Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Strange Identity showing up at Login for ziporf

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Strange Identity showing up at Login for ziporf

Unread postby ziporf » September 7th, 2008, 7:15 pm

Look my friends
the 2 of you.
i am having the same problem. it is been shown the same time as yours.
between the 1-2/09/08
i have the same o.s with sp3
ie 7
wireless station with a rauter too

i don't know what to do.
i had run several software: adaware, avg, norton anti virus with the lates difinition update in boot mode.
try to delete the account several times, and nothing help to fix this problem.
please i must your help on this.
i will wait for your answer.

thanks
yaron.

Edit: Please do not post in a topic started by somebody else.
I have split this into its own topic which will be answered when there is a helper available.
This is split from viewtopic.php?f=11&t=34408
E :)
ziporf
Active Member
 
Posts: 4
Joined: September 7th, 2008, 7:04 pm
Advertisement
Register to Remove

Re: Strange Identity showing up at Login for ziporf

Unread postby ziporf » September 10th, 2008, 8:25 pm

thank you for you quick response.
it seems that my problem is the same as the other person.
i am very cerful with internet use.
i think the thing that attaked me. did this in "safe sites"

please ,
i waithing for you solution.
ziporf
Active Member
 
Posts: 4
Joined: September 7th, 2008, 7:04 pm

Re: Strange Identity showing up at Login for ziporf

Unread postby ziporf » September 13th, 2008, 11:31 am

i run the OTScanit soft and i got this results:

Code: Select all
OTScanIt logfile created on: 13/09/2008 18:25:43
OTScanIt by OldTimer - Version 1.0.19.0     Folder = C:\Documents and Settings\Yaron\Desktop\OTScanIt
Windows XP Professional Edition Service Pack 3, v.3311 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18241)
Locale: 0000040D | Country: Israel | Language: HEB | Date Format: dd/MM/yyyy
 
1.49 Gb Total Physical Memory | 0.89 Gb Available Physical Memory | 59.47% Memory free
3.34 Gb Paging File | 2.52 Gb Available in Paging File | 75.54% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29.29 Gb Total Space | 16.11 Gb Free Space | 55.01% Space Free | Partition Type: NTFS
Drive D: | 58.59 Gb Total Space | 53.21 Gb Free Space | 90.81% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MINI-BE
Current User Name: Yaron
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On

[Processes - Non-Microsoft Only]
ibmpmsvc.exe -> %SystemRoot%\system32\ibmpmsvc.exe -> Lenovo [Ver = 1.44 | Size = 36136 bytes | Modified Date = 02/11/2007 15:51:02 | Attr =    ]
actray.exe -> %ProgramFiles%\ThinkPad\ConnectUtilities\ACTray.exe -> Lenovo  [Ver = 4.52 | Size = 425984 bytes | Modified Date = 14/03/2008 18:57:34 | Attr =    ]
acwlicon.exe -> %ProgramFiles%\ThinkPad\ConnectUtilities\ACWLIcon.exe -> Lenovo  [Ver = 4.52 | Size = 126976 bytes | Modified Date = 14/03/2008 18:53:46 | Attr =    ]
lpmgr.exe -> %ProgramFiles%\Lenovo\LenovoCare\LPMGR.EXE -> Lenovo Group Limited [Ver = 1, 0, 0, 2 | Size = 124256 bytes | Modified Date = 13/07/2007 02:11:00 | Attr =    ]
tposdsvc.exe -> %ProgramFiles%\Lenovo\HOTKEY\TPOSDSVC.exe -> Lenovo Group Limited [Ver = 1.03 | Size = 66928 bytes | Modified Date = 13/02/2008 18:28:02 | Attr =    ]
tponscr.exe -> %ProgramFiles%\Lenovo\HOTKEY\TPONSCR.exe -> Lenovo Group Limited [Ver = 5.00 | Size = 75040 bytes | Modified Date = 21/11/2007 18:38:38 | Attr =    ]
dlg.exe -> %ProgramFiles%\Digital Line Detect\DLG.exe -> Avanquest Software  [Ver = 1, 0, 0, 2 | Size = 50688 bytes | Modified Date = 03/11/2006 18:02:14 | Attr =    ]
tpscrex.exe -> %ProgramFiles%\Lenovo\ZOOM\TpScrex.exe -> Lenovo Group Limited [Ver = 2.01 | Size = 111904 bytes | Modified Date = 25/01/2008 14:06:08 | Attr =    ]
soffice.exe -> %ProgramFiles%\OpenOffice.org 3\program\soffice.exe -> OpenOffice.org [Ver = 2.03.9328 | Size = 2355200 bytes | Modified Date = 07/07/2008 21:41:32 | Attr =    ]
soffice.bin -> %ProgramFiles%\OpenOffice.org 3\program\soffice.bin -> OpenOffice.org [Ver = 2.03.9328 | Size = 2349568 bytes | Modified Date = 07/07/2008 21:41:32 | Attr =    ]
acprfmgrsvc.exe -> %ProgramFiles%\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -> Lenovo  [Ver = 4.52 | Size = 86016 bytes | Modified Date = 14/03/2008 19:05:30 | Attr =    ]
acs.exe -> %SystemRoot%\system32\acs.exe -> Atheros [Ver = 6.0.3.81 | Size = 364628 bytes | Modified Date = 06/04/2007 09:25:56 | Attr =    ]
afisicx.exe -> %SystemRoot%\system32\afisicx.exe ->  [Ver = 2.0.0.10 | Size = 44544 bytes | Modified Date = 07/08/2004 02:15:35 | Attr =    ]
mabidwe.exe -> %SystemRoot%\system32\mabidwe.exe ->  [Ver = 2.0.0.10 | Size = 45056 bytes | Modified Date = 07/08/2004 02:15:35 | Attr =    ]
noxtcyr.exe -> %SystemRoot%\system32\noxtcyr.exe ->  [Ver = 2.0.0.10 | Size = 37888 bytes | Modified Date = 07/08/2004 02:15:35 | Attr =    ]
noytcyr.exe -> %SystemRoot%\system32\noytcyr.exe ->  [Ver = 2.0.0.10 | Size = 45056 bytes | Modified Date = 07/08/2004 02:15:35 | Attr =    ]
roytctm.exe -> %SystemRoot%\system32\roytctm.exe ->  [Ver = 2.0.0.10 | Size = 45056 bytes | Modified Date = 07/08/2004 02:15:35 | Attr =    ]
soxpeca.exe -> %SystemRoot%\system32\soxpeca.exe ->  [Ver = 2.0.0.10 | Size = 37888 bytes | Modified Date = 07/08/2004 02:15:35 | Attr =    ]
tdydowkc.exe -> %SystemRoot%\system32\tdydowkc.exe ->  [Ver = 2.0.0.10 | Size = 38912 bytes | Modified Date = 07/08/2004 02:15:35 | Attr =    ]
tvt_reg_monitor_svc.exe -> %CommonProgramFiles%\Lenovo\tvt_reg_monitor_svc.exe -> Lenovo Group Limited [Ver = 8.01.0004.00 | Size = 722232 bytes | Modified Date = 29/11/2007 17:56:34 | Attr =    ]
tpkmpsvc.exe -> %SystemRoot%\system32\TpKmpSvc.exe ->  [Ver =  | Size = 32768 bytes | Modified Date = 29/06/2006 21:57:50 | Attr =    ]
wsldoekd.exe -> %SystemRoot%\system32\wsldoekd.exe ->  [Ver = 2.0.0.10 | Size = 44032 bytes | Modified Date = 07/08/2004 02:15:35 | Attr =    ]
washersvc.exe -> %ProgramFiles%\Webroot\Washer\WasherSvc.exe -> Webroot Software, Inc. [Ver = 6,5,5,155 | Size = 598856 bytes | Modified Date = 26/11/2007 14:47:40 | Attr =    ]
acsvc.exe -> %ProgramFiles%\ThinkPad\ConnectUtilities\AcSvc.exe -> Lenovo  [Ver = 4.52 | Size = 188416 bytes | Modified Date = 14/03/2008 19:04:28 | Attr =    ]
svcguihlpr.exe -> %ProgramFiles%\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe -> Lenovo  [Ver = 4.52 | Size = 118784 bytes | Modified Date = 14/03/2008 19:04:48 | Attr =    ]

[Win32 Services - Non-Microsoft Only]
(AcPrfMgrSvc) Ac Profile Manager Service [Win32_Own | Auto | Running] -> %ProgramFiles%\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -> Lenovo  [Ver = 4.52 | Size = 86016 bytes | Modified Date = 14/03/2008 19:05:30 | Attr =    ]
(acs) Atheros Configuration Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\acs.exe -> Atheros [Ver = 6.0.3.81 | Size = 364628 bytes | Modified Date = 06/04/2007 09:25:56 | Attr =    ]
(AcSvc) Access Connections Main Service [Win32_Own | Auto | Running] -> %ProgramFiles%\ThinkPad\ConnectUtilities\AcSvc.exe -> Lenovo  [Ver = 4.52 | Size = 188416 bytes | Modified Date = 14/03/2008 19:04:28 | Attr =    ]
(AFinding) AFinding Service [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\afinding.exe -> File not found
(afisicx) afisicx  Manages  messages [Win32_Own | Auto | Running] -> %SystemRoot%\system32\afisicx.exe ->  [Ver = 2.0.0.10 | Size = 44544 bytes | Modified Date = 07/08/2004 02:15:35 | Attr =    ]
(IBMPMSVC) ThinkPad PM Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\ibmpmsvc.exe -> Lenovo [Ver = 1.44 | Size = 36136 bytes | Modified Date = 02/11/2007 15:51:02 | Attr =    ]
(mabidwe) mabidwe  Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\mabidwe.exe ->  [Ver = 2.0.0.10 | Size = 45056 bytes | Modified Date = 07/08/2004 02:15:35 | Attr =    ]
(macidwe) macidwe [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\macidwe.exe -> File not found
(NOBICYT) NOBICYT Service [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\Nobicyt.exe -> File not found
(noxtcyr) noxtcyr  Manages  messages [Win32_Own | Auto | Running] -> %SystemRoot%\system32\noxtcyr.exe ->  [Ver = 2.0.0.10 | Size = 37888 bytes | Modified Date = 07/08/2004 02:15:35 | Attr =    ]
(noytcyr) noytcyr  Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\noytcyr.exe ->  [Ver = 2.0.0.10 | Size = 45056 bytes | Modified Date = 07/08/2004 02:15:35 | Attr =    ]
(perfmons) perfmons [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\perfs.exe -> File not found
(Routing) Routing Service [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\routing.exe -> File not found
(roxtctm) roxtctm  Portable Media Serial Service [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\roxtctm.exe -> File not found
(roytctm) roytctm  Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\roytctm.exe ->  [Ver = 2.0.0.10 | Size = 45056 bytes | Modified Date = 07/08/2004 02:15:35 | Attr =    ]
(sobicyt) sobicyt [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\sobicyt.exe -> File not found
(sotpeca) sotpeca  Manages  messages [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\sotpeca.exe -> File not found
(soxpeca) soxpeca  Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\soxpeca.exe ->  [Ver = 2.0.0.10 | Size = 37888 bytes | Modified Date = 07/08/2004 02:15:35 | Attr =    ]
(tdxdowkc) tdxdowkc [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\tdxdowkc.exe -> File not found
(tdydowkc) tdydowkc  Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\tdydowkc.exe ->  [Ver = 2.0.0.10 | Size = 38912 bytes | Modified Date = 07/08/2004 02:15:35 | Attr =    ]
(ThinkVantage Registry Monitor Service) ThinkVantage Registry Monitor Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Lenovo\tvt_reg_monitor_svc.exe -> Lenovo Group Limited [Ver = 8.01.0004.00 | Size = 722232 bytes | Modified Date = 29/11/2007 17:56:34 | Attr =    ]
(TpKmpSVC) IBM KCU Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\TpKmpSvc.exe ->  [Ver =  | Size = 32768 bytes | Modified Date = 29/06/2006 21:57:50 | Attr =    ]
(WServing) WServing Service [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\wserving.exe -> File not found
(wsldoekd) wsldoekd  Corporation [Win32_Own | Auto | Running] -> %SystemRoot%\system32\wsldoekd.exe ->  [Ver = 2.0.0.10 | Size = 44032 bytes | Modified Date = 07/08/2004 02:15:35 | Attr =    ]
(wwEngineSvc) Window Washer Engine [Win32_Own | Auto | Running] -> %ProgramFiles%\Webroot\Washer\WasherSvc.exe -> Webroot Software, Inc. [Ver = 6,5,5,155 | Size = 598856 bytes | Modified Date = 26/11/2007 14:47:40 | Attr =    ]

[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
{43-35-54-48-DW} -> %SystemRoot%\system32\rmwnw64s.exe [C:\windows\system32\rmwnw64s.exe DWbrk02] -> File not found
ACTray -> %ProgramFiles%\ThinkPad\ConnectUtilities\ACTray.exe [C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe] -> Lenovo  [Ver = 4.52 | Size = 425984 bytes | Modified Date = 14/03/2008 18:57:34 | Attr =    ]
ACWLIcon -> %ProgramFiles%\ThinkPad\ConnectUtilities\ACWLIcon.exe [C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe] -> Lenovo  [Ver = 4.52 | Size = 126976 bytes | Modified Date = 14/03/2008 18:53:46 | Attr =    ]
Adobe Reader Speed Launcher -> %ProgramFiles%\Adobe\Reader 8.0\Reader\reader_sl.exe ["C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"] -> Adobe Systems Incorporated [Ver = 8.0.0.0 | Size = 39792 bytes | Modified Date = 11/01/2008 22:16:38 | Attr =    ]
Ad-Watch -> %ProgramFiles%\Lavasoft\Ad-Aware\Ad-Watch.exe [C:\Program Files\Lavasoft\Ad-Aware\Ad-Watch.exe] -> Lavasoft AB [Ver = 7.1.0.9 | Size = 2468200 bytes | Modified Date = 06/09/2008 21:02:09 | Attr =    ]
AVG8_TRAY -> %ProgramFiles%\AVG\AVG8\avgtray.exe [C:\PROGRA~1\AVG\AVG8\avgtray.exe] -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.145 | Size = 1235736 bytes | Modified Date = 29/08/2008 20:02:24 | Attr =    ]
ExploreUpdSched -> %SystemRoot%\system32\scntttdl.exe [C:\WINDOWS\system32\scntttdl.exe DWbrk02] -> File not found
HotKeysCmds -> %SystemRoot%\system32\hkcmd.exe [C:\WINDOWS\system32\hkcmd.exe] -> Intel Corporation [Ver = 6.14.10.4926 | Size = 166424 bytes | Modified Date = 05/03/2008 14:48:18 | Attr =    ]
IgfxTray -> %SystemRoot%\system32\igfxtray.exe [C:\WINDOWS\system32\igfxtray.exe] -> Intel Corporation [Ver = 6.14.10.4926 | Size = 141848 bytes | Modified Date = 05/03/2008 14:48:34 | Attr =    ]
LPManager -> %ProgramFiles%\Lenovo\LenovoCare\LPMGR.EXE [C:\PROGRA~1\Lenovo\LENOVO~1\LPMGR.exe] -> Lenovo Group Limited [Ver = 1, 0, 0, 2 | Size = 124256 bytes | Modified Date = 13/07/2007 02:11:00 | Attr =    ]
Persistence -> %SystemRoot%\system32\igfxpers.exe [C:\WINDOWS\system32\igfxpers.exe] -> Intel Corporation [Ver = 6.14.10.4926 | Size = 137752 bytes | Modified Date = 05/03/2008 14:48:28 | Attr =    ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_07\bin\jusched.exe ["C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"] -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 144784 bytes | Modified Date = 10/06/2008 04:27:04 | Attr =    ]
TPHOTKEY -> %ProgramFiles%\Lenovo\HOTKEY\TPOSDSVC.exe [C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe] -> Lenovo Group Limited [Ver = 1.03 | Size = 66928 bytes | Modified Date = 13/02/2008 18:28:02 | Attr =    ]
TPKMAPHELPER -> %ProgramFiles%\ThinkPad\Utilities\TpKmapAp.exe [C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper] -> Lenovo [Ver = 1, 3, 0, 0 | Size = 868352 bytes | Modified Date = 09/01/2007 16:28:42 | Attr =    ]
TrackPointSrv -> %SystemRoot%\system32\tp4mon.exe [tp4mon.exe] -> IBM Corporation [Ver = 6.03 (xpsp.080212-0003) | Size = 82944 bytes | Modified Date = 12/02/2008 14:59:58 | Attr =    ]
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> 
%AllUsersProfile%\Start Menu\Programs\Startup\Digital Line Detect.lnk -> %ProgramFiles%\Digital Line Detect\DLG.exe -> Avanquest Software  [Ver = 1, 0, 0, 2 | Size = 50688 bytes | Modified Date = 03/11/2006 18:02:14 | Attr =    ]
< Yaron Startup Folder > -> C:\Documents and Settings\Yaron\Start Menu\Programs\Startup -> 
%UserProfile%\Start Menu\Programs\Startup\Deewoo.lnk -> %SystemRoot%\system32\scntttdl.exe -> File not found
%UserProfile%\Start Menu\Programs\Startup\DW_Start.lnk -> %SystemRoot%\system32\rmwnw64s.exe -> File not found
%UserProfile%\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk -> %ProgramFiles%\OpenOffice.org 3\program\quickstart.exe ->  [Ver =  | Size = 384000 bytes | Modified Date = 24/06/2008 14:28:34 | Attr =    ]
< AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> 
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> 
avgrsstx.dll -> %SystemRoot%\system32\avgrsstx.dll -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.134 | Size = 10520 bytes | Modified Date = 07/07/2008 15:40:11 | Attr =    ]
*MultiFile Done* -> -> 
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
Explorer.exe -> %SystemRoot%\explorer.exe -> Microsoft Corporation [Ver = 6.00.2900.3311 (xpsp.080212-0004) | Size = 1033728 bytes | Modified Date = 12/02/2008 14:59:34 | Attr =    ]
*MultiFile Done* -> -> 
*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> 
C:\WINDOWS\system32\userinit.exe -> %SystemRoot%\system32\userinit.exe -> Microsoft Corporation [Ver = 5.1.2600.3311 (xpsp.080212-0010) | Size = 26112 bytes | Modified Date = 12/02/2008 14:59:58 | Attr =    ]
*MultiFile Done* -> -> 
*UIHost* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost -> 
logonui.exe -> %SystemRoot%\system32\logonui.exe -> Microsoft Corporation [Ver = 6.00.2900.3311 (xpsp.080212-0004) | Size = 514560 bytes | Modified Date = 12/02/2008 14:59:40 | Attr =    ]
*MultiFile Done* -> -> 
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> 
rundll32 shell32 -> %SystemRoot%\system32\shell32.dll -> Microsoft Corporation [Ver = 6.00.2900.3311 (xpsp.080212-0004) | Size = 8461312 bytes | Modified Date = 12/02/2008 14:59:10 | Attr =    ]
Control_RunDLL "sysdm.cpl" -> %SystemRoot%\system32\sysdm.cpl -> Microsoft Corporation [Ver = 5.1.2600.3311 (xpsp.080212-0004) | Size = 300544 bytes | Modified Date = 12/02/2008 15:00:02 | Attr =    ]
*MultiFile Done* -> -> 
< Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
ACNotify -> %ProgramFiles%\ThinkPad\ConnectUtilities\ACNotify.dll -> Lenovo  [Ver = 4.52 | Size = 32768 bytes | Modified Date = 14/03/2008 18:54:14 | Attr =    ]
igfxcui -> %SystemRoot%\system32\igfxdev.dll -> Intel Corporation [Ver = 6.14.10.4926 | Size = 208896 bytes | Modified Date = 15/02/2008 12:45:40 | Attr =    ]
tpfnf2 -> %ProgramFiles%\Lenovo\HOTKEY\notifyf2.dll ->  [Ver =  | Size = 34344 bytes | Modified Date = 06/09/2006 16:37:30 | Attr =    ]
tphotkey -> %ProgramFiles%\Lenovo\HOTKEY\tphklock.dll -> Lenovo Group Limited [Ver = 1.02 | Size = 28672 bytes | Modified Date = 14/12/2007 16:36:04 | Attr =    ]
< CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 
Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ not found. -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\dontdisplaylastusername -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\legalnoticecaption ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\legalnoticetext ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\shutdownwithoutlogon -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\undockwithoutlogon -> 1 -> 
< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
Reg Error: Key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ not found. -> -> 
< CDROM Autorun Setting > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\ -> ->
*DependOnGroup* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DependOnGroup -> 
SCSI miniport ->  -> File not found
*MultiFile Done* -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ErrorControl -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Group -> SCSI CDROM Class -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Start -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Tag -> 2 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Type -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DisplayName -> CD-ROM Driver -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ImagePath -> %SystemRoot%\system32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> Microsoft Corporation [Ver = 5.1.2600.3311 (xpsp.080212-0003) | Size = 62976 bytes | Modified Date = 12/02/2008 03:13:28 | Attr =    ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun -> 1 -> 
*AutoRunAlwaysDisable* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRunAlwaysDisable -> 
NEC     MBR-7    ->  -> File not found
NEC     MBR-7.4  ->  -> File not found
PIONEER CHANGR DRM-1804X ->  -> File not found
PIONEER CD-ROM DRM-6324X ->  -> File not found
PIONEER CD-ROM DRM-624X  ->  -> File not found
TORiSAN CD-ROM CDR_C36 ->  -> File not found
*MultiFile Done* -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\ -> -> 
< Drives with AutoRun files > ->  -> 
AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] ->  [Ver =  | Size = 0 bytes | Modified Date = 01/07/2008 01:59:07 | Attr =    ]
< HOSTS File > (803 bytes and 22 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts -> 
127.0.0.1       localhost
66.98.148.65 auto.search.msn.com
66.98.148.65 auto.search.msn.es
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> 
HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> 
HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> 
HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> 
HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> 
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> 
HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> 
HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_CURRENT_USER\: Main\\Start Page -> about:blank -> 
HKEY_CURRENT_USER\: URLSearchHooks\\{F4F10C1D-87C7-404A-B4B3-000000000000} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\DAP\SBSearch.dll [SrchHook Class] -> SpeedBit Ltd. [Ver = 1, 0, 0, 2 | Size = 32768 bytes | Modified Date = 03/07/2008 12:51:30 | Attr =    ]
HKEY_CURRENT_USER\: ProxyEnable -> 0 -> 
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 22/10/2006 23:08:42 | Attr =    ]
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AVG\AVG8\avgssie.dll [AVG Safe Search] -> AVG Technologies CZ, s.r.o. [Ver = 8.0.0.152 | Size = 455960 bytes | Modified Date = 29/08/2008 20:02:23 | Attr =    ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_07\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 509328 bytes | Modified Date = 10/06/2008 04:27:02 | Attr =    ]
{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{81b6a512-b861-4192-9c6b-5a832d6de08c} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\bursa\tbburs.dll [bursa Toolbar] -> Conduit Ltd. [Ver = 4, 5, 186, 6 | Size = 1569304 bytes | Modified Date = 24/06/2008 23:17:52 | Attr =    ]
{BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Lenovo\Client Security Solution\tvtpwm_ie_com.dll [IePasswordManagerHelper Class] -> Lenovo Group Limited [Ver = 3.00.0006.00 | Size = 783672 bytes | Modified Date = 29/11/2007 18:43:46 | Attr =    ]
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
{81b6a512-b861-4192-9c6b-5a832d6de08c} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\bursa\tbburs.dll [bursa Toolbar] -> Conduit Ltd. [Ver = 4, 5, 186, 6 | Size = 1569304 bytes | Modified Date = 24/06/2008 23:17:52 | Attr =    ]
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> 
WebBrowser\\{81B6A512-B861-4192-9C6B-5A832D6DE08C} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\bursa\tbburs.dll [bursa Toolbar] -> Conduit Ltd. [Ver = 4, 5, 186, 6 | Size = 1569304 bytes | Modified Date = 24/06/2008 23:17:52 | Attr =    ]
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 132496 bytes | Modified Date = 10/06/2008 04:27:02 | Attr =    ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_07\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 509328 bytes | Modified Date = 10/06/2008 04:27:02 | Attr =    ]
{F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3}:{F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Lenovo\Client Security Solution\tvtpwm_ie_com.dll [Lenovo Password Manager...] -> Lenovo Group Limited [Ver = 3.00.0006.00 | Size = 783672 bytes | Modified Date = 29/11/2007 18:43:46 | Attr =    ]
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.70.6 | Size = 132496 bytes | Modified Date = 10/06/2008 04:27:02 | Attr =    ]
CmdMapping\\{F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Lenovo\Client Security Solution\tvtpwm_ie_com.dll [IePasswordManagerMenu Class] -> Lenovo Group Limited [Ver = 3.00.0006.00 | Size = 783672 bytes | Modified Date = 29/11/2007 18:43:46 | Attr =    ]
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> 
&Clean Traces -> %ProgramFiles%\DAP\Privacy Package\dapcleanerie.htm ->  [Ver =  | Size = 1748 bytes | Modified Date = 03/07/2008 12:51:32 | Attr =    ]
&Download with &DAP -> %ProgramFiles%\DAP\dapextie.htm ->  [Ver =  | Size = 2020 bytes | Modified Date = 03/07/2008 12:51:32 | Attr =    ]
Download &all with DAP -> %ProgramFiles%\DAP\dapextie2.htm ->  [Ver =  | Size = 1041 bytes | Modified Date = 03/07/2008 12:51:32 | Attr =    ]
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> 
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> 
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{36D8D301-6797-4346-BD80-DC35EC20FE11} ->    (Broadcom NetLink (TM) Gigabit Ethernet) -> 
{8B2A91D5-D9A8-4FDB-874B-521AE2F136DA} ->    () -> 
{E24F6D17-FAE7-4E4A-953F-C470127BA214} -> 192.115.106.31,62.219.186.12   (Intel(R) PRO/Wireless 3945ABG Network Connection) -> 
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> 
ipp: [HKEY_LOCAL_MACHINE] -> No CLSID value
linkscanner:{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AVG\AVG8\avgpp.dll[XPLPPFilter Class] -> AVG Technologies CZ, s.r.o. [Ver =  | Size = 79128 bytes | Modified Date = 07/07/2008 15:40:17 | Attr =    ]
msdaipp: [HKEY_LOCAL_MACHINE] -> No CLSID value
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{17492023-C23A-453E-A040-C7C580BBF700}[HKEY_LOCAL_MACHINE] -> http://go.microsoft.com/fwlink/?linkid=39204[Windows Genuine Advantage Validation Tool] -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] -> 
{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab[Java Plug-in 1.6.0_06] -> 
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] -> 
{D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab[Shockwave Flash Object] -> 
< Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/FP_AX_CAB_INSTALLER.exe\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/FP_AX_CAB_INSTALLER.exe\\.Owner -> {D27CDB6E-AE6D-11CF-96B8-444553540000} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/FP_AX_CAB_INSTALLER.exe\\{D27CDB6E-AE6D-11CF-96B8-444553540000} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/LegitCheckControl.DLL\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/LegitCheckControl.DLL\\.Owner -> {17492023-C23A-453E-A040-C7C580BBF700} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/LegitCheckControl.DLL\\{17492023-C23A-453E-A040-C7C580BBF700} ->  -> 



[Files/Folders - Created Within 30 days]
hiberfil.sys -> %SystemDrive%\hiberfil.sys ->  [Ver =  | Size = 1600565248 bytes | Created Date = 07/09/2008 23:52:31 | Attr =  HS]
msnav32.ax -> %SystemRoot%\System32\msnav32.ax ->  [Ver =  | Size = 159 bytes | Created Date = 06/09/2008 21:05:37 | Attr =    ]
tmp0_189834783791.bk -> %SystemRoot%\System32\tmp0_189834783791.bk ->  [Ver =  | Size = 92637 bytes | Created Date = 03/09/2008 01:17:15 | Attr =    ]
tmp0_223869129698.bk -> %SystemRoot%\System32\tmp0_223869129698.bk ->  [Ver =  | Size = 8422 bytes | Created Date = 06/09/2008 00:01:43 | Attr =    ]
winpfz33.sys -> %SystemRoot%\System32\winpfz33.sys ->  [Ver =  | Size = 861 bytes | Created Date = 06/09/2008 21:06:11 | Attr =    ]
zxdnt3d.cfg -> %SystemRoot%\System32\zxdnt3d.cfg ->  [Ver =  | Size = 21 bytes | Created Date = 06/09/2008 21:06:07 | Attr =    ]
ie8 -> %SystemRoot%\ie8 ->  [Folder | Created Date = 13/09/2008 06:33:59 | Attr =  H ]
4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
WBEM -> %SystemRoot%\WBEM ->  [Folder | Created Date = 13/09/2008 06:35:19 | Attr =    ]
User_Feed_Synchronization-{E0CA726E-6AE7-46CC-BF40-D3797EF9C58F}.job -> %SystemRoot%\tasks\User_Feed_Synchronization-{E0CA726E-6AE7-46CC-BF40-D3797EF9C58F}.job ->  [Ver =  | Size = 422 bytes | Created Date = 13/09/2008 06:39:17 | Attr =  H ]

[Files/Folders - Modified Within 30 days]
boot.ini -> %SystemDrive%\boot.ini ->  [Ver =  | Size = 211 bytes | Modified Date = 07/09/2008 02:28:53 | Attr =  HS]
hiberfil.sys -> %SystemDrive%\hiberfil.sys ->  [Ver =  | Size = 1600565248 bytes | Modified Date = 13/09/2008 18:04:51 | Attr =  HS]
incavi.avm -> %SystemRoot%\System32\drivers\Avg\incavi.avm ->  [Ver =  | Size = 27207912 bytes | Modified Date = 13/09/2008 18:06:34 | Attr =    ]
microavi.avg -> %SystemRoot%\System32\drivers\Avg\microavi.avg ->  [Ver =  | Size = 111420 bytes | Modified Date = 12/09/2008 02:51:07 | Attr =    ]
4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 
ieuinit.inf -> %SystemRoot%\System32\ieuinit.inf ->  [Ver =  | Size = 56413 bytes | Modified Date = 22/08/2008 02:49:56 | Attr =    ]
msnav32.ax -> %SystemRoot%\System32\msnav32.ax ->  [Ver =  | Size = 159 bytes | Modified Date = 06/09/2008 22:06:13 | Attr =    ]
tmp0_189834783791.bk -> %SystemRoot%\System32\tmp0_189834783791.bk ->  [Ver =  | Size = 92637 bytes | Modified Date = 03/09/2008 01:17:15 | Attr =    ]
tmp0_223869129698.bk -> %SystemRoot%\System32\tmp0_223869129698.bk ->  [Ver =  | Size = 8422 bytes | Modified Date = 06/09/2008 00:01:43 | Attr =    ]
winpfz33.sys -> %SystemRoot%\System32\winpfz33.sys ->  [Ver =  | Size = 861 bytes | Modified Date = 06/09/2008 21:06:16 | Attr =    ]
wpa.dbl -> %SystemRoot%\System32\wpa.dbl ->  [Ver =  | Size = 2284 bytes | Modified Date = 05/09/2008 19:19:12 | Attr =    ]
zxdnt3d.cfg -> %SystemRoot%\System32\zxdnt3d.cfg ->  [Ver =  | Size = 21 bytes | Modified Date = 06/09/2008 21:06:07 | Attr =    ]
bootstat.dat -> %SystemRoot%\bootstat.dat ->  [Ver =  | Size = 2048 bytes | Modified Date = 13/09/2008 18:04:53 | Attr =   S]
4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
imsins.BAK -> %SystemRoot%\imsins.BAK ->  [Ver =  | Size = 1917 bytes | Modified Date = 11/09/2008 18:26:11 | Attr =    ]
system.ini -> %SystemRoot%\system.ini ->  [Ver =  | Size = 227 bytes | Modified Date = 07/09/2008 02:28:53 | Attr =    ]
win.ini -> %SystemRoot%\win.ini ->  [Ver =  | Size = 582 bytes | Modified Date = 07/09/2008 02:28:53 | Attr =    ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT ->  [Ver =  | Size = 6 bytes | Modified Date = 13/09/2008 18:05:01 | Attr =  H ]
User_Feed_Synchronization-{E0CA726E-6AE7-46CC-BF40-D3797EF9C58F}.job -> %SystemRoot%\tasks\User_Feed_Synchronization-{E0CA726E-6AE7-46CC-BF40-D3797EF9C58F}.job ->  [Ver =  | Size = 422 bytes | Modified Date = 13/09/2008 18:09:35 | Attr =  H ]
C:\Documents and Settings\All Users\Application Data\Microsoft\HTML Help\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\HTML Help ->  [Folder | Modified Date = 07/09/2008 23:50:25 | Attr =    ]
hhcolreg.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\HTML Help\hhcolreg.dat ->  [Ver =  | Size = 184 bytes | Modified Date = 07/09/2008 23:51:29 | Attr =    ]
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader ->  [Folder | Modified Date = 02/07/2008 13:18:25 | Attr =    ]
qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat ->  [Ver =  | Size = 4232 bytes | Modified Date = 10/09/2008 09:16:22 | Attr =    ]
qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat ->  [Ver =  | Size = 4646 bytes | Modified Date = 10/09/2008 09:16:22 | Attr =    ]
C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA ->  [Folder | Modified Date = 03/07/2008 02:34:28 | Attr =    ]
opa12.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\opa12.dat ->  [Ver =  | Size = 8206 bytes | Modified Date = 03/07/2008 02:34:28 | Attr =    ]
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc ->  [Folder | Modified Date = 13/09/2008 18:05:18 | Attr =    ]
Perflib_Perfdata_e1c.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Perflib_Perfdata_e1c.dat ->  [Ver =  | Size = 16384 bytes | Modified Date = 13/09/2008 18:05:18 | Attr =    ]
C:\WINDOWS\Temp\ -> C:\WINDOWS\Temp ->  [Folder | Modified Date = 13/09/2008 18:07:56 | Attr =    ]
mta102022.dll -> C:\WINDOWS\Temp\mta102022.dll -> Microsoft Corporation [Ver = 8.00.6001.18241 (longhorn_ie8_beta2(wmbla).080822-0214) | Size = 1206784 bytes | Modified Date = 22/08/2008 03:08:22 | Attr =    ]
mta28409.dll -> C:\WINDOWS\Temp\mta28409.dll -> Microsoft Corporation [Ver = 8.00.6001.18241 (longhorn_ie8_beta2(wmbla).080822-0214) | Size = 1206784 bytes | Modified Date = 22/08/2008 03:08:22 | Attr =    ]
mta29678.dll -> C:\WINDOWS\Temp\mta29678.dll -> Microsoft Corporation [Ver = 8.00.6001.18241 (longhorn_ie8_beta2(wmbla).080822-0214) | Size = 1206784 bytes | Modified Date = 22/08/2008 03:08:22 | Attr =    ]
mta39001.dll -> C:\WINDOWS\Temp\mta39001.dll -> Microsoft Corporation [Ver = 8.00.6001.18241 (longhorn_ie8_beta2(wmbla).080822-0214) | Size = 1206784 bytes | Modified Date = 22/08/2008 03:08:22 | Attr =    ]
mta45400.dll -> C:\WINDOWS\Temp\mta45400.dll -> Microsoft Corporation [Ver = 8.00.6001.18241 (longhorn_ie8_beta2(wmbla).080822-0214) | Size = 1206784 bytes | Modified Date = 22/08/2008 03:08:22 | Attr =    ]
mta61209.dll -> C:\WINDOWS\Temp\mta61209.dll -> Microsoft Corporation [Ver = 8.00.6001.18241 (longhorn_ie8_beta2(wmbla).080822-0214) | Size = 1206784 bytes | Modified Date = 22/08/2008 03:08:22 | Attr =    ]
mta66411.dll -> C:\WINDOWS\Temp\mta66411.dll -> Microsoft Corporation [Ver = 8.00.6001.18241 (longhorn_ie8_beta2(wmbla).080822-0214) | Size = 1206784 bytes | Modified Date = 22/08/2008 03:08:22 | Attr =    ]
mta70651.dll -> C:\WINDOWS\Temp\mta70651.dll -> Microsoft Corporation [Ver = 8.00.6001.18241 (longhorn_ie8_beta2(wmbla).080822-0214) | Size = 1206784 bytes | Modified Date = 22/08/2008 03:08:22 | Attr =    ]
mta86093.dll -> C:\WINDOWS\Temp\mta86093.dll -> Microsoft Corporation [Ver = 8.00.6001.18241 (longhorn_ie8_beta2(wmbla).080822-0214) | Size = 1206784 bytes | Modified Date = 22/08/2008 03:08:22 | Attr =    ]
mtaw107900.dll -> C:\WINDOWS\Temp\mtaw107900.dll -> Microsoft Corporation [Ver = 8.00.6001.18241 (longhorn_ie8_beta2(wmbla).080822-0214) | Size = 1206784 bytes | Modified Date = 22/08/2008 03:08:22 | Attr =    ]

< End of report >
ziporf
Active Member
 
Posts: 4
Joined: September 7th, 2008, 7:04 pm

Problem was solved

Unread postby ziporf » September 17th, 2008, 1:15 pm

hay my friend,
i want to tell you something.
i already fixed my problem.
i got into the boot of my comp and i ran the norton anti virus that i have with my comp first boot (thinkvantage thnology with thinkpad laptops, that you also can run it with norton 360 boot disc)
i update to the last defenition and check all the hardisk.
i want to tell you it's found the treat and removed it.

i suggest you to do the same with your laptop or pc!

happy to give you the new info,

Good luck! :compress:
ziporf
Active Member
 
Posts: 4
Joined: September 7th, 2008, 7:04 pm

Re: Strange Identity showing up at Login for ziporf

Unread postby NonSuch » September 21st, 2008, 3:59 pm

As assistance is no longer required, this topic is now closed.

You can help support this site from this link :
Donations For Malware Removal
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27304
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 78 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware