kartaka igra belot free download

Name: kartaka igra belot free download
Category: Downloads
Published: vragualisun1982
Language: English

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Free Malware Removal Forum.
community support for infected computers.
Windows XP defender.
Windows XP defender.
by the_big_d » May 13th, 2010, 1:25 pm.
Started getting a problem with a program calling itself windows XP defender. It was hijacking my system & giving me loads of fake security warnings & stopping me acessing the web apart from its own page. After a bit of searching on the web i found a solution by making & running a regedit file ?? it seemed to get rid of it but it kept coming back after a few restarts, I did the regedit thing a few more times & its not been back for about a week now, the problem is my PC is still running very slow & im getting loads of popups all the time. It's really doing my head in now & I really need some help with it. Here are my logs. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:55:52, on 13/05/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal.
Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\APPLIC\FIREBIRD\bin\fbguard.exe C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\PROGRA.
1\VPTray.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Belkin\Bluetooth Software\BTTray.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\LogMeIn\x86\RaMaint.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\PROGRA.
1.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\APPLIC\FIREBIRD\bin\fbserver.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe.
1\VPTray.exe O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\RunServices: [AWGateway] "C:\Program Files\Symantec\pcAnywhere Gateway\AWGateway.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Convert link target to Adobe PDF - res://C :\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C :\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C :\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C :\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C :\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C :\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C :\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://C :\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C :\PROGRA.
2\Office10\EXCEL.EXE/3000 O9 - Extra button: Blog This - - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @btrez.dll,-4015 - - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Show or hide HP Smart Web Printing - - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex . 0-3-48.cab O16 - DPF: (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: (WUWebControl Class) - http://update.microsoft.com/windowsupda . 3414896609 O16 - DPF: (OCXDownloadChecker Control) - http://80.26.142.38/cab/OCXChecker_8120.cab O16 - DPF: (Image Uploader 3.0 Control) - http://213.175.242.21/wpp/boots/app/opcuploader.cab O16 - DPF: - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab O16 - DPF: (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/ph . NPUpld.cab O16 - DPF: (Hotmail Attachments Control) - http://by102fd.bay102.hotmail.msn.com/a . Atchmt.ocx O16 - DPF: (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100 O22 - SharedTaskScheduler: Browseui preloader - - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - - C:\WINDOWS\System32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Symantec pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\APPLIC\FIREBIRD\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\APPLIC\FIREBIRD\bin\fbserver.exe O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe O23 - Service: Google Update Service (gupdate1c9c5d84d71e54c) (gupdate1c9c5d84d71e54c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA.
1.EXE O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe.
-- End of file - 14017 bytes.
32 Bit HP CIO Components Installer Adobe Acrobat 7.0.9 Professional Adobe Bridge 1.0 Adobe Common File Installer Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Help Center 1.0 Adobe Photoshop CS2 Adobe Reader 6.0 Adobe Reader 8.1.5 Adobe Shockwave Player Adobe Stock Photos 1.0 Adobe SVG Viewer 3.0 Adobe® Photoshop® Album Starter Edition 3.0 ATI - Software Uninstall Utility ATI Catalyst Control Center ATI Control Panel ATI Display Driver Audacity 1.2.6 Belkin Bluetooth Software Belkin Wireless USB Utility Bing Maps 3D Catalyst Control Center - Branding dBpowerAMP Music Converter dBpowerAMP WMA V9.1 Codec EPSON Printer Software EzRecover Free 3GP Video Converter version 3.2 Free Video to iPod Converter version 3.1 Google Earth Google Update Helper HiJackThis HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954708) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB979306) HP Deskjet F4500 Printer Driver Software 13.0 Rel .6 HP Imaging Device Functions 13.0 HP Print Projects 1.0 HP Smart Web Printing 4.60 HP Solution Center 13.0 HP Update Image Resizer Powertoy for Windows XP ITEDO IsoView 5 Java(TM) 6 Update 11 Java(TM) 6 Update 3 Java(TM) 6 Update 6 Java(TM) 6 Update 7 Junk Mail filter update K-Lite Codec Pack 4.9.5 (Full) LiveReg (Symantec Corporation) LiveUpdate 3.0 (Symantec Corporation) LogMeIn Magic DVD Ripper V4.2 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB953297) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 Microsoft AutoRoute 2007 Microsoft Choice Guard Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 Microsoft Office Live Add-in 1.3 Microsoft Office XP Professional with FrontPage Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft User-Mode Driver Framework Feature Pack 1.7 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ Run Time Lib Setup MSVC80_x86 MSVC80_x86_v2 MSVC90_x86 MSVCRT MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 6.0 Parser Nero 7 Ultra Edition neroxml Nokia Connectivity Cable Driver Nokia Download! Nokia Map Loader Nokia Ovi Player Nokia Ovi Suite Nokia Ovi Suite Nokia Ovi Suite Software Updater Nokia PC Suite Nokia PC Suite Nokia Software Updater Nokia_Multimedia_Common_Components_2_5 Ovi Desktop Sync Engine OviMPlatform PC Connectivity Solution Peaqe PowerISO PP2000 QuickTime RealPlayer RealSpeak Solo for UK English Emily Realtek High Definition Audio Driver Satellite TV for PC Elite 4.8.8.0 Seagate Manager Installer Seagate Manager Installer Security Update for CAPICOM (KB931906) Security Update for CAPICOM (KB931906) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB976325) Security Update for Windows Internet Explorer 8 (KB978207) Security Update for Windows Internet Explorer 8 (KB981332) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player 10 (KB917734) Security Update for Windows Media Player 10 (KB936782) Security Update for Windows XP (KB913433) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB938464-v2) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950759) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953838) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956390) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958215) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960714) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB963027) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969897) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972260) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB979309) Segoe UI SereneScreen Marine Aquarium 2.6 Shop for HP Supplies Snes9x Sony Ericsson Themes Creator 3.06 Spelling Dictionaries Support For Adobe Reader 8 Symantec AntiVirus Symantec pcAnywhere TomTom HOME 2.7.3.1894 TomTom HOME Visual Studio Merge Modules TVAnts 1.0 TvInternet ULi LAN Driver Uninstall 1.0.0.1 Update for Windows Internet Explorer 8 (KB978506) Update for Windows Internet Explorer 8 (KB980182) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955839) Update for Windows XP (KB961503) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB973687) Update for Windows XP (KB973815) VCRedistSetup Windows Driver Package - FTDI CDM Driver Package (06/27/2007 2.02.04) Windows Driver Package - FTDI CDM Driver Package (06/27/2007 2.02.04) Windows Driver Package - Nokia Modem (05/22/2008 3. Windows Driver Package - Nokia Modem (05/22/2008 7.00.0.1) Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.4) Windows Driver Package - Nokia Modem (10/05/2009 4.2) Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) Windows Imaging Component Windows Internet Explorer 8 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Toolbar Windows Live Upload Tool Windows Live Writer Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Presentation Foundation Windows XP Service Pack 3 WinRAR archiver Yahoo! Install Manager.
Re: Windows XP defender.
by MWR 3 day Mod » May 17th, 2010, 12:37 am.
We are sorry to see your topic is over three days old and no one has yet been able to respond and offer help.
If you still require assistance, please post a link to your topic in our Waiting for help with malware removal? forum, and our staff will make an effort to assist you as promptly as possible. Only post a LINK to this topic, DO NOT post your DDS log!
Please do not reply to this topic.
If you haven't posted within two days in the "Waiting for help with malware removal?" forum, we will assume you have been able to get assistance in other ways and this topic will be closed.
Re: Windows XP defender.
by deltalima » May 17th, 2010, 3:06 pm.
Welcome to the forum.
My nickname is deltalima and I will be helping you with your computer problems.
The logs can take some time to research, so please be patient with me.
Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.
Please note the following: I will working be on your Malware issues, this may or may not, solve other issues you have with your machine. The fixes are specific to your problem and should only be used for this issue on this machine. Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear. If after 3 days you have not responded to this topic , it will be closed , and you will need to start a new one. It's often worth reading through these instructions and printing them for ease of reference. If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry. Please reply to this thread. Do not start a new topic. CKScanner.
Please download CKScanner from here to your Desktop. Make sure that CKScanner.exe is on the your Desktop before running the application! Double-click on CKScanner.exe and click Search For Files . After a very short time, when the cursor hourglass disappears, click Save List To File . A message box will verify the file saved Double-click on the CKFiles.txt icon on your Desktop and copy/paste the contents in your next reply. Download and run OTL Download OTL by Old Timer and save it to your Desktop. Double click on OTL.exe to run it. Under Output , ensure that Minimal Output is selected. Under Extra Registry section, select Use SafeList . Click the Scan All Users checkbox. Click on Run Scan at the top left hand corner. When done, two Notepad files will open. OTL.txt Will be opened Extras.txt Will be minimized Please post the contents of these 2 Notepad files in your next reply. Please download GMER Rootkit Scanner from here . Double click the .exe file. If asked to allow gmer.sys driver to load, please consent If it gives you a warning at program start about rootkit activity and asks if you want to run a scan. click NO . Run Gmer again and click on the Rootkit tab. Look at the right hand s >uncheck all drives with the exception of your C drive. Make sure all other boxes on the right of the screen are checked, EXCEPT for " Show All ". Click on the " Scan " and wait for the scan to finish. Note: Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan. When completed, click on the Copy button and right-click on your Desktop, choose " New " > Text document. Once the file is created, open it and right-click again and choose Paste or Ctrl+V . Save the file as gmer.txt and copy the information in your next reply. Note: If you have any problems, try running GMER in SAFE MODE Important! Please do not select the " Show all " checkbox during the scan. .
Please post the GMER log and CKFiles.txt along with OTL.txt and Extras.txt from the OTL scan into your next reply.
Re: Windows XP defender.
by the_big_d » May 19th, 2010, 5:03 am.
Re: Windows XP defender.
by deltalima » May 19th, 2010, 6:10 am.
If you still have problems with the GMER scan then.
Scan With RKUnHooker.
Please Download Rootkit Unhooker Save it to your desktop. Now double-click on RKUnhookerLE.exe to run it. Click the Report tab, then click Scan . Check (Tick) Drivers, Stealth, Files, Code Hooks . Uncheck the rest. then Click OK . Wait till the scanner has finished and then click File, Save Report . Save the report somewhere where you can find it. Click Close . Copy the entire contents of the report and paste it in a reply here. Please post the log from RKUnHooker , CKFiles.txt along with OTL.txt and Extras.txt from the OTL scan into your next reply.
Re: Windows XP defender.
by the_big_d » May 20th, 2010, 8:58 am.
Had to run the GMER in safe mode, got it eventually.
CKScanner - Additional Security Risks - These are not necessarily bad c:\documents and settings\all users\documents\pp2000_keygen_release\instruction key.txt c:\documents and settings\all users\documents\pp2000_keygen_release\pp2000_keygen_release.exe c:\documents and settings\nickynew\desktop\screensavers\goldfish aquarium 1.0\goldfish keygen.url c:\documents and settings\nickynew\desktop\screensavers\real screensaver stuff\sharks keygen.exe c:\documents and settings\nickynew\desktop\screensavers\serene screen marine aquarium\marine aquarium keygen.url c:\documents and settings\nickynew\desktop\screensavers\sharks, terrors of the deep v.1.0\sharks keygen.url c:\documents and settings\nickynew\my documents\locks\lockpicking books part 1\safelocks - safecracking for the computer scientist.pdf c:\documents and settings\nickynew\my documents\locks\lockpicking books part 2\cracking 1988-1990 master locks.doc c:\documents and settings\nickynew\start menu\programs\winrar\rar password cracker v4.11.lnk c:\program files\ahead\keygen\nero8x.exe c:\program files\progs\magic dvd ripper 4.2 + crack\magic dvd ripper 4.2.rar c:\program files\progs\magic dvd ripper 4.2 + crack\magicdvdripper42a.exe c:\program files\progs\magic dvd ripper 4.2 + crack\paste cracks into program file enjoy\magicdvdripper.exe c:\program files\progs\magic dvd ripper 4.2 + crack\paste cracks into program file enjoy\magicdvdripper.ini c:\program files\winrar\rar password cracker v4.11\rarpasswordcrackerv4.11readme.txt c:\program files\winrar\rar password cracker v4.11\rpc.exe c:\program files\winrar\rar password cracker v4.11\special.chr scanner sequence 3.GJ.11 ----- EOF -----
OTL logfile created on: 18/05/2010 13:03:23 - Run 1 OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\NickyNew\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy.
959.00 Mb Total Physical Memory | 335.00 Mb Available Physical Memory | 35.00% Memory free 2.00 Gb Paging File | 1.00 Gb Available in Paging File | 51.00% Paging File free Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97.65 Gb Total Space | 16.07 Gb Free Space | 16.45% Space Free | Partition Type: NTFS Drive D: | 135.22 Gb Total Space | 12.17 Gb Free Space | 9.00% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive K: | 931.51 Gb Total Space | 559.22 Gb Free Space | 60.03% Space Free | Partition Type: NTFS.
Computer Name: NICKY_PC Current User Name: NickyNew Logged in as Administrator.
Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal.
PRC - C:\Documents and Settings\NickyNew\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia) PRC - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia) PRC - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom) PRC - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia) PRC - C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe (Nokia) PRC - C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia) PRC - C:\Program Files\LogMeIn\x86\ramaint.exe (LogMeIn, Inc.) PRC - C:\Program Files\LogMeIn\x86\LMIGuardian.exe (LogMeIn, Inc.) PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) PRC - C:\Program Files\Windows Live\Toolbar\wltuser.exe (Microsoft Corporation) PRC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe (Seagate Technology LLC) PRC - C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\APPLIC\FIREBIRD\bin\fbserver.exe (The Firebird Project) PRC - C:\APPLIC\FIREBIRD\bin\fbguard.exe (The Firebird Project) PRC - C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation) PRC - C:\Program Files\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation) PRC - C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation) PRC - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation) PRC - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation) PRC - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation) PRC - C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation) PRC - C:\Program Files\Belkin\Bluetooth Software\BTTray.exe (Broadcom Corporation.) PRC - C:\Program Files\Belkin\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.) PRC - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
MOD - C:\Documents and Settings\NickyNew\Desktop\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
SRV - (CLTNetCnService) -- File not found SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom) SRV - (LMIMaint) -- C:\Program Files\LogMeIn\x86\RaMaint.exe (LogMeIn, Inc.) SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) SRV - (FreeAgentGoNext Service) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe (Seagate Technology LLC) SRV - (LogMeIn) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.) SRV - (Autodata Limited License Service) -- C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe (Autodata Limited) SRV - (FirebirdServerDefaultInstance) -- C:\APPLIC\FIREBIRD\bin\fbserver.exe (The Firebird Project) SRV - (FirebirdGuardianDefaultInstance) -- C:\APPLIC\FIREBIRD\bin\fbguard.exe (The Firebird Project) SRV - (SavRoam) -- C:\Program Files\Symantec AntiVirus\SavRoam.exe (symantec) SRV - (Symantec AntiVirus) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation) SRV - (DefWatch) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation) SRV - (SPBBCSvc) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation) SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation) SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation) SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE (Symantec Corporation) SRV - (awhost32) -- C:\Program Files\Symantec\pcAnywhere\awhost32.exe (Symantec Corporation) SRV - (SNDSrvc) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (Symantec Corporation) SRV - (btwdins) -- C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
DRV - (NAVEX15) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100514.005\NAVEX15.SYS (Symantec Corporation) DRV - (NAVENG) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100514.005\NAVENG.SYS (Symantec Corporation) DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia) DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia) DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia) DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia) DRV - (nmwcdnsu) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys (Nokia) DRV - (nmwcdnsuc) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys (Nokia) DRV - (LMIRfsClientNP) -- C:\WINDOWS\system32\LMIRfsClientNP.dll (LogMeIn, Inc.) DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\eengine\eeCtrl.sys (Symantec Corporation) DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\eengine\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia) DRV - (LMIRfsDriver) -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.) DRV - (LMIInfo) -- C:\Program Files\LogMeIn\x86\rainfo.sys (LogMeIn, Inc.) DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys () DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation) DRV - (VCommUSB) -- C:\WINDOWS\system32\drivers\VCommUSB.sys (ACTIA) DRV - (SCDEmu) -- C:\WINDOWS\system32\drivers\scdemu.sys (PowerISO Computing, Inc.) DRV - (SymEvent) -- C:\Program Files\Symantec\SYMEVENT.SYS (Symantec Corporation) DRV - (SE27obex) -- C:\WINDOWS\system32\drivers\SE27obex.sys (MCCI) DRV - (SE27mgmt) Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\SE27mgmt.sys (MCCI) DRV - (SE27mdm) -- C:\WINDOWS\system32\drivers\SE27mdm.sys (MCCI) DRV - (SE27mdfl) -- C:\WINDOWS\system32\drivers\SE27mdfl.sys (MCCI) DRV - (SE27bus) Sony Ericsson Device 039 Driver driver (WDM) -- C:\WINDOWS\system32\drivers\SE27bus.sys (MCCI) DRV - (se27unic) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM) -- C:\WINDOWS\system32\drivers\se27unic.sys (MCCI) DRV - (se27nd5) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS) -- C:\WINDOWS\system32\drivers\se27nd5.sys (MCCI) DRV - (SPBBCDrv) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.) DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation) DRV - (SYMREDRV) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation) DRV - (SAVRTPEL) -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys (Symantec Corporation) DRV - (SAVRT) -- C:\Program Files\Symantec AntiVirus\savrt.sys (Symantec Corporation) DRV - (AW_HOST) -- C:\WINDOWS\system32\drivers\AW_HOST5.sys (Symantec Corporation) DRV - (BLKWGU(Belkin)) Belkin Wireless G USB Network Adapter(Belkin) -- C:\WINDOWS\system32\drivers\BLKWGU.sys (Belkin Corporation) DRV - (awecho) -- C:\WINDOWS\system32\drivers\awechomd.sys (Symantec Corporation) DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.) DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.) DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.) DRV - (btwmodem) -- C:\WINDOWS\system32\drivers\btwmodem.sys (Broadcom Corporation.) DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.) DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.) DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.) DRV - (m5287) -- C:\WINDOWS\system32\drivers\m5287.sys (ULi Electronics Inc.) DRV - (k750obex) -- C:\WINDOWS\system32\drivers\k750obex.sys (MCCI) DRV - (k750mgmt) -- C:\WINDOWS\system32\drivers\k750mgmt.sys (MCCI) DRV - (k750mdm) -- C:\WINDOWS\system32\drivers\k750mdm.sys (MCCI) DRV - (k750mdfl) -- C:\WINDOWS\system32\drivers\k750mdfl.sys (MCCI) DRV - (k750bus) Sony Ericsson 750 driver (WDM) -- C:\WINDOWS\system32\drivers\k750bus.sys (MCCI) DRV - (BlueletAudio) -- C:\WINDOWS\system32\drivers\blueletaudio.sys (IVT Corporation) DRV - (Btcsrusb) -- C:\WINDOWS\system32\drivers\btcusb.sys (IVT Corporation) DRV - (VHidMinidrv) -- C:\WINDOWS\system32\drivers\VHIDMini.sys (IVT Corporation) DRV - (BTHidEnum) -- C:\WINDOWS\system32\drivers\vbtenum.sys () DRV - (BTHidMgr) -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys (IVT Corporation) DRV - (BT) -- C:\WINDOWS\system32\drivers\BtNetDrv.sys (IVT Corporation) DRV - (VcommMgr) -- C:\WINDOWS\system32\drivers\VcommMgr.sys (IVT Corporation) DRV - (ULI5261XP) -- C:\WINDOWS\system32\drivers\ULILAN51.SYS (ULi Electronics Inc.) DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows (R) Server 2003 DDK provider) DRV - (BTNetFilter) -- C:\WINDOWS\system32\drivers\BTNetFilter.sys () DRV - (ZDPSp50) -- C:\WINDOWS\system32\drivers\ZDPSp50.sys (Printing Communications Assoc., Inc. (PCAUSA)) DRV - (VComm) -- C:\WINDOWS\system32\drivers\VComm.sys (IVT Corporation) DRV - (FADVR800) -- C:\WINDOWS\system32\drivers\FADVR800.sys (Hyosung Inc.) DRV - (awlegacy) -- C:\WINDOWS\System32\Drivers\awlegacy.sys (Symantec Corporation) DRV - (bkn50USB) -- C:\WINDOWS\system32\drivers\rt2500usb.sys (Ralink Technology Inc.) DRV - (Gernuwa) -- C:\WINDOWS\system32\drivers\GERNUWA.sys (Symantec Corporation) DRV - (wceusbsh) -- C:\WINDOWS\system32\drivers\wceusbsh.sys (Windows (R) 2000 DDK provider) DRV - (cg300Au) -- C:\WINDOWS\system32\drivers\cg300Au.sys (Daheng Imavision Inc.) DRV - (cg300) -- C:\WINDOWS\system32\drivers\cg300vc.sys (Daheng Imavision Inc.) DRV - (AliIde) -- C:\WINDOWS\System32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation) DRV - (irsir) -- C:\WINDOWS\system32\drivers\irsir.sys (Microsoft Corporation) DRV - (sw878b) -- C:\WINDOWS\system32\drivers\sw878b.sys () DRV - (Asushwio) -- C:\WINDOWS\system32\drivers\ASUSHWIO.SYS () DRV - (sw848b) -- C:\WINDOWS\system32\drivers\sw848b.sys ()
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0.
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0.
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/av . _homepage/ IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0.
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/av . _homepage/ IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0.
IE - HKU\S-1-5-21-527237240-2052111302-839522115-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ IE - HKU\S-1-5-21-527237240-2052111302-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0.
FF - HKLM\software\mozilla\Firefox\Extensions\\ : C:\Program Files\Real\RealPlayer\browserrecord [2008/05/25 09:00:46 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/04/05 10:51:29 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\ : C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010/04/14 21:16:39 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\ : C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010/04/14 21:16:40 | 000,000,000 | ---D | M]
[2009/07/04 11:31:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NickyNew\Application Data\Mozilla\Extensions [2008/05/02 20:13:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NickyNew\Application Data\Mozilla\Extensions\[email protected] [2009/07/04 11:31:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NickyNew\Application Data\Mozilla\Extensions\[email protected].
O1 HOSTS File: ([2008/06/21 23:20:21 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (HP Print Enhancer) - - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) O2 - BHO: (Adobe PDF Reader Link Helper) - - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (no name) - - No CLSID value found. O2 - BHO: (Search Helper) - - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Windows Live Toolbar Helper) - - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O2 - BHO: (HP Smart BHO Class) - - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Adobe PDF) - - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKU\S-1-5-21-527237240-2052111302-839522115-1007\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKU\S-1-5-21-527237240-2052111302-839522115-1007\..\Toolbar\WebBrowser: (Adobe PDF) - - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation) O4 - HKU\S-1-5-21-527237240-2052111302-839522115-1007..\Run: [] File not found O4 - HKLM..\RunServices: [AWGateway] C:\Program Files\Symantec\pcAnywhere Gateway\AWGateway.exe File not found O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\Belkin\Bluetooth Software\BTTray.exe (Broadcom Corporation.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: H >O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: H >O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: H >O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-527237240-2052111302-839522115-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-527237240-2052111302-839522115-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-527237240-2052111302-839522115-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Blog This - - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Show or hide HP Smart Web Printing - - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.) O16 - DPF: http://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Key error.) O16 - DPF: http://download.microsoft.com/download/ . arth3D.cab (SentinelVE3D Class) O16 - DPF: http://fpdownload.macromedia.com/pub/sh . tor/sw.cab (Shockwave ActiveX Control) O16 - DPF: C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support) O16 - DPF: http://office.microsoft.com/officeupdat . /opuc3.cab (Office Update Installation Engine) O16 - DPF: http://download.microsoft.com/download/ . arth3D.cab (SentinelProxy Class) O16 - DPF: http://tools.ebayimg.com/eps/wl/activex . 0-3-48.cab (EPUImageControl Class) O16 - DPF: http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab (MSN Photo Upload Tool) O16 - DPF: http://update.microsoft.com/windowsupda . 3414896609 (WUWebControl Class) O16 - DPF: http://java.sun.com/update/1.6.0/jinsta . s-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: http://fpdownload.macromedia.com/get/fl . rashim.cab (Reg Error: Key error.) O16 - DPF: http://80.26.142.38/cab/OCXChecker_8120.cab (OCXDownloadChecker Control) O16 - DPF: http://213.175.242.21/wpp/boots/app/opcuploader.cab (Image Uploader 3.0 Control) O16 - DPF: http://java.sun.com/update/1.6.0/jinsta . s-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: http://java.sun.com/update/1.6.0/jinsta . s-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: http://java.sun.com/update/1.6.0/jinsta . s-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: http://java.sun.com/update/1.6.0/jinsta . s-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: http://java.sun.com/update/1.6.0/jinsta . s-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: http://download.macromedia.com/pub/shoc . wflash.cab (Shockwave Flash Object) O16 - DPF: http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: http://chat.yahoo.com/cab/yvwrctl.cab (Yahoo! Webcam Viewer Wrapper) O16 - DPF: http://gfx1.hotmail.com/mail/w4/pr01/ph . NPUpld.cab (Windows Live Hotmail Photo Upload Tool) O16 - DPF: http://by102fd.bay102.hotmail.msn.com/a . Atchmt.ocx (Hotmail Attachments Control) O16 - DPF: https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control) O16 - DPF: DirectAnimation Java Classes file://C :\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C :\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\wlmailhtml - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.) O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation) O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found O24 - Desktop WallPaper: C:\Documents and Settings\NickyNew\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\NickyNew\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/07/19 00:12:33 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009/02/06 18:27:06 | 000,000,067 | ---- | M] () - K:\autorun.inf -- [ NTFS ] O33 - MountPoints2\ \Shell\AutoRun\command - "" = L:\InstallTomTomHOME.exe -- File not found O33 - MountPoints2\ \Shell - "" = AutoRun O33 - MountPoints2\ \Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\ \Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found O33 - MountPoints2\ \Shell - "" = AutoRun O33 - MountPoints2\ \Shell\AutoRun - "" = Auto&Play O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\. com [@ = comfile] -- "%1" %* O37 - HKLM\. exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010/05/18 04:58:03 | 000,571,392 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\NickyNew\Desktop\OTL.exe [2010/05/16 08:16:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia [2010/05/16 08:16:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe [2010/05/15 02:13:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Real [2010/05/14 18:12:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe [2010/05/13 13:46:33 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution [2010/05/13 13:45:28 | 000,137,344 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdnsu.sys [2010/05/13 13:45:28 | 000,008,320 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdnsuc.sys [2010/05/13 13:45:27 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys [2010/05/13 13:45:26 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys [2010/05/13 13:45:25 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfcoinstaller01009.dll [2010/05/13 13:45:25 | 000,662,016 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll [2010/05/13 13:45:25 | 000,022,528 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys [2010/05/13 13:45:25 | 000,018,176 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys [2010/05/12 12:12:41 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe [2010/05/10 20:57:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS [2010/05/08 00:23:49 | 000,753,664 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\Ir50_32.dll [2010/05/08 00:23:49 | 000,413,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MPG4C32.dll [2010/05/08 00:23:49 | 000,212,992 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\Ir50_qc.dll [2010/05/08 00:23:49 | 000,196,608 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\Ir50_qcx.dll [2010/05/08 00:23:45 | 000,000,000 | ---D | C] -- C:\Program Files\Peaqe [2010/05/07 22:56:02 | 000,000,000 | ---D | C] -- C:\Program Files\DICO-800 [2010/05/07 22:55:50 | 000,031,787 | ---- | C] (Hyosung Inc.) -- C:\WINDOWS\System32\drivers\FADVR800.sys [2010/05/06 16:15:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Google [2010/04/27 00:51:35 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2010/04/26 23:26:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\down [2010/04/25 00:19:14 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\NickyNew\Desktop\HiJackThis.exe [2010/04/24 07:21:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun [2010/04/23 12:36:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NickyNew\Local Settings\Application Data\avG [2010/04/23 12:36:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avG [2010/04/22 23:12:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia [2010/04/22 23:12:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [13 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/05/18 12:15:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/05/18 04:58:08 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\NickyNew\Desktop\OTL.exe [2010/05/18 04:57:49 | 000,451,584 | ---- | M] () -- C:\Documents and Settings\NickyNew\Desktop\CKScanner.exe [2010/05/17 16:15:01 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/05/17 13:43:27 | 000,002,391 | ---- | M] () -- C:\Documents and Settings\NickyNew\Desktop\Microsoft AutoRoute 2007.lnk [2010/05/17 12:19:51 | 008,388,608 | -H-- | M] () -- C:\Documents and Settings\NickyNew\NTUSER.DAT [2010/05/17 05:19:40 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk [2010/05/16 18:45:01 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/05/16 18:44:58 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/05/16 18:44:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/05/16 18:42:59 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\NickyNew\ntuser.ini [2010/05/16 13:12:39 | 000,181,760 | ---- | M] () -- C:\Documents and Settings\NickyNew\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/05/16 05:10:46 | 000,004,096 | ---- | M] () -- C:\WINDOWS\System32\crash [2010/05/16 05:10:08 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/05/16 03:27:00 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\Driver Robot.job [2010/05/15 12:40:38 | 003,765,694 | ---- | M] () -- C:\Documents and Settings\NickyNew\Desktop\CIMG1961.JPG [2010/05/15 12:40:28 | 003,761,777 | ---- | M] () -- C:\Documents and Settings\NickyNew\Desktop\CIMG1960.JPG [2010/05/15 05:08:37 | 001,104,552 | -H-- | M] () -- C:\Documents and Settings\NickyNew\Local Settings\Application Data\IconCache.db [2010/05/14 14:42:24 | 000,513,636 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/05/14 14:42:24 | 000,449,586 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/05/14 14:42:24 | 000,074,586 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/05/14 14:38:30 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010/05/13 17:55:27 | 000,002,453 | ---- | M] () -- C:\Documents and Settings\NickyNew\Desktop\HiJackThis.lnk [2010/05/13 13:53:06 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf [2010/05/13 13:53:05 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf [2010/05/13 13:43:52 | 000,001,855 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nokia Software Updater.lnk [2010/05/13 05:16:54 | 000,001,192 | ---- | M] () -- C:\WINDOWS\win.ini [2010/05/13 05:13:47 | 002,000,155 | ---- | M] () -- C:\WINDOWS\iis6.BAK [2010/05/12 14:58:58 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010/05/12 12:27:13 | 000,506,365 | ---- | M] () -- C:\Documents and Settings\NickyNew\My Documents\voting.pdf [2010/05/09 00:12:53 | 000,000,743 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VTV Digital Surveillance.LNK [2010/05/05 16:24:57 | 000,007,032 | -HS- | M] () -- C:\Documents and Settings\NickyNew\Local Settings\Application Data\N0648V7xgb7 [2010/05/05 16:24:57 | 000,007,032 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\N0648V7xgb7 [2010/04/26 23:45:58 | 000,000,281 | RHS- | M] () -- C:\boot.ini [2010/04/26 23:45:58 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2010/04/26 23:27:05 | 001,342,464 | ---- | M] () -- C:\WINDOWS\System32\drivers\down\5810718.exe [2010/04/25 00:19:18 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\NickyNew\Desktop\HiJackThis.exe [2010/04/25 00:18:22 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\NickyNew\Desktop\HiJackThis.msi [2010/04/25 00:06:58 | 000,000,356 | ---- | M] () -- C:\Documents and Settings\NickyNew\Desktop\fix.reg [2010/04/24 07:25:25 | 000,007,604 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\O5poq8wPv8FxG [2010/04/23 13:09:19 | 000,006,922 | -HS- | M] () -- C:\Documents and Settings\NickyNew\Local Settings\Application Data\q841 [2010/04/23 13:09:19 | 000,006,922 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\q841 [2010/04/22 23:19:12 | 000,008,932 | -HS- | M] () -- C:\Documents and Settings\NickyNew\Local Settings\Application Data\Mi715R2 [2010/04/22 23:19:12 | 000,008,932 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\Mi715R2 [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [13 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/05/18 04:57:48 | 000,451,584 | ---- | C] () -- C:\Documents and Settings\NickyNew\Desktop\CKScanner.exe [2010/05/17 05:19:40 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk [2010/05/15 18:43:08 | 003,765,694 | ---- | C] () -- C:\Documents and Settings\NickyNew\Desktop\CIMG1961.JPG [2010/05/15 18:43:08 | 003,761,777 | ---- | C] () -- C:\Documents and Settings\NickyNew\Desktop\CIMG1960.JPG [2010/05/13 13:53:06 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf [2010/05/13 13:53:05 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf [2010/05/12 12:27:13 | 000,506,365 | ---- | C] () -- C:\Documents and Settings\NickyNew\My Documents\voting.pdf [2010/05/08 00:24:04 | 000,000,743 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VTV Digital Surveillance.LNK [2010/05/08 00:23:57 | 000,029,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\sw848b.sys [2010/05/08 00:23:57 | 000,010,148 | ---- | C] () -- C:\WINDOWS\System32\drivers\sw878b.sys [2010/05/08 00:23:49 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\ComConnect.drv [2010/05/08 00:23:49 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\Logon.drv [2010/05/08 00:23:49 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\DSRCfg.cpl [2010/05/08 00:23:49 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\PTZVICON_SURVEYOR99.drv [2010/05/08 00:23:49 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\PTZULTRAK_KD6.drv [2010/05/08 00:23:49 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\PTZUEL_MV961A.drv [2010/05/08 00:23:49 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\PTZUEL_MV912RS.drv [2010/05/08 00:23:49 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\PTZPHILIPS_AUTODOME.drv [2010/05/08 00:23:49 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\PTZPELCO_SPECTRA.drv [2010/05/08 00:23:49 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\PTZPELCO_ASCII.drv [2010/05/08 00:23:49 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\PTZKALATEL_KTD312.drv [2010/05/06 16:15:32 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\crash [2010/04/27 00:51:36 | 000,002,453 | ---- | C] () -- C:\Documents and Settings\NickyNew\Desktop\HiJackThis.lnk [2010/04/27 00:17:38 | 000,000,356 | ---- | C] () -- C:\Documents and Settings\NickyNew\Desktop\fix.reg [2010/04/26 23:27:00 | 001,342,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\down\5810718.exe [2010/04/26 23:26:37 | 000,007,032 | -HS- | C] () -- C:\Documents and Settings\NickyNew\Local Settings\Application Data\N0648V7xgb7 [2010/04/26 23:26:37 | 000,007,032 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\N0648V7xgb7 [2010/04/25 00:18:15 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\NickyNew\Desktop\HiJackThis.msi [2010/04/24 07:22:22 | 000,007,604 | -HS- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\O5poq8wPv8FxG [2010/04/24 07:22:22 | 000,007,604 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\O5poq8wPv8FxG [2010/04/23 12:36:03 | 000,006,922 | -HS- | C] () -- C:\Documents and Settings\NickyNew\Local Settings\Application Data\q841 [2010/04/23 12:36:03 | 000,006,922 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\q841 [2010/04/22 22:45:05 | 000,008,932 | -HS- | C] () -- C:\Documents and Settings\NickyNew\Local Settings\Application Data\Mi715R2 [2010/04/22 22:45:05 | 000,008,932 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\Mi715R2 [2009/07/03 03:42:59 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009/07/03 03:42:58 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2009/07/03 03:42:56 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2009/07/03 03:42:54 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009/07/03 03:42:54 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009/07/02 02:18:23 | 000,002,937 | ---- | C] () -- C:\WINDOWS\System32\drivers\VGACard.sys [2008/06/15 23:54:01 | 000,716,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2008/05/25 09:24:14 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2008/05/17 23:30:29 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2008/02/14 17:26:05 | 000,027,648 | ---- | C] () -- C:\WINDOWS\SPELMATE.DLL [2007/10/24 22:43:10 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2007/09/24 12:44:18 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\DetectIRDA.dll [2007/09/22 09:08:04 | 000,000,964 | ---- | C] () -- C:\WINDOWS\ARCHPR.INI [2007/09/15 14:47:31 | 000,000,034 | ---- | C] () -- C:\WINDOWS\pcaw.ini [2007/08/06 12:07:30 | 000,462,848 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll [2007/06/24 23:39:32 | 000,000,461 | ---- | C] () -- C:\WINDOWS\wininit.ini [2007/06/13 21:49:15 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\rqddjvkv.ini [2007/06/07 21:26:33 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll [2007/04/10 19:38:11 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2007/02/10 14:23:05 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI [2007/01/15 19:49:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI [2006/11/12 18:03:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI [2006/10/19 22:31:33 | 000,001,082 | ---- | C] () -- C:\WINDOWS\psmplay.ini [2006/09/04 00:19:28 | 000,011,860 | ---- | C] () -- C:\WINDOWS\System32\drivers\vbtenum.sys [2006/08/24 00:00:10 | 000,013,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\BTNetFilter.sys [2006/08/11 01:47:16 | 000,000,022 | ---- | C] () -- C:\WINDOWS\kodakpcd.Nicky.ini [2006/07/19 01:51:38 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2006/07/19 01:31:16 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006/07/19 01:13:23 | 000,135,168 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2006/07/19 01:06:19 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2005/08/24 13:56:04 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll [2005/07/12 14:44:42 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL [2004/03/23 16:38:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll [2002/05/15 23:29:04 | 000,000,607 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest [2001/11/23 18:18:00 | 000,000,597 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest [2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll.
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:466F9D5D.
OTL Extras logfile created on: 18/05/2010 13:03:23 - Run 1 OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\NickyNew\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy.
959.00 Mb Total Physical Memory | 335.00 Mb Available Physical Memory | 35.00% Memory free 2.00 Gb Paging File | 1.00 Gb Available in Paging File | 51.00% Paging File free Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97.65 Gb Total Space | 16.07 Gb Free Space | 16.45% Space Free | Partition Type: NTFS Drive D: | 135.22 Gb Total Space | 12.17 Gb Free Space | 9.00% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive K: | 931.51 Gb Total Space | 559.22 Gb Free Space | 60.03% Space Free | Partition Type: NTFS.
Computer Name: NICKY_PC Current User Name: NickyNew Logged in as Administrator.
Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ \shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" %* txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusOverr >"FirewallOverr >"AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 1.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1.

https://caribbeanfever.com/photo/acdsee-pro-crack-download?context=...