WiredWX Christian Hobby Weather Tools
Would you like to react to this message? Create an account in a few clicks or log in to continue.

WiredWX Christian Hobby Weather ToolsLog in

 


Infected with Sysinternals Antivirus

descriptionInfected with Sysinternals Antivirus EmptyInfected with Sysinternals Antivirus18th July 2010, 2:50 pm

more_horiz
I am infected with a malware that calls itself Sysinternals Antivirus. I have tried repeatedly to post the logs from my scan of the program you wanted me to download but everytime I try to send it it says my server has timed out. I could really use some help, this "antivirus" pops up every few minutes and when I go into the task manager to stop it it goes away.

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus18th July 2010, 3:43 pm

more_horiz
OTL logfile created on: 7/18/2010 12:15:57 AM - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\DOCUME~1\COMPAQ~1\MYDOCU~1\DOWNLO~1
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

503.00 Mb Total Physical Memory | 244.00 Mb Available Physical Memory | 48.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.56 Gb Total Space | 22.62 Gb Free Space | 30.34% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-22CA86D5C4
Current User Name: Compaq_Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/07/18 00:03:54 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\OTL.exe
PRC - [2010/07/17 22:16:04 | 000,057,856 | ---- | M] () -- C:\Program Files\svchost.exe
PRC - [2010/07/10 10:58:17 | 000,045,716 | ---- | M] () -- C:\WINDOWS\system32\wbem\svchost.exe
PRC - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/01/19 18:46:54 | 000,117,288 | R--- | M] (Authentium, Inc) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
PRC - [2010/01/19 18:46:48 | 000,121,384 | R--- | M] (Authentium, Inc) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
PRC - [2007/01/04 17:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/11/07 16:41:44 | 000,419,840 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
PRC - [2006/11/07 16:41:44 | 000,110,592 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
PRC - [2006/11/07 16:41:44 | 000,102,400 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\MUSICMATCH\Musicmatch Jukebox\MMDiag.exe
PRC - [2004/08/06 03:23:10 | 000,308,352 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
PRC - [2004/08/06 03:23:08 | 000,382,080 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\Security Center\SymSCUI.exe
PRC - [2004/08/04 15:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/03/04 11:46:24 | 000,172,032 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
PRC - [2004/02/18 13:55:28 | 000,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
PRC - [2003/12/09 02:18:44 | 000,234,616 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PRC - [2003/12/09 02:18:36 | 000,255,096 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PRC - [2003/09/12 23:13:20 | 000,098,304 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\system32\ps2.EXE


========== Modules (SafeList) ==========

MOD - [2010/07/18 00:03:54 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\OTL.exe
MOD - [2010/07/10 10:58:11 | 000,047,616 | -H-- | M] () -- C:\WINDOWS\system32\cidadiag.dll
MOD - [2004/08/04 15:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004/08/04 15:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/07/17 22:16:04 | 000,057,856 | ---- | M] () [Auto | Running] -- C:\Program Files\svchost.exe -- (AdbUpd)
SRV - [2010/07/10 10:58:17 | 000,045,716 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\wbem\svchost.exe -- (svchost32)
SRV - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/29 08:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2010/01/19 18:46:56 | 000,158,248 | ---- | M] (Authentium, Inc) [On_Demand | Stopped] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe -- (vseqrts)
SRV - [2010/01/19 18:46:54 | 000,117,288 | R--- | M] (Authentium, Inc) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe -- (vsedsps)
SRV - [2010/01/19 18:46:48 | 000,121,384 | R--- | M] (Authentium, Inc) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe -- (vseamps)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2004/08/06 03:23:10 | 000,308,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -- (SymWSC)
SRV - [2003/12/09 02:18:44 | 000,234,616 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2003/12/09 02:18:42 | 000,087,160 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe -- (ccPwdSvc)
SRV - [2003/12/09 02:18:40 | 000,218,232 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- c:\Program Files\Common Files\Symantec Shared\ccProxy.exe -- (ccProxy)
SRV - [2003/12/09 02:18:36 | 000,255,096 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2003/12/04 20:10:06 | 000,197,856 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2002/12/17 17:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002/12/17 17:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)


========== Driver Services (SafeList) ==========

DRV - [2010/01/19 18:53:46 | 000,127,016 | R--- | M] (Authentium, Inc) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\amp.sys -- (AMP)
DRV - [2010/01/19 18:53:44 | 001,118,248 | R--- | M] (Authentium, Inc) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ampse.sys -- (AMPSE)
DRV - [2005/05/20 15:01:32 | 000,025,600 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe)
DRV - [2005/05/20 15:01:26 | 000,068,352 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2005/05/20 15:01:00 | 000,036,480 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidUsbK.sys -- (LHidUsbK)
DRV - [2005/05/20 15:00:48 | 000,054,528 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2005/05/20 15:00:36 | 000,013,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2004/10/01 10:24:02 | 002,279,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/08/04 01:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/06/29 20:07:18 | 001,268,204 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/04/14 20:14:12 | 000,070,144 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2003/12/11 18:54:14 | 000,391,424 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003/12/04 20:09:44 | 000,263,296 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2003/12/04 20:09:42 | 000,016,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2003/11/22 00:07:52 | 000,082,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2002/07/30 01:43:50 | 000,023,808 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q404&bd=presario&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=presario&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=presario&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q404&bd=presario&pf=desktop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q404&bd=presario&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=presario&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=presario&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/comcast.html
IE - HKCU\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (America Online, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5577

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.startup.homepage: "http://ipv6.comcast.net/"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/11 00:53:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/28 13:32:46 | 000,000,000 | ---D | M]

[2010/06/08 08:27:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions
[2010/07/17 21:32:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\unru7csc.default\extensions
[2010/06/08 08:57:00 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\unru7csc.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/06/08 07:25:41 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2004/08/04 15:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ADC PlugIn) - {149256D5-E103-4523-BB43-2CFB066839D6} - C:\Program Files\adc_w32.dll (Intsys)
O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (America Online, Inc.)
O2 - BHO: (CNisExtBho Class) - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - c:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (America Online, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (America Online, Inc.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe (HP)
O4 - HKLM..\Run: [IS CfgWiz] c:\Program Files\Common Files\Symantec Shared\cfgwiz.exe (Symantec Corporation)
O4 - HKLM..\Run: [lcgcqryw] C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\njicmveix\upplrlctssd.exe ()
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [MimBoot] C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mimboot.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [pbuilder] C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\pb32.exe ()
O4 - HKLM..\Run: [PS2] C:\WINDOWS\system32\ps2.EXE (Hewlett-Packard Company)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Aim6] C:\Program Files\AIM6\aim6.exe (AOL LLC)
O4 - HKCU..\Run: [lcgcqryw] C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\njicmveix\upplrlctssd.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &AOL Toolbar Search - c:\Program Files\AOL\AOL Toolbar 2.0\resources\en-us\local\search.html ()
O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (America Online, Inc.)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\iavlsp.dll (iolo technologies, LLC)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\iavlsp.dll (iolo technologies, LLC)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\System32\iavlsp.dll (iolo technologies, LLC)
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O16 - DPF: {32505657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab (Reg Error: Key error.)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab (ZoneIntro Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} http://fdl.msn.com/zone/datafiles/heartbeat.cab (HeartbeatCtl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.75.198 68.87.64.150
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/12/29 19:34:41 | 000,000,725 | ---- | M] () - C:\autoAlbum.log -- [ NTFS ]
O32 - AutoRun File - [2004/08/09 01:45:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- C:\Program Files\alggui.exe "%1" %* ()
O36 - AppCertDlls: dwwidump - (C:\WINDOWS\system32\cidadiag.dll) - C:\WINDOWS\system32\cidadiag.dll ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- C:\Program Files\alggui.exe "%1" %* ()

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found


SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4b218e3e-bc98-4770-93d3-2731b9329278} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player 9 ActiveX
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17746534284132352)

========== Files/Folders - Created Within 30 Days ==========

[2010/07/17 23:45:23 | 000,118,784 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\iavlsp.dll
[2010/07/17 23:45:21 | 000,000,000 | ---D | C] -- C:\Program Files\iolo
[2010/07/17 22:16:06 | 000,369,664 | ---- | C] (Intsys) -- C:\Program Files\adc_w32.dll
[2010/07/17 22:16:02 | 000,000,000 | ---D | C] -- C:\Sysinternals Antivirus
[2010/07/17 22:16:01 | 000,000,000 | ---D | C] -- C:\Program Files\Sysinternals Antivirus
[2010/07/12 01:45:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Real
[2010/07/10 10:57:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\AdobeUM
[2010/07/10 10:57:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2010/07/10 10:57:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/07/10 02:27:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple Computer
[2010/07/10 00:43:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\AdobeUM
[2010/07/10 00:43:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2010/07/10 00:43:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/07/09 07:45:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Identities
[2010/07/09 04:16:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/07/08 09:08:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/06/27 00:31:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\njicmveix
[47 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[143 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus18th July 2010, 3:45 pm

more_horiz
========== Files - Modified Within 30 Days ==========

[2010/07/18 00:29:43 | 000,000,066 | ---- | M] () -- C:\Program Files\wp4.dat
[2010/07/18 00:29:43 | 000,000,001 | ---- | M] () -- C:\Program Files\wp3.dat
[2010/07/18 00:29:37 | 000,369,664 | ---- | M] (Intsys) -- C:\Program Files\adc_w32.dll
[2010/07/18 00:29:37 | 000,097,280 | ---- | M] () -- C:\Program Files\alggui.exe
[2010/07/18 00:24:56 | 000,001,588 | ---- | M] () -- C:\Sysinternals Antivirus.lnk
[2010/07/18 00:08:30 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2010/07/18 00:08:28 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/07/18 00:08:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/07/18 00:08:22 | 528,011,264 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/17 23:46:41 | 003,670,016 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\ntuser.dat
[2010/07/17 23:46:41 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Compaq_Owner\ntuser.ini
[2010/07/17 23:45:34 | 000,001,695 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\System Shield.lnk
[2010/07/17 22:37:08 | 000,000,000 | ---- | M] () -- C:\Program Files\extra1.dat
[2010/07/17 22:16:05 | 000,000,009 | ---- | M] () -- C:\Program Files\nuar.old
[2010/07/17 22:16:04 | 000,057,856 | ---- | M] () -- C:\Program Files\svchost.exe
[2010/07/17 22:16:04 | 000,000,036 | ---- | M] () -- C:\Program Files\skynet.dat
[2010/07/17 11:59:07 | 000,000,246 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2010/07/15 21:03:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/07/15 03:00:00 | 000,000,386 | ---- | M] () -- C:\WINDOWS\tasks\RegCure.job
[2010/07/10 10:58:11 | 000,047,616 | -H-- | M] () -- C:\WINDOWS\System32\cidadiag.dll
[2010/06/27 22:00:35 | 000,000,140 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Network and Internet Connections.lnk
[47 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[143 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/07/17 23:45:34 | 000,001,695 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\System Shield.lnk
[2010/07/17 22:37:08 | 000,000,000 | ---- | C] () -- C:\Program Files\extra1.dat
[2010/07/17 22:16:08 | 000,097,280 | ---- | C] () -- C:\Program Files\alggui.exe
[2010/07/17 22:16:05 | 000,000,009 | ---- | C] () -- C:\Program Files\nuar.old
[2010/07/17 22:16:04 | 000,057,856 | ---- | C] () -- C:\Program Files\svchost.exe
[2010/07/17 22:16:04 | 000,000,066 | ---- | C] () -- C:\Program Files\wp4.dat
[2010/07/17 22:16:04 | 000,000,036 | ---- | C] () -- C:\Program Files\skynet.dat
[2010/07/17 22:16:04 | 000,000,001 | ---- | C] () -- C:\Program Files\wp3.dat
[2010/07/17 22:16:03 | 000,001,588 | ---- | C] () -- C:\Sysinternals Antivirus.lnk
[2010/07/10 10:58:11 | 000,047,616 | -H-- | C] () -- C:\WINDOWS\System32\cidadiag.dll
[2010/06/27 22:00:34 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Network and Internet Connections.lnk
[2010/06/05 21:37:44 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2007/06/10 20:41:09 | 000,000,091 | ---- | C] () -- C:\WINDOWS\Retrieve7.INI
[2006/12/30 16:03:18 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/12/12 12:30:26 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2006/12/12 12:24:42 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2006/11/02 17:35:13 | 000,000,059 | ---- | C] () -- C:\WINDOWS\dcmvwr.INI
[2006/04/26 21:35:33 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/04/26 21:35:33 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/04/26 21:35:33 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/04/26 21:35:33 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/04/26 21:35:33 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/04/26 21:35:33 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/12/04 20:37:54 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/01/19 19:56:40 | 000,014,590 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2004/12/27 16:26:14 | 000,006,666 | ---- | C] () -- C:\WINDOWS\hpdj3840.ini
[2004/12/27 16:25:37 | 000,000,414 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2004/08/12 02:06:53 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004/08/10 19:48:39 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/09 05:05:50 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2004/08/09 05:05:14 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2004/08/09 05:05:14 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2004/08/09 05:00:40 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\PCDrJNI_1_1.dll
[2004/08/09 04:58:47 | 000,025,959 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2004/08/09 04:58:08 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2004/08/09 02:50:02 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/08/09 02:32:16 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/09 02:02:20 | 000,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2004/08/09 02:02:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2004/08/09 02:01:57 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2004/08/09 01:49:55 | 000,000,802 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/09 00:29:17 | 000,000,553 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/06/29 08:58:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/01/08 01:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus18th July 2010, 3:47 pm

more_horiz
========== Custom Scans ==========


< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[47 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.exe /lockedfiles >
[47 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2004/08/08 17:34:52 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/08/08 17:34:52 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/08/08 17:34:52 | 000,872,448 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.sys >
[2004/08/04 08:00:00 | 000,009,029 | ---- | M] () -- C:\WINDOWS\system32\ansi.sys
[2004/08/09 04:58:47 | 000,025,959 | ---- | M] () -- C:\WINDOWS\system32\CHODDI.SYS
[2004/08/04 08:00:00 | 000,027,097 | ---- | M] () -- C:\WINDOWS\system32\country.sys
[2004/08/04 08:00:00 | 000,004,768 | ---- | M] () -- C:\WINDOWS\system32\himem.sys
[2004/08/04 08:00:00 | 000,042,809 | ---- | M] () -- C:\WINDOWS\system32\key01.sys
[2004/08/04 08:00:00 | 000,042,537 | ---- | M] () -- C:\WINDOWS\system32\keyboard.sys
[2004/08/04 08:00:00 | 000,027,866 | ---- | M] () -- C:\WINDOWS\system32\ntdos.sys
[2004/08/04 08:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos404.sys
[2004/08/04 08:00:00 | 000,029,370 | ---- | M] () -- C:\WINDOWS\system32\ntdos411.sys
[2004/08/04 08:00:00 | 000,029,274 | ---- | M] () -- C:\WINDOWS\system32\ntdos412.sys
[2004/08/04 08:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos804.sys
[2004/08/04 08:00:00 | 000,033,840 | ---- | M] () -- C:\WINDOWS\system32\ntio.sys
[2004/08/04 08:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio404.sys
[2004/08/04 08:00:00 | 000,035,648 | ---- | M] () -- C:\WINDOWS\system32\ntio411.sys
[2004/08/04 08:00:00 | 000,035,424 | ---- | M] () -- C:\WINDOWS\system32\ntio412.sys
[2004/08/04 08:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio804.sys
[2004/08/04 15:00:00 | 000,017,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\watchdog.sys
[2010/05/02 01:56:34 | 001,850,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k.sys
[47 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus18th July 2010, 3:54 pm

more_horiz
< %systemroot%\system32\drivers\*.dll >

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >

< %SYSTEMDRIVE%\*.* >
[2005/12/29 19:34:41 | 000,000,725 | ---- | M] () -- C:\autoAlbum.log
[2004/08/09 01:45:44 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2006/04/26 21:34:47 | 000,000,211 | RHS- | M] () -- C:\BOOT.BAK
[2006/04/27 00:34:36 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2006/09/11 17:53:49 | 000,001,156 | ---- | M] () -- C:\caavsetup.log
[2006/12/16 00:24:39 | 000,036,067 | ---- | M] () -- C:\caavsetupLog.txt
[2010/06/05 21:39:47 | 000,009,041 | ---- | M] () -- C:\caisslog.txt
[2004/08/04 08:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2004/08/09 01:45:44 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2006/01/03 00:11:07 | 000,000,100 | ---- | M] () -- C:\DownloadLog.txt
[2003/03/20 06:31:24 | 000,464,896 | ---- | M] () -- C:\FL Studio VSTi (Multi).dll
[2003/03/20 06:32:42 | 000,464,896 | ---- | M] () -- C:\FL Studio VSTi.dll
[2010/07/18 00:08:22 | 528,011,264 | -HS- | M] () -- C:\hiberfil.sys
[2007/04/24 17:24:44 | 000,037,069 | ---- | M] () -- C:\hpfr3840.log
[2003/12/08 13:15:56 | 000,028,672 | R--- | M] ( ) -- C:\hpqimgrc.resources.dll
[2004/08/09 01:45:44 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2006/12/30 16:08:35 | 000,001,603 | -H-- | M] () -- C:\IPH.PH
[2004/08/09 01:45:44 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 08:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004/08/04 08:00:00 | 000,250,032 | RHS- | M] () -- C:\ntldr
[2010/07/18 00:08:20 | 792,723,456 | -HS- | M] () -- C:\pagefile.sys
[2005/10/31 11:56:00 | 000,700,416 | ---- | M] (LimeWire) -- C:\StubInstaller.exe
[2010/07/18 00:32:01 | 000,001,588 | ---- | M] () -- C:\Sysinternals Antivirus
[2006/01/19 09:45:12 | 000,000,190 | ---- | M] () -- C:\vetmon.log
[2006/06/17 17:53:04 | 000,000,027 | ---- | M] () -- C:\wizard.txt

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus18th July 2010, 3:57 pm

more_horiz
< %PROGRAMFILES%\*. >
[2004/08/09 02:42:40 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2006/12/31 14:13:10 | 000,000,000 | ---D | M] -- C:\Program Files\AIM
[2006/12/30 16:08:35 | 000,000,000 | ---D | M] -- C:\Program Files\AIM6
[2005/12/04 20:38:00 | 000,000,000 | ---D | M] -- C:\Program Files\America Online 9.0
[2006/12/11 18:33:31 | 000,000,000 | ---D | M] -- C:\Program Files\AOD
[2006/12/11 18:33:32 | 000,000,000 | ---D | M] -- C:\Program Files\AOL
[2006/01/14 23:26:18 | 000,000,000 | ---D | M] -- C:\Program Files\AOL Pictures
[2010/06/14 22:54:37 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2007/02/13 19:20:23 | 000,000,000 | ---D | M] -- C:\Program Files\ASIO4ALL v2
[2005/01/04 01:15:37 | 000,000,000 | ---D | M] -- C:\Program Files\AWS
[2010/06/14 22:52:42 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2006/12/16 00:24:31 | 000,000,000 | ---D | M] -- C:\Program Files\CA
[2010/06/06 00:49:50 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2004/08/09 01:43:02 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2006/12/18 19:14:26 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2007/04/01 16:45:24 | 000,000,000 | ---D | M] -- C:\Program Files\Easy Internet signup
[2006/02/04 21:40:43 | 000,000,000 | ---D | M] -- C:\Program Files\emagic
[2005/11/16 16:51:14 | 000,000,000 | ---D | M] -- C:\Program Files\EmpirePoker
[2006/08/10 03:43:22 | 000,000,000 | ---D | M] -- C:\Program Files\fl.studio.xxl.producer.edition.6.0.8.cracked-tsrh
[2006/08/17 21:35:31 | 000,000,000 | ---D | M] -- C:\Program Files\FruityLoops.Studio.Producer.XXL.Edition.v6.0.8.RETAIL-Lz0
[2007/06/09 13:11:52 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2004/08/09 05:03:39 | 000,000,000 | ---D | M] -- C:\Program Files\Help and Support Additions
[2004/12/27 16:28:34 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
[2005/12/09 21:47:04 | 000,000,000 | ---D | M] -- C:\Program Files\HP
[2007/06/09 12:57:54 | 000,000,000 | ---D | M] -- C:\Program Files\Image-Line
[2006/12/11 20:43:22 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/07/17 22:37:12 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2004/12/26 23:03:32 | 000,000,000 | ---D | M] -- C:\Program Files\InterVideo
[2010/07/17 23:45:21 | 000,000,000 | ---D | M] -- C:\Program Files\iolo
[2010/06/14 22:57:45 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2010/06/08 07:25:59 | 000,000,000 | ---D | M] -- C:\Program Files\iPod(2)
[2006/03/17 00:35:32 | 000,000,000 | ---D | M] -- C:\Program Files\ItsDeductible2005
[2007/06/09 12:41:07 | 000,000,000 | ---D | M] -- C:\Program Files\ItsDeductible2006

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus18th July 2010, 3:58 pm

more_horiz
[2010/06/14 22:58:42 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2010/06/08 07:25:59 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes(2)
[2006/05/05 16:16:21 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2007/06/09 13:03:57 | 000,000,000 | ---D | M] -- C:\Program Files\LimeWire
[2006/10/08 15:54:14 | 000,000,000 | ---D | M] -- C:\Program Files\Logitech
[2010/06/10 03:11:45 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2004/08/09 02:48:44 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2006/04/26 02:11:13 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft AntiSpyware
[2004/08/09 01:45:57 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2004/08/09 02:48:25 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2006/06/02 20:53:33 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server
[2004/08/09 02:48:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2004/08/09 02:48:32 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2004/08/09 02:47:55 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/06/10 03:06:06 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/06/28 13:32:56 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2006/06/05 21:14:27 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2004/08/09 02:40:55 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Encarta Standard
[2004/08/09 01:42:05 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2006/05/05 21:08:01 | 000,000,000 | ---D | M] -- C:\Program Files\MsnMusic
[2010/06/10 03:01:29 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2006/12/11 20:43:17 | 000,000,000 | ---D | M] -- C:\Program Files\MUSICMATCH
[2005/06/02 02:20:24 | 000,000,000 | ---D | M] -- C:\Program Files\MyWay
[2005/01/05 22:38:08 | 000,000,000 | ---D | M] -- C:\Program Files\Napster
[2006/04/26 21:24:39 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2006/09/11 17:52:21 | 000,000,000 | ---D | M] -- C:\Program Files\Norton AntiVirus
[2010/06/08 07:25:33 | 000,000,000 | ---D | M] -- C:\Program Files\Norton Personal Firewall
[2010/06/08 08:57:03 | 000,000,000 | ---D | M] -- C:\Program Files\NOS
[2004/08/09 05:21:02 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2010/06/10 03:03:03 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2004/08/09 05:04:59 | 000,000,000 | ---D | M] -- C:\Program Files\PC-Doctor for Windows
[2005/01/22 15:59:48 | 000,000,000 | ---D | M] -- C:\Program Files\PianoFX
[2010/06/14 22:56:05 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2010/06/08 07:26:05 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime(2)
[2006/12/16 13:15:21 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2007/06/09 12:41:35 | 000,000,000 | ---D | M] -- C:\Program Files\RegCure
[2006/02/17 13:58:09 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2004/08/09 02:39:57 | 000,000,000 | ---D | M] -- C:\Program Files\Sonic
[2004/08/09 02:39:59 | 000,000,000 | ---D | M] -- C:\Program Files\Sonic RecordNow!
[2007/06/09 13:08:44 | 000,000,000 | ---D | M] -- C:\Program Files\Sony
[2006/06/02 20:38:59 | 000,000,000 | ---D | M] -- C:\Program Files\Sony Setup
[2005/01/03 22:47:40 | 000,000,000 | ---D | M] -- C:\Program Files\support.com
[2010/06/08 07:25:26 | 000,000,000 | ---D | M] -- C:\Program Files\Symantec
[2010/07/17 22:16:01 | 000,000,000 | ---D | M] -- C:\Program Files\Sysinternals Antivirus
[2007/04/20 17:36:26 | 000,000,000 | ---D | M] -- C:\Program Files\TurboTax
[2006/06/02 20:54:24 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2007/01/11 09:22:48 | 000,000,000 | ---D | M] -- C:\Program Files\Viewpoint

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus18th July 2010, 4:03 pm

more_horiz
[2007/06/09 13:09:37 | 000,000,000 | ---D | M] -- C:\Program Files\VirtualDJ
[2007/06/09 13:08:42 | 000,000,000 | ---D | M] -- C:\Program Files\VstPlugins
[2005/01/04 22:02:19 | 000,000,000 | ---D | M] -- C:\Program Files\WildTangent
[2007/06/09 12:43:02 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus18th July 2010, 4:05 pm

more_horiz
[2006/04/26 21:24:41 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus18th July 2010, 4:08 pm

more_horiz

[2005/02/10 13:28:05 | 000,000,000 | ---D | M] -- C:\Program Files\WinMX
[2006/06/02 20:28:08 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
[2004/08/09 01:45:57 | 000,000,000 | ---D | M] -- C:\Program Files\xerox

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus18th July 2010, 4:14 pm

more_horiz
In between the Windows NT and WinMx file there is a file called Windows Update, and for some reason it won't let me publish it. It says my server times out everytime.

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus18th July 2010, 4:16 pm

more_horiz
< %appdata%\*.* >
[2004/08/08 18:37:33 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\desktop.ini


< MD5 for: AGP440.SYS >
[2004/08/04 15:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004/08/04 08:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 15:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004/08/04 08:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\atapi.sys
[2004/08/04 08:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004/08/04 08:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus18th July 2010, 4:17 pm

more_horiz
< MD5 for: DISK.SYS >
[2004/08/04 15:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2004/08/04 08:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:disk.sys
[2004/08/04 15:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\system32\drivers\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\disk.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\eventlog.dll
[2004/08/04 15:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004/08/04 15:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus18th July 2010, 4:20 pm

more_horiz
< MD5 for: NETLOGON.DLL >
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\netlogon.dll
[2009/02/06 14:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 14:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004/08/04 15:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004/08/04 15:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/04 15:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004/08/04 15:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll
[2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\scecli.dll

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus18th July 2010, 4:22 pm

more_horiz
< MD5 for: USBSTOR.SYS >
[2004/08/04 15:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbstor.sys
[2004/08/04 08:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:usbstor.sys
[2004/08/04 09:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation) MD5=6CD7B22193718F1D17A47A1CD6D37E75 -- C:\WINDOWS\system32\dllcache\usbstor.sys
[2004/08/04 09:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation) MD5=6CD7B22193718F1D17A47A1CD6D37E75 -- C:\WINDOWS\system32\drivers\USBSTOR.SYS
[2008/04/13 14:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\usbstor.sys

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus18th July 2010, 4:25 pm

more_horiz
< >

< >
< End of report >

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus18th July 2010, 4:26 pm

more_horiz
There is another file listed above the end of report and it won't let me publish it. I even tried to break it up and that didn't work.

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus18th July 2010, 4:29 pm

more_horiz
OTL Extras logfile created on: 7/18/2010 12:15:58 AM - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\DOCUME~1\COMPAQ~1\MYDOCU~1\DOWNLO~1
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

503.00 Mb Total Physical Memory | 244.00 Mb Available Physical Memory | 48.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.56 Gb Total Space | 22.62 Gb Free Space | 30.34% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus18th July 2010, 4:29 pm

more_horiz
Computer Name: YOUR-22CA86D5C4
Current User Name: Compaq_Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.exe [@ = exefile] -- C:\Program Files\alggui.exe ()

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus18th July 2010, 4:30 pm

more_horiz
[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- C:\Program Files\alggui.exe "%1" %* ()
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus18th July 2010, 4:32 pm

more_horiz
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger -- (America Online, Inc.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe" = C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe:*:Enabled:BackWeb for Presario -- File not found
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- File not found
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- File not found
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\iolo\System Shield\SysShield.exe" = C:\Program Files\iolo\System Shield\SysShield.exe:*:Enabled:iolo System Shield® -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{12E2B9E9-05B1-407d-B0FD-B5F350535125}" = Norton Internet Security
"{1526D87C-A955-4FAB-BF18-697BA457E352}" = Norton WMI Update
"{1F7CCFA3-D926-4882-B2A5-A0217ED25597}" = PC-Doctor for Windows
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{30DBAD4A-BA6D-4F9D-8AB0-2F6C7B0612A4}" = AVSDK5
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3BD0196C-6553-460c-A0C4-90D8AE5D60D2}" = Norton Personal Firewall
"{400A95F9-5B90-421E-BA7F-8BBB3405ABE4}" = CC_ccStart
"{48185814-A224-447a-81DA-71BD20580E1B}" = Norton Internet Security
"{503AA035-41E2-4858-B31F-1E49AC66C309}" = Norton Security Center
"{526AD5DC-CFC4-4f2a-8442-C84CC91D6C7F}" = Norton Internet Security
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{58FF85B0-5C76-4ED1-9C07-719C54CF0178}" = Norton Internet Security
"{59390E3C-62F5-4467-84C1-51A565D36853}" = ccCommon
"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes
"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"{85D3CC30-8859-481A-9654-FD9B74310BEF}" = Musicmatch® Jukebox
"{882362E0-C71A-411B-B16F-46D1B66E1890}_is1" = System Shield
"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD Player
"{91AA4B1F-B918-4e0b-A304-F8D4EC5D7726}" = Norton Internet Security
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{A398F2DC-D706-4bb2-AC38-5532CD229D08}" = CC_ccProxyMSI
"{AC76BA86-0000-0000-0000-6028747ADE01}" = Adobe Acrobat - Reader 6.0.2 Update
"{AC76BA86-7AD7-1033-7B44-A00000000001}" = Adobe Reader 6.0.1
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B1591C79-1C35-4E09-AA15-F7D6923AFB96}" = HP Deskjet 3840
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B81023A5-71ED-46EB-BE3B-9F974D1155F1}" = HP Software Update
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C9D599E1-6B68-4a1f-8A4F-A1DB433DB1BF}" = Norton Internet Security
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DD10F763-CDF6-46CD-9254-C8CE5E91B53E}" = Sony Media Manager 2.1
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{FC2C0536-583C-46c0-844A-62CECAE01F22}" = Norton Internet Security
"{FC37ABD0-2108-4beb-B010-1254E0662B5A}" = MSRedist
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems PCI Soft Modem
"AIM_6.0" = AIM 6.0
"AOL Instant Messenger" = AOL Instant Messenger
"AOL Toolbar" = AOL Toolbar 2.0

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus18th July 2010, 4:33 pm

more_horiz
"ASIO4ALL" = ASIO4ALL
"Collab" = Collab
"DivX Content Uploader" = DivX Content Uploader
"Help and Support Additions" = Help and Support Additions
"IL Download Manager" = IL Download Manager
"InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate" = LiveUpdate 1.90 (Symantec Corporation)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"MSN Music Assistant" = MSN Music Assistant
"PS2" = PS2
"QuickTime" = QuickTime
"RealPlayer 6.0" = RealPlayer
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SymSetup.{3BD0196C-6553-460c-A0C4-90D8AE5D60D2}" = Norton Personal Firewall (Symantec Corporation)
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"WinRAR archiver" = WinRAR archiver

========== Last 10 Event Log Errors ==========


descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus18th July 2010, 4:38 pm

more_horiz
[ Application Events ]
Error - 7/17/2010 9:30:32 PM | Computer Name = YOUR-22CA86D5C4 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus18th July 2010, 4:40 pm

more_horiz
Error - 7/17/2010 9:30:32 PM | Computer Name = YOUR-22CA86D5C4 | Source = crypt32 | ID = 131083

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus18th July 2010, 4:43 pm

more_horiz
Error - 7/17/2010 9:30:32 PM | Computer Name = YOUR-22CA86D5C4 | Source = crypt32 | ID = 131080

Error - 7/17/2010 10:06:38 PM | Computer Name = YOUR-22CA86D5C4 | Source = EventSystem | ID = 4609

Error - 7/17/2010 10:11:34 PM | Computer Name = YOUR-22CA86D5C4 | Source = EventSystem | ID = 4609


Error - 7/17/2010 11:36:45 PM | Computer Name = YOUR-22CA86D5C4 | Source = EventSystem | ID = 4609

Error - 7/17/2010 11:45:38 PM | Computer Name = YOUR-22CA86D5C4 | Source = crypt32 | ID = 131083

Error - 7/17/2010 11:45:38 PM | Computer Name = YOUR-22CA86D5C4 | Source = crypt32 | ID = 131083


Error - 7/18/2010 12:05:50 AM | Computer Name = YOUR-22CA86D5C4 | Source = Application Error | ID = 1000


Error - 7/18/2010 12:33:50 AM | Computer Name = YOUR-22CA86D5C4 | Source = Application Error | ID = 1000

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus18th July 2010, 4:43 pm

more_horiz
[ System Events ]
Error - 7/17/2010 11:38:14 PM | Computer Name = YOUR-22CA86D5C4 | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.

Error - 7/17/2010 11:40:41 PM | Computer Name = YOUR-22CA86D5C4 | Source = Service Control Manager | ID = 7034
Description = The SymWMI Service service terminated unexpectedly. It has done this
1 time(s).

Error - 7/17/2010 11:40:50 PM | Computer Name = YOUR-22CA86D5C4 | Source = Service Control Manager | ID = 7034
Description = The Application Layer Gateway Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 7/17/2010 11:50:47 PM | Computer Name = YOUR-22CA86D5C4 | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.

Error - 7/17/2010 11:50:47 PM | Computer Name = YOUR-22CA86D5C4 | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.

Error - 7/17/2010 11:50:56 PM | Computer Name = YOUR-22CA86D5C4 | Source = Service Control Manager | ID = 7024
Description = The Symantec Network Proxy service terminated with service-specific
error 4294967295 (0xFFFFFFFF).

Error - 7/18/2010 12:03:23 AM | Computer Name = YOUR-22CA86D5C4 | Source = DCOM | ID = 10010
Description = The server {A5B020FD-E04B-4E67-B65A-E7DEED25B2CF} did not register
with DCOM within the required timeout.

Error - 7/18/2010 12:08:51 AM | Computer Name = YOUR-22CA86D5C4 | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.

Error - 7/18/2010 12:08:51 AM | Computer Name = YOUR-22CA86D5C4 | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.

Error - 7/18/2010 12:09:01 AM | Computer Name = YOUR-22CA86D5C4 | Source = Service Control Manager | ID = 7024
Description = The Symantec Network Proxy service terminated with service-specific
error 4294967295 (0xFFFFFFFF).


< End of report >

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus18th July 2010, 4:45 pm

more_horiz
*Note that all of the errors in posts 23, 24, and 25 all had descriptions of the error listed under them, but it would not allow me to publish them with the descriptions.

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus20th July 2010, 3:02 pm

more_horiz
Bump

Whatever this thing is it's wiping out my desktop so that I can't access anything. Please help before I can't even access the internet anymore.
Thanks

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus20th July 2010, 7:53 pm

more_horiz
Bump

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus20th July 2010, 11:30 pm

more_horiz
I'm not trying to be a pain but I desperately need help before I can't even access the internet to ask for help. I have been waiting since Sunday afternoon and have bumped my post twice today and still haven't had a response but yet someone that has only posted a half hour ago is already getting help.

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus21st July 2010, 8:32 pm

more_horiz
Hello this is day 3 and I still haven't even been acknowledged while most people are getting immediate responses. Please help.

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus22nd July 2010, 3:06 pm

more_horiz
Bump

descriptionInfected with Sysinternals Antivirus EmptyRe: Infected with Sysinternals Antivirus

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum