gsvpsafm from Antivirus-2008 malware

[zeyyxe]

I am runnning Win64 XP Pro/SP2 and all available updates. I have the latest updated Avast antivirus, as well as Microsoft Defender, and my firewall activated. An ad selling a product called Antivirus-2008 popped up, even with no popups selected, and wanted to install. The window gave me the choice of "install" or "continue", but no "cancel" to select. I exited the window, but was already infected.

I downloaded Spybots latest version, updated it, and scanned my system. It located the Antivirus-2008, which seems to be a Internet Explorer browser attachment, and associated with "gsvpsafm.dll". After the scan, it cleaned the seven associated threats. I rebooted, scanned the system, and found it clean.

The Antivirus-2008 program has not reappeared or tried to install since. However, when I go to the menu bar in Internet Explorer, click "VIEW", select "TOOLBARS" from the pull down menu, another menu appears that shows "Menu Bar", "Links", "gsvpsafm", and "Lock the Toolbars".

Obviously, gsvpsafm should not be there. If I hold the curser over it, nothing displays. If I click gsvpsafm, nothing happens. Did Spybot overlook removing "gsvpsafm" from the IE pull down menu, or is there something else, I must do manually to remove it?

 

[Shaba]

Hi zeyyxe

Click here to download HJTInstall.exe

• Save HJTInstall.exe to your desktop.
• Doubleclick on the HJTInstall.exe icon on your desktop.
• By default it will install to C:\Program Files\Trend Micro\HijackThis .
• Click on Install.
• It will create a HijackThis icon on the desktop.
• Once installed, it will launch Hijackthis.
• Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
• Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
• Come back here to this thread and Paste the log in your next reply.
• DO NOT use the AnalyseThis button, its findings are dangerous if misinterpreted.
• DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

 

[zeyyxe]

As Shaba requested



Hey Shaba,

I see some (no names) in the list that I wonder about. It appears to have found the file in question with:
"O3 - Toolbar: gxvpsafm - {A60C6234-48AB-4295-B542-24F8679FA15C} - C:\WINDOWS\gxvpsafm.dll (file missing)".

*****
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:20:33 PM, on 7/1/2008
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v7.00 SP2 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files (x86)\MagicTune Premium\MagicTuneEngine.exe
C:\Program Files (x86)\twc\medicsp2\bin\sprtsvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files (x86)\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\PROGRA~2\Nero\data\xtras\mssysmgr.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\DU Meter\DUMeter.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
C:\Program Files (x86)\AIM6\aim6.exe
C:\Program Files (x86)\AIM6\aolsoftware.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
F2 - REG:system.ini: UserInit=userinit
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll
O3 - Toolbar: gxvpsafm - {A60C6234-48AB-4295-B542-24F8679FA15C} - C:\WINDOWS\gxvpsafm.dll (file missing)
O4 - HKLM\..\Run: [DU Meter] "C:\Program Files (x86)\DU Meter\DUMeter.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~2\Nero\data\xtras\mssysmgr.exe
O4 - HKCU\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [antivirus-2008pro.exe] C:\Program Files (x86)\Antivirus 2008 PRO\antivirus-2008pro.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O8 - Extra context menu item: Open using &Advanced JPEG Compressor - C:\Program Files (x86)\Advanced JPEG Compressor\ajcieex.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://runonce.msn.com
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqaio2/downloads/sysinfo.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1188116588203
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} (HPSDDX Class) - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) - http://www.linksysfix.com/netcheck/67/install/gtdownls.cab
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Block Level Filtering Service - Unknown owner - C:\WINDOWS\svchost.exe (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing)
O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\system32\Imapi.exe (file missing)
O23 - Service: MagicTuneEngine - Unknown owner - C:\Program Files (x86)\MagicTune Premium\MagicTuneEngine.exe
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc64.exe (file missing)
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Unknown owner - C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe (file missing)
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: SessionLauncher - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe (file missing)
O23 - Service: SupportSoft Sprocket Service (medicsp2) (sprtsvc_medicsp2) - SupportSoft, Inc. - C:\Program Files (x86)\twc\medicsp2\bin\sprtsvc.exe
O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)

--
End of file - 9315 bytes

 

[Shaba]

Hi

Yes, it is a bad entry.

Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.

1. Close all applications and windows.
2. Double-click on dss.exe to run it, and follow the prompts.
3. When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt<-this one will be minimized
4. Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt and the extra.txt to your post. in your reply

 

[zeyyxe]

DSS run for Shaba

Hello Shaba,

Question: I had installed Roxio, but it used many resources and had various programs running at startup, even when I was not running it, so I completely removed it, and reloaded Nero. I see various entries for Roxio still there. I see Atapi and CD-ROM drivers missing files. Would that cause my DVD to not recognize some various factory DVD's as no disk in player?

*****

Deckard's System Scanner v20071014.68
Run by Administrator on 2008-07-02 10:51:43
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Administrator.exe) ---------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:54:33 AM, on 7/2/2008
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v7.00 SP2 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files (x86)\MagicTune Premium\MagicTuneEngine.exe
C:\Program Files (x86)\twc\medicsp2\bin\sprtsvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files (x86)\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\PROGRA~2\Nero\data\xtras\mssysmgr.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\DU Meter\DUMeter.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\DownLoad\DeckSysScan\dss.exe
C:\PROGRA~2\TRENDM~1\HIJACK~1\Administrator.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
F2 - REG:system.ini: UserInit=userinit
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll
O3 - Toolbar: gxvpsafm - {A60C6234-48AB-4295-B542-24F8679FA15C} - C:\WINDOWS\gxvpsafm.dll (file missing)
O4 - HKLM\..\Run: [DU Meter] "C:\Program Files (x86)\DU Meter\DUMeter.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~2\Nero\data\xtras\mssysmgr.exe
O4 - HKCU\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [antivirus-2008pro.exe] C:\Program Files (x86)\Antivirus 2008 PRO\antivirus-2008pro.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O8 - Extra context menu item: Open using &Advanced JPEG Compressor - C:\Program Files (x86)\Advanced JPEG Compressor\ajcieex.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://runonce.msn.com
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqaio2/downloads/sysinfo.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1188116588203
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} (HPSDDX Class) - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) - http://www.linksysfix.com/netcheck/67/install/gtdownls.cab
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Block Level Filtering Service - Unknown owner - C:\WINDOWS\svchost.exe (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing)
O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\system32\Imapi.exe (file missing)
O23 - Service: MagicTuneEngine - Unknown owner - C:\Program Files (x86)\MagicTune Premium\MagicTuneEngine.exe
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc64.exe (file missing)
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Unknown owner - C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe (file missing)
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: SessionLauncher - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe (file missing)
O23 - Service: SupportSoft Sprocket Service (medicsp2) (sprtsvc_medicsp2) - SupportSoft, Inc. - C:\Program Files (x86)\twc\medicsp2\bin\sprtsvc.exe
O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)

--
End of file - 9252 bytes

-- File Associations -----------------------------------------------------------

.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 ACPI (Microsoft ACPI Driver) - c:\windows\system32\drivers\acpi.sys (file missing)
R0 atapi (Standard IDE/ESDI Hard Disk Controller) - c:\windows\system32\drivers\atapi.sys (file missing)
R0 crcdisk (CRC Disk Filter Driver) - c:\windows\system32\drivers\crcdisk.sys (file missing)
R0 Disk (Disk Driver) - c:\windows\system32\drivers\disk.sys (file missing)
R0 dmio (Logical Disk Manager Driver) - c:\windows\system32\drivers\dmio.sys (file missing)
R0 dmload - c:\windows\system32\drivers\dmload.sys (file missing)
R0 FltMgr - c:\windows\system32\drivers\fltmgr.sys (file missing)
R0 Ftdisk (Volume Manager Driver) - c:\windows\system32\drivers\ftdisk.sys (file missing)
R0 isapnp (PnP ISA/EISA Bus Driver) - c:\windows\system32\drivers\isapnp.sys (file missing)
R0 KSecDD - c:\windows\system32\drivers\ksecdd.sys (file missing)
R0 MountMgr (Mount Point Manager) - c:\windows\system32\drivers\mountmgr.sys (file missing)
R0 Mup - c:\windows\system32\drivers\mup.sys (file missing)
R0 NDIS (NDIS System Driver) - c:\windows\system32\drivers\ndis.sys (file missing)
R0 ohci1394 (VIA OHCI Compliant IEEE 1394 Host Controller) - c:\windows\system32\drivers\ohci1394.sys (file missing)
R0 PartMgr (Partition Manager) - c:\windows\system32\drivers\partmgr.sys (file missing)
R0 PCI (PCI Bus Driver) - c:\windows\system32\drivers\pci.sys (file missing)
R0 PCIIde - c:\windows\system32\drivers\pciide.sys (file missing)
R0 PxHlpa64 - c:\windows\system32\drivers\pxhlpa64.sys (file missing)
R0 sr (System Restore Filter Driver) - c:\windows\system32\drivers\sr.sys (file missing)
R0 VolSnap (Storage volumes) - c:\windows\system32\drivers\volsnap.sys (file missing)
R1 AFD - c:\windows\system32\drivers\afd.sys (file missing)
R1 aswSP (avast! Self Protection) - c:\windows\system32\drivers\aswsp.sys (file missing)
R1 aswTdi (avast! Network Shield Support) - c:\windows\system32\drivers\aswtdi.sys (file missing)
R1 Beep - c:\windows\system32\drivers\beep.sys (file missing)
R1 Cdrom (CD-ROM Driver) - c:\windows\system32\drivers\cdrom.sys (file missing)
R1 Fips - c:\windows\system32\drivers\fips.sys (file missing)
R1 i8042prt (i8042 Keyboard and PS/2 Mouse Port Driver) - c:\windows\system32\drivers\i8042prt.sys (file missing)
R1 imapi (CD-Burning Filter Driver) - c:\windows\system32\drivers\imapi.sys (file missing)
R1 IPSec (IPSEC driver) - c:\windows\system32\drivers\ipsec.sys (file missing)
R1 Kbdclass (Keyboard Class Driver) - c:\windows\system32\drivers\kbdclass.sys (file missing)
R1 mnmdd - c:\windows\system32\drivers\mnmdd.sys (file missing)
R1 Mouclass (Mouse Class Driver) - c:\windows\system32\drivers\mouclass.sys (file missing)
R1 MRxSmb - c:\windows\system32\drivers\mrxsmb.sys (file missing)
R1 Msfs - c:\windows\system32\drivers\msfs.sys (file missing)
R1 NetBIOS (NetBIOS Interface) - c:\windows\system32\drivers\netbios.sys (file missing)
R1 NetBT (NetBios over Tcpip) - c:\windows\system32\drivers\netbt.sys (file missing)
R1 Npfs - c:\windows\system32\drivers\npfs.sys (file missing)
R1 Null - c:\windows\system32\drivers\null.sys (file missing)
R1 RasAcd (Remote Access Auto Connection Driver) - c:\windows\system32\drivers\rasacd.sys (file missing)
R1 Rdbss - c:\windows\system32\drivers\rdbss.sys (file missing)
R1 RDPCDD - c:\windows\system32\drivers\rdpcdd.sys (file missing)
R1 redbook (Digital CD Audio Playback Filter Driver) - c:\windows\system32\drivers\redbook.sys (file missing)
R1 Serial (Serial port driver) - c:\windows\system32\drivers\serial.sys (file missing)
R1 Tcpip (TCP/IP Protocol Driver) - c:\windows\system32\drivers\tcpip.sys (file missing)
R1 TermDD (Terminal Device Driver) - c:\windows\system32\drivers\termdd.sys (file missing)
R1 VgaSave (VGA Display Controller.) - c:\windows\system32\drivers\vga.sys (file missing)
R2 aswFsBlk - c:\windows\system32\drivers\aswfsblk.sys (file missing)
R2 aswMonFlt - c:\windows\system32\drivers\aswmonflt.sys (file missing)
R2 CdaC15BA - c:\windows\system32\drivers\cdac15ba.sys (file missing)
R2 CdaD10BA - c:\windows\system32\drivers\cdad10ba.sys (file missing)
R2 Secdrv (Security Driver) - c:\windows\system32\drivers\secdrv.sys (file missing)
R3 AmdK8 (AMD K8 Processor Driver) - c:\windows\system32\drivers\amdk8.sys (file missing)
R3 aswRdr - c:\windows\system32\drivers\aswrdr.sys (file missing)
R3 audstub (Audio Stub Driver) - c:\windows\system32\drivers\audstub.sys (file missing)
R3 Fdc (Floppy Disk Controller Driver) - c:\windows\system32\drivers\fdc.sys (file missing)
R3 Flpydisk (Floppy Disk Driver) - c:\windows\system32\drivers\flpydisk.sys (file missing)
R3 Gpc (Generic Packet Classifier) - c:\windows\system32\drivers\msgpc.sys (file missing)
R3 HTTP - c:\windows\system32\drivers\http.sys (file missing)
R3 IpNat (IP Network Address Translator) - c:\windows\system32\drivers\ipnat.sys (file missing)
R3 kmixer (Microsoft Kernel Wave Audio Mixer) - c:\windows\system32\drivers\kmixer.sys (file missing)
R3 ksthunk (Kernel Streaming WOW64 Thunk Service) - c:\windows\system32\drivers\ksthunk.sys (file missing)
R3 MRxDAV (WebDav Client Redirector) - c:\windows\system32\drivers\mrxdav.sys (file missing)
R3 mssmbios (Microsoft System Management BIOS Driver) - c:\windows\system32\drivers\mssmbios.sys (file missing)
R3 NdisTapi (Remote Access NDIS TAPI Driver) - c:\windows\system32\drivers\ndistapi.sys (file missing)
R3 Ndisuio (NDIS Usermode I/O Protocol) - c:\windows\system32\drivers\ndisuio.sys (file missing)
R3 NdisWan (Remote Access NDIS WAN Driver) - c:\windows\system32\drivers\ndiswan.sys (file missing)
R3 NDProxy (NDIS Proxy) - c:\windows\system32\drivers\ndproxy.sys (file missing)
R3 nv - c:\windows\system32\drivers\nv4_mini.sys (file missing)
R3 nvax (Service for NVIDIA(R) nForce(TM) Audio Enumerator) - c:\windows\system32\drivers\nvax64.sys (file missing)
R3 NVENETFD (NVIDIA nForce Networking Controller Driver) - c:\windows\system32\drivers\nvenetfd.sys (file missing)
R3 nvnetbus (NVIDIA Network Bus Enumerator) - c:\windows\system32\drivers\nvnetbus.sys (file missing)
R3 nvnforce (Service for NVIDIA(R) nForce(TM) Audio) - c:\windows\system32\drivers\nvapu64.sys (file missing)
R3 Parport (Parallel port driver) - c:\windows\system32\drivers\parport.sys (file missing)
R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys (file missing)
R3 PptpMiniport (WAN Miniport (PPTP)) - c:\windows\system32\drivers\raspptp.sys (file missing)
R3 PSched (QoS Packet Scheduler) - c:\windows\system32\drivers\psched.sys (file missing)
R3 Ptilink (Direct Parallel Link Driver) - c:\windows\system32\drivers\ptilink.sys (file missing)
R3 Rasl2tp (WAN Miniport (L2TP)) - c:\windows\system32\drivers\rasl2tp.sys (file missing)
R3 RasPppoe (Remote Access PPPOE Driver) - c:\windows\system32\drivers\raspppoe.sys (file missing)
R3 Raspti (Direct Parallel) - c:\windows\system32\drivers\raspti.sys (file missing)
R3 rdpdr (Terminal Server Device Redirector Driver) - c:\windows\system32\drivers\rdpdr.sys (file missing)
R3 serenum (Serenum Filter Driver) - c:\windows\system32\drivers\serenum.sys (file missing)
R3 Srv - c:\windows\system32\drivers\srv.sys (file missing)
R3 swenum (Software Bus Driver) - c:\windows\system32\drivers\swenum.sys (file missing)
R3 sysaudio (Microsoft Kernel System Audio Device) - c:\windows\system32\drivers\sysaudio.sys (file missing)
R3 Update (Microcode Update Driver) - c:\windows\system32\drivers\update.sys (file missing)
R3 usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - c:\windows\system32\drivers\usbehci.sys (file missing)
R3 usbhub (USB2 Enabled Hub) - c:\windows\system32\drivers\usbhub.sys (file missing)
R3 usbohci (Microsoft USB Open Host Controller Miniport Driver) - c:\windows\system32\drivers\usbohci.sys (file missing)
R3 usbprint (Microsoft USB PRINTER Class) - c:\windows\system32\drivers\usbprint.sys (file missing)
R3 Wanarp (Remote Access IP ARP Driver) - c:\windows\system32\drivers\wanarp.sys (file missing)
R3 wdmaud (Microsoft WINMM WDM Audio Compatibility Driver) - c:\windows\system32\drivers\wdmaud.sys (file missing)
R4 Cdfs - c:\windows\system32\drivers\cdfs.sys (file missing)
R4 Ntfs - c:\windows\system32\drivers\ntfs.sys (file missing)

S1 NCPro - c:\windows\system32\drivers\mtictwl.sys <Not Verified; Samsung Electronics, Inc.; MagicTunePremium>
S1 Sfloppy - c:\windows\system32\drivers\sfloppy.sys (file missing)
S2 MLPTDR_Q - c:\windows\system32\mlptdr_q.sys <Not Verified; KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.; >
S3 aec (Microsoft Kernel Acoustic Echo Canceller) - c:\windows\system32\drivers\aec.sys (file missing)
S3 ALCXWDM (Service for Realtek AC97 Audio (WDM)) - c:\windows\system32\drivers\alcwdm64.sys (file missing)
S3 Arp1394 (1394 ARP Client Protocol) - c:\windows\system32\drivers\arp1394.sys (file missing)
S3 AsyncMac (RAS Asynchronous Media Driver) - c:\windows\system32\drivers\asyncmac.sys (file missing)
S3 ATICDSDr - c:\docume~1\admini~1\locals~1\temp\aticdsdr.sys (file missing)
S3 Atmarpc (ATM ARP Client Protocol) - c:\windows\system32\drivers\atmarpc.sys (file missing)
S3 Ip6Fw (IPv6 Windows Firewall Driver) - c:\windows\system32\drivers\ip6fw.sys (file missing)
S3 IpFilterDriver (IP Traffic Filter Driver) - c:\windows\system32\drivers\ipfltdrv.sys (file missing)
S3 IpInIp (IP in IP Tunnel Driver) - c:\windows\system32\drivers\ipinip.sys (file missing)
S3 IRENUM (IR Enumerator Service) - c:\windows\system32\drivers\irenum.sys (file missing)
S3 MagicTune - c:\windows\system32\drivers\mtictwl.sys <Not Verified; Samsung Electronics, Inc.; MagicTunePremium>
S3 Modem - c:\windows\system32\drivers\modem.sys (file missing)
S3 MSKSSRV (Microsoft Streaming Service Proxy) - c:\windows\system32\drivers\mskssrv.sys (file missing)
S3 MSPCLOCK (Microsoft Streaming Clock Proxy) - c:\windows\system32\drivers\mspclock.sys (file missing)
S3 MSPQM (Microsoft Streaming Quality Manager Proxy) - c:\windows\system32\drivers\mspqm.sys (file missing)
S3 muIO - c:\windows\system32\muio.sys (file missing)
S3 NIC1394 (1394 Net Driver) - c:\windows\system32\drivers\nic1394.sys (file missing)
S3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
S3 RDPWD - c:\windows\system32\drivers\rdpwd.sys (file missing)
S3 splitter (Microsoft Kernel Audio Splitter) - c:\windows\system32\drivers\splitter.sys (file missing)
S3 swmidi (Microsoft Kernel GS Wavetable Synthesizer) - c:\windows\system32\drivers\swmidi.sys (file missing)
S3 TDPIPE - c:\windows\system32\drivers\tdpipe.sys (file missing)
S3 TDTCP - c:\windows\system32\drivers\tdtcp.sys (file missing)
S3 USBSTOR (USB Mass Storage Driver) - c:\windows\system32\drivers\usbstor.sys (file missing)
S3 vga - c:\windows\system32\drivers\vgapnp.sys (file missing)
S3 WudfPf (Windows Driver Foundation - User-mode Driver Framework Platform Driver) - c:\windows\system32\drivers\wudfpf.sys (file missing)
S3 WudfRd (Windows Driver Foundation - User-mode Driver Framework Reflector) - c:\windows\system32\drivers\wudfrd.sys (file missing)
S4 ACPIEC - c:\windows\system32\drivers\acpiec.sys (file missing)
S4 dmboot - c:\windows\system32\drivers\dmboot.sys (file missing)
S4 Fastfat - c:\windows\system32\drivers\fastfat.sys (file missing)
S4 Pcmcia - c:\windows\system32\drivers\pcmcia.sys (file missing)
S4 Udfs - c:\windows\system32\drivers\udfs.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Eventlog (Event Log) - c:\windows\system32\services.exe (file missing)
R2 MagicTuneEngine - c:\program files (x86)\magictune premium\magictuneengine.exe
R2 NVSvc (NVIDIA Display Driver Service) - c:\windows\system32\nvsvc64.exe (file missing)
R2 PlugPlay (Plug and Play) - c:\windows\system32\services.exe (file missing)
R2 PolicyAgent (IPSEC Services) - c:\windows\system32\lsass.exe (file missing)
R2 ProtectedStorage (Protected Storage) - c:\windows\system32\lsass.exe (file missing)
R2 SamSs (Security Accounts Manager) - c:\windows\system32\lsass.exe (file missing)
R2 sprtsvc_medicsp2 (SupportSoft Sprocket Service (medicsp2)) - c:\program files (x86)\twc\medicsp2\bin\sprtsvc.exe /service /p medicsp2
R2 Viewpoint Manager Service - "c:\program files (x86)\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>
R3 HTTPFilter (HTTP SSL) - c:\windows\system32\lsass.exe (file missing)

S2 Block Level Filtering Service - c:\windows\svchost.exe (file missing)
S2 RoxLiveShare10 (LiveShare P2P Server 10) - "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\roxliveshare10.exe" (file missing)
S2 SessionLauncher - c:\docume~1\admini~1\locals~1\temp\dx9\sessionlauncher.exe (file missing)
S3 dmadmin (Logical Disk Manager Administrative Service) - c:\windows\system32\dmadmin.exe /com (file missing)
S3 ImapiService (IMAPI CD-Burning COM Service) - c:\windows\system32\imapi.exe (file missing)
S3 MSDTC (Distributed Transaction Coordinator) - c:\windows\system32\msdtc.exe (file missing)
S3 NBService - c:\program files (x86)\nero\nero 7\nero backitup\nbservice.exe
S3 Netlogon (Net Logon) - c:\windows\system32\lsass.exe (file missing)
S3 NtLmSsp (NT LM Security Support Provider) - c:\windows\system32\lsass.exe (file missing)
S3 RDSessMgr (Remote Desktop Help Session Manager) - c:\windows\system32\sessmgr.exe (file missing)
S3 vds (Virtual Disk Service) - c:\windows\system32\vds.exe (file missing)
S3 VSS (Volume Shadow Copy) - c:\windows\system32\vssvc.exe (file missing)
S3 WmiApSrv (WMI Performance Adapter) - c:\windows\system32\wbem\wmiapsrv.exe (file missing)
S4 TlntSvr (Telnet) - c:\windows\system32\tlntsvr.exe (file missing)


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\CCAA746100
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\CCAA746100
Service: NIC1394


-- Scheduled Tasks -------------------------------------------------------------

2008-07-02 01:41:00 330 --ah----- C:\WINDOWS\Tasks\MP Scheduled Scan.job
2008-06-15 19:14:00 554 --a------ C:\WINDOWS\Tasks\CAAntiSpywareScan_Daily as Administrator at 6 14 PM.job


-- Files created between 2008-06-02 and 2008-07-02 -----------------------------

2008-07-01 23:49:54 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2008-07-01 23:20:20 0 d-------- C:\Program Files (x86)\Trend Micro
2008-06-28 13:40:36 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-15 00:39:58 0 d-------- C:\Documents and Settings\All Users\Application Data\Elaborate Bytes
2008-06-15 00:34:03 0 d-------- C:\Program Files (x86)\Elaborate Bytes
2008-06-15 00:32:59 0 d-------- C:\Documents and Settings\All Users\Application Data\SlySoft
2008-06-15 00:29:10 0 d-------- C:\Program Files (x86)\SlySoft
2008-06-08 13:15:31 0 d-------- C:\Program Files (x86)\CDisplay


-- Find3M Report ---------------------------------------------------------------

2008-07-01 06:24:07 0 d-------- C:\Program Files (x86)\AIM6
2008-07-01 06:23:49 0 d-------- C:\Program Files (x86)\Viewpoint
2008-06-28 10:29:50 0 d-------- C:\Program Files (x86)\DivX
2008-06-28 10:08:38 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe
2008-06-26 19:03:06 0 d-------- C:\Documents and Settings\Administrator\Application Data\uTorrent
2008-06-25 15:47:37 0 d-------- C:\Documents and Settings\Administrator\Application Data\Vso
2008-06-24 23:08:02 0 d-------- C:\Program Files (x86)\Super Internet TV
2008-06-24 23:04:39 0 d-------- C:\Program Files (x86)\Satellite TV for PC
2008-06-20 01:29:24 0 d-------- C:\Documents and Settings\Administrator\Application Data\dvdcss
2008-06-19 12:51:03 0 d-------- C:\Documents and Settings\Administrator\Application Data\mpeg dent
2008-06-16 16:53:14 0 d-------- C:\Program Files (x86)\Roxio
2008-06-16 16:53:14 0 d-------- C:\Program Files (x86)\Common Files
2008-06-15 12:16:16 0 d-------- C:\Program Files (x86)\Common Files\Roxio Shared
2008-06-15 12:06:35 0 d-------- C:\Program Files (x86)\DjToneXpress
2008-06-15 12:05:58 0 d-------- C:\Program Files (x86)\Brother
2008-06-15 12:05:42 0 d--h----- C:\Program Files (x86)\InstallShield Installation Information
2008-06-15 00:57:33 9728 --a------ C:\Documents and Settings\Administrator\Application Data\DMX.bmk
2008-06-10 09:39:44 0 d-------- C:\Program Files (x86)\TClockEx
2008-06-01 03:57:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\DVDFab
2008-05-30 19:22:48 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2008-05-30 19:22:48 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-30 19:22:48 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-30 19:22:46 815104 --a------ C:\WINDOWS\system32\divx_xx0a.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-30 19:22:46 683520 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-22 18:22:18 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-05-22 18:19:46 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2008-05-22 18:19:46 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-05-22 18:18:54 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2008-05-07 13:55:28 0 d-------- C:\Program Files (x86)\DVDFab Platinum 4
2008-05-04 12:34:26 0 d-------- C:\Documents and Settings\Administrator\Application Data\Roxio
2008-05-02 14:08:23 0 d-------- C:\Program Files (x86)\SmartSound Software
2008-05-02 14:07:39 0 d-------- C:\Program Files (x86)\Common Files\InstallShield
2008-05-02 12:34:07 34 --a------ C:\Documents and Settings\Administrator\Application Data\pcouffin.log
2008-05-02 12:33:51 7859 --a------ C:\Documents and Settings\Administrator\Application Data\pcouffin.cat
2008-05-02 12:28:42 0 d-------- C:\Program Files (x86)\DVDFab


-- Registry Dump ---------------------------------------------------------------



-- End of Deckard's System Scanner: finished at 2008-07-02 10:55:45 ------------

*****

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft(R) Windows(R) XP Professional x64 Edition (build 3790) SP 2.0
Architecture: X64; Language: English

CPU 0: AMD Athlon(tm) 64 Processor 3200+
Percentage of Memory in Use: 48%
Physical Memory (total/avail): 2047.38 MiB / 1056.87 MiB
Pagefile Memory (total/avail): 3967.13 MiB / 3085.9 MiB
Virtual Memory (total/avail): 4095.88 MiB / 3943.58 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 186.31 GiB total, 57.31 GiB free.
D: is Fixed (NTFS) - 465.75 GiB total, 96.7 GiB free.
E: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - WDC WD2000JB-00GVA0 - 186.31 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 186.31 GiB - C:

\\.\PHYSICALDRIVE1 - WDC WD5000AAKB-00UKA0 - 465.76 GiB - 1 partition
\PARTITION0 - Extended w/Extended Int 13 - 465.75 GiB - D:



-- Security Center -------------------------------------------------------------

Windows Internal Firewall is enabled.

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files (x86)\\Azureus\\Azureus.exe"="C:\\Program Files (x86)\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files (x86)\\BitTornado\\btdownloadgui.exe"="C:\\Program Files (x86)\\BitTornado\\btdownloadgui.exe:*:Enabled:btdownloadgui"
"C:\\Program Files (x86)\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files (x86)\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files (x86)\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files (x86)\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files (x86)\\CounterPath\\X-Lite\\x-lite.exe"="C:\\Program Files (x86)\\CounterPath\\X-Lite\\x-lite.exe:*:Enabled:X-Lite"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files (x86)\\Common Files\\Ahead\\Nero Web\\SetupX.exe"="C:\\Program Files (x86)\\Common Files\\Ahead\\Nero Web\\SetupX.exe:*:Enabled:MSI starter"
"C:\\Program Files (x86)\\Nero\\Nero SIPPS\\Phone.exe"="C:\\Program Files (x86)\\Nero\\Nero SIPPS\\Phone.exe:*:Enabledhone"
"C:\\Program Files (x86)\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"="C:\\Program Files (x86)\\Nero\\Nero 7\\Nero Home\\NeroHome.exe:*:Enabled:Nero Home"
"C:\\Program Files (x86)\\AIM6\\aim6.exe"="C:\\Program Files (x86)\\AIM6\\aim6.exe:*:Enabled:AIM"
"C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe"="C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\DownLoad\\Linksys\\upg-pap2t-5-1-5.exe"="C:\\DownLoad\\Linksys\\upg-pap2t-5-1-5.exe:*:Enabled:upg-pap2t-5-1-5"
"C:\\Program Files (x86)\\ZakFromAnotherPlanet\\Yazak Chat\\yazak.exe"="C:\\Program Files (x86)\\ZakFromAnotherPlanet\\Yazak Chat\\yazak.exe:*:Enabled:yazak"
"C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe"="C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files (x86)\\uTorrent\\uTorrent.exe"="C:\\Program Files (x86)\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files (x86)\\FlashGet\\flashget.exe"="C:\\Program Files (x86)\\FlashGet\\flashget.exe:*:Enabled:FlashGet"
"C:\\Program Files (x86)\\SopCast\\SopCast.exe"="C:\\Program Files (x86)\\SopCast\\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\\Program Files (x86)\\SopCast\\adv\\SopAdver.exe"="C:\\Program Files (x86)\\SopCast\\adv\\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\\Program Files (x86)\\TVUPlayer\\TVUPlayer.exe"="C:\\Program Files (x86)\\TVUPlayer\\TVUPlayer.exe:*:Enabled:TVUPlayer Component"
"C:\\WINDOWS\\system32\\spool\\drivers\\x64\\3\\HP1006MC.EXE"="C:\\WINDOWS\\system32\\spool\\drivers\\x64\\3\\HP1006MC.EXE:*:Enabled:SMLMProxy Module - HP1006MC.EXE"
"C:\\Documents and Settings\\Administrator\\Local Settings\\Temp\\Nero Web\\SetupXu.exe"="C:\\Documents and Settings\\Administrator\\Local Settings\\Temp\\Nero Web\\SetupXu.exe:*:Enabled:MSI starter"
"C:\\Program Files (x86)\\Common Files\\Roxio Shared\\10.0\\SharedCOM\\RoxWatchTray10.exe"="C:\\Program Files (x86)\\Common Files\\Roxio Shared\\10.0\\SharedCOM\\RoxWatchTray10.exe:*:Enabled:RoxMMTrayApp Module"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"C:\\Program Files (x86)\\21cn\\VGO\\Clt.exe"="C:\\Program Files (x86)\\21cn\\VGO\\Clt.exe:*isabled:21CN VGO LIVE"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*isabled:Microsoft DirectPlay Voice Test"
"C:\\WINDOWS\\system32\\mmc.exe"="C:\\WINDOWS\\system32\\mmc.exe:*isabled:Microsoft Management Console"
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*isabledxpsp2res.dll,-22019"
"C:\\Program Files (x86)\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files (x86)\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Administrator\Application Data
CLASSPATH=.;C:\Program Files (x86)\Java\jre1.6.0_02\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files (x86)\Common Files
CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files
CommonProgramW6432=C:\Program Files\Common Files
COMPUTERNAME=COMPUTER11
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Administrator
LOGONSERVER=\\COMPUTER11
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\WBEM;C:\Program Files (x86)\QuickTime Alternative\QTSystem\;C:\Program Files (x86)\Common Files\Ulead Systems\MPEG;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_ARCHITEW6432=AMD64
PROCESSOR_IDENTIFIER=AMD64 Family 15 Model 47 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=2f02
ProgramFiles=C:\Program Files (x86)
ProgramFiles(x86)=C:\Program Files (x86)
ProgramW6432=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files (x86)\Java\jre1.6.0_02\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
USERDOMAIN=COMPUTER11
USERNAME=Administrator
USERPROFILE=C:\Documents and Settings\Administrator
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files (x86)\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\Program Files (x86)\DivX\DivXConverterUninstall.exe /CONVERTER
--> C:\Program Files (x86)\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
µTorrent --> "C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
AC-3 ACM Codec --> C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\AC3ACM.inf
AC3Filter (remove only) --> C:\Program Files (x86)\AC3Filter\uninstall.exe
Ad-Aware SE Personal --> MsiExec.exe /X{78CC3BAB-DE2A-4FB4-8FBB-E4DADDC26747}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\SysWOW64\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 6.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-000000000001}
Advanced JPEG Compressor 5.0 --> "C:\Program Files (x86)\Advanced JPEG Compressor\unins000.exe"
Advanced WindowsCare 2.55 Personal --> "C:\Program Files (x86)\IObit\Advanced WindowsCare V2\unins000.exe"
AIM 6 --> C:\Program Files (x86)\AIM6\uninst.exe
Apple Software Update --> MsiExec.exe /I{74EC78BC-B379-4E29-9006-8F161DCAABA6}
avast! Antivirus --> C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AVIcodec (remove only) --> "C:\Program Files (x86)\AVIcodec\uninst.exe"
Azureus 3.0 --> C:\Program Files (x86)\Azureus\uninstall.exe
BIMP Lite 1.62 --> "C:\Program Files (x86)\BIMP Lite\uninstall.exe"
BitTornado 0.3.17 --> C:\Program Files (x86)\BitTornado\uninst.exe
Buddy Spy 2.2.19 --> "C:\Program Files (x86)\Buddy Spy\unins000.exe"
CCleaner (remove only) --> "C:\Program Files (x86)\CCleaner\uninst.exe"
CDisplay 1.8 --> "C:\Program Files (x86)\CDisplay\unins000.exe"
Coupon Printer for Windows --> "C:\Program Files (x86)\Coupons\uninstall.exe" "/U:C:\Program Files (x86)\Coupons\Uninstall\uninstall.xml"
DirectXInstallService --> MsiExec.exe /X{098122AB-C605-4853-B441-C0A4EB359B75}
DivX Codec --> C:\Program Files (x86)\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter --> C:\Program Files (x86)\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files (x86)\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files (x86)\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Driver Genius Professional Edition 2007 --> "C:\Program Files (x86)\Driver-Soft\DriverGenius\unins000.exe"
DU Meter --> "C:\Program Files (x86)\DU Meter\unins000.exe"
DVD Decrypter (Remove Only) --> "C:\Program Files (x86)\DVD Decrypter\uninstall.exe"
DVD Shrink 3.2 --> "C:\Program Files (x86)\DVD Shrink\unins000.exe"
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.3.0 --> "C:\DownLoad\dvdfab\DVDFab 5\unins000.exe"
DVDFab Platinum 4.1.2.0 Final by Team RES --> "C:\Program Files (x86)\DVDFab Platinum 4\unins000.exe"
EMC 10 Content --> MsiExec.exe /X{FDB46DE7-9045-47BB-970A-3E4ED5369E03}
EPoX Magic BIOS --> "C:\Program files\EPoX\Magic BIOS\SETUP.EXE" "-UNINSTALL"
ffdshow [rev 1431] [2007-08-21] --> "C:\Program Files (x86)\ffdshow\unins000.exe"
FLAC Installer 1.1.3b (remove only) --> C:\Program Files (x86)\FLAC\uninstall.exe
HijackThis 2.0.2 --> "C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP LaserJet P1000 series --> C:\Program Files (x86)\Avago-HP\{9b580db5-659d-4909-87d7-8e2d11af5d63}\uninstall.exe SYSTEMHORNET "C:\Program Files (x86)\Avago-HP\{9b580db5-659d-4909-87d7-8e2d11af5d63}"
HPSSupply --> MsiExec.exe /X{7902E313-FF0F-4493-ACB1-A8147B78DCD0}
HTML Executable IERuntime --> C:\Program Files (x86)\Common Files\HTML Executable Viewer\{AF358AB7-0CEF-40B5-A569-D27F8F38232D}\heieunin.exe
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
MagicTune Premium --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D6044256-A309-43B5-9833-D3FAFE2AD24D}\setup.exe" -l0x9
Microsoft .NET Framework 1.1 --> msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1 --> MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1 Hotfix (KB928366) --> "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mozilla Firefox (2.0.0.14) --> C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSN --> C:\Program Files (x86)\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
Natural Color Pro --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FC2C7405-BC58-4E11-8F51-29671BEAC06B}\setup.exe" -l0x9
Nero 7 Ultra Edition --> MsiExec.exe /X{26D3E377-1DCA-4043-9410-B4A9BACF1033}
Nero Mega Plugin Pack --> MsiExec.exe /I{EF901A4B-A25A-4962-83C6-C6691D062ED9}
Nero PhotoShow Express --> "C:\Program Files (x86)\Nero\data\Xtras\Uninstall.exe"
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Netflix Movie Viewer --> MsiExec.exe /X{BCE72AED-3332-4863-9567-C5DCB9052CA2}
NvMixer --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D7A6C517-11F2-419F-B5BB-27772B939698}\Setup.exe" -uninstall
PlexTools Professional LE V3.13 --> MsiExec.exe /X{6BBBF697-2642-4C52-99F6-7EFAB32EEC49}
QuickTime --> MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
QuickTime Alternative 1.81 --> "C:\Program Files (x86)\QuickTime Alternative\unins000.exe"
Real Alternative 1.52 --> "C:\Program Files (x86)\Real Alternative\unins000.exe"
RealPlayer --> C:\Program Files (x86)\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek AC'97 Audio --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\Setup.exe" -l0x9 -removeonly
Road Runner Medic 6.1 --> "C:\Program Files (x86)\twc\medicsp2\unins000.exe"
Roxio Activation Module --> MsiExec.exe /I{EC877639-07AB-495C-BFD1-D63AF9140810}
save2pc Light 3.01 --> "C:\Program Files (x86)\FDRLab\save2pc\unins000.exe"
Security Update for Windows XP (KB923789) --> C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
ShrinkTo5Basic --> C:\Program Files (x86)\ShrinkTo5Basic\uninstall.exe
SmartSound Quicktracks Plugin --> C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
Spybot - Search & Destroy --> "C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe"
Super Internet TV v7.11 --> "C:\Program Files (x86)\Super Internet TV\unins000.exe"
System Requirements Lab --> C:\Program Files (x86)\SystemRequirementsLab\Uninstall.exe
TV --> C:\Program Files (x86)\TV\Uninstall.EXE /u:"TV"
TVAnts 1.0 --> C:\PROGRA~2\TVAnts\UNWISE.EXE C:\PROGRA~2\TVAnts\INSTALL.LOG
TVUPlayer 2.3.5.4 --> C:\Program Files (x86)\TVUPlayer\uninst.exe
Ulead DVD MovieFactory 2.5 SE --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88F93347-0F9B-4FED-BA71-6C2A4CDFE61D}\setup.exe" -l0x9
Ulead VideoStudio 7 SE DVD --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{757AD3D4-036B-42FA-B0A4-96BD6F4605A0}\setup.exe" -l0x9
VBRunDLL 3.2 --> C:\PROGRA~2\ZAKFRO~1\VBRunDLL\Setup.exe /remove
VideoLAN VLC media player 0.8.6c --> C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Viewpoint Media Player --> C:\Program Files (x86)\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
Windows Media Encoder 9 Series --> msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series --> MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
WinRAR archiver --> C:\Program Files (x86)\WinRAR\uninstall.exe
WinZip --> "C:\Program Files (x86)\WinZip\WINZIP32.EXE" /uninstall
Yahoo! Messenger --> C:\PROGRA~2\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~2\Yahoo!\MESSEN~1\INSTALL.LOG
Yazak Chat 8.82.4 --> C:\PROGRA~2\ZAKFRO~1\YAZAKC~1\Setup.exe /remove


-- Application Event Log -------------------------------------------------------

Event Record #/Type169 / Error
Event Submitted/Written: 06/28/2008 01:53:38 PM
Event ID/Source: 1001 / Application Hang
Event Description:
Fault bucket 638272710.

Event Record #/Type168 / Error
Event Submitted/Written: 06/28/2008 01:53:34 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application TeaTimer.exe, version 1.5.2.16, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type147 / Warning
Event Submitted/Written: 06/26/2008 07:41:46 PM
Event ID/Source: 4356 / EventSystem
Event Description:
The COM+ Event System failed to create an instance of the subscriber {6CF90891-3E04-4092-B96C-28E071EEEACB}. StandardCreateInstance returned HRESULT 8000401A.

Event Record #/Type133 / Error
Event Submitted/Written: 06/26/2008 07:15:22 PM
Event ID/Source: 1001 / Application Error
Event Description:
Fault bucket 815566151.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Event Record #/Type131 / Error
Event Submitted/Written: 06/26/2008 07:15:17 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application lprn32.exe, version 0.0.0.0, faulting module lprn32.exe, version 0.0.0.0, fault address 0x00001291.
Processing media-specific event for [lprn32.exe!ws!]



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type5812204 / Error
Event Submitted/Written: 07/02/2008 10:55:45 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The MagicTune service failed to start due to the following error:
%%1275

Event Record #/Type5812203 / Error
Event Submitted/Written: 07/02/2008 10:55:45 AM
Event ID/Source: 1060 / Application Popup
Event Description:
\SystemRoot\SysWow64\drivers\MTiCtwl.sys has been blocked from loading due to incompatibility with this system. Please contact your software
vendor for a compatible version of the driver.

Event Record #/Type5812202 / Error
Event Submitted/Written: 07/02/2008 10:55:44 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The MagicTune service failed to start due to the following error:
%%1275

Event Record #/Type5812201 / Error
Event Submitted/Written: 07/02/2008 10:55:44 AM
Event ID/Source: 1060 / Application Popup
Event Description:
\SystemRoot\SysWow64\drivers\MTiCtwl.sys has been blocked from loading due to incompatibility with this system. Please contact your software
vendor for a compatible version of the driver.

Event Record #/Type5812200 / Error
Event Submitted/Written: 07/02/2008 10:55:44 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The MagicTune service failed to start due to the following error:
%%1275



-- End of Deckard's System Scanner: finished at 2008-07-02 10:55:45 ------------

 

[Shaba]

Hi

Uninstall this:

Java(TM) SE Runtime Environment 6 Update 1

Open HijackThis, click do a system scan only and checkmark these:

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O3 - Toolbar: gxvpsafm - {A60C6234-48AB-4295-B542-24F8679FA15C} - C:\WINDOWS\gxvpsafm.dll (file missing)
O4 - HKCU\..\Run: [antivirus-2008pro.exe] C:\Program Files (x86)\Antivirus 2008 PRO\antivirus-2008pro.exe

Close all windows including browser and press fix checked.

Reboot.

Delete if present:

C:\Program Files (x86)\Antivirus 2008 PRO

Empty Recycle Bin.
Please download Malwarebytes' Anti-Malware to your desktop.

• Double-click mbam-setup.exe and follow the prompts to install the program.
• At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select Perform full scan, then click Scan.
• When the scan is complete, click OK, then Show Results to view the results.
• Be sure that everything is checked, and click Remove Selected.
• When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be found here: C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
• Please post contents of that file in your next reply along with a fresh HijackThis log.

 

[zeyyxe]

As Shaba requested

Hey Shaba,
Malwarebytes' Anti-Malware 1.19
Database version: 915
Windows 5.2.3790 Service Pack 2

11:40:00 PM 7/2/2008
mbam-log-7-2-2008 (23-40-00).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 103086
Time elapsed: 26 minute(s), 25 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 7
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 382

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface\{7cf3c19f-131a-411a-8983-f5df7c7b8efa} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d6cb182b-1211-426b-8e68-1757f04dbe63} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a707b81b-1cb7-419e-9389-2f2e38a5c479} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c3bd3eac-9c71-45c9-b7a7-3ce52487bc61} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{8d193878-b80b-4617-91ac-294c1212e8fd} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\gxvpsafm.btgx (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\gxvpsafm.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\WINDOWS\system\logs (Backdoor.Bot) -> Quarantined and deleted successfully.

Files Infected:
C:\DownLoad\Nero6plus\UNZIP\Nero Keygen for all Nero APPZ & Plugins.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-AFGD 04.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-AFGD 05.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-AFGD 06.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-AFGD 07.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-AFGD 08.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-AGIG 21.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-AGIG 22.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-AWGW 13.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-AWGW 14.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-BKDF 05.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-BKDF 06.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-BKDF 07.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-BKDF 08.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-BKDF 09.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-BKDF 10.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-BSQR 01.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-BSQR 31.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-CCDE 18.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-CCDE 19.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-CCDE 20.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-CDOC 01.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-CDOC 02.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-CHBS 25.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-CHBS 26.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-CIYP 01.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-CIYP 02.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-CIYP 26.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-CIYP 27.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-CIYP 28.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-CIYP 29.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-CIYP 30.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-CIYP 31.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-CKDK 26.09.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-CKDK 27.09.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-COKF 18.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-COKF 19.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-CSRT 22.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-CSRT 23.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-CSRT 24.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-CSRT 25.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-CSRT 26.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-CSRT 27.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-CSRT 28.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-CSRT 29.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-CSRT 30.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-DDWA 22.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-DDWA 23.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-DJPD 01.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-DJPD 31.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-DKNJ 04.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-DKNJ 05.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-DKNJ 06.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-DQIL 14.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-DQIL 15.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-DQRQ 15.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-DYWF 16.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-DYWF 17.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-DYWF 18.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-DYWF 19.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-DYWF 20.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-DYWF 21.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-DYWF 22.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-DYWF 23.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-DYWF 24.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-DYWF 25.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-DYWF 26.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-DYWF 27.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-EACE 25.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-EACE 26.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-ECWO 26.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-EEBJ 10.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-EEBJ 11.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-EEBJ 12.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-EEBJ 13.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-EEBX 03.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-EEBX 04.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-EKIL 16.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-EKIL 17.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-EKIL 18.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-EORD 01.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-EORD 02.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-ERPP 26.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-ERPP 27.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-EYFN 15.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-FDFC 04.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-FDFC 05.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-FDFC 06.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-FQKN 14.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-FTOA 25.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-FTOA 26.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-GDIW 27.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-GDIW 28.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-GEDV 11.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-GEDV 12.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-GEDV 13.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-GEDV 14.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-GNSM 23.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-GNSM 24.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-GNSM 25.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-GRRQ 27.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-GRRQ 28.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-GRUU 24.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-GRUU 25.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-GRUU 26.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-GRUU 27.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-GRUU 28.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-GRUU 29.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-GRUU 30.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-GRUU 31.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-GXXT 02.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-GXXT 03.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-GXXT 04.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-GYGY 14.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-GYGY 15.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-GYGY 16.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-GYGY 17.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-GYGY 18.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-HBXC 01.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-HBXC 02.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-HBXC 03.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-HBXC 04.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-HFYE 15.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-HFYE 16.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-HFYE 17.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-HFYE 18.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-HTTC 07.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-HTTC 09.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-HTTC 10.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-HTTC 11.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-HTTC 12.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-HWBX 02.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-HYQW 29.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-HYQW 30.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-IAFR 28.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-IGAR 09.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-IGAR 10.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-IWHG 11.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-IWHG 12.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-IWHG 13.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-IWHG 14.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-IWRB 02.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-IWRB 03.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-IWRB 04.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-IWRB 05.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-JAJJ 22.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-JAJJ 23.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-JIUN 01.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-JIUN 02.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-JIUN 03.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-JIUN 04.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-JIUN 05.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-JIUN 06.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-JIUN 21.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-JIUN 22.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-JIUN 23.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-JIUN 24.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-JIUN 25.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-JIUN 26.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-JIUN 27.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-JIUN 28.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-JIUN 29.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-JLYK 20.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-JLYK 21.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-JSLS 14.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-JSLS 15.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-JWQL 26.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-JWQL 27.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-KBTL 14.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-KLAH 02.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-KLAH 03.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-KTGC 14.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-KTGC 15.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-KUHR 17.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-KUHR 18.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-LDLQ 12.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-LOCH 10.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-LOCH 11.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-LOOC 01.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-LOOC 02.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-LOOC 03.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-LOOC 04.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-LPIH 08.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-LPIH 09.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-LPIH 10.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-LPIH 11.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-LPIH 12.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-LPIH 13.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-LPIH 14.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-LTKL 18.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-LTKL 19.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-LTKL 20.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-LTKL 21.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-LUQE 24.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-LUQE 25.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-MAHU 15.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-MDEU 25.09.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-MDEU 26.09.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-MFRW 15.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-MFRW 16.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-MOPU 06.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-MOPU 07.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-MOPU 08.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-MOPU 09.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-MSVJ 14.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-NCVU 12.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-NCVU 13.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-NEMN 01.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-NEMN 29.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-NEMN 30.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-NEMN 31.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-NLFK 25.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-NPNN 09.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-NPNN 10.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-NXQX 04.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-OAWT 28.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-OAWT 29.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-OAWT 30.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-OSGM 14.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-OSGM 15.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-OSGM 16.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-OSGM 17.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-OSGM 18.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-OYPK 21.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-OYPK 22.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-PCWD 01.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-PCWD 27.09.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-PCWD 28.09.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-PCWD 29.09.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-PCWD 30.09.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-PKFJ 13.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-PKFJ 14.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-QCFL 18.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-QCFL 19.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-QCFL 20.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-QCFL 21.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-QLNE 18.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-QLNE 19.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-QLNE 20.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-QLNE 21.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-RKLC 15.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-RKLC 16.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-RKLC 17.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-RKLC 18.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-RKLC 19.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-RKLC 20.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-SAEW 13.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-SAEW 14.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-SKAX 04.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-SLLC 26.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-SLLC 27.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-SLLC 28.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-SLLC 29.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-SMHX 26.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-SMHX 27.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-SMHX 28.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-SMHX 29.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-SMHX 30.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-SQQP 25.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-SQQP 26.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-TCPQ 01.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-TCPQ 02.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-TCPQ 30.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-TDXV 15.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-TDXV 16.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-TDXV 17.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-TDXV 18.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-TEGQ 21.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-TIPT 14.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-TIPT 15.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-TIPT 16.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-TIPT 17.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-TJFJ 11.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-TJFJ 12.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-TJFJ 13.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-TJMK 12.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-TJMK 13.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-TJMK 14.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-TJSQ 02.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-TJSQ 03.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-TJSQ 04.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-TJSQ 05.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-TOCV 04.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-UCND 03.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-UCND 04.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-UCND 05.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-UCND 06.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-UCND 07.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-UCND 08.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-UIKX 19.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-UIKX 20.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-UIKX 21.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-UITC 23.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-UITC 24.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-UITC 25.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-ULHF 10.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-ULHF 11.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-UVLR 01.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-UVLR 02.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-UVLR 30.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-UVLR 31.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-UWVI 04.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-UWVI 05.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-UWVI 06.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-UWVI 07.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-UWVI 08.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-UWVI 09.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-VDTS 07.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-VDTS 08.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-VFNT 08.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-VFNT 09.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-VFNT 10.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-VPKH 09.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-VPKH 10.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-VPKH 11.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-VRUP 21.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-VRUP 22.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-VRUP 23.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-VRUP 24.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-VTPP 23.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-VTPP 24.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-VTPP 25.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-WEVW 20.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-WEVW 21.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-WEVW 22.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-WEVW 23.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-WJKL 21.04.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-WLGM 10.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-WLGM 11.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-WLGM 12.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-WLGM 13.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-WLGM 14.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-WLGM 15.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-WLGM 16.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-WVAX 21.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-WVAX 22.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-WXXP 06.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-WXXP 07.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-XCAP 14.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-XCAP 15.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-XCAP 16.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-XCAP 17.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-XCAP 18.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-XDEE 04.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-XDEE 05.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-XDEE 06.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-XDEE 07.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-XJAO 09.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-XJAO 10.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-XQSQ 23.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-XQSQ 24.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-XQSQ 25.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-XQXH 02.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-XQXH 03.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-XQXH 04.02.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-XURR 08.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-XURR 09.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-XURR 10.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-XURR 11.01.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-XXIM 07.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-XXIM 08.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-XXIM 09.03.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-YIIH 28.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-YIIH 29.10.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-YMPX 05.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-YMPX 06.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-YMPX 07.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-YMPX 08.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-YMPX 09.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-YNNE 01.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-YNNE 02.12.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-YNNE 30.11.2007.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-YUSM 22.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-YUSM 23.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-YUSM 24.05.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-YVNK 18.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-YVNK 19.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-YVNK 20.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-YVNK 21.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-YVNK 22.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system\logs\COMPUTER11-YVNK 23.06.2008.log (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus-2008pro.lnk (Rogue.Antivirus) -> Quarantined and deleted successfully.

*****

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:43:15 PM, on 7/2/2008
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v7.00 SP2 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files (x86)\MagicTune Premium\MagicTuneEngine.exe
C:\Program Files (x86)\twc\medicsp2\bin\sprtsvc.exe
C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files (x86)\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\PROGRA~2\Nero\data\xtras\mssysmgr.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\DU Meter\DUMeter.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [DU Meter] "C:\Program Files (x86)\DU Meter\DUMeter.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~2\Nero\data\xtras\mssysmgr.exe
O4 - HKCU\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O8 - Extra context menu item: Open using &Advanced JPEG Compressor - C:\Program Files (x86)\Advanced JPEG Compressor\ajcieex.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://runonce.msn.com
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqaio2/downloads/sysinfo.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1188116588203
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} (HPSDDX Class) - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) - http://www.linksysfix.com/netcheck/67/install/gtdownls.cab
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Block Level Filtering Service - Unknown owner - C:\WINDOWS\svchost.exe (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing)
O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\system32\Imapi.exe (file missing)
O23 - Service: MagicTuneEngine - Unknown owner - C:\Program Files (x86)\MagicTune Premium\MagicTuneEngine.exe
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc64.exe (file missing)
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Unknown owner - C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe (file missing)
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: SessionLauncher - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe (file missing)
O23 - Service: SupportSoft Sprocket Service (medicsp2) (sprtsvc_medicsp2) - SupportSoft, Inc. - C:\Program Files (x86)\twc\medicsp2\bin\sprtsvc.exe
O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)

--
End of file - 8549 bytes

 

[Shaba]

Hi

Delete this:

C:\DownLoad\Nero6plus\

Empty Recycle Bin.

Still problems?

 

[zeyyxe]

Per Shaba

Hello Shaba, :bigthumb::bow:

Deleted Nero6 folder.

On last HJ This scan, I still see:
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Unknown owner - C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe (file missing)

I had installed Roxio, but it used many resources and had various programs running at startup, even when I was not running it, so I uninstalled it. Would that cause my DVD to not recognize various factory DVD's? Is there a clean way to reload my Atapi and CD-ROM drivers?

 

[Shaba]

Hi

" On last HJ This scan, I still see:
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Unknown owner - C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe (file missing)"

You can fix that entry then

"Would that cause my DVD to not recognize various factory DVD's? Is there a clean way to reload my Atapi and CD-ROM drivers?"

I don't think so. Do you have any setup DVD included with DVD player?

 

[Shaba]

Due to the lack of feedback this Topic is closed.

If it has been five days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

If it has been less than five days since your last response and you need the thread re-opened, please send a private message (pm). A valid, working link to the closed topic is required.

Everyone else please begin a New Topic.