Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

"VIRUS ALERT!" message

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: "VIRUS ALERT!" message

Unread postby Shaba » September 10th, 2008, 2:56 pm

We deleted some bad files and registry entries with otmoveit2.

Please re-run rsit and post back its log :)
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland
Advertisement
Register to Remove

Re: "VIRUS ALERT!" message

Unread postby kevreh » September 10th, 2008, 4:21 pm

Damn your patient ;) Thanks again (and again)....
(fwiw, my 'c' still doesn't show up in my computer, so I need to type it manually in my Explorer window. no big deal...)


Logfile of random's system information tool (written by random/random)
Run by Main User at 2008-09-10 16:20:47
Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (12%) free of 20 GB
Total RAM: 1526 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:20:51, on 9/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\TPSMain.exe
C:\WINDOWS\system32\dla\DLACTRLW.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\WINDOWS\system32\ZuneBusEnum.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\Main User\Desktop\RSIT.exe
C:\Documents and Settings\Main User\Desktop\Main User.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.toshibadirect.com/dpdstart
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - G:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - G:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\DLACTRLW.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Append to existing PDF - res://G:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://G:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://G:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://G:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://G:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://G:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://G:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://G:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.costcophotocenter.com/CostcoActivia.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe

--
End of file - 9115 bytes

Scheduled tasks folder

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

Registry dump

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll [2007-12-14 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - G:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - G:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-16 118784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TFncKy"=TFncKy.exe []
"TDispVol"=C:\WINDOWS\system32\TDispVol.exe [2005-03-11 73728]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-11-28 98304]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-11-28 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-11-28 118784]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2005-10-15 88203]
"NDSTray.exe"=NDSTray.exe []
"TPSMain"=C:\WINDOWS\system32\TPSMain.exe [2005-06-01 282624]
"dla"=C:\WINDOWS\system32\dla\DLACTRLW.exe [2005-10-06 122940]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2005-12-05 667718]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2005-11-28 602182]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
G:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2008-01-11 623992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0EYTHM]
C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2007-03-20 1884160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CFSServ.exe]
CFSServ.exe -NoClient []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax]
C:\Program Files\Innovative Solutions\DriverMax\devices.exe [2008-07-25 5057368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-02-19 267048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LtMoh]
C:\Program Files\ltmoh\Ltmoh.exe [2004-08-18 184320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PadTouch]
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pinger]
c:\toshiba\ivp\ism\pinger.exe [2005-03-17 151552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-02-01 385024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe [2005-04-26 122880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe [2007-12-14 144784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-12-16 761945]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-12-16 82009]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\THotkey]
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe [2006-01-05 352256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSCDSPD]
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [2004-12-30 65536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tvs]
C:\Program Files\Toshiba\Tvs\TvsTray.exe [2005-11-30 73728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2008-01-15 37376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
C:\Program Files\Zune\ZuneLauncher.exe [2008-04-29 158624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^RAMASST.lnk]
C:\WINDOWS\system32\RAMASST.exe [2004-08-28 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-11-28 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

File associations

.js - open - "G:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"

List of files/folders created in the last three months

2008-09-10 14:45:47 ----D---- C:\_OTMoveIt
2008-09-10 12:07:55 ----A---- C:\WINDOWS\system32\aswBoot.exe
2008-09-10 12:07:52 ----D---- C:\Program Files\Alwil Software
2008-09-10 10:43:56 ----D---- C:\rsit
2008-09-09 20:00:29 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-08 20:59:19 ----D---- C:\WINDOWS\pss
2008-09-08 20:56:22 ----SHD---- C:\Config.Msi
2008-09-08 20:36:36 ----D---- C:\WINDOWS\ERUNT
2008-09-08 20:36:03 ----D---- C:\SDFix
2008-09-08 20:34:04 ----A---- C:\WINDOWS\ntbtlog.txt
2008-09-06 11:29:33 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-09-06 10:25:00 ----D---- C:\Program Files\Lavasoft
2008-09-06 10:24:59 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-09-03 21:36:25 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-09-03 21:36:19 ----D---- C:\Program Files\SUPERAntiSpyware
2008-09-03 21:36:19 ----D---- C:\Documents and Settings\Main User\Application Data\SUPERAntiSpyware.com
2008-09-03 21:36:02 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-09-03 21:27:50 ----A---- C:\WINDOWS\system32\tmp.txt
2008-09-03 21:27:48 ----A---- C:\rapport.txt
2008-09-03 21:27:29 ----A---- C:\WINDOWS\system32\WS2Fix.exe
2008-09-03 21:27:29 ----A---- C:\WINDOWS\system32\VCCLSID.exe
2008-09-03 21:27:29 ----A---- C:\WINDOWS\system32\VACFix.exe
2008-09-03 21:27:29 ----A---- C:\WINDOWS\system32\swxcacls.exe
2008-09-03 21:27:29 ----A---- C:\WINDOWS\system32\swsc.exe
2008-09-03 21:27:29 ----A---- C:\WINDOWS\system32\swreg.exe
2008-09-03 21:27:29 ----A---- C:\WINDOWS\system32\SrchSTS.exe
2008-09-03 21:27:29 ----A---- C:\WINDOWS\system32\Process.exe
2008-09-03 21:27:29 ----A---- C:\WINDOWS\system32\IEDFix.exe
2008-09-03 21:27:29 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
2008-09-03 21:27:29 ----A---- C:\WINDOWS\system32\dumphive.exe
2008-09-03 21:27:29 ----A---- C:\WINDOWS\system32\AntiXPVSTFix.exe
2008-09-03 21:27:29 ----A---- C:\WINDOWS\system32\404Fix.exe
2008-09-02 21:32:08 ----D---- C:\Program Files\Innovative Solutions
2008-08-31 20:06:34 ----A---- C:\WINDOWS\resetlog.txt
2008-08-22 18:23:53 ----A---- C:\WINDOWS\system32\G6e2X1un.exe.a_a
2008-08-21 20:45:57 ----A---- C:\WINDOWS\system32\G6e2X1un.exe
2008-08-21 20:32:21 ----A---- C:\WINDOWS\system32\ToSvCcM1.exe.a_a
2008-08-20 20:50:18 ----D---- C:\Documents and Settings\All Users\Application Data\Avg8
2008-08-20 20:23:20 ----D---- C:\Program Files\7-Zip
2008-08-16 17:31:45 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2008-08-16 17:31:43 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
2008-08-16 10:06:02 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-08-16 10:05:53 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-08-16 10:05:48 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-08-16 10:05:43 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-08-16 10:05:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-08-16 10:05:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-08-16 10:04:54 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-08-02 08:39:10 ----D---- C:\Program Files\iTunes Library Updater
2008-08-01 14:46:47 ----D---- C:\Documents and Settings\Main User\Application Data\Scooter Software
2008-08-01 14:45:00 ----D---- C:\Program Files\Beyond Compare 2
2008-08-01 09:11:12 ----D---- C:\Documents and Settings\Main User\Application Data\webex
2008-07-28 20:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-07-28 18:27:50 ----D---- C:\WINDOWS\Prefetch
2008-07-27 21:32:12 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-07-27 21:32:06 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-07-27 21:32:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-07-27 21:31:55 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2008-07-27 21:31:46 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-07-27 21:27:14 ----D---- C:\WINDOWS\system32\scripting
2008-07-27 21:27:14 ----D---- C:\WINDOWS\l2schemas
2008-07-27 21:27:13 ----D---- C:\WINDOWS\system32\en
2008-07-27 21:27:13 ----D---- C:\WINDOWS\system32\bits
2008-07-27 21:23:52 ----D---- C:\WINDOWS\ServicePackFiles
2008-07-27 21:20:11 ----D---- C:\Program Files\Panda Security
2008-07-27 21:16:56 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-07-27 16:16:52 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-07-27 16:16:52 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-27 16:05:19 ----D---- C:\Documents and Settings\Main User\Application Data\TmpRecentIcons
2008-07-26 07:11:32 ----D---- C:\Documents and Settings\Main User\Application Data\GrabIt
2008-07-26 07:10:27 ----D---- C:\Program Files\GrabIt
2008-07-26 07:01:45 ----D---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-26 07:01:22 ----A---- C:\WINDOWS\system32\UltraCrypt.dll
2008-07-26 07:01:20 ----D---- C:\Program Files\UltraLeecher_USENET
2008-07-25 18:15:50 ----D---- C:\Program Files\AltBinz
2008-07-22 12:40:35 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-07-22 12:40:33 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-07-22 12:40:31 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-07-22 12:40:31 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-07-22 12:40:22 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-07-22 12:40:22 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-07-22 12:40:11 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2008-07-22 12:40:09 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2008-07-22 12:40:00 ----N---- C:\WINDOWS\system32\slserv.exe
2008-07-22 12:40:00 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-07-22 12:40:00 ----N---- C:\WINDOWS\slrundll.exe
2008-07-22 12:39:59 ----N---- C:\WINDOWS\system32\slgen.dll
2008-07-22 12:39:59 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-07-22 12:39:59 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-07-22 12:39:57 ----N---- C:\WINDOWS\system32\setupn.exe
2008-07-22 12:39:56 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-07-22 12:39:55 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-07-22 12:39:54 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-07-22 12:39:54 ----N---- C:\WINDOWS\system32\qutil.dll
2008-07-22 12:39:53 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-07-22 12:39:53 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-07-22 12:39:53 ----N---- C:\WINDOWS\system32\qagent.dll
2008-07-22 12:39:52 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-07-22 12:39:51 ----N---- C:\WINDOWS\system32\onex.dll
2008-07-22 12:39:49 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2008-07-22 12:39:47 ----N---- C:\WINDOWS\system32\napstat.exe
2008-07-22 12:39:47 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-07-22 12:39:47 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-07-22 12:39:47 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-07-22 12:39:46 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-07-22 12:39:46 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-07-22 12:39:46 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-07-22 12:39:46 ----N---- C:\WINDOWS\system32\mssha.dll
2008-07-22 12:39:40 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-07-22 12:39:39 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-07-22 12:39:39 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-07-22 12:39:39 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-07-22 12:39:39 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-07-22 12:39:34 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-07-22 12:39:34 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-07-22 12:39:34 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-07-22 12:39:34 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-07-22 12:39:34 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-07-22 12:39:34 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-07-22 12:39:29 ----N---- C:\WINDOWS\system32\smtpapi.dll
2008-07-22 12:39:29 ----N---- C:\WINDOWS\system32\rwnh.dll
2008-07-22 12:39:25 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-07-22 12:39:21 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-07-22 12:39:18 ----N---- C:\WINDOWS\system32\faxpatch.exe
2008-07-22 12:39:18 ----A---- C:\WINDOWS\003000_.tmp
2008-07-22 12:39:17 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-07-22 12:39:17 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-07-22 12:39:17 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-07-22 12:39:17 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-07-22 12:39:17 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-07-22 12:39:17 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-07-22 12:39:17 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-07-22 12:39:17 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-07-22 12:39:16 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-07-22 12:39:16 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-07-22 12:39:16 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-07-22 12:39:16 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-07-22 12:39:16 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-07-22 12:39:16 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-07-22 12:39:16 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-07-22 12:39:16 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-07-22 12:39:16 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-07-22 12:39:15 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-07-22 12:39:15 ----N---- C:\WINDOWS\system32\credssp.dll
2008-07-22 12:39:12 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-07-22 12:39:12 ----N---- C:\WINDOWS\system32\azroles.dll
2008-07-22 12:39:12 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2008-07-22 12:39:12 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-07-22 12:39:11 ----N---- C:\WINDOWS\system32\ati3duag.dll
2008-07-22 12:39:11 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-07-22 12:39:11 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2008-07-22 12:39:11 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-07-22 12:39:11 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2008-07-22 12:39:08 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-07-11 14:12:09 ----D---- C:\Documents and Settings\All Users\Application Data\Propellerhead Software
2008-07-11 14:12:09 ----A---- C:\WINDOWS\system32\REX Shared Library.dll
2008-07-11 14:12:09 ----A---- C:\WINDOWS\system32\ReWire.dll
2008-07-11 14:12:03 ----D---- C:\Documents and Settings\Main User\Application Data\Propellerhead Software
2008-07-09 20:41:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2008-07-06 15:25:26 ----D---- C:\Program Files\ordrumbox
2008-06-28 21:21:13 ----D---- C:\Program Files\Netflix
2008-06-20 21:25:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2008-06-13 21:37:25 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$
2008-06-13 21:37:20 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2008-06-13 21:37:15 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2008-06-13 21:37:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951376_0$

List of drivers

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-19 42912]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-08-25 5628]
R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-08-25 22684]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 meiudf;meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [2005-06-02 102384]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-01-17 21275]
R2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\ASCTRM.sys [2006-02-16 8552]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-19 94416]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-10-06 25628]
R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-10-06 2496]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-10-06 86524]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-10-06 14684]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-10-06 6364]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-10-06 87036]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-10-06 94332]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-08-12 40544]
R2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\netdevio.sys [2003-01-29 12032]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568]
R2 vnccom;vnccom; C:\WINDOWS\System32\Drivers\vnccom.SYS [2004-06-26 6016]
R2 zumbus;Zune Bus Enumerator Driver; C:\WINDOWS\system32\DRIVERS\zumbus.sys [2008-04-29 40704]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-11-15 1122656]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-19 23152]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2005-10-10 163328]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-28 1353820]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-12-09 4123136]
R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-11 21060]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-12-16 191936]
R3 tbiosdrv;Toshiba Logical Tbios Device; C:\WINDOWS\system32\DRIVERS\tbiosdrv.sys [2005-08-24 9472]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-11-30 162560]
R3 TVALD;Toshiba Mobile PC Service; C:\WINDOWS\system32\DRIVERS\NBSMI.sys [2005-10-20 6144]
R3 Tvs;TOSHIBA Virtual Sound with SRS technologies; C:\WINDOWS\system32\DRIVERS\Tvs.sys [2005-11-30 43392]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 vncdrv;vncdrv; C:\WINDOWS\system32\DRIVERS\vncdrv.sys [2004-06-26 4736]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-12-04 1428096]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 catchme;catchme; \??\C:\DOCUME~1\MAINUS~1\LOCALS~1\Temp\catchme.sys []
S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2005-09-14 179200]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 tosrfec;Bluetooth ACPI from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2005-09-09 9344]
S3 UltraCrypt;UltraCrypt; \??\C:\Program Files\UltraLeecher_USENET\UltraCrypt.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-02-18 30464]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

List of services

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-09-06 611664]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-02-18 110592]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2005-01-17 40960]
R2 DVD-RAM_Service;DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [2004-08-28 110592]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2005-10-11 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745]
R2 Swupdtmr;Swupdtmr; c:\TOSHIBA\IVP\swupdate\swupdtmr.exe [2005-07-12 40960]
R2 TAPPSRV;TOSHIBA Application Service; C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe [2005-12-20 35328]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R2 ZuneBusEnum;Zune Bus Enumerator; C:\WINDOWS\system32\ZuneBusEnum.exe [2008-04-29 61856]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]
S3 Adobe Version Cue CS3;Adobe Version Cue CS3; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [2007-03-20 153792]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-01-17 654848]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-02-19 504104]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ZuneNetworkSvc;Zune Network Sharing Service; C:\Program Files\Zune\ZuneNss.exe [2008-04-29 5065120]
S3 ZuneWlanCfgSvc;Zune Wireless Configuration Service; C:\WINDOWS\system32\ZuneWlanCfgSvc.exe [2008-04-29 245664]

-----------------EOF-----------------
kevreh
Active Member
 
Posts: 11
Joined: September 6th, 2008, 8:03 am

Re: "VIRUS ALERT!" message

Unread postby Shaba » September 11th, 2008, 4:11 am

Please go to Kaspersky website and perform an online antivirus scan.

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

  1. Read through the requirements and privacy statement and click on Accept button.
  2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  3. When the downloads have finished, click on Settings.
  4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
      Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
  5. Click on My Computer under Scan.
  6. Once the scan is complete, it will display the results. Click on View Scan Report.
  7. You will see a list of infected items there. Click on Save Report As....
  8. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  9. Please post this log in your next reply along with a fresh HijackThis log.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: "VIRUS ALERT!" message

Unread postby kevreh » September 11th, 2008, 9:01 am

Not at home right now, so I'll do that tonight. Do you have reason to believe I'm still infected or is this a precaution? thanks
kevreh
Active Member
 
Posts: 11
Joined: September 6th, 2008, 8:03 am

Re: "VIRUS ALERT!" message

Unread postby Shaba » September 11th, 2008, 9:07 am

That is mostly precaution as logs are unable to show all possible bad files :)
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: "VIRUS ALERT!" message

Unread postby Shaba » September 16th, 2008, 8:51 am

kevreh this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 57 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware