Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Hijackthis log, obviously

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Unread postby Shekb » October 15th, 2007, 4:46 pm

I guess it can't be too bad then :P
Right :cry:
Shekb
Regular Member
 
Posts: 62
Joined: October 2nd, 2007, 5:51 pm
Advertisement
Register to Remove

Unread postby Rogue » October 15th, 2007, 9:09 pm

Hi Shekb,

Thanks goes to sUBs on this.
It's either game related (Securom 7.x games) but most likely CD Emulation or burning software. Probably Alcohol 120, Daemon tools or another that you have. I did notice refernces to Alcohol 120 in some logs.

ttp://en.wikipedia.org/wiki/Daemon_Tools
Some software publishers go to great lengths to try to disable or frustrate Daemon Tools. For example, some games will check to see if the driver for Daemon Tools is loaded, and if so will take some action, such as uninstalling the toolset altogether. New releases of Daemon Tools take various measures to ensure the functionality of the application. For example, revision 4.06 randomizes the name of the virtual driver installed by the software.

In latest versions Daemon Tools uses a rootkit technology to hide from other applications and operating system itself. It often leads to false reports by antivirus or anti-rootkit software.

I don't see those two applications in your uninstall list. So have you had those installed and then removed them recently or a Securom game?

I can remove the driver and registry entries for Daemon Tools/Alcohol120 if you wish


Rogue
User avatar
Rogue
MRU Teacher Emeritus
 
Posts: 4782
Joined: November 3rd, 2005, 3:21 pm
Location: Salt Lake City, Utah

Unread postby Shekb » October 15th, 2007, 10:52 pm

I don't use Alcohol 120% anymore
And I don't remember ever hearing about Daemon tools on my computer......
So, sure :P
Shekb
Regular Member
 
Posts: 62
Joined: October 2nd, 2007, 5:51 pm

Unread postby Rogue » October 16th, 2007, 3:40 pm

Hi Shekb,

Open Notepad and copy/paste the text in the quotebox below into it:
File::
C:\windows\System32\dmserver.dll
C:\windows\System32\Drivers\sptd.sys

Folder::
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120

Driver::
dmserver
sptd
StarWindServiceAE

Save this as CFScript.txt
Then drag the CFScript.txt into ComboFix.exe as you see in the screenshot below.
Image
*=========================*

Rogue
User avatar
Rogue
MRU Teacher Emeritus
 
Posts: 4782
Joined: November 3rd, 2005, 3:21 pm
Location: Salt Lake City, Utah

Unread postby Shekb » October 16th, 2007, 5:04 pm

ComboFix 07-10-11.1 - Sr 2007-10-16 16:48:05.6 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.26 [GMT -4:00]
Running from: C:\Documents and Settings\Sr\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Sr\Desktop\CFScript.txt
* Created a new restore point

FILE::
C:\windows\System32\dmserver.dll
C:\windows\System32\Drivers\sptd.sys
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Alcohol.exe
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\alcoholx.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\AxCmd.exe
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\AXShlEx.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\AxType.ini
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\cryptapi.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\DevSupp.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Help\ax_enu.chm
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_AR.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_BUL.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_CAT.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_Chs.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_Cht.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_CZ.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_DA.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_ES.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_FI.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_FR.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_GE.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_GR.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_HR.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_IT.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_JPN.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_KR.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_MK.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_NL.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_NO.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_PL.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_PT.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_PT_BR.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_RU.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_SK.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_SLV.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_SR.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_SV.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_TR.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Langs\AX_UA.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\pfctoc.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Plugins\AxSWind.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Plugins\dpm.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Plugins\Images\bw5mount.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Plugins\Images\bwtmount.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Plugins\Images\ccdmount.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Plugins\Images\cuemount.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Plugins\Images\iszmount.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Plugins\Images\nrgmount.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Plugins\Images\pdimount.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\Plugins\Images\pfcmount.dll
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\config.xsd
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\license.txt
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070822-115747.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070822-152929.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070822-224857.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070822-233828.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070823-092435.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070823-122048.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070823-170800.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070823-222716.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070824-084148.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070824-091053.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070824-092434.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070824-162425.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070824-211337.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070825-093327.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070825-155310.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070825-184501.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070825-213209.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070826-101445.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070826-210841.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070827-082624.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070828-084115.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070828-175120.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070829-073242.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070829-163853.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070829-223701.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070830-070603.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070830-163849.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070830-220751.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070831-072045.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070831-163655.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070831-210623.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070831-230040.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070831-230902.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070901-073237.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070901-075244.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070901-215413.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070902-074449.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070903-075435.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070903-173236.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070904-070634.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070904-163630.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070904-174118.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070904-180027.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070904-180642.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070905-070849.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070905-163751.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070905-180651.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070905-223332.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070906-071245.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070906-163543.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070907-070159.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070907-163350.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070907-221950.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070908-082720.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070908-103850.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070908-220541.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070909-085337.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070909-165238.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070910-070535.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070910-163413.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070910-223307.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070911-064804.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070911-163443.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070911-214318.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070912-070307.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070912-163740.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070912-222953.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070913-070323.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070913-163648.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070913-173812.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070914-070631.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070915-115352.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070915-133905.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070915-210308.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070916-081204.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070916-165905.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070917-070256.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070917-163354.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070917-185052.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070918-072041.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070918-163456.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070918-213413.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070919-070042.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070919-163633.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070919-223955.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070920-061759.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070920-163641.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070921-063655.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070921-165041.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070922-072902.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070922-224212.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070923-075956.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070923-171823.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070924-065237.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070924-163700.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070924-224033.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070925-065845.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070925-163533.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070925-222249.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070926-065859.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070926-073423.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070926-163630.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070926-223240.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070927-064547.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070927-163541.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070927-221125.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070928-065824.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070928-164230.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070929-073639.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070929-104939.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070929-165758.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070930-100152.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20070930-225328.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071001-070402.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071001-073249.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071001-163445.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071001-223158.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071002-070906.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071002-163742.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071003-065942.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071003-163454.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071003-223224.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071004-070333.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071004-163753.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071004-223046.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071005-085455.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071005-215353.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071006-092922.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071006-170027.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071007-085621.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071007-145101.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071007-192100.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071007-193318.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071008-071335.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071009-070509.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071009-163912.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071009-165036.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071009-221644.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071010-070024.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071010-073159.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071010-163526.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071010-223824.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071011-070122.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071011-163557.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071011-224729.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071011-231443.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071012-070655.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071012-215322.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071013-080535.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071013-082335.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071013-120426.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071014-070216.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071014-072430.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071014-124212.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071014-141640.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071014-145156.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071015-070902.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071015-163916.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071015-223926.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071016-071001.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\logs\sw_ae-20071016-163823.log
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\StarWindLite.cfg
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\StarWindServiceAE.pdb
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\uninst.exe
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\zlib1.dll
C:\windows\System32\dmserver.dll
C:\windows\System32\Drivers\sptd.sys

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_DMSERVER
-------\LEGACY_SPTD
-------\LEGACY_STARWINDSERVICEAE
-------\dmserver
-------\sptd
-------\StarWindServiceAE


((((((((((((((((((((((((( Files Created from 2007-09-16 to 2007-10-16 )))))))))))))))))))))))))))))))
.

2007-10-14 07:33 <DIR> d-------- C:\Program Files\EsetOnlineScanner
2007-10-13 12:20 236,534 --a--c--- C:\qoobox.zip
2007-10-10 22:55 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-10 07:08 582,656 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2007-10-07 11:25 <DIR> d-------- C:\Program Files\Common Files\Java
2007-10-06 19:17 <DIR> d-------- C:\Program Files\Incomplete
2007-10-02 17:35 <DIR> d-------- C:\Program Files\Trend Micro
2007-09-30 22:10 <DIR> d-------- C:\Program Files\RegCleaner
2007-09-28 19:48 <DIR> d-------- C:\Documents and Settings\Sr\Incomplete
2007-09-28 19:43 <DIR> d-------- C:\Documents and Settings\Sr\.limewire
2007-09-26 16:46 <DIR> d-------- C:\Documents and Settings\Sr\Application Data\Thunderbird
2007-09-26 16:45 <DIR> d-------- C:\Program Files\Mozilla Thunderbird
2007-09-17 18:39 <DIR> d-------- C:\WINDOWS\pss
2007-09-16 17:18 <DIR> d-------- C:\Program Files\Common Files\xing shared

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-16 20:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2007-10-16 03:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-10-15 21:40 --------- dc----w C:\Documents and Settings\All Users\Application Data\avg7
2007-10-07 23:29 --------- d-----w C:\Program Files\Windows Live
2007-10-07 15:27 --------- d-----w C:\Program Files\Java
2007-10-06 23:40 --------- d-----w C:\Program Files\LimeWire
2007-10-06 23:26 --------- d-----w C:\Documents and Settings\Sr\Application Data\AVG7
2007-10-06 14:19 --------- d-----w C:\Program Files\Microsoft Silverlight
2007-09-29 02:28 --------- d-----w C:\Program Files\Dobermann
2007-09-16 21:18 --------- d-----w C:\Program Files\Common Files\Real
2007-09-13 21:37 --------- d-----w C:\Program Files\Windows Desktop Search
2007-09-05 21:42 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2007-09-05 21:32 --------- d-----w C:\Program Files\Windows Live Toolbar
2007-09-04 02:28 --------- d-----w C:\Program Files\Windows Media Bonus Pack for Windows XP
2007-09-03 23:47 --------- d-----w C:\Program Files\Windows Defender
2007-08-23 14:04 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2007-08-23 14:04 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
2007-08-23 04:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-08-23 03:52 --------- d-----w C:\Program Files\Lavasoft
2007-08-23 03:49 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-08-21 22:29 --------- d-----w C:\Documents and Settings\Sr\Application Data\Grisoft
2007-08-21 22:21 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AVG7
2007-08-21 22:21 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AVG7
2007-08-21 22:21 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AVG7
2007-08-21 22:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Grisoft
2007-08-21 15:02 691,304,544 ----a-w C:\Documents and Settings\Sr\CD.bin
2007-08-19 12:21 --------- d-----w C:\Documents and Settings\Sr\Application Data\GTek
2007-08-15 19:04 578,560 ----a-w C:\WINDOWS\WLXPGSS.SCR
.

((((((((((((((((((((((((((((( snapshot@2007-10-10_23.03.29.01 )))))))))))))))))))))))))))))))))))))))))
.
----a-w 196,683 2007-07-27 19:49:02 C:\WINDOWS\system32\lnod32apiA.dll
----a-w 225,355 2007-07-27 19:49:02 C:\WINDOWS\system32\lnod32apiW.dll
----a-w 139,264 2005-12-06 00:25:22 C:\WINDOWS\system32\lnod32umc.dll
----a-w 106,496 2005-12-05 17:37:10 C:\WINDOWS\system32\lnod32upd.dll
----a-w 253,952 2007-08-02 22:11:28 C:\WINDOWS\system32\OnlineScannerDLLA.dll
----a-w 241,664 2007-08-02 22:11:14 C:\WINDOWS\system32\OnlineScannerDLLW.dll
----a-w 19,456 2007-08-08 20:30:12 C:\WINDOWS\system32\OnlineScannerLang.dll
----a-w 77,824 2007-06-13 15:10:34 C:\WINDOWS\system32\OnlineScannerUninstaller.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"anvshell"="anvshell.exe" [2003-07-23 23:19 C:\WINDOWS\anvshell.exe]
"LiveNote"="livenote.exe" [2002-07-11 05:31 C:\WINDOWS\livenote.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-09-19 21:34]
"nwiz"="nwiz.exe" [2005-09-19 21:35 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-09-19 21:34]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 18:15]
"MOUSE32B"="C:\Program Files\Tilt Wheel Mouse\MULTI-DIRECTION OPTICAL MOUSE\1.3\Mouse32B.exe" [2004-11-25 12:24]
"LyraHD2TrayApp"="C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe" [2005-04-18 16:35]
"SchedulingAgent"="mstinit.exe" [2004-08-04 00:56 C:\WINDOWS\system32\mstinit.exe]
"AtiPTA"="atiptaxx.exe" [2001-09-26 22:39 C:\WINDOWS\system32\atiptaxx.exe]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-09-13 16:46]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-09-16 17:16]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-08-16 16:19]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2005-05-31 01:04]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices]
"SchedulingAgent"=mstask.exe

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"RunNarrator"=Narrator.exe

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-05-30 22:19:31]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 01:01:04]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe

R1 ANVOSDNT;ASUS Keyboard Filter Driver;C:\WINDOWS\system32\DRIVERS\anvosdnt.sys
R3 ati2mtaa;ati2mtaa;C:\WINDOWS\system32\DRIVERS\ati2mtaa.sys
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service;C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
S1 ANVIOCTL;ANVIOCTL;C:\WINDOWS\system32\DRIVERS\anvioctl.sys

.
Contents of the 'Scheduled Tasks' folder
"2007-08-17 19:58:08 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-10-16 12:07:08 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
"2007-10-16 21:00:06 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
"2007-10-16 20:56:49 C:\WINDOWS\Tasks\wlmail.job"
.
**************************************************************************

catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-16 16:57:18
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

**************************************************************************
.
Completion time: 2007-10-16 17:02:33 - machine was rebooted
C:\ComboFix2.txt ... 2007-10-14 07:29
C:\ComboFix3.txt ... 2007-10-13 12:11
.
--- E O F ---

:D
Shekb
Regular Member
 
Posts: 62
Joined: October 2nd, 2007, 5:51 pm

Unread postby Rogue » October 16th, 2007, 7:26 pm

Hi Shekb,

Well the Alcohol120 uninstaller has little to be desired given what was left on the system :roll:
Do you still have OTMoveIt installed or have you deleted it?

Rogue
User avatar
Rogue
MRU Teacher Emeritus
 
Posts: 4782
Joined: November 3rd, 2005, 3:21 pm
Location: Salt Lake City, Utah

Unread postby Shekb » October 16th, 2007, 10:18 pm

It auto deleted itself..... XD
You want me to dowload it and press the Clean up ! Button right ?
Shekb
Regular Member
 
Posts: 62
Joined: October 2nd, 2007, 5:51 pm

Unread postby Rogue » October 17th, 2007, 8:44 am

Hi Shekb,

Yes but before you do can you zip up the c:\Qoobox folder and upload it to our topic at Spykiller. Would like to distribute those RAT files to some developers so the can be automatically removed if found on other PC’s
Here is the link http://www.thespykiller.co.uk/index.php?topic=5025

Download the OTMoveIt by OldTimer.
http://download.bleepingcomputer.com/ol ... MoveIt.exe

You can remove these since OtMoveIt will not
SFP.exe from Desktop
regdump.exe from Desktop
IceSword.zip from the desktop
IceSword folder
Eset NOD32 Online AntiVirus from add/remove programs in the Control Panel

Thanks
Rogue
User avatar
Rogue
MRU Teacher Emeritus
 
Posts: 4782
Joined: November 3rd, 2005, 3:21 pm
Location: Salt Lake City, Utah

Unread postby Shekb » October 17th, 2007, 5:00 pm

Thanks :)
I'm clean now :D
Thank you very much and the files I sent will help others :P
Thanks Rogue
Shekb
Regular Member
 
Posts: 62
Joined: October 2nd, 2007, 5:51 pm

Unread postby Rogue » October 18th, 2007, 12:25 pm

Hi Shekb,

Glad we could be of assistance.

Rogue


This topic is now closed. If you wish it
reopened, please send us an email to 'admin at malwareremoval.com' with a link to your thread.


You can help support this site from this link :
Donations For Malware Removal

Do not bother contacting us if you are not the topic starter. A valid,
working link to the closed topic is required along with the user name used.
If the user name does not match the one in the thread linked, the email will be deleted.
User avatar
Rogue
MRU Teacher Emeritus
 
Posts: 4782
Joined: November 3rd, 2005, 3:21 pm
Location: Salt Lake City, Utah
Advertisement
Register to Remove

Previous

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 386 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware