Well, I could not install the recovery console because I did not have access to the guide, but I ran combofix anyway, and here first is the log from hijackthis, I ran this before combofix and after, here is the first one:Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:55:33 AM, on 19/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virgin Broadband\PCguard\Fws.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\vsnpstd3.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Virgin Broadband\advisor\Broadbandadvisor.exe
C:\Program Files\Virgin Broadband\PCguard\Rps.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Eroca\Eroca.exe
C:\Documents and Settings\Owner\Application Data\m\flec006.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Philips\Philips SPC220NC Webcam\TrayMin220.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Virgin Broadband\advisor\BroadbandadvisorComHandler.exe
C:\Program Files\Virgin Broadband\PCguard\rpsupdaterR.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Owner\Desktop\HiJack_This.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
%s - Crawler.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
Yahoo!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant =
Internet Explorer Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch =
Search Assistant
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
Internet Explorer Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
Search Assistant
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {171390BB-7251-41F9-A5ED-7164EDE6ADC1} - C:\WINDOWS\system32\jkhfe.dll (file missing)
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Virgin Broadband\PCguard\pkR.dll
O2 - BHO: (no name) - {45C2A50F-8F4A-496E-AF02-D0207525BF5A} - C:\WINDOWS\system32\awtuurp.dll (file missing)
O2 - BHO: {4515cfd6-fb91-1459-13f4-d45068257426} - {62475286-054d-4f31-9541-19bf6dfc5154} - C:\WINDOWS\system32\xausnekk.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\s wg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {07AA283A-43D7-4CBE-A064-32A21112D94D} - (no file)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [] Rundll32.exe "C:\WINDOWS\system32\xohjiyea.dll",s
O4 - HKLM\..\Run: [Realtime Audio Engine] mmrtkrnl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [??????
] Rundll32.exe "C:\WINDOWS\system32\aymuhqyo.dll",s
O4 - HKLM\..\Run: [Broadbandadvisor.exe] "C:\Program Files\Virgin Broadband\advisor\Broadbandadvisor.exe" /AUTORUN
O4 - HKLM\..\Run: [PCguard] "C:\Program Files\Virgin Broadband\PCguard\Rps.exe"
O4 - HKLM\..\Run: [-FreedomNeedsReboot] "C:\Program Files\Virgin Broadband\PCguard\ZkRunOnceR.exe"
O4 - HKLM\..\Run: [BMef10d4fb] Rundll32.exe "C:\WINDOWS\system32\aymuhqyo.dll",s
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKLM\..\RunOnce: [IndexCleaner] "C:\Program Files\Virgin Broadband\PCguard\IdxClnR.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [Eroca] C:\Program Files\Eroca\Eroca.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\RunOnce: [IndexCleaner] "C:\Program Files\Virgin Broadband\PCguard\IdxClnR.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: TrayMin220.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites -
Add to Windows Live Favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Casino-On-Net - {3015DB92-158E-4b77-9020-85C8E311FBB5} - C:\PROGRA~1\CASINO~1\casino.exe (file missing)
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) -
https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://gfx1.hotmail.com/mail/w2/pr02...s/MSNPUpld.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) -
http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} -
http://aolsvc.aol.com/onlinegames/be...loader_v10.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: awtuurp - awtuurp.dll (file missing)
O20 - Winlogon Notify: hjyqezzf - hjyqezzf.dll (file missing)
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: Virgin Broadband PCguard Update Service (RPSUpdaterR) - Radialpoint Inc. - C:\Program Files\Virgin Broadband\PCguard\rpsupdaterR.exe
O23 - Service: PCguard Firewall (RP_FWS) - Virgin Media - C:\Program Files\Virgin Broadband\PCguard\Fws.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 10550 bytes
Then here is the combo fix log:
ComboFix 08-06-16.5 - Owner 2008-06-19 5:19:33.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.129 [GMT -5:00]
Running from: C:\Documents and Settings\Owner\Desktop\Combo-Fix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Application Data\DriveDefender
C:\Documents and Settings\All Users\Application Data\DriveDefender\Abbr
C:\Documents and Settings\All Users\Application Data\DriveDefender\prod_code
C:\Documents and Settings\All Users\Application Data\storageprotector
C:\Documents and Settings\All Users\Application Data\storageprotector\Data\ac
C:\Documents and Settings\All Users\Application Data\storageprotector\Data\em
C:\Documents and Settings\All Users\Application Data\storageprotector\Data\oid
C:\Documents and Settings\All Users\Application Data\storageprotector\Data\StorageProtector.exe.ce r
C:\Documents and Settings\All Users\Application Data\storageprotector\Data\user
C:\Documents and Settings\Owner\Application Data\DriveDefender
C:\Documents and Settings\Owner\Application Data\DriveDefender\Logs\update.log
C:\Documents and Settings\Owner\Application Data\m
C:\Documents and Settings\Owner\Application Data\m\data.oct
C:\Documents and Settings\Owner\Application Data\m\list.oct
C:\Documents and Settings\Owner\Application Data\m\shared
C:\Documents and Settings\Owner\Application Data\m\shared\3D Dancing Frogs 1.0 With Crack.zip
C:\Documents and Settings\Owner\Application Data\m\shared\5 Spots 1.0.zip
C:\Documents and Settings\Owner\Application Data\m\shared\70-554 Practice Exam Testing Engine Software 1.0.zip
C:\Documents and Settings\Owner\Application Data\m\shared\A Splash Of New Orleans Screensaver 1.0 (Patch).zip
C:\Documents and Settings\Owner\Application Data\m\shared\ABB Icon Library Manager 5.1.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Active Undelete--Data Recovery 5.1.019.zip
C:\Documents and Settings\Owner\Application Data\m\shared\AlertPingPro 2.7.6.zip
C:\Documents and Settings\Owner\Application Data\m\shared\All to Real Converter 4.3.zip
C:\Documents and Settings\Owner\Application Data\m\shared\ALO Audio CD Ripper 2.zip
C:\Documents and Settings\Owner\Application Data\m\shared\AOL 9.0 VR Refresh 0.4327.134.1 [KeyGen].zip
C:\Documents and Settings\Owner\Application Data\m\shared\AOL Instant Messenger (AIM) 6.2.32.1 [Key].zip
C:\Documents and Settings\Owner\Application Data\m\shared\AskPoirot 2.0.6.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Audio Converter Pro 2.2.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Avax Vector ActiveX 1.3.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Avex DVD to Zune Video Suite 4.5 Build 02 [KeyGen].zip
C:\Documents and Settings\Owner\Application Data\m\shared\AVI2VCD 1.4.2.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Beautiful Sunsets 1.1 Serial.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Bitdefender Antivirus Plus v10 FR+keygen.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Blob Clock 1.1.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Bubbles Screen Saver 1.0 [Key+Serial].zip
C:\Documents and Settings\Owner\Application Data\m\shared\CafeTorah3 1.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Channel4 1.0.zip
C:\Documents and Settings\Owner\Application Data\m\shared\CharView 3.7.1.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Church Secretary 32 7.01 [Cracked].zip
C:\Documents and Settings\Owner\Application Data\m\shared\CiB Tweak 1.5.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Clear TEMP folder 2.2.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Coin Collector Professional 7.0.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Colorful DVD Creator 4.0.zip
C:\Documents and Settings\Owner\Application Data\m\shared\CompuPic Express 6.23.1364 (KeyGen).zip
C:\Documents and Settings\Owner\Application Data\m\shared\Create A Quiz 5.15.zip
C:\Documents and Settings\Owner\Application Data\m\shared\CtrlView 3.30 Patch.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Data Doctor Recovery - Removable Media 2.0.1.5.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Data Encrypt 1.0.zip
C:\Documents and Settings\Owner\Application Data\m\shared\DC Form Translator 1.0 [With Crack].zip
C:\Documents and Settings\Owner\Application Data\m\shared\DesignCAD Express 12.0.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Diabetes Tracker 1.3.zip
C:\Documents and Settings\Owner\Application Data\m\shared\DTgrafic Bus Stop 3 1.2.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Easy Desktop Publisher 1.03.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Easy text viewer 2.50.zip
C:\Documents and Settings\Owner\Application Data\m\shared\EasyAccounting 1.00.zip
C:\Documents and Settings\Owner\Application Data\m\shared\EasyConsole 1.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Email Blaster 2.09.30 (Serial).zip
C:\Documents and Settings\Owner\Application Data\m\shared\Eradicator demo.zip
C:\Documents and Settings\Owner\Application Data\m\shared\EuroWiz 2002 4.18.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Exchange Load Generator 08.01.0038.zip
C:\Documents and Settings\Owner\Application Data\m\shared\ExeHound 2005 build 2.01.01.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Flash Lite for BREW Publisher for Flash CS3 Pro Preview Release 2.1.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Form Auto Fill 1.1 (Serial).zip
C:\Documents and Settings\Owner\Application Data\m\shared\Free Fitness Calculator 1.1.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Game Manager 1.0.85.zip
C:\Documents and Settings\Owner\Application Data\m\shared\GAUMONT 1.0.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Girder 3.3.1.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Going Home 1.0.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Goutlook 0.2.2 Alpha.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Hare Krishna Mp3 Player 1.3.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Harmony Assistant (Classic) 9.0.2.zip
C:\Documents and Settings\Owner\Application Data\m\shared\HelpMaster Pro Enterprise Edition 7.0.zip
C:\Documents and Settings\Owner\Application Data\m\shared\HotJava Browser 3.0.zip
C:\Documents and Settings\Owner\Application Data\m\shared\HS NMEA GPS C Source Library 1.0 With Crack.zip
C:\Documents and Settings\Owner\Application Data\m\shared\HTML Bulk Email 3.6 (Key).zip
C:\Documents and Settings\Owner\Application Data\m\shared\HTML Bulk Email 3.6.zip
C:\Documents and Settings\Owner\Application Data\m\shared\iBack - iPod Backup Tool 1.3.3 (Key).zip
C:\Documents and Settings\Owner\Application Data\m\shared\International Computer Business Management Course 3.00.zip
C:\Documents and Settings\Owner\Application Data\m\shared\iStudent 1.2.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Kaspersky.6.0.300.Keys.zip
C:\Documents and Settings\Owner\Application Data\m\shared\KJ File Manager 2.2.4.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Leow Descrambler 1.8.zip
C:\Documents and Settings\Owner\Application Data\m\shared\LingvoSoft Dictionary 2006 English Polish for Windows 3.1.41.zip
C:\Documents and Settings\Owner\Application Data\m\shared\LingvoSoft Talking Dictionary 2006 English Russian 3.1.41.zip
C:\Documents and Settings\Owner\Application Data\m\shared\LinkTile 1.3.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Lumixed4E4 1.3.0.2.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Mary Child Countdown To From 1.0.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Master Converter 2.7.3.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Maze Cube 1.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Mcafee.alles.in.een.2006.NL(sharepla net.nl).-.Mare.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Medal of Honor Allied Assault Snowball Fight Mod.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Minall 1.0.zip
C:\Documents and Settings\Owner\Application Data\m\shared\MSWordDocument 1.32.zip
C:\Documents and Settings\Owner\Application Data\m\shared\MyKeyDb 1.0.0.0.zip
C:\Documents and Settings\Owner\Application Data\m\shared\MySpeed PC Advanced Edition 1.2b build 100.zip
C:\Documents and Settings\Owner\Application Data\m\shared\NewPlay 4 Audio Standard Edition 4.05.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Newspaper Online Reader 3.29.zip
C:\Documents and Settings\Owner\Application Data\m\shared\OCR.Net Barcode Component 3.2.1 [Serial].zip
C:\Documents and Settings\Owner\Application Data\m\shared\OE-Plus 1.0.zip
C:\Documents and Settings\Owner\Application Data\m\shared\OneWorldStore 1.020 [Key+Serial].zip
C:\Documents and Settings\Owner\Application Data\m\shared\Optimal Pilot 1.00 [Crack].zip
C:\Documents and Settings\Owner\Application Data\m\shared\Paraben's Daily Journal 3.2.0.0 [Patch].zip
C:\Documents and Settings\Owner\Application Data\m\shared\Password Keeper 2001 4.2.zip
C:\Documents and Settings\Owner\Application Data\m\shared\PDF2Mail Pilot Pro 1.42 KeyGen.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Pop-Up Sentry! 4.0.0.1008.zip
C:\Documents and Settings\Owner\Application Data\m\shared\prevx1.crack.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Quick Guide to English Verbs 1.01.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Rain Animated Jigsaw Puzzle 48pc.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Registry Cleaner Click And Fix 3.3.zip
C:\Documents and Settings\Owner\Application Data\m\shared\RightPairs 1.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Rise of Nations Peninsula War map.zip
C:\Documents and Settings\Owner\Application Data\m\shared\RM WMA Converter 1.10 (Key+Serial).zip
C:\Documents and Settings\Owner\Application Data\m\shared\Rome Total War trailer 1.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Royal Culinary Package 1.0 [Crack].zip
C:\Documents and Settings\Owner\Application Data\m\shared\SayO'Clock 1.2.2.zip
C:\Documents and Settings\Owner\Application Data\m\shared\SBWebCamCorder 2.5.zip
C:\Documents and Settings\Owner\Application Data\m\shared\ScreenHunter Pro 5.0.733 Key.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Serial.-.Panda.Antivirus.Platinium.2004.v7.05.03.zip
C:\Documents and Settings\Owner\Application Data\m\shared\SeXstazy 3.0.2.11 Serial.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Shocking Void 0.39.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Simply XPMC Induztry 1.0.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Spatializer VSP 11 1.02 (Serial).zip
C:\Documents and Settings\Owner\Application Data\m\shared\SpeedSearch (PowerPC) 2.2.zip
C:\Documents and Settings\Owner\Application Data\m\shared\StreamAware 1.0 Cracked.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Swiff Extractor 1.2.zip
C:\Documents and Settings\Owner\Application Data\m\shared\System Run Lite 2.2 build 30.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Table Library 3.4.7.2 (Key).zip
C:\Documents and Settings\Owner\Application Data\m\shared\The GodFather 0.71 beta2.zip
C:\Documents and Settings\Owner\Application Data\m\shared\The Math Professor 1.5 (Key).zip
C:\Documents and Settings\Owner\Application Data\m\shared\The Omega Stone 1.1 patch.zip
C:\Documents and Settings\Owner\Application Data\m\shared\TheOne Health Checker Lite 2.0.5.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Thief The Dark Project Return to Bafford Manor Map.zip
C:\Documents and Settings\Owner\Application Data\m\shared\TiffanyScreens 1.0.zip
C:\Documents and Settings\Owner\Application Data\m\shared\TinyScan 2.7.3 Beta.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Totalus 1.1.1.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Tree Of Life Screensaver 3.11 [Crack].zip
C:\Documents and Settings\Owner\Application Data\m\shared\True Launcher 2.8.zip
C:\Documents and Settings\Owner\Application Data\m\shared\User Control 5.510.0.0 (Patch).zip
C:\Documents and Settings\Owner\Application Data\m\shared\Volume Logic for RealPlayer 1.3.1.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Water Lily v2 Animated Screensaver 3.11.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Windows 2000 Predictable Name Pipes Vulnerability Patch MS01-031.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Windows Automated Installation Kit (AIK) 1.0.zip
C:\Documents and Settings\Owner\Application Data\m\shared\Windows Product Key Viewer Changer 2.9.zip
C:\Documents and Settings\Owner\Application Data\m\shared\WinX 3GP PDA MP4 Video Converter 3.5.58 Key+Serial.zip
C:\Documents and Settings\Owner\Application Data\m\srvlist.oct
C:\Documents and Settings\Owner\Application Data\WeatherDPA(2)
C:\Documents and Settings\Owner\Application Data\WeatherDPA(2)\Weather(2)\WeatherStartup.xml
C:\Program Files\CPV
C:\Program Files\Eroca
C:\Program Files\Eroca\Eroca.exe
C:\Program Files\internet explorer\msimg32.dll
C:\Program Files\JavaCore
C:\Program Files\JavaCore\UnInstall.exe
C:\Program Files\outlook
C:\Program Files\Temporary
C:\WINDOWS\BMef10d4fb.xml
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\adlbjdbs.dll
C:\WINDOWS\system32\afjuikpa.ini
C:\WINDOWS\system32\atuofqhv.dll
C:\WINDOWS\system32\axnpcgka.dll
C:\WINDOWS\system32\aymuhqyo.dll
C:\WINDOWS\system32\ban_list.txt
C:\WINDOWS\system32\bhmogsqk.ini
C:\WINDOWS\system32\bnvcdafv.dll
C:\WINDOWS\system32\bvbcwuuf.dll
C:\WINDOWS\system32\bxramacv.ini
C:\WINDOWS\system32\cbbbgmuh.ini
C:\WINDOWS\system32\cdkeiivj.dll
C:\WINDOWS\system32\ceqwndwl.dll
C:\WINDOWS\system32\cjvnkjnb.ini
C:\WINDOWS\system32\clqrespd.dll
C:\WINDOWS\system32\cmpmsbct.ini
C:\WINDOWS\system32\coulutpo.dll
C:\WINDOWS\system32\cqmmsnji.dll
C:\WINDOWS\system32\ctuxlvnj.dll
C:\WINDOWS\system32\dektiugx.dll
C:\WINDOWS\system32\dkdmcjug.ini
C:\WINDOWS\system32\dopqrsfj.dll
C:\WINDOWS\system32\drivers\downld
C:\WINDOWS\system32\drivers\downld\1050140.exe
C:\WINDOWS\system32\drivers\downld\1082937.exe
C:\WINDOWS\system32\drivers\downld\1089500.exe
C:\WINDOWS\system32\drivers\downld\196578.exe
C:\WINDOWS\system32\drivers\downld\221656.exe
C:\WINDOWS\system32\drivers\downld\233625.exe
C:\WINDOWS\system32\drivers\downld\420921.exe
C:\WINDOWS\system32\drivers\downld\435875.exe
C:\WINDOWS\system32\drivers\downld\447781.exe
C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\mdelk.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\eagjuohd.dll
C:\WINDOWS\system32\efhkj.ini
C:\WINDOWS\system32\efhkj.ini2
C:\WINDOWS\system32\emlugtin.dll
C:\WINDOWS\system32\epycclrr.dll
C:\WINDOWS\system32\eqmsokte.ini
C:\WINDOWS\system32\erdckcyf.dll
C:\WINDOWS\system32\eyekdgyv.ini
C:\WINDOWS\system32\f3PSSavr.scr
C:\WINDOWS\system32\famshyni.dll
C:\WINDOWS\system32\fdmcekoa.dll
C:\WINDOWS\system32\fgiuhuul.dll
C:\WINDOWS\system32\flilsnlp.ini
C:\WINDOWS\system32\flwiypcu.dll
C:\WINDOWS\system32\fwbxmiso.dll
C:\WINDOWS\system32\gmqapivj.dll
C:\WINDOWS\system32\gpunkclb.ini
C:\WINDOWS\system32\gwnbjpoj.dll
C:\WINDOWS\system32\hdxpkhjh.ini
C:\WINDOWS\system32\hinjhcic.dll
C:\WINDOWS\system32\hivjbcdc.dll
C:\WINDOWS\system32\hqrrgtef.dll
C:\WINDOWS\system32\hswojmlw.dll
C:\WINDOWS\system32\hsyvuure.dll
C:\WINDOWS\system32\hxufsibr.dll
C:\WINDOWS\system32\icbinqcc.dll
C:\WINDOWS\system32\idlubehm.dll
C:\WINDOWS\system32\igsmgcwd.ini
C:\WINDOWS\system32\ikmoqvoj.dll
C:\WINDOWS\system32\ilppccen.dll
C:\WINDOWS\system32\iofgycuc.dll
C:\WINDOWS\system32\iohkjfwo.dll
C:\WINDOWS\system32\ipkylmvd.ini
C:\WINDOWS\system32\ittsqyej.dll
C:\WINDOWS\system32\jeyqstti.ini
C:\WINDOWS\system32\jhmrvjfk.dll
C:\WINDOWS\system32\jlcimtdn.dll
C:\WINDOWS\system32\jmugppsk.ini
C:\WINDOWS\system32\jnvlxutc.ini
C:\WINDOWS\system32\jrmmmvvx.dll
C:\WINDOWS\system32\junrtqmx.ini
C:\WINDOWS\system32\kaaskuip.dll
C:\WINDOWS\system32\kahxntrh.dll
C:\WINDOWS\system32\kgpptlfq.dll
C:\WINDOWS\system32\koltexkg.dll
C:\WINDOWS\system32\ksppgumj.dll
C:\WINDOWS\system32\ktpbqiwt.dll
C:\WINDOWS\system32\kusifknu.ini
C:\WINDOWS\system32\kyumvtkx.ini
C:\WINDOWS\system32\ljbfylww.dll
C:\WINDOWS\system32\llqoclbr.ini
C:\WINDOWS\system32\lmdbllja.dll
C:\WINDOWS\system32\lsalpahl.dll
C:\WINDOWS\system32\lvpqwsky.dll
C:\WINDOWS\system32\lwdnwqec.ini
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\mdelk.exe
C:\WINDOWS\system32\melsexoh.dll
C:\WINDOWS\system32\mimnqheg.ini
C:\WINDOWS\system32\mldlibuh.dll
C:\WINDOWS\system32\mrviicdi.ini
C:\WINDOWS\system32\mxywbeiy.dll
C:\WINDOWS\system32\ncnmeibw.ini
C:\WINDOWS\system32\nghfvuar.ini
C:\WINDOWS\system32\nhondwmn.dll
C:\WINDOWS\system32\nljcdsok.dll
C:\WINDOWS\system32\nmrphctb.ini
C:\WINDOWS\system32\oelylvgg.ini
C:\WINDOWS\system32\okfmnwse.ini
C:\WINDOWS\system32\osyldmlx.dll
C:\WINDOWS\system32\pbhnxqsa.dll
C:\WINDOWS\system32\phqbrnuc.dll
C:\WINDOWS\system32\plhljdnx.dll
C:\WINDOWS\system32\qfokcyiu.dll
C:\WINDOWS\system32\qldcryat.ini
C:\WINDOWS\system32\qlgvmtck.ini
C:\WINDOWS\system32\qnlfdfma.ini
C:\WINDOWS\system32\qqamxkbw.ini
C:\WINDOWS\system32\qqoccmmn.dll
C:\WINDOWS\system32\qqtltwvh.ini
C:\WINDOWS\system32\qyosflnt.ini
C:\WINDOWS\system32\rdlbgfnv.dll
C:\WINDOWS\system32\rgimmbhf.dll
C:\WINDOWS\system32\rieogeaa.dll
C:\WINDOWS\system32\rjjpqldk.dll
C:\WINDOWS\system32\rqkjaymo.ini
C:\WINDOWS\system32\rshkkdcf.ini
C:\WINDOWS\system32\rsitcjrg.dll
C:\WINDOWS\system32\rxiluetk.dll
C:\WINDOWS\system32\rxngwexn.dll
C:\WINDOWS\system32\slklimcc.dll
C:\WINDOWS\system32\snecfvvx.dll
C:\WINDOWS\system32\speovnsm.dll
C:\WINDOWS\system32\spxtxqdj.dll
C:\WINDOWS\system32\srgaejrq.dll
C:\WINDOWS\system32\srridiiy.ini
C:\WINDOWS\system32\sxtgcehu.dll
C:\WINDOWS\system32\sydlmied.ini
C:\WINDOWS\system32\sydwkfsn.dll
C:\WINDOWS\system32\tevibgui.dll
C:\WINDOWS\system32\tghyxqrx.dll
C:\WINDOWS\system32\tgsnkcpm.dll
C:\WINDOWS\system32\tjmyepgi.dll
C:\WINDOWS\system32\tlubopas.dll
C:\WINDOWS\system32\tnlfsoyq.dll
C:\WINDOWS\system32\trfaicej.dll
C:\WINDOWS\system32\ucxqqxtr.dll
C:\WINDOWS\system32\uedttebg.dll
C:\WINDOWS\system32\ugijgaoe.dll
C:\WINDOWS\system32\uhrlvigp.dll
C:\WINDOWS\system32\uikgktcp.dll
C:\WINDOWS\system32\ulnbhnxr.dll
C:\WINDOWS\system32\uoyycnrb.dll
C:\WINDOWS\system32\usyottdj.dll
C:\WINDOWS\system32\utusncwe.ini
C:\WINDOWS\system32\vabagdko.dll
C:\WINDOWS\system32\vagirnet.dll
C:\WINDOWS\system32\vasomwss.dll
C:\WINDOWS\system32\vbnnepee.dll
C:\WINDOWS\system32\vcajikrh.ini
C:\WINDOWS\system32\vcrdgcjk.dll
C:\WINDOWS\system32\vdvxpika.dll
C:\WINDOWS\system32\vsjurfvm.dll
C:\WINDOWS\system32\vsygiwkb.dll
C:\WINDOWS\system32\wintems.exe
C:\WINDOWS\system32\wvngvyas.dll
C:\WINDOWS\system32\wwlnpavm.dll
C:\WINDOWS\system32\wxaqsrcr.ini
C:\WINDOWS\system32\xausnekk.dll
C:\WINDOWS\system32\xlmdlyso.ini
C:\WINDOWS\system32\xpfddxyb.dll
C:\WINDOWS\system32\xvpobxrd.ini
C:\WINDOWS\system32\xwhuustl.dll
C:\WINDOWS\system32\ybeeg.ini
C:\WINDOWS\system32\ybeeg.ini2
C:\WINDOWS\system32\yborbnoc.dll
C:\WINDOWS\system32\yclsemwl.ini
C:\WINDOWS\system32\yfhsvecr.dll
C:\WINDOWS\system32\yqdfdsbf.ini
C:\WINDOWS\system32\yragnnfn.ini
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_DHLP
-------\Legacy_SROSA
((((((((((((((((((((((((( Files Created from 2008-05-19 to 2008-06-19 )))))))))))))))))))))))))))))))
.
2008-06-19 05:26 . 2008-06-19 05:26 <DIR> d-------- C:\WINDOWS\system32\drivers\downld
2008-06-17 08:29 . 2008-06-17 08:29 <DIR> d-------- C:\Deckard
2008-06-17 02:08 . 2008-06-17 02:08 <DIR> d-------- C:\WINDOWS\Sun
2008-06-17 01:27 . 2008-06-17 01:27 <DIR> d-------- C:\Program Files\MyHeritage
2008-06-17 01:27 . 2008-06-17 01:27 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\The Complete Genealogy Reporter - FTB
2008-06-17 01:27 . 2002-03-07 01:19 454,656 --a------ C:\WINDOWS\system32\PaintX.dll
2008-06-17 01:27 . 2003-07-06 14:07 372,736 --a------ C:\WINDOWS\system32\ijl15.dll
2008-06-17 01:27 . 1998-06-24 00:00 137,000 --a------ C:\WINDOWS\system32\msmapi32.ocx
2008-06-16 12:37 . 2008-06-19 05:11 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Skype
2008-06-16 12:36 . 2008-06-16 12:36 <DIR> d-------- C:\Program Files\Skype
2008-06-16 12:36 . 2008-06-16 12:36 <DIR> d-------- C:\Program Files\Common Files\Skype
2008-06-16 07:09 . 2008-06-16 07:09 <DIR> d--h----- C:\WINDOWS\PIF
2008-06-16 06:38 . 2008-06-19 02:59 53,192 --a------ C:\WINDOWS\system32\drivers\rp_skt32.sys
2008-06-16 06:38 . 2007-04-19 11:36 48,384 --a------ C:\WINDOWS\system32\drivers\rp_pkt32.sys
2008-06-16 06:37 . 2008-06-16 06:37 <DIR> d-------- C:\Program Files\Common Files\Authentium
2008-06-16 06:36 . 2008-06-16 06:36 <DIR> d-------- C:\Program Files\Raxco
2008-06-16 06:36 . 2008-06-16 06:36 <DIR> d-------- C:\Program Files\CA
2008-06-16 06:36 . 2008-06-16 06:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Raxco
2008-06-16 06:35 . 2008-06-16 07:12 <DIR> d-------- C:\Program Files\Common Files\Scanner
2008-06-16 06:23 . 2008-06-16 06:34 <DIR> d-------- C:\Program Files\Virgin Broadband
2008-06-16 06:23 . 2008-06-16 07:24 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Virgin Broadband
2008-06-16 06:23 . 2008-06-16 06:29 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Virgin Broadband
2008-06-16 05:37 . 2008-06-16 05:37 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-06-16 05:23 . 2008-06-16 05:23 41,024 --a------ C:\WINDOWS\system32\uokkermm.dll
2008-06-14 10:42 . 2008-06-14 10:42 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\VTExtra
2008-06-14 10:35 . 2008-06-14 10:35 41,024 --a------ C:\WINDOWS\system32\cpomqlhl.dll
2008-06-13 10:43 . 2008-06-13 10:43 41,024 --a------ C:\WINDOWS\system32\yqhrmqjt.dll
2008-06-12 10:40 . 2008-06-12 10:40 41,024 --a------ C:\WINDOWS\system32\nplydwaj.dll
2008-06-11 15:48 . 2008-06-11 15:48 <DIR> d-------- C:\Program Files\BitTorrent Fastest Tool
2008-06-11 09:48 . 2008-06-11 13:47 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\great coal love default
2008-06-11 09:45 . 2008-06-11 09:45 41,024 --a------ C:\WINDOWS\system32\iqafropx.dll
2008-06-10 09:34 . 2008-06-10 09:34 53,312 --a------ C:\WINDOWS\system32\euktvlqk.dll
2008-06-10 09:33 . 2008-06-10 09:33 53,312 --a------ C:\WINDOWS\system32\pxnyxvvh.dll
2008-06-09 15:28 . 2008-06-09 15:28 53,312 --a------ C:\WINDOWS\system32\kxwsmsqa.dll
2008-06-09 14:58 . 2008-06-09 14:58 53,312 --a------ C:\WINDOWS\system32\phygcxhv.dll
2008-06-06 14:53 . 2008-06-06 14:53 <DIR> d-------- C:\WINDOWS\system32\djpclib
2008-06-06 14:53 . 2008-06-06 14:53 <DIR> d-------- C:\WINDOWS\E4153266612C460FAB94C9DB6802459A.TMP
2008-06-06 14:53 . 2008-06-06 14:53 <DIR> d-------- C:\Virtual
2008-06-06 14:53 . 2008-06-06 14:53 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\BufferZone
2008-06-06 14:52 . 2008-06-06 14:52 <DIR> d-------- C:\Program Files\Share_Accelerator_MM
2008-06-06 14:52 . 2008-06-06 14:52 <DIR> d-------- C:\Program Files\ALCATech
2008-06-06 14:51 . 2008-06-06 14:51 <DIR> d-------- C:\WINDOWS\Philips
2008-06-06 14:51 . 2008-06-06 14:51 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\InstallShield
2008-06-06 14:51 . 2008-06-06 14:51 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\ArcSoft
2008-06-06 14:47 . 2008-06-06 14:47 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Windows Live Writer
2008-06-06 14:46 . 2008-06-06 14:46 <DIR> d-------- C:\Documents and Settings\Owner\Documents and Settings
2008-06-06 14:46 . 2008-06-06 14:46 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Application Data
2008-06-06 14:45 . 2008-06-06 14:46 <DIR> d-------- C:\Program Files\SpacialAudio
2008-06-06 14:27 . 2008-06-06 14:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Disk Cleaner
2008-06-06 14:26 . 2008-06-06 14:47 <DIR> d-------- C:\Program Files\nvcoi(2)
2008-06-03 10:42 . 2008-06-16 06:49 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\LimeWire
2008-06-03 10:42 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-06-03 10:41 . 2008-06-06 14:53 <DIR> d-------- C:\Program Files\Java
2008-06-03 10:40 . 2008-06-06 14:53 <DIR> d-------- C:\Program Files\Common Files\Java
2008-06-03 10:37 . 2008-06-17 02:49 <DIR> d-------- C:\Program Files\LimeWire
2008-06-01 10:03 . 2008-06-01 10:11 <DIR> d-------- C:\Program Files\DJ Music Mixer
2008-06-01 05:39 . 2008-06-06 14:18 <DIR> d-------- C:\Documents and Settings\Owner\.ultramixer
2008-06-01 04:43 . 2002-09-21 15:33 65,536 --a------ C:\WINDOWS\system32\cpvslider.ocx
2008-06-01 04:43 . 2002-09-13 17:09 45,056 --a------ C:\WINDOWS\system32\BPM_Control.ocx
2008-05-31 13:13 . 2008-06-06 14:52 <DIR> d-------- C:\Program Files\Native Instruments
2008-05-31 13:01 . 2008-05-31 13:01 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\NCH Software
2008-05-31 12:54 . 2005-01-20 12:02 344,576 --a------ C:\WINDOWS\system32\MMRTKRNL.DLL
2008-05-31 12:54 . 2005-01-11 17:05 92,672 --a------ C:\WINDOWS\system32\drivers\mmrtkrnl.sys
2008-05-31 12:54 . 1997-12-23 02:00 48,128 --a------ C:\WINDOWS\system32\WNASPI32.DLL
2008-05-31 12:54 . 1997-12-23 02:00 23,936 --a------ C:\WINDOWS\system32\drivers\ASPI32.SYS
2008-05-31 12:54 . 1997-12-23 02:00 5,600 --a------ C:\WINDOWS\system\WNASPI32.NT
2008-05-31 12:54 . 1997-12-23 02:00 4,672 --a------ C:\WINDOWS\system\WOWPOST.EXE
2008-05-28 09:46 . 2008-02-26 06:48 297,984 --------- C:\WINDOWS\system32\dllcache\msctf.dll
2008-05-24 07:13 . 2008-06-06 14:52 <DIR> d-------- C:\Program Files\Zapu
2008-05-24 07:13 . 2004-02-17 00:00 434,252 --a------ C:\WINDOWS\system32\Msvcrtd.dll
2008-05-22 17:20 . 2008-05-22 17:20 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2008-05-22 17:20 . 2008-05-22 17:20 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-06-19 10:12 --------- d-----w C:\Program Files\ICQToolbar
2008-06-19 07:57 --------- d-----w C:\Documents and Settings\Owner\Application Data\skypePM
2008-06-18 15:39 --------- d-----w C:\Documents and Settings\Owner\Application Data\ICQ Toolbar
2008-06-17 12:39 --------- d-----w C:\Program Files\eMule
2008-06-16 17:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype
2008-06-16 17:34 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-11 18:55 --------- d-----w C:\Program Files\NotePad++
2008-06-11 16:37 --------- d-----w C:\Program Files\DivX
2008-06-11 16:18 --------- d-----w C:\Program Files\NCH Software
2008-06-11 16:16 --------- d-----w C:\Program Files\Movavi Video Converter 5
2008-06-06 19:53 --------- d-----w C:\Program Files\VirtualDJ
2008-06-06 19:53 --------- d-----w C:\Program Files\Secured IE
2008-06-06 19:53 --------- d-----w C:\Program Files\NCH Swift Sound
2008-06-06 19:53 --------- d-----w C:\Documents and Settings\Owner\Application Data\NCH Swift Sound
2008-06-06 19:52 --------- d-----w C:\Documents and Settings\Owner\Application Data\Yahoo!
2008-06-06 19:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-06-06 19:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\NCH Software
2008-06-06 19:51 --------- d-----w C:\Program Files\Common Files\Real
2008-06-06 19:51 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-06-06 19:50 --------- d-----w C:\Program Files\Winferno
2008-06-06 19:50 --------- d-----w C:\Program Files\UltraMixer
2008-06-06 19:50 --------- d-----w C:\Program Files\Mixxx
2008-06-06 19:50 --------- d-----w C:\Program Files\BearShare Applications
2008-06-06 19:50 --------- d-----w C:\Program Files\AVS4YOU
2008-06-06 19:47 --------- d-----w C:\Program Files\ICQ6
2008-06-06 19:47 --------- d-----w C:\Program Files\Astonsoft
2008-06-06 19:46 --------- d-----w C:\Program Files\Smart PC Solutions
2008-06-06 19:46 --------- d-----w C:\Program Files\PC Registry Cleaner
2008-06-06 19:46 --------- d-----w C:\Program Files\Exo Adult
2008-06-06 19:46 --------- d-----w C:\Documents and Settings\Owner\Application Data\Smart PC Solutions
2008-06-06 19:21 --------- d-----w C:\Program Files\Common Files\AVSMedia
2008-06-04 12:53 57,632 ----a-w C:\SPC220NC.DAT
2008-06-01 12:16 --------- d-----w C:\Documents and Settings\Owner\Application Data\BearShare
2008-05-16 11:30 231,424 ----a-w C:\WINDOWS\b148.exe
2008-05-09 19:33 --------- d-----w C:\Program Files\Philips
2008-05-09 19:33 --------- d-----w C:\Program Files\ArcSoft
2008-05-08 17:09 8,464 ----a-w C:\WINDOWS\system32\sporder.dll
2008-05-08 15:30 675,328 ----a-w C:\WINDOWS\isRS-000.tmp
2008-05-08 15:30 --------- d-----w C:\Program Files\SoftwareClub.ws
2008-04-16 10:39 53,312 ----a-w C:\WINDOWS\system32\mlxfroku.dll
2008-04-15 10:37 53,312 ----a-w C:\WINDOWS\system32\oyubsgog.dll
2008-04-14 16:03 53,312 ----a-w C:\WINDOWS\system32\shdhmqkl.dll
2008-04-13 16:03 53,312 ----a-w C:\WINDOWS\system32\kgaadvfv.dll
2008-04-12 16:03 53,312 ----a-w C:\WINDOWS\system32\pbrxauoo.dll
2008-04-11 15:57 53,312 ----a-w C:\WINDOWS\system32\wgmfywdx.dll
2008-04-10 15:59 53,312 ----a-w C:\WINDOWS\system32\whqigmjc.dll
2008-04-09 15:57 53,312 ----a-w C:\WINDOWS\system32\ymwrrmjo.dll
2008-04-08 15:56 53,312 ----a-w C:\WINDOWS\system32\dmkraciu.dll
2008-04-07 15:56 53,312 ----a-w C:\WINDOWS\system32\gmgggucp.dll
2008-04-06 15:55 53,312 ----a-w C:\WINDOWS\system32\bgswxfhs.dll
2008-03-26 08:09 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-26 08:09 151,583 ------w C:\WINDOWS\system32\dllcache\msjint40.dll
2008-03-25 15:20 219,936 ----a-w C:\WINDOWS\system32\msltus40.dll
2008-03-25 15:20 219,936 ------w C:\WINDOWS\system32\dllcache\msltus40.dll
2008-03-19 09:40 1,845,888 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-19 09:40 1,845,888 ------w C:\WINDOWS\system32\dllcache\win32k.sys
2008-03-06 19:27 13,123 ----a-w C:\Documents and Settings\Smart PC\unins000.dat
2008-03-06 19:26 673,553 ----a-w C:\Documents and Settings\Smart PC\unins000.exe
2008-03-04 19:44 261,896 ----a-w C:\Documents and Settings\Owner\Application Data\setup_en[1].exe
2008-02-28 18:58 11,915,264 ----a-w C:\Documents and Settings\Smart PC\SmartPC.exe
2008-02-28 18:01 360,448 ----a-w C:\Documents and Settings\Smart PC\SmartPCSchedule.exe
2008-01-11 15:39 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2007-11-16 00:13 212,992 ----a-w C:\Documents and Settings\Smart PC\SmartPCBoost.exe
2007-03-01 22:00 53,248 ----a-w C:\Documents and Settings\Smart PC\SmartPC.dll
2007-01-23 21:54 152,064 ----a-w C:\Documents and Settings\Smart PC\Uninst.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{171390BB-7251-41F9-A5ED-7164EDE6ADC1}]
C:\WINDOWS\system32\jkhfe.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-12 01:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2005-06-01 03:04 700416]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184]
"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2008-01-23 12:23 3497984]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-05-30 15:54 21718312]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\RunOnce]
"IndexCleaner"="C:\Program Files\Virgin Broadband\PCguard\IdxClnR.exe" [2007-09-05 14:09 61168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"snpstd3"="C:\WINDOWS\vsnpstd3.exe" [2006-09-19 10:07 827392]
"@"="" []
"Realtime Audio Engine"="mmrtkrnl.exe" []
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]
"??????
"="" []
"Broadbandadvisor.exe"="C:\Program Files\Virgin Broadband\advisor\Broadbandadvisor.exe" [2007-08-07 18:49 2061552]
"PCguard"="C:\Program Files\Virgin Broadband\PCguard\Rps.exe" [2007-09-05 14:10 310000]
"-FreedomNeedsReboot"="C:\Program Files\Virgin Broadband\PCguard\ZkRunOnceR.exe" [2007-09-05 14:10 13552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\RunOnce]
"WIAWizardMenu"="C:\WINDOWS\system32\sti_ci.dl l" [2004-08-12 01:00 136704]
"IndexCleaner"="C:\Program Files\Virgin Broadband\PCguard\IdxClnR.exe" [2007-09-05 14:09 61168]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\RunOnce]
"nltide_3"="advpack.dll" [2008-03-01 08:06 124928 C:\WINDOWS\system32\advpack.dll]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
TrayMin220.lnk - C:\Program Files\Philips\Philips SPC220NC Webcam\TrayMin220.exe [2008-05-09 14:33:08 278528]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableLUA"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\cur rentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awtuurp]
awtuurp.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\hjyqezzf]
hjyqezzf.dll
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"=
"C:\\Program Files\\ICQ6\\ICQ.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=
"C:\\Program Files\\Zapu\\Zapu\\wDivi.exe"=
"C:\\Program Files\\VirtualDJ\\virtualdj.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
R2 NMSAccessU;NMSAccessU;C:\Program Files\CDBurnerXP\NMSAccessU.exe [2007-10-12 09:34]
S2 NwSapAgent;SAP Agent;C:\WINDOWS\system32\svchost.exe [2004-08-12 01:00]
S3 Radialpoint Security Services;Virgin Broadband PCguard;C:\WINDOWS\system32\dllhost.exe [2004-08-12 01:00]
S3 SPC220NC;Philips SPC220NC Webcam;C:\WINDOWS\system32\DRIVERS\SPC220NC.SYS [2007-01-09 17:59]
.
Contents of the 'Scheduled Tasks' folder
"2008-06-19 10:32:50 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
"2008-06-19 10:26:12 C:\WINDOWS\Tasks\PCConfidential.job"
- C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
"2008-06-06 14:00:00 C:\WINDOWS\Tasks\rpc.job"
- C:\Program Files\Winferno\RegistryPowerCleaner\RegPowerClean. exe
.
************************************************** ************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-06-19 05:26:42
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
************************************************** ************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Virgin Broadband\PCguard\Fws.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\Program Files\Virgin Broadband\advisor\BroadbandadvisorComHandler.exe
C:\Program Files\Virgin Broadband\PCguard\rpsupdaterr.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
.
************************************************** ************************
.
Completion time: 2008-06-19 5:33:51 - machine was rebooted [Owner]
ComboFix-quarantined-files.txt 2008-06-19 10:33:46
Pre-Run: 53,233,418,240 bytes free
Post-Run: 53,100,707,840 bytes free
586 --- E O F --- 2008-06-17 07:48:37
Re: Prework results
Linear Mode
