|
| ||
| Help with this annoyinh pop ups and unknown internet explorer toolbar.. I have a problem in my desktop when i click something, something will appear (see the picture 1) picture 1 http://img254.imageshack.us/img254/7114/76814144mk0.jpg and this insane toolbar that instantly appear in my internet explorer and this Insecure Internet activity. Threat of virus attack. see picture 2 picture2 http://img254.imageshack.us/img254/4710/31905354rz8.jpg heres my HJT log Running processes: C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files\ESET\nod32kui.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\Program Files\DNA\btdna.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Internet Download Manager\IDMan.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Eset\nod32krn.exe C:\Windows\system32\svchost.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe C:\Users\Aldrin\Desktop\CABAL DOWNLOADER.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\explorer.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\PROGRA~1\Java\jre6\bin\ssvagent.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Internet Explorer\IEUser.exe C:\Windows\system32\rundll32.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Users\Aldrin\Documents\Downloads\Programs\HiJackThis.exe C:\Windows\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: QXK Olive - {058E578B-3561-4D17-8CD5-0437D9E68E4B} - C:\Windows\nfavxwdbfld.dll O2 - BHO: (no name) - {269DEFC5-27A0-4ECF-8D4A-5CB1E295F89A} - C:\Windows\system32\efcASKeb.dll O2 - BHO: QXK Olive - {3F8EC571-356D-4AD4-BD8B-E2E3D9C9D957} - C:\Windows\nfavxwdbkwm.dll O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: AOL Toolbar - {FB0E529A-3D2C-473E-83FE-9E56AC6CC0EB} - C:\Windows\system32\aol_bho.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: fdkowvbp - {BF7C3536-5B35-48E1-B0BD-8861EC186720} - C:\Windows\fdkowvbp.dll O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\awtsTNge.dll,#1 O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKLM\..\Run: [c84eaa98] rundll32.exe "C:\Windows\system32\fpnutxcq.dll",b O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - https://my.levelupgames.ph/keycrypt/npkcx.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O21 - SSODL: wnslvxtf - {B1BC99E8-F73F-490E-B13B-427AD8EBB8AE} - C:\Windows\wnslvxtf.dll O21 - SSODL: eqvwamkl - {405C8D97-3302-4AE8-A714-E4F85494BB7F} - C:\Windows\eqvwamkl.dll O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\Windows\system32\npkcsvc.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe -- End of file - 8979 bytes Help me plsss.. |
| ||
| Re: Help with this annoyinh pop ups and unknown internet explorer toolbar.. First of all, for heaven's sake DON'T click to install that antispyware the pop-up offers. If by the toolbar, you mean that Yahoo one, I would be annoyed also. We recommend you begin with all the steps on this sticky Read me before posting a request for assistance Follow all those steps, saving any requested logs. When you have completed all the steps then post back here with all the requested logs. There are signs of infection in your HJT log. These steps should take care of much of it. Give us those new logs and we can decide if other steps are needed. Judy |
| ||
| Re: Help with this annoyinh pop ups and unknown internet explorer toolbar.. Quote:
IM not dumb enough to click install the antispyware SIR..... And I dont mean that yahoo one, the "fdkowvbp" toolbar.. |
| ||
| Re: Help with this annoyinh pop ups and unknown internet explorer toolbar.. Quote:
By the way, I am NOT a SIR. Your fdkowvbp toolbar is indicative of a FakeAlert or Smitfraud Infection, your QXK Olive toolbar is indicative of a Zlob infection, your Megaupload Toolbar is also one very much a subject of debate as to whether it is safe or not. You have two entries indicative of Adware.Agent malware and you have the Trojan-Downloader.Win32.Agent loading as a start up service. These are just SOME of the infected items showing in the HJT log, there ARE more and chances are there are many, many more which do not show. If you want to get the computer clean then begin by running the programs in the link I gave you. Be sure to TURN OFF Spyware Doctor, BitTorrent, Yahoo Messenger until this computer is clean. All are unnecessary and should not be running while clean up is taking place. Your Java is out of date. Current version is version 6 update 7. You also do not appear to be running a firewall, which is very important, especially since your system is definitely infected with at the very least one trojan downloader and very possibly more. You have also left off the top part of the HJT log, the portion which would read like this Quote:
This info is vital as it does help determine which programs can or should be used on the computer. Please include this in your next log. Boot mode: Normal |
| ||
| Re: Help with this annoyinh pop ups and unknown internet explorer toolbar.. Deckard's System Scanner v20071014.68 Run by Aldrin on 2002-01-03 09:11:57 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- Last 3 Restore Point(s) -- 3: 2002-01-02 23:29:39 UTC - RP26 - Spyware Doctor: Cleaning Threats 2: 2002-01-02 23:05:30 UTC - RP24 - Spyware Doctor: Cleaning Threats 1: 2002-01-02 21:25:00 UTC - RP22 - Last known good configuration Backed up registry hives. Performed disk cleanup. Total Physical Memory: 1023 MiB (1024 MiB recommended). -- HijackThis (run as Aldrin.exe) ---------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:13:40 AM, on 1/3/2002 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16386) Boot mode: Normal Running processes: C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\svchost.exe C:\Windows\Explorer.EXE C:\Program Files\ESET\nod32kui.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\DNA\btdna.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Internet Download Manager\IDMan.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Eset\nod32krn.exe C:\Windows\system32\svchost.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Garena\Garena.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\mobsync.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\rundll32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Aldrin\Documents\Downloads\Programs\dss.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchProtocolHost.exe C:\Users\Aldrin\DOCUME~1\DOWNLO~1\Programs\Aldrin.exe C:\Users\Aldrin\Documents\Downloads\Programs\windows-kb890830-v2.0.exe c:\3c2be2ea9cd8c940a9682fcb88\mrtstub.exe C:\Windows\system32\MRT.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: QXK Olive - {058E578B-3561-4D17-8CD5-0437D9E68E4B} - C:\Windows\nfavxwdbfld.dll O2 - BHO: QXK Olive - {3F8EC571-356D-4AD4-BD8B-E2E3D9C9D957} - C:\Windows\nfavxwdbkwm.dll O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: AOL Toolbar - {FB0E529A-3D2C-473E-83FE-9E56AC6CC0EB} - C:\Windows\system32\aol_bho.dll O2 - BHO: (no name) - {FB5420FE-59B2-470C-B1C4-269C4B401F65} - C:\Windows\system32\efcASKeb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: fdkowvbp - {BF7C3536-5B35-48E1-B0BD-8861EC186720} - C:\Windows\fdkowvbp.dll O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\opnolKdB.dll,#1 O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKLM\..\Run: [c84eaa98] rundll32.exe "C:\Windows\system32\msiaplsp.dll",b O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - https://my.levelupgames.ph/keycrypt/npkcx.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O21 - SSODL: wnslvxtf - {B1BC99E8-F73F-490E-B13B-427AD8EBB8AE} - C:\Windows\wnslvxtf.dll O21 - SSODL: eqvwamkl - {405C8D97-3302-4AE8-A714-E4F85494BB7F} - C:\Windows\eqvwamkl.dll O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\Windows\system32\npkcsvc.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe -- End of file - 9172 bytes -- File Associations ----------------------------------------------------------- .js - JSFile - DefaultIcon - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe",2 -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R3 Pcatip - c:\windows\system32\drivers\pcatip.sys <Not Verified; VSO Software; Patin-Couffin Autoplay(tm) support driver> R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell> S0 OemBiosDevice (Royalty OEM BIOS Extension) - c:\windows\system32\drivers\royal.sys <Not Verified; PARADOX; SLP Kernel-Mode Driver> S3 npkcrypt - \??\c:\windows\system32\npkcrypt.sys -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour> S2 npkcsvc - c:\windows\system32\npkcsvc.exe <Not Verified; INCA Internet Co., Ltd.; nProtect KeyCrypt Service> S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)> -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Scheduled Tasks ------------------------------------------------------------- 2008-07-26 12:18:27 420 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{5E8950D6-9454-4717-A8EF-1F4826CAE96E}.job -- Files created between 2001-12-03 and 2002-01-03 ----------------------------- 2008-07-26 10:16:11 0 d-------- C:\Windows\system32\QuickTime 2008-07-22 01:20:29 0 d-------- C:\Users\All Users\Macromedia 2008-07-22 01:18:03 0 d-------- C:\Program Files\Macromedia 2008-07-22 01:18:03 0 d-------- C:\Program Files\Common Files\Macromedia 2008-07-22 01:17:12 0 d-------- C:\Program Files\Common Files\InstallShield 2008-07-22 01:16:44 0 d-------- C:\Windows\Downloaded Installations 2008-07-21 22:57:06 0 d-------- C:\Program Files\Xilisoft 2008-07-21 22:20:27 0 d-------- C:\Program Files\Audio MP3 Editor 2008-07-21 22:14:58 0 d-------- C:\Program Files\XviD 2008-07-21 22:14:44 398798 --a------ C:\Windows\system32\apexpmp.exe <Not Verified; IndigoSTAR Software; IndigoPerl> 2008-07-21 22:14:44 4755968 --a------ C:\Windows\system32\apexconverter.exe 2008-07-21 22:14:44 120320 --a------ C:\Windows\system32\apexchanger.exe 2008-07-21 22:14:44 109568 --a------ C:\Windows\system32\apex3gp.exe 2008-07-21 22:14:42 61440 --a------ C:\Windows\system32\cygz.dll 2008-07-21 22:14:42 1295582 --a------ C:\Windows\system32\cygwin1.dll <Not Verified; Red Hat; Cygwin> 2008-07-21 22:14:42 3138048 --a------ C:\Windows\system32\apexxbox.exe 2008-07-21 22:14:42 86016 --a------ C:\Windows\system32\AddiTunes.exe 2008-07-21 22:14:41 626688 --a------ C:\Windows\system32\NCTImageFile.dll <Not Verified; Online Media Technologies Ltd.; NCTImageFile ActiveX DLL> 2008-07-21 22:14:27 249856 --a------ C:\Windows\system32\NCTQuickTimeFile.dll <Not Verified; Online Media Technologies Company Ltd.; NCTQuickTimeFile Module> 2008-07-21 22:14:07 764416 --a------ C:\Windows\system32\NCTRMFile.dll <Not Verified; NCT Company Ltd.; NCTRMFile ActiveX DLL> 2008-07-21 22:13:47 495104 --a------ C:\Windows\system32\NCTVideoCoreM.dll <Not Verified; NCT Company Ltd.; NCTVideoCoreM ActiveX DLL> 2008-07-21 22:13:27 382464 --a------ C:\Windows\system32\NCTAVIFile.dll <Not Verified; NCT Company Ltd.; NCTAVIFile ActiveX DLL> 2008-07-21 22:13:06 780288 --a------ C:\Windows\system32\NCTVideoCompress.dll <Not Verified; NCT Company Ltd.; NCTVideoCompress ActiveX DLL> 2008-07-21 22:13:06 90112 --a------ C:\Windows\system32\NCTAudioFormatSettings3.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioFormatSettings3 Module> 2008-07-21 22:13:06 2846720 --a------ C:\Windows\system32\NCTAudioCompress3.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioCompress3 Module> 2008-07-21 22:12:53 312320 --a------ C:\Windows\system32\NCTVideoView.dll <Not Verified; Online Media Technologies Ltd.; NCTVideoView ActiveX DLL> 2008-07-21 22:12:36 188416 --a------ C:\Windows\system32\NCTVideoFile.dll <Not Verified; NCT Company Ltd.; NCTVideoFile ActiveX DLL> 2008-07-21 22:12:15 778240 --a------ C:\Windows\system32\NCTAudioCompress2.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioCompress2 Module> 2008-07-21 22:12:07 215552 --a------ C:\Windows\system32\NCTWMVFile.dll <Not Verified; NCT Company Ltd.; NCTWMVFile ActiveX DLL> 2008-07-21 22:12:06 237568 --a------ C:\Windows\system32\lame_enc.dll 2008-07-21 22:12:06 1700352 --a------ C:\Windows\system32\gdiplus.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2008-07-21 22:12:03 81920 --a------ C:\Windows\system32\viscomwave.dll <Not Verified; Viscom Software; > 2008-07-21 22:12:03 147456 --a------ C:\Windows\system32\viscomqtenc.dll <Not Verified; Viscom Software www.viscomsoft.com; > 2008-07-21 22:12:03 139264 --a------ C:\Windows\system32\viscomqtde.dll <Not Verified; Viscom Software www.viscomsoft.com; > 2008-07-21 22:12:03 0 d-------- C:\Windows\system32\RMBin 2008-07-21 22:11:53 0 d-------- C:\Program Files\Apex 2008-07-21 22:11:53 0 d-------- C:\Apex 2008-07-21 22:07:12 348160 --a------ C:\Windows\system32\eSellerateEngine.dll <Not Verified; eSellerate Inc.; eSellerateEngine> 2008-07-21 22:07:08 0 d-------- C:\Program Files\Acoustica MP3 Audio Mixer 2008-07-21 09:05:29 0 d-------- C:\Program Files\Internet Download Manager 2008-07-21 08:00:09 0 d-------- C:\Program Files\Garena 2008-07-21 08:00:05 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-07-21 07:47:43 0 d-------- C:\Program Files\MegauploadToolbar 2008-07-21 06:32:21 0 d-------- C:\Program Files\Microsoft Works 2008-07-21 06:28:46 0 d-------- C:\Windows\PCHEALTH 2008-07-21 06:28:45 0 d-------- C:\Program Files\Microsoft.NET 2008-07-21 06:23:00 0 d-------- C:\Program Files\Microsoft Visual Studio 8 2008-07-21 06:20:24 0 d-------- C:\Users\All Users\Microsoft Help 2008-07-21 06:19:46 0 dr-h----- C:\MSOCache 2008-07-21 06:17:47 0 d-------- C:\Windows\Panther 2008-07-21 06:17:31 0 d--hs---- C:\Boot 2008-07-21 05:26:12 0 d-------- C:\Program Files\DNA 2008-07-21 05:26:11 0 d-------- C:\Program Files\BitTorrent 2008-07-21 04:49:14 0 d-------- C:\Program Files\QuickFix 2008-07-21 04:41:57 240128 --a------ C:\Windows\system32\drivers\royal.sys <Not Verified; PARADOX; SLP Kernel-Mode Driver> 2008-07-21 04:41:05 0 d------c- C:\Windows\system32\DRVSTORE 2008-07-20 17:51:08 0 d-------- C:\Program Files\EA SPORTS 2008-07-20 17:50:56 0 d-------- C:\Users\All Users\Yahoo! Companion 2008-07-20 17:05:09 0 d-------- C:\Program Files\UltraISO 2008-07-20 16:53:44 0 d-------- C:\Windows\system32\Macromed 2008-07-20 16:50:18 0 d--hs---- C:\Windows\Installer 2008-07-20 15:26:41 0 d-------- C:\Program Files\Yahoo! 2008-07-20 15:26:26 0 d-------- C:\Program Files\CCleaner 2008-07-20 14:54:02 298104 --a------ C:\Windows\system32\imon.dll <Not Verified; Eset; NOD32 Antivirus System> 2008-07-20 14:32:13 0 dr------- C:\Users\Aldrin\Searches 2008-07-20 14:31:52 0 dr------- C:\Users\Aldrin\Contacts 2008-07-20 14:31:45 0 dr------- C:\Users\Aldrin\Videos 2008-07-20 14:31:45 0 d--hs---- C:\Users\Aldrin\Templates 2008-07-20 14:31:45 0 d--hs---- C:\Users\Aldrin\Start Menu 2008-07-20 14:31:45 0 d--hs---- C:\Users\Aldrin\SendTo 2008-07-20 14:31:45 0 dr------- C:\Users\Aldrin\Saved Games 2008-07-20 14:31:45 0 d--hs---- C:\Users\Aldrin\Recent 2008-07-20 14:31:45 0 d--hs---- C:\Users\Aldrin\PrintHood 2008-07-20 14:31:45 0 dr------- C:\Users\Aldrin\Pictures 2008-07-20 14:31:45 1835008 --ahs---- C:\Users\Aldrin\NTUSER.DAT 2008-07-20 14:31:45 0 d--hs---- C:\Users\Aldrin\NetHood 2008-07-20 14:31:45 0 d--hs---- C:\Users\Aldrin\My Documents 2008-07-20 14:31:45 0 dr------- C:\Users\Aldrin\Music 2008-07-20 14:31:45 0 d--hs---- C:\Users\Aldrin\Local Settings 2008-07-20 14:31:45 0 dr------- C:\Users\Aldrin\Links 2008-07-20 14:31:45 0 dr------- C:\Users\Aldrin\Favorites 2008-07-20 14:31:45 0 dr------- C:\Users\Aldrin\Downloads 2008-07-20 14:31:45 0 dr------- C:\Users\Aldrin\Documents 2008-07-20 14:31:45 0 dr------- C:\Users\Aldrin\Desktop 2008-07-20 14:31:45 0 d--hs---- C:\Users\Aldrin\Cookies 2008-07-20 14:31:45 0 d--hs---- C:\Users\Aldrin\Application Data 2008-07-20 14:31:45 0 d--h----- C:\Users\Aldrin\AppData 2008-07-20 14:22:37 0 --a------ C:\Windows\system32\atiicdxx.dat 2008-07-20 14:21:25 0 d-------- C:\Windows\SoftwareDistribution 2008-07-20 14:20:36 0 d-------- C:\Windows\Debug 2008-07-20 14:20:36 0 d-------- C:\Windows\CSC 2008-07-20 14:18:50 0 d-------- C:\Windows\Prefetch 2008-07-20 14:18:34 0 d--hs---- C:\System Volume Information 2008-07-20 10:02:45 0 d-------- C:\Users\All Users\JCreator 2008-07-20 10:02:05 0 d-a------ C:\Users\All Users\TEMP 2008-07-20 10:01:47 0 d-------- C:\Program Files\Xinox Software 2008-07-20 08:43:11 243478 --a------ C:\Program Files\cabal_total.exe 2008-07-20 05:45:27 0 d-------- C:\Program Files\SD 2008-07-20 00:47:28 0 d-------- C:\Program Files\Common Files\Bcgsoft 2008-07-20 00:44:14 0 d-------- C:\Program Files\PowerCDR 2008-07-20 00:43:48 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-07-20 00:40:49 49152 -----n--- C:\Windows\system32\MultiSZ.dll <Not Verified; Ahead Software AG\r\nim Stoeckmaedle 6\r\n76307 Karlsbad, Germany\r\nFax: ++49-7248-911-888\r\ne-mail: info@nero.com; MultiSZ/ACL Installation Library> 2008-07-20 00:40:36 106496 --a------ C:\Windows\system32\TwnLib20.dll <Not Verified; Pegasus Software; TWNLIB20> 2008-07-20 00:40:36 35328 --a------ C:\Windows\system32\picn20.dll <Not Verified; Pegasus Imaging Corp.; PEGASUS> 2008-07-20 00:40:35 532480 --a------ C:\Windows\system32\imagx5.dll <Not Verified; Pegasus Software, LLC; ImagXpress> 2008-07-20 00:40:34 507904 --a------ C:\Windows\system32\imagr5.dll <Not Verified; Pegasus Software,LLC; ImagXpress> 2008-07-20 00:40:33 155648 --a------ C:\Windows\system32\NeroCheck.exe <Not Verified; Ahead Software Gmbh; Ahead Software Gmbh NeroCheck> 2008-07-20 00:40:33 0 d-------- C:\Program Files\Ahead 2007-03-21 20:54:16 69632 --a------ C:\Windows\system32\TWUNK_32.EXE <Not Verified; Twain Working Group; Twain Thunker> 2007-03-21 20:54:16 48560 --a------ C:\Windows\system32\TWUNK_16.EXE <Not Verified; Twain Working Group; Twain Thunker> 2007-03-21 20:54:16 77312 --a------ C:\Windows\system32\TWAIN_32.DLL <Not Verified; Twain Working Group; Twain_32 Source Manager> 2006-11-02 21:00:38 0 d--hs---- C:\Users\Default\Templates 2006-11-02 21:00:38 0 d--hs---- C:\Users\Default\Start Menu 2006-11-02 21:00:38 0 d--hs---- C:\Users\Default\SendTo 2006-11-02 21:00:38 0 d--hs---- C:\Users\Default\Recent 2006-11-02 21:00:38 0 d--hs---- C:\Users\Default\PrintHood 2006-11-02 21:00:38 0 d--hs---- C:\Users\Default\NetHood 2006-11-02 21:00:38 0 d--hs---- C:\Users\Default\My Documents 2006-11-02 21:00:38 0 d--hs---- C:\Users\Default\Local Settings 2006-11-02 21:00:38 0 d--hs---- C:\Users\Default\Cookies 2006-11-02 21:00:38 0 d--hs---- C:\Users\Default\Application Data 2006-11-02 21:00:38 0 d--hs---- C:\Users\All Users\Templates 2006-11-02 21:00:38 0 d--hs---- C:\Users\All Users\Start Menu 2006-11-02 21:00:38 0 d--hs---- C:\Users\All Users\Favorites 2006-11-02 21:00:38 0 d--hs---- C:\Users\All Users\Documents 2006-11-02 21:00:38 0 d--hs---- C:\Users\All Users\Desktop 2006-11-02 21:00:38 0 d--hs---- C:\Users\All Users\Application Data 2006-11-02 21:00:38 0 d--hs---- C:\Documents and Settings 2006-11-02 20:46:43 0 d-------- C:\Windows\Setup 2006-11-02 20:46:40 0 d-------- C:\Windows\ServiceProfiles 2006-11-02 20:46:34 0 d---s---- C:\Windows\system32\Microsoft 2006-11-02 20:41:10 0 d-------- C:\Windows\WindowsMobile 2006-11-02 20:41:10 0 d-------- C:\Windows\system32\winrm 2006-11-02 20:41:10 0 d-------- C:\Windows\system32\slmgr 2006-11-02 20:41:10 0 d-------- C:\Windows\system32\en 2006-11-02 20:41:10 0 d-------- C:\Windows\system32\drivers\en-US 2006-11-02 20:41:10 0 d-------- C:\Windows\system32\Branding 2006-11-02 20:41:10 0 d-------- C:\Windows\system32\0409 2006-11-02 20:41:10 0 d-------- C:\Windows\en-US 2006-11-02 20:41:09 0 d-------- C:\Windows\system32\WCN 2006-11-02 20:41:09 0 d-------- C:\Windows\system32\Printing_Admin_Scripts 2006-11-02 20:35:51 0 d-------- C:\Windows\twain_32 2006-11-02 20:35:51 0 d-------- C:\Windows\system32\XPSViewer 2006-11-02 20:35:51 0 d-------- C:\Windows\system32\restore 2006-11-02 20:35:51 0 d-------- C:\Windows\system32\FxsTmp 2006-11-02 20:35:51 0 d-------- C:\Windows\ShellNew 2006-11-02 20:35:51 0 d-------- C:\Windows\Performance 2006-11-02 20:35:51 0 d-------- C:\Windows\ehome 2006-11-02 20:35:51 0 d-------- C:\Windows\DigitalLocker 2006-11-02 20:35:51 0 d-------- C:\Windows\addins 2006-11-02 20:35:51 0 d-------- C:\Program Files\Windows Calendar 2006-11-02 20:35:50 0 d-------- C:\Program Files\Windows Sidebar 2006-11-02 20:35:50 0 d-------- C:\Program Files\Windows Photo Gallery 2006-11-02 20:35:50 0 d-------- C:\Program Files\Windows Journal 2006-11-02 20:35:50 0 d-------- C:\Program Files\Windows Defender 2006-11-02 20:35:50 0 d-------- C:\Program Files\Windows Collaboration 2006-11-02 20:35:50 0 d-------- C:\Program Files\Reference Assemblies 2006-11-02 20:35:50 0 d-------- C:\Program Files\MSBuild 2006-11-02 20:35:50 0 d-------- C:\Program Files\Movie Maker 2006-11-02 20:35:50 0 d-------- C:\Program Files\Microsoft Games 2006-11-02 19:18:44 0 d-------- C:\Windows\winsxs 2006-11-02 19:18:44 0 d-------- C:\Windows\Web 2006-11-02 19:18:44 0 d-------- C:\Windows\tracing 2006-11-02 19:18:44 0 d-------- C:\Windows\Tasks 2006-11-02 19:18:44 0 d-------- C:\Windows\tapi 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\zh-TW 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\zh-HK 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\zh-CN 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\winevt 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\wfp 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\WDI 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\wbem 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\uk-UA 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\tr-TR 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\th-TH 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\Tasks 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\sysprep 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\sv-SE 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\sr-Latn-CS 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\spool 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\Speech 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\SMI 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\SLUI 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\sl-SI 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\sk-SK 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\setup 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\ru-RU 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\ro-RO 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\RemInst 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\ras 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\pt-PT 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\pt-BR 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\pl-PL 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\oobe 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\nl-NL 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\networklist 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\NDF 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\nb-NO 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\MUI 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\Msdtc 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\migwiz 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\migration 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\manifeststore 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\lv-LV 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\lt-LT 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\LogFiles 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\licensing 2006-11-02 19:18:43 0 d-------- C:\Windows\system32\ko-KR 2006-11-02 19:18:42 0 d-------- C:\Windows\system32\ja-JP 2006-11-02 19:18:42 0 d-------- C:\Windows\system32\it-IT 2006-11-02 19:18:42 0 d-------- C:\Windows\system32\inetsrv 2006-11-02 19:18:42 0 d-------- C:\Windows\system32\IME 2006-11-02 19:18:42 0 d-------- C:\Windows\system32\icsxml 2006-11-02 19:18:42 0 d-------- C:\Windows\system32\ias 2006-11-02 19:18:42 0 d-------- C:\Windows\system32\hu-HU 2006-11-02 19:18:42 0 d-------- C:\Windows\system32\hr-HR 2006-11-02 19:18:42 0 d-------- C:\Windows\system32\he-IL 2006-11-02 19:18:42 0 d-------- C:\Windows\system32\GroupPolicyUsers 2006-11-02 19:18:42 0 d-------- C:\Windows\system32\GroupPolicy 2006-11-02 19:18:42 0 d-------- C:\Windows\system32\fr-FR 2006-11-02 19:18:42 0 d-------- C:\Windows\system32\fi-FI 2006-11-02 19:18:42 0 d-------- C:\Windows\system32\et-EE 2006-11-02 19:18:42 0 d-------- C:\Windows\system32\es-ES 2006-11-02 19:18:42 0 d-------- C:\Windows\system32\el-GR 2006-11-02 19:18:36 0 d-------- C:\Windows\System32 2006-11-02 19:18:36 0 d-------- C:\Windows\system32\DriverStore 2006-11-02 19:18:36 0 d-------- C:\Windows\system32\drivers 2006-11-02 19:18:36 0 d-------- C:\Windows\system32\drivers\UMDF 2006-11-02 19:18:36 0 d-------- C:\Windows\system32\drivers\etc 2006-11-02 19:18:36 0 d-------- C:\Windows\system32\de-DE 2006-11-02 19:18:36 0 d-------- C:\Windows\system32\da-DK 2006-11-02 19:18:36 0 d-------- C:\Windows\system32\cs-CZ 2006-11-02 19:18:36 0 d-------- C:\Windows\system32\config 2006-11-02 19:18:36 0 d-------- C:\Windows\system32\com 2006-11-02 19:18:36 0 d-------- C:\Windows\system32\CodeIntegrity 2006-11-02 19:18:36 0 d-------- C:\Windows\system32\catroot2 2006-11-02 19:18:36 0 d-------- C:\Windows\system32\catroot 2006-11-02 19:18:36 0 d-------- C:\Windows\system32\Boot 2006-11-02 19:18:36 0 d-------- C:\Windows\system32\bg-BG 2006-11-02 19:18:36 0 d-------- C:\Windows\system32\ar-SA 2006-11-02 19:18:36 0 d-------- C:\Windows\system32\AdvancedInstallers 2006-11-02 19:18:36 0 d-------- C:\Windows\system 2006-11-02 19:18:36 0 d-------- C:\Windows\Speech 2006-11-02 19:18:36 0 d-------- C:\Windows\servicing 2006-11-02 19:18:36 0 d-------- C:\Windows\security 2006-11-02 19:18:36 0 d-------- C:\Windows\schemas 2006-11-02 19:18:36 0 d-------- C:\Windows\SchCache 2006-11-02 19:18:36 0 d-------- C:\Windows\Resources 2006-11-02 19:18:36 0 d-------- C:\Windows\rescache 2006-11-02 19:18:36 0 d-------- C:\Windows\Registration 2006-11-02 19:18:36 0 d-------- C:\Windows\Provisioning 2006-11-02 19:18:36 0 d-------- C:\Windows\PolicyDefinitions 2006-11-02 19:18:35 0 d-------- C:\Windows\PLA 2006-11-02 19:18:35 0 dr------- C:\Windows\Offline Web Pages 2006-11-02 19:18:35 0 d-------- C:\Windows\nap 2006-11-02 19:18:35 0 d-------- C:\Windows\MSAgent 2006-11-02 19:18:35 0 d-------- C:\Windows\ModemLogs 2006-11-02 19:18:35 0 dr--s---- C:\Windows\Media 2006-11-02 19:18:35 0 d-------- C:\Windows\Logs 2006-11-02 19:18:35 0 d-------- C:\Windows\LiveKernelReports 2006-11-02 19:18:35 0 d-------- C:\Windows\L2Schemas 2006-11-02 19:18:34 0 d-------- C:\Windows 2006-11-02 19:18:34 0 d-------- C:\Windows\inf 2006-11-02 19:18:34 0 d-------- C:\Windows\IME 2006-11-02 19:18:34 0 d-------- C:\Windows\Help 2006-11-02 19:18:34 0 d-------- C:\Windows\Globalization 2006-11-02 19:18:34 0 dr--s---- C:\Windows\Fonts 2006-11-02 19:18:34 0 d---s---- C:\Windows\Downloaded Program Files 2006-11-02 19:18:34 0 d-------- C:\Windows\Cursors 2006-11-02 19:18:34 0 d-------- C:\Windows\Branding 2006-11-02 19:18:34 0 d-------- C:\Windows\Boot 2006-11-02 19:18:34 0 d-------- C:\Windows\AppPatch 2006-11-02 19:18:34 0 dr------- C:\Users\Default\Videos 2006-11-02 19:18:34 0 d-------- C:\Users\Default\Saved Games 2006-11-02 19:18:34 0 dr------- C:\Users\Default\Pictures 2006-11-02 19:18:34 0 dr------- C:\Users\Default\Music 2006-11-02 19:18:34 0 dr------- C:\Users\Default\Links 2006-11-02 19:18:34 0 dr------- C:\Users\Default\Favorites 2006-11-02 19:18:34 0 dr------- C:\Users\Default\Downloads 2006-11-02 19:18:34 0 dr------- C:\Users\Default\Documents 2006-11-02 19:18:34 0 dr------- C:\Users\Default\Desktop 2006-11-02 19:18:33 0 dr------- C:\Users 2006-11-02 19:18:33 0 d--h----- C:\Users\Default\AppData 2006-11-02 19:18:33 0 d---s---- C:\Users\All Users\Microsoft 2006-11-02 19:18:33 0 d--h----- C:\ProgramData 2006-11-02 19:18:33 0 dr------- C:\Program Files 2006-11-02 19:18:33 0 d-------- C:\Program Files\Windows NT 2006-11-02 19:18:33 0 d-------- C:\Program Files\Windows Mail 2006-11-02 19:18:33 0 d-------- C:\Program Files\Common Files 2006-11-02 19:18:33 0 d-------- C:\Program Files\Common Files\SpeechEngines 2006-11-02 19:17:19 0 d--hs---- C:\$Recycle.Bin 2006-11-02 18:22:30 262144 --ahs---- C:\Users\Default\NTUSER.DAT 2006-11-02 16:47:18 514048 -r-hs---- C:\Windows\system32\klass.exe 2006-02-28 12:41:34 61440 --a------ C:\Windows\system32\dns-sd.exe <Not Verified; Apple Computer, Inc.; Bonjour> 2006-02-28 12:41:22 53248 --a------ C:\Windows\system32\dnssd.dll <Not Verified; Apple Computer, Inc.; Bonjour> 2005-09-12 16:13:46 233472 --a------ C:\Windows\UNRecode.exe <Not Verified; Nero AG; Nero Suite Installer> 2005-09-12 16:13:46 233472 --a------ C:\Windows\UNNeroVision.exe <Not Verified; Nero AG; Nero Suite Installer> 2005-09-12 16:13:46 233472 --a------ C:\Windows\UNNeroShowTime.exe <Not Verified; Nero AG; Nero Suite Installer> 2005-09-12 16:13:46 233472 --a------ C:\Windows\UNNeroMediaHome.exe <Not Verified; Nero AG; Nero Suite Installer> 2005-09-12 16:13:46 233472 --a------ C:\Windows\UNNeroBackItUp.exe <Not Verified; Nero AG; Nero Suite Installer> 2005-06-21 09:42:28 233555 --a------ C:\Windows\system32\npkcrypt.dll <Not Verified; INCA Internet Co., Ltd.; nProtect KeyCrypt Driver Support Dll> 2005-03-15 11:26:30 40960 --a------ C:\Windows\system32\npkuninst.exe <Not Verified; INCA Internet Co., Ltd.; nProtect KeyCrypt Uninstaller> 2005-03-14 10:27:22 65633 --a------ C:\Windows\system32\npkagt.exe <Not Verified; INCA Internet Co., Ltd.; nProtect KeyCrypt Agent> 2005-02-16 15:18:04 90184 --a------ C:\Windows\system32\NeroCo.dll <Not Verified; Ahead Software AG im Stoeckmaedle 18 76307 Karlsbad, Germany Fax: ++49-7248-911-888 e-mail: info@nero.com; Nero Burning Rom> 2005-01-28 10:23:20 37009 --a------ C:\Windows\system32\npkcusb.sys <Not Verified; INCA Internet Co., Ltd.; nProtect KeyCrypt Driver> 2004-12-27 14:16:58 21442 --a------ C:\Windows\system32\npkcrypt.sys <Not Verified; INCA Internet Co., Ltd.; nProtect KeyCrypt Driver> 2004-07-26 17:16:10 802816 --a------ C:\Windows\system32\imagXRA7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7> 2004-07-26 17:16:10 258048 --a------ C:\Windows\system32\imagXR7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7> 2004-07-26 17:16:10 1757184 --a------ C:\Windows\system32\imagX7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7> 2004-07-09 09:43:56 368640 --a------ C:\Windows\system32\TwnLib4.dll <Not Verified; Pegasus Imaging Corporation; TwnLib4 - TwainPRO v4.0 - Utility Library> 2004-04-17 15:05:28 36864 --a------ C:\Windows\system32\ametrans.dll <Not Verified; Audio2x.com; Audio Mp3 Editor Transfer Control> 2004-03-31 17:55:24 172544 --a------ C:\Windows\system32\npkcsvc.exe <Not Verified; INCA Internet Co., Ltd.; nProtect KeyCrypt Service> 2004-03-09 15:35:50 53248 --a------ C:\Windows\system32\npkpdb.dll <Not Verified; INCA Internet Co., Ltd.; nProtect KeyCrypt Program Database DLL> 2004-03-02 12:24:00 880640 --a------ C:\Windows\system32\NCTAudioEditor2.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioEditor2 ActiveX DLL> 2004-03-02 12:14:38 602112 --a------ C:\Windows\system32\NCTAudioTransform2.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioTransform2 ActiveX DLL> 2004-03-02 12:14:18 458752 --a------ C:\Windows\system32\NCTAudioRecord2.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioRecord2 ActiveX DLL> 2004-03-02 12:10:04 1212416 --a------ C:\Windows\system32\NCTAudioInformation2.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioInformation2 ActiveX DLL> 2004-03-02 12:07:20 458752 --a------ C:\Windows\system32\NCTAudioPlayer2.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioPlayer2 ActiveX DLL> 2004-03-02 12:05:56 1986560 --a------ C:\Windows\system32\NCTAudioFile2.dll <Not Verified; NCT Company Ltd.; NCTAudioFile2 ActiveX DLL> 2003-12-15 12:24:30 348160 --a------ C:\Windows\system32\NCTWMAFile2.dll <Not Verified; Online Media Technologies Ltd.; NCTWMAFile2 ActiveX DLL> 2003-12-08 12:19:32 479232 --a------ C:\Windows\system32\NCTAudioVisualization2.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioVisualization2 ActiveX DLL> 2003-12-08 12:16:22 327680 --a------ C:\Windows\system32\NCTAudioGrabber2.dll <Not Verified; NCT Company Ltd.; NCTAudioGrabber2 ActiveX DLL> 2002-09-10 23:10:05 495616 --a------ C:\Windows\system32\xvid.dll 2002-06-17 10:06:10 122880 --a------ C:\Windows\system32\mwecmdlg.dll <Not Verified; mp3waveditor.com; MP3 Wav Editor Common Dialog Control> 2002-06-17 09:54:04 40960 --a------ C:\Windows\system32\mweclass.dll <Not Verified; www.mp3waveditor.com; MP3 Wav Editor SubClass Control> 2002-05-22 00:00:00 14604 --a------ C:\Windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell> 2002-01-03 09:56:32 130432 --a------ C:\Windows\system32\pzfnir.dll 2002-01-03 09:56:28 130432 --a------ C:\Windows\system32\yffxsjac.dll 2002-01-03 09:09:07 98688 --a------ C:\Windows\system32\msiaplsp.dll 2002-01-03 09:07:03 130432 --a------ C:\Windows\system32\temcix.dll 2002-01-03 09:06:50 130432 --a------ C:\Windows\system32\tetfbjou.dll 2002-01-03 09:06:23 120960 --a------ C:\Windows\system32\cjohgx.dll 2002-01-03 09:06:22 120960 --a------ C:\Windows\system32\jmbvdayi.dll 2002-01-03 09:06:21 120960 --a------ C:\Windows\system32\zkipla.dll 2002-01-03 09:06:05 120960 --a------ C:\Windows\system32\aqmuyten.dll 2002-01-03 09:03:22 328151 --ahs---- C:\Windows\system32\GhNorBeg.ini2 2002-01-03 09:03:02 322816 --a------ C:\Windows\system32\geBroNhG.dll 2002-01-03 08:58:48 120960 --a------ C:\Windows\system32\ofvbba.dll 2002-01-03 08:58:48 120960 --a------ C:\Windows\system32\brcswstd.dll 2002-01-03 08:58:14 34688 --a------ C:\Windows\system32\opnolKdB.dll 2002-01-03 08:57:38 99712 -----n--- C:\Windows\system32\lnpxoivq.dll 2002-01-03 08:31:58 0 d-------- C:\Users\All Users\Nero 2002-01-03 08:31:58 0 d-------- C:\Program Files\Common Files\Nero 2002-01-03 08:29:49 120960 --a------ C:\Windows\system32\zzryft.dll 2002-01-03 08:29:44 120960 --a------ C:\Windows\system32\keqsivxn.dll 2002-01-03 08:19:25 0 --a------ C:\end 2002-01-03 08:06:17 4682 --a------ C:\Windows\system32\npptNT2.sys <Not Verified; INCA Internet Co., Ltd.; nProtect NPSC Kernel Mode Driver for NT> 2002-01-03 08:05:09 0 d-------- C:\Program Files\Common Files\INCA Shared 2002-01-03 08:04:08 0 d-------- C:\Program Files\e-Games 2002-01-03 07:51:41 99712 --a------ C:\Windows\system32\btnohiyu.dll 2002-01-03 07:51:36 120960 --a------ C:\Windows\system32\xvggqe.dll 2002-01-03 07:51:28 120960 --a------ C:\Windows\system32\dvmbscwk.dll 2002-01-03 07:46:06 120960 --a------ C:\Windows\system32\jhbshp.dll 2002-01-03 07:45:59 120960 --a------ C:\Windows\system32\xxbrrrbl.dll 2002-01-03 07:41:40 120960 --a------ C:\Windows\system32\uqzqax.dll 2002-01-03 07:41:30 120960 --a------ C:\Windows\system32\cbfhlfqc.dll 2002-01-03 07:41:03 120448 --a------ C:\Windows\system32\cfrqmr.dll 2002-01-03 07:41:00 120448 --a------ C:\Windows\system32\gesnjrrg.dll 2002-01-03 07:40:37 120960 --a------ C:\Windows\system32\iwnacr.dll 2002-01-03 07:40:33 120960 --a------ C:\Windows\system32\qjenmled.dll 2002-01-03 07:37:58 326505 --ahs---- C:\Windows\system32\psYIlUvw.ini2 2002-01-03 07:37:45 323840 --a------ C:\Windows\system32\wvUlIYsp.dll 2002-01-03 07:37:32 326505 --ahs---- C:\Windows\system32\KUBdffhk.ini2 2002-01-03 07:37:20 323328 --a------ C:\Windows\system32\khffdBUK.dll 2002-01-03 07:36:58 120960 --a------ C:\Windows\system32\acrwcl.dll 2002-01-03 07:36:47 120960 --a------ C:\Windows\system32\gidmejge.dll 2002-01-03 07:35:39 120960 --a------ C:\Windows\system32\housnb.dll 2002-01-03 07:35:27 120960 --a------ C:\Windows\system32\uosuvomc.dll 2002-01-03 07:11:31 99712 --a------ C:\Windows\system32\smmsaglm.dll 2002-01-03 07:08:28 328789 --ahs---- C:\Windows\system32\beKSAcfe.ini2 2002-01-03 07:08:14 323328 --a------ C:\Windows\system32\efcASKeb.dll 2002-01-03 07:06:55 34688 --a------ C:\Windows\system32\xxYqoLBS.dll 2002-01-03 07:04:49 99712 --a------ C:\Windows\system32\gufuqgdx.dll 2002-01-03 07:02:40 120960 --a------ C:\Windows\system32\rtvmxr.dll 2002-01-03 07:02:40 120960 --a------ C:\Windows\system32\cinoasav.dll 2002-01-03 06:55:17 120960 --a------ C:\Windows\system32\wcqzbk.dll 2002-01-03 06:55:11 120960 --a------ C:\Windows\system32\iunifivn.dll 2002-01-03 06:47:58 0 d-------- C:\Program Files\Spyware Doctor 2002-01-03 06:08:23 18944 --a------ C:\Windows\system32\aol2tbl.dll 2002-01-03 06:08:04 0 -rahs---- C:\MSDOS.SYS 2002-01-03 06:08:04 0 -rahs---- C:\IO.SYS 2002-01-03 06:08:04 171136 -rahs---- C:\grldr 2002-01-03 06:08:03 0 --a------ C:\Windows\nsreg.dat 2002-01-03 06:08:02 306688 --a------ C:\Windows\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller> 2002-01-03 06:07:09 18944 --a------ C:\Windows\system32\aol_bho.dll 2002-01-03 06:05:55 18944 --a------ C:\Windows\system32\aoltoolbar.dll 2002-01-03 06:02:45 120960 --a------ C:\Windows\system32\ywfdmf.dll 2002-01-03 06:02:35 120960 --a------ C:\Windows\system32\cctiqnir.dll 2002-01-03 05:58:51 18944 --a------ C:\Windows\system32\aoltbl.dll 2002-01-03 05:57:39 18944 --a------ C:\Windows\system32\aol_tbl.dll 2002-01-03 05:52:46 99456 -----n--- C:\Windows\system32\tymynywr.dll 2002-01-03 05:52:29 0 d-------- C:\VundoFix Backups 2002-01-03 05:50:41 120960 --a------ C:\Windows\system32\upvpqm.dll 2002-01-03 05:50:34 120960 --a------ C:\Windows\system32\wbgtdegy.dll 2002-01-03 05:46:03 120960 --a------ C:\Windows\system32\lrumqwlw.dll 2002-01-03 05:46:03 120960 --a------ C:\Windows\system32\ilblgy.dll 2002-01-03 05:28:40 325449 --ahs---- C:\Windows\system32\nnVyxGgh.ini2 2002-01-03 05:28:21 323840 --a------ C:\Windows\system32\hgGxyVnn.dll 2002-01-03 05:26:05 99456 -----n--- C:\Windows\system32\hhultgtq.dll 2002-01-03 05:21:20 80 --ah----- C:\Windows\system32\HsInfo.dat 2002-01-03 05:20:04 327204 --ahs---- C:\Windows\system32\AaKlllRu.ini2 2002-01-02 19:48:05 0 d-------- C:\Users\All Users\FLEXnet 2002-01-02 14:31:46 0 d-------- C:\Users\All Users\Adobe 2002-01-02 14:30:57 0 d-------- C:\Program Files\Bonjour 2002-01-02 14:17:46 0 d-------- C:\Program Files\Common Files\Macrovision Shared 2002-01-02 14:13:37 0 d-------- C:\Program Files\Common Files\Adobe 2002-01-02 14:10:00 34688 --a------ C:\Windows\system32\yaYoNDuR.dll 2002-01-02 14:05:00 339968 --a------ C:\Windows\nfavxwdbfld.dll 2002-01-02 14:04:59 94208 --a------ C:\Windows\elqw.exe 2002-01-02 12:04:10 94208 --a------ C:\Windows\elkr.exe 2002-01-02 12:04:09 229376 --a------ C:\Windows\wnslvxtf.dll 2002-01-02 12:04:09 405504 --a------ C:\Windows\nfavxwdbkwm.dll 2002-01-02 12:04:09 86016 --a------ C:\Windows\grswptdl.exe 2002-01-02 12:04:09 192512 --a------ C:\Windows\fdkowvbp.dll 2002-01-02 12:04:09 180224 --a------ C:\Windows\eqvwamkl.dll 2002-01-02 08:49:51 0 d-------- C:\Users\All Users\Yahoo! 2002-01-02 08:38:17 0 d-------- C:\Program Files\Common Files\Java 2002-01-02 07:43:55 25586 --a------ C:\aem8.dat 2002-01-02 07:43:03 417792 --a------ C:\Windows\system32\NCTAudioDisplay2.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioDisplay2 ActiveX DLL> 2002-01-02 07:43:03 2084864 --a------ C:\Windows\system32\NCTAudioDesign2.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioDesign2 ActiveX DLL> 2002-01-02 07:43:02 835584 --a------ C:\Windows\system32\NCTAudioCDGrabber2.dll <Not Verified; NCT; NCTAudioCDGrabber2 ActiveX DLL> 2002-01-02 07:42:56 0 d-------- C:\Program Files\Audio Edit Magic 2002-01-02 00:28:24 0 d-------- C:\Program Files\Java 2002-01-01 01:40:23 0 d-------- C:\Program Files\ZTekWare 2002-01-01 01:38:18 0 d-------- C:\Windows\system32\appmgmt 2002-01-01 01:35:32 0 d-------- C:\Program Files\DirectISO 2002-01-01 00:33:14 0 d-------- C:\Windows\system32\vso_loc 2002-01-01 00:33:14 0 d-------- C:\Windows\system32\iosubsys 2002-01-01 00:33:09 25696 --a------ C:\Windows\system32\drivers\PcAtip.sys <Not Verified; VSO Software; Patin-Couffin Autoplay(tm) support driver> 2002-01-01 00:33:09 0 d-------- C:\Program Files\vso 2002-01-01 00:29:38 0 d-------- C:\Program Files\Nero 2002-01-01 00:29:38 0 d-------- C:\Program Files\Common Files\Ahead 2002-01-01 00:20:03 0 d-------- C:\Program Files\Perfect World -- Find3M Report --------------------------------------------------------------- 2008-07-26 10:21:30 0 d-------- C:\Users\Aldrin\AppData\Roaming\Macromedia 2008-07-21 07:59:40 0 d-------- C:\Users\Aldrin\AppData\Roaming\InstallShield 2008-07-21 07:47:43 0 d-------- C:\Users\Aldrin\AppData\Roaming\MegauploadToolbar 2008-07-21 04:32:11 0 d-------- C:\Users\Aldrin\AppData\Roaming\WinRAR 2008-07-20 10:02:45 0 d-------- C:\Users\Aldrin\AppData\Roaming\JCreator 2008-07-20 06:20:29 0 d-------- C:\Users\Aldrin\AppData\Roaming\IDM 2008-07-20 05:27:40 0 d-------- C:\Users\Aldrin\AppData\Roaming\Mozilla 2006-11-02 20:49:43 174 --ahs---- C:\Program Files\desktop.ini 2002-01-03 09:44:10 0 d--h----- C:\Users\Aldrin\AppData\Roaming\IFLTemp 2002-01-03 09:18:16 0 d-------- C:\Users\Aldrin\AppData\Roaming\DNA 2002-01-03 09:02:55 0 d-------- C:\Users\Aldrin\AppData\Roaming\DMCache 2002-01-03 08:59:03 0 d-------- C:\Users\Aldrin\AppData\Roaming\RF Online Crimson Dawn 2002-01-03 08:05:12 0 d-------- C:\Users\Aldrin\AppData\Roaming\Nero 2002-01-03 07:33:36 0 d-------- C:\Users\Aldrin\AppData\Roaming\BitTorrent 2002-01-03 06:47:58 0 d-------- C:\Users\Aldrin\AppData\Roaming\PC Tools 2002-01-03 05:46:32 0 d-------- C:\Users\Aldrin\AppData\Roaming\Adobe 2002-01-02 08:46:50 0 d-------- C:\Users\Aldrin\AppData\Roaming\Yahoo! -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown -- End of Deckard's System Scanner: finished at 2002-01-03 09:19:42 ------------ Its still in my computer. I follow already Read me before posting a request for assistance. |
| ||
| Re: Help with this annoyinh pop ups and unknown internet explorer toolbar.. Quote:
== Please download DAFT and save it to your desktop:
Post the contents of that logfile with your next post. ===== Download Malwarebytes' Anti-Malware (http://www.majorgeeks.com/Malwarebyt...are_d5756.html) to your desktop. * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure to checkmark the Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select Perform full scan, then click Scan. * When the scan is complete, click OK, then Show Results to view the results. * Be sure that everything is checked, and click Remove Selected. * When completed, a log will open in Notepad. * Post the log back here. Make sure that you restart the computer. The log can also be found here: C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt Post new HJT log. |
| ||
| Re: Help with this annoyinh pop ups and unknown internet explorer toolbar.. Obviously something going on with this computer...take a look at the dates on the scan logs; First HJT posted; There is NO date. Second the Deckards log; Deckard's System Scanner v20071014.68 Run by Aldrin on 2002-01-03 09:11:57 Computer is in Normal Mode. Third HJT log; Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:13:40 AM, on 1/3/2002 Fourth also from the Deckard's Log; -- Scheduled Tasks ------------------------------------------------------------- 2008-07-26 12:18:27 420 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{5E8950D6-9454-4717-A8EF-1F4826CAE96E}.job Fifth from that Same Deckard's Log; -- Files created between 2001-12-03 and 2002-01-03 Finally; -- Find3M Report --------------------------------------------------------------- There are seven files with 2008 Creation dates One file with 2006 and the rest with 2002 Ending with this; -- End of Deckard's System Scanner: finished at 2002-01-03 09:19:42 ------------ |
| All times are GMT -4. The time now is 8:21 am. |
Forum system based on vBulletin Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
©2003 - 2009 DaniWeb® LLC