Member Panel

Remember me ?

Forgot password?   

Sponsors and Ads

Join the Team

Live Tag Cloud
PC Forum PC Help Forum » Security & Safety » [Fixed] Hijackthis! Logs » hijackthis log

[Fixed] Hijackthis! Logs - hijackthis log posted in the Security & Safety forums; plz reply fast...

JOIN US NOW to remove these Ads

Post New Thread  Reply
Page 3 of 4 < 1 2 3 4 >
  #13  
Old 04-18-2008
hunt120's Avatar
Bronze Member
  
Join Date: Apr 2008
Posts: 20
PC Experience: PC Illiterate
hunt120 - See this Members User comments on their Profile page
Default Re: hijackthis log
plz reply fast
  #14  
Old 04-18-2008
Pancake's Avatar
Senior Security Analyst
  
Join Date: Jun 2006
Location: Victoria, Australia
Posts: 2,958
PC Experience: Elite PC Guru
Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page
Default Re: hijackthis log
Please copy this page to *Notepad* and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.
It's IMPORTANT to carry out the instructions in the sequence listed below.
1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Open *notepad* and copy/paste the text in the quotebox below into it:
Killall::
File::
C:\t3vk
H:\boot.exe
I:\boot.exe
Folder::
C:\Documents and Settings\All Users.WINDOWS\Application Data\Phone store flag loud
Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\flag loud mp3 bore]
[-HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{0444bbad-ba28-11dc-941d-00115bcb42e7}]
[-HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{0c416b7e-b967-11dc-9417-00115bcb42e7}]
[-HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{5889c0b7-70db-11dc-9368-00115bcb42e7}]
[-HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{640c76fc-b4c0-11dc-940c-00115bcb42e7}]
[-HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{b6703471-bb2e-11dc-941f-0002449bb246}]
[-HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{b6703473-bb2e-11dc-941f-0002449bb246}]
[-HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{da835bbc-432b-11dc-92d2-00115bcb42e7}]
[-HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{defa9b6a-b438-11dc-9408-00115bcb42e7}]
[-HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{defa9b6b-b438-11dc-9408-00115bcb42e7}]

Save this as CFScript.txt, in the same location as ComboFix.exe which is on the Desktop.


Refering to the picture above, drag CFScript.txt into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt
Please copy and paste the ComboFix.txt along with a fresh HijackThis log in your next reply please.

*Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall.Altering this script in any way could damage your compter*


__________________
  • An Australian Member of
  • and
My real name is Eddy
  #15  
Old 04-19-2008
hunt120's Avatar
Bronze Member
  
Join Date: Apr 2008
Posts: 20
PC Experience: PC Illiterate
hunt120 - See this Members User comments on their Profile page
Default Re: hijackthis log
================================================== =
ComboFix log
================================================== =
ComboFix 08-04-11.8 - OMAX 2 2008-04-19 8:59:55.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.150 [GMT 4:00]
Running from: C:\Documents and Settings\OMAX 2\My Documents\Setups\ComboFix.exe
Command switches used :: C:\Documents and Settings\OMAX 2\Desktop\CFScript.txt
* Created a new restore point

FILE ::
C:\t3vk
H:\boot.exe
I:\boot.exe
.
TimedOut: progfile.dat

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users.WINDOWS\Application Data\Phone store flag loud
C:\Documents and Settings\All Users.WINDOWS\Application Data\Phone store flag loud\LESS MP3.exe
C:\t3vk

.
((((((((((((((((((((((((( Files Created from 2008-03-19 to 2008-04-19 )))))))))))))))))))))))))))))))
.

2008-04-18 23:12 . 2008-04-18 23:12 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-04-18 23:12 . 2008-04-18 23:12 1,409 --a------ C:\WINDOWS\QTFont.for
2008-04-18 21:28 . 2008-04-18 21:28 <DIR> d-------- C:\Program Files\Task Killer
2008-04-18 20:37 . 2008-04-18 20:37 <DIR> d-------- C:\Program Files\Microsoft Silverlight
2008-04-18 18:39 . 2008-04-18 18:39 <DIR> d-------- C:\Documents and Settings\OMAX 2\Application Data\Uniblue
2008-04-18 12:18 . 2008-04-18 12:19 4,566 --a------ C:\WINDOWS\imsins.BAK
2008-04-18 10:12 . 2008-04-18 10:12 <DIR> d-------- C:\WINDOWS\ERUNT
2008-04-18 10:07 . 2008-04-18 10:34 <DIR> d-------- C:\SDFix
2008-04-17 23:18 . 2008-04-17 23:19 <DIR> d-------- C:\Program Files\CCleaner
2008-04-17 20:49 . 2008-04-18 20:58 2,206 --a------ C:\WINDOWS\system32\wpa.dbl
2008-04-16 18:14 . 2008-04-16 18:41 <DIR> d-------- C:\Program Files\nLite
2008-04-15 22:14 . 2008-04-15 22:14 <DIR> d-------- C:\Documents and Settings\OMAX 2\Application Data\ATI
2008-04-13 16:11 . 2008-04-13 16:11 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Zenturi
2008-04-13 16:11 . 2008-04-13 16:11 26,000 --a------ C:\WINDOWS\system32\E3TL.DLL
2008-04-12 21:15 . 2008-04-12 21:15 <DIR> d-------- C:\Program Files\Common Files\iS3
2008-04-12 21:15 . 2008-04-12 21:15 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\ZILLAbar
2008-04-12 21:15 . 2008-04-16 17:28 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\STOPzilla!
2008-04-12 21:10 . 2008-04-12 21:10 <DIR> d-------- C:\Documents and Settings\OMAX 2\Application Data\STOPzilla!
2008-04-12 21:09 . 2008-04-16 17:37 <DIR> d-------- C:\Program Files\STOPzilla!
2008-04-12 14:23 . 2008-04-12 14:35 <DIR> d-------- C:\Documents and Settings\OMAX 2\Application Data\AVG7
2008-04-12 14:22 . 2008-04-12 14:22 <DIR> d-------- C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\AVG7
2008-04-12 14:20 . 2008-04-17 20:33 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\avg7
2008-04-12 11:57 . 2008-04-12 11:57 <DIR> d-------- C:\Program Files\Panda Security
2008-04-11 21:11 . 2008-04-11 21:11 <DIR> d-------- C:\Program Files\Trend Micro
2008-04-11 18:38 . 2008-04-11 19:36 <DIR> d-------- C:\Documents and Settings\OMAX 2\Application Data\ErrorSmart
2008-04-09 21:31 . 2008-04-09 21:31 <DIR> d-------- C:\Program Files\Common Files\Thraex Software
2008-04-07 17:32 . 2008-04-07 17:36 151 --a------ C:\WINDOWS\PhotoSnapViewer.INI
2008-04-03 09:31 . 2008-04-03 10:23 <DIR> d-------- C:\Program Files\EA GAMES
2008-03-30 14:59 . 2008-03-30 15:08 <DIR> d-------- C:\Documents and Settings\OMAX 2\Application Data\GSC
2008-03-27 23:05 . 2008-01-16 21:42 44,544 --a------ C:\WINDOWS\system32\msxml4a.dll
2008-03-26 14:33 . 2008-03-26 14:33 99 --a------ C:\BIOSVIEW.INI
2008-03-26 14:33 . 2008-03-26 14:33 32 --a------ C:\BIOSINFO.INI
2008-03-22 09:04 . 2008-04-16 18:23 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\SecTaskMan
2008-03-22 09:03 . 2008-04-13 16:18 <DIR> d-------- C:\Program Files\Security Task Manager
2008-03-19 21:06 . 2008-03-19 21:07 <DIR> d-------- C:\Program Files\San Andreas Mod Installer

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-04-18 17:22 --------- d-----w C:\Program Files\Game Graphic Studio
2008-04-18 17:21 --------- d-----w C:\Program Files\Cheat Engine
2008-04-18 16:35 --------- d-----w C:\Program Files\Warcraft III
2008-04-17 19:25 --------- d-----w C:\Program Files\GetRight
2008-04-16 18:36 --------- d-----w C:\Documents and Settings\OMAX 2\Application Data\Ahead
2008-04-16 10:33 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-04-15 17:42 --------- d-----w C:\Program Files\ATI Technologies
2008-04-12 16:07 --------- d-----w C:\Program Files\Tales of Pirates Online
2008-04-09 14:53 --------- d-----w C:\Program Files\mIRC
2008-04-04 12:14 --------- d-----w C:\Documents and Settings\OMAX 2\Application Data\mIRC
2008-04-03 20:53 --------- d-----w C:\Program Files\FlashGet
2008-04-03 06:22 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-31 19:38 --------- d-----w C:\Documents and Settings\OMAX 2\Application Data\Azureus
2008-03-27 19:11 --------- d---a-w C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2008-03-25 04:38 --------- d-----w C:\Documents and Settings\OMAX 2\Application Data\uTorrent
2008-03-25 04:35 --------- d-----w C:\Program Files\uTorrent
2008-03-22 07:07 --------- d-----w C:\Program Files\Google
2008-03-22 05:59 --------- d-----w C:\Documents and Settings\OMAX 2\Application Data\LimeWire
2008-03-19 17:08 --------- d-----w C:\Program Files\Rockstar Games
2008-03-19 12:10 --------- d-----w C:\Program Files\Spyware Doctor
2008-03-18 12:46 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Ante Bike
2008-03-18 12:42 --------- d-----w C:\Documents and Settings\Administrator\Application Data\MEGAUPLOADTOOLBAR
2008-03-17 18:14 --------- d-----w C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\MEGAUPLOADTOOLBAR
2008-03-10 13:07 --------- d-----w C:\Documents and Settings\OMAX 2\Application Data\Hamachi
2008-03-10 12:03 2,098 --sha-w C:\Documents and Settings\All Users.WINDOWS\Application Data\KGyGaAvL.sys
2008-03-08 05:40 --------- d-----w C:\Program Files\Ocean Technologies & Media
2008-03-08 05:39 --------- d-----w C:\Documents and Settings\OMAX 2\Application Data\InstallShield
2008-03-08 05:36 25,280 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2008-03-07 17:51 88 --sh--r C:\Documents and Settings\All Users.WINDOWS\Application Data\8C2960AE94.sys
2008-03-07 17:50 --------- d-----w C:\Program Files\Common Files\Enterbrain
2008-03-07 17:49 --------- d-----w C:\Program Files\Enterbrain
2008-03-05 10:55 --------- d-----w C:\Documents and Settings\OMAX 2\Application Data\Ante Bike
2008-02-20 09:30 --------- d-----w C:\Program Files\DkZ Studio
2008-02-01 03:52 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2001-11-23 04:08 712,704 ----a-r C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
2007-08-04 18:45 16,384 --sha-w C:\WINDOWS\system32\config\systemprofile\Cookies\i ndex.dat
2007-08-04 18:45 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
2007-08-04 18:45 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007080420070 805\index.dat
2007-08-04 18:45 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
.

------- Sigcheck -------

2007-04-16 01:23 360704 e6b15bcc470953e600ef7aded3cab142 C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
2008-02-17 15:41 360832 64af914216535bc450f85253462d6f24 C:\WINDOWS\system32\dllcache\TCPIP.SYS
2008-02-17 15:41 360832 64af914216535bc450f85253462d6f24 C:\WINDOWS\system32\drivers\TCPIP.SYS
.
((((((((((((((((((((((((((((( snapshot@2008-04-12_16.53.17.71 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-04-15 07:38:48 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
+ 2008-04-18 06:12:47 8,441,856 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000001\NTUSER.DAT
+ 2008-04-18 06:12:47 319,488 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat
+ 2008-04-15 07:38:48 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2008-04-18 06:12:35 8,441,856 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\NTUSER.DAT
+ 2008-04-18 06:12:35 319,488 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat
+ 2007-12-07 02:01:07 124,928 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\advpack.dll
+ 2007-12-19 22:57:52 347,136 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtmsft.dll
+ 2007-12-07 02:01:07 214,528 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtrans.dll
+ 2007-12-07 02:01:07 133,120 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\extmgr.dll
+ 2007-12-07 02:01:07 63,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\icardie.dll
+ 2007-12-06 08:34:28 70,656 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ie4uinit.exe
+ 2007-12-07 02:01:08 153,088 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakeng.dll
+ 2007-12-07 02:01:08 230,400 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieaksie.dll
+ 2007-12-06 05:00:02 161,792 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakui.dll
+ 2007-12-07 02:01:08 383,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieapfltr.dll
+ 2007-12-07 02:01:08 388,096 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iedkcs32.dll
+ 2007-12-07 02:01:10 6,067,200 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieframe.dll
+ 2007-12-07 02:01:10 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iernonce.dll
+ 2007-12-07 02:01:11 267,776 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iertutil.dll
+ 2007-08-13 14:39:10 13,312 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieudinit.exe
+ 2007-12-06 08:34:45 625,664 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe
+ 2007-12-07 02:01:11 27,648 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\jsproxy.dll
+ 2007-12-07 02:01:11 459,264 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeeds.dll
+ 2007-12-07 02:01:11 52,224 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeedsbs.dll
+ 2007-12-07 02:01:12 3,593,216 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtml.dll
+ 2007-12-07 02:01:12 478,208 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtmled.dll
+ 2007-12-07 02:01:13 193,024 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msrating.dll
+ 2007-12-07 02:01:13 671,232 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mstime.dll
+ 2007-12-07 02:01:13 102,912 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\occache.dll
+ 2008-01-11 05:57:26 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\pngfilt.dll
+ 2007-03-06 01:22:39 213,216 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\updspapi.dll
+ 2007-12-07 02:01:13 105,984 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\url.dll
+ 2007-12-07 02:01:13 1,162,752 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\urlmon.dll
+ 2007-12-07 02:01:13 233,472 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\webcheck.dll
+ 2007-12-07 02:01:13 825,344 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll
- 2007-11-03 14:49:46 167,936 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\accicons.exe
+ 2008-04-18 16:45:19 167,936 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\accicons.exe
- 2007-11-03 14:49:46 81,920 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\fpicon.exe
+ 2008-04-18 16:45:19 81,920 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\fpicon.exe
- 2007-11-03 14:49:46 34,304 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\misc.exe
+ 2008-04-18 16:45:19 34,304 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\misc.exe
- 2007-11-03 14:49:46 8,192 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\mspicons.exe
+ 2008-04-18 16:45:19 8,192 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\mspicons.exe
- 2007-11-03 14:49:46 3,584 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\opwicon.exe
+ 2008-04-18 16:45:19 3,584 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\opwicon.exe
- 2007-11-03 14:49:47 114,688 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\outicon.exe
+ 2008-04-18 16:45:20 114,688 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\outicon.exe
- 2007-11-03 14:49:46 16,384 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\PEicons.exe
+ 2008-04-18 16:45:19 16,384 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\PEicons.exe
- 2007-11-03 14:49:46 30,720 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\pptico.exe
+ 2008-04-18 16:45:19 30,720 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\pptico.exe
- 2007-11-03 14:49:47 22,528 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\unbndico.exe
+ 2008-04-18 16:45:20 22,528 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\unbndico.exe
- 2007-11-03 14:49:46 45,056 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\wordicon.exe
+ 2008-04-18 16:45:19 45,056 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\wordicon.exe
- 2007-11-03 14:49:46 90,112 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\xlicons.exe
+ 2008-04-18 16:45:18 90,112 ----a-r C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\xlicons.exe
+ 2008-04-15 17:45:54 9,158 ----a-r C:\WINDOWS\Installer\{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B}\ARPPRODUCTICON.exe
+ 2008-04-15 17:45:54 9,158 ----a-r C:\WINDOWS\Installer\{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B}\NewShortcut1_6E06A57A67284CFBAA9A514 9F9C9ADB3.exe
+ 2008-04-15 17:45:54 9,158 ----a-r C:\WINDOWS\Installer\{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B}\NewShortcut2_6E06A57A67284CFBAA9A514 9F9C9ADB3.exe
+ 2008-04-15 17:45:54 9,158 ----a-r C:\WINDOWS\Installer\{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B}\NewShortcut21_6E06A57A67284CFBAA9A51 49F9C9ADB3.exe
+ 2008-04-15 17:45:54 9,158 ----a-r C:\WINDOWS\Installer\{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B}\NewShortcut22_6E06A57A67284CFBAA9A51 49F9C9ADB3.exe
+ 2008-04-15 17:45:54 9,158 ----a-r C:\WINDOWS\Installer\{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B}\NewShortcut3_6E06A57A67284CFBAA9A514 9F9C9ADB3.exe
+ 2008-04-15 17:45:54 9,158 ----a-r C:\WINDOWS\Installer\{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B}\NewShortcut5_6E06A57A67284CFBAA9A514 9F9C9ADB3.exe
+ 2008-04-19 04:38:12 4,076 ----a-w C:\WINDOWS\SoftwareDistribution\EventCache\{2CE48E 62-067F-4365-9037-769EA2990A5E}.bin
- 2007-04-15 21:24:27 71,680 ----a-w C:\WINDOWS\system32\admparse.dll
+ 2007-08-13 14:39:20 71,680 ----a-w C:\WINDOWS\system32\admparse.dll
- 2007-12-07 02:01:07 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-03-01 13:03:00 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2007-04-15 21:24:27 71,680 -c--a-w C:\WINDOWS\system32\dllcache\admparse.dll
+ 2007-08-13 14:39:20 71,680 -c--a-w C:\WINDOWS\system32\dllcache\admparse.dll
- 2007-12-07 02:01:07 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-03-01 13:03:00 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
- 2007-04-15 21:24:28 33,792 -c--a-w C:\WINDOWS\system32\dllcache\custsat.dll
+ 2007-08-13 14:54:10 33,792 -c--a-w C:\WINDOWS\system32\dllcache\custsat.dll
- 2007-12-19 22:57:52 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-03-01 13:03:00 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2007-12-07 02:01:07 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-03-01 13:03:00 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2007-12-07 02:01:07 133,120 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-03-01 13:03:00 132,608 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2007-04-15 21:24:28 60,416 -c--a-w C:\WINDOWS\system32\dllcache\hmmapi.dll
+ 2007-08-13 14:18:02 60,416 -c--a-w C:\WINDOWS\system32\dllcache\hmmapi.dll
- 2007-12-07 02:01:07 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2008-03-01 13:03:00 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
- 2007-12-06 08:34:28 70,656 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2008-02-22 09:39:56 70,656 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2007-12-07 02:01:08 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-03-01 13:03:00 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2007-12-07 02:01:08 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-03-01 13:03:00 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2007-12-06 05:00:02 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2008-02-15 05:44:25 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2007-12-07 02:01:08 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2008-03-01 13:03:00 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2007-12-07 02:01:08 388,096 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-03-01 13:03:00 388,608 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2007-04-15 21:22:11 69,120 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
+ 2007-08-13 14:44:02 69,120 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
- 2007-04-15 21:24:32 78,336 -c--a-w C:\WINDOWS\system32\dllcache\ieencode.dll
+ 2007-08-13 14:45:18 78,336 -c--a-w C:\WINDOWS\system32\dllcache\ieencode.dll
- 2007-12-07 02:01:10 6,067,200 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2008-03-01 13:03:01 6,067,712 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2007-04-15 21:22:11 191,488 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2007-08-13 14:54:10 191,488 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
- 2007-12-07 02:01:10 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-03-01 13:03:01 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2007-12-07 02:01:11 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2008-03-01 13:03:01 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2007-04-15 21:24:37 55,296 -c--a-w C:\WINDOWS\system32\dllcache\iesetup.dll
+ 2007-08-13 14:39:12 55,296 -c--a-w C:\WINDOWS\system32\dllcache\iesetup.dll
- 2007-12-06 08:34:29 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2008-02-22 09:39:56 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2007-12-06 08:34:45 625,664 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2008-02-22 09:40:22 625,664 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2007-04-15 21:24:38 36,352 -c--a-w C:\WINDOWS\system32\dllcache\imgutil.dll
+ 2007-08-13 14:36:06 36,352 -c--a-w C:\WINDOWS\system32\dllcache\imgutil.dll
- 2007-04-15 21:22:13 92,672 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
+ 2007-08-13 14:39:02 92,672 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
- 2007-04-15 21:22:15 491,520 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
+ 2007-08-13 14:38:04 491,520 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
- 2007-12-07 02:01:11 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-03-01 13:03:01 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2007-04-15 21:24:43 40,960 -c--a-w C:\WINDOWS\system32\dllcache\licmgr10.dll
+ 2007-08-13 14:44:18 40,960 -c--a-w C:\WINDOWS\system32\dllcache\licmgr10.dll
- 2007-12-07 02:01:11 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-03-01 13:03:01 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2007-12-07 02:01:11 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2008-03-01 13:03:01 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2007-04-15 21:24:43 45,568 -c--a-w C:\WINDOWS\system32\dllcache\mshta.exe
+ 2007-08-13 14:32:30 45,568 -c--a-w C:\WINDOWS\system32\dllcache\mshta.exe
- 2007-12-07 02:01:12 3,593,216 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-03-01 13:03:01 3,593,216 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2007-12-07 02:01:12 478,208 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-03-01 13:03:01 478,208 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2007-04-15 21:24:45 48,128 -c--a-w C:\WINDOWS\system32\dllcache\mshtmler.dll
+ 2007-08-13 14:01:12 48,128 -c--a-w C:\WINDOWS\system32\dllcache\mshtmler.dll
- 2007-04-15 21:24:45 156,160 -c--a-w C:\WINDOWS\system32\dllcache\msls31.dll
+ 2007-08-13 14:54:10 156,160 -c--a-w C:\WINDOWS\system32\dllcache\msls31.dll
- 2007-12-07 02:01:13 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-03-01 13:03:01 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2007-12-07 02:01:13 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-03-01 13:03:01 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
- 2007-12-07 02:01:13 102,912 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-03-01 13:03:01 102,912 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
- 2008-01-11 05:57:26 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-03-01 13:03:01 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2007-12-07 02:01:13 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-03-01 13:03:02 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
- 2007-12-07 02:01:13 1,162,752 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-03-01 13:03:02 1,162,752 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2007-04-15 21:23:41 413,696 -c--a-w C:\WINDOWS\system32\dllcache\vbscript.dll
+ 2007-08-13 14:54:10 413,696 -c--a-w C:\WINDOWS\system32\dllcache\vbscript.dll
- 2007-12-07 02:01:13 233,472 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-03-01 13:03:02 233,472 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2007-04-10 10:00:46 236,928 -c----w C:\WINDOWS\system32\dllcache\WgaLogon.dll
+ 2007-04-10 10:01:18 336,768 -c----w C:\WINDOWS\system32\dllcache\WgaTray.exe
- 2007-12-07 02:01:13 825,344 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-03-01 13:03:02 827,392 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
- 2007-12-19 22:57:52 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-03-01 13:03:00 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2007-12-07 02:01:07 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-03-01 13:03:00 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2007-12-07 02:01:07 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-03-01 13:03:00 132,608 ----a-w C:\WINDOWS\system32\extmgr.dll
- 1999-10-17 15:01:42 1,129,232 ----a-w C:\WINDOWS\system32\FM20.DLL
+ 2003-09-25 08:07:00 1,139,472 ----a-w C:\WINDOWS\system32\FM20.DLL
- 1999-10-17 15:01:16 26,384 ----a-w C:\WINDOWS\system32\FM20ENU.DLL
+ 2003-08-18 10:26:32 25,872 ----a-w C:\WINDOWS\system32\FM20ENU.DLL
- 2007-12-07 02:01:07 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2008-03-01 13:03:00 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2007-12-06 08:34:28 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-02-22 09:39:56 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
- 2007-12-07 02:01:08 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2008-03-01 13:03:00 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
- 2007-12-07 02:01:08 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2008-03-01 13:03:00 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
- 2007-12-06 05:00:02 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2008-02-15 05:44:25 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
- 2007-12-07 02:01:08 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2008-03-01 13:03:00 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2007-12-07 02:01:08 388,096 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-03-01 13:03:00 388,608 ----a-w C:\WINDOWS\system32\iedkcs32.dll
- 2007-04-15 21:24:32 78,336 ----a-w C:\WINDOWS\system32\ieencode.dll
+ 2007-08-13 14:45:18 78,336 ----a-w C:\WINDOWS\system32\ieencode.dll
- 2007-12-07 02:01:10 6,067,200 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2008-03-01 13:03:01 6,067,712 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2007-04-15 21:22:11 191,488 ----a-w C:\WINDOWS\system32\iepeers.dll
+ 2007-08-13 14:54:10 191,488 ----a-w C:\WINDOWS\system32\iepeers.dll
- 2007-12-07 02:01:10 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2008-03-01 13:03:01 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
- 2007-12-07 02:01:11 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2008-03-01 13:03:01 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2007-04-15 21:24:37 55,296 ----a-w C:\WINDOWS\system32\iesetup.dll
+ 2007-08-13 14:39:12 55,296 ----a-w C:\WINDOWS\system32\iesetup.dll
- 2007-12-06 08:34:29 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2008-02-22 09:39:56 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2007-04-15 21:24:38 180,736 ----a-w C:\WINDOWS\system32\ieui.dll
+ 2007-08-13 14:54:10 180,736 ----a-w C:\WINDOWS\system32\ieui.dll
- 2007-04-15 21:24:38 36,352 ----a-w C:\WINDOWS\system32\imgutil.dll
+ 2007-08-13 14:36:06 36,352 ----a-w C:\WINDOWS\system32\imgutil.dll
- 2007-04-15 21:22:13 92,672 ----a-w C:\WINDOWS\system32\inseng.dll
+ 2007-08-13 14:39:02 92,672 ----a-w C:\WINDOWS\system32\inseng.dll
- 2007-04-15 21:22:15 491,520 ----a-w C:\WINDOWS\system32\jscript.dll
+ 2007-08-13 14:38:04 491,520 ----a-w C:\WINDOWS\system32\jscript.dll
- 2007-12-07 02:01:11 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-03-01 13:03:01 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2007-04-10 10:02:50 1,476,992 ------w C:\WINDOWS\system32\LegitCheckControl.dll
- 2007-04-15 21:24:43 40,960 ----a-w C:\WINDOWS\system32\licmgr10.dll
+ 2007-08-13 14:44:18 40,960 ----a-w C:\WINDOWS\system32\licmgr10.dll
- 2007-12-07 02:01:11 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2008-03-01 13:03:01 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2007-12-07 02:01:11 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2008-03-01 13:03:01 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2007-02-10 17:18:48 12,288 ----a-w C:\WINDOWS\system32\msfeedssync.exe
+ 2007-08-13 14:36:40 12,288 ----a-w C:\WINDOWS\system32\msfeedssync.exe
- 2007-04-15 21:24:43 45,568 ----a-w C:\WINDOWS\system32\mshta.exe
+ 2007-08-13 14:32:30 45,568 ----a-w C:\WINDOWS\system32\mshta.exe
- 2007-12-07 02:01:12 3,593,216 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-03-01 13:03:01 3,593,216 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2007-12-07 02:01:12 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-03-01 13:03:01 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2007-04-15 21:24:45 48,128 ----a-w C:\WINDOWS\system32\mshtmler.dll
+ 2007-08-13 14:01:12 48,128 ----a-w C:\WINDOWS\system32\mshtmler.dll
- 2007-04-15 21:24:45 156,160 ----a-w C:\WINDOWS\system32\msls31.dll
+ 2007-08-13 14:54:10 156,160 ----a-w C:\WINDOWS\system32\msls31.dll
- 2007-12-07 02:01:13 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-03-01 13:03:01 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
- 2007-12-07 02:01:13 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-03-01 13:03:01 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
- 2007-12-07 02:01:13 102,912 ----a-w C:\WINDOWS\system32\occache.dll
+ 2008-03-01 13:03:01 102,912 ----a-w C:\WINDOWS\system32\occache.dll
- 2008-01-11 05:57:26 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-03-01 13:03:01 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2006-05-03 16:10:34 40,960 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\ati2erec.dll
+ 2006-04-28 20:05:14 127,614 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\atiicdxx.dat
+ 2006-05-03 16:15:58 151,552 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\atikvmag.dll
+ 2006-05-03 16:21:20 6,684,672 ----a-w C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\atioglx1.dll
- 2007-03-06 01:22:33 14,048 ------w C:\WINDOWS\system32\spmsg.dll
+ 2006-12-10 10:10:02 14,640 ------w C:\WINDOWS\system32\spmsg.dll
- 2005-06-28 06:21:34 22,752 ----a-w C:\WINDOWS\system32\spupdsvc.exe
+ 2006-09-06 13:43:16 22,752 ----a-w C:\WINDOWS\system32\spupdsvc.exe
- 2007-12-07 02:01:13 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-03-01 13:03:02 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2007-12-07 02:01:13 1,162,752 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-03-01 13:03:02 1,162,752 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2007-04-15 21:23:41 413,696 ----a-w C:\WINDOWS\system32\vbscript.dll
+ 2007-08-13 14:54:10 413,696 ----a-w C:\WINDOWS\system32\vbscript.dll
- 2007-12-07 02:01:13 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-03-01 13:03:02 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2007-04-10 10:00:46 236,928 ----a-w C:\WINDOWS\system32\WgaLogon.dll
- 2007-02-10 17:18:48 206,336 ----a-w C:\WINDOWS\system32\winfxdocobj.exe
+ 2007-08-13 14:45:16 206,336 ----a-w C:\WINDOWS\system32\WinFXDocObj.exe
- 2007-12-07 02:01:13 825,344 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2008-03-01 13:03:02 827,392 ----a-w C:\WINDOWS\system32\wininet.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:56 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 18:30 517768]
"Cmaudio"="cmicnfg.cpl" []

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\RunOnce]
"ShowDeskFix"="regsvr32 /s /n /i:u shell32" []

C:\Documents and Settings\OMAX 2\Start Menu\Programs\Startup\
MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe [2007-08-06 18:34:59 534016]

C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\
RaConfig2500.lnk - C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe [2007-07-02 11:32:40 659518]

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\system]
"DisableClock"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer]
"NoChangeAnimation"= 1 (0x1)
"NoStrCmpLogical"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"NoMultiIE"= 0 (0x0)
"LWA"= 0 (0x0)
"LWB"= 0 (0x0)
"LWC"= 0 (0x0)
"LWD"= 0 (0x0)
"LWE"= 0 (0x0)
"LWF"= 0 (0x0)
"LWG"= 0 (0x0)
"LWH"= 0 (0x0)
"LWI"= 0 (0x0)
"LWJ"= 0 (0x0)
"LWK"= 0 (0x0)
"LWL"= 0 (0x0)
"LWM"= 0 (0x0)
"LWN"= 0 (0x0)
"LWO"= 0 (0x0)
"LWP"= 0 (0x0)
"LWQ"= 0 (0x0)
"LWR"= 0 (0x0)
"LWS"= 0 (0x0)
"LWT"= 0 (0x0)
"LWU"= 0 (0x0)
"LWV"= 0 (0x0)
"LWW"= 0 (0x0)
"LWX"= 0 (0x0)
"LWY"= 0 (0x0)
"LWZ"= 0 (0x0)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoStrCmpLogical"= 1 (0x1)
"NoBandCustomize"= 0 (0x0)
"NoMovingBands"= 0 (0x0)
"NoCloseDragDropBands"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows nt\currentversion\winlogon]
"Shell"="C:\\WINDOWS\\explorer.exe"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^OMAX 2^Start Menu^Programs^Startup^Reboot.exe]
path=C:\Documents and Settings\OMAX 2\Start Menu\Programs\Startup\Reboot.exe
backup=C:\WINDOWS\pss\Reboot.exeStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AFProg]
--a------ 2006-06-26 06:26 118784 C:\Program Files\Hotspot Shield\AnchorFree\ctrl\AFController.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
--a------ 2006-01-02 16:41 45056 C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
--a------ 2004-06-29 21:10 339968 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
--a------ 2007-01-09 22:59 115816 C:\Program Files\Common Files\Symantec Shared\ccApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ErrorSmart]
C:\Program Files\ErrorSmart\ErrorSmart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Iso First]
--a------ 2008-03-05 14:53 439808 C:\DOCUME~1\OMAX2~1\APPLIC~1\ANTEBI~1\bluecast.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
--a------ 2004-06-16 06:03 221184 c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
--a------ 2004-06-16 06:03 81920 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2007-04-15 23:25 1694208 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-08-06 16:02 286720 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2007-08-20 15:04 185632 C:\Program Files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\FlashGet\\flashget.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"C:\\Games\\Half life Non-Steam\\Counter-Strike 1.6 + Half-Life\\hl.exe"=
"C:\\Games\\Copy of half life\\HL\\hl.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
"9842:TCP"= 9842:TCP:*isabled:SolidNetworkManager
"9842:UDP"= 9842:UDP:*isabled:SolidNetworkManager

R3 tapvpn;TAP VPN Adapter;C:\WINDOWS\system32\DRIVERS\tapvpn.sys [2006-12-17 00:37]

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{0444bbad-ba28-11dc-941d-00115bcb42e7}]
\Shell\Auto\command - boot.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL boot.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{0c30eb6f-7192-11dc-9369-00115bcb42e7}]
\Shell\Auto\command - I:\MicrosoftPowerPoint.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL MicrosoftPowerPoint.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{0c416b7e-b967-11dc-9417-00115bcb42e7}]
\Shell\Auto\command - boot.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL boot.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{5889c0b7-70db-11dc-9368-00115bcb42e7}]
\Shell\Auto\command - H:\boot.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL boot.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{640c76fc-b4c0-11dc-940c-00115bcb42e7}]
\Shell\Auto\command - boot.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL boot.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{b6703471-bb2e-11dc-941f-0002449bb246}]
\Shell\Auto\command - boot.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL boot.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{b6703473-bb2e-11dc-941f-0002449bb246}]
\Shell\Auto\command - boot.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL boot.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{da835bbc-432b-11dc-92d2-00115bcb42e7}]
\Shell\Auto\command - G:\boot.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL boot.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{defa9b6a-b438-11dc-9408-00115bcb42e7}]
\Shell\Auto\command - boot.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL boot.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{defa9b6b-b438-11dc-9408-00115bcb42e7}]
\Shell\Auto\command - I:\boot.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL boot.exe

.
Contents of the 'Scheduled Tasks' folder
"2008-04-19 06:00:01 C:\WINDOWS\Tasks\AC8B8E04919C0BF4.job"
- c:\docume~1\omax2~1\applic~1\antebi~1\DEAD SOFT PLAN.exe
"2008-04-12 11:59:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-04-11 23:30:30 C:\WINDOWS\Tasks\ErrorSmart Scheduled Scan.job"
- C:\Program Files\ErrorSmart\ErrorSmart.ex
- C:\Program Files\ErrorSmart.OMAX 2+Runs ErrorSmart to optimize your registry.
"2007-08-17 16:48:19 C:\WINDOWS\Tasks\Norton AntiVirus - Run Full System Scan - OMAX 2.job"
- C:\PROGRA~1\NORTON~1\Navw32.exep/TASK:
"2008-04-18 18:57:26 C:\WINDOWS\Tasks\User_Feed_Synchronization-{3C4F4E4F-1B5E-40D0-B17F-8239F3B5D091}.job"
- C:\WINDOWS\system32\msfeedssync.exe
.
************************************************** ************************

catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-19 10:22:55
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\rundll32.exe
.
************************************************** ************************
.
Completion time: 2008-04-19 10:27:22 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-19 06:27:12
ComboFix2.txt 2008-04-18 06:49:05
ComboFix3.txt 2008-04-12 12:54:11
Pre-Run: 10,761,367,552 bytes free
Post-Run: 10,800,660,480 bytes free
.
2008-04-18 16:48:18 --- E O F ---

================================================== ===
Hijackthis log
================================================== ===
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:30:08 AM, on 4/19/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20772)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.talesofpirates.com/main.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Customize Your Settings
O2 - BHO: CEventSink Class - {B7154C4D-87C0-4A2C-AB64-DA132BAC2EE6} - C:\Program Files\Hotspot Shield\AnchorFree\ie\AFBho.dll
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Global Startup: RaConfig2500.lnk = C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\OMAX 2\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
O16 - DPF: {36A4B20A-2B75-4101-86CE-F9B03CA4B91C} (DownStarter Control) - http://bgweb.nowcdn.co.kr/bin/DownStarter.cab
O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - http://www.powerchallenge.com/applet/PowerLoader.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9F65AD81-957F-40B6-A813-432AD32A8C03}: NameServer = 192.168.0.2,192.168.0.1
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

--
End of file - 7431 bytes
  #16  
Old 04-19-2008
Pancake's Avatar
Senior Security Analyst
  
Join Date: Jun 2006
Location: Victoria, Australia
Posts: 2,958
PC Experience: Elite PC Guru
Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page
Default Re: hijackthis log
How are things running now.


__________________
  • An Australian Member of
  • and
My real name is Eddy
  #17  
Old 04-19-2008
hunt120's Avatar
Bronze Member
  
Join Date: Apr 2008
Posts: 20
PC Experience: PC Illiterate
hunt120 - See this Members User comments on their Profile page
Default Re: hijackthis log
help theres another problem when i play a game the comp frezzes plz fix this
  #18  
Old 04-19-2008
Pancake's Avatar
Senior Security Analyst
  
Join Date: Jun 2006
Location: Victoria, Australia
Posts: 2,958
PC Experience: Elite PC Guru
Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page