coolpics.com trashed my system

Discussion in 'malware problems & news' started by crazy_cool2k, Nov 1, 2006.

Thread Status:
Not open for further replies.
Page 2 of 2
  1. alaala2010

    alaala2010 Registered Member

    Joined:
    Nov 20, 2006
    Posts:
    4
    good afternoon! i need help, too, about this coolpics.com. you probably know by now how i got it: offline/status message of a person i know via ym, clicked on it and my cyber life is now a mess. i had my windows xp reinstalled, and for a while it was ok. i just had to reinstall yahoo messenger (which by that time, the only available version is version :cool:. after a few moments of seemingly uninterrupted surfing, my browser (IE) just can't open up any site that i type. occasionally i am able to go to some site (like this one) but that's just once in a blue moon.

    can anybody help me? my cyberlife has now turned into a nightmare.

    btw, i had opera & mozilla firefox (the latest version) installed, thinking it was probably my browser. but then, it was just the same. i had the two uninstalled now, same with yahoo messenger 8.

    um, i am not much of a technical person so if you can give me simple instructions, i will thank you with all i have.
     
    alaala2010, Nov 20, 2006
    #26
  2. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,491
    Location:
    Netherlands
    Pieter_Arntz, Nov 20, 2006
    #27
  3. danny_co

    danny_co Registered Member

    Joined:
    Nov 21, 2006
    Posts:
    1
    H E L P me!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

    I followed all yours instructions, but my system is still virused (my home page is coolpics, i havent' access tu the "run" command, no task manager...)
    Please help me!

    Do you want to post the logs??

    Dan
     
    Last edited by a moderator: Nov 21, 2006
    danny_co, Nov 21, 2006
    #28
  4. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,491
    Location:
    Netherlands
    Hi danny_co,

    If you still have problems after running the BFU script, please start your own thread and post the combofix-log.

    Regards,

    Pieter
     
    Pieter_Arntz, Nov 21, 2006
    #29
  5. alaala2010

    alaala2010 Registered Member

    Joined:
    Nov 20, 2006
    Posts:
    4
    hey pieter! did the combofix.exe scan and below is the log. i cant see the line you mentioned but nonetheless i will proceed to the BFU now. if in any case you think i shouldn't, please PM me. im online now and my yahoo id is sunognakanin.

    Code:
    Nerissa - 06-11-23 20:10:21.78    Service Pack 2
ComboFix 06.11.22 - Running from: "C:\Documents and Settings\Nerissa\Desktop"

(((((((((((((((((((((((((((((((   Files Created from 2006-10-23 to 2006-11-23  ))))))))))))))))))))))))))))))))))
 
 
2006-11-22	13:56	9,600	--a------	C:\WINDOWS\system32\drivers\hidusb.sys
2006-11-22	13:56	12,160	--a------	C:\WINDOWS\system32\drivers\mouhid.sys
2006-11-22	00:23	<DIR>	d--------	C:\Program Files\MSXML 4.0
2006-11-21	22:20	<DIR>	d--------	C:\scan copy
2006-11-19	22:53	<DIR>	d--hs----	C:\RECYCLER
2006-11-19	15:15	<DIR>	d--------	C:\WINDOWS\pss
2006-11-19	00:33	<DIR>	d--------	C:\Program Files\QuickTime
2006-11-19	00:33	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\Apple Computer
2006-11-19	00:15	<DIR>	d--------	C:\ABomber
2006-11-12	22:35	<DIR>	d--------	C:\Documents and Settings\Nerissa\Application Data\Help
2006-11-12	20:52	26,496	--a------	C:\WINDOWS\system32\drivers\USBSTOR.SYS
2006-11-12	12:03	<DIR>	d--------	C:\Program Files\Disc2Phone
2006-11-12	11:57	<DIR>	dr--s----	C:\WINDOWS\assembly
2006-11-12	11:57	<DIR>	d--------	C:\WINDOWS\system32\URTTemp
2006-11-12	11:57	<DIR>	d--------	C:\WINDOWS\Microsoft.NET
2006-11-12	11:55	<DIR>	d--------	C:\Program Files\Sony Ericsson
2006-11-12	11:55	<DIR>	d--------	C:\Program Files\Common Files\Teleca Shared
2006-11-12	11:55	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\Sony Ericsson
2006-11-12	11:54	<DIR>	d--------	C:\WINDOWS\Downloaded Installations
2006-11-12	11:44	<DIR>	d--h-----	C:\Program Files\InstallShield Installation Information
2006-11-12	11:44	<DIR>	d--------	C:\Program Files\FaxTools
2006-11-12	11:44	<DIR>	d--------	C:\Program Files\ABBYY FineReader 6.0
2006-11-12	11:44	<DIR>	d--------	C:\Program Files\ABBYY FineReader 5.0 Sprint
2006-11-12	11:44	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\BVRP Software
2006-11-12	11:43	<DIR>	d--------	C:\Program Files\Common Files\InstallShield
2006-11-12	11:38	90,112	--a------	C:\WINDOWS\system32\LXBKCUR.DLL
2006-11-12	11:38	87,040	--a------	C:\WINDOWS\system32\wiafbdrv.dll
2006-11-12	11:38	86,016	--a------	C:\WINDOWS\system32\LXBKIH.EXE
2006-11-12	11:38	77,824	--a------	C:\WINDOWS\system32\LXBKLCNP.DLL
2006-11-12	11:38	73,728	--a------	C:\WINDOWS\system32\lxbkpwr.dll
2006-11-12	11:38	69,632	--a------	C:\WINDOWS\system32\LXBKCU.DLL
2006-11-12	11:38	544,768	--a------	C:\WINDOWS\system32\LXBKLSNT.EXE
2006-11-12	11:38	40,960	--a------	C:\WINDOWS\system32\lxbkvs.dll
2006-11-12	11:38	40,960	--a------	C:\WINDOWS\system32\INSTMON.EXE
2006-11-12	11:38	303,104	--a------	C:\WINDOWS\system32\LEXBCES.EXE
2006-11-12	11:38	286,720	--a------	C:\WINDOWS\system32\LXBKPMNT.DLL
2006-11-12	11:38	286,720	--a------	C:\WINDOWS\system32\lxbkcomm.dll
2006-11-12	11:38	217,088	--a------	C:\WINDOWS\system32\LXBKLCNT.DLL
2006-11-12	11:38	201,216	--a------	C:\WINDOWS\system32\LEXP2P32.DLL
2006-11-12	11:38	196,096	--a------	C:\WINDOWS\system32\LEX2KUSB.DLL
2006-11-12	11:38	192,512	--a------	C:\WINDOWS\system32\LEXLMPM.DLL
2006-11-12	11:38	174,592	--a------	C:\WINDOWS\system32\LEXPPS.EXE
2006-11-12	11:38	155,648	--a------	C:\WINDOWS\system32\LEXPING.EXE
2006-11-12	11:38	15,104	--a------	C:\WINDOWS\system32\drivers\usbscan.sys
2006-11-12	11:38	147,456	--a------	C:\WINDOWS\system32\LEXBCE.DLL
2006-11-12	11:38	126,976	--a------	C:\WINDOWS\system32\LXBKCFG.EXE
2006-11-12	11:37	983,101	--a------	C:\WINDOWS\system32\LXBKGF.DLL
2006-11-12	11:37	69,632	--a------	C:\WINDOWS\system32\lxbkscin.dll
2006-11-12	11:37	57,344	--a------	C:\WINDOWS\system32\lxbkcinf.dll
2006-11-12	11:37	49,152	--a------	C:\WINDOWS\system32\lxbkcoin.dll
2006-11-12	11:37	454,656	--a------	C:\WINDOWS\system32\LXBKJSWR.DLL
2006-11-12	11:37	352,256	--a------	C:\WINDOWS\system32\LXBKUTIL.DLL
2006-11-12	11:37	299,520	--a------	C:\WINDOWS\uninst.exe
2006-11-12	11:37	<DIR>	d--------	C:\Program Files\Lexmark X1100 Series
2006-11-12	11:37	<DIR>	d--------	C:\Documents and Settings\Nerissa\WINDOWS
2006-11-12	11:36	884,736	--a------	C:\WINDOWS\system32\msimsg.dll
2006-11-12	11:36	78,848	--a------	C:\WINDOWS\system32\msiexec.exe
2006-11-12	11:36	271,360	--a------	C:\WINDOWS\system32\msihnd.dll
2006-11-12	11:36	25,856	--a------	C:\WINDOWS\system32\drivers\usbprint.sys
2006-11-12	11:36	22,752	--a------	C:\WINDOWS\system32\spupdsvc.exe
2006-11-12	11:36	2,890,240	---------	C:\WINDOWS\system32\msi.dll
2006-11-12	11:36	15,360	--a------	C:\WINDOWS\system32\msisip.dll
2006-11-12	11:36	<DIR>	d--h-----	C:\WINDOWS\$hf_mig$
2006-11-12	11:36	<DIR>	d--------	C:\WINDOWS\system32\PreInstall
2006-11-11	19:49	<DIR>	d--------	C:\WINDOWS\system32\SoftwareDistribution
2006-11-09	01:44	<DIR>	d--------	C:\Program Files\Mozilla Firefox
2006-11-09	01:44	<DIR>	d--------	C:\Documents and Settings\Nerissa\Application Data\Mozilla
2006-11-08	06:56	<DIR>	d--------	C:\logs
2006-11-08	06:56	<DIR>	d--------	C:\Documents and Settings\Nerissa\ChikkaDefault
2006-11-08	06:55	<DIR>	d--------	C:\Program Files\Chikka V4
2006-11-08	06:14	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\Yahoo!
2006-11-08	00:29	93,952	--a------	C:\WINDOWS\system32\drivers\cwcwdm.sys
2006-11-08	00:29	82,944	--a------	C:\WINDOWS\system32\drivers\wdmaud.sys
2006-11-08	00:29	7,552	--a------	C:\WINDOWS\system32\drivers\MSKSSRV.sys
2006-11-08	00:29	60,800	--a------	C:\WINDOWS\system32\drivers\sysaudio.sys
2006-11-08	00:29	6,400	--a------	C:\WINDOWS\system32\drivers\splitter.sys
2006-11-08	00:29	54,272	--a------	C:\WINDOWS\system32\drivers\swmidi.sys
2006-11-08	00:29	52,864	--a------	C:\WINDOWS\system32\drivers\DMusic.sys
2006-11-08	00:29	5,376	--a------	C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2006-11-08	00:29	4,992	--a------	C:\WINDOWS\system32\drivers\MSPQM.sys
2006-11-08	00:29	3,072	--a------	C:\WINDOWS\system32\drivers\audstub.sys
2006-11-08	00:29	2,944	--a------	C:\WINDOWS\system32\drivers\drmkaud.sys
2006-11-08	00:29	172,416	--a------	C:\WINDOWS\system32\drivers\kmixer.sys
2006-11-08	00:29	142,464	--a------	C:\WINDOWS\system32\drivers\aec.sys
2006-11-08	00:28	86,016	--a------	C:\WINDOWS\system32\mdmxsdk.dll
2006-11-08	00:28	74,240	--a------	C:\WINDOWS\system32\usbui.dll
2006-11-08	00:28	685,056	--a------	C:\WINDOWS\system32\drivers\HSFCXTS2.sys
2006-11-08	00:28	60,288	--a------	C:\WINDOWS\system32\drivers\drmk.sys
2006-11-08	00:28	57,472	--a------	C:\WINDOWS\system32\drivers\redbook.sys
2006-11-08	00:28	42,240	--a------	C:\WINDOWS\system32\drivers\VIAAGP.SYS
2006-11-08	00:28	4,274,816	--a------	C:\WINDOWS\system32\nv4_disp.dll
2006-11-08	00:28	4,096	--a------	C:\WINDOWS\system32\ksuser.dll
2006-11-08	00:28	32,285	--a------	C:\WINDOWS\system32\HSFCISP2.dll
2006-11-08	00:28	3,584	--a------	C:\WINDOWS\system32\drivers\cwcos.sys
2006-11-08	00:28	220,032	--a------	C:\WINDOWS\system32\drivers\HSFBS2S2.sys
2006-11-08	00:28	2,944	--a------	C:\WINDOWS\system32\drivers\msmpu401.sys
2006-11-08	00:28	145,792	--a------	C:\WINDOWS\system32\drivers\portcls.sys
2006-11-08	00:28	111,872	--a------	C:\WINDOWS\system32\drivers\cwcspud.sys
2006-11-08	00:28	11,868	--a------	C:\WINDOWS\system32\drivers\mdmxsdk.sys
2006-11-08	00:28	10,624	--a------	C:\WINDOWS\system32\drivers\gameenum.sys
2006-11-08	00:28	1,897,408	--a------	C:\WINDOWS\system32\drivers\nv4_mini.sys
2006-11-08	00:28	1,041,536	--a------	C:\WINDOWS\system32\drivers\HSFDPSP2.sys
2006-11-08	00:28	<DIR>	d--------	C:\WINDOWS\cwcdata
2006-11-08	00:26	9,936	--a------	C:\WINDOWS\system\LZEXPAND.DLL
2006-11-08	00:26	9,008	--a------	C:\WINDOWS\system\VER.DLL
2006-11-08	00:26	85,020	--a------	C:\WINDOWS\system32\dgsetup.dll
2006-11-08	00:26	82,944	--a------	C:\WINDOWS\system\OLECLI.DLL
2006-11-08	00:26	8,704	--a------	C:\WINDOWS\system32\batt.dll
2006-11-08	00:26	8,192	-ra------	C:\WINDOWS\system32\kbdhept.dll
2006-11-08	00:26	74,752	--a------	C:\WINDOWS\system32\storprop.dll
2006-11-08	00:26	7,168	-ra------	C:\WINDOWS\system32\kbdcz.dll
2006-11-08	00:26	69,584	--a------	C:\WINDOWS\system\AVICAP.DLL
2006-11-08	00:26	69,120	--a------	C:\WINDOWS\NOTEPAD.EXE
2006-11-08	00:26	68,768	--a------	C:\WINDOWS\system\MMSYSTEM.DLL
2006-11-08	00:26	6,656	-ra------	C:\WINDOWS\system32\kbdycl.dll
2006-11-08	00:26	6,656	-ra------	C:\WINDOWS\system32\kbdsl1.dll
2006-11-08	00:26	6,656	-ra------	C:\WINDOWS\system32\kbdsl.dll
2006-11-08	00:26	6,656	-ra------	C:\WINDOWS\system32\kbdpl.dll
2006-11-08	00:26	6,656	-ra------	C:\WINDOWS\system32\kbdhu.dll
2006-11-08	00:26	6,656	-ra------	C:\WINDOWS\system32\kbdhela3.dll
2006-11-08	00:26	6,656	-ra------	C:\WINDOWS\system32\kbdcz2.dll
2006-11-08	00:26	6,656	-ra------	C:\WINDOWS\system32\kbdcz1.dll
2006-11-08	00:26	6,656	-ra------	C:\WINDOWS\system32\kbdcr.dll
2006-11-08	00:26	6,656	-ra------	C:\WINDOWS\system32\KBDAL.DLL
2006-11-08	00:26	6,144	-ra------	C:\WINDOWS\system32\kbdtuq.dll
2006-11-08	00:26	6,144	-ra------	C:\WINDOWS\system32\kbdtuf.dll
2006-11-08	00:26	6,144	-ra------	C:\WINDOWS\system32\kbdlv1.dll
2006-11-08	00:26	6,144	-ra------	C:\WINDOWS\system32\kbdlv.dll
2006-11-08	00:26	6,144	-ra------	C:\WINDOWS\system32\kbdhela2.dll
2006-11-08	00:26	6,144	-ra------	C:\WINDOWS\system32\kbdgkl.dll
2006-11-08	00:26	6,144	-ra------	C:\WINDOWS\system32\kbdest.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdycc.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbduzb.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdur.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdtat.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdru1.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdru.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdro.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdpl1.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdmon.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdlt1.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdlt.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdkyr.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdkaz.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdhu1.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdhe319.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdhe220.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdhe.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdbu.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdblr.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdazel.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdaze.dll
2006-11-08	00:26	5,120	--a------	C:\WINDOWS\system\SHELL.DLL
2006-11-08	00:26	32,816	--a------	C:\WINDOWS\system\COMMDLG.DLL
2006-11-08	00:26	24,661	--a------	C:\WINDOWS\system32\spxcoins.dll
2006-11-08	00:26	24,064	--a------	C:\WINDOWS\system\OLESVR.DLL
2006-11-08	00:26	19,200	--a------	C:\WINDOWS\system\TAPI.DLL
2006-11-08	00:26	176,157	--a------	C:\WINDOWS\system32\dgrpsetu.dll
2006-11-08	00:26	15,360	--a------	C:\WINDOWS\TASKMAN.EXE
2006-11-08	00:26	13,312	--a------	C:\WINDOWS\system32\irclass.dll
2006-11-08	00:26	126,912	--a------	C:\WINDOWS\system\MSVIDEO.DLL
2006-11-08	00:26	11,264	--a------	C:\WINDOWS\system32\drivers\irenum.sys
2006-11-08	00:26	109,456	--a------	C:\WINDOWS\system\AVIFILE.DLL
2006-11-08	00:26	103,424	--a------	C:\WINDOWS\system32\EqnClass.Dll
2006-11-08	00:26	<DIR>	dr-h-----	C:\Documents and Settings\All Users\Application Data\.
2006-11-08	00:26	<DIR>	dr-h-----	C:\Documents and Settings\All Users\Application Data
2006-11-08	00:26	<DIR>	dr-------	C:\Program Files\Common Files\..
2006-11-08	00:26	<DIR>	dr-------	C:\Program Files\.
2006-11-08	00:26	<DIR>	dr-------	C:\Program Files
2006-11-08	00:26	<DIR>	dr-------	C:\Documents and Settings\All Users\Start Menu
2006-11-08	00:26	<DIR>	dr-------	C:\Documents and Settings\All Users\Documents
2006-11-08	00:26	<DIR>	d--hs----	C:\WINDOWS\Installer
2006-11-08	00:26	<DIR>	d--hs----	C:\Program Files\..
2006-11-08	00:26	<DIR>	d--h-----	C:\Documents and Settings\All Users\Templates
2006-11-08	00:26	<DIR>	d---s----	C:\Documents and Settings\All Users\Application Data\Microsoft
2006-11-08	00:26	<DIR>	d--------	C:\WINDOWS\system32\CatRoot2
2006-11-08	00:26	<DIR>	d--------	C:\WINDOWS\system32\CatRoot
2006-11-08	00:26	<DIR>	d--------	C:\Program Files\Common Files\SpeechEngines
2006-11-08	00:26	<DIR>	d--------	C:\Program Files\Common Files\ODBC
2006-11-08	00:26	<DIR>	d--------	C:\Program Files\Common Files\Microsoft Shared
2006-11-08	00:26	<DIR>	d--------	C:\Program Files\Common Files\.
2006-11-08	00:26	<DIR>	d--------	C:\Program Files\Common Files
2006-11-08	00:26	<DIR>	d--------	C:\Documents and Settings\All Users\Favorites
2006-11-08	00:26	<DIR>	d--------	C:\Documents and Settings\All Users\Desktop
2006-11-08	00:26	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\..
2006-11-08	00:25	<DIR>	d--hs----	C:\System Volume Information
2006-11-08	00:25	<DIR>	d--------	C:\Documents and Settings\All Users\..
2006-11-08	00:25	<DIR>	d--------	C:\Documents and Settings\All Users\.
2006-11-08	00:25	<DIR>	d--------	C:\Documents and Settings
2006-11-08	00:17	<DIR>	dr-hsc---	C:\WINDOWS\system32\dllcache
2006-11-08	00:17	<DIR>	dr--s----	C:\WINDOWS\Fonts
2006-11-08	00:17	<DIR>	dr-------	C:\WINDOWS\Web
2006-11-08	00:17	<DIR>	d--hs----	C:\WINDOWS\..
2006-11-08	00:17	<DIR>	d--h-----	C:\WINDOWS\inf
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\WinSxS
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\twain_32
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\Temp
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\wins
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\wbem
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\usmt
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\spool
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\ShellExt
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\Setup
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\ras
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\oobe
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\npp
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\mui
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\inetsrv
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\IME
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\icsxml
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\ias
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\export
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\drivers\etc
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\drivers\disdn
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\drivers\..
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\drivers\.
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\drivers
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\dhcp
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\config
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\3com_dmi
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\3076
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\2052
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\1054
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\1042
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\1041
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\1037
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\1033
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\1031
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\1028
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\1025
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\..
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\.
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system\..
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system\.
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\security
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\Resources
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\repair
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\Provisioning
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\PeerNet
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\pchealth
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\mui
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\msapps
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\msagent
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\Media
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\java
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\ime
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\Help
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\ehome
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\Driver Cache
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\Debug
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\Cursors
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\Connection Wizard
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\Config
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\AppPatch
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\addins
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\.
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS
2006-11-07	22:07	<DIR>	d--------	C:\Program Files\Opera75
2006-11-07	22:07	<DIR>	d--------	C:\Documents and Settings\Nerissa\Application Data\Opera
2006-11-07	21:36	<DIR>	d--------	C:\Documents and Settings\Nerissa\Application Data\Macromedia
2006-11-07	21:35	<DIR>	dr-h-----	C:\Documents and Settings\Nerissa\Application Data\yahoo!
2006-11-07	21:29	306,688	--a------	C:\WINDOWS\IsUninst.exe
2006-11-07	18:05	<DIR>	d--------	C:\Program Files\Yahoo!
2006-11-07	18:02	<DIR>	d---s----	C:\Documents and Settings\Nerissa\UserData
2006-11-07	17:59	36,224	--a------	C:\WINDOWS\system32\drivers\an983.sys
2006-11-07	17:47	2,670,592	---------	C:\WINDOWS\UNNMP.exe
2006-11-07	17:47	<DIR>	d--------	C:\Program Files\Common Files\Nero
2006-11-07	17:46	476,320	---------	C:\WINDOWS\system32\ImagXpr7.dll
2006-11-07	17:46	471,040	---------	C:\WINDOWS\system32\ImagXRA7.dll
2006-11-07	17:46	364,544	---------	C:\WINDOWS\system32\TwnLib4.dll
2006-11-07	17:46	262,144	---------	C:\WINDOWS\system32\ImagXR7.dll
2006-11-07	17:46	155,648	--a------	C:\WINDOWS\system32\NeroCheck.exe
2006-11-07	17:46	106,496	--a------	C:\WINDOWS\system32\TwnLib20.dll
2006-11-07	17:46	1,568,768	---------	C:\WINDOWS\system32\ImagX7.dll
2006-11-07	17:45	<DIR>	d--------	C:\Program Files\Common Files\Ahead
2006-11-07	17:45	<DIR>	d--------	C:\Program Files\Ahead
2006-11-07	17:42	<DIR>	d--------	C:\Program Files\Microsoft ActiveSync
2006-11-07	17:42	<DIR>	d--------	C:\Program Files\Common Files\Designer
2006-11-07	17:41	<DIR>	d--------	C:\WINDOWS\ShellNew
2006-11-07	17:41	<DIR>	d--------	C:\Program Files\Microsoft Office
2006-11-07	17:26	<DIR>	d--h-----	C:\WINDOWS\PIF
2006-11-07	17:23	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2006-11-07	17:18	91,856	--a------	C:\WINDOWS\system32\S32EVNT1.DLL
2006-11-07	17:18	123,200	--a------	C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2006-11-07	17:18	<DIR>	d--------	C:\Program Files\Symantec
2006-11-07	17:17	<DIR>	d--------	C:\Program Files\Symantec AntiVirus
2006-11-07	17:17	<DIR>	d--------	C:\Program Files\Common Files\Symantec Shared
2006-11-07	17:17	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\Symantec
2006-11-07	16:48	<DIR>	dr-h-----	C:\Documents and Settings\Nerissa\SendTo
2006-11-07	16:48	<DIR>	dr-h-----	C:\Documents and Settings\Nerissa\Recent
2006-11-07	16:48	<DIR>	dr-h-----	C:\Documents and Settings\Nerissa\Application Data\.
2006-11-07	16:48	<DIR>	dr-h-----	C:\Documents and Settings\Nerissa\Application Data
2006-11-07	16:48	<DIR>	dr-------	C:\Documents and Settings\Nerissa\Start Menu
2006-11-07	16:48	<DIR>	dr-------	C:\Documents and Settings\Nerissa\My Documents
2006-11-07	16:48	<DIR>	dr-------	C:\Documents and Settings\Nerissa\Favorites
2006-11-07	16:48	<DIR>	d--h-----	C:\Program Files\Uninstall Information
2006-11-07	16:48	<DIR>	d--h-----	C:\Documents and Settings\Nerissa\Templates
2006-11-07	16:48	<DIR>	d--h-----	C:\Documents and Settings\Nerissa\PrintHood
2006-11-07	16:48	<DIR>	d--h-----	C:\Documents and Settings\Nerissa\NetHood
2006-11-07	16:48	<DIR>	d--h-----	C:\Documents and Settings\Nerissa\Local Settings
2006-11-07	16:48	<DIR>	d---s----	C:\Documents and Settings\Nerissa\Cookies
2006-11-07	16:48	<DIR>	d---s----	C:\Documents and Settings\Nerissa\Application Data\Microsoft
2006-11-07	16:48	<DIR>	d--------	C:\Documents and Settings\Nerissa\Desktop
2006-11-07	16:48	<DIR>	d--------	C:\Documents and Settings\Nerissa\Application Data\Identities
2006-11-07	16:48	<DIR>	d--------	C:\Documents and Settings\Nerissa\Application Data\..
2006-11-07	16:48	<DIR>	d--------	C:\Documents and Settings\Nerissa\..
2006-11-07	16:48	<DIR>	d--------	C:\Documents and Settings\Nerissa\.
2006-11-07	16:46	<DIR>	d---s----	C:\WINDOWS\system32\Microsoft
2006-11-07	16:46	<DIR>	d--------	C:\WINDOWS\SoftwareDistribution
2006-11-07	16:46	<DIR>	d--------	C:\WINDOWS\Prefetch
2006-11-07	16:41	<DIR>	d--------	C:\WINDOWS\system32\xircom
2006-11-07	16:41	<DIR>	d--------	C:\Program Files\xerox
2006-11-07	16:41	<DIR>	d--------	C:\Program Files\microsoft frontpage
2006-11-07	16:40	112,128	--a------	C:\WINDOWS\system32\mapi32.dll
2006-11-07	16:40	0	-rahs----	C:\MSDOS.SYS
2006-11-07	16:40	0	-rahs----	C:\IO.SYS
2006-11-07	16:40	0	--a------	C:\CONFIG.SYS
2006-11-07	16:40	0	--a------	C:\AUTOEXEC.BAT
2006-11-07	16:39	<DIR>	dr-------	C:\WINDOWS\Offline Web Pages
2006-11-07	16:39	<DIR>	d--hs----	C:\Documents and Settings\All Users\DRM
2006-11-07	16:39	<DIR>	d--h-----	C:\Program Files\WindowsUpdate
2006-11-07	16:39	<DIR>	d---s----	C:\WINDOWS\Downloaded Program Files
2006-11-07	16:38	81,920	--a------	C:\WINDOWS\system32\ils.dll
2006-11-07	16:38	8,192	--a------	C:\WINDOWS\system32\bitsprx2.dll
2006-11-07	16:38	73,472	--a------	C:\WINDOWS\system32\drivers\sr.sys
2006-11-07	16:38	7,168	--a------	C:\WINDOWS\system32\bitsprx3.dll
2006-11-07	16:38	69,632	--a------	C:\WINDOWS\system32\msconf.dll
2006-11-07	16:38	679,424	--a------	C:\WINDOWS\system32\inetcomm.dll
2006-11-07	16:38	67,584	--a------	C:\WINDOWS\system32\srclient.dll
2006-11-07	16:38	64,512	--a------	C:\WINDOWS\system32\acctres.dll
2006-11-07	16:38	6,656	--a------	C:\WINDOWS\system32\wuauserv.dll
2006-11-07	16:38	48,128	--a------	C:\WINDOWS\system32\inetres.dll
2006-11-07	16:38	465,176	--a------	C:\WINDOWS\system32\wuapi.dll
2006-11-07	16:38	45,568	--a------	C:\WINDOWS\system32\safrslv.dll
2006-11-07	16:38	43,520	--a------	C:\WINDOWS\system32\safrcdlg.dll
2006-11-07	16:38	43,520	--a------	C:\WINDOWS\system32\racpldlg.dll
2006-11-07	16:38	41,240	--a------	C:\WINDOWS\system32\wups.dll
2006-11-07	16:38	382,464	--a------	C:\WINDOWS\system32\qmgr.dll
2006-11-07	16:38	34,560	--a------	C:\WINDOWS\system32\mnmdd.dll
2006-11-07	16:38	32,768	--a------	C:\WINDOWS\system32\mnmsrvc.exe
2006-11-07	16:38	32,768	--a------	C:\WINDOWS\system32\isrdbg32.dll
2006-11-07	16:38	29,696	--a------	C:\WINDOWS\system32\safrdm.dll
2006-11-07	16:38	28,672	--a------	C:\WINDOWS\system32\nmmkcert.dll
2006-11-07	16:38	274,944	--a------	C:\WINDOWS\system32\mstask.dll
2006-11-07	16:38	252,928	--a------	C:\WINDOWS\system32\msoeacct.dll
2006-11-07	16:38	239,104	--a------	C:\WINDOWS\system32\srrstr.dll
2006-11-07	16:38	23,040	--a------	C:\WINDOWS\system32\fltmc.exe
2006-11-07	16:38	194,328	--a------	C:\WINDOWS\system32\wuaueng1.dll
2006-11-07	16:38	190,976	--a------	C:\WINDOWS\system32\schedsvc.dll
2006-11-07	16:38	18,944	--a------	C:\WINDOWS\system32\qmgrprxy.dll
2006-11-07	16:38	173,536	--a------	C:\WINDOWS\system32\wuweb.dll
2006-11-07	16:38	172,312	--a------	C:\WINDOWS\system32\wuauclt1.exe
2006-11-07	16:38	170,496	--a------	C:\WINDOWS\system32\srsvc.dll
2006-11-07	16:38	16,896	--a------	C:\WINDOWS\system32\fltlib.dll
2006-11-07	16:38	16,384	--a------	C:\WINDOWS\system32\icfgnt5.dll
2006-11-07	16:38	128,896	--a------	C:\WINDOWS\system32\drivers\fltmgr.sys
2006-11-07	16:38	127,256	--a------	C:\WINDOWS\system32\wucltui.dll
2006-11-07	16:38	124,184	--a------	C:\WINDOWS\system32\wuauclt.exe
2006-11-07	16:38	12,288	--a------	C:\WINDOWS\system32\nmevtmsg.dll
2006-11-07	16:38	12,288	--a------	C:\WINDOWS\system32\mstinit.exe
2006-11-07	16:38	11,264	--a------	C:\WINDOWS\system32\atrace.dll
2006-11-07	16:38	105,984	--a------	C:\WINDOWS\system32\msoert2.dll
2006-11-07	16:38	1,343,768	--a------	C:\WINDOWS\system32\wuaueng.dll
2006-11-07	16:38	<DIR>	d---s----	C:\WINDOWS\Tasks
2006-11-07	16:38	<DIR>	d--------	C:\WINDOWS\system32\Restore
2006-11-07	16:38	<DIR>	d--------	C:\WINDOWS\system32\Macromed
2006-11-07	16:38	<DIR>	d--------	C:\WINDOWS\system32\DirectX
2006-11-07	16:38	<DIR>	d--------	C:\WINDOWS\srchasst
2006-11-07	16:38	<DIR>	d--------	C:\Program Files\Outlook Express
2006-11-07	16:38	<DIR>	d--------	C:\Program Files\NetMeeting
2006-11-07	16:38	<DIR>	d--------	C:\Program Files\Movie Maker
2006-11-07	16:38	<DIR>	d--------	C:\Program Files\Common Files\Services
2006-11-07	16:38	<DIR>	d--------	C:\Program Files\Common Files\MSSoap
2006-11-07	16:37	81,920	--a------	C:\WINDOWS\system32\isign32.dll
2006-11-07	16:37	73,728	--a------	C:\WINDOWS\system32\icwdial.dll
2006-11-07	16:37	65,536	--a------	C:\WINDOWS\system32\icwphbk.dll
2006-11-07	16:37	274,432	--a------	C:\WINDOWS\system32\inetcfg.dll
2006-11-07	16:37	<DIR>	d--------	C:\Program Files\Internet Explorer
2006-11-07	16:37	<DIR>	d--------	C:\Program Files\ComPlus Applications
2006-11-07	16:37	<DIR>	d--------	C:\Program Files\Common Files\System
2006-11-07	16:36	97,792	--a------	C:\WINDOWS\system32\comrepl.dll
2006-11-07	16:36	93,696	--a------	C:\WINDOWS\system32\tscfgwmi.dll
2006-11-07	16:36	9,728	--a------	C:\WINDOWS\system32\reset.exe
2006-11-07	16:36	87,176	--a------	C:\WINDOWS\system32\rdpwsx.dll
2006-11-07	16:36	85,504	--a------	C:\WINDOWS\system32\catsrvps.dll
2006-11-07	16:36	80,384	--a------	C:\WINDOWS\system32\charmap.exe
2006-11-07	16:36	73,216	--a------	C:\WINDOWS\system32\avwav.dll
2006-11-07	16:36	67,072	--a------	C:\WINDOWS\system32\rdshost.exe
2006-11-07	16:36	655,360	--a------	C:\WINDOWS\system32\mstscax.dll
2006-11-07	16:36	625,152	--a------	C:\WINDOWS\system32\catsrvut.dll
2006-11-07	16:36	62,464	--a------	C:\WINDOWS\system32\rdpclip.exe
2006-11-07	16:36	605,696	--a------	C:\WINDOWS\system32\getuname.dll
2006-11-07	16:36	60,416	--a------	C:\WINDOWS\system32\remotepg.dll
2006-11-07	16:36	60,416	--a------	C:\WINDOWS\system32\colbact.dll
2006-11-07	16:36	6,144	--a------	C:\WINDOWS\system32\msdtc.exe
2006-11-07	16:36	58,880	--a------	C:\WINDOWS\system32\msdtclog.dll
2006-11-07	16:36	56,832	--a------	C:\WINDOWS\system32\sol.exe
2006-11-07	16:36	55,296	--a------	C:\WINDOWS\system32\freecell.exe
2006-11-07	16:36	540,160	--a------	C:\WINDOWS\system32\comuid.dll
2006-11-07	16:36	54,272	--a------	C:\WINDOWS\system32\stclient.dll
2006-11-07	16:36	538,624	--a------	C:\WINDOWS\system32\spider.exe
2006-11-07	16:36	5,632	--a------	C:\WINDOWS\system32\write.exe
2006-11-07	16:36	5,120	--a------	C:\WINDOWS\system32\dcomcnfg.exe
2006-11-07	16:36	498,688	--a------	C:\WINDOWS\system32\clbcatq.dll
2006-11-07	16:36	44,544	--a------	C:\WINDOWS\system32\tscupgrd.exe
2006-11-07	16:36	44,544	--a------	C:\WINDOWS\system32\hticons.dll
2006-11-07	16:36	407,552	--a------	C:\WINDOWS\system32\mstsc.exe
2006-11-07	16:36	4,096	--a------	C:\WINDOWS\system32\rdpcfgex.dll
2006-11-07	16:36	4,096	--a------	C:\WINDOWS\system32\mtxex.dll
2006-11-07	16:36	38,912	--a------	C:\WINDOWS\system32\cfgbkend.dll
2006-11-07	16:36	35,328	--a------	C:\WINDOWS\system32\winchat.exe
2006-11-07	16:36	347,136	--a------	C:\WINDOWS\system32\hypertrm.dll
2006-11-07	16:36	343,040	--a------	C:\WINDOWS\system32\mspaint.exe
2006-11-07	16:36	33,792	--a------	C:\WINDOWS\system32\regini.exe
2006-11-07	16:36	295,424	--a------	C:\WINDOWS\system32\termsrv.dll
2006-11-07	16:36	25,600	--a------	C:\WINDOWS\system32\comaddin.dll
2006-11-07	16:36	25,088	--a------	C:\WINDOWS\system32\mtxlegih.dll
2006-11-07	16:36	227,840	--a------	C:\WINDOWS\system32\avtapi.dll
2006-11-07	16:36	225,792	--a------	C:\WINDOWS\system32\catsrv.dll
2006-11-07	16:36	22,016	--a------	C:\WINDOWS\system32\qwinsta.exe
2006-11-07	16:36	21,896	--a------	C:\WINDOWS\system32\drivers\tdtcp.sys
2006-11-07	16:36	20,992	--a------	C:\WINDOWS\system32\msg.exe
2006-11-07	16:36	20,480	--a------	C:\WINDOWS\system32\qprocess.exe
2006-11-07	16:36	20,480	--a------	C:\WINDOWS\system32\mtxdm.dll
2006-11-07	16:36	19,968	--a------	C:\WINDOWS\system32\rdpsnd.dll
2006-11-07	16:36	183,808	--a------	C:\WINDOWS\system32\accwiz.exe
2006-11-07	16:36	16,896	--a------	C:\WINDOWS\system32\tsshutdn.exe
2006-11-07	16:36	16,896	--a------	C:\WINDOWS\system32\qappsrv.exe
2006-11-07	16:36	16,384	--a------	C:\WINDOWS\system32\tskill.exe
2006-11-07	16:36	16,384	--a------	C:\WINDOWS\system32\avmeter.dll
2006-11-07	16:36	15,872	--a------	C:\WINDOWS\system32\rwinsta.exe
2006-11-07	16:36	15,872	--a------	C:\WINDOWS\system32\cdmodem.dll
2006-11-07	16:36	15,360	--a------	C:\WINDOWS\system32\logoff.exe
2006-11-07	16:36	147,968	--a------	C:\WINDOWS\system32\rdchost.dll
2006-11-07	16:36	147,456	--a------	C:\WINDOWS\system32\comsnap.dll
2006-11-07	16:36	140,800	--a------	C:\WINDOWS\system32\sessmgr.exe
2006-11-07	16:36	14,848	--a------	C:\WINDOWS\system32\tsdiscon.exe
2006-11-07	16:36	14,848	--a------	C:\WINDOWS\system32\tscon.exe
2006-11-07	16:36	14,848	--a------	C:\WINDOWS\system32\shadow.exe
2006-11-07	16:36	139,528	--a------	C:\WINDOWS\system32\drivers\rdpwd.sys
2006-11-07	16:36	138,752	--a------	C:\WINDOWS\system32\sndvol32.exe
2006-11-07	16:36	131,584	--a------	C:\WINDOWS\system32\sndrec32.exe
2006-11-07	16:36	13,824	--a------	C:\WINDOWS\system32\rdsaddin.exe
2006-11-07	16:36	126,976	--a------	C:\WINDOWS\system32\mshearts.exe
2006-11-07	16:36	123,392	--a------	C:\WINDOWS\system32\mplay32.exe
2006-11-07	16:36	12,040	--a------	C:\WINDOWS\system32\drivers\tdpipe.sys
2006-11-07	16:36	119,808	--a------	C:\WINDOWS\system32\winmine.exe
2006-11-07	16:36	114,688	--a------	C:\WINDOWS\system32\calc.exe
2006-11-07	16:36	110,080	--a------	C:\WINDOWS\system32\clbcatex.dll
2006-11-07	16:36	11,264	--a------	C:\WINDOWS\system32\icaapi.dll
2006-11-07	16:36	102,912	--a------	C:\WINDOWS\system32\clipbrd.exe
2006-11-07	16:36	1,267,200	--a------	C:\WINDOWS\system32\comsvcs.dll
2006-11-07	16:36	1,161	--a------	C:\WINDOWS\system32\usrlogon.cmd
2006-11-07	16:36	<DIR>	d--------	C:\WINDOWS\system32\MsDtc
2006-11-07	16:36	<DIR>	d--------	C:\WINDOWS\system32\Com
2006-11-07	16:36	<DIR>	d--------	C:\WINDOWS\Registration
2006-11-07	16:36	<DIR>	d--------	C:\Program Files\Windows NT
2006-11-07	16:36	<DIR>	d--------	C:\Program Files\Windows Media Player
2006-11-07	16:36	<DIR>	d--------	C:\Program Files\Online Services
2006-11-07	16:36	<DIR>	d--------	C:\Program Files\MSN Gaming Zone
2006-11-07	16:36	<DIR>	d--------	C:\Program Files\MSN
2006-11-07	16:36	<DIR>	d--------	C:\Program Files\Messenger
2006-11-07	16:35	58,880	--a------	C:\WINDOWS\system32\licwmi.dll
2006-11-07	16:35	56,320	--a------	C:\WINDOWS\system32\servdeps.dll
2006-11-07	16:35	40,840	--a------	C:\WINDOWS\system32\drivers\termdd.sys
2006-11-07	16:35	196,864	--a------	C:\WINDOWS\system32\drivers\rdpdr.sys
2006-11-07	16:35	185,344	--a------	C:\WINDOWS\system32\cmprops.dll
2006-11-07	16:35	17,408	--a------	C:\WINDOWS\system32\mmfutil.dll
2006-11-04	14:14	1,245,696	--a------	C:\WINDOWS\system32\msxml4.dll


((((((((((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))))


 
 
((((((((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))
 
*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"Yahoo! Pager"="\"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe\" -quiet"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000005

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\
  00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,a0,00,00,00,00,00,00,00,80,02,00,00,3a,02,\
  00,00,04,00,00,40
"RestoredStateInfo"=hex:18,00,00,00,a0,00,00,00,00,00,00,00,80,02,00,00,3a,02,\
  00,00,01,00,00,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ccApp"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X1100 Series]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="lxbkbmgr"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Lexmark X1100 Series\\lxbkbmgr.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msmsgs"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vptray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="VPTray"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\SYMANT~1\\VPTray.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="YahooMessenger"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe\" -quiet"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Symantec AntiVirus"=dword:00000002
"SPBBCSvc"=dword:00000003
"SNDSrvc"=dword:00000003
"SavRoam"=dword:00000003
"IDriverT"=dword:00000003
"DefWatch"=dword:00000002
"ccSetMgr"=dword:00000002
"ccPwdSvc"=dword:00000003
"ccEvtMgr"=dword:00000002

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]	
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

Completion time: 06-11-23 20:12:02.69 
C:\ComboFix.txt ... 06-11-23 20:12
     
    alaala2010, Nov 23, 2006
    #30
  6. alaala2010

    alaala2010 Registered Member

    Joined:
    Nov 20, 2006
    Posts:
    4
    hi pieter! after running BFU, here's the log created by combofix. please let me know whether i still need to do something. btw, my task manager & run box are already running well when i reinstalled my windows xp.

    Code:
    Nerissa - 06-11-23 21:07:53.10    Service Pack 2
ComboFix 06.11.22 - Running from: "C:\Documents and Settings\Nerissa\Desktop"

(((((((((((((((((((((((((((((((   Files Created from 2006-10-23 to 2006-11-23  ))))))))))))))))))))))))))))))))))
 
 
2006-11-23	20:53	<DIR>	d--------	C:\BFU
2006-11-22	13:56	9,600	--a------	C:\WINDOWS\system32\drivers\hidusb.sys
2006-11-22	13:56	12,160	--a------	C:\WINDOWS\system32\drivers\mouhid.sys
2006-11-22	00:23	<DIR>	d--------	C:\Program Files\MSXML 4.0
2006-11-21	22:20	<DIR>	d--------	C:\scan copy
2006-11-19	22:53	<DIR>	d--hs----	C:\RECYCLER
2006-11-19	15:15	<DIR>	d--------	C:\WINDOWS\pss
2006-11-19	00:33	<DIR>	d--------	C:\Program Files\QuickTime
2006-11-19	00:33	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\Apple Computer
2006-11-19	00:15	<DIR>	d--------	C:\ABomber
2006-11-12	22:35	<DIR>	d--------	C:\Documents and Settings\Nerissa\Application Data\Help
2006-11-12	20:52	26,496	--a------	C:\WINDOWS\system32\drivers\USBSTOR.SYS
2006-11-12	12:03	<DIR>	d--------	C:\Program Files\Disc2Phone
2006-11-12	11:57	<DIR>	dr--s----	C:\WINDOWS\assembly
2006-11-12	11:57	<DIR>	d--------	C:\WINDOWS\system32\URTTemp
2006-11-12	11:57	<DIR>	d--------	C:\WINDOWS\Microsoft.NET
2006-11-12	11:55	<DIR>	d--------	C:\Program Files\Sony Ericsson
2006-11-12	11:55	<DIR>	d--------	C:\Program Files\Common Files\Teleca Shared
2006-11-12	11:55	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\Sony Ericsson
2006-11-12	11:54	<DIR>	d--------	C:\WINDOWS\Downloaded Installations
2006-11-12	11:44	<DIR>	d--h-----	C:\Program Files\InstallShield Installation Information
2006-11-12	11:44	<DIR>	d--------	C:\Program Files\FaxTools
2006-11-12	11:44	<DIR>	d--------	C:\Program Files\ABBYY FineReader 6.0
2006-11-12	11:44	<DIR>	d--------	C:\Program Files\ABBYY FineReader 5.0 Sprint
2006-11-12	11:44	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\BVRP Software
2006-11-12	11:43	<DIR>	d--------	C:\Program Files\Common Files\InstallShield
2006-11-12	11:38	90,112	--a------	C:\WINDOWS\system32\LXBKCUR.DLL
2006-11-12	11:38	87,040	--a------	C:\WINDOWS\system32\wiafbdrv.dll
2006-11-12	11:38	86,016	--a------	C:\WINDOWS\system32\LXBKIH.EXE
2006-11-12	11:38	77,824	--a------	C:\WINDOWS\system32\LXBKLCNP.DLL
2006-11-12	11:38	73,728	--a------	C:\WINDOWS\system32\lxbkpwr.dll
2006-11-12	11:38	69,632	--a------	C:\WINDOWS\system32\LXBKCU.DLL
2006-11-12	11:38	544,768	--a------	C:\WINDOWS\system32\LXBKLSNT.EXE
2006-11-12	11:38	40,960	--a------	C:\WINDOWS\system32\lxbkvs.dll
2006-11-12	11:38	40,960	--a------	C:\WINDOWS\system32\INSTMON.EXE
2006-11-12	11:38	303,104	--a------	C:\WINDOWS\system32\LEXBCES.EXE
2006-11-12	11:38	286,720	--a------	C:\WINDOWS\system32\LXBKPMNT.DLL
2006-11-12	11:38	286,720	--a------	C:\WINDOWS\system32\lxbkcomm.dll
2006-11-12	11:38	217,088	--a------	C:\WINDOWS\system32\LXBKLCNT.DLL
2006-11-12	11:38	201,216	--a------	C:\WINDOWS\system32\LEXP2P32.DLL
2006-11-12	11:38	196,096	--a------	C:\WINDOWS\system32\LEX2KUSB.DLL
2006-11-12	11:38	192,512	--a------	C:\WINDOWS\system32\LEXLMPM.DLL
2006-11-12	11:38	174,592	--a------	C:\WINDOWS\system32\LEXPPS.EXE
2006-11-12	11:38	155,648	--a------	C:\WINDOWS\system32\LEXPING.EXE
2006-11-12	11:38	15,104	--a------	C:\WINDOWS\system32\drivers\usbscan.sys
2006-11-12	11:38	147,456	--a------	C:\WINDOWS\system32\LEXBCE.DLL
2006-11-12	11:38	126,976	--a------	C:\WINDOWS\system32\LXBKCFG.EXE
2006-11-12	11:37	983,101	--a------	C:\WINDOWS\system32\LXBKGF.DLL
2006-11-12	11:37	69,632	--a------	C:\WINDOWS\system32\lxbkscin.dll
2006-11-12	11:37	57,344	--a------	C:\WINDOWS\system32\lxbkcinf.dll
2006-11-12	11:37	49,152	--a------	C:\WINDOWS\system32\lxbkcoin.dll
2006-11-12	11:37	454,656	--a------	C:\WINDOWS\system32\LXBKJSWR.DLL
2006-11-12	11:37	352,256	--a------	C:\WINDOWS\system32\LXBKUTIL.DLL
2006-11-12	11:37	299,520	--a------	C:\WINDOWS\uninst.exe
2006-11-12	11:37	<DIR>	d--------	C:\Program Files\Lexmark X1100 Series
2006-11-12	11:37	<DIR>	d--------	C:\Documents and Settings\Nerissa\WINDOWS
2006-11-12	11:36	884,736	--a------	C:\WINDOWS\system32\msimsg.dll
2006-11-12	11:36	78,848	--a------	C:\WINDOWS\system32\msiexec.exe
2006-11-12	11:36	271,360	--a------	C:\WINDOWS\system32\msihnd.dll
2006-11-12	11:36	25,856	--a------	C:\WINDOWS\system32\drivers\usbprint.sys
2006-11-12	11:36	22,752	--a------	C:\WINDOWS\system32\spupdsvc.exe
2006-11-12	11:36	2,890,240	---------	C:\WINDOWS\system32\msi.dll
2006-11-12	11:36	15,360	--a------	C:\WINDOWS\system32\msisip.dll
2006-11-12	11:36	<DIR>	d--h-----	C:\WINDOWS\$hf_mig$
2006-11-12	11:36	<DIR>	d--------	C:\WINDOWS\system32\PreInstall
2006-11-11	19:49	<DIR>	d--------	C:\WINDOWS\system32\SoftwareDistribution
2006-11-09	01:44	<DIR>	d--------	C:\Program Files\Mozilla Firefox
2006-11-09	01:44	<DIR>	d--------	C:\Documents and Settings\Nerissa\Application Data\Mozilla
2006-11-08	06:56	<DIR>	d--------	C:\logs
2006-11-08	06:56	<DIR>	d--------	C:\Documents and Settings\Nerissa\ChikkaDefault
2006-11-08	06:55	<DIR>	d--------	C:\Program Files\Chikka V4
2006-11-08	06:14	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\Yahoo!
2006-11-08	00:29	93,952	--a------	C:\WINDOWS\system32\drivers\cwcwdm.sys
2006-11-08	00:29	82,944	--a------	C:\WINDOWS\system32\drivers\wdmaud.sys
2006-11-08	00:29	7,552	--a------	C:\WINDOWS\system32\drivers\MSKSSRV.sys
2006-11-08	00:29	60,800	--a------	C:\WINDOWS\system32\drivers\sysaudio.sys
2006-11-08	00:29	6,400	--a------	C:\WINDOWS\system32\drivers\splitter.sys
2006-11-08	00:29	54,272	--a------	C:\WINDOWS\system32\drivers\swmidi.sys
2006-11-08	00:29	52,864	--a------	C:\WINDOWS\system32\drivers\DMusic.sys
2006-11-08	00:29	5,376	--a------	C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2006-11-08	00:29	4,992	--a------	C:\WINDOWS\system32\drivers\MSPQM.sys
2006-11-08	00:29	3,072	--a------	C:\WINDOWS\system32\drivers\audstub.sys
2006-11-08	00:29	2,944	--a------	C:\WINDOWS\system32\drivers\drmkaud.sys
2006-11-08	00:29	172,416	--a------	C:\WINDOWS\system32\drivers\kmixer.sys
2006-11-08	00:29	142,464	--a------	C:\WINDOWS\system32\drivers\aec.sys
2006-11-08	00:28	86,016	--a------	C:\WINDOWS\system32\mdmxsdk.dll
2006-11-08	00:28	74,240	--a------	C:\WINDOWS\system32\usbui.dll
2006-11-08	00:28	685,056	--a------	C:\WINDOWS\system32\drivers\HSFCXTS2.sys
2006-11-08	00:28	60,288	--a------	C:\WINDOWS\system32\drivers\drmk.sys
2006-11-08	00:28	57,472	--a------	C:\WINDOWS\system32\drivers\redbook.sys
2006-11-08	00:28	42,240	--a------	C:\WINDOWS\system32\drivers\VIAAGP.SYS
2006-11-08	00:28	4,274,816	--a------	C:\WINDOWS\system32\nv4_disp.dll
2006-11-08	00:28	4,096	--a------	C:\WINDOWS\system32\ksuser.dll
2006-11-08	00:28	32,285	--a------	C:\WINDOWS\system32\HSFCISP2.dll
2006-11-08	00:28	3,584	--a------	C:\WINDOWS\system32\drivers\cwcos.sys
2006-11-08	00:28	220,032	--a------	C:\WINDOWS\system32\drivers\HSFBS2S2.sys
2006-11-08	00:28	2,944	--a------	C:\WINDOWS\system32\drivers\msmpu401.sys
2006-11-08	00:28	145,792	--a------	C:\WINDOWS\system32\drivers\portcls.sys
2006-11-08	00:28	111,872	--a------	C:\WINDOWS\system32\drivers\cwcspud.sys
2006-11-08	00:28	11,868	--a------	C:\WINDOWS\system32\drivers\mdmxsdk.sys
2006-11-08	00:28	10,624	--a------	C:\WINDOWS\system32\drivers\gameenum.sys
2006-11-08	00:28	1,897,408	--a------	C:\WINDOWS\system32\drivers\nv4_mini.sys
2006-11-08	00:28	1,041,536	--a------	C:\WINDOWS\system32\drivers\HSFDPSP2.sys
2006-11-08	00:28	<DIR>	d--------	C:\WINDOWS\cwcdata
2006-11-08	00:26	9,936	--a------	C:\WINDOWS\system\LZEXPAND.DLL
2006-11-08	00:26	9,008	--a------	C:\WINDOWS\system\VER.DLL
2006-11-08	00:26	85,020	--a------	C:\WINDOWS\system32\dgsetup.dll
2006-11-08	00:26	82,944	--a------	C:\WINDOWS\system\OLECLI.DLL
2006-11-08	00:26	8,704	--a------	C:\WINDOWS\system32\batt.dll
2006-11-08	00:26	8,192	-ra------	C:\WINDOWS\system32\kbdhept.dll
2006-11-08	00:26	74,752	--a------	C:\WINDOWS\system32\storprop.dll
2006-11-08	00:26	7,168	-ra------	C:\WINDOWS\system32\kbdcz.dll
2006-11-08	00:26	69,584	--a------	C:\WINDOWS\system\AVICAP.DLL
2006-11-08	00:26	69,120	--a------	C:\WINDOWS\NOTEPAD.EXE
2006-11-08	00:26	68,768	--a------	C:\WINDOWS\system\MMSYSTEM.DLL
2006-11-08	00:26	6,656	-ra------	C:\WINDOWS\system32\kbdycl.dll
2006-11-08	00:26	6,656	-ra------	C:\WINDOWS\system32\kbdsl1.dll
2006-11-08	00:26	6,656	-ra------	C:\WINDOWS\system32\kbdsl.dll
2006-11-08	00:26	6,656	-ra------	C:\WINDOWS\system32\kbdpl.dll
2006-11-08	00:26	6,656	-ra------	C:\WINDOWS\system32\kbdhu.dll
2006-11-08	00:26	6,656	-ra------	C:\WINDOWS\system32\kbdhela3.dll
2006-11-08	00:26	6,656	-ra------	C:\WINDOWS\system32\kbdcz2.dll
2006-11-08	00:26	6,656	-ra------	C:\WINDOWS\system32\kbdcz1.dll
2006-11-08	00:26	6,656	-ra------	C:\WINDOWS\system32\kbdcr.dll
2006-11-08	00:26	6,656	-ra------	C:\WINDOWS\system32\KBDAL.DLL
2006-11-08	00:26	6,144	-ra------	C:\WINDOWS\system32\kbdtuq.dll
2006-11-08	00:26	6,144	-ra------	C:\WINDOWS\system32\kbdtuf.dll
2006-11-08	00:26	6,144	-ra------	C:\WINDOWS\system32\kbdlv1.dll
2006-11-08	00:26	6,144	-ra------	C:\WINDOWS\system32\kbdlv.dll
2006-11-08	00:26	6,144	-ra------	C:\WINDOWS\system32\kbdhela2.dll
2006-11-08	00:26	6,144	-ra------	C:\WINDOWS\system32\kbdgkl.dll
2006-11-08	00:26	6,144	-ra------	C:\WINDOWS\system32\kbdest.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdycc.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbduzb.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdur.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdtat.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdru1.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdru.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdro.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdpl1.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdmon.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdlt1.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdlt.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdkyr.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdkaz.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdhu1.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdhe319.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdhe220.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdhe.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdbu.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdblr.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdazel.dll
2006-11-08	00:26	5,632	-ra------	C:\WINDOWS\system32\kbdaze.dll
2006-11-08	00:26	5,120	--a------	C:\WINDOWS\system\SHELL.DLL
2006-11-08	00:26	32,816	--a------	C:\WINDOWS\system\COMMDLG.DLL
2006-11-08	00:26	24,661	--a------	C:\WINDOWS\system32\spxcoins.dll
2006-11-08	00:26	24,064	--a------	C:\WINDOWS\system\OLESVR.DLL
2006-11-08	00:26	19,200	--a------	C:\WINDOWS\system\TAPI.DLL
2006-11-08	00:26	176,157	--a------	C:\WINDOWS\system32\dgrpsetu.dll
2006-11-08	00:26	15,360	--a------	C:\WINDOWS\TASKMAN.EXE
2006-11-08	00:26	13,312	--a------	C:\WINDOWS\system32\irclass.dll
2006-11-08	00:26	126,912	--a------	C:\WINDOWS\system\MSVIDEO.DLL
2006-11-08	00:26	11,264	--a------	C:\WINDOWS\system32\drivers\irenum.sys
2006-11-08	00:26	109,456	--a------	C:\WINDOWS\system\AVIFILE.DLL
2006-11-08	00:26	103,424	--a------	C:\WINDOWS\system32\EqnClass.Dll
2006-11-08	00:26	<DIR>	dr-h-----	C:\Documents and Settings\All Users\Application Data\.
2006-11-08	00:26	<DIR>	dr-h-----	C:\Documents and Settings\All Users\Application Data
2006-11-08	00:26	<DIR>	dr-------	C:\Program Files\Common Files\..
2006-11-08	00:26	<DIR>	dr-------	C:\Program Files\.
2006-11-08	00:26	<DIR>	dr-------	C:\Program Files
2006-11-08	00:26	<DIR>	dr-------	C:\Documents and Settings\All Users\Start Menu
2006-11-08	00:26	<DIR>	dr-------	C:\Documents and Settings\All Users\Documents
2006-11-08	00:26	<DIR>	d--hs----	C:\WINDOWS\Installer
2006-11-08	00:26	<DIR>	d--hs----	C:\Program Files\..
2006-11-08	00:26	<DIR>	d--h-----	C:\Documents and Settings\All Users\Templates
2006-11-08	00:26	<DIR>	d---s----	C:\Documents and Settings\All Users\Application Data\Microsoft
2006-11-08	00:26	<DIR>	d--------	C:\WINDOWS\system32\CatRoot2
2006-11-08	00:26	<DIR>	d--------	C:\WINDOWS\system32\CatRoot
2006-11-08	00:26	<DIR>	d--------	C:\Program Files\Common Files\SpeechEngines
2006-11-08	00:26	<DIR>	d--------	C:\Program Files\Common Files\ODBC
2006-11-08	00:26	<DIR>	d--------	C:\Program Files\Common Files\Microsoft Shared
2006-11-08	00:26	<DIR>	d--------	C:\Program Files\Common Files\.
2006-11-08	00:26	<DIR>	d--------	C:\Program Files\Common Files
2006-11-08	00:26	<DIR>	d--------	C:\Documents and Settings\All Users\Favorites
2006-11-08	00:26	<DIR>	d--------	C:\Documents and Settings\All Users\Desktop
2006-11-08	00:26	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\..
2006-11-08	00:25	<DIR>	d--hs----	C:\System Volume Information
2006-11-08	00:25	<DIR>	d--------	C:\Documents and Settings\All Users\..
2006-11-08	00:25	<DIR>	d--------	C:\Documents and Settings\All Users\.
2006-11-08	00:25	<DIR>	d--------	C:\Documents and Settings
2006-11-08	00:17	<DIR>	dr-hsc---	C:\WINDOWS\system32\dllcache
2006-11-08	00:17	<DIR>	dr--s----	C:\WINDOWS\Fonts
2006-11-08	00:17	<DIR>	dr-------	C:\WINDOWS\Web
2006-11-08	00:17	<DIR>	d--hs----	C:\WINDOWS\..
2006-11-08	00:17	<DIR>	d--h-----	C:\WINDOWS\inf
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\WinSxS
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\twain_32
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\Temp
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\wins
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\wbem
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\usmt
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\spool
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\ShellExt
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\Setup
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\ras
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\oobe
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\npp
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\mui
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\inetsrv
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\IME
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\icsxml
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\ias
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\export
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\drivers\etc
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\drivers\disdn
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\drivers\..
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\drivers\.
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\drivers
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\dhcp
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\config
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\3com_dmi
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\3076
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\2052
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\1054
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\1042
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\1041
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\1037
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\1033
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\1031
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\1028
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\1025
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\..
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32\.
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system32
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system\..
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system\.
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\system
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\security
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\Resources
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\repair
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\Provisioning
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\PeerNet
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\pchealth
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\mui
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\msapps
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\msagent
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\Media
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\java
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\ime
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\Help
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\ehome
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\Driver Cache
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\Debug
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\Cursors
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\Connection Wizard
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\Config
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\AppPatch
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\addins
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS\.
2006-11-08	00:17	<DIR>	d--------	C:\WINDOWS
2006-11-07	22:07	<DIR>	d--------	C:\Program Files\Opera75
2006-11-07	22:07	<DIR>	d--------	C:\Documents and Settings\Nerissa\Application Data\Opera
2006-11-07	21:36	<DIR>	d--------	C:\Documents and Settings\Nerissa\Application Data\Macromedia
2006-11-07	21:35	<DIR>	dr-h-----	C:\Documents and Settings\Nerissa\Application Data\yahoo!
2006-11-07	21:29	306,688	--a------	C:\WINDOWS\IsUninst.exe
2006-11-07	18:05	<DIR>	d--------	C:\Program Files\Yahoo!
2006-11-07	18:02	<DIR>	d---s----	C:\Documents and Settings\Nerissa\UserData
2006-11-07	17:59	36,224	--a------	C:\WINDOWS\system32\drivers\an983.sys
2006-11-07	17:47	2,670,592	---------	C:\WINDOWS\UNNMP.exe
2006-11-07	17:47	<DIR>	d--------	C:\Program Files\Common Files\Nero
2006-11-07	17:46	476,320	---------	C:\WINDOWS\system32\ImagXpr7.dll
2006-11-07	17:46	471,040	---------	C:\WINDOWS\system32\ImagXRA7.dll
2006-11-07	17:46	364,544	---------	C:\WINDOWS\system32\TwnLib4.dll
2006-11-07	17:46	262,144	---------	C:\WINDOWS\system32\ImagXR7.dll
2006-11-07	17:46	155,648	--a------	C:\WINDOWS\system32\NeroCheck.exe
2006-11-07	17:46	106,496	--a------	C:\WINDOWS\system32\TwnLib20.dll
2006-11-07	17:46	1,568,768	---------	C:\WINDOWS\system32\ImagX7.dll
2006-11-07	17:45	<DIR>	d--------	C:\Program Files\Common Files\Ahead
2006-11-07	17:45	<DIR>	d--------	C:\Program Files\Ahead
2006-11-07	17:42	<DIR>	d--------	C:\Program Files\Microsoft ActiveSync
2006-11-07	17:42	<DIR>	d--------	C:\Program Files\Common Files\Designer
2006-11-07	17:41	<DIR>	d--------	C:\WINDOWS\ShellNew
2006-11-07	17:41	<DIR>	d--------	C:\Program Files\Microsoft Office
2006-11-07	17:26	<DIR>	d--h-----	C:\WINDOWS\PIF
2006-11-07	17:23	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2006-11-07	17:18	91,856	--a------	C:\WINDOWS\system32\S32EVNT1.DLL
2006-11-07	17:18	123,200	--a------	C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2006-11-07	17:18	<DIR>	d--------	C:\Program Files\Symantec
2006-11-07	17:17	<DIR>	d--------	C:\Program Files\Symantec AntiVirus
2006-11-07	17:17	<DIR>	d--------	C:\Program Files\Common Files\Symantec Shared
2006-11-07	17:17	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\Symantec
2006-11-07	16:48	<DIR>	dr-h-----	C:\Documents and Settings\Nerissa\SendTo
2006-11-07	16:48	<DIR>	dr-h-----	C:\Documents and Settings\Nerissa\Recent
2006-11-07	16:48	<DIR>	dr-h-----	C:\Documents and Settings\Nerissa\Application Data\.
2006-11-07	16:48	<DIR>	dr-h-----	C:\Documents and Settings\Nerissa\Application Data
2006-11-07	16:48	<DIR>	dr-------	C:\Documents and Settings\Nerissa\Start Menu
2006-11-07	16:48	<DIR>	dr-------	C:\Documents and Settings\Nerissa\My Documents
2006-11-07	16:48	<DIR>	dr-------	C:\Documents and Settings\Nerissa\Favorites
2006-11-07	16:48	<DIR>	d--h-----	C:\Program Files\Uninstall Information
2006-11-07	16:48	<DIR>	d--h-----	C:\Documents and Settings\Nerissa\Templates
2006-11-07	16:48	<DIR>	d--h-----	C:\Documents and Settings\Nerissa\PrintHood
2006-11-07	16:48	<DIR>	d--h-----	C:\Documents and Settings\Nerissa\NetHood
2006-11-07	16:48	<DIR>	d--h-----	C:\Documents and Settings\Nerissa\Local Settings
2006-11-07	16:48	<DIR>	d---s----	C:\Documents and Settings\Nerissa\Cookies
2006-11-07	16:48	<DIR>	d---s----	C:\Documents and Settings\Nerissa\Application Data\Microsoft
2006-11-07	16:48	<DIR>	d--------	C:\Documents and Settings\Nerissa\Desktop
2006-11-07	16:48	<DIR>	d--------	C:\Documents and Settings\Nerissa\Application Data\Identities
2006-11-07	16:48	<DIR>	d--------	C:\Documents and Settings\Nerissa\Application Data\..
2006-11-07	16:48	<DIR>	d--------	C:\Documents and Settings\Nerissa\..
2006-11-07	16:48	<DIR>	d--------	C:\Documents and Settings\Nerissa\.
2006-11-07	16:46	<DIR>	d---s----	C:\WINDOWS\system32\Microsoft
2006-11-07	16:46	<DIR>	d--------	C:\WINDOWS\SoftwareDistribution
2006-11-07	16:46	<DIR>	d--------	C:\WINDOWS\Prefetch
2006-11-07	16:41	<DIR>	d--------	C:\WINDOWS\system32\xircom
2006-11-07	16:41	<DIR>	d--------	C:\Program Files\xerox
2006-11-07	16:41	<DIR>	d--------	C:\Program Files\microsoft frontpage
2006-11-07	16:40	112,128	--a------	C:\WINDOWS\system32\mapi32.dll
2006-11-07	16:40	0	-rahs----	C:\MSDOS.SYS
2006-11-07	16:40	0	-rahs----	C:\IO.SYS
2006-11-07	16:40	0	--a------	C:\CONFIG.SYS
2006-11-07	16:40	0	--a------	C:\AUTOEXEC.BAT
2006-11-07	16:39	<DIR>	dr-------	C:\WINDOWS\Offline Web Pages
2006-11-07	16:39	<DIR>	d--hs----	C:\Documents and Settings\All Users\DRM
2006-11-07	16:39	<DIR>	d--h-----	C:\Program Files\WindowsUpdate
2006-11-07	16:39	<DIR>	d---s----	C:\WINDOWS\Downloaded Program Files
2006-11-07	16:38	81,920	--a------	C:\WINDOWS\system32\ils.dll
2006-11-07	16:38	8,192	--a------	C:\WINDOWS\system32\bitsprx2.dll
2006-11-07	16:38	73,472	--a------	C:\WINDOWS\system32\drivers\sr.sys
2006-11-07	16:38	7,168	--a------	C:\WINDOWS\system32\bitsprx3.dll
2006-11-07	16:38	69,632	--a------	C:\WINDOWS\system32\msconf.dll
2006-11-07	16:38	679,424	--a------	C:\WINDOWS\system32\inetcomm.dll
2006-11-07	16:38	67,584	--a------	C:\WINDOWS\system32\srclient.dll
2006-11-07	16:38	64,512	--a------	C:\WINDOWS\system32\acctres.dll
2006-11-07	16:38	6,656	--a------	C:\WINDOWS\system32\wuauserv.dll
2006-11-07	16:38	48,128	--a------	C:\WINDOWS\system32\inetres.dll
2006-11-07	16:38	465,176	--a------	C:\WINDOWS\system32\wuapi.dll
2006-11-07	16:38	45,568	--a------	C:\WINDOWS\system32\safrslv.dll
2006-11-07	16:38	43,520	--a------	C:\WINDOWS\system32\safrcdlg.dll
2006-11-07	16:38	43,520	--a------	C:\WINDOWS\system32\racpldlg.dll
2006-11-07	16:38	41,240	--a------	C:\WINDOWS\system32\wups.dll
2006-11-07	16:38	382,464	--a------	C:\WINDOWS\system32\qmgr.dll
2006-11-07	16:38	34,560	--a------	C:\WINDOWS\system32\mnmdd.dll
2006-11-07	16:38	32,768	--a------	C:\WINDOWS\system32\mnmsrvc.exe
2006-11-07	16:38	32,768	--a------	C:\WINDOWS\system32\isrdbg32.dll
2006-11-07	16:38	29,696	--a------	C:\WINDOWS\system32\safrdm.dll
2006-11-07	16:38	28,672	--a------	C:\WINDOWS\system32\nmmkcert.dll
2006-11-07	16:38	274,944	--a------	C:\WINDOWS\system32\mstask.dll
2006-11-07	16:38	252,928	--a------	C:\WINDOWS\system32\msoeacct.dll
2006-11-07	16:38	239,104	--a------	C:\WINDOWS\system32\srrstr.dll
2006-11-07	16:38	23,040	--a------	C:\WINDOWS\system32\fltmc.exe
2006-11-07	16:38	194,328	--a------	C:\WINDOWS\system32\wuaueng1.dll
2006-11-07	16:38	190,976	--a------	C:\WINDOWS\system32\schedsvc.dll
2006-11-07	16:38	18,944	--a------	C:\WINDOWS\system32\qmgrprxy.dll
2006-11-07	16:38	173,536	--a------	C:\WINDOWS\system32\wuweb.dll
2006-11-07	16:38	172,312	--a------	C:\WINDOWS\system32\wuauclt1.exe
2006-11-07	16:38	170,496	--a------	C:\WINDOWS\system32\srsvc.dll
2006-11-07	16:38	16,896	--a------	C:\WINDOWS\system32\fltlib.dll
2006-11-07	16:38	16,384	--a------	C:\WINDOWS\system32\icfgnt5.dll
2006-11-07	16:38	128,896	--a------	C:\WINDOWS\system32\drivers\fltmgr.sys
2006-11-07	16:38	127,256	--a------	C:\WINDOWS\system32\wucltui.dll
2006-11-07	16:38	124,184	--a------	C:\WINDOWS\system32\wuauclt.exe
2006-11-07	16:38	12,288	--a------	C:\WINDOWS\system32\nmevtmsg.dll
2006-11-07	16:38	12,288	--a------	C:\WINDOWS\system32\mstinit.exe
2006-11-07	16:38	11,264	--a------	C:\WINDOWS\system32\atrace.dll
2006-11-07	16:38	105,984	--a------	C:\WINDOWS\system32\msoert2.dll
2006-11-07	16:38	1,343,768	--a------	C:\WINDOWS\system32\wuaueng.dll
2006-11-07	16:38	<DIR>	d---s----	C:\WINDOWS\Tasks
2006-11-07	16:38	<DIR>	d--------	C:\WINDOWS\system32\Restore
2006-11-07	16:38	<DIR>	d--------	C:\WINDOWS\system32\Macromed
2006-11-07	16:38	<DIR>	d--------	C:\WINDOWS\system32\DirectX
2006-11-07	16:38	<DIR>	d--------	C:\WINDOWS\srchasst
2006-11-07	16:38	<DIR>	d--------	C:\Program Files\Outlook Express
2006-11-07	16:38	<DIR>	d--------	C:\Program Files\NetMeeting
2006-11-07	16:38	<DIR>	d--------	C:\Program Files\Movie Maker
2006-11-07	16:38	<DIR>	d--------	C:\Program Files\Common Files\Services
2006-11-07	16:38	<DIR>	d--------	C:\Program Files\Common Files\MSSoap
2006-11-07	16:37	81,920	--a------	C:\WINDOWS\system32\isign32.dll
2006-11-07	16:37	73,728	--a------	C:\WINDOWS\system32\icwdial.dll
2006-11-07	16:37	65,536	--a------	C:\WINDOWS\system32\icwphbk.dll
2006-11-07	16:37	274,432	--a------	C:\WINDOWS\system32\inetcfg.dll
2006-11-07	16:37	<DIR>	d--------	C:\Program Files\Internet Explorer
2006-11-07	16:37	<DIR>	d--------	C:\Program Files\ComPlus Applications
2006-11-07	16:37	<DIR>	d--------	C:\Program Files\Common Files\System
2006-11-07	16:36	97,792	--a------	C:\WINDOWS\system32\comrepl.dll
2006-11-07	16:36	93,696	--a------	C:\WINDOWS\system32\tscfgwmi.dll
2006-11-07	16:36	9,728	--a------	C:\WINDOWS\system32\reset.exe
2006-11-07	16:36	87,176	--a------	C:\WINDOWS\system32\rdpwsx.dll
2006-11-07	16:36	85,504	--a------	C:\WINDOWS\system32\catsrvps.dll
2006-11-07	16:36	80,384	--a------	C:\WINDOWS\system32\charmap.exe
2006-11-07	16:36	73,216	--a------	C:\WINDOWS\system32\avwav.dll
2006-11-07	16:36	67,072	--a------	C:\WINDOWS\system32\rdshost.exe
2006-11-07	16:36	655,360	--a------	C:\WINDOWS\system32\mstscax.dll
2006-11-07	16:36	625,152	--a------	C:\WINDOWS\system32\catsrvut.dll
2006-11-07	16:36	62,464	--a------	C:\WINDOWS\system32\rdpclip.exe
2006-11-07	16:36	605,696	--a------	C:\WINDOWS\system32\getuname.dll
2006-11-07	16:36	60,416	--a------	C:\WINDOWS\system32\remotepg.dll
2006-11-07	16:36	60,416	--a------	C:\WINDOWS\system32\colbact.dll
2006-11-07	16:36	6,144	--a------	C:\WINDOWS\system32\msdtc.exe
2006-11-07	16:36	58,880	--a------	C:\WINDOWS\system32\msdtclog.dll
2006-11-07	16:36	56,832	--a------	C:\WINDOWS\system32\sol.exe
2006-11-07	16:36	55,296	--a------	C:\WINDOWS\system32\freecell.exe
2006-11-07	16:36	540,160	--a------	C:\WINDOWS\system32\comuid.dll
2006-11-07	16:36	54,272	--a------	C:\WINDOWS\system32\stclient.dll
2006-11-07	16:36	538,624	--a------	C:\WINDOWS\system32\spider.exe
2006-11-07	16:36	5,632	--a------	C:\WINDOWS\system32\write.exe
2006-11-07	16:36	5,120	--a------	C:\WINDOWS\system32\dcomcnfg.exe
2006-11-07	16:36	498,688	--a------	C:\WINDOWS\system32\clbcatq.dll
2006-11-07	16:36	44,544	--a------	C:\WINDOWS\system32\tscupgrd.exe
2006-11-07	16:36	44,544	--a------	C:\WINDOWS\system32\hticons.dll
2006-11-07	16:36	407,552	--a------	C:\WINDOWS\system32\mstsc.exe
2006-11-07	16:36	4,096	--a------	C:\WINDOWS\system32\rdpcfgex.dll
2006-11-07	16:36	4,096	--a------	C:\WINDOWS\system32\mtxex.dll
2006-11-07	16:36	38,912	--a------	C:\WINDOWS\system32\cfgbkend.dll
2006-11-07	16:36	35,328	--a------	C:\WINDOWS\system32\winchat.exe
2006-11-07	16:36	347,136	--a------	C:\WINDOWS\system32\hypertrm.dll
2006-11-07	16:36	343,040	--a------	C:\WINDOWS\system32\mspaint.exe
2006-11-07	16:36	33,792	--a------	C:\WINDOWS\system32\regini.exe
2006-11-07	16:36	295,424	--a------	C:\WINDOWS\system32\termsrv.dll
2006-11-07	16:36	25,600	--a------	C:\WINDOWS\system32\comaddin.dll
2006-11-07	16:36	25,088	--a------	C:\WINDOWS\system32\mtxlegih.dll
2006-11-07	16:36	227,840	--a------	C:\WINDOWS\system32\avtapi.dll
2006-11-07	16:36	225,792	--a------	C:\WINDOWS\system32\catsrv.dll
2006-11-07	16:36	22,016	--a------	C:\WINDOWS\system32\qwinsta.exe
2006-11-07	16:36	21,896	--a------	C:\WINDOWS\system32\drivers\tdtcp.sys
2006-11-07	16:36	20,992	--a------	C:\WINDOWS\system32\msg.exe
2006-11-07	16:36	20,480	--a------	C:\WINDOWS\system32\qprocess.exe
2006-11-07	16:36	20,480	--a------	C:\WINDOWS\system32\mtxdm.dll
2006-11-07	16:36	19,968	--a------	C:\WINDOWS\system32\rdpsnd.dll
2006-11-07	16:36	183,808	--a------	C:\WINDOWS\system32\accwiz.exe
2006-11-07	16:36	16,896	--a------	C:\WINDOWS\system32\tsshutdn.exe
2006-11-07	16:36	16,896	--a------	C:\WINDOWS\system32\qappsrv.exe
2006-11-07	16:36	16,384	--a------	C:\WINDOWS\system32\tskill.exe
2006-11-07	16:36	16,384	--a------	C:\WINDOWS\system32\avmeter.dll
2006-11-07	16:36	15,872	--a------	C:\WINDOWS\system32\rwinsta.exe
2006-11-07	16:36	15,872	--a------	C:\WINDOWS\system32\cdmodem.dll
2006-11-07	16:36	15,360	--a------	C:\WINDOWS\system32\logoff.exe
2006-11-07	16:36	147,968	--a------	C:\WINDOWS\system32\rdchost.dll
2006-11-07	16:36	147,456	--a------	C:\WINDOWS\system32\comsnap.dll
2006-11-07	16:36	140,800	--a------	C:\WINDOWS\system32\sessmgr.exe
2006-11-07	16:36	14,848	--a------	C:\WINDOWS\system32\tsdiscon.exe
2006-11-07	16:36	14,848	--a------	C:\WINDOWS\system32\tscon.exe
2006-11-07	16:36	14,848	--a------	C:\WINDOWS\system32\shadow.exe
2006-11-07	16:36	139,528	--a------	C:\WINDOWS\system32\drivers\rdpwd.sys
2006-11-07	16:36	138,752	--a------	C:\WINDOWS\system32\sndvol32.exe
2006-11-07	16:36	131,584	--a------	C:\WINDOWS\system32\sndrec32.exe
2006-11-07	16:36	13,824	--a------	C:\WINDOWS\system32\rdsaddin.exe
2006-11-07	16:36	126,976	--a------	C:\WINDOWS\system32\mshearts.exe
2006-11-07	16:36	123,392	--a------	C:\WINDOWS\system32\mplay32.exe
2006-11-07	16:36	12,040	--a------	C:\WINDOWS\system32\drivers\tdpipe.sys
2006-11-07	16:36	119,808	--a------	C:\WINDOWS\system32\winmine.exe
2006-11-07	16:36	114,688	--a------	C:\WINDOWS\system32\calc.exe
2006-11-07	16:36	110,080	--a------	C:\WINDOWS\system32\clbcatex.dll
2006-11-07	16:36	11,264	--a------	C:\WINDOWS\system32\icaapi.dll
2006-11-07	16:36	102,912	--a------	C:\WINDOWS\system32\clipbrd.exe
2006-11-07	16:36	1,267,200	--a------	C:\WINDOWS\system32\comsvcs.dll
2006-11-07	16:36	1,161	--a------	C:\WINDOWS\system32\usrlogon.cmd
2006-11-07	16:36	<DIR>	d--------	C:\WINDOWS\system32\MsDtc
2006-11-07	16:36	<DIR>	d--------	C:\WINDOWS\system32\Com
2006-11-07	16:36	<DIR>	d--------	C:\WINDOWS\Registration
2006-11-07	16:36	<DIR>	d--------	C:\Program Files\Windows NT
2006-11-07	16:36	<DIR>	d--------	C:\Program Files\Windows Media Player
2006-11-07	16:36	<DIR>	d--------	C:\Program Files\Online Services
2006-11-07	16:36	<DIR>	d--------	C:\Program Files\MSN Gaming Zone
2006-11-07	16:36	<DIR>	d--------	C:\Program Files\MSN
2006-11-07	16:36	<DIR>	d--------	C:\Program Files\Messenger
2006-11-07	16:35	58,880	--a------	C:\WINDOWS\system32\licwmi.dll
2006-11-07	16:35	56,320	--a------	C:\WINDOWS\system32\servdeps.dll
2006-11-07	16:35	40,840	--a------	C:\WINDOWS\system32\drivers\termdd.sys
2006-11-07	16:35	196,864	--a------	C:\WINDOWS\system32\drivers\rdpdr.sys
2006-11-07	16:35	185,344	--a------	C:\WINDOWS\system32\cmprops.dll
2006-11-07	16:35	17,408	--a------	C:\WINDOWS\system32\mmfutil.dll
2006-11-04	14:14	1,245,696	--a------	C:\WINDOWS\system32\msxml4.dll


((((((((((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))))


 
 
((((((((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))
 
*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"Yahoo! Pager"="\"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe\" -quiet"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000005

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\
  00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,a0,00,00,00,00,00,00,00,80,02,00,00,3a,02,\
  00,00,04,00,00,40
"RestoredStateInfo"=hex:18,00,00,00,a0,00,00,00,00,00,00,00,80,02,00,00,3a,02,\
  00,00,01,00,00,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ccApp"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X1100 Series]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="lxbkbmgr"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Lexmark X1100 Series\\lxbkbmgr.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msmsgs"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vptray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="VPTray"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\SYMANT~1\\VPTray.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="YahooMessenger"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe\" -quiet"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Symantec AntiVirus"=dword:00000002
"SPBBCSvc"=dword:00000003
"SNDSrvc"=dword:00000003
"SavRoam"=dword:00000003
"IDriverT"=dword:00000003
"DefWatch"=dword:00000002
"ccSetMgr"=dword:00000002
"ccPwdSvc"=dword:00000003
"ccEvtMgr"=dword:00000002

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]	
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

Completion time: 06-11-23 21:09:21.12 
C:\ComboFix.txt ... 06-11-23 21:09
C:\ComboFix2.txt ... 06-11-23 20:12
     
    alaala2010, Nov 23, 2006
    #31
  7. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,491
    Location:
    Netherlands
    Hi alaala2010,

    The log looks like the hijack is gone, but you disabled a few things with msconfig that maybe you shouldn't have, because you practically killed of Norton.
    Re-enable them and reboot to get the protection of your AntiVirus back.

    Regards,

    Pieter
     
    Pieter_Arntz, Nov 23, 2006
    #32
  8. alaala2010

    alaala2010 Registered Member

    Joined:
    Nov 20, 2006
    Posts:
    4
    hello!

    i have enabled my antivirus and yeah, i guess my machine's fine now, thanks to you :D

    i wonder, is it normal for yahoo messenger to automatically load everytime i start up my pc? well, i guess i need to make a separate thread for that.

    anyway, much thanks to you! =)
     
    alaala2010, Nov 23, 2006
    #33
  9. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,491
    Location:
    Netherlands
    You're welcome. :cool:
     
    Pieter_Arntz, Nov 23, 2006
    #34
  10. sleepycat

    sleepycat Registered Member

    Joined:
    Nov 23, 2006
    Posts:
    3
    Hi Pieter! I need help on this coolpics virus as well.. I see that you were able to help a lof of people in need on this forum so Im confident you'd be able to help me too :)

    here's my log...

    =============================================
    pComboFix 06.11.22 - Running from: "D:\MarnieIA"

    ((((((((((((((((((((((((((((((( Files Created from 2011-23-06 to 2011/24/2006 ))))))))))))))))))))))))))))))))))


    No new files created in this timespan


    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))




    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries are not shown

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
    "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
    "shell"="\"C:\\Program Files\\Common Files\\Microsoft Shared\\Web Folders\\ibm00009.exe\""
    "Yahoo! Pager"="\"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YAHOOM~1.EXE\" -quiet"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
    "WinampAgent"="C:\\Program Files\\Winamp\\winampa.exe"
    "YCentral"="c:\\progra~1\\yahoo!\\YCentral\\YahooCentral.exe"
    "EPSON Stylus C45 Series"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_S4I3T1.EXE /P23 \"EPSON Stylus C45 Series\" /O6 \"USB001\" /M \"Stylus C45\""
    "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    "Task Manager"="C:\\WINDOWS\\system\\svchost32.exe"
    "SVCHOST"="C:\\WINDOWS\\system\\svhost.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
    "Installed"="1"
    "NoChange"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
    "Installed"="1"

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
    "DeskHtmlVersion"=dword:00000110
    "DeskHtmlMinorVersion"=dword:00000005
    "Settings"=dword:00000001
    "GeneralFlags"=dword:00000001

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
    "Source"="About:Home"
    "SubscribedURL"="About:Home"
    "FriendlyName"="My Current Home Page"
    "Flags"=dword:00000002
    "Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,de,02,00,00,00,\
    00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
    "CurrentState"=hex:04,00,00,40
    "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
    ff,ff,04,00,00,00
    "RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
    00,00,01,00,00,00

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
    "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
    "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableTaskMgr"=dword:00000001
    "DisableRegistryTools"=dword:00000001

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091
    "NoRun"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "dontdisplaylastusername"=dword:00000000
    "legalnoticecaption"=""
    "legalnoticetext"=""
    "shutdownwithoutlogon"=dword:00000001
    "undockwithoutlogon"=dword:00000001

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
    "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
    "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
    "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
    "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

    Completion time: Fri 11/24/2006 11:34:58.04
    C:\ComboFix.txt ... 11/24/2006 11:34 AM


    ===========================================

    thanks a lot! A good day to you!
     
    sleepycat, Nov 23, 2006
    #35
  11. sleepycat

    sleepycat Registered Member

    Joined:
    Nov 23, 2006
    Posts:
    3
    oop my mistake.. let me run combofix again ah..
     
    sleepycat, Nov 23, 2006
    #36
  12. sleepycat

    sleepycat Registered Member

    Joined:
    Nov 23, 2006
    Posts:
    3
    Do i need to run combofix on my drive C: as well? Sorry im not too techie ah haha.

    thanks
     
    sleepycat, Nov 23, 2006
    #37
  13. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,491
    Location:
    Netherlands
    Pieter_Arntz, Nov 24, 2006
    #38
  14. cupcake_11

    cupcake_11 Registered Member

    Joined:
    Dec 6, 2006
    Posts:
    1
    help! my sis clicked on this coolpics link, and my pc's thrashed. i ran the combofix program, but the virus's still here. here's my log, please help

    Jam - Jr - Wed 12/06/2006 19:07:39.84 Service Pack 2
    ComboFix 06.11.27W - Running from: "C:\Documents and Settings\Jam - Jr\Desktop\v"

    ((((((((((((((((((((((((((((((( Files Created from 2012-05-06 to 2012/06/2006 ))))))))))))))))))))))))))))))))))


    No new files created in this timespan


    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))




    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries are not shown

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_08\\bin\\jusched.exe\""
    "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
    "Task Manager"="C:\\WINDOWS\\system\\svchost32.exe"
    "svchost"="C:\\WINDOWS\\system\\svhost.exe"

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
    "DeskHtmlVersion"=dword:00000110
    "DeskHtmlMinorVersion"=dword:00000005
    "Settings"=dword:00000001
    "GeneralFlags"=dword:00000001

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
    "Source"="About:Home"
    "SubscribedURL"="About:Home"
    "FriendlyName"="My Current Home Page"
    "Flags"=dword:00000002
    "Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\
    00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
    "CurrentState"=hex:04,00,00,40
    "OriginalStateInfo"=hex:18,00,00,00,a0,00,00,00,00,00,00,00,80,02,00,00,3a,02,\
    00,00,04,00,00,40
    "RestoredStateInfo"=hex:18,00,00,00,a0,00,00,00,00,00,00,00,80,02,00,00,3a,02,\
    00,00,01,00,00,00

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
    "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
    "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableRegistryTools"=dword:00000001
    "DisableTaskMgr"=dword:00000001

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091
    "NoRun"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "dontdisplaylastusername"=dword:00000000
    "legalnoticecaption"=""
    "legalnoticetext"=""
    "shutdownwithoutlogon"=dword:00000001
    "undockwithoutlogon"=dword:00000001

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
    "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
    "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
    "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
    "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

    Completion time: Wed 12/06/2006 19:08:13.47
    C:\ComboFix.txt ... 12/06/2006 07:08 PM
    C:\ComboFix2.txt ... 12/06/2006 07:04 PM
     
    cupcake_11, Dec 6, 2006
    #39
  15. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,491
    Location:
    Netherlands
    Pieter_Arntz, Dec 6, 2006
    #40
  16. colldude

    colldude Registered Member

    Joined:
    May 4, 2007
    Posts:
    4
    Uhh... hello sir Pieter, I got one too.
    and here's the combofix log:

     
    colldude, May 4, 2007
    #41
  17. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,491
    Location:
    Netherlands
    Pieter_Arntz, May 4, 2007
    #42
  18. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,491
    Location:
    Netherlands
    I guess I need to explain that because the startup name has changed:

    Now seen in the log as:
    "Task Manager"="C:\\WINDOWS\\system\\svchost.exe"
    and
    "Yahoo Messenger"="C:\\WINDOWS\\system\\svchost32.exe"

    But the BFU script should take care of them.
    Let me know if it doesn't.

    Regards,

    Pieter
     
    Pieter_Arntz, May 4, 2007
    #43
  19. colldude

    colldude Registered Member

    Joined:
    May 4, 2007
    Posts:
    4
    Hmm... After the combofix, uh, I'm not sure If it's fix now since I can already "start key" + "run" also I can now access Task Manager and change the homepage of IE. So, How do I know if there's still?
     
    colldude, May 4, 2007
    #44
  20. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,491
    Location:
    Netherlands
    Feel free to post another combofix log, so I can see if it's gone.

    Regards,

    Pieter
     
    Pieter_Arntz, May 5, 2007
    #45
  21. colldude

    colldude Registered Member

    Joined:
    May 4, 2007
    Posts:
    4
    Ok sir, here it is:

     
    colldude, May 6, 2007
    #46
  22. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,491
    Location:
    Netherlands
    Looks good. One minor detail to take care off.

    First, we need to backup your registry:
    Please go to Start > Run
    Paste in the following line:
    regedit /e c:\registrybackup.reg
    Click OK.
    It won't appear to be doing anything, that's normal.
    Your mouse pointer may turn to an hour glass for a minute.
    Please continue when it no longer has the hour glass.

    *Open notepad.
    Copy and paste the text inside the Code Box below into Notepad
    Choose File > Save As and under "Save as type", choose "All Files".
    Type fix.reg in the File name and save it to your desktop.

    Code:
    REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Task Manager"=-


    Make sure there are NO blank lines before REGEDIT4
    Make sure there IS one blank line at the end of the file.

    Close notepad. Make sure that all windows are closed.

    Find the fix.reg file on your desktop.
    Double click it.
    It will then ask if you want the file merged to your registry.
    Answer Yes.
     
    Pieter_Arntz, May 7, 2007
    #47
  23. colldude

    colldude Registered Member

    Joined:
    May 4, 2007
    Posts:
    4
    And so, what am I gonna do with this now? It's kinda like annoying in my desktop heheh... btw sir thanks again!
     
    colldude, May 7, 2007
    #48
  24. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,491
    Location:
    Netherlands
    You're very welcome. :)

    Once you're finished you can delete all the files and scritps you donwloaded to remove it.

    Be carefull out there, it's a jungle. :ninja:
    Read around a bit here, you might find some usefull tips to add extra protection. :)

    Regards,

    Pieter
     
    Pieter_Arntz, May 7, 2007
    #49
Page 2 of 2
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...