Free Malware Removal Forum

[kf3ig]

Hi the last day or so I've been getting really bad popups. These popups come from more than 1 company and happen in Firefox. I get popups from interplusclick.com and zedo. At one point I was getting powered by Zeto but now the pages don't really load because I ran adaware and deleted some of the files.

Note: I had to remake this thread because a mod locked another one even though I said I couldn't reformat because it wouldn't let me. I edited the post and said I still needed help but apparently the mod misunderstood the message.

Thanks for the help

Hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:33:56 PM, on 11/22/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\NICServ.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRAMS\MAXTOR\ONETOU~1\UTILS\ONETOUCH.EXE
C:\WINDOWS\MXOALDR.EXE
C:\PROGRAMS\PINNACLE\SHARED FILES\PROGRAMS\USBTIP\USBTIP.EXE
C:\Program Files\Common Files\AOL\1107312650\ee\AOLSoftware.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\GetModule\GetModule29.exe
C:\Documents and Settings\Jonathan Chan\Application Data\gadcom\gadcom.exe
C:\Program Files\GetRight\getright.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\GetRight\getright.exe
C:\Programs\WinZip\WZQKPICK.EXE
C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\OdHost.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\WPC54Cfg.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\PROGRAMS\NORTON SYSTEMWORKS\NORTON GHOST\GHOSTSTARTTRAYAPP.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\PROGRAMS\MAXTOR\ONETOU~1\UTILS\ONETOUCH.EXE
O4 - HKLM\..\Run: [MXO Auto Loader] C:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\System32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [USBToolTip] "C:\PROGRAMS\PINNACLE\SHARED FILES\PROGRAMS\USBTIP\USBTIP.EXE"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1107312650\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [JavaUpdate0.07] C:\WINDOWS\System32\iwxo.exe
O4 - HKCU\..\Run: [Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\CfgWiz.exe /GUID {DA9935BA-22F7-44ee-BD12-BD8B87700BEA}
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [GetModule29] C:\Program Files\GetModule\GetModule29.exe
O4 - HKCU\..\Run: [gadcom] "C:\Documents and Settings\Jonathan Chan\Application Data\gadcom\gadcom.exe" 61A847B5BBF72815308B2B27128065E9C084320161C4661227A755E9C2933154389A
O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Program Files\GetRight\getright.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programs\WinZip\WZQKPICK.EXE
O4 - Global Startup: Wireless-G Notebook Adapter with SpeedBooster Utility.lnk = C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\Startup.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Programs\AIM\aim.exe
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: zoabfr.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GhostStartService - Unknown owner - E:\NORTON~1\NORTON~4\GHOSTS~2.EXE (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NICSer_WPC54GS - Unknown owner - C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\NICServ.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Unknown owner - E:\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE (file missing)
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 16477 bytes

[Shaba]

Hi kf3ig

We will begin with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply along with a fresh HijackThis log.

[kf3ig]

Combofix log:

ComboFix 08-11-27.07 - Jonathan Chan 2008-11-28 10:44:36.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.548 [GMT -8:00]
Running from: c:\documents and settings\Jonathan Chan\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Jonathan Chan\Application Data\gadcom
c:\documents and settings\Jonathan Chan\Application Data\gadcom\gadcom.exe
c:\documents and settings\Jonathan Chan\Local Settings\Temporary Internet Files\bestwiner.stt
c:\documents and settings\Jonathan Chan\Local Settings\Temporary Internet Files\fbk.sts
c:\documents and settings\Jonathan Chan\Local Settings\Temporary Internet Files\Tvm.log
C:\Documents
c:\program files\GetModule
c:\program files\GetModule\GetModule29.exe
c:\program files\iCheck
c:\program files\iCheck\Uninstall.exe
c:\program files\inetget2
c:\program files\Mjcore
c:\windows\system32\a.exe
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\bagxhwne.ini
c:\windows\system32\D71H07LV.exe.a_a
c:\windows\system32\enwhxgab.dll
c:\windows\system32\fccdBSkI.dll
c:\windows\system32\geBrSKDv.dll
c:\windows\system32\ggkbykkk.dll
c:\windows\system32\hdfevx.dll
c:\windows\system32\hpoadq.dll
c:\windows\system32\jdwdmxxy.dll
c:\windows\system32\msansspc.dll
c:\windows\system32\ncvxpces.dll
c:\windows\system32\onT54840.exe.a_a
c:\windows\system32\tuvTliGa.dll
c:\windows\system32\tuvTmKDU.dll
c:\windows\system32\VFPXwyay.ini
c:\windows\system32\VFPXwyay.ini2
c:\windows\system32\wpv161227390467.cpx
c:\windows\system32\wpv601227390984.cpx
c:\windows\system32\yaywXPFV.dll
c:\windows\system32\yxxmdwdj.ini
c:\windows\wiaserviv.log

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ZESOFT


((((((((((((((((((((((((( Files Created from 2008-10-28 to 2008-11-28 )))))))))))))))))))))))))))))))
.

2008-11-22 20:31 . 2008-11-22 20:31 <DIR> d-------- c:\program files\Trend Micro
2008-11-22 19:54 . 2008-11-22 19:56 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-11-22 19:54 . 2008-11-22 19:54 <DIR> d-------- c:\documents and settings\Jonathan Chan\Application Data\Malwarebytes
2008-11-22 19:54 . 2008-11-22 19:54 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-22 19:54 . 2008-10-22 16:10 38,496 --a------ c:\windows\SYSTEM32\DRIVERS\mbamswissarmy.sys
2008-11-22 19:54 . 2008-10-22 16:10 15,504 --a------ c:\windows\SYSTEM32\DRIVERS\mbam.sys
2008-11-22 19:44 . 2008-11-28 10:34 <DIR> d-------- c:\documents and settings\Jonathan Chan\Application Data\GetModule
2008-11-22 18:39 . 2008-11-22 18:39 <DIR> d-------- c:\windows\SYSTEM32\CONFIG\systemprofile\Application Data\SpeedRunner
2008-11-22 18:34 . 2008-11-22 18:34 <DIR> d-------- c:\windows\SYSTEM32\CONFIG\systemprofile\Application Data\Twain
2008-11-22 18:26 . 2008-11-22 20:44 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP
2008-11-22 18:10 . 2008-11-22 18:25 <DIR> d-------- c:\program files\Webtools
2008-11-22 18:04 . 2008-11-22 19:46 <DIR> d-------- c:\windows\SYSTEM32\CONFIG\systemprofile\Application Data\gadcom
2008-11-22 18:03 . 2008-11-22 18:05 <DIR> d-------- c:\windows\SYSTEM32\CONFIG\systemprofile\Application Data\GetModule
2008-11-22 01:02 . 2008-11-22 01:03 <DIR> d-------- c:\program files\iTunes
2008-11-22 01:02 . 2008-11-22 01:02 <DIR> d-------- c:\program files\iPod
2008-11-22 01:02 . 2008-11-22 01:02 <DIR> d-------- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-14 19:18 . 2008-10-24 03:21 455,296 --------- c:\windows\SYSTEM32\DLLCACHE\mrxsmb.sys
2008-11-14 19:17 . 2008-09-04 09:15 1,106,944 --------- c:\windows\SYSTEM32\DLLCACHE\msxml3.dll
2008-11-04 10:30 . 2008-11-04 10:30 90,112 --a------ c:\windows\SYSTEM32\QuickTimeVR.qtx
2008-11-04 10:30 . 2008-11-04 10:30 57,344 --a------ c:\windows\SYSTEM32\QuickTime.qts
2008-11-02 18:00 . 2008-11-22 13:13 41,474 --a------ c:\windows\SYSTEM32\onT54840.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-23 07:35 --------- d-----w c:\documents and settings\Jonathan Chan\Application Data\U3
2008-11-22 21:43 --------- d-----w c:\program files\AOL Toolbar
2008-11-22 09:02 --------- d-----w c:\program files\Common Files\Apple
2008-11-22 09:00 --------- d-----w c:\program files\QuickTime
2008-11-22 08:49 --------- d-----w c:\program files\Safari
2008-11-15 05:44 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2008-11-15 03:35 --------- d-----w c:\documents and settings\Jonathan Chan\Application Data\iPhoneRingToneMaker
2008-10-25 19:48 --------- d-----w c:\program files\GetRight
2008-10-25 03:12 --------- d-----w c:\program files\Microsoft Silverlight
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-04 07:54 --------- d-----w c:\program files\Bonjour
2008-10-01 20:01 32,000 ----a-w c:\windows\system32\drivers\usbaapl.sys
2008-09-28 00:05 --------- d-----w c:\program files\MSN Messenger
2008-09-27 09:11 2,560 ----a-w c:\windows\_MSRSTRT.EXE
2008-09-15 20:26 0 ----a-w c:\documents and settings\Jonathan Chan\jagex_runescape_preferences.dat
2007-06-06 20:21 81,920 ----a-w c:\documents and settings\Jonathan Chan\Application Data\ezpinst.exe
2007-06-06 20:21 47,360 ----a-w c:\documents and settings\Jonathan Chan\Application Data\pcouffin.sys
2006-03-05 01:50 51,920 ----a-w c:\documents and settings\Jonathan Chan\Application Data\GDIPFONTCACHEV1.DAT
2004-10-16 04:50 226,266 ----a-w c:\documents and settings\Jonathan Chan\Application Data\tvmknwrd.dll
2002-07-27 01:02 153,088 ----a-w c:\program files\UNWISE.EXE
2005-03-11 06:24 56 --sh--r c:\windows\SYSTEM32\3079A724AA.sys
2006-12-01 01:15 11,270 --sha-w c:\windows\SYSTEM32\KGyGaAvL.sys
2005-05-15 15:47 517,686 --sha-w c:\windows\SYSTEM32\3076\smwger.bak1
2005-06-18 15:58 486,220 --sha-w c:\windows\SYSTEM32\3076\smwger.bak2
2005-06-18 16:10 381,796 --sha-w c:\windows\SYSTEM32\3076\smwger.ini2
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-03 68856]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-09-20 202024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2004-02-02 155648]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-12-22 335872]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-03-14 122933]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-18 110592]
"PCMService"="c:\program files\Dell\Media Experience\PCMService.exe" [2004-04-11 290816]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-04-11 53248]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2004-03-04 487424]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2004-08-27 58488]
"Symantec NetDriver Monitor"="c:\progra~1\SYMNET~1\SNDMon.exe" [2005-02-06 95960]
"MaxtorOneTouch"="c:\programs\MAXTOR\ONETOU~1\UTILS\ONETOUCH.EXE" [2003-05-21 45056]
"MXO Auto Loader"="c:\windows\MXOALDR.EXE" [2003-04-07 118784]
"PinnacleDriverCheck"="c:\windows\System32\PSDrvCheck.exe" [2004-03-10 406016]
"USB2Check"="c:\windows\System32\PCLECoInst.dll" [2004-04-06 61440]
"USBToolTip"="c:\programs\PINNACLE\SHARED FILES\PROGRAMS\USBTIP\USBTIP.EXE" [2004-04-23 192512]
"HostManager"="c:\program files\Common Files\AOL\1107312650\ee\AOLSoftware.exe" [2006-05-09 50760]
"AOLDialer"="c:\program files\Common Files\AOL\ACS\AOLDial.exe" [2004-10-20 34904]
"AOL Spyware Protection"="c:\progra~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe" [2005-04-11 83544]
"Pure Networks Port Magic"="c:\progra~1\PURENE~1\PORTMA~1\PortAOL.exe" [2004-04-05 99480]
"IPHSend"="c:\program files\Common Files\AOL\IPHSend\IPHSend.exe" [2006-02-17 124520]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2006-11-30 185896]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-03 208952]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2002-08-29 44032]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2002-08-28 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2002-08-28 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2002-08-28 455168]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-01-11 623992]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-11-07 111936]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"ATIModeChange"="Ati2mdxx.exe" [2001-09-04 c:\windows\SYSTEM32\Ati2mdxx.exe]
"BCMSMMSG"="BCMSMMSG.exe" [2003-08-29 c:\windows\BCMSMMSG.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=zoabfr.dll hdfevx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"vidc.DIVF"= DivX412.dll
"vidc.XVID"= xvid.dll
"VIDC.HFYU"= huffyuv.dll
"msacm.divxa32"= DivXa32.acm
"msacm.lameacm"= LameACM.dll
"VIDC.MJPG"= Pvmjpg21.dll
"VIDC.PIM1"= pclepim1.dll
"msacm.dvacm"= c:\progra~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\SmartFTP\\SmartFTP.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"=
"c:\\Program Files\\Common Files\\AOL\\1107312650\\EE\\AOLServiceHost.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"c:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"=
"c:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe"=
"c:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"=
"c:\\Program Files\\Java\\j2re1.4.2_03\\bin\\javaw.exe"=
"c:\\Programs\\Limewire Pro\\LimeWire.exe"=
"c:\\Program Files\\Media Player Classic\\mplayerc.exe"=
"c:\\Program Files\\Common Files\\AOL\\1107312650\\EE\\aolsoftware.exe"=
"c:\\Program Files\\Common Files\\AOL\\1107312650\\EE\\aim6.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Programs\\AIM\\aim.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\SmartFTP Client\\SmartFTP.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R2 NICSer_WPC54GS;NICSer_WPC54GS;c:\program files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\NICServ.exe [2004-09-25 455680]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"c:\program files\Viewpoint\Common\ViewpointService.exe" [2007-01-10 24652]
R3 CBTNDIS5;CBTNDIS5 NDIS Protocol Driver;\??\c:\windows\System32\CBTNDIS5.SYS [2004-09-25 17142]
S1 GhPciScan;GhostPciScanner;\??\e:\norton systemworks\Norton Ghost\ghpciscan.sys []
S3 EPUSBSTOR;EPSON USB Storage Driver;c:\windows\system32\DRIVERS\epusbsto.sys [2001-09-10 17976]
.
Contents of the 'Scheduled Tasks' folder

2008-11-23 c:\windows\Tasks\A2CE686291221D72.job
- c:\docume~1\jonath~1\applic~1\roamus~1\Bold window bin.exe []

2008-08-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2008-11-22 c:\windows\Tasks\At25.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-22 c:\windows\Tasks\At26.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-22 c:\windows\Tasks\At27.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-22 c:\windows\Tasks\At28.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-03 c:\windows\Tasks\At29.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-03 c:\windows\Tasks\At30.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-03 c:\windows\Tasks\At31.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-03 c:\windows\Tasks\At32.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-03 c:\windows\Tasks\At33.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-03 c:\windows\Tasks\At34.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-22 c:\windows\Tasks\At35.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-16 c:\windows\Tasks\At36.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-16 c:\windows\Tasks\At37.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-22 c:\windows\Tasks\At38.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-22 c:\windows\Tasks\At39.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-22 c:\windows\Tasks\At40.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-03 c:\windows\Tasks\At41.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-16 c:\windows\Tasks\At42.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-03 c:\windows\Tasks\At43.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-23 c:\windows\Tasks\At44.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-23 c:\windows\Tasks\At45.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-23 c:\windows\Tasks\At46.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-23 c:\windows\Tasks\At47.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-23 c:\windows\Tasks\At48.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2005-04-16 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2004-12-14 12:24]
.
- - - - ORPHANS REMOVED - - - -

BHO-{28BA58E9-6F63-4229-B2D0-2CE97D72C118} - c:\windows\system32\yaywXPFV.dll
BHO-{a1b6cb12-1231-4ff5-a2ac-56aa0149ada1} - c:\windows\system32\hdfevx.dll
HKCU-Run-JavaUpdate0.07 - c:\windows\System32\iwxo.exe
HKCU-Run-Norton SystemWorks - c:\program files\Common Files\Symantec Shared\CfgWiz.exe
HKCU-Run-GetModule29 - c:\program files\GetModule\GetModule29.exe
HKCU-Run-Sonic RecordNow! - (no file)
HKCU-Run-Aim6 - (no file)
HKLM-Run-GhostStartTrayApp - c:\programs\NORTON SYSTEMWORKS\NORTON GHOST\GHOSTSTARTTRAYAPP.EXE


.
------- Supplementary Scan -------
.
FireFox -: Profile - c:\documents and settings\Jonathan Chan\Application Data\Mozilla\Firefox\Profiles\ir78lebl.default\
FF -: plugin - c:\program files\Adobe\Acrobat 6.0\Reader\browser\nppdf32.dll
FF -: plugin - c:\program files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.dll
FF -: plugin - c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-28 11:00:30
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SYSTEM32\ati2evxx.exe
c:\program files\Common Files\Symantec Shared\ccSetMgr.exe
c:\program files\Common Files\Symantec Shared\ccEvtMgr.exe
c:\program files\Common Files\AOL\ACS\AOLacsd.exe
c:\program files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
c:\program files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\SYSTEM32\wdfmgr.exe
c:\windows\wanmpsvc.exe
c:\windows\SYSTEM32\wscntfy.exe
c:\program files\Apoint\ApntEx.exe
c:\program files\GetRight\getright.exe
c:\program files\Viewpoint\Viewpoint Manager\ViewMgr.exe
c:\program files\GetRight\getright.exe
c:\programs\WinZip\WZQKPICK.EXE
c:\program files\iPod\bin\iPodService.exe
c:\program files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\OdHost.exe
c:\program files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\WPC54CFG.exe
c:\program files\Java\jre1.6.0_07\bin\jucheck.exe
.
**************************************************************************
.
Completion time: 2008-11-28 11:07:22 - machine was rebooted [Jonathan Chan]
ComboFix-quarantined-files.txt 2008-11-28 19:06:56

Pre-Run: 5,490,769,920 bytes free
Post-Run: 6,861,111,296 bytes free

310 --- E O F --- 2008-11-15 05:44:49

C:\Combofix.txt

ComboFix 08-11-27.07 - Jonathan Chan 2008-11-28 10:44:36.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.548 [GMT -8:00]
Running from: c:\documents and settings\Jonathan Chan\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Jonathan Chan\Application Data\gadcom
c:\documents and settings\Jonathan Chan\Application Data\gadcom\gadcom.exe
c:\documents and settings\Jonathan Chan\Local Settings\Temporary Internet Files\bestwiner.stt
c:\documents and settings\Jonathan Chan\Local Settings\Temporary Internet Files\fbk.sts
c:\documents and settings\Jonathan Chan\Local Settings\Temporary Internet Files\Tvm.log
C:\Documents
c:\program files\GetModule
c:\program files\GetModule\GetModule29.exe
c:\program files\iCheck
c:\program files\iCheck\Uninstall.exe
c:\program files\inetget2
c:\program files\Mjcore
c:\windows\system32\a.exe
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\bagxhwne.ini
c:\windows\system32\D71H07LV.exe.a_a
c:\windows\system32\enwhxgab.dll
c:\windows\system32\fccdBSkI.dll
c:\windows\system32\geBrSKDv.dll
c:\windows\system32\ggkbykkk.dll
c:\windows\system32\hdfevx.dll
c:\windows\system32\hpoadq.dll
c:\windows\system32\jdwdmxxy.dll
c:\windows\system32\msansspc.dll
c:\windows\system32\ncvxpces.dll
c:\windows\system32\onT54840.exe.a_a
c:\windows\system32\tuvTliGa.dll
c:\windows\system32\tuvTmKDU.dll
c:\windows\system32\VFPXwyay.ini
c:\windows\system32\VFPXwyay.ini2
c:\windows\system32\wpv161227390467.cpx
c:\windows\system32\wpv601227390984.cpx
c:\windows\system32\yaywXPFV.dll
c:\windows\system32\yxxmdwdj.ini
c:\windows\wiaserviv.log

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ZESOFT


((((((((((((((((((((((((( Files Created from 2008-10-28 to 2008-11-28 )))))))))))))))))))))))))))))))
.

2008-11-22 20:31 . 2008-11-22 20:31 <DIR> d-------- c:\program files\Trend Micro
2008-11-22 19:54 . 2008-11-22 19:56 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-11-22 19:54 . 2008-11-22 19:54 <DIR> d-------- c:\documents and settings\Jonathan Chan\Application Data\Malwarebytes
2008-11-22 19:54 . 2008-11-22 19:54 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-22 19:54 . 2008-10-22 16:10 38,496 --a------ c:\windows\SYSTEM32\DRIVERS\mbamswissarmy.sys
2008-11-22 19:54 . 2008-10-22 16:10 15,504 --a------ c:\windows\SYSTEM32\DRIVERS\mbam.sys
2008-11-22 19:44 . 2008-11-28 10:34 <DIR> d-------- c:\documents and settings\Jonathan Chan\Application Data\GetModule
2008-11-22 18:39 . 2008-11-22 18:39 <DIR> d-------- c:\windows\SYSTEM32\CONFIG\systemprofile\Application Data\SpeedRunner
2008-11-22 18:34 . 2008-11-22 18:34 <DIR> d-------- c:\windows\SYSTEM32\CONFIG\systemprofile\Application Data\Twain
2008-11-22 18:26 . 2008-11-22 20:44 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP
2008-11-22 18:10 . 2008-11-22 18:25 <DIR> d-------- c:\program files\Webtools
2008-11-22 18:04 . 2008-11-22 19:46 <DIR> d-------- c:\windows\SYSTEM32\CONFIG\systemprofile\Application Data\gadcom
2008-11-22 18:03 . 2008-11-22 18:05 <DIR> d-------- c:\windows\SYSTEM32\CONFIG\systemprofile\Application Data\GetModule
2008-11-22 01:02 . 2008-11-22 01:03 <DIR> d-------- c:\program files\iTunes
2008-11-22 01:02 . 2008-11-22 01:02 <DIR> d-------- c:\program files\iPod
2008-11-22 01:02 . 2008-11-22 01:02 <DIR> d-------- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-14 19:18 . 2008-10-24 03:21 455,296 --------- c:\windows\SYSTEM32\DLLCACHE\mrxsmb.sys
2008-11-14 19:17 . 2008-09-04 09:15 1,106,944 --------- c:\windows\SYSTEM32\DLLCACHE\msxml3.dll
2008-11-04 10:30 . 2008-11-04 10:30 90,112 --a------ c:\windows\SYSTEM32\QuickTimeVR.qtx
2008-11-04 10:30 . 2008-11-04 10:30 57,344 --a------ c:\windows\SYSTEM32\QuickTime.qts
2008-11-02 18:00 . 2008-11-22 13:13 41,474 --a------ c:\windows\SYSTEM32\onT54840.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-23 07:35 --------- d-----w c:\documents and settings\Jonathan Chan\Application Data\U3
2008-11-22 21:43 --------- d-----w c:\program files\AOL Toolbar
2008-11-22 09:02 --------- d-----w c:\program files\Common Files\Apple
2008-11-22 09:00 --------- d-----w c:\program files\QuickTime
2008-11-22 08:49 --------- d-----w c:\program files\Safari
2008-11-15 05:44 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2008-11-15 03:35 --------- d-----w c:\documents and settings\Jonathan Chan\Application Data\iPhoneRingToneMaker
2008-10-25 19:48 --------- d-----w c:\program files\GetRight
2008-10-25 03:12 --------- d-----w c:\program files\Microsoft Silverlight
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-04 07:54 --------- d-----w c:\program files\Bonjour
2008-10-01 20:01 32,000 ----a-w c:\windows\system32\drivers\usbaapl.sys
2008-09-28 00:05 --------- d-----w c:\program files\MSN Messenger
2008-09-27 09:11 2,560 ----a-w c:\windows\_MSRSTRT.EXE
2008-09-15 20:26 0 ----a-w c:\documents and settings\Jonathan Chan\jagex_runescape_preferences.dat
2007-06-06 20:21 81,920 ----a-w c:\documents and settings\Jonathan Chan\Application Data\ezpinst.exe
2007-06-06 20:21 47,360 ----a-w c:\documents and settings\Jonathan Chan\Application Data\pcouffin.sys
2006-03-05 01:50 51,920 ----a-w c:\documents and settings\Jonathan Chan\Application Data\GDIPFONTCACHEV1.DAT
2004-10-16 04:50 226,266 ----a-w c:\documents and settings\Jonathan Chan\Application Data\tvmknwrd.dll
2002-07-27 01:02 153,088 ----a-w c:\program files\UNWISE.EXE
2005-03-11 06:24 56 --sh--r c:\windows\SYSTEM32\3079A724AA.sys
2006-12-01 01:15 11,270 --sha-w c:\windows\SYSTEM32\KGyGaAvL.sys
2005-05-15 15:47 517,686 --sha-w c:\windows\SYSTEM32\3076\smwger.bak1
2005-06-18 15:58 486,220 --sha-w c:\windows\SYSTEM32\3076\smwger.bak2
2005-06-18 16:10 381,796 --sha-w c:\windows\SYSTEM32\3076\smwger.ini2
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-03 68856]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-09-20 202024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2004-02-02 155648]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-12-22 335872]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-03-14 122933]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-18 110592]
"PCMService"="c:\program files\Dell\Media Experience\PCMService.exe" [2004-04-11 290816]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-04-11 53248]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2004-03-04 487424]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2004-08-27 58488]
"Symantec NetDriver Monitor"="c:\progra~1\SYMNET~1\SNDMon.exe" [2005-02-06 95960]
"MaxtorOneTouch"="c:\programs\MAXTOR\ONETOU~1\UTILS\ONETOUCH.EXE" [2003-05-21 45056]
"MXO Auto Loader"="c:\windows\MXOALDR.EXE" [2003-04-07 118784]
"PinnacleDriverCheck"="c:\windows\System32\PSDrvCheck.exe" [2004-03-10 406016]
"USB2Check"="c:\windows\System32\PCLECoInst.dll" [2004-04-06 61440]
"USBToolTip"="c:\programs\PINNACLE\SHARED FILES\PROGRAMS\USBTIP\USBTIP.EXE" [2004-04-23 192512]
"HostManager"="c:\program files\Common Files\AOL\1107312650\ee\AOLSoftware.exe" [2006-05-09 50760]
"AOLDialer"="c:\program files\Common Files\AOL\ACS\AOLDial.exe" [2004-10-20 34904]
"AOL Spyware Protection"="c:\progra~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe" [2005-04-11 83544]
"Pure Networks Port Magic"="c:\progra~1\PURENE~1\PORTMA~1\PortAOL.exe" [2004-04-05 99480]
"IPHSend"="c:\program files\Common Files\AOL\IPHSend\IPHSend.exe" [2006-02-17 124520]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2006-11-30 185896]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-03 208952]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2002-08-29 44032]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2002-08-28 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2002-08-28 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2002-08-28 455168]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-01-11 623992]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-11-07 111936]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"ATIModeChange"="Ati2mdxx.exe" [2001-09-04 c:\windows\SYSTEM32\Ati2mdxx.exe]
"BCMSMMSG"="BCMSMMSG.exe" [2003-08-29 c:\windows\BCMSMMSG.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=zoabfr.dll hdfevx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"vidc.DIVF"= DivX412.dll
"vidc.XVID"= xvid.dll
"VIDC.HFYU"= huffyuv.dll
"msacm.divxa32"= DivXa32.acm
"msacm.lameacm"= LameACM.dll
"VIDC.MJPG"= Pvmjpg21.dll
"VIDC.PIM1"= pclepim1.dll
"msacm.dvacm"= c:\progra~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\SmartFTP\\SmartFTP.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"=
"c:\\Program Files\\Common Files\\AOL\\1107312650\\EE\\AOLServiceHost.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"c:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"=
"c:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe"=
"c:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"=
"c:\\Program Files\\Java\\j2re1.4.2_03\\bin\\javaw.exe"=
"c:\\Programs\\Limewire Pro\\LimeWire.exe"=
"c:\\Program Files\\Media Player Classic\\mplayerc.exe"=
"c:\\Program Files\\Common Files\\AOL\\1107312650\\EE\\aolsoftware.exe"=
"c:\\Program Files\\Common Files\\AOL\\1107312650\\EE\\aim6.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Programs\\AIM\\aim.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\SmartFTP Client\\SmartFTP.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R2 NICSer_WPC54GS;NICSer_WPC54GS;c:\program files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\NICServ.exe [2004-09-25 455680]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"c:\program files\Viewpoint\Common\ViewpointService.exe" [2007-01-10 24652]
R3 CBTNDIS5;CBTNDIS5 NDIS Protocol Driver;\??\c:\windows\System32\CBTNDIS5.SYS [2004-09-25 17142]
S1 GhPciScan;GhostPciScanner;\??\e:\norton systemworks\Norton Ghost\ghpciscan.sys []
S3 EPUSBSTOR;EPSON USB Storage Driver;c:\windows\system32\DRIVERS\epusbsto.sys [2001-09-10 17976]
.
Contents of the 'Scheduled Tasks' folder

2008-11-23 c:\windows\Tasks\A2CE686291221D72.job
- c:\docume~1\jonath~1\applic~1\roamus~1\Bold window bin.exe []

2008-08-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2008-11-22 c:\windows\Tasks\At25.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-22 c:\windows\Tasks\At26.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-22 c:\windows\Tasks\At27.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-22 c:\windows\Tasks\At28.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-03 c:\windows\Tasks\At29.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-03 c:\windows\Tasks\At30.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-03 c:\windows\Tasks\At31.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-03 c:\windows\Tasks\At32.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-03 c:\windows\Tasks\At33.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-03 c:\windows\Tasks\At34.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-22 c:\windows\Tasks\At35.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-16 c:\windows\Tasks\At36.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-16 c:\windows\Tasks\At37.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-22 c:\windows\Tasks\At38.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-22 c:\windows\Tasks\At39.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-22 c:\windows\Tasks\At40.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-03 c:\windows\Tasks\At41.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-16 c:\windows\Tasks\At42.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-03 c:\windows\Tasks\At43.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-23 c:\windows\Tasks\At44.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-23 c:\windows\Tasks\At45.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-23 c:\windows\Tasks\At46.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-23 c:\windows\Tasks\At47.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2008-11-23 c:\windows\Tasks\At48.job
- c:\windows\system32\onT54840.exe [2008-11-22 13:13]

2005-04-16 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2004-12-14 12:24]
.
- - - - ORPHANS REMOVED - - - -

BHO-{28BA58E9-6F63-4229-B2D0-2CE97D72C118} - c:\windows\system32\yaywXPFV.dll
BHO-{a1b6cb12-1231-4ff5-a2ac-56aa0149ada1} - c:\windows\system32\hdfevx.dll
HKCU-Run-JavaUpdate0.07 - c:\windows\System32\iwxo.exe
HKCU-Run-Norton SystemWorks - c:\program files\Common Files\Symantec Shared\CfgWiz.exe
HKCU-Run-GetModule29 - c:\program files\GetModule\GetModule29.exe
HKCU-Run-Sonic RecordNow! - (no file)
HKCU-Run-Aim6 - (no file)
HKLM-Run-GhostStartTrayApp - c:\programs\NORTON SYSTEMWORKS\NORTON GHOST\GHOSTSTARTTRAYAPP.EXE


.
------- Supplementary Scan -------
.
FireFox -: Profile - c:\documents and settings\Jonathan Chan\Application Data\Mozilla\Firefox\Profiles\ir78lebl.default\
FF -: plugin - c:\program files\Adobe\Acrobat 6.0\Reader\browser\nppdf32.dll
FF -: plugin - c:\program files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.dll
FF -: plugin - c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-28 11:00:30
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SYSTEM32\ati2evxx.exe
c:\program files\Common Files\Symantec Shared\ccSetMgr.exe
c:\program files\Common Files\Symantec Shared\ccEvtMgr.exe
c:\program files\Common Files\AOL\ACS\AOLacsd.exe
c:\program files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
c:\program files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\SYSTEM32\wdfmgr.exe
c:\windows\wanmpsvc.exe
c:\windows\SYSTEM32\wscntfy.exe
c:\program files\Apoint\ApntEx.exe
c:\program files\GetRight\getright.exe
c:\program files\Viewpoint\Viewpoint Manager\ViewMgr.exe
c:\program files\GetRight\getright.exe
c:\programs\WinZip\WZQKPICK.EXE
c:\program files\iPod\bin\iPodService.exe
c:\program files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\OdHost.exe
c:\program files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\WPC54CFG.exe
c:\program files\Java\jre1.6.0_07\bin\jucheck.exe
.
**************************************************************************
.
Completion time: 2008-11-28 11:07:22 - machine was rebooted [Jonathan Chan]
ComboFix-quarantined-files.txt 2008-11-28 19:06:56

Pre-Run: 5,490,769,920 bytes free
Post-Run: 6,861,111,296 bytes free

310 --- E O F --- 2008-11-15 05:44:49


New Hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:08:36 AM, on 11/28/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\NICServ.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\MXOALDR.EXE
C:\PROGRAMS\PINNACLE\SHARED FILES\PROGRAMS\USBTIP\USBTIP.EXE
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Common Files\AOL\1107312650\ee\AOLSoftware.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\GetRight\getright.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\GetRight\getright.exe
C:\Programs\WinZip\WZQKPICK.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\OdHost.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\WPC54Cfg.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\PROGRAMS\MAXTOR\ONETOU~1\UTILS\ONETOUCH.EXE
O4 - HKLM\..\Run: [MXO Auto Loader] C:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\System32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [USBToolTip] "C:\PROGRAMS\PINNACLE\SHARED FILES\PROGRAMS\USBTIP\USBTIP.EXE"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1107312650\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Program Files\GetRight\getright.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programs\WinZip\WZQKPICK.EXE
O4 - Global Startup: Wireless-G Notebook Adapter with SpeedBooster Utility.lnk = C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\Startup.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Programs\AIM\aim.exe
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: zoabfr.dll hdfevx.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GhostStartService - Unknown owner - E:\NORTON~1\NORTON~4\GHOSTS~2.EXE (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NICSer_WPC54GS - Unknown owner - C:\Program Files\Linksys\Wireless-G Notebook Adapter with SpeedBooster\NICServ.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Unknown owner - E:\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE (file missing)
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 14793 bytes

[Shaba]

To access the Uninstall Manager you would do the following:

1. Start HijackThis
2. Click on the Config button
3. Click on the Misc Tools button
4. Click on the Open Uninstall Manager button.

You will now be presented with a screen similar to the one below:



5. Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad here on your next reply.

[kf3ig]

µTorrent
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
Ad-Aware SE Personal
Adobe Acrobat 8.1.2 Professional
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Photoshop CS
Adobe Reader 6.0.1
Adobe Shockwave Player
ALPS Touch Pad Driver
AOL Coach Version 1.0(Build:20030807.3)
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Connectivity Services
AOL Deskbar
AOL Instant Messenger
AOL Spyware Protection
AOL Toolbar
AOL Uninstaller (Choose which Products to Remove)
AOL You've Got Pictures Screensaver
Apple Mobile Device Support
Apple Software Update
ATI Control Panel
ATI Display Driver
Azureus
BCM V.92 56K Modem
Bonjour
ccCommon
ccCommon
CDisplay 1.8
CloneDVD 4.1.0.23
CoCSoft Stream Down 3.3
CoreVorbis Audio Decoder (remove only)
Dell Digital Jukebox Driver
Dell Media Experience
Dell Solution Center
DellConnect
DellSupport
DivX
DivX Player
Electrotank Mini Golf Gold
EO Video 1.36
EPSON Printer Software
ffdshow
FFdshow [2006-08-18 | rev 2546]
GetRight
Google Toolbar for Internet Explorer
GunBound
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB952287)
iPhoneRingToneMaker 2.1.3
iPod Updater 2004-08-06
iTunes
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 9
Java 2 Runtime Environment, SE v1.4.2_03
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
LimeWire
LiveUpdate 2.6 (Symantec Corporation)
Malwarebytes' Anti-Malware
Maxtor OneTouch
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Encarta Encyclopedia Standard 2004
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2004
Microsoft Money 2004 System Pack
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office XP Professional with FrontPage
Microsoft Silverlight
mkv2vob
MobileMe Control Panel
Modem Helper
Mozilla Firefox (3.0.4)
mpegable DS decoder
MSRedist
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
Nero 8 Demo
neroxml
Nimo Codecs Pack v5.0 (Remove Only)
Norton AntiVirus Parent MSI
Norton Ghost
Norton Internet Security
Norton WMI Update
NSW_DRM_COLLECTION
Odyssey Client
PowerDVD 5.1
PowerQuest PartitionMagic 8.0
Pure Networks Port Magic
QuickSet
QuickTime
Real Alternative 1.25
RealPlayer
RM Converter 2.21
Safari
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB955936)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB955470)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB951808)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office Word 2007 (KB950113)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Visio 2007 (KB947590)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Shockwave
SmartFTP
SmartFTP Client
SmartSound Quicktracks Plugin
Sonic DLA
Sonic MyDVD
Sonic RecordNow!
Sonic Update Manager
Studio 9 Content CD/DVD
Symantec Script Blocking Installer
Trillian
TweakNow RegCleaner Standard
Ulead VideoStudio 8.0 Trial
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb957829)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
USB Storage Adapter FX (MXO)
VCRedistSetup
VideoLAN VLC media player 0.8.6i
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Virtual DJ - Atomix Productions
Windows Live Messenger
Windows Media Format Runtime
Windows Media Player 10
Windows XP Service Pack 3
WinMPG Video Convert 5.5
WinRAR archiver
WinZip
Wireless-G Notebook Adapter with SpeedBooster

[Shaba]

IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

µTorrent
Azureus
Limewire

I'd like you to read the MRU policy for P2P Programs.

Please go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).

Please run a new uninstall list scan when finished and post the log back here.

[kf3ig]

2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
Ad-Aware SE Personal
Adobe Acrobat 8.1.2 Professional
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Photoshop CS
Adobe Reader 6.0.1
Adobe Shockwave Player
ALPS Touch Pad Driver
AOL Coach Version 1.0(Build:20030807.3)
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Connectivity Services
AOL Deskbar
AOL Instant Messenger
AOL Spyware Protection
AOL Toolbar
AOL Uninstaller (Choose which Products to Remove)
AOL You've Got Pictures Screensaver
Apple Mobile Device Support
Apple Software Update
ATI Control Panel
ATI Display Driver
BCM V.92 56K Modem
Bonjour
ccCommon
ccCommon
CDisplay 1.8
CloneDVD 4.1.0.23
CoCSoft Stream Down 3.3
CoreVorbis Audio Decoder (remove only)
Dell Digital Jukebox Driver
Dell Media Experience
Dell Solution Center
DellConnect
DellSupport
DivX
DivX Player
Electrotank Mini Golf Gold
EO Video 1.36
EPSON Printer Software
ffdshow
FFdshow [2006-08-18 | rev 2546]
GetRight
Google Toolbar for Internet Explorer
GunBound
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB952287)
iPhoneRingToneMaker 2.1.3
iPod Updater 2004-08-06
iTunes
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 9
Java 2 Runtime Environment, SE v1.4.2_03
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
LiveUpdate 2.6 (Symantec Corporation)
Malwarebytes' Anti-Malware
Maxtor OneTouch
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Encarta Encyclopedia Standard 2004
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2004
Microsoft Money 2004 System Pack
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office XP Professional with FrontPage
Microsoft Silverlight
mkv2vob
MobileMe Control Panel
Modem Helper
Mozilla Firefox (3.0.4)
mpegable DS decoder
MSRedist
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
Nero 8 Demo
neroxml
Nimo Codecs Pack v5.0 (Remove Only)
Norton AntiVirus Parent MSI
Norton Ghost
Norton Internet Security
Norton WMI Update
NSW_DRM_COLLECTION
Odyssey Client
PowerDVD 5.1
PowerQuest PartitionMagic 8.0
Pure Networks Port Magic
QuickSet
QuickTime
Real Alternative 1.25
RealPlayer
RM Converter 2.21
Safari
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB955936)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB955470)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB951808)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office Word 2007 (KB950113)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Visio 2007 (KB947590)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Shockwave
SmartFTP
SmartFTP Client
SmartSound Quicktracks Plugin
Sonic DLA
Sonic MyDVD
Sonic RecordNow!
Sonic Update Manager
Studio 9 Content CD/DVD
Symantec Script Blocking Installer
Trillian
TweakNow RegCleaner Standard
Ulead VideoStudio 8.0 Trial
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb957829)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
USB Storage Adapter FX (MXO)
VCRedistSetup
VideoLAN VLC media player 0.8.6i
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Virtual DJ - Atomix Productions
Windows Live Messenger
Windows Media Format Runtime
Windows Media Player 10
Windows XP Service Pack 3
WinMPG Video Convert 5.5
WinRAR archiver
WinZip
Wireless-G Notebook Adapter with SpeedBooster

[Shaba]

Thank you

This is the next step:

Disable resident protections (Antivirus...); you'll re-enable them after the scan

Download Lop S&D here

Double-click Lop S&D.exe
Choose the language, then choose Option 1 (Search)
Wait till the end of the scan
Post the log which is created: (C:\lopR.txt)

[kf3ig]

--------------------\\ Lop S&D 4.2.4-9c XP/Vista


"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( Sat 11/29/2008|13:04 )

--------------------\\ Listing folders in APPLIC~1

[09/04/2004|11:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Identities
[09/04/2004|11:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Jasc Software Inc
[09/04/2004|11:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Microsoft
[09/04/2004|11:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Sonic
[09/04/2004|11:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Sun
[09/04/2004|11:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Symantec

[11/22/2008|01:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> {3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[10/04/2008|06:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[06/27/2006|05:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL
[10/30/2006|06:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL Downloads
[06/30/2007|01:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple
[06/30/2007|01:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer
[09/04/2004|11:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> CyberLink
[02/01/2008|11:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Dell
[06/06/2007|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> DVDXStudio
[10/13/2007|02:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Elaborate Bytes
[03/22/2008|04:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> FLEXnet
[10/23/2006|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
[07/31/2006|06:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> GTek
[11/07/2003|10:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Macrovision
[11/22/2008|07:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Malwarebytes
[02/17/2008|12:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[11/14/2008|09:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft Help
[10/13/2007|02:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Nero
[12/05/2004|05:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Pinnacle
[02/01/2005|06:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Pure Networks
[10/02/2004|06:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> QuickTime
[09/04/2004|11:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SBSI
[03/17/2005|09:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SmartSound Software Inc
[04/16/2005|01:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Symantec
[11/22/2008|08:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
[10/25/2006|03:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Tool Phone Settings Upload
[02/02/2008|05:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TVU Networks
[04/16/2005|12:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Ulead Systems
[10/09/2006|09:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Viewpoint
[05/29/2006|02:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage

[09/04/2004|11:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Identities
[09/04/2004|11:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Jasc Software Inc
[12/07/2007|05:46] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft
[09/04/2004|11:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Sonic
[09/04/2004|11:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Sun
[09/04/2004|11:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Symantec

[06/28/2006|09:16] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> acccore
[10/04/2008|06:36] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Adobe
[02/29/2008|08:07] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> AdobeUM
[09/25/2004|10:39] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Aim
[02/01/2005|06:52] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> AOL
[04/06/2008|12:47] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Apple Computer
[08/22/2006|09:48] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Azureus
[09/17/2004|10:55] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Corel
[09/18/2004|02:20] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> CyberLink
[11/13/2005|05:49] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Digital Album Organizer
[05/31/2008|09:52] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> dvdcss
[11/28/2008|10:34] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> GetModule
[12/21/2005|10:17] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Google
[04/09/2007|06:19] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> GTek
[11/05/2004|10:56] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Help
[09/04/2004|11:11] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Identities
[11/14/2008|07:35] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> iPhoneRingToneMaker
[09/04/2004|11:59] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Jasc Software Inc
[09/25/2004|10:00] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Kazaa Lite
[09/26/2004|02:02] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Lavasoft
[11/08/2004|12:03] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Leadertech
[10/25/2006|01:15] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Macromedia
[11/22/2008|07:54] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Malwarebytes
[11/30/2006|06:14] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Media Player Classic
[08/21/2008|04:01] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Microsoft
[02/08/2008|05:31] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Move Networks
[06/17/2008|03:09] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Mozilla
[10/13/2007|02:43] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Nero
[12/08/2004|10:22] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> NetMedia Providers
[12/08/2004|10:22] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Publish Providers
[03/07/2007|07:59] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Real
[10/25/2006|03:13] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> RoamUserAce
[07/16/2007|10:15] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> SmartFTP
[11/08/2004|12:03] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Sonic
[12/08/2004|10:22] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Sony
[09/04/2004|11:47] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Sun
[12/03/2004|05:43] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Symantec
[02/02/2008|05:40] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> TVU Networks
[11/22/2008|11:35] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> U3
[12/29/2004|11:48] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Ulead Systems
[09/01/2008|05:01] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> uTorrent
[01/17/2007|10:19] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Viewpoint
[08/26/2006|09:42] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> vlc
[06/06/2007|12:21] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Vso
[02/01/2005|06:52] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> You've Got Pictures Screensaver

[09/04/2004|11:11] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft

[11/15/2008|10:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Adobe
[11/02/2008|08:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Google
[11/02/2008|08:01] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Macromedia
[11/02/2008|08:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft
[11/22/2008|03:08] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Sun
[01/17/2005|01:56] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Symantec

[09/17/2004|10:38] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Symantec

--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

[11/22/2008 11:45 PM][--a------] C:\WINDOWS\tasks\At48.job
[11/22/2008 09:51 PM][--a------] C:\WINDOWS\tasks\At46.job
[11/22/2008 10:57 PM][--a------] C:\WINDOWS\tasks\At47.job
[11/22/2008 08:13 PM][--a------] C:\WINDOWS\tasks\At45.job
[11/22/2008 07:42 PM][--a------] C:\WINDOWS\tasks\At44.job
[11/02/2008 06:00 PM][--a------] C:\WINDOWS\tasks\At43.job
[11/15/2008 08:28 PM][--a------] C:\WINDOWS\tasks\At42.job
[11/22/2008 03:00 PM][--a------] C:\WINDOWS\tasks\At40.job
[11/22/2008 02:00 PM][--a------] C:\WINDOWS\tasks\At39.job
[11/02/2008 06:00 PM][--a------] C:\WINDOWS\tasks\At41.job
[11/16/2008 12:00 PM][--a------] C:\WINDOWS\tasks\At37.job
[11/22/2008 01:03 PM][--a------] C:\WINDOWS\tasks\At38.job
[11/02/2008 06:00 PM][--a------] C:\WINDOWS\tasks\At33.job
[11/02/2008 06:00 PM][--a------] C:\WINDOWS\tasks\At34.job
[11/21/2008 11:44 PM][--a------] C:\WINDOWS\tasks\At35.job
[11/16/2008 11:00 AM][--a------] C:\WINDOWS\tasks\At36.job
[11/02/2008 06:00 PM][--a------] C:\WINDOWS\tasks\At32.job
[11/02/2008 06:00 PM][--a------] C:\WINDOWS\tasks\At30.job
[11/02/2008 06:00 PM][--a------] C:\WINDOWS\tasks\At29.job
[11/02/2008 06:00 PM][--a------] C:\WINDOWS\tasks\At31.job
[11/22/2008 03:00 AM][--a------] C:\WINDOWS\tasks\At28.job
[11/22/2008 02:03 AM][--a------] C:\WINDOWS\tasks\At27.job
[11/22/2008 01:00 AM][--a------] C:\WINDOWS\tasks\At26.job
[11/22/2008 12:35 AM][--a------] C:\WINDOWS\tasks\At25.job
[08/28/2008 01:45 PM][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[11/22/2008 11:00 PM][--ah-----] C:\WINDOWS\tasks\A2CE686291221D72.job
[04/16/2005 01:05 PM][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[11/29/2008 01:00 PM][--ah-----] C:\WINDOWS\tasks\SA.DAT
[08/29/2002 02:00 AM][-r-h-----] C:\WINDOWS\tasks\DESKTOP.INI

( A2CE686291221D72.job )=( c:\docume~1\jonath~1\applic~1\roamus~1\Boldwindowbin.exe )

--------------------\\ Listing Folders in C:\Program Files

[03/13/2005|08:26] C:\Program Files\<DIR> Admilli Service
[03/22/2008|04:28] C:\Program Files\<DIR> Adobe
[10/13/2007|02:34] C:\Program Files\<DIR> Ahead
[10/25/2006|03:13] C:\Program Files\<DIR> Anti-Leech
[10/30/2006|06:55] C:\Program Files\<DIR> AOD
[06/27/2006|05:57] C:\Program Files\<DIR> AOL
[02/01/2005|06:51] C:\Program Files\<DIR> AOL Deskbar
[11/22/2008|01:43] C:\Program Files\<DIR> AOL Toolbar
[09/04/2004|11:30] C:\Program Files\<DIR> Apoint
[08/20/2008|07:18] C:\Program Files\<DIR> Apple Software Update
[09/04/2004|11:52] C:\Program Files\<DIR> ATI Technologies
[09/25/2004|10:39] C:\Program Files\<DIR> AWS
[10/03/2008|11:54] C:\Program Files\<DIR> Bonjour
[07/13/2006|09:54] C:\Program Files\<DIR> CDisplay
[06/06/2007|12:20] C:\Program Files\<DIR> CloneDVD
[11/29/2008|01:00] C:\Program Files\<DIR> Common Files
[09/04/2004|11:11] C:\Program Files\<DIR> ComPlus Applications
[09/06/2005|07:59] C:\Program Files\<DIR> Convar
[09/04/2004|11:55] C:\Program Files\<DIR> CyberLink
[06/09/2005|09:27] C:\Program Files\<DIR> Dell
[06/24/2007|12:37] C:\Program Files\<DIR> DellConnect
[04/09/2007|06:16] C:\Program Files\<DIR> DellSupport
[04/07/2005|08:18] C:\Program Files\<DIR> DivX
[10/01/2004|05:08] C:\Program Files\<DIR> DivXCodec
[10/13/2007|02:12] C:\Program Files\<DIR> Elaborate Bytes
[02/22/2008|06:03] C:\Program Files\<DIR> eMule
[09/25/2004|09:29] C:\Program Files\<DIR> EPSON
[08/26/2006|04:44] C:\Program Files\<DIR> ffdshow
[09/15/2005|03:47] C:\Program Files\<DIR> FileFlow
[10/08/2006|07:53] C:\Program Files\<DIR> Filetopia3
[09/27/2008|01:13] C:\Program Files\<DIR> FlashGet
[09/25/2004|09:10] C:\Program Files\<DIR> Funk Software
[10/25/2008|11:48] C:\Program Files\<DIR> GetRight
[02/01/2007|08:10] C:\Program Files\<DIR> Google
[11/30/2006|06:10] C:\Program Files\<DIR> GustoSoft
[09/27/2008|01:06] C:\Program Files\<DIR> Haali
[11/29/2005|04:36] C:\Program Files\<DIR> InstallShield Installation Information
[09/04/2004|11:51] C:\Program Files\<DIR> Intel
[10/18/2008|09:29] C:\Program Files\<DIR> Internet Explorer
[04/11/2008|04:32] C:\Program Files\<DIR> iPhoneRingToneMaker
[11/22/2008|01:02] C:\Program Files\<DIR> iPod
[11/22/2008|01:03] C:\Program Files\<DIR> iTunes
[09/25/2004|09:44] C:\Program Files\<DIR> Jasc Software Inc
[07/18/2008|08:46] C:\Program Files\<DIR> Java
[09/25/2004|09:11] C:\Program Files\<DIR> Linksys
[11/22/2008|07:56] C:\Program Files\<DIR> Malwarebytes' Anti-Malware
[11/30/2006|06:20] C:\Program Files\<DIR> Media Player Classic
[09/04/2008|10:47] C:\Program Files\<DIR> Messenger
[02/24/2008|03:01] C:\Program Files\<DIR> Microsoft CAPICOM 2.1.0.2
[09/04/2004|11:55] C:\Program Files\<DIR> Microsoft Encarta
[09/04/2004|11:11] C:\Program Files\<DIR> microsoft frontpage
[09/04/2004|11:56] C:\Program Files\<DIR> Microsoft Money
[02/22/2008|05:48] C:\Program Files\<DIR> Microsoft Office
[10/24/2008|07:12] C:\Program Files\<DIR> Microsoft Silverlight
[02/22/2008|05:47] C:\Program Files\<DIR> Microsoft Visual Studio
[02/22/2008|05:50] C:\Program Files\<DIR> Microsoft Works
[02/22/2008|05:45] C:\Program Files\<DIR> Microsoft.NET
[08/21/2008|04:01] C:\Program Files\<DIR> mkv2vob
[09/04/2004|11:55] C:\Program Files\<DIR> Modem Helper
[09/04/2008|10:41] C:\Program Files\<DIR> Movie Maker
[11/29/2008|01:02] C:\Program Files\<DIR> Mozilla Firefox
[03/02/2008|05:02] C:\Program Files\<DIR> Mp3 My Mp3 2.0
[09/25/2004|09:51] C:\Program Files\<DIR> mpegable
[02/22/2008|05:49] C:\Program Files\<DIR> MSBuild
[09/04/2004|11:11] C:\Program Files\<DIR> MSN
[09/04/2004|11:11] C:\Program Files\<DIR> MSN Gaming Zone
[09/27/2008|04:05] C:\Program Files\<DIR> MSN Messenger
[11/17/2006|01:27] C:\Program Files\<DIR> MSXML 4.0
[09/26/2004|01:56] C:\Program Files\<DIR> MUSICMATCH
[10/13/2007|02:39] C:\Program Files\<DIR> Nero
[09/04/2008|10:37] C:\Program Files\<DIR> NetMeeting
[10/25/2006|03:13] C:\Program Files\<DIR> NetPumper
[09/04/2004|11:11] C:\Program Files\<DIR> Online Services
[09/04/2008|10:37] C:\Program Files\<DIR> Outlook Express
[12/05/2004|08:02] C:\Program Files\<DIR> Pinnacle
[09/13/2004|08:16] C:\Program Files\<DIR> PowerQuest
[02/01/2005|06:51] C:\Program Files\<DIR> Pure Networks
[11/22/2008|01:00] C:\Program Files\<DIR> QuickTime
[11/30/2006|06:19] C:\Program Files\<DIR> Real
[04/10/2005|02:53] C:\Program Files\<DIR> Real Alternative
[11/22/2008|12:49] C:\Program Files\<DIR> Safari
[09/20/2006|05:47] C:\Program Files\<DIR> Sibelius Software
[01/04/2005|06:19] C:\Program Files\<DIR> SmartFTP
[07/16/2007|10:15] C:\Program Files\<DIR> SmartFTP Client
[12/31/2004|02:15] C:\Program Files\<DIR> SmartSound Software
[09/04/2004|11:54] C:\Program Files\<DIR> Sonic
[09/27/2008|01:06] C:\Program Files\<DIR> StreamboxVcrSuite
[04/16/2005|01:04] C:\Program Files\<DIR> Symantec
[09/25/2004|09:18] C:\Program Files\<DIR> SymNetDrv
[10/01/2004|05:08] C:\Program Files\<DIR> The Playa
[11/22/2008|08:31] C:\Program Files\<DIR> Trend Micro
[09/26/2005|06:14] C:\Program Files\<DIR> Trillian
[07/06/2006|11:29] C:\Program Files\<DIR> TweakNow RegCleaner Std
[10/15/2004|08:51] C:\Program Files\<DIR> Uninstall Information
[05/30/2005|07:08] C:\Program Files\<DIR> VideoLAN
[01/10/2007|06:05] C:\Program Files\<DIR> Viewpoint
[12/15/2005|05:14] C:\Program Files\<DIR> VirtualDJ
[11/22/2008|06:25] C:\Program Files\<DIR> Webtools
[12/31/2004|02:14] C:\Program Files\<DIR> Windows Media Components
[09/04/2008|10:37] C:\Program Files\<DIR> Windows Media Player
[09/04/2008|10:37] C:\Program Files\<DIR> Windows NT
[09/25/2004|09:48] C:\Program Files\<DIR> WindowsUpdate
[09/04/2004|11:11] C:\Program Files\<DIR> XEROX
[08/01/2006|06:22] C:\Program Files\<DIR> Xilisoft
[10/01/2004|05:08] C:\Program Files\<DIR> XviD

--------------------\\ Listing Folders in C:\Program Files\Common Files

[03/22/2008|04:30] C:\Program Files\Common Files\<DIR> Adobe
[04/11/2008|01:21] C:\Program Files\Common Files\<DIR> AOL
[11/04/2004|06:02] C:\Program Files\Common Files\<DIR> aolback
[02/01/2005|06:51] C:\Program Files\Common Files\<DIR> AolCoach
[06/07/2005|09:38] C:\Program Files\Common Files\<DIR> aolshare
[11/22/2008|01:02] C:\Program Files\Common Files\<DIR> Apple
[04/07/2005|07:11] C:\Program Files\Common Files\<DIR> Designer
[09/25/2004|09:10] C:\Program Files\Common Files\<DIR> Funk Software
[12/05/2004|05:45] C:\Program Files\Common Files\<DIR> InstallShield
[09/04/2004|11:46] C:\Program Files\Common Files\<DIR> Java
[03/22/2008|04:42] C:\Program Files\Common Files\<DIR> Macrovision Shared
[08/23/2008|01:23] C:\Program Files\Common Files\<DIR> Microsoft Shared
[09/04/2004|11:11] C:\Program Files\Common Files\<DIR> MSSoap
[10/13/2007|02:42] C:\Program Files\Common Files\<DIR> Nero
[02/01/2005|06:38] C:\Program Files\Common Files\<DIR> NSV
[11/04/2004|06:01] C:\Program Files\Common Files\<DIR> Nullsoft
[09/04/2004|11:11] C:\Program Files\Common Files\<DIR> ODBC
[11/30/2006|06:20] C:\Program Files\Common Files\<DIR> Real
[09/04/2004|11:11] C:\Program Files\Common Files\<DIR> Services
[09/04/2004|11:54] C:\Program Files\Common Files\<DIR> Sonic
[09/04/2004|11:53] C:\Program Files\Common Files\<DIR> Sonic Shared
[09/04/2004|11:11] C:\Program Files\Common Files\<DIR> SpeechEngines
[10/07/2005|05:05] C:\Program Files\Common Files\<DIR> SunnComm Shared
[09/17/2004|06:33] C:\Program Files\Common Files\<DIR> SWF Studio
[04/16/2005|01:11] C:\Program Files\Common Files\<DIR> Symantec Shared
[09/04/2008|10:37] C:\Program Files\Common Files\<DIR> System
[12/31/2004|02:14] C:\Program Files\Common Files\<DIR> Ulead Systems
[10/30/2004|03:56] C:\Program Files\Common Files\<DIR> updater
[03/02/2005|06:32] C:\Program Files\Common Files\<DIR> Vbox
[08/21/2008|04:01] C:\Program Files\Common Files\<DIR> Wise Installation Wizard
[11/30/2006|06:20] C:\Program Files\Common Files\<DIR> xing shared

--------------------\\ Process

( 69 Processes )

... OK !

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

C:\DOCUME~1\JONATH~1\APPLIC~1\roamus~1
C:\Program Files\NetPumper
C:\Program Files\NetPumper\AddUrl.htm
C:\Program Files\NetPumper\Anti-Leech
C:\Program Files\NetPumper\help
C:\Program Files\NetPumper\README.txt
C:\Program Files\NetPumper\unins000.dat
C:\WINDOWS\Tasks\A2CE686291221D72.job

--------------------\\ Searching within the Registry

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Checking the Hosts file

Hosts file CLEAN


--------------------\\ Searching for hidden files with Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-29 13:05:46
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Searching for other infections

C:\WINDOWS\Tasks\At25.job
C:\WINDOWS\Tasks\At26.job
C:\WINDOWS\Tasks\At27.job
C:\WINDOWS\Tasks\At28.job
C:\WINDOWS\Tasks\At29.job
C:\WINDOWS\Tasks\At30.job
C:\WINDOWS\Tasks\At31.job
C:\WINDOWS\Tasks\At32.job
C:\WINDOWS\Tasks\At33.job
C:\WINDOWS\Tasks\At34.job
C:\WINDOWS\Tasks\At35.job
C:\WINDOWS\Tasks\At36.job
C:\WINDOWS\Tasks\At37.job
C:\WINDOWS\Tasks\At38.job
C:\WINDOWS\Tasks\At39.job
C:\WINDOWS\Tasks\At40.job
C:\WINDOWS\Tasks\At41.job
C:\WINDOWS\Tasks\At42.job
C:\WINDOWS\Tasks\At43.job
C:\WINDOWS\Tasks\At44.job
C:\WINDOWS\Tasks\At45.job
C:\WINDOWS\Tasks\At46.job
C:\WINDOWS\Tasks\At47.job
C:\WINDOWS\Tasks\At48.job

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\JONATH~1\Favorites\Welcome to CRACKS.AM software security site!.url
C:\DOCUME~1\JONATH~1\My Documents\Adobe Acrobat Pro\crack.bat
C:\DOCUME~1\JONATH~1\Recent\keygen.lnk


[F:6][D:3]-> C:\DOCUME~1\JONATH~1\LOCALS~1\Temp
[F:658][D:0]-> C:\DOCUME~1\JONATH~1\Cookies
[F:11][D:3]-> C:\DOCUME~1\JONATH~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - Sat 11/29/2008|13:08 - Option : [1]

--------------------\\ Scan completed at 13:08:34

[Shaba]

Restart Lop S&D

This time choose Option 3 (Fix - Hosts)
Don't close the window during suppression!
Post the log which is created: (C:\lopR.txt)

[kf3ig]

--------------------\\ Lop S&D 4.2.4-9c XP/Vista


"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [3] ( Sun 11/30/2008|10:11 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ FIX

Deleted! - C:\Program Files\NetPumper\AddUrl.htm
Deleted! - C:\Program Files\NetPumper\Anti-Leech
Deleted! - C:\Program Files\NetPumper\help
Deleted! - C:\Program Files\NetPumper\README.txt
Deleted! - C:\Program Files\NetPumper\unins000.dat
Deleted! - C:\WINDOWS\Tasks\A2CE686291221D72.job
Deleted! - C:\DOCUME~1\JONATH~1\APPLIC~1\roamus~1
Deleted! - C:\Program Files\NetPumper

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Deleted! - C:\DOCUME~1\JONATH~1\APPLIC~1\Viewpoint
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing folders in APPLIC~1

[09/04/2004|11:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Identities
[09/04/2004|11:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Jasc Software Inc
[09/04/2004|11:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Microsoft
[09/04/2004|11:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Sonic
[09/04/2004|11:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Sun
[09/04/2004|11:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Symantec

[11/22/2008|01:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> {3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[10/04/2008|06:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[06/27/2006|05:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL
[10/30/2006|06:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL Downloads
[06/30/2007|01:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple
[06/30/2007|01:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer
[09/04/2004|11:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> CyberLink
[02/01/2008|11:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Dell
[06/06/2007|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> DVDXStudio
[10/13/2007|02:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Elaborate Bytes
[03/22/2008|04:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> FLEXnet
[10/23/2006|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
[07/31/2006|06:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> GTek
[11/07/2003|10:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Macrovision
[11/22/2008|07:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Malwarebytes
[02/17/2008|12:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[11/14/2008|09:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft Help
[10/13/2007|02:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Nero
[12/05/2004|05:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Pinnacle
[02/01/2005|06:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Pure Networks
[10/02/2004|06:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> QuickTime
[09/04/2004|11:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SBSI
[03/17/2005|09:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SmartSound Software Inc
[04/16/2005|01:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Symantec
[11/22/2008|08:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
[10/25/2006|03:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Tool Phone Settings Upload
[02/02/2008|05:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TVU Networks
[04/16/2005|12:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Ulead Systems
[05/29/2006|02:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage

[09/04/2004|11:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Identities
[09/04/2004|11:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Jasc Software Inc
[12/07/2007|05:46] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft
[09/04/2004|11:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Sonic
[09/04/2004|11:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Sun
[09/04/2004|11:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Symantec

[06/28/2006|09:16] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> acccore
[10/04/2008|06:36] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Adobe
[02/29/2008|08:07] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> AdobeUM
[09/25/2004|10:39] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Aim
[02/01/2005|06:52] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> AOL
[04/06/2008|12:47] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Apple Computer
[08/22/2006|09:48] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Azureus
[09/17/2004|10:55] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Corel
[09/18/2004|02:20] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> CyberLink
[11/13/2005|05:49] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Digital Album Organizer
[05/31/2008|09:52] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> dvdcss
[11/28/2008|10:34] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> GetModule
[12/21/2005|10:17] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Google
[04/09/2007|06:19] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> GTek
[11/05/2004|10:56] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Help
[09/04/2004|11:11] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Identities
[11/14/2008|07:35] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> iPhoneRingToneMaker
[09/04/2004|11:59] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Jasc Software Inc
[09/25/2004|10:00] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Kazaa Lite
[09/26/2004|02:02] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Lavasoft
[11/08/2004|12:03] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Leadertech
[10/25/2006|01:15] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Macromedia
[11/22/2008|07:54] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Malwarebytes
[11/30/2006|06:14] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Media Player Classic
[08/21/2008|04:01] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Microsoft
[02/08/2008|05:31] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Move Networks
[06/17/2008|03:09] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Mozilla
[10/13/2007|02:43] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Nero
[12/08/2004|10:22] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> NetMedia Providers
[12/08/2004|10:22] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Publish Providers
[03/07/2007|07:59] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Real
[07/16/2007|10:15] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> SmartFTP
[11/08/2004|12:03] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Sonic
[12/08/2004|10:22] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Sony
[09/04/2004|11:47] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Sun
[12/03/2004|05:43] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Symantec
[02/02/2008|05:40] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> TVU Networks
[11/22/2008|11:35] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> U3
[12/29/2004|11:48] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Ulead Systems
[09/01/2008|05:01] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> uTorrent
[08/26/2006|09:42] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> vlc
[06/06/2007|12:21] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> Vso
[02/01/2005|06:52] C:\DOCUME~1\JONATH~1\APPLIC~1\<DIR> You've Got Pictures Screensaver

[09/04/2004|11:11] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft

[11/15/2008|10:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Adobe
[11/02/2008|08:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Google
[11/02/2008|08:01] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Macromedia
[11/02/2008|08:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft
[11/22/2008|03:08] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Sun
[01/17/2005|01:56] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Symantec

[09/17/2004|10:38] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Symantec

--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

[11/22/2008 11:45 PM][--a------] C:\WINDOWS\tasks\At48.job
[11/22/2008 09:51 PM][--a------] C:\WINDOWS\tasks\At46.job
[11/22/2008 10:57 PM][--a------] C:\WINDOWS\tasks\At47.job
[11/22/2008 08:13 PM][--a------] C:\WINDOWS\tasks\At45.job
[11/22/2008 07:42 PM][--a------] C:\WINDOWS\tasks\At44.job
[11/02/2008 06:00 PM][--a------] C:\WINDOWS\tasks\At43.job
[11/15/2008 08:28 PM][--a------] C:\WINDOWS\tasks\At42.job
[11/22/2008 03:00 PM][--a------] C:\WINDOWS\tasks\At40.job
[11/22/2008 02:00 PM][--a------] C:\WINDOWS\tasks\At39.job
[11/02/2008 06:00 PM][--a------] C:\WINDOWS\tasks\At41.job
[11/22/2008 01:03 PM][--a------] C:\WINDOWS\tasks\At38.job
[11/16/2008 12:00 PM][--a------] C:\WINDOWS\tasks\At37.job
[11/02/2008 06:00 PM][--a------] C:\WINDOWS\tasks\At34.job
[11/02/2008 06:00 PM][--a------] C:\WINDOWS\tasks\At33.job
[11/16/2008 11:00 AM][--a------] C:\WINDOWS\tasks\At36.job
[11/21/2008 11:44 PM][--a------] C:\WINDOWS\tasks\At35.job
[11/02/2008 06:00 PM][--a------] C:\WINDOWS\tasks\At32.job
[11/02/2008 06:00 PM][--a------] C:\WINDOWS\tasks\At31.job
[11/02/2008 06:00 PM][--a------] C:\WINDOWS\tasks\At30.job
[11/02/2008 06:00 PM][--a------] C:\WINDOWS\tasks\At29.job
[11/22/2008 02:03 AM][--a------] C:\WINDOWS\tasks\At27.job
[11/22/2008 01:00 AM][--a------] C:\WINDOWS\tasks\At26.job
[11/22/2008 03:00 AM][--a------] C:\WINDOWS\tasks\At28.job
[11/22/2008 12:35 AM][--a------] C:\WINDOWS\tasks\At25.job
[08/28/2008 01:45 PM][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[04/16/2005 01:05 PM][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[11/30/2008 10:09 AM][--ah-----] C:\WINDOWS\tasks\SA.DAT
[08/29/2002 02:00 AM][-r-h-----] C:\WINDOWS\tasks\DESKTOP.INI

--------------------\\ Listing Folders in C:\Program Files

[03/13/2005|08:26] C:\Program Files\<DIR> Admilli Service
[03/22/2008|04:28] C:\Program Files\<DIR> Adobe
[10/13/2007|02:34] C:\Program Files\<DIR> Ahead
[10/25/2006|03:13] C:\Program Files\<DIR> Anti-Leech
[10/30/2006|06:55] C:\Program Files\<DIR> AOD
[06/27/2006|05:57] C:\Program Files\<DIR> AOL
[02/01/2005|06:51] C:\Program Files\<DIR> AOL Deskbar
[11/22/2008|01:43] C:\Program Files\<DIR> AOL Toolbar
[09/04/2004|11:30] C:\Program Files\<DIR> Apoint
[08/20/2008|07:18] C:\Program Files\<DIR> Apple Software Update
[09/04/2004|11:52] C:\Program Files\<DIR> ATI Technologies
[09/25/2004|10:39] C:\Program Files\<DIR> AWS
[10/03/2008|11:54] C:\Program Files\<DIR> Bonjour
[07/13/2006|09:54] C:\Program Files\<DIR> CDisplay
[06/06/2007|12:20] C:\Program Files\<DIR> CloneDVD
[11/30/2008|10:09] C:\Program Files\<DIR> Common Files
[09/04/2004|11:11] C:\Program Files\<DIR> ComPlus Applications
[09/06/2005|07:59] C:\Program Files\<DIR> Convar
[09/04/2004|11:55] C:\Program Files\<DIR> CyberLink
[06/09/2005|09:27] C:\Program Files\<DIR> Dell
[06/24/2007|12:37] C:\Program Files\<DIR> DellConnect
[04/09/2007|06:16] C:\Program Files\<DIR> DellSupport
[04/07/2005|08:18] C:\Program Files\<DIR> DivX
[10/01/2004|05:08] C:\Program Files\<DIR> DivXCodec
[10/13/2007|02:12] C:\Program Files\<DIR> Elaborate Bytes
[02/22/2008|06:03] C:\Program Files\<DIR> eMule
[09/25/2004|09:29] C:\Program Files\<DIR> EPSON
[08/26/2006|04:44] C:\Program Files\<DIR> ffdshow
[09/15/2005|03:47] C:\Program Files\<DIR> FileFlow
[10/08/2006|07:53] C:\Program Files\<DIR> Filetopia3
[09/27/2008|01:13] C:\Program Files\<DIR> FlashGet
[09/25/2004|09:10] C:\Program Files\<DIR> Funk Software
[10/25/2008|11:48] C:\Program Files\<DIR> GetRight
[02/01/2007|08:10] C:\Program Files\<DIR> Google
[11/30/2006|06:10] C:\Program Files\<DIR> GustoSoft
[09/27/2008|01:06] C:\Program Files\<DIR> Haali
[11/29/2005|04:36] C:\Program Files\<DIR> InstallShield Installation Information
[09/04/2004|11:51] C:\Program Files\<DIR> Intel
[10/18/2008|09:29] C:\Program Files\<DIR> Internet Explorer
[04/11/2008|04:32] C:\Program Files\<DIR> iPhoneRingToneMaker
[11/22/2008|01:02] C:\Program Files\<DIR> iPod
[11/22/2008|01:03] C:\Program Files\<DIR> iTunes
[09/25/2004|09:44] C:\Program Files\<DIR> Jasc Software Inc
[07/18/2008|08:46] C:\Program Files\<DIR> Java
[09/25/2004|09:11] C:\Program Files\<DIR> Linksys
[11/22/2008|07:56] C:\Program Files\<DIR> Malwarebytes' Anti-Malware
[11/30/2006|06:20] C:\Program Files\<DIR> Media Player Classic
[09/04/2008|10:47] C:\Program Files\<DIR> Messenger
[02/24/2008|03:01] C:\Program Files\<DIR> Microsoft CAPICOM 2.1.0.2
[09/04/2004|11:55] C:\Program Files\<DIR> Microsoft Encarta
[09/04/2004|11:11] C:\Program Files\<DIR> microsoft frontpage
[09/04/2004|11:56] C:\Program Files\<DIR> Microsoft Money
[02/22/2008|05:48] C:\Program Files\<DIR> Microsoft Office
[10/24/2008|07:12] C:\Program Files\<DIR> Microsoft Silverlight
[02/22/2008|05:47] C:\Program Files\<DIR> Microsoft Visual Studio
[02/22/2008|05:50] C:\Program Files\<DIR> Microsoft Works
[02/22/2008|05:45] C:\Program Files\<DIR> Microsoft.NET
[08/21/2008|04:01] C:\Program Files\<DIR> mkv2vob
[09/04/2004|11:55] C:\Program Files\<DIR> Modem Helper
[09/04/2008|10:41] C:\Program Files\<DIR> Movie Maker
[11/29/2008|01:12] C:\Program Files\<DIR> Mozilla Firefox
[03/02/2008|05:02] C:\Program Files\<DIR> Mp3 My Mp3 2.0
[09/25/2004|09:51] C:\Program Files\<DIR> mpegable
[02/22/2008|05:49] C:\Program Files\<DIR> MSBuild
[09/04/2004|11:11] C:\Program Files\<DIR> MSN
[09/04/2004|11:11] C:\Program Files\<DIR> MSN Gaming Zone
[09/27/2008|04:05] C:\Program Files\<DIR> MSN Messenger
[11/17/2006|01:27] C:\Program Files\<DIR> MSXML 4.0
[09/26/2004|01:56] C:\Program Files\<DIR> MUSICMATCH
[10/13/2007|02:39] C:\Program Files\<DIR> Nero
[09/04/2008|10:37] C:\Program Files\<DIR> NetMeeting
[09/04/2004|11:11] C:\Program Files\<DIR> Online Services
[09/04/2008|10:37] C:\Program Files\<DIR> Outlook Express
[12/05/2004|08:02] C:\Program Files\<DIR> Pinnacle
[09/13/2004|08:16] C:\Program Files\<DIR> PowerQuest
[02/01/2005|06:51] C:\Program Files\<DIR> Pure Networks
[11/22/2008|01:00] C:\Program Files\<DIR> QuickTime
[11/30/2006|06:19] C:\Program Files\<DIR> Real
[04/10/2005|02:53] C:\Program Files\<DIR> Real Alternative
[11/22/2008|12:49] C:\Program Files\<DIR> Safari
[09/20/2006|05:47] C:\Program Files\<DIR> Sibelius Software
[01/04/2005|06:19] C:\Program Files\<DIR> SmartFTP
[07/16/2007|10:15] C:\Program Files\<DIR> SmartFTP Client
[12/31/2004|02:15] C:\Program Files\<DIR> SmartSound Software
[09/04/2004|11:54] C:\Program Files\<DIR> Sonic
[09/27/2008|01:06] C:\Program Files\<DIR> StreamboxVcrSuite
[04/16/2005|01:04] C:\Program Files\<DIR> Symantec
[09/25/2004|09:18] C:\Program Files\<DIR> SymNetDrv
[10/01/2004|05:08] C:\Program Files\<DIR> The Playa
[11/22/2008|08:31] C:\Program Files\<DIR> Trend Micro
[09/26/2005|06:14] C:\Program Files\<DIR> Trillian
[07/06/2006|11:29] C:\Program Files\<DIR> TweakNow RegCleaner Std
[10/15/2004|08:51] C:\Program Files\<DIR> Uninstall Information
[05/30/2005|07:08] C:\Program Files\<DIR> VideoLAN
[11/30/2008|10:11] C:\Program Files\<DIR> Viewpoint
[12/15/2005|05:14] C:\Program Files\<DIR> VirtualDJ
[11/22/2008|06:25] C:\Program Files\<DIR> Webtools
[12/31/2004|02:14] C:\Program Files\<DIR> Windows Media Components
[09/04/2008|10:37] C:\Program Files\<DIR> Windows Media Player
[09/04/2008|10:37] C:\Program Files\<DIR> Windows NT
[09/25/2004|09:48] C:\Program Files\<DIR> WindowsUpdate
[09/04/2004|11:11] C:\Program Files\<DIR> XEROX
[08/01/2006|06:22] C:\Program Files\<DIR> Xilisoft
[10/01/2004|05:08] C:\Program Files\<DIR> XviD

--------------------\\ Listing Folders in C:\Program Files\Common Files

[03/22/2008|04:30] C:\Program Files\Common Files\<DIR> Adobe
[04/11/2008|01:21] C:\Program Files\Common Files\<DIR> AOL
[11/04/2004|06:02] C:\Program Files\Common Files\<DIR> aolback
[02/01/2005|06:51] C:\Program Files\Common Files\<DIR> AolCoach
[06/07/2005|09:38] C:\Program Files\Common Files\<DIR> aolshare
[11/22/2008|01:02] C:\Program Files\Common Files\<DIR> Apple
[04/07/2005|07:11] C:\Program Files\Common Files\<DIR> Designer
[09/25/2004|09:10] C:\Program Files\Common Files\<DIR> Funk Software
[12/05/2004|05:45] C:\Program Files\Common Files\<DIR> InstallShield
[09/04/2004|11:46] C:\Program Files\Common Files\<DIR> Java
[03/22/2008|04:42] C:\Program Files\Common Files\<DIR> Macrovision Shared
[08/23/2008|01:23] C:\Program Files\Common Files\<DIR> Microsoft Shared
[09/04/2004|11:11] C:\Program Files\Common Files\<DIR> MSSoap
[10/13/2007|02:42] C:\Program Files\Common Files\<DIR> Nero
[02/01/2005|06:38] C:\Program Files\Common Files\<DIR> NSV
[11/04/2004|06:01] C:\Program Files\Common Files\<DIR> Nullsoft
[09/04/2004|11:11] C:\Program Files\Common Files\<DIR> ODBC
[11/30/2006|06:20] C:\Program Files\Common Files\<DIR> Real
[09/04/2004|11:11] C:\Program Files\Common Files\<DIR> Services
[09/04/2004|11:54] C:\Program Files\Common Files\<DIR> Sonic
[09/04/2004|11:53] C:\Program Files\Common Files\<DIR> Sonic Shared
[09/04/2004|11:11] C:\Program Files\Common Files\<DIR> SpeechEngines
[10/07/2005|05:05] C:\Program Files\Common Files\<DIR> SunnComm Shared
[09/17/2004|06:33] C:\Program Files\Common Files\<DIR> SWF Studio
[04/16/2005|01:11] C:\Program Files\Common Files\<DIR> Symantec Shared
[09/04/2008|10:37] C:\Program Files\Common Files\<DIR> System
[12/31/2004|02:14] C:\Program Files\Common Files\<DIR> Ulead Systems
[10/30/2004|03:56] C:\Program Files\Common Files\<DIR> updater
[03/02/2005|06:32] C:\Program Files\Common Files\<DIR> Vbox
[08/21/2008|04:01] C:\Program Files\Common Files\<DIR> Wise Installation Wizard
[11/30/2006|06:20] C:\Program Files\Common Files\<DIR> xing shared

--------------------\\ Process

( 68 Processes )

... OK !

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

No Lop folder found !

--------------------\\ Searching within the Registry

..... OK !

--------------------\\ Checking the Hosts file

Hosts file CLEAN


--------------------\\ Searching for hidden files with Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-30 10:13:07
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Searching for other infections

C:\WINDOWS\Tasks\At25.job
C:\WINDOWS\Tasks\At26.job
C:\WINDOWS\Tasks\At27.job
C:\WINDOWS\Tasks\At28.job
C:\WINDOWS\Tasks\At29.job
C:\WINDOWS\Tasks\At30.job
C:\WINDOWS\Tasks\At31.job
C:\WINDOWS\Tasks\At32.job
C:\WINDOWS\Tasks\At33.job
C:\WINDOWS\Tasks\At34.job
C:\WINDOWS\Tasks\At35.job
C:\WINDOWS\Tasks\At36.job
C:\WINDOWS\Tasks\At37.job
C:\WINDOWS\Tasks\At38.job
C:\WINDOWS\Tasks\At39.job
C:\WINDOWS\Tasks\At40.job
C:\WINDOWS\Tasks\At41.job
C:\WINDOWS\Tasks\At42.job
C:\WINDOWS\Tasks\At43.job
C:\WINDOWS\Tasks\At44.job
C:\WINDOWS\Tasks\At45.job
C:\WINDOWS\Tasks\At46.job
C:\WINDOWS\Tasks\At47.job
C:\WINDOWS\Tasks\At48.job

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\JONATH~1\Favorites\Welcome to CRACKS.AM software security site!.url
C:\DOCUME~1\JONATH~1\My Documents\Adobe Acrobat Pro\crack.bat
C:\DOCUME~1\JONATH~1\Recent\keygen.lnk


[F:7][D:3]-> C:\DOCUME~1\JONATH~1\LOCALS~1\Temp
[F:658][D:0]-> C:\DOCUME~1\JONATH~1\Cookies
[F:11][D:3]-> C:\DOCUME~1\JONATH~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - Sat 11/29/2008|13:08 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - Sun 11/30/2008|10:14 - Option : [3]

--------------------\\ Scan completed at 10:14:59

[Shaba]

Looks like your Adobe Acrobat isn't legit.

Please uninstall it and post back a fresh uninstall list.

[kf3ig]

Hi I can't do this until Friday as my comp is at home while I'm at school. Thanks for your understanding.

[Shaba]

Thank for informing me

[kf3ig]

HI I've uninstalled the program but I'm unsure of what log you are speaking of. Can you please clarify what I exactly do after I uninstall the program?

Thanks