hello;
Ok i did every step now here it is
#1
RSIT
log file
Logfile of random's system information tool 1.04 (written by random/random)
Run by Owner at 2008-11-20 20:24:14
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 40 GB (75%) free of 53 GB
Total RAM: 478 MB (35% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:24:19 PM, on 11/20/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\McAfee\McAfee AntiSpyware\Msssrv.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\McAfee\McAfee AntiSpyware\MssCli.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\BigFix\BigFix.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Owner.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.gateway.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.gatewaybiz.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.gatewaybiz.comR1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://www.gatewaybiz.com/R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [Reminder] C:\Windows\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [_AntiSpyware] C:\Program Files\McAfee\McAfee AntiSpyware\MssCli.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: McAfee AntiSpyware Real-Time Scanner (McAfeeAntiSpyware) - Network Associates, Inc. - C:\Program Files\McAfee\McAfee AntiSpyware\Msssrv.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
--
End of file - 4770 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\ISP signup reminder 2.job
C:\WINDOWS\tasks\ISP signup reminder 3.job
C:\WINDOWS\tasks\McAfee AntiSpyware.job
C:\WINDOWS\tasks\McAfee.com Update Check (NEGASH-Owner).job
C:\WINDOWS\tasks\McAfee.com Update Check (YOUR-C1B6BA4D46-Owner).job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-05-15 50376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4982D40A-C53B-4615-B15B-B5B5E98D167C} - AOL Toolbar - C:\Program Files\AOL Toolbar\toolbar.dll [2004-03-22 390256]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Reminder"=C:\Windows\Creator\Remind_XP.exe [2005-03-15 966656]
"Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2002-09-13 212992]
"AOL Spyware Protection"=C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe [2004-03-19 78960]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-08-12 102400]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-08-12 684032]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-10-27 98304]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2004-08-20 155648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2004-08-20 118784]
"MCAgentExe"=c:\PROGRA~1\mcafee.com\agent\mcagent.exe [2004-08-17 245760]
"MCUpdateExe"=C:\PROGRA~1\mcafee.com\agent\mcupdate.exe [2004-10-02 184320]
"_AntiSpyware"=C:\Program Files\McAfee\McAfee AntiSpyware\MssCli.exe [2004-10-19 114688]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2003-10-31 32768]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2008-10-22 399504]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
BigFix.lnk - C:\Program Files\BigFix\BigFix.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2004-08-20 344064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{F2A0229A-C4CA-4789-B606-973D24DCDD1C}"=C:\Program Files\McAfee\McAfee AntiSpyware\MssShell.dll [2004-10-19 86016]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL"
======List of files/folders created in the last 1 months======
2008-11-20 20:24:13 ----D---- C:\rsit
2008-11-16 15:46:33 ----D---- C:\Program Files\Trend Micro
2008-11-03 13:54:39 ----A---- C:\WINDOWS\system32\LuResult.txt
2008-11-03 13:30:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-11-03 13:30:13 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-11-03 13:30:01 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-11-03 13:29:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-11-03 13:29:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-11-03 13:29:30 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-11-03 13:29:19 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-11-03 13:29:06 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-11-03 13:28:54 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-11-03 13:28:33 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-11-03 13:28:20 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-11-03 13:27:49 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-11-03 13:27:36 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-11-03 13:27:20 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2008-11-03 13:26:33 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-11-03 13:26:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-11-03 13:25:54 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-11-03 13:22:11 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-11-03 13:21:35 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-11-03 13:21:19 ----D---- C:\Program Files\MSXML 4.0
2008-11-03 13:20:58 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2008-11-03 13:20:32 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP10$
2008-10-30 03:09:23 ----D---- C:\WINDOWS\system32\CatRoot_bak
2008-10-30 03:00:28 ----D---- C:\WINDOWS\system32\PreInstall
2008-10-30 03:00:27 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-10-30 03:00:27 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-10-30 03:00:25 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-10-30 03:00:25 ----HD---- C:\WINDOWS\$hf_mig$
2008-10-29 01:53:04 ----D---- C:\Documents and Settings\Owner\Application Data\Adobe
2008-10-29 01:40:26 ----A---- C:\WINDOWS\NeroDigital.ini
2008-10-29 01:40:12 ----A---- C:\WINDOWS\ModemLog_Conexant SoftK56 Data Fax Modem.txt
2008-10-29 01:07:48 ----D---- C:\Documents and Settings\Owner\Application Data\Apple Computer
2008-10-29 01:06:23 ----D---- C:\Program Files\Bonjour
2008-10-29 01:06:09 ----D---- C:\Program Files\Apple Software Update
2008-10-29 01:06:09 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2008-10-29 00:58:35 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-10-27 17:50:48 ----A---- C:\WINDOWS\system32\igfxres.dll
2008-10-27 16:50:15 ----D---- C:\Documents and Settings\Owner\Application Data\Malwarebytes
2008-10-27 16:50:09 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-27 16:50:09 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-27 16:49:10 ----D---- C:\Documents and Settings\Owner\Application Data\Macromedia
2008-10-27 16:39:41 ----SHD---- C:\RECYCLER
2008-10-27 16:38:35 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2008-10-27 16:38:29 ----D---- C:\Program Files\CyberLink
2008-10-27 16:38:17 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2008-10-27 16:38:16 ----D---- C:\Program Files\McAfee
2008-10-27 16:38:16 ----D---- C:\Program Files\Common Files\McAfee
2008-10-27 16:38:16 ----D---- C:\Documents and Settings\Owner\Application Data\McAfee
2008-10-27 16:37:58 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee.com
2008-10-27 16:37:47 ----D---- C:\Program Files\McAfee.com
2008-10-27 16:37:47 ----A---- C:\WINDOWS\system32\mcinsctl.dll
2008-10-27 16:37:47 ----A---- C:\WINDOWS\system32\mcgdmgr.dll
2008-10-27 16:37:33 ----A---- C:\WINDOWS\system32\wmpns.dll
2008-10-27 16:36:08 ----D---- C:\WINDOWS\RegisteredPackages
2008-10-27 16:35:53 ----D---- C:\Program Files\Gateway
2008-10-27 16:35:01 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-10-27 16:34:56 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-27 16:34:56 ----D---- C:\Program Files\Analog Devices
2008-10-27 16:34:56 ----A---- C:\WINDOWS\system32\DSndUp.exe
2008-10-27 16:34:56 ----A---- C:\WINDOWS\system32\CleanUp.exe
2008-10-27 16:34:04 ----D---- C:\Documents and Settings\Owner\Application Data\SampleView
2008-10-27 16:33:29 ----A---- C:\WINDOWS\system32\Marker32.exe
2008-10-27 16:33:21 ----A---- C:\WINDOWS\wallpg.exe
2008-10-27 16:33:13 ----A---- C:\WINDOWS\POWERCFG.EXE
2008-10-27 16:30:39 ----D---- C:\Program Files\Microsoft Picture It! 9
2008-10-27 16:30:04 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-10-27 16:29:57 ----A---- C:\WINDOWS\system32\SynTPFcs.dll
2008-10-27 16:29:57 ----A---- C:\WINDOWS\system32\SynTPCoI.dll
2008-10-27 16:29:57 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
2008-10-27 16:29:57 ----A---- C:\WINDOWS\system32\SynCtrl.dll
2008-10-27 16:29:57 ----A---- C:\WINDOWS\system32\SynCOM.dll
2008-10-27 16:29:56 ----D---- C:\Program Files\Synaptics
2008-10-27 16:29:54 ----D---- C:\Program Files\Common Files\InstallShield
2008-10-27 16:29:39 ----D---- C:\Program Files\BigFix
2008-10-27 16:29:39 ----A---- C:\WINDOWS\BigFixClientOverride.dll
2008-10-27 16:29:22 ----N---- C:\WINDOWS\UNNeroBurnRights.exe
2008-10-27 16:29:22 ----A---- C:\WINDOWS\system32\NeroCo.dll
2008-10-27 16:28:37 ----A---- C:\WINDOWS\system32\TwnLib20.dll
2008-10-27 16:28:36 ----A---- C:\WINDOWS\system32\picn20.dll
2008-10-27 16:28:36 ----A---- C:\WINDOWS\system32\ImagXpr5.dll
2008-10-27 16:28:36 ----A---- C:\WINDOWS\system32\imagx5.dll
2008-10-27 16:28:36 ----A---- C:\WINDOWS\system32\imagr5.dll
2008-10-27 16:28:35 ----D---- C:\Program Files\Common Files\Ahead
2008-10-27 16:28:35 ----A---- C:\WINDOWS\system32\NeroCheck.exe
2008-10-27 16:28:32 ----D---- C:\Program Files\Ahead
2008-10-27 16:28:24 ----D---- C:\Documents and Settings\All Users\Application Data\Pure Networks
2008-10-27 16:28:23 ----A---- C:\WINDOWS\unvise32qt.exe
2008-10-27 16:28:20 ----D---- C:\Program Files\AOL Companion
2008-10-27 16:28:13 ----A---- C:\WINDOWS\system32\vbar332.dll
2008-10-27 16:28:13 ----A---- C:\WINDOWS\system32\SimpleRegistry.dll
2008-10-27 16:28:13 ----A---- C:\WINDOWS\system32\Msstdfmt.dll
2008-10-27 16:28:13 ----A---- C:\WINDOWS\system32\aamd532.dll
2008-10-27 16:28:11 ----D---- C:\Program Files\Pure Networks
2008-10-27 16:28:11 ----D---- C:\Program Files\Learn2.com
2008-10-27 16:28:10 ----D---- C:\WINDOWS\occache
2008-10-27 16:28:09 ----D---- C:\Program Files\Viewpoint
2008-10-27 16:28:09 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-10-27 16:28:06 ----A---- C:\WINDOWS\system32\shdocvw.bak
2008-10-27 16:28:00 ----D---- C:\Program Files\AOL Toolbar
2008-10-27 16:26:09 ----D---- C:\WINDOWS\system32\QuickTime
2008-10-27 16:26:09 ----D---- C:\Program Files\QuickTime
2008-10-27 16:26:09 ----D---- C:\Documents and Settings\All Users\Application Data\QuickTime
2008-10-27 16:26:04 ----D---- C:\Program Files\Common Files\Nullsoft
2008-10-27 16:25:54 ----D---- C:\My Music
2008-10-27 16:25:51 ----D---- C:\Program Files\Real
2008-10-27 16:25:51 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2008-10-27 16:25:51 ----A---- C:\WINDOWS\system32\pndx5032.dll
2008-10-27 16:25:51 ----A---- C:\WINDOWS\system32\pndx5016.dll
2008-10-27 16:25:50 ----D---- C:\Program Files\Common Files\Real
2008-10-27 16:25:50 ----A---- C:\WINDOWS\system32\pncrt.dll
2008-10-27 16:25:18 ----A---- C:\WINDOWS\system32\jgdwmie.dll
2008-10-27 16:25:14 ----A---- C:\WINDOWS\system32\roboex32.dll
2008-10-27 16:25:14 ----A---- C:\WINDOWS\system32\Inetwh32.dll
2008-10-27 16:24:51 ----A---- C:\WINDOWS\system32\AOLDial.dll
2008-10-27 16:24:48 ----D---- C:\Program Files\Common Files\aolshare
2008-10-27 16:24:45 ----D---- C:\Program Files\America Online 9.0
2008-10-27 16:24:45 ----D---- C:\Documents and Settings\All Users\Application Data\AOL
2008-10-27 16:22:34 ----D---- C:\Program Files\Common Files\AOL
2008-10-27 16:21:57 ----D---- C:\Program Files\Microsoft Money
2008-10-27 16:21:42 ----D---- C:\Program Files\MSN Encarta Plus
2008-10-27 16:21:30 ----A---- C:\WINDOWS\system32\javaw.exe
2008-10-27 16:21:30 ----A---- C:\WINDOWS\system32\java.exe
2008-10-27 16:21:16 ----D---- C:\Program Files\Java
2008-10-27 16:21:15 ----D---- C:\Program Files\Common Files\Java
2008-10-27 16:20:55 ----RA---- C:\WINDOWS\system32\PUBOLE32.DLL
2008-10-27 16:20:55 ----RA---- C:\WINDOWS\system32\PCDLIB32.DLL
2008-10-27 16:20:55 ----RA---- C:\WINDOWS\system32\ochlp30e.dll
2008-10-27 16:20:55 ----RA---- C:\WINDOWS\system32\msvcr70.dll
2008-10-27 16:20:55 ----RA---- C:\WINDOWS\system32\msvcp70.dll
2008-10-27 16:20:55 ----RA---- C:\WINDOWS\system32\msvci70.dll
2008-10-27 16:20:55 ----RA---- C:\WINDOWS\system32\msls2.dll
2008-10-27 16:20:55 ----RA---- C:\WINDOWS\system32\mfcuia32.dll
2008-10-27 16:20:55 ----RA---- C:\WINDOWS\system32\mfcans32.dll
2008-10-27 16:20:55 ----A---- C:\WINDOWS\system32\msxml4r.dll
2008-10-27 16:20:53 ----RA---- C:\WINDOWS\system32\Ltwvc11n.dll
2008-10-27 16:20:53 ----RA---- C:\WINDOWS\system32\ltfil11n.DLL
2008-10-27 16:20:53 ----A---- C:\WINDOWS\system32\LTKRN11N.DLL
2008-10-27 16:20:53 ----A---- C:\WINDOWS\system32\LTIMG11N.DLL
2008-10-27 16:20:53 ----A---- C:\WINDOWS\system32\LTDIS11n.dll
2008-10-27 16:20:52 ----RA---- C:\WINDOWS\system32\Lfpng11n.dll
2008-10-27 16:20:52 ----RA---- C:\WINDOWS\system32\lfgif11n.dll
2008-10-27 16:20:52 ----RA---- C:\WINDOWS\system32\hlp95en.dll
2008-10-27 16:20:52 ----A---- C:\WINDOWS\system32\LFWMF11N.DLL
2008-10-27 16:20:52 ----A---- C:\WINDOWS\system32\LFTIF11N.DLL
2008-10-27 16:20:52 ----A---- C:\WINDOWS\system32\LFTGA11N.DLL
2008-10-27 16:20:52 ----A---- C:\WINDOWS\system32\LFPSD11N.DLL
2008-10-27 16:20:52 ----A---- C:\WINDOWS\system32\LFPCX11N.DLL
2008-10-27 16:20:52 ----A---- C:\WINDOWS\system32\LFPCD11N.DLL
2008-10-27 16:20:52 ----A---- C:\WINDOWS\system32\LFFAX11N.DLL
2008-10-27 16:20:52 ----A---- C:\WINDOWS\system32\LFEPS11N.DLL
2008-10-27 16:20:52 ----A---- C:\WINDOWS\system32\LFCMP11n.DLL
2008-10-27 16:20:52 ----A---- C:\WINDOWS\system32\LFBMP11N.DLL
2008-10-27 16:20:11 ----D---- C:\Program Files\Microsoft Works
2008-10-27 16:20:11 ----D---- C:\Program Files\Microsoft Office
2008-10-27 16:20:05 ----D---- C:\Documents and Settings\All Users\Application Data\Prism Deploy
2008-10-27 16:20:03 ----D---- C:\Program Files\Common Files\New Boundary
2008-10-27 16:15:23 ----A---- C:\WINDOWS\system32\capicom.dll
2008-10-27 16:15:21 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2008-10-27 16:14:14 ----RSD---- C:\WINDOWS\assembly
2008-10-27 16:14:14 ----D---- C:\WINDOWS\Microsoft.NET
2008-10-27 16:14:13 ----D---- C:\WINDOWS\system32\URTTemp
2008-10-27 16:12:13 ----D---- C:\Program Files\CONEXANT
2008-10-27 16:12:03 ----A---- C:\WINDOWS\system32\hccoin.dll
2008-10-27 16:09:06 ----SHD---- C:\System Volume Information
2008-10-27 15:54:07 ----D---- C:\WINDOWS\creator
2008-10-27 15:53:54 ----A---- C:\WINDOWS\system32\mdmxsdk.dll
2008-10-27 15:53:54 ----A---- C:\WINDOWS\system32\HSFCI007.dll
2008-10-27 15:53:53 ----D---- C:\WINDOWS\SMINST
2008-10-27 15:53:05 ----RD---- C:\Program Files
2008-10-27 15:52:23 ----RD---- C:\WINDOWS\Offline Web Pages
2008-10-27 15:48:22 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-27 15:46:40 ----D---- C:\My Backup -- 27-10-08 1346
======List of files/folders modified in the last 1 months======
2008-11-20 20:24:15 ----D---- C:\WINDOWS\Prefetch
2008-11-20 20:05:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-20 19:40:39 ----D---- C:\WINDOWS\WinSxS
2008-11-20 19:40:21 ----SHD---- C:\WINDOWS\Installer
2008-11-20 19:37:13 ----D---- C:\WINDOWS\system32\drivers
2008-11-20 19:21:25 ----A---- C:\WINDOWS\win.ini
2008-11-20 19:06:30 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-20 18:58:00 ----SD---- C:\WINDOWS\Tasks
2008-11-16 16:04:59 ----HD---- C:\WINDOWS\inf
2008-11-15 19:00:39 ----D---- C:\WINDOWS\Temp
2008-11-03 14:11:59 ----D---- C:\Program Files\Common Files
2008-11-03 13:57:26 ----D---- C:\WINDOWS
2008-11-03 13:56:30 ----D---- C:\WINDOWS\system32
2008-11-03 13:30:18 ----A---- C:\WINDOWS\imsins.BAK
2008-11-03 13:30:05 ----D---- C:\Program Files\Messenger
2008-11-03 13:24:45 ----D---- C:\WINDOWS\Registration
2008-11-03 13:24:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-03 13:23:47 ----D---- C:\Program Files\Internet Explorer
2008-10-30 03:32:16 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-30 03:09:23 ----D---- C:\WINDOWS\Debug
2008-10-29 01:41:00 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-10-29 01:00:00 ----A---- C:\WINDOWS\setuplog.txt
2008-10-29 00:58:54 ----D---- C:\WINDOWS\SoftwareDistribution
2008-10-29 00:58:54 ----D---- C:\WINDOWS\Help
2008-10-27 17:48:10 ----A---- C:\WINDOWS\OEWABLog.txt
2008-10-27 17:47:21 ----RASH---- C:\boot.ini
2008-10-27 17:34:19 ----D---- C:\WINDOWS\security
2008-10-27 16:49:43 ----SD---- C:\Documents and Settings\Owner\Application Data\Microsoft
2008-10-27 16:39:47 ----D---- C:\WINDOWS\OPTIONS
2008-10-27 16:39:20 ----D---- C:\WINDOWS\system32\Restore
2008-10-27 16:39:16 ----D---- C:\WINDOWS\I386
2008-10-27 16:38:58 ----A---- C:\WINDOWS\system32\oeminfo.ini
2008-10-27 16:38:58 ----A---- C:\WINDOWS\system32\emver.ini
2008-10-27 16:37:41 ----D---- C:\Program Files\Windows Media Player
2008-10-27 16:33:21 ----D---- C:\Documents and Settings
2008-10-27 16:32:50 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-10-27 16:29:27 ----D---- C:\WINDOWS\system32\oobe
2008-10-27 16:20:56 ----RSD---- C:\WINDOWS\Fonts
2008-10-27 16:20:06 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-10-27 16:14:26 ----D---- C:\WINDOWS\system32\mui
2008-10-27 16:09:45 ----A---- C:\WINDOWS\system.ini
2008-10-27 15:56:45 ----D---- C:\WINDOWS\repair
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 36096]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 BCM43XX;BCM 802.11b Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2004-06-26 341760]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2003-09-26 44032]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2003-10-14 1043072]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2003-10-14 197120]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-08-20 737874]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2004-09-01 259648]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-08-12 185664]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2004-07-13 67968]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2003-10-14 679808]
S1 P3;Intel PentiumIII Processor Driver; C:\WINDOWS\system32\DRIVERS\p3.sys [2004-08-04 42496]
S3 mxnic;Macronix MX987xx Family Fast Ethernet NT Driver; C:\WINDOWS\system32\DRIVERS\mxnic.sys [2001-08-17 19968]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe [2004-04-07 1135728]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
R2 McAfeeAntiSpyware;McAfee AntiSpyware Real-Time Scanner; C:\Program Files\McAfee\McAfee AntiSpyware\Msssrv.exe [2004-10-19 90112]
R2 PrismXL;PrismXL; C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS [2008-10-27 172032]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 mcupdmgr.exe;McAfee SecurityCenter Update Manager; C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe [2004-08-16 249856]
-----------------EOF-----------------
Info file
info.txt logfile of random's system information tool 1.04 2008-11-20 20:24:20
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 6.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-000000000001}
America Online (Choose which version to remove)-->C:\Program Files\Common Files\aolshare\Aolunins_us.exe
AOL Coach Version 1.0(Build:20040229.1 en)-->C:\Program Files\Common Files\aolshare\Coach\AolCInUn.exe
AOL Connectivity Services-->C:\PROGRA~1\COMMON~1\AOL\ACS\AcsUninstall.exe /c
AOL Spyware Protection-->C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\UNWISE.EXE C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\INSTALL.LOG
AOL Toolbar-->"C:\Program Files\AOL Toolbar\UNWISE.EXE" /u "C:\Program Files\AOL Toolbar\INSTALL.LOG"
AOL You've Got Pictures Screensaver-->C:\Program Files\Common Files\AOL\Screensaver\uninst_ygpss.exe
Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
BigFix-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\BigFix\Uninst.isu" -c"C:\Program Files\BigFix\Lib\UninstallHelper.dll"
Bonjour-->MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Intel(R) Extreme Graphics 2 Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_3582
Java 2 Runtime Environment, SE v1.4.2-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142000}
Learn2 Player (Uninstall Only)-->C:\Program Files\Learn2.com\StRunner\stuninst.exe
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
McAfee AntiSpyware-->MsiExec.exe /I{F39A74A0-FAE2-401C-AED1-1C941AA28EA8}
McAfee SecurityCenter-->c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /uninstall=1 /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\screm.ui::uninstall.htm
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Money 2004 System Pack-->MsiExec.exe /I{8C64E145-54BA-11D6-91B1-00500462BE80}
Microsoft Money 2004-->MsiExec.exe /I{1D643CD7-4DD6-11D7-A4E0-000874180BB3}
Microsoft Picture It! Photo Premium 9-->C:\WINDOWS\system32\msiexec.exe /i {DBA8B9E1-C6FF-4624-9598-73D3B41A0903}
Microsoft Works-->MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
Nero BurnRights-->C:\WINDOWS\UNNeroBurnRights.exe /UNINSTALL
Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
Pure Networks Port Magic-->C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe -Uninstall -ShowUI
QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
RealPlayer Basic-->C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
SoftK56 Data Fax Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24C6&SUBSYS_2030161F\HXFSETUP.EXE -U -Iask20305.inf
SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x9 -removeonly
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Windows Backup Utility-->MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0d06
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
-----------------EOF-----------------
#2
Malaware file
Malwarebytes' Anti-Malware 1.30
Database version: 1414
Windows 5.1.2600 Service Pack 2
11/20/2008 8:22:38 PM
mbam-log-2008-11-20 (20-22-38).txt
Scan type: Full Scan (C:\|D:\|E:\|)
Objects scanned: 112065
Time elapsed: 34 minute(s), 4 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 18
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{549b5ca7-4a86-11d7-a4df-000874180bb3} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{549b5ca7-4a86-11d7-a4df-000874180bb3} (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\My Backup -- 27-10-08 1346\Documents and Settings\Owner\~.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\My Backup -- 27-10-08 1346\Documents and Settings\Owner\Application Data\Facegame\Facegame.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\My Backup -- 27-10-08 1346\Documents and Settings\Owner\Local Settings\Temp\3nick568.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\My Backup -- 27-10-08 1346\Documents and Settings\Owner\Local Settings\Temp\TDSS5384.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\My Backup -- 27-10-08 1346\Documents and Settings\Owner\Local Settings\Temp\s298 (Adware.Agent) -> Quarantined and deleted successfully.
C:\My Backup -- 27-10-08 1346\Documents and Settings\Owner\Local Settings\Temp\s2kg (Adware.Agent) -> Quarantined and deleted successfully.
C:\My Backup -- 27-10-08 1346\Documents and Settings\Owner\Local Settings\Temp\mmmatt.exe (Spyware.Banker) -> Quarantined and deleted successfully.
C:\My Backup -- 27-10-08 1346\Program Files\iCheck\iCheck.exe (Adware.ISM) -> Quarantined and deleted successfully.
C:\My Backup -- 27-10-08 1346\WINDOWS\system32\g27.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\My Backup -- 27-10-08 1346\WINDOWS\system32\awtrQJCV.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\My Backup -- 27-10-08 1346\WINDOWS\system32\getsn32.dll (Adware.BHO) -> Quarantined and deleted successfully.
C:\My Backup -- 27-10-08 1346\WINDOWS\system32\msansspc.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\My Backup -- 27-10-08 1346\WINDOWS\system32\smwin32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\My Backup -- 27-10-08 1346\WINDOWS\system32\TDSSshkx.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\My Backup -- 27-10-08 1346\WINDOWS\system32\uesiuqcr.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\My Backup -- 27-10-08 1346\WINDOWS\system32\wpv583.cpx (Adware.ISM) -> Quarantined and deleted successfully.
C:\My Backup -- 27-10-08 1346\WINDOWS\system32\yaywwTnn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\My Backup -- 27-10-08 1346\WINDOWS\system32\{9d8dbc83-57dd-26af-62f9-96a43911c332}.dll-uninst.exe (Adware.Vapsup) -> Quarantined and deleted successfully.
I hope everything is in order and correct. thank you