25,600 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL3477.tmp"
Wed 13 Jun 2007 40,448 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL3496.tmp"
Thu 14 Jun 2007 46,592 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL3549.tmp"
Mon 19 Nov 2007 28,160 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL3594.tmp"
Sun 18 Nov 2007 25,600 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL3597.tmp"
Mon 19 Nov 2007 28,672 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL3748.tmp"
Sat 15 Mar 2008 38,912 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL3790.tmp"
Sun 18 Nov 2007 24,576 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL3823.tmp"
Wed 13 Jun 2007 43,520 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL3901.tmp"
Wed 13 Jun 2007 38,912 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL3923.tmp"
Thu 14 Jun 2007 46,080 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL3951.tmp"
Wed 13 Jun 2007 44,032 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL3953.tmp"
Thu 14 Jun 2007 49,664 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL3957.tmp"
Sat 15 Mar 2008 38,912 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL3958.tmp"
Wed 13 Feb 2008 24,064 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL3978.tmp"
Wed 13 Jun 2007 37,888 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL4010.tmp"
Wed 13 Feb 2008 22,016 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL4062.tmp"
Wed 13 Jun 2007 42,496 ...H. --- "C:\Documents and Settings\Dean Martinez\Desktop\~WRL4075.tmp"
Wed 5 Dec 2007 28,160 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0003.tmp"
Tue 22 Feb 2005 20,480 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0005.tmp"
Tue 22 Feb 2005 20,480 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0068.tmp"
Wed 12 Oct 2005 25,600 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0071.tmp"
Thu 6 Dec 2007 197,120 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0081.tmp"
Wed 5 Dec 2007 46,592 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0104.tmp"
Tue 4 Dec 2007 19,968 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0148.tmp"
Thu 24 May 2007 22,528 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0240.tmp"
Thu 24 May 2007 24,064 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0242.tmp"
Thu 6 Dec 2007 197,120 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0247.tmp"
Wed 12 Oct 2005 25,600 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0262.tmp"
Wed 12 Oct 2005 26,624 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0305.tmp"
Wed 12 Oct 2005 30,208 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0378.tmp"
Thu 24 May 2007 27,648 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0380.tmp"
Wed 12 Oct 2005 29,184 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0402.tmp"
Wed 5 Dec 2007 24,064 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0413.tmp"
Tue 4 Dec 2007 19,968 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0455.tmp"
Wed 5 Dec 2007 23,040 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0457.tmp"
Thu 24 May 2007 22,528 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0483.tmp"
Tue 1 May 2007 23,040 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0511.tmp"
Wed 5 Dec 2007 46,592 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0577.tmp"
Thu 24 May 2007 24,064 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0609.tmp"
Wed 5 Dec 2007 24,576 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0710.tmp"
Wed 23 May 2007 19,968 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0712.tmp"
Wed 5 Dec 2007 180,736 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0716.tmp"
Wed 23 May 2007 20,992 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0721.tmp"
Thu 24 May 2007 26,624 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0747.tmp"
Wed 5 Dec 2007 195,584 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0822.tmp"
Tue 1 May 2007 23,040 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0834.tmp"
Wed 5 Dec 2007 195,072 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0867.tmp"
Tue 4 Dec 2007 21,504 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0919.tmp"
Wed 5 Dec 2007 26,112 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL0920.tmp"
Wed 23 May 2007 21,504 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1079.tmp"
Wed 23 May 2007 21,504 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1092.tmp"
Thu 6 Dec 2007 198,144 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1100.tmp"
Wed 5 Dec 2007 25,088 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1148.tmp"
Wed 23 May 2007 20,992 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1220.tmp"
Wed 5 Dec 2007 180,736 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1335.tmp"
Wed 5 Dec 2007 81,408 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1346.tmp"
Sun 20 May 2007 19,968 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1378.tmp"
Tue 4 Dec 2007 20,480 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1401.tmp"
Wed 5 Dec 2007 46,080 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1403.tmp"
Tue 22 Feb 2005 22,528 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1463.tmp"
Wed 5 Dec 2007 195,072 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1520.tmp"
Thu 24 May 2007 22,528 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1543.tmp"
Wed 5 Dec 2007 27,648 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1563.tmp"
Wed 5 Dec 2007 81,920 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1628.tmp"
Wed 5 Dec 2007 24,576 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1637.tmp"
Tue 4 Dec 2007 21,504 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1647.tmp"
Wed 5 Dec 2007 22,016 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1673.tmp"
Tue 22 Feb 2005 21,504 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1674.tmp"
Wed 23 May 2007 20,480 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1717.tmp"
Wed 5 Dec 2007 24,576 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1720.tmp"
Tue 22 Feb 2005 22,016 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1761.tmp"
Wed 5 Dec 2007 46,080 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1775.tmp"
Wed 5 Dec 2007 28,160 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1780.tmp"
Tue 22 Feb 2005 22,528 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1786.tmp"
Thu 24 May 2007 23,552 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1806.tmp"
Wed 23 May 2007 20,480 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1824.tmp"
Wed 5 Dec 2007 81,920 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1833.tmp"
Wed 12 Oct 2005 26,624 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1856.tmp"
Wed 23 May 2007 19,968 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1872.tmp"
Wed 5 Dec 2007 81,408 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1881.tmp"
Wed 12 Oct 2005 26,624 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1885.tmp"
Wed 5 Dec 2007 27,648 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1923.tmp"
Wed 5 Dec 2007 46,080 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1943.tmp"
Wed 5 Dec 2007 26,112 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1968.tmp"
Tue 1 May 2007 23,040 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1974.tmp"
Wed 5 Dec 2007 46,080 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL1995.tmp"
Tue 1 May 2007 20,992 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2066.tmp"
Wed 23 May 2007 20,480 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2067.tmp"
Wed 12 Oct 2005 26,624 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2094.tmp"
Thu 6 Dec 2007 195,584 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2126.tmp"
Wed 5 Dec 2007 25,600 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2127.tmp"
Wed 5 Dec 2007 26,112 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2138.tmp"
Wed 23 May 2007 20,480 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2161.tmp"
Wed 5 Dec 2007 27,136 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2164.tmp"
Tue 4 Dec 2007 20,480 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2235.tmp"
Thu 24 May 2007 25,088 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2271.tmp"
Thu 31 May 2007 24,576 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2282.tmp"
Wed 12 Oct 2005 26,624 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2289.tmp"
Wed 12 Oct 2005 30,208 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2297.tmp"
Wed 5 Dec 2007 46,080 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2314.tmp"
Wed 12 Oct 2005 30,208 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2394.tmp"
Wed 5 Dec 2007 22,016 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2398.tmp"
Tue 22 Feb 2005 20,992 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2401.tmp"
Wed 12 Oct 2005 30,208 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2413.tmp"
Wed 5 Dec 2007 195,584 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2430.tmp"
Wed 5 Dec 2007 195,072 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2431.tmp"
Wed 23 May 2007 20,992 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2434.tmp"
Wed 5 Dec 2007 180,736 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2441.tmp"
Wed 5 Dec 2007 26,624 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2551.tmp"
Wed 5 Dec 2007 195,072 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2552.tmp"
Wed 5 Dec 2007 46,080 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2605.tmp"
Tue 22 Feb 2005 24,064 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2686.tmp"
Tue 1 May 2007 23,040 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2728.tmp"
Tue 1 May 2007 21,504 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2766.tmp"
Tue 4 Dec 2007 20,480 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2779.tmp"
Wed 5 Dec 2007 46,592 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2793.tmp"
Wed 5 Dec 2007 180,736 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2795.tmp"
Tue 22 Feb 2005 22,016 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2827.tmp"
Wed 5 Dec 2007 25,600 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2851.tmp"
Tue 22 Feb 2005 22,528 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2861.tmp"
Thu 24 May 2007 26,112 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2866.tmp"
Wed 5 Dec 2007 195,072 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2872.tmp"
Wed 5 Dec 2007 27,136 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2904.tmp"
Tue 4 Dec 2007 21,504 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2920.tmp"
Wed 23 May 2007 19,968 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2926.tmp"
Wed 12 Oct 2005 25,600 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL2935.tmp"
Tue 22 Feb 2005 22,016 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3018.tmp"
Thu 24 May 2007 23,552 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3019.tmp"
Wed 5 Dec 2007 82,432 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3029.tmp"
Wed 5 Dec 2007 195,584 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3112.tmp"
Wed 12 Oct 2005 28,160 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3120.tmp"
Wed 5 Dec 2007 24,576 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3134.tmp"
Tue 22 Feb 2005 23,040 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3209.tmp"
Tue 22 Feb 2005 23,040 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3210.tmp"
Thu 24 May 2007 26,112 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3228.tmp"
Wed 23 May 2007 20,992 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3272.tmp"
Wed 5 Dec 2007 23,040 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3287.tmp"
Thu 24 May 2007 28,672 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3303.tmp"
Thu 24 May 2007 22,528 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3357.tmp"
Tue 1 May 2007 21,504 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3375.tmp"
Thu 24 May 2007 23,040 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3431.tmp"
Tue 22 Feb 2005 23,040 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3441.tmp"
Tue 1 May 2007 22,528 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3449.tmp"
Thu 24 May 2007 26,112 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3456.tmp"
Wed 12 Oct 2005 28,160 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3481.tmp"
Wed 5 Dec 2007 81,408 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3515.tmp"
Tue 4 Dec 2007 20,992 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3526.tmp"
Wed 12 Oct 2005 26,624 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3556.tmp"
Wed 12 Oct 2005 25,600 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3654.tmp"
Wed 5 Dec 2007 82,432 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3680.tmp"
Thu 24 May 2007 23,552 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3683.tmp"
Wed 5 Dec 2007 195,072 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3702.tmp"
Wed 12 Oct 2005 29,184 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3784.tmp"
Tue 22 Feb 2005 23,040 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3841.tmp"
Tue 4 Dec 2007 20,992 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3898.tmp"
Tue 22 Feb 2005 22,528 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3952.tmp"
Thu 24 May 2007 27,648 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3954.tmp"
Thu 6 Dec 2007 198,144 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL3993.tmp"
Wed 5 Dec 2007 24,064 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL4001.tmp"
Thu 24 May 2007 28,160 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\~WRL4029.tmp"
Fri 1 Dec 2006 104 ..SH. --- "C:\WINDOWS\security\logs\ldldobc.dll"
Tue 28 Nov 2006 104 A.SH. --- "C:\WINDOWS\system32\2052\ibncp.dll"
Mon 30 Apr 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Wed 3 Oct 2007 21,504 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\Dean Martinez resume\~WRL0001.tmp"
Mon 7 Jul 2008 29,696 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\Dean Martinez resume\~WRL0438.tmp"
Sat 6 Oct 2007 21,504 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\Dean Martinez resume\~WRL1926.tmp"
Wed 30 Jul 2008 30,208 ...H. --- "C:\Documents and Settings\Dean Martinez\My Documents\Dean Martinez resume\~WRL3996.tmp"
Sat 2 Dec 2006 104 ..SH. --- "C:\WINDOWS\assembly\GAC\hpqcmctl.resources\vaofnt.dll"
Tue 10 Jan 2006 4,348 ...H. --- "C:\Documents and Settings\Owner\My Documents\My Music\License Backup\drmv1key.bak"
Tue 10 Jan 2006 20 A..H. --- "C:\Documents and Settings\Owner\My Documents\My Music\License Backup\drmv1lic.bak"
Wed 20 Oct 2004 312 A.SH. --- "C:\Documents and Settings\Owner\My Documents\My Music\License Backup\drmv2key.bak"

Finished!

[pskelley]

Thanks for returning your information first a question. What are all of those Files with Hidden Attributes :
Like this example from the SDFix log?
C:\Documents and Settings\Dean Martinez\Desktop\~WRL0212.tmp
They are all .tmp files and all different sizes?

1) You are running two antivirus programs at the same time and this is not a good thing. They conflict with each other and you will be less safe than if you ran one good program and maintained it properly.
http://service1.symantec.com/SUPPORT...00031316555206
"Microsoft recommends that you have only one anti-virus program installed on your computer."
http://www.washingtonpost.com/wp-dyn...120300087.html
http://www.smartcomputing.com/editor...8s07/38s07.asp

Symantec and AVG8 <<< uninstall one of those before you post the next HJT log.

2) You may remove (delete) SDFix from your computer, we are finished with that tool.

3) A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own. This tool is not a toy and not for everyday use.

Tutorial
http://www.bleepingcomputer.com/comb...o-use-combofix

Remove any old copies of combofix before you proceed.

Thanks to sUBs and anyone else who helped with this fix.

It is important that it is saved directly to your Desktop.

Download ComboFix from Here to your Desktop

• Double click combofix.exe and follow the prompts.
• When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply

Note: Do not mouseclick combofix's window while its running. That may cause it to stall

Post the combofix log and a new HJT log.

Thanks

[tashi]

deanizz,

As it has been five days or more since your last post, and your helper posted a response to which you did not reply, this topic has been archived and will not be reopened. If you still require help, please start a new topic and include a fresh HijackThis log and a link to this thread.

Applies only to the original poster, anyone else with similar problems please start a new topic.